benefitsapp35.netlify.app Open in urlscan Pro
2a05:d014:58f:6200::64 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://benefitsapp35.netlify.app/
Submission: On June 30 via api (June 30th 2024, 12:10:12 am UTC) from US — Scanned from DE

Summary HTTP 18 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 15 domains to perform 18 HTTP transactions. The main IP is 2a05:d014:58f:6200::64, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is benefitsapp35.netlify.app.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on January 15th 2024. Valid for: a year.

This is the only time benefitsapp35.netlify.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2a05:d014:58f... 2a05:d014:58f:6200::64	16509 (AMAZON-02) (AMAZON-02)
1	104.16.55.94 104.16.55.94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.19.168.43 104.19.168.43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	209.104.5.203 209.104.5.203	22772 (LOGIN) (LOGIN)
1	18.66.102.66 18.66.102.66	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223c:8a00:10:4237:e5c0:21	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6814:2c0a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.193.164 151.101.193.164	54113 (FASTLY) (FASTLY)
1	192.0.66.165 192.0.66.165	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a04:4e42:600... 2a04:4e42:600::272	54113 (FASTLY) (FASTLY)
18	11

3 2a05:d014:58f:6200::64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

benefitsapp35.netlify.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.55.94 (None, )

ASN13335 (CLOUDFLARENET, US)

images.marketleader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.168.43 (None, )

ASN13335 (CLOUDFLARENET, US)

cdngeneral.rentcafe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.104.5.203 (Queen Creek, United States)

ASN22772 (LOGIN, US)
PTR: fdncms.com

media1.fdncms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-66.fra56.r.cloudfront.net

photos.zillowstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:8a00:10:4237:e5c0:21 (United States)

ASN16509 (AMAZON-02, US)

d2qy3gl1p8g68n.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:2c0a (United States)

ASN13335 (CLOUDFLARENET, US)

uploads.tapatalk-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.164 (San Francisco, United States)

ASN54113 (FASTLY, US)

static01.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.66.165 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

www.capitalgazette.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::272 (United States)

ASN54113 (FASTLY, US)

m.media-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	netlify.app benefitsapp35.netlify.app	14 KB
2	nyt.com static01.nyt.com — Cisco Umbrella Rank: 6294	462 KB
1	media-amazon.com m.media-amazon.com — Cisco Umbrella Rank: 439	104 KB
1	capitalgazette.com www.capitalgazette.com — Cisco Umbrella Rank: 391199	44 B
1	tapatalk-cdn.com uploads.tapatalk-cdn.com — Cisco Umbrella Rank: 204061	62 B
1	cloudfront.net d2qy3gl1p8g68n.cloudfront.net	8 KB
1	zillowstatic.com photos.zillowstatic.com — Cisco Umbrella Rank: 6374	131 KB
1	fdncms.com media1.fdncms.com — Cisco Umbrella Rank: 632650	65 KB
1	rentcafe.com cdngeneral.rentcafe.com — Cisco Umbrella Rank: 56320	36 KB
1	marketleader.com images.marketleader.com — Cisco Umbrella Rank: 292298	724 B
0	rvt.com Failed cdn2.rvt.com Failed
0	eastpeoriahistoricalsociety.com Failed eastpeoriahistoricalsociety.com Failed
0	telegraph.co.uk Failed www.telegraph.co.uk — Cisco Umbrella Rank: 37385 Failed
0	dmlimg.com Failed b.dmlimg.com Failed
0	marknetstreamline.com Failed www.marknetstreamline.com Failed
18	15

	Domain	Requested by
3	benefitsapp35.netlify.app	benefitsapp35.netlify.app
2	static01.nyt.com	benefitsapp35.netlify.app
1	m.media-amazon.com	benefitsapp35.netlify.app
1	www.capitalgazette.com	benefitsapp35.netlify.app
1	uploads.tapatalk-cdn.com	benefitsapp35.netlify.app
1	d2qy3gl1p8g68n.cloudfront.net	benefitsapp35.netlify.app
1	photos.zillowstatic.com	benefitsapp35.netlify.app
1	media1.fdncms.com	benefitsapp35.netlify.app
1	cdngeneral.rentcafe.com	benefitsapp35.netlify.app
1	images.marketleader.com	benefitsapp35.netlify.app
0	cdn2.rvt.com Failed	benefitsapp35.netlify.app
0	eastpeoriahistoricalsociety.com Failed	benefitsapp35.netlify.app
0	www.telegraph.co.uk Failed	benefitsapp35.netlify.app
0	b.dmlimg.com Failed	benefitsapp35.netlify.app
0	www.marknetstreamline.com Failed	benefitsapp35.netlify.app
18	15

This site contains no links.

Subject Issuer	Validity	Valid
*.netlify.app DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-15` - `2025-02-14`	a year	crt.sh
marketleader.com Cloudflare Inc ECC CA-3	`2023-11-18` - `2024-11-17`	a year	crt.sh
cdngeneral.rentcafe.com Cloudflare Inc ECC CA-3	`2023-09-13` - `2024-09-12`	a year	crt.sh
*.fdncms.com Sectigo RSA Domain Validation Secure Server CA	`2023-10-03` - `2024-11-02`	a year	crt.sh
*.zillowstatic.com Amazon RSA 2048 M03	`2024-03-15` - `2025-04-12`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
tapatalk-cdn.com E6	`2024-06-12` - `2024-09-10`	3 months	crt.sh
nytimes.com Thawte RSA CA 2018	`2024-03-27` - `2025-03-13`	a year	crt.sh
capitalgazette.com E6	`2024-06-20` - `2024-09-18`	3 months	crt.sh
images-na.ssl-images-amazon.com DigiCert Global CA G2	`2024-03-18` - `2025-03-09`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://benefitsapp35.netlify.app/
Frame ID: 594FB9BD45D6D50F676DB28EE445C831
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Benefitsapp35

Detected technologies

Netlify (Web Servers) Expand

Overall confidence: 100%
Detected patterns

^https?://[^/]+\.netlify\.(?:com|app)/

Page Statistics

18
Requests

72 %
HTTPS

40 %
IPv6

15
Domains

15
Subdomains

11
IPs

3
Countries

821 kB
Transfer

858 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://www.telegraph.co.uk/content/dam/Travel/2019/January/d HTTP 301
https://www.telegraph.co.uk/content/dam/Travel/2019/January/d/

Request Chain 12

https://eastpeoriahistoricalsociety.com/wp-content/uploads/2018/05/I-74a.jpg HTTP 301
https://eastpeoriahistoricalsociety.com/

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
benefitsapp35.netlify.app/ 21 KB
5 KB 49ms
14ms Document
text/html 2a05:d014:58f:6200::64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://benefitsapp35.netlify.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:58f:6200::64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

9964835fe8d508fb48b95b186efe909b90f81d0f608762e0c789da95d835b3cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 59344
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
content-encoding: br
content-length: 4947
content-type: text/html; charset=UTF-8
date: Sun, 30 Jun 2024 00:10:07 GMT
etag: "8cd221c3dd36c6506966172e906b6d44-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01J1K7MHBS82ZEDT3PV497A0VR

GET
H2 200 style.css
benefitsapp35.netlify.app/ 32 KB
8 KB 18ms
18ms Stylesheet
text/css 2a05:d014:58f:6200::64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://benefitsapp35.netlify.app/style.css

Requested by

Host: benefitsapp35.netlify.app
URL: https://benefitsapp35.netlify.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:58f:6200::64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

fdf6b2bb8da59f93e9a14f85b2624431b7fb5355fc96a5c51d30299e906e8bdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://benefitsapp35.netlify.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01J1K7MHCFBEBK90R1X1361DKQ
date: Sun, 30 Jun 2024 00:10:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: Netlify
age: 59343
cache-status: "Netlify Edge"; hit
etag: "4bb9f55348c63e6e34dcaf42613f06f1-ssl-df"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
content-length: 7820

GET
H2 200 f_RX-10634961.jpg
images.marketleader.com/HouseImages/FLORIDA/961/ 755 B
724 B 267ms
218ms Image
image/svg+xml 104.16.55.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.marketleader.com/HouseImages/FLORIDA/961/f_RX-10634961.jpg
Requested by: Host: benefitsapp35.netlify.app
URL: https://benefitsapp35.netlify.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.55.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a23e21b7ecf89807a186355330bc71fe142c1c8e626dfe3355866d5530b1846

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://benefitsapp35.netlify.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 30 Jun 2024 00:10:07 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 27 Apr 2022 20:11:31 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: no-cache
cf-ray: 89b9ee75f9e09217-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET img_1518820901948386453.jpg
www.marknetstreamline.com/images/projects/21934/280x210/ 0
0

GET
H2 200 434%20Prospect%20Ave%20Mundelein%20IL-large-010-011-Master%20Bedroom-1499x1000-72dpi.jpg
cdngeneral.rentcafe.com/dmslivecafe/3/923038/ 36 KB
36 KB 682ms
629ms Image
image/jpeg 104.19.168.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdngeneral.rentcafe.com/dmslivecafe/3/923038/434%20Prospect%20Ave%20Mundelein%20IL-large-010-011-Master%20Bedroom-1499x1000-72dpi.jpg?crop=(0,0,300,200)&cropxunits=300&cropyunits=200&width=580&height=385&mode=pad&bgcolor=333333&scale=both
Requested by: Host: benefitsapp35.netlify.app
URL: https://benefitsapp35.netlify.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.168.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Yardi
Resource Hash: 4d8ec51be9e889c78e06e936265bca0d6e10895d055f29e7b4087fde9fbba171

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://benefitsapp35.netlify.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 30 Jun 2024 00:10:08 GMT
cf-cache-status: MISS
x-powered-by: Yardi
x-svr-proxy: pca303ngwl248.rentcafeuspc.yardi.cloud
content-length: 36639
x-svr-iis: PCA303W214
last-modified: Sat, 29 Jun 2024 05:03:45 GMT
server: cloudflare
etag: "b0e957b8e1c9da1:0"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-upstream: 10.246.3.214:602
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 89b9ee761b089753-FRA
access-control-allow-headers: content-type
expires: Mon, 30 Jun 2025 00:10:08 GMT

GET
H/1.1 200
OK single.jpg
media1.fdncms.com/clevescene/imager/u/mobileteaserhuge/32330026/ 64 KB
65 KB 480ms
145ms Image
image/jpeg 209.104.5.203
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media1.fdncms.com/clevescene/imager/u/mobileteaserhuge/32330026/single.jpg

Requested by

Host: benefitsapp35.netlify.app
URL: https://benefitsapp35.netlify.app/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.104.5.203 Queen Creek, United States, ASN22772 (LOGIN, US),

Reverse DNS

fdncms.com

Software

Apache /

Resource Hash

4953ba67c7bb5705c9834990978f421237cfb0ee3f1844fe4bc9179d7f8af61d

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://benefitsapp35.netlify.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 30 Jun 2024 00:10:08 GMT
Strict-Transport-Security: max-age=3600; includeSubDomains
Last-Modified: Tue, 01 Feb 2022 23:15:46 GMT
Server: Apache
X-Gyrobase-Publication: clevescene
Age: 151452
X-DN-Cache-Control: max-age=2419202
Content-Type: image/jpeg
Cache-Control: max-age=21600, s-maxage=2419202
Content-Length: 65821
Expires: Fri, 26 Jul 2024 06:05:57 GMT

GET
H2 200 529870e6243ee88b999f1d870feef87a-cc_ft_1536.jpg
photos.zillowstatic.com/fp/ 131 KB
131 KB 64ms
12ms Image
image/jpeg 18.66.102.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photos.zillowstatic.com/fp/529870e6243ee88b999f1d870feef87a-cc_ft_1536.jpg
Requested by: Host: benefitsapp35.netlify.app
URL: https://benefitsapp35.netlify.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.102.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-66.fra56.r.cloudfront.net
Software: gunicorn /
Resource Hash: b3566b141960d0194f2c09bc77ea2af34901cd6a92dda242721ff4a6b86834dd

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://benefitsapp35.netlify.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 05:03:45 GMT
via: 1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
server: gunicorn
x-amz-cf-pop: FRA56-P2
age: 68782
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: max-age=1814400
access-control-allow-headers: x-requested-with
content-length: 133769
x-amz-cf-id: NhczOcFji3aAh91tD3tEhenJGYsmsQUPUu1SHpNDK7IDAazMuZaJVw==
alt-svc: h3=":443"; ma=86400

GET
H2 200 gzqsdxxcjpzrtdpfrvvx.jpg
d2qy3gl1p8g68n.cloudfront.net/151x0:581x573/150x200/g/gz/ 7 KB
8 KB 49ms
10ms Image
image/jpeg 2600:9000:223c:8a00:10:4237:e5c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2qy3gl1p8g68n.cloudfront.net/151x0:581x573/150x200/g/gz/gzqsdxxcjpzrtdpfrvvx.jpg
Requested by: Host: benefitsapp35.netlify.app
URL: https://benefitsapp35.netlify.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:8a00:10:4237:e5c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: fb2fca89c9b8dbd77fcf79e12b316e983ffb038943ca44f0601cbc2d69691bcf

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://benefitsapp35.netlify.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sun, 29 Jun 2025 11:03:46 GMT
date: Sat, 29 Jun 2024 11:03:46 GMT
via: 1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 47181
etag: "b88975ff9fdd3e6eb5ebb3517626d71ebbc0841a"
x-amzn-requestid: a1e1d24a-8719-4052-ac81-d8ccc6675c98
x-amzn-trace-id: Root=1-667fea12-425c29475d3da6c114dd9979;Parent=04d31099ab1cf914;Sampled=0;lineage=7005c6e8:0
content-type: image/jpeg
x-cache: Hit from cloudfront
cache-control: max-age=31536000,public
x-amz-apigw-id: aIGC3HD9IAMEhbw=
x-amz-cf-id: L3-uVus9vyjfuwKDNTigQYU41eTGV8kNftpF45uusLvBsM5zyFQW3A==
content-length: 7223
x-amzn-remapped-date: Sat, 29 Jun 2024 11:03:46 GMT

GET
H2 404 383c17f271cb14a0afbf702eb1a2b06a.png
uploads.tapatalk-cdn.com/20170426/ 62 B
62 B 212ms
166ms Image
text/plain 2606:4700:10::6814:2c0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.tapatalk-cdn.com/20170426/383c17f271cb14a0afbf702eb1a2b06a.png
Requested by: Host: benefitsapp35.netlify.app
URL: https://benefitsapp35.netlify.app/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::6814:2c0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27bb66acd1fdcd55d9711e4495d0c3c218ea95eb71576a90f613198655722d8a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://benefitsapp35.netlify.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 30 Jun 2024 00:10:07 GMT
content-encoding: br
server: cloudflare
cf-ray: 89b9ee760ff65b74-FRA
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8

GET YTk3MGQxODZiYmNlMTZkYWVjYTUxMjE0YTcyZGNmYjf0qpdPOwQJKF6PpZL01wMraHR0cDovL3MzLWV1LXdlc3QtMS5hbWF6b25hd3MuY29tL21lZGlhbWFzdGVyLXMzZXUvNC80LzQ0YTAyODgyY2JjMmQzNzQxNTEwNTViOGI0NGRmZWQxLmpwZ3x8fDcwMGx8f...
b.dmlimg.com/ 0
0

GET
H2 200 oakImage-1592315846800-mobileMasterAt3x.jpg
static01.nyt.com/images/2020/06/16/fashion/weddings/oakImage-1592315846800/ 428 KB
429 KB 66ms
10ms Image
image/jpeg 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2020/06/16/fashion/weddings/oakImage-1592315846800/oakImage-1592315846800-mobileMasterAt3x.jpg

Requested by

Host: benefitsapp35.netlify.app
URL: https://benefitsapp35.netlify.app/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

6d5897999d54d7146f279370996ac664a368ef0889866e02f5e90628c7b48b24

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://benefitsapp35.netlify.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 31 May 2024 14:53:58 GMT
date: Sun, 30 Jun 2024 00:10:07 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 89972
x-guploader-uploadid: ABPtcPr_UZTvsrXWrt5LLNmoeYTS2ma9UYywuebKSTiukxFmXrOfYLOKOK8SRi5peKAoChaggvZ8TwigdQ
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 438604
x-served-by: cache-iad-kjyo7100099-IAD, cache-fra-etou8220117-FRA
last-modified: Sat, 27 Jun 2020 09:00:14 GMT
server: UploadServer
x-timer: S1719706208.697591,VS0,VE1
etag: "fa1d6361edd18ff284ee16639111b139"
x-goog-generation: 1593248414015786
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=6aGEsQ==, md5=+h1jYe3Rj/KE7hZjkRGxOQ==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 438604
x-amz-checksum-crc32c: 6aGEsQ==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 12, 0

GET
H2 403 SJCEMTLN7ZE5BNE72RLVM2QHRU.jpg
www.capitalgazette.com/resizer/BnO31d_iMlfgdxPySbmiBdtVxgs=/1200x0/top/arc-anglerfish-arc2-prod-tronc.s3.amazonaws.com/public/ 44 B
44 B 318ms
282ms Image
text/html 192.0.66.165
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.capitalgazette.com/resizer/BnO31d_iMlfgdxPySbmiBdtVxgs=/1200x0/top/arc-anglerfish-arc2-prod-tronc.s3.amazonaws.com/public/SJCEMTLN7ZE5BNE72RLVM2QHRU.jpg

Requested by

Host: benefitsapp35.netlify.app
URL: https://benefitsapp35.netlify.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.165 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f3202f58294f4f8b528909a8927520a9149e6ca75f79d54e6c3db30ccb23f5e6

Security Headers

Name

Value

Content-Security-Policy

default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: data: blob: wss://realtimeeventfeeds.viafoura.co wss://sub.viafoura.co; media-src blob: data: https:; object-src https:; child-src https: data: blob:; upgrade-insecure-requests; block-all-mixed-content;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://benefitsapp35.netlify.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 30 Jun 2024 00:10:07 GMT
content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: data: blob: wss://realtimeeventfeeds.viafoura.co wss://sub.viafoura.co; media-src blob: data: https:; object-src https:; child-src https: data: blob:; upgrade-insecure-requests; block-all-mixed-content;
content-encoding: br
x-rq: hhn2 111 254 443
server: nginx
vary: Accept-Encoding
x-cache: MISS
content-type: text/html; charset=utf-8

GET

/
www.telegraph.co.uk/content/dam/Travel/2019/January/d/
Redirect Chain

https://www.telegraph.co.uk/content/dam/Travel/2019/January/d
https://www.telegraph.co.uk/content/dam/Travel/2019/January/d/

0
0

GET

/
eastpeoriahistoricalsociety.com/
Redirect Chain

https://eastpeoriahistoricalsociety.com/wp-content/uploads/2018/05/I-74a.jpg
https://eastpeoriahistoricalsociety.com/

0
0

GET 8428613_12.jpg
cdn2.rvt.com/photos2/8613/8428613/ 0
0

GET
H2 200 MV5BNmY3ZGJkYjEtY2ZjZC00NzRlLWE5MmItOWYyMGY1NTU1M2Q3XkEyXkFqcGdeQWFybm8@._V1_.jpg
m.media-amazon.com/images/M/ 104 KB
104 KB 94ms
11ms Image
image/jpeg 2a04:4e42:600::272
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/M/MV5BNmY3ZGJkYjEtY2ZjZC00NzRlLWE5MmItOWYyMGY1NTU1M2Q3XkEyXkFqcGdeQWFybm8@._V1_.jpg
Requested by: Host: benefitsapp35.netlify.app
URL: https://benefitsapp35.netlify.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a28d732be5f85bab19f58e9d8a7f5f32fa3b4a883b4a614c98fb8e81e2e4a616

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://benefitsapp35.netlify.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Tue, 15 Mar 2044 15:51:05 GMT
date: Sun, 30 Jun 2024 00:10:07 GMT
last-modified: Mon, 11 May 2020 19:49:53 GMT
age: 1572396
x-cache: HIT from fastly, HIT from fastly
x-nginx-cache-status: HIT
access-control-allow-origin: *
content-type: image/jpeg
cache-control: max-age=630720000,public
x-amz-ir-id: 7c2b53a2-d2cc-4d84-b2c5-3d4b3bb85de5
server-timing: provider;desc="fy"
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 106000
x-served-by: cache-iad-kjyo7100066-IAD, cache-fra-eddf8230046-FRA

GET
H2 200 23KRUPEN-articleLarge.jpg
static01.nyt.com/images/2019/06/23/fashion/weddings/23KRUPEN/ 33 KB
33 KB 16ms
11ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2019/06/23/fashion/weddings/23KRUPEN/23KRUPEN-articleLarge.jpg?quality=75&auto=webp&disable=upscale

Requested by

Host: benefitsapp35.netlify.app
URL: https://benefitsapp35.netlify.app/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

303bc24ecff7dfffa3395ec79ce8e23fe22632a8e6cc6add069c8c61226e9496

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://benefitsapp35.netlify.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sun, 23 Jun 2024 02:18:38 GMT
date: Sun, 30 Jun 2024 00:10:07 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-kiad7010248
age: 597089
x-guploader-uploadid: ACJd0NoLO6WHAKSnnH8Xdvx8XLmwEct3gYHyhHJQ4oWWgbwAzRq-QoJU7gwfEF8gIA0tVDvz9vM
x-cache: HIT, HIT
fastly-io-info: ifsz=68837 idim=600x355 ifmt=jpeg ofsz=33476 odim=600x355 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 33476
x-served-by: cache-iad-kjyo7100066-IAD, cache-fra-etou8220117-FRA
server: UploadServer
x-timer: S1719706208.697568,VS0,VE1
etag: "Hc+qWG7NJoTATWAPW0VTNy+hkcU2fpYHnWhY5vmEU+Q"
vary: Accept
x-goog-generation: 1561150800033101
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=2bWAtg==, md5=xlh+ryp1YW+XYoo9EnMp3w==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 68837
x-amz-checksum-crc32c: 2bWAtg==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 18, 0

GET
H2 200 favicon.ico
benefitsapp35.netlify.app/ 1 KB
2 KB 179ms
179ms Other
image/vnd.microsoft.icon 2a05:d014:58f:6200::64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://benefitsapp35.netlify.app/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:58f:6200::64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

3770876db4954acf43aede6e236df0bc1d9b083a6241e12aea7ac5c1eed92fdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://benefitsapp35.netlify.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01J1K7MM6DF515BMHMK0RPH79X
date: Sun, 30 Jun 2024 00:10:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: Netlify
age: 0
cache-status: "Netlify Edge"; fwd=miss
etag: "fb6c245c11779e164936545ade0bd258-ssl"
content-type: image/vnd.microsoft.icon
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
content-length: 1523

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.marknetstreamline.com
URL: https://www.marknetstreamline.com/images/projects/21934/280x210/img_1518820901948386453.jpg

Domain: b.dmlimg.com
URL: https://b.dmlimg.com/YTk3MGQxODZiYmNlMTZkYWVjYTUxMjE0YTcyZGNmYjf0qpdPOwQJKF6PpZL01wMraHR0cDovL3MzLWV1LXdlc3QtMS5hbWF6b25hd3MuY29tL21lZGlhbWFzdGVyLXMzZXUvNC80LzQ0YTAyODgyY2JjMmQzNzQxNTEwNTViOGI0NGRmZWQxLmpwZ3x8fDcwMGx8fHx8fHx8.jpg

Domain: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/content/dam/Travel/2019/January/d/

Domain: eastpeoriahistoricalsociety.com
URL: https://eastpeoriahistoricalsociety.com/

Domain: cdn2.rvt.com
URL: https://cdn2.rvt.com/photos2/8613/8428613/8428613_12.jpg

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.marketleader.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 90Ukhi9S_x3kr8vZhmZ4GMbV9MGKtgHTyMG05F7dxPI-1719706207884-0.0.1.1-604800000
			.rentcafe.com/	1970-01-20 21:41:48	Name: __cf_bm Value: LL0UZGw6bCkzQw2d3jfbyMpx2rfwV94aDeQYnaUFCO0-1719706208-1.0.1.1-NEN9e8k3Qd1UcCI_hPjCOell8uZARe8wck2uVjQf9l7Z9PIgFPDW.qX77xr.yjiwsmhsMuolZYnHHzaZfxYLSw

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://b.dmlimg.com/YTk3MGQxODZiYmNlMTZkYWVjYTUxMjE0YTcyZGNmYjf0qpdPOwQJKF6PpZL01wMraHR0cDovL3MzLWV1LXdlc3QtMS5hbWF6b25hd3MuY29tL21lZGlhbWFzdGVyLXMzZXUvNC80LzQ0YTAyODgyY2JjMmQzNzQxNTEwNTViOGI0NGRmZWQxLmpwZ3x8fDcwMGx8fHx8fHx8.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://uploads.tapatalk-cdn.com/20170426/383c17f271cb14a0afbf702eb1a2b06a.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.capitalgazette.com/resizer/BnO31d_iMlfgdxPySbmiBdtVxgs=/1200x0/top/arc-anglerfish-arc2-prod-tronc.s3.amazonaws.com/public/SJCEMTLN7ZE5BNE72RLVM2QHRU.jpg Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b.dmlimg.com
benefitsapp35.netlify.app
cdn2.rvt.com
cdngeneral.rentcafe.com
d2qy3gl1p8g68n.cloudfront.net
eastpeoriahistoricalsociety.com
images.marketleader.com
m.media-amazon.com
media1.fdncms.com
photos.zillowstatic.com
static01.nyt.com
uploads.tapatalk-cdn.com
www.capitalgazette.com
www.marknetstreamline.com
www.telegraph.co.uk
b.dmlimg.com
cdn2.rvt.com
eastpeoriahistoricalsociety.com
www.marknetstreamline.com
www.telegraph.co.uk
104.16.55.94
104.19.168.43
151.101.193.164
18.66.102.66
192.0.66.165
209.104.5.203
2600:9000:223c:8a00:10:4237:e5c0:21
2606:4700:10::6814:2c0a
2a04:4e42:600::272
2a05:d014:58f:6200::64
27bb66acd1fdcd55d9711e4495d0c3c218ea95eb71576a90f613198655722d8a
303bc24ecff7dfffa3395ec79ce8e23fe22632a8e6cc6add069c8c61226e9496
3770876db4954acf43aede6e236df0bc1d9b083a6241e12aea7ac5c1eed92fdc
3a23e21b7ecf89807a186355330bc71fe142c1c8e626dfe3355866d5530b1846
4953ba67c7bb5705c9834990978f421237cfb0ee3f1844fe4bc9179d7f8af61d
4d8ec51be9e889c78e06e936265bca0d6e10895d055f29e7b4087fde9fbba171
6d5897999d54d7146f279370996ac664a368ef0889866e02f5e90628c7b48b24
9964835fe8d508fb48b95b186efe909b90f81d0f608762e0c789da95d835b3cd
a28d732be5f85bab19f58e9d8a7f5f32fa3b4a883b4a614c98fb8e81e2e4a616
b3566b141960d0194f2c09bc77ea2af34901cd6a92dda242721ff4a6b86834dd
f3202f58294f4f8b528909a8927520a9149e6ca75f79d54e6c3db30ccb23f5e6
fb2fca89c9b8dbd77fcf79e12b316e983ffb038943ca44f0601cbc2d69691bcf
fdf6b2bb8da59f93e9a14f85b2624431b7fb5355fc96a5c51d30299e906e8bdd

benefitsapp35.netlify.app Open in urlscan Pro 2a05:d014:58f:6200::64 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

18 Requests

72 %HTTPS

40 %IPv6

15 Domains

15 Subdomains

11 IPs

3 Countries

821 kBTransfer

858 kBSize

2 Cookies

0 Outgoing links

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

2 Cookies

3 Console Messages

Security Headers

Indicators

benefitsapp35.netlify.app Open in urlscan Pro
2a05:d014:58f:6200::64 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

72 %
HTTPS

40 %
IPv6

15
Domains

15
Subdomains

11
IPs

3
Countries

821 kB
Transfer

858 kB
Size

2
Cookies

18 HTTP transactions
0 data transactions