adsphere.healthbenefitsadvantage.com

Summary

This website contacted 2 IPs in 1 countries across 4 domains to perform 7 HTTP transactions. The main IP is 18.244.18.40, located in United States and belongs to AMAZON-02, US. The main domain is adsphere.healthbenefitsadvantage.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on October 8th 2023. Valid for: a year.

This is the only time adsphere.healthbenefitsadvantage.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	2600:9000:223... 2600:9000:223e:f400:1e:e922:c480:93a1	16509 (AMAZON-02) (AMAZON-02)
6	18.244.18.40 18.244.18.40	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
7	2

2 2600:9000:223e:f400:1e:e922:c480:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

finianlogying.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.244.18.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-40.fra56.r.cloudfront.net

adsphere.healthbenefitsadvantage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.leadshook.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	leadshook.io static.leadshook.io — Cisco Umbrella Rank: 748242	54 KB
2	healthbenefitsadvantage.com adsphere.healthbenefitsadvantage.com	43 KB
2	finianlogying.com 2 redirects finianlogying.com	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 410	27 KB
7	4

	Domain	Requested by
4	static.leadshook.io	adsphere.healthbenefitsadvantage.com
2	adsphere.healthbenefitsadvantage.com
2	finianlogying.com	2 redirects
1	cdn.jsdelivr.net	adsphere.healthbenefitsadvantage.com
7	4

This site contains links to these domains. Also see Links.

Domain
finianlogying.com

Subject Issuer	Validity	Valid
leadshook.io Amazon RSA 2048 M03	`2023-10-08` - `2024-11-05`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://adsphere.healthbenefitsadvantage.com/s/AQAOXXeufYAXFLO9rVLh1u4EIIQBeqXqG9Y8Nrhb?cep=aMqYli5FSxUJJopCxTtGM0ERvd0YJvJd2Hm3X7UQfe7GZMlZHCWMri2A-ZXGE6nMkDz4w9bae7YD39uSvxUg3CeyMId2-fFQd9x6HjP8Cg5MX9QbdCLviCKg5o3JLHDvPBhoSXlaFn57iEOi3UCsoW5cvkFbX3oJwCLdGE5XFObtUNs2xq6hM_83J9uiMhevePT0f4UZniUp3JXCqaHdlfETs-qFC6QUSh7ATPKtCG8FTDsVKU3WrAY9yS8h29CQBuJKnRPwK48B8J4edC5Mz8gJ4sBPyFM3pakznuYgrxWfaQS8BRPm_uP7OFZLkPIrrKMc-uKBaliuoUF5rjZzEk_NS-98t1YKZerFxfe1rzXBi_Yox8-dKsh8u0k1R52rrZfwlGvF48aHIsjh2vktilLHlp__CwEenmJRWzUAyig&lptoken=17be225e6937967a947b&source=330244&clickid=1037259394
Frame ID: 7C6167F8C9F9316CD35A7CC3FF97B356
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cash App $1000

Page URL History Show full URLs

http://finianlogying.com/325d62c2-cec3-4ca9-8b52-ec4f0b0f26a5?source=330244&clickid=1037259394 HTTP 307
https://finianlogying.com/325d62c2-cec3-4ca9-8b52-ec4f0b0f26a5?source=330244&clickid=1037259394 HTTP 307
https://finianlogying.com/325d62c2-cec3-4ca9-8b52-ec4f0b0f26a5/2?source=330244&clickid=1037259394 HTTP 302
https://adsphere.healthbenefitsadvantage.com/s/AQAOXXeufYAXFLO9rVLh1u4EIIQBeqXqG9Y8Nrhb?cep=aMqYli5FSxUJJopCxTtGM0ERvd0YJ... Page URL

Detected technologies

Lodash (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

lodash.*\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

7
Requests

100 %
HTTPS

67 %
IPv6

4
Domains

4
Subdomains

2
IPs

1
Countries

124 kB
Transfer

306 kB
Size

5
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://finianlogying.com/click/1
Title: REDEEM THIS OFFER

Search URL Search Domain Scan URL

URL: https://finianlogying.com/click/2

Search URL Search Domain Scan URL

URL: https://finianlogying.com/click/3

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://finianlogying.com/325d62c2-cec3-4ca9-8b52-ec4f0b0f26a5?source=330244&clickid=1037259394 HTTP 307
https://finianlogying.com/325d62c2-cec3-4ca9-8b52-ec4f0b0f26a5?source=330244&clickid=1037259394 HTTP 307
https://finianlogying.com/325d62c2-cec3-4ca9-8b52-ec4f0b0f26a5/2?source=330244&clickid=1037259394 HTTP 302
https://adsphere.healthbenefitsadvantage.com/s/AQAOXXeufYAXFLO9rVLh1u4EIIQBeqXqG9Y8Nrhb?cep=aMqYli5FSxUJJopCxTtGM0ERvd0YJvJd2Hm3X7UQfe7GZMlZHCWMri2A-ZXGE6nMkDz4w9bae7YD39uSvxUg3CeyMId2-fFQd9x6HjP8Cg5MX9QbdCLviCKg5o3JLHDvPBhoSXlaFn57iEOi3UCsoW5cvkFbX3oJwCLdGE5XFObtUNs2xq6hM_83J9uiMhevePT0f4UZniUp3JXCqaHdlfETs-qFC6QUSh7ATPKtCG8FTDsVKU3WrAY9yS8h29CQBuJKnRPwK48B8J4edC5Mz8gJ4sBPyFM3pakznuYgrxWfaQS8BRPm_uP7OFZLkPIrrKMc-uKBaliuoUF5rjZzEk_NS-98t1YKZerFxfe1rzXBi_Yox8-dKsh8u0k1R52rrZfwlGvF48aHIsjh2vktilLHlp__CwEenmJRWzUAyig&lptoken=17be225e6937967a947b&source=330244&clickid=1037259394 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request AQAOXXeufYAXFLO9rVLh1u4EIIQBeqXqG9Y8Nrhb Show response
adsphere.healthbenefitsadvantage.com/s/
Redirect Chain

http://finianlogying.com/325d62c2-cec3-4ca9-8b52-ec4f0b0f26a5?source=330244&clickid=1037259394
https://finianlogying.com/325d62c2-cec3-4ca9-8b52-ec4f0b0f26a5?source=330244&clickid=1037259394
https://finianlogying.com/325d62c2-cec3-4ca9-8b52-ec4f0b0f26a5/2?source=330244&clickid=1037259394
https://adsphere.healthbenefitsadvantage.com/s/AQAOXXeufYAXFLO9rVLh1u4EIIQBeqXqG9Y8Nrhb?cep=aMqYli5FSxUJJopCxTtGM0ERvd0YJvJd2Hm3X7UQfe7GZMlZHCWMri2A-ZXGE6nMkDz4w9bae7YD39uSvxUg3CeyMId2-fFQd9x6HjP8C...

182 KB
42 KB

834ms
547ms

Document
text/html

18.244.18.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adsphere.healthbenefitsadvantage.com/s/AQAOXXeufYAXFLO9rVLh1u4EIIQBeqXqG9Y8Nrhb?cep=aMqYli5FSxUJJopCxTtGM0ERvd0YJvJd2Hm3X7UQfe7GZMlZHCWMri2A-ZXGE6nMkDz4w9bae7YD39uSvxUg3CeyMId2-fFQd9x6HjP8Cg5MX9QbdCLviCKg5o3JLHDvPBhoSXlaFn57iEOi3UCsoW5cvkFbX3oJwCLdGE5XFObtUNs2xq6hM_83J9uiMhevePT0f4UZniUp3JXCqaHdlfETs-qFC6QUSh7ATPKtCG8FTDsVKU3WrAY9yS8h29CQBuJKnRPwK48B8J4edC5Mz8gJ4sBPyFM3pakznuYgrxWfaQS8BRPm_uP7OFZLkPIrrKMc-uKBaliuoUF5rjZzEk_NS-98t1YKZerFxfe1rzXBi_Yox8-dKsh8u0k1R52rrZfwlGvF48aHIsjh2vktilLHlp__CwEenmJRWzUAyig&lptoken=17be225e6937967a947b&source=330244&clickid=1037259394
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-40.fra56.r.cloudfront.net
Software: nginx/1.19.9 / Express
Resource Hash: 9e57eaa0bfd97dad94aa75c3fb65d49d9bcb9f6307a5c480b4fc1853c6a4aff5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control: no-store
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 03 Aug 2024 15:11:35 GMT
etag: W/"2d7be-oh78bcYoHvhC9ZxKXjpCszbA+lQ"
server: nginx/1.19.9
vary: Accept-Encoding
via: 1.1 872b8cb7808b8e013ecc6c3cc24aa826.cloudfront.net (CloudFront)
x-amz-cf-id: iubP0N5B5P_phrxyyhNXc-5NslaNPA81_cbM_hkdbKVGi9ZxBVJYmQ==
x-amz-cf-pop: FRA56-P11
x-cache: Miss from cloudfront
x-cache-status: MISS
x-powered-by: Express

Redirect headers

cache-control: no-store, no-cache, pre-check=0, post-check=0
content-length: 0
date: Sat, 03 Aug 2024 15:11:34 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://adsphere.healthbenefitsadvantage.com/s/AQAOXXeufYAXFLO9rVLh1u4EIIQBeqXqG9Y8Nrhb?cep=aMqYli5FSxUJJopCxTtGM0ERvd0YJvJd2Hm3X7UQfe7GZMlZHCWMri2A-ZXGE6nMkDz4w9bae7YD39uSvxUg3CeyMId2-fFQd9x6HjP8Cg5MX9QbdCLviCKg5o3JLHDvPBhoSXlaFn57iEOi3UCsoW5cvkFbX3oJwCLdGE5XFObtUNs2xq6hM_83J9uiMhevePT0f4UZniUp3JXCqaHdlfETs-qFC6QUSh7ATPKtCG8FTDsVKU3WrAY9yS8h29CQBuJKnRPwK48B8J4edC5Mz8gJ4sBPyFM3pakznuYgrxWfaQS8BRPm_uP7OFZLkPIrrKMc-uKBaliuoUF5rjZzEk_NS-98t1YKZerFxfe1rzXBi_Yox8-dKsh8u0k1R52rrZfwlGvF48aHIsjh2vktilLHlp__CwEenmJRWzUAyig&lptoken=17be225e6937967a947b&source=330244&clickid=1037259394
pragma: no-cache
server: nginx
via: 1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
x-amz-cf-id: Jd2-DKtnCuQ8Le8xwdspmbJp9mISm9j78sjQ0UhMO_FLddUvDxrPlg==
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront

GET
H2 200 capture%20d%E2%80%99e%CC%81cran%2C%20le%202023-11-09%20a%CC%80%2013.49.01-1699555776945.png
static.leadshook.io/upload/adsphere/ 11 KB
11 KB 475ms
463ms Image
image/png 18.244.18.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.leadshook.io/upload/adsphere/capture%20d%E2%80%99e%CC%81cran%2C%20le%202023-11-09%20a%CC%80%2013.49.01-1699555776945.png
Requested by: Host: adsphere.healthbenefitsadvantage.com
URL: https://adsphere.healthbenefitsadvantage.com/s/AQAOXXeufYAXFLO9rVLh1u4EIIQBeqXqG9Y8Nrhb?cep=aMqYli5FSxUJJopCxTtGM0ERvd0YJvJd2Hm3X7UQfe7GZMlZHCWMri2A-ZXGE6nMkDz4w9bae7YD39uSvxUg3CeyMId2-fFQd9x6HjP8Cg5MX9QbdCLviCKg5o3JLHDvPBhoSXlaFn57iEOi3UCsoW5cvkFbX3oJwCLdGE5XFObtUNs2xq6hM_83J9uiMhevePT0f4UZniUp3JXCqaHdlfETs-qFC6QUSh7ATPKtCG8FTDsVKU3WrAY9yS8h29CQBuJKnRPwK48B8J4edC5Mz8gJ4sBPyFM3pakznuYgrxWfaQS8BRPm_uP7OFZLkPIrrKMc-uKBaliuoUF5rjZzEk_NS-98t1YKZerFxfe1rzXBi_Yox8-dKsh8u0k1R52rrZfwlGvF48aHIsjh2vktilLHlp__CwEenmJRWzUAyig&lptoken=17be225e6937967a947b&source=330244&clickid=1037259394
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-40.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3a1470ce946c675e1a98cadad2d96efec362312dcd612e4affdf41e9dbd0099f

Request headers

Referer: https://adsphere.healthbenefitsadvantage.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 15:11:36 GMT
via: 1.1 872b8cb7808b8e013ecc6c3cc24aa826.cloudfront.net (CloudFront)
last-modified: Thu, 09 Nov 2023 18:49:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
etag: "1a251fcf11f40a99187becba5d095b50"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 11379
x-amz-cf-id: 6BabLGrW6mqxEe6jmbt_GiYh-jbc9n6chPn89sOgoDLUUIYtqCZsfw==

GET
H2 200 button-redeem-this-offer-1708706118661.png
static.leadshook.io/upload/adsphere/ 2 KB
2 KB 580ms
571ms Image
image/png 18.244.18.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.leadshook.io/upload/adsphere/button-redeem-this-offer-1708706118661.png
Requested by: Host: adsphere.healthbenefitsadvantage.com
URL: https://adsphere.healthbenefitsadvantage.com/s/AQAOXXeufYAXFLO9rVLh1u4EIIQBeqXqG9Y8Nrhb?cep=aMqYli5FSxUJJopCxTtGM0ERvd0YJvJd2Hm3X7UQfe7GZMlZHCWMri2A-ZXGE6nMkDz4w9bae7YD39uSvxUg3CeyMId2-fFQd9x6HjP8Cg5MX9QbdCLviCKg5o3JLHDvPBhoSXlaFn57iEOi3UCsoW5cvkFbX3oJwCLdGE5XFObtUNs2xq6hM_83J9uiMhevePT0f4UZniUp3JXCqaHdlfETs-qFC6QUSh7ATPKtCG8FTDsVKU3WrAY9yS8h29CQBuJKnRPwK48B8J4edC5Mz8gJ4sBPyFM3pakznuYgrxWfaQS8BRPm_uP7OFZLkPIrrKMc-uKBaliuoUF5rjZzEk_NS-98t1YKZerFxfe1rzXBi_Yox8-dKsh8u0k1R52rrZfwlGvF48aHIsjh2vktilLHlp__CwEenmJRWzUAyig&lptoken=17be225e6937967a947b&source=330244&clickid=1037259394
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-40.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9cadd640a4989452825ab64a95f24fcb07cb2677eb36b96866337c3005b52a30

Request headers

Referer: https://adsphere.healthbenefitsadvantage.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 15:11:36 GMT
via: 1.1 872b8cb7808b8e013ecc6c3cc24aa826.cloudfront.net (CloudFront)
last-modified: Fri, 23 Feb 2024 16:35:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
etag: "ee8e759b33d53b431fb6ef79349a669f"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 1680
x-amz-cf-id: QOQAnD0X4gDGYpge-UgCxfKkvzybdv8c1N7QdKpo7i6jvaDXKyq2xg==

GET
H2 200 button-go-to-survey%20(1)-1708706176385.png
static.leadshook.io/upload/adsphere/ 2 KB
2 KB 451ms
450ms Image
image/png 18.244.18.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.leadshook.io/upload/adsphere/button-go-to-survey%20(1)-1708706176385.png
Requested by: Host: adsphere.healthbenefitsadvantage.com
URL: https://adsphere.healthbenefitsadvantage.com/s/AQAOXXeufYAXFLO9rVLh1u4EIIQBeqXqG9Y8Nrhb?cep=aMqYli5FSxUJJopCxTtGM0ERvd0YJvJd2Hm3X7UQfe7GZMlZHCWMri2A-ZXGE6nMkDz4w9bae7YD39uSvxUg3CeyMId2-fFQd9x6HjP8Cg5MX9QbdCLviCKg5o3JLHDvPBhoSXlaFn57iEOi3UCsoW5cvkFbX3oJwCLdGE5XFObtUNs2xq6hM_83J9uiMhevePT0f4UZniUp3JXCqaHdlfETs-qFC6QUSh7ATPKtCG8FTDsVKU3WrAY9yS8h29CQBuJKnRPwK48B8J4edC5Mz8gJ4sBPyFM3pakznuYgrxWfaQS8BRPm_uP7OFZLkPIrrKMc-uKBaliuoUF5rjZzEk_NS-98t1YKZerFxfe1rzXBi_Yox8-dKsh8u0k1R52rrZfwlGvF48aHIsjh2vktilLHlp__CwEenmJRWzUAyig&lptoken=17be225e6937967a947b&source=330244&clickid=1037259394
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-40.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3b8d922bfe3892bdd08336052fa9e088a93946b93f9072c330938b853aa7ef77

Request headers

Referer: https://adsphere.healthbenefitsadvantage.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 15:11:36 GMT
via: 1.1 872b8cb7808b8e013ecc6c3cc24aa826.cloudfront.net (CloudFront)
last-modified: Fri, 23 Feb 2024 16:36:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
etag: "df234f72e4f9eeeeeb852b7856cd9bf5"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 1786
x-amz-cf-id: y-3vow_35S5_iC_Yl3J1eMu6JOVSTapbsk0DrQJSq2Jy8dbLUBwjuA==

GET
H2 200 432630712-779235970385204-4759715321839637749-n-1720132335403.jpeg
static.leadshook.io/upload/adsphere/ 38 KB
39 KB 473ms
472ms Image
image/jpeg 18.244.18.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.leadshook.io/upload/adsphere/432630712-779235970385204-4759715321839637749-n-1720132335403.jpeg
Requested by: Host: adsphere.healthbenefitsadvantage.com
URL: https://adsphere.healthbenefitsadvantage.com/s/AQAOXXeufYAXFLO9rVLh1u4EIIQBeqXqG9Y8Nrhb?cep=aMqYli5FSxUJJopCxTtGM0ERvd0YJvJd2Hm3X7UQfe7GZMlZHCWMri2A-ZXGE6nMkDz4w9bae7YD39uSvxUg3CeyMId2-fFQd9x6HjP8Cg5MX9QbdCLviCKg5o3JLHDvPBhoSXlaFn57iEOi3UCsoW5cvkFbX3oJwCLdGE5XFObtUNs2xq6hM_83J9uiMhevePT0f4UZniUp3JXCqaHdlfETs-qFC6QUSh7ATPKtCG8FTDsVKU3WrAY9yS8h29CQBuJKnRPwK48B8J4edC5Mz8gJ4sBPyFM3pakznuYgrxWfaQS8BRPm_uP7OFZLkPIrrKMc-uKBaliuoUF5rjZzEk_NS-98t1YKZerFxfe1rzXBi_Yox8-dKsh8u0k1R52rrZfwlGvF48aHIsjh2vktilLHlp__CwEenmJRWzUAyig&lptoken=17be225e6937967a947b&source=330244&clickid=1037259394
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-40.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6da087ed998d9ba83b4f1ef54621b4336c6fdf3f742b3158734523d0d2bfd32b

Request headers

Referer: https://adsphere.healthbenefitsadvantage.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 15:11:36 GMT
via: 1.1 872b8cb7808b8e013ecc6c3cc24aa826.cloudfront.net (CloudFront)
last-modified: Thu, 04 Jul 2024 22:32:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
etag: "a4cbd5c24440c66cbe3ac037ab61c1e1"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 39207
x-amz-cf-id: PxphbqOZjLaFzsiaLiu3aCfkPhQkT0TEQKtYVas0X0uFh3XP4zXt5Q==

GET
H2 200 lodash.min.js Show response
cdn.jsdelivr.net/npm/lodash@4.17.21/ 71 KB
27 KB 130ms
39ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/lodash@4.17.21/lodash.min.js

Requested by

Host: adsphere.healthbenefitsadvantage.com
URL: https://adsphere.healthbenefitsadvantage.com/s/AQAOXXeufYAXFLO9rVLh1u4EIIQBeqXqG9Y8Nrhb?cep=aMqYli5FSxUJJopCxTtGM0ERvd0YJvJd2Hm3X7UQfe7GZMlZHCWMri2A-ZXGE6nMkDz4w9bae7YD39uSvxUg3CeyMId2-fFQd9x6HjP8Cg5MX9QbdCLviCKg5o3JLHDvPBhoSXlaFn57iEOi3UCsoW5cvkFbX3oJwCLdGE5XFObtUNs2xq6hM_83J9uiMhevePT0f4UZniUp3JXCqaHdlfETs-qFC6QUSh7ATPKtCG8FTDsVKU3WrAY9yS8h29CQBuJKnRPwK48B8J4edC5Mz8gJ4sBPyFM3pakznuYgrxWfaQS8BRPm_uP7OFZLkPIrrKMc-uKBaliuoUF5rjZzEk_NS-98t1YKZerFxfe1rzXBi_Yox8-dKsh8u0k1R52rrZfwlGvF48aHIsjh2vktilLHlp__CwEenmJRWzUAyig&lptoken=17be225e6937967a947b&source=330244&clickid=1037259394

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/

Resource Hash

a9705dfc47c0763380d851ab1801be6f76019f6b67e40e9b873f8b4a0603f7a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://adsphere.healthbenefitsadvantage.com/
Origin: https://adsphere.healthbenefitsadvantage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 03 Aug 2024 15:11:35 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2624923
x-jsd-version: 4.17.21
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 27224
x-served-by: cache-fra-eddf8230145-FRA, cache-cph2320053-CPH
x-jsd-version-type: version
etag: W/"11d37-roVLBAJduLf0j91t7fQed+rkQ5Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 403 favicon.png
adsphere.healthbenefitsadvantage.com/assets/images/ 263 B
501 B 438ms
438ms Other
application/xml 18.244.18.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adsphere.healthbenefitsadvantage.com/assets/images/favicon.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-40.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1ee3a7f2180f99c72efdd28293af9bd235e2b34e72c97345d79f8433ddee81c9

Request headers

Referer: https://adsphere.healthbenefitsadvantage.com/s/AQAOXXeufYAXFLO9rVLh1u4EIIQBeqXqG9Y8Nrhb?cep=aMqYli5FSxUJJopCxTtGM0ERvd0YJvJd2Hm3X7UQfe7GZMlZHCWMri2A-ZXGE6nMkDz4w9bae7YD39uSvxUg3CeyMId2-fFQd9x6HjP8Cg5MX9QbdCLviCKg5o3JLHDvPBhoSXlaFn57iEOi3UCsoW5cvkFbX3oJwCLdGE5XFObtUNs2xq6hM_83J9uiMhevePT0f4UZniUp3JXCqaHdlfETs-qFC6QUSh7ATPKtCG8FTDsVKU3WrAY9yS8h29CQBuJKnRPwK48B8J4edC5Mz8gJ4sBPyFM3pakznuYgrxWfaQS8BRPm_uP7OFZLkPIrrKMc-uKBaliuoUF5rjZzEk_NS-98t1YKZerFxfe1rzXBi_Yox8-dKsh8u0k1R52rrZfwlGvF48aHIsjh2vktilLHlp__CwEenmJRWzUAyig&lptoken=17be225e6937967a947b&source=330244&clickid=1037259394
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 15:11:36 GMT
via: 1.1 872b8cb7808b8e013ecc6c3cc24aa826.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: FRA56-P11
x-amz-cf-id: Im_4emF9zdecZ2FbT53L5acs1opwT4LYZmrZ7naTiRRP68mwKO4VOQ==
x-cache: Error from cloudfront
content-type: application/xml

Verdicts & Comments Add Verdict or Comment

102 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.finianlogying.com/	1970-01-20 22:33:04	Name: 325d62c2-cec3-4ca9-8b52-ec4f0b0f26a5-v4 Value: XCpLCNOud0gRb4kfyI9FHlyVR5G19xDX4YrXqDcZjQM
.finianlogying.com/	1970-01-20 22:33:04	Name: cep-v4 Value: GRw-PjfevrZiy7_W5a1321Y3VCJ5VO_r8lgSDL5PH2H7EJtd3lWmCqtiPV8ci38gh4sYGgh2yRw8MSp8O1KZ9TOMhkJq9l87wO5gG7jIecUJhLQEaLvvWM0kf4XfxmCyCuvjBUKh1pPmXyeZPdloaIRR_3wxhN6x6TM0qgEj0nuRhFBB2x_PTJ6lHkHBN_3FxTwhkaoK6r5RmRkyQw3xwL2VjSoyk5oaeok0-vIeabPzea63xnzmx2ThY7c5IMaByuTW0BaxQoOGo9l0zUKnVbl8whJNFzcVwZNnv_9fT50tcSq3OYHHlSm0RRNUetjpJo56VZf48MACQeJrEOtTLkjCWAQ9swHUZOq6gx46rWXptNlh0b-C8B6NqcRszcwpMXnEPOSB49TdDDN_S8OJYNgGT0Vkj0CgC3L1Yx6sG9I
adsphere.healthbenefitsadvantage.com/	1970-01-20 22:41:42	Name: AWSALB Value: gSIAPWQuVpYGj8UOHlWYezEe5mZ6pBn7CLGhOBuHZ1wsDdrN1HIbMQZUd1fZShYznJ6lOqo8qHmjcK4bcoD8rG/eDXTXEUXjuVDR/bnaKBt6H+POsZlkVgU4HbDr
adsphere.healthbenefitsadvantage.com/	1970-01-20 22:41:42	Name: AWSALBCORS Value: gSIAPWQuVpYGj8UOHlWYezEe5mZ6pBn7CLGhOBuHZ1wsDdrN1HIbMQZUd1fZShYznJ6lOqo8qHmjcK4bcoD8rG/eDXTXEUXjuVDR/bnaKBt6H+POsZlkVgU4HbDr
adsphere.healthbenefitsadvantage.com/	1969-12-31 23:59:59	Name: dt_75133.lead Value: j%3A%7B%22id%22%3A523177662%7D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://adsphere.healthbenefitsadvantage.com/assets/images/favicon.png Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adsphere.healthbenefitsadvantage.com
cdn.jsdelivr.net
finianlogying.com
static.leadshook.io
18.244.18.40
2600:9000:223e:f400:1e:e922:c480:93a1
2a04:4e42:400::485
1ee3a7f2180f99c72efdd28293af9bd235e2b34e72c97345d79f8433ddee81c9
3a1470ce946c675e1a98cadad2d96efec362312dcd612e4affdf41e9dbd0099f
3b8d922bfe3892bdd08336052fa9e088a93946b93f9072c330938b853aa7ef77
6da087ed998d9ba83b4f1ef54621b4336c6fdf3f742b3158734523d0d2bfd32b
9cadd640a4989452825ab64a95f24fcb07cb2677eb36b96866337c3005b52a30
9e57eaa0bfd97dad94aa75c3fb65d49d9bcb9f6307a5c480b4fc1853c6a4aff5
a9705dfc47c0763380d851ab1801be6f76019f6b67e40e9b873f8b4a0603f7a9

adsphere.healthbenefitsadvantage.com Open in urlscan Pro 18.244.18.40 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

7 Requests

100 %HTTPS

67 %IPv6

4 Domains

4 Subdomains

2 IPs

1 Countries

124 kBTransfer

306 kBSize

5 Cookies

3 Outgoing links

Page URL History

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

102 JavaScript Global Variables

5 Cookies

1 Console Messages

Indicators

adsphere.healthbenefitsadvantage.com Open in urlscan Pro
18.244.18.40 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

100 %
HTTPS

67 %
IPv6

4
Domains

4
Subdomains

2
IPs

1
Countries

124 kB
Transfer

306 kB
Size

5
Cookies

7 HTTP transactions
0 data transactions