urlscan.io logo urlscan.io
SecurityTrails logo

benefits.benefit-relief.com Open in urlscan Pro
2606:4700:e0::ac40:6527  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://check10result.cyou/bgr/6784803514
Effective URL: https://benefits.benefit-relief.com/sf/1/0?sfhp=bgchk&sfhp2=bgchk&s1=472577&s2=996163393&s3=bgr4
Submission: On January 29 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 8 domains to perform 22 HTTP transactions. The main IP is 2606:4700:e0::ac40:6527, located in United States and belongs to CLOUDFLARENET, US. The main domain is benefits.benefit-relief.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 24th 2020. Valid for: a year.
This is the only time benefits.benefit-relief.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 202.165.66.85 137409 (GSLNETWOR...)
1 188.119.120.155 48430 (FIRSTDC-AS)
5 2606:4700:e0:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:e6:... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
1 3 45.55.126.207 14061 (DIGITALOC...)
22 10
2    202.165.66.85 (Australia)

ASN137409 (GSLNETWORKS-AS-AP GSL Networks Pty LTD, AU)
check10result.cyou
1    188.119.120.155 (Russian Federation)

ASN48430 (FIRSTDC-AS, RU)
PTR: ovo127.hotpress2.com
fiascors.com
5    2606:4700:e0::ac40:6527 (United States)

ASN13335 (CLOUDFLARENET, US)
benefits.benefit-relief.com
1    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
2    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2606:4700:e6::ac40:cb1c (United States)

ASN13335 (CLOUDFLARENET, US)
ka-f.fontawesome.com
5    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    45.55.126.207 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
beacon.benefit-relief.com
Domain Requested by
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
benefits.benefit-relief.com
5 benefits.benefit-relief.com fiascors.com
benefits.benefit-relief.com
3 beacon.benefit-relief.com 1 redirects benefits.benefit-relief.com
3 ka-f.fontawesome.com kit.fontawesome.com
2 www.googletagmanager.com benefits.benefit-relief.com
2 check10result.cyou 1 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 kit.fontawesome.com benefits.benefit-relief.com
1 fonts.googleapis.com benefits.benefit-relief.com
1 fiascors.com check10result.cyou
22 10

This site contains links to these domains. Also see Links.

Domain
benefit-relief.com
Subject Issuer Validity Valid
www.fiascors.com
Go Daddy Secure Certificate Authority - G2		 2020-10-15 -
2021-10-15		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-09-24 -
2021-09-24		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-13 -
2021-12-14		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
beacon.benefit-relief.com
R3		 2021-01-24 -
2021-04-24		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://benefits.benefit-relief.com/sf/1/0?sfhp=bgchk&sfhp2=bgchk&s1=472577&s2=996163393&s3=bgr4
Frame ID: EB42C7C928DFA5502F23CAC19523338A
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://check10result.cyou/bgr/6784803514 Page URL
  2. http://check10result.cyou/get/bgr/6784803514 HTTP 307
    https://fiascors.com/1002f4185babd475800/bgr4// Page URL
  3. https://benefits.benefit-relief.com/sf/1/0?sfhp=bgchk&sfhp2=bgchk&s1=472577&s2=996163393&s3=bgr4 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<[^>]+data-react/i
Overall confidence: 100%
Detected patterns
  • html /<script[^>]* src=[^>]+fontawesome(?:\.js)?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

22
Requests

95 %
HTTPS

70 %
IPv6

8
Domains

10
Subdomains

10
IPs

4
Countries

228 kB
Transfer

833 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://check10result.cyou/bgr/6784803514 Page URL
  2. http://check10result.cyou/get/bgr/6784803514 HTTP 307
    https://fiascors.com/1002f4185babd475800/bgr4// Page URL
  3. https://benefits.benefit-relief.com/sf/1/0?sfhp=bgchk&sfhp2=bgchk&s1=472577&s2=996163393&s3=bgr4 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://check10result.cyou/get/bgr/6784803514 HTTP 307
  • https://fiascors.com/1002f4185babd475800/bgr4//
Request Chain 16
  • https://beacon.benefit-relief.com/g2/0b545203-e67b-4ce7-b1bb-1be1c66f43aa?s1=472577&s2=996163393&s3=bgr4&sfhp=bgchk&sfhp2=bgchk HTTP 302
  • https://beacon.benefit-relief.com/s/8d2c227a-41b4-48cb-9b49-664d3226574c?&requestid=G9MNMoeM3a&destinationid=919890070&s1=472577&s2=996163393&s3=bgr4&sfhp=bgchk&sfhp2=bgchk

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
6784803514
check10result.cyou/bgr/ 		236 B
464 B 		Document
General
Check archive.org
Download Go to
Full URL
http://check10result.cyou/bgr/6784803514
Protocol
HTTP/1.1
Server
202.165.66.85 , Australia, ASN137409 (GSLNETWORKS-AS-AP GSL Networks Pty LTD, AU),
Reverse DNS
Software
nginx/1.19.6 / Express
Resource Hash
f9e377b250e34a013d8bb775a2258cb1311638334b7e6fc1bc227fcf497b4487

Request headers

Host
check10result.cyou
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx/1.19.6
Date
Fri, 29 Jan 2021 22:29:35 GMT
Content-Type
text/html; charset=utf-8
Content-Length
236
Connection
keep-alive
X-Powered-By
Express
ETag
W/"ec-9UehQovQVYEHLuAtXVucMRr6t+c"
Cookie set /
fiascors.com/1002f4185babd475800/bgr4//
Redirect Chain
  • http://check10result.cyou/get/bgr/6784803514
  • https://fiascors.com/1002f4185babd475800/bgr4//
159 B
452 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fiascors.com/1002f4185babd475800/bgr4//
Requested by
Host: check10result.cyou
URL: http://check10result.cyou/bgr/6784803514
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.119.120.155 , Russian Federation, ASN48430 (FIRSTDC-AS, RU),
Reverse DNS
ovo127.hotpress2.com
Software
Apache /
Resource Hash
3043241ec3e7d25ddc2052131105611a115fb8aa32a8da4ea99cd86d8fd9abe8

Request headers

Host
fiascors.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
http://check10result.cyou/bgr/6784803514
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://check10result.cyou/bgr/6784803514

Response headers

Date
Fri, 29 Jan 2021 22:29:37 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
159
Server
Apache
Set-Cookie
uid16327=996163393-20210129162937-eb4076398f9d21e9ab6491b857c4caaa-; domain=; expires=Mon, 01-Mar-2021 21:29:37 GMT; path=/; SameSite=None; Secure

Redirect headers

Server
nginx/1.19.6
Date
Fri, 29 Jan 2021 22:29:36 GMT
Content-Type
text/html; charset=utf-8
Content-Length
151
Connection
keep-alive
X-Powered-By
Express
Location
https://fiascors.com/1002f4185babd475800/bgr4//
Vary
Accept
Primary Request 0
benefits.benefit-relief.com/sf/1/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://benefits.benefit-relief.com/sf/1/0?sfhp=bgchk&sfhp2=bgchk&s1=472577&s2=996163393&s3=bgr4
Requested by
Host: fiascors.com
URL: https://fiascors.com/1002f4185babd475800/bgr4//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2added3f22fd3bf9fa7bf4c2c577865087fba36708d1a4adbd045d35601ed27

Request headers

:method
GET
:authority
benefits.benefit-relief.com
:scheme
https
:path
/sf/1/0?sfhp=bgchk&sfhp2=bgchk&s1=472577&s2=996163393&s3=bgr4
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://fiascors.com/1002f4185babd475800/bgr4//
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fiascors.com/1002f4185babd475800/bgr4//

Response headers

date
Fri, 29 Jan 2021 22:29:37 GMT
content-type
text/html
set-cookie
__cfduid=d2bbe480d436154fa4b9fc718d2669f1f1611959377; expires=Sun, 28-Feb-21 22:29:37 GMT; path=/; domain=.benefit-relief.com; HttpOnly; SameSite=Lax; Secure
last-modified
Tue, 26 Jan 2021 15:59:09 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
07f1dd357300004a735b98c000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bZAZBXDMh3pwTzDiEVla%2B6DDDIEC491VCma7d2AiEqGVIi7VXnCqURG5d39LJy5HktxF1LcYy%2FyyknCHkVDA0KCLcOyaLBM1LItKElYEqsPajiG6QvG7ITJMEOHKtj4qmYHj11CNQ0Q%3D"}]}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6196649be9e14a73-FRA
content-encoding
br
css
fonts.googleapis.com/ 		5 KB
732 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700,900|Poppins:300,400,700&display=swap
Requested by
Host: benefits.benefit-relief.com
URL: https://benefits.benefit-relief.com/sf/1/0?sfhp=bgchk&sfhp2=bgchk&s1=472577&s2=996163393&s3=bgr4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d5c336543068fe4bfbd6cc01688a07c7d377e61238fc8d584b9f250e29696cca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 29 Jan 2021 22:29:37 GMT
server
ESF
date
Fri, 29 Jan 2021 22:29:37 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 29 Jan 2021 22:29:37 GMT
268a7048dd.js
kit.fontawesome.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/268a7048dd.js
Requested by
Host: benefits.benefit-relief.com
URL: https://benefits.benefit-relief.com/sf/1/0?sfhp=bgchk&sfhp2=bgchk&s1=472577&s2=996163393&s3=bgr4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4492156fcf7a679b28b4b75d5e84b2b5eec606d5da785eb67e73141d2df58db0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://benefits.benefit-relief.com/sf/1/0?sfhp=bgchk&sfhp2=bgchk&s1=472577&s2=996163393&s3=bgr4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 29 Jan 2021 22:29:37 GMT
content-encoding
gzip
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-cache-status
HIT
age
17
strict-transport-security
max-age=31536000; preload
cf-request-id
07f1dd36ea0000c2d6bc8c5000000001
x-request-id
Flo5Fyev51Ip-_cAPn-B
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=60, public, must-revalidate
cf-ray
6196649e4a19c2d6-FRA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
js
www.googletagmanager.com/gtag/ 		97 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-92483201-41
Requested by
Host: benefits.benefit-relief.com
URL: https://benefits.benefit-relief.com/sf/1/0?sfhp=bgchk&sfhp2=bgchk&s1=472577&s2=996163393&s3=bgr4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
75d4b05c568e6e1b1b890b4ecbfe7d2c3cb0fa777300dd256d47d5aafc888929
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://benefits.benefit-relief.com/sf/1/0?sfhp=bgchk&sfhp2=bgchk&s1=472577&s2=996163393&s3=bgr4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 29 Jan 2021 22:29:37 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38898
x-xss-protection
0
last-modified
Fri, 29 Jan 2021 21:54:42 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 29 Jan 2021 22:29:37 GMT
bundle.dbe4469a0c88057b6234.css
benefits.benefit-relief.com/sf/1/ 		27 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://benefits.benefit-relief.com/sf/1/bundle.dbe4469a0c88057b6234.css?t=1611676734102
Requested by
Host: benefits.benefit-relief.com
URL: https://benefits.benefit-relief.com/sf/1/0?sfhp=bgchk&sfhp2=bgchk&s1=472577&s2=996163393&s3=bgr4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23aef20e5d6cac0b5e192994b8065a390cf169e91644e61bb25c860c4893106c

Request headers

Referer
https://benefits.benefit-relief.com/sf/1/0?sfhp=bgchk&sfhp2=bgchk&s1=472577&s2=996163393&s3=bgr4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 29 Jan 2021 22:29:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
168745
cf-request-id
07f1dd36d900004a7323268000000001
last-modified
Tue, 26 Jan 2021 15:59:09 GMT
server
cloudflare
etag
W/"60103c4d-6dd4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=adkjTvnDy%2FGcfEKOidi%2BVsEJOhf%2FAUk6jMYI%2Bcqmn9RM1eBHeK91iAtbXLp4XGhwzgQim7qVzLzvmvRzLYYez7nj5c%2B1LitN0zVrnK5L3uftrx9luViX6FYBYeD1VvIc%2FD1smvIPoA8%3D"}]}
content-type
text/css
cache-control
max-age=31536000
cf-ray
6196649e2ed54a73-FRA
expires
Wed, 26 Jan 2022 16:01:22 GMT
logo.png
benefits.benefit-relief.com/sf/1/public/ 		602 B
974 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://benefits.benefit-relief.com/sf/1/public/logo.png?v=05468576
Requested by
Host: benefits.benefit-relief.com
URL: https://benefits.benefit-relief.com/sf/1/0?sfhp=bgchk&sfhp2=bgchk&s1=472577&s2=996163393&s3=bgr4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ad38b7c287f942deb7829aaf55457fcde14621d6067c47a855e232598a956e3

Request headers

Referer
https://benefits.benefit-relief.com/sf/1/0?sfhp=bgchk&sfhp2=bgchk&s1=472577&s2=996163393&s3=bgr4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 29 Jan 2021 22:29:37 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
168745
content-length
602
cf-request-id
07f1dd36ee00004a733f165000000001
last-modified
Thu, 22 Oct 2020 13:56:32 GMT
server
cloudflare
etag
"5f918f90-25a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jZ1ifJ8SwED2bniDfIOz4thvL8ET4E9lstVZsWOtYlTzYSOtQQudiXoAZCwl8Mg%2FmVHVbSANu5gU9k0Dt5FYcyFIbnjg0W8wHgUY%2BZlhWS2ZkTQCMUPIPu1neM81%2B1GLB6mtYQaG2ck%3D"}]}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6196649e4f5e4a73-FRA
expires
Thu, 04 Nov 2021 07:20:55 GMT
1.e8d0f3e8.chunk.js
benefits.benefit-relief.com/sf/1/js/ 		264 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://benefits.benefit-relief.com/sf/1/js/1.e8d0f3e8.chunk.js
Requested by
Host: benefits.benefit-relief.com
URL: https://benefits.benefit-relief.com/sf/1/0?sfhp=bgchk&sfhp2=bgchk&s1=472577&s2=996163393&s3=bgr4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15f880c03625220c5009a79f809661ab76db228bd7be365feab294da3b4a0f6b

Request headers

Referer
https://benefits.benefit-relief.com/sf/1/0?sfhp=bgchk&sfhp2=bgchk&s1=472577&s2=996163393&s3=bgr4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 29 Jan 2021 22:29:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
169654
cf-request-id
07f1dd36ec00004a733e988000000001
last-modified
Thu, 21 Jan 2021 13:54:46 GMT
server
cloudflare
etag
W/"600987a6-41fcf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ieE5LIi6rffciCY5pcf0mX%2Fetu4kNmuRiqXNqMTGSAFQ7%2F0QtAc1JZ91328QrVwndkXm%2BtGTMWuMyrqfd3EHe%2BFATmPgt1%2B8fmlJPCWX5j27WBIvV4rylxaNzbSW6p2pwbJHwXwsX8I%3D"}]}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
6196649e4f4b4a73-FRA
expires
Fri, 21 Jan 2022 13:56:21 GMT
app.ebdf0f65.js
benefits.benefit-relief.com/sf/1/js/ 		277 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://benefits.benefit-relief.com/sf/1/js/app.ebdf0f65.js
Requested by
Host: benefits.benefit-relief.com
URL: https://benefits.benefit-relief.com/sf/1/0?sfhp=bgchk&sfhp2=bgchk&s1=472577&s2=996163393&s3=bgr4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6527 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac771e8323e6d3fbee11d63736bc26f6bc12ade4608105cbf20c23ed98a8aeb4

Request headers

Referer
https://benefits.benefit-relief.com/sf/1/0?sfhp=bgchk&sfhp2=bgchk&s1=472577&s2=996163393&s3=bgr4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 29 Jan 2021 22:29:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
169654
cf-request-id
07f1dd36ee00004a73ff3a2000000001
last-modified
Tue, 26 Jan 2021 13:27:54 GMT
server
cloudflare
etag
W/"601018da-454d0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ai5tXw7OBb2qoyIgVWL4Mrnk%2BM0Cal8fRv7SyHxrqOONuWl3MYdVsVdnyyNgm4Egow4Oxfi%2Bh8x%2Bftxv0svEhDlZ3te4uVI202vhuqCS1CQmklEhnUgJ4qr5D3pXrXux7YzGx12HrBM%3D"}]}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
6196649e4f5c4a73-FRA
expires
Wed, 26 Jan 2022 13:28:46 GMT
gtm.js
www.googletagmanager.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=@@gtagManagerId
Requested by
Host: benefits.benefit-relief.com
URL: https://benefits.benefit-relief.com/sf/1/0?sfhp=bgchk&sfhp2=bgchk&s1=472577&s2=996163393&s3=bgr4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://benefits.benefit-relief.com/sf/1/0?sfhp=bgchk&sfhp2=bgchk&s1=472577&s2=996163393&s3=bgr4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900|Poppins:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://benefits.benefit-relief.com
Referer
https://fonts.googleapis.com/css?family=Lato:400,700,900|Poppins:300,400,700&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 27 Jan 2021 15:41:19 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 22:01:44 GMT
server
sffe
age
197298
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7832
x-xss-protection
0
expires
Thu, 27 Jan 2022 15:41:19 GMT
free.min.css
ka-f.fontawesome.com/releases/v5.15.2/css/ 		59 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.2/css/free.min.css?token=268a7048dd
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/268a7048dd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c7bba7deb64ff95e98f7ac8cd0d3b675a4bcf02f302e57edc5a1d6fa3d6cf94

Request headers

Referer
https://benefits.benefit-relief.com/sf/1/0?sfhp=bgchk&sfhp2=bgchk&s1=472577&s2=996163393&s3=bgr4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 29 Jan 2021 22:29:37 GMT
via
1.1 92ab13182d4b89ed20b3b5c10adc4f23.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1224189
x-cache
Hit from cloudfront
access-control-allow-methods
GET
content-encoding
br
cf-request-id
07f1dd37240000977251b17000000001
last-modified
Wed, 13 Jan 2021 18:32:18 GMT
server
cloudflare
etag
W/"4ecc071b77d6b1790fa9fb8a5173f972"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Btd4WGLtH1oDkZBGHoNSvGtacU%2BgiB2brPIfoeOpTsjwzQyy8vP0c7kK7r9ZeJ%2B8UF%2F64vO6gq%2FgzzIGn%2Fztx76RWluKIUc%2BgW%2Fl7h0f0XDzeS03xNwrc6SWdMqzbw5EEw%3D%3D"}],"max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
x-amz-cf-pop
FRA6-C1
cf-ray
6196649e9d4b9772-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
Lw4CbusXWUeZHdKdkIHAP0UrajQbSXOASxwverzJbCshMYSZ2IEADQ==
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v5.15.2/css/ 		26 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.2/css/free-v4-shims.min.css?token=268a7048dd
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/268a7048dd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7cc3c57f9bda4c6dcb83bb3c19f2f2aa86ecec6274e243cd4ec315ae8e30101

Request headers

Referer
https://benefits.benefit-relief.com/sf/1/0?sfhp=bgchk&sfhp2=bgchk&s1=472577&s2=996163393&s3=bgr4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 29 Jan 2021 22:29:37 GMT
via
1.1 82e9051d8d41080bd3028731e0e8677f.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1224189
x-cache
Hit from cloudfront
access-control-allow-methods
GET
content-encoding
br
cf-request-id
07f1dd37250000977272ba6000000001
last-modified
Wed, 13 Jan 2021 18:32:17 GMT
server
cloudflare
etag
W/"1848e71668f42835079e5fa2af6cf4a8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2B1aqcH%2B7%2BUQD6N7AGJsEI9SX2CATpa1YCb1ZVkMZVGYyHy1h2OBr33VO8Uv8lQwo%2FSZd24hSoD6SbnK3qqHFp1wiEOj1VaS2klN3fhcyUFOo7TuxCLBnR0mcg1T15FxKTw%3D%3D"}],"max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
x-amz-cf-pop
FRA6-C1
cf-ray
6196649ead4c9772-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
mhahH9oYgy4-7QS3G-ZcviMsxpGdTG09i8zxrSXurpjSFWKTz3viOw==
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v5.15.2/css/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.2/css/free-v4-font-face.min.css?token=268a7048dd
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/268a7048dd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87a2729abe4d824617c1cf16d8cd2aa780095253d7b237655e654f926872d58e

Request headers

Referer
https://benefits.benefit-relief.com/sf/1/0?sfhp=bgchk&sfhp2=bgchk&s1=472577&s2=996163393&s3=bgr4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 29 Jan 2021 22:29:37 GMT
via
1.1 94faae20b0f122c4555025f52a2fd745.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1224189
x-cache
Hit from cloudfront
access-control-allow-methods
GET
content-encoding
br
cf-request-id
07f1dd37250000977249b2d000000001
last-modified
Wed, 13 Jan 2021 18:32:16 GMT
server
cloudflare
etag
W/"252773908df2cc3deb0e09dc1817e64b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=C7B3t7mmIX8bUY73%2B7d2KKGSejRUr9X2lybz2fvAFWqLPplYy%2BRMsb6stRv%2BwtCo7ueBrKqR%2B3rN%2B3P2tJUOlhgFRXzLEvL30OCTuvP6CmWyyP7G%2BxlQKn8tPvABV%2BvS5g%3D%3D"}],"max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
x-amz-cf-pop
FRA6-C1
cf-ray
6196649ead4d9772-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
vlPWo1v7A6Y4kergzMsIfqH-skLVUJ8576m_MCuG-1xxL1zQs6sxHA==
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-92483201-41
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://benefits.benefit-relief.com/sf/1/0?s1=472577&s2=996163393&s3=bgr4&sfhp=bgchk&sfhp2=bgchk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
4533
date
Fri, 29 Jan 2021 21:14:04 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Fri, 29 Jan 2021 23:14:04 GMT
summary
beacon.benefit-relief.com/geo/ 		130 B
584 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://beacon.benefit-relief.com/geo/summary
Requested by
Host: benefits.benefit-relief.com
URL: https://benefits.benefit-relief.com/sf/1/js/1.e8d0f3e8.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.55.126.207 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e9d6bc98f78fc68fd8df33f668599edd8fc680361a3182c0607b772194c769a6
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept
application/json, text/plain, */*
Referer
https://benefits.benefit-relief.com/sf/1/0?s1=472577&s2=996163393&s3=bgr4&sfhp=bgchk&sfhp2=bgchk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 29 Jan 2021 22:29:37 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PATCH, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
false
strict-transport-security
max-age=2592000
access-control-allow-headers
Origin, Accept, Cache-Control, If-Modified-Since, Keep-Alive, Range, DNT, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
8d2c227a-41b4-48cb-9b49-664d3226574c
beacon.benefit-relief.com/s/
Redirect Chain
  • https://beacon.benefit-relief.com/g2/0b545203-e67b-4ce7-b1bb-1be1c66f43aa?s1=472577&s2=996163393&s3=bgr4&sfhp=bgchk&sfhp2=bgchk
  • https://beacon.benefit-relief.com/s/8d2c227a-41b4-48cb-9b49-664d3226574c?&requestid=G9MNMoeM3a&destinationid=919890070&s1=472577&s2=996163393&s3=bgr4&sfhp=bgchk&sfhp2=bgchk
2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://beacon.benefit-relief.com/s/8d2c227a-41b4-48cb-9b49-664d3226574c?&requestid=G9MNMoeM3a&destinationid=919890070&s1=472577&s2=996163393&s3=bgr4&sfhp=bgchk&sfhp2=bgchk
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.55.126.207 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Kestrel /
Resource Hash
92b80b2c3224ffb7a99a1c876a099c14bcb3656d9e5a835ae3febe98d603db5b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://benefits.benefit-relief.com/sf/1/0?s1=472577&s2=996163393&s3=bgr4&sfhp=bgchk&sfhp2=bgchk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 29 Jan 2021 22:29:37 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PATCH, HEAD
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
false
strict-transport-security
max-age=2592000
access-control-allow-headers
Origin, Accept, Cache-Control, If-Modified-Since, Keep-Alive, Range, DNT, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization

Redirect headers

date
Fri, 29 Jan 2021 22:29:37 GMT
server
Kestrel
location
https://beacon.benefit-relief.com/s/8d2c227a-41b4-48cb-9b49-664d3226574c?&requestid=G9MNMoeM3a&destinationid=919890070&s1=472577&s2=996163393&s3=bgr4&sfhp=bgchk&sfhp2=bgchk
strict-transport-security
max-age=2592000
access-control-allow-methods
GET, POST, OPTIONS, PATCH, HEAD
access-control-allow-origin
*
access-control-allow-credentials
false
access-control-allow-headers
Origin, Accept, Cache-Control, If-Modified-Since, Keep-Alive, Range, DNT, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
content-length
0
collect
www.google-analytics.com/j/ 		1 B
75 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=322539138&t=pageview&_s=1&dl=https%3A%2F%2Fbenefits.benefit-relief.com%2Fsf%2F1%2F0%3Fs1%3D472577%26s2%3D996163393%26s3%3Dbgr4%26sfhp%3Dbgchk%26sfhp2%3Dbgchk&dr=https%3A%2F%2Ffiascors.com%2F1002f4185babd475800%2Fbgr4%2F%2F&ul=en-us&de=UTF-8&dt=Benefit%20Relief&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=570786139&gjid=18730592&cid=1314753771.1611959378&tid=UA-92483201-41&_gid=476132988.1611959378&_r=1&gtm=2ou1k0&z=1078096164
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://benefits.benefit-relief.com/sf/1/0?s1=472577&s2=996163393&s3=bgr4&sfhp=bgchk&sfhp2=bgchk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Jan 2021 22:29:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://benefits.benefit-relief.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j87&a=322539138&t=event&_s=2&dl=https%3A%2F%2Fbenefits.benefit-relief.com%2Fsf%2F1%2F0%3Fs1%3D472577%26s2%3D996163393%26s3%3Dbgr4%26sfhp%3Dbgchk%26sfhp2%3Dbgchk&dr=https%3A%2F%2Ffiascors.com%2F1002f4185babd475800%2Fbgr4%2F%2F&ul=en-us&de=UTF-8&dt=Benefit%20Relief&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pageload&ea=load&el=%2Fsf%2F1&_u=IEBAAUABAAAAAC~&jid=&gjid=&cid=1314753771.1611959378&tid=UA-92483201-41&_gid=476132988.1611959378&gtm=2ou1k0&z=1468836839
Requested by
Host: benefits.benefit-relief.com
URL: https://benefits.benefit-relief.com/sf/1/0?s1=472577&s2=996163393&s3=bgr4&sfhp=bgchk&sfhp2=bgchk
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://benefits.benefit-relief.com/sf/1/0?s1=472577&s2=996163393&s3=bgr4&sfhp=bgchk&sfhp2=bgchk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Jan 2021 09:56:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
45185
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j87&a=322539138&t=event&_s=3&dl=https%3A%2F%2Fbenefits.benefit-relief.com%2Fsf%2F1%2F0%3Fs1%3D472577%26s2%3D996163393%26s3%3Dbgr4%26sfhp%3Dbgchk%26sfhp2%3Dbgchk&dr=https%3A%2F%2Ffiascors.com%2F1002f4185babd475800%2Fbgr4%2F%2F&dp=0%3Fs1%3D472577%26s2%3D996163393%26s3%3Dbgr4%26sfhp%3Dbgchk%26sfhp2%3Dbgchk&ul=en-us&de=UTF-8&dt=Benefit%20Relief&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=User%20started%20Survey%20Flow&ea=survey-flow-started&el=%2Fsf%2F1&_u=KEBAAUABAAAAAC~&jid=&gjid=&cid=1314753771.1611959378&tid=UA-92483201-41&_gid=476132988.1611959378&gtm=2ou1k0&z=1444005775
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://benefits.benefit-relief.com/sf/1/0?s1=472577&s2=996163393&s3=bgr4&sfhp=bgchk&sfhp2=bgchk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Jan 2021 09:56:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
45186
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j87&a=322539138&t=event&_s=4&dl=https%3A%2F%2Fbenefits.benefit-relief.com%2Fsf%2F1%2F0%3Fs1%3D472577%26s2%3D996163393%26s3%3Dbgr4%26sfhp%3Dbgchk%26sfhp2%3Dbgchk&dr=https%3A%2F%2Ffiascors.com%2F1002f4185babd475800%2Fbgr4%2F%2F&dp=0%3Fs1%3D472577%26s2%3D996163393%26s3%3Dbgr4%26sfhp%3Dbgchk%26sfhp2%3Dbgchk&ul=en-us&de=UTF-8&dt=Benefit%20Relief&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=SFHP-BGCHK&ea=view&el=%2Fsf%2F1&_u=KEBAAUABAAAAAC~&jid=&gjid=&cid=1314753771.1611959378&tid=UA-92483201-41&_gid=476132988.1611959378&gtm=2ou1k0&z=302213628
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://benefits.benefit-relief.com/sf/1/0?s1=472577&s2=996163393&s3=bgr4&sfhp=bgchk&sfhp2=bgchk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Jan 2021 09:56:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
45186
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| gtag object| dataLayer object| FontAwesomeKitConfig object| google_tag_manager object| webpackJsonp function| _ object| regeneratorRuntime object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

4 Cookies

Domain/Path Name / Value
.benefit-relief.com/ Name: _gat_gtag_UA_92483201_41
Value: 1
.benefit-relief.com/ Name: _gid
Value: GA1.2.476132988.1611959378
.benefit-relief.com/ Name: _ga
Value: GA1.2.1314753771.1611959378
.benefit-relief.com/ Name: __cfduid
Value: d2bbe480d436154fa4b9fc718d2669f1f1611959377

2 Console Messages

Source Level URL
Text
console-api log URL: https://benefits.benefit-relief.com/sf/1/js/1.e8d0f3e8.chunk.js(Line 13)
Message:
i18next: languageChanged en
console-api log URL: https://benefits.benefit-relief.com/sf/1/js/1.e8d0f3e8.chunk.js(Line 13)
Message:
i18next: initialized [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beacon.benefit-relief.com
benefits.benefit-relief.com
check10result.cyou
fiascors.com
fonts.googleapis.com
fonts.gstatic.com
ka-f.fontawesome.com
kit.fontawesome.com
www.google-analytics.com
www.googletagmanager.com
188.119.120.155
202.165.66.85
2606:4700::6812:1734
2606:4700:e0::ac40:6527
2606:4700:e6::ac40:cb1c
2a00:1450:4001:808::2008
2a00:1450:4001:80e::200a
2a00:1450:4001:811::200e
2a00:1450:4001:825::2003
45.55.126.207
15f880c03625220c5009a79f809661ab76db228bd7be365feab294da3b4a0f6b
23aef20e5d6cac0b5e192994b8065a390cf169e91644e61bb25c860c4893106c
3043241ec3e7d25ddc2052131105611a115fb8aa32a8da4ea99cd86d8fd9abe8
4492156fcf7a679b28b4b75d5e84b2b5eec606d5da785eb67e73141d2df58db0
4ad38b7c287f942deb7829aaf55457fcde14621d6067c47a855e232598a956e3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
75d4b05c568e6e1b1b890b4ecbfe7d2c3cb0fa777300dd256d47d5aafc888929
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87a2729abe4d824617c1cf16d8cd2aa780095253d7b237655e654f926872d58e
8c7bba7deb64ff95e98f7ac8cd0d3b675a4bcf02f302e57edc5a1d6fa3d6cf94
92b80b2c3224ffb7a99a1c876a099c14bcb3656d9e5a835ae3febe98d603db5b
ac771e8323e6d3fbee11d63736bc26f6bc12ade4608105cbf20c23ed98a8aeb4
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
b2added3f22fd3bf9fa7bf4c2c577865087fba36708d1a4adbd045d35601ed27
d5c336543068fe4bfbd6cc01688a07c7d377e61238fc8d584b9f250e29696cca
d7cc3c57f9bda4c6dcb83bb3c19f2f2aa86ecec6274e243cd4ec315ae8e30101
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e9d6bc98f78fc68fd8df33f668599edd8fc680361a3182c0607b772194c769a6
f9e377b250e34a013d8bb775a2258cb1311638334b7e6fc1bc227fcf497b4487