benefits-authority.com Open in urlscan Pro
69.172.201.115 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://omrexchtest.omr.state.ny.us/7hl4PTL3cUw.aspx?NQQYhbjjxHlk=VJcSbnRzTTFP1iejbjs01wd3u01q2wx0z25d1p06hd2qznis9
Effective URL:
https://benefits-authority.com/?mbi=1602276502
Submission: On September 26 via api (September 26th 2024, 12:02:58 am UTC) from BE — Scanned from US

Summary HTTP 30 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 5 countries across 13 domains to perform 30 HTTP transactions. The main IP is 69.172.201.115, located in Canada and belongs to DOSARREST, US. The main domain is benefits-authority.com.
TLS certificate: Issued by R11 on September 23rd 2024. Valid for: 3 months.

This is the only time benefits-authority.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	91.234.34.44 91.234.34.44	56485 (THEHOST-AS) (THEHOST-AS)
1	62.210.7.109 62.210.7.109	12876 (Online SAS) (Online SAS)
2 2	45.147.195.6 45.147.195.6	49392 (ASBAXETN) (ASBAXETN)
1 1	35.190.6.55 35.190.6.55	15169 (GOOGLE) (GOOGLE)
1 3	69.172.200.185 69.172.200.185	19324 (DOSARREST) (DOSARREST)
7	69.172.201.115 69.172.201.115	19324 (DOSARREST) (DOSARREST)
1	199.232.192.193 199.232.192.193	54113 (FASTLY) (FASTLY)
1	2606:4700:10:... 2606:4700:10::6816:27b6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.164.124.56 18.164.124.56	16509 (AMAZON-02) (AMAZON-02)
6	52.22.142.87 52.22.142.87	14618 (AMAZON-AES) (AMAZON-AES)
2	3.168.122.23 3.168.122.23	16509 (AMAZON-02) (AMAZON-02)
1	18.164.124.11 18.164.124.11	16509 (AMAZON-02) (AMAZON-02)
3	44.196.33.210 44.196.33.210	14618 (AMAZON-AES) (AMAZON-AES)
1	3.167.180.67 3.167.180.67	16509 (AMAZON-02) (AMAZON-02)
4	3.208.131.91 3.208.131.91	14618 (AMAZON-AES) (AMAZON-AES)
30	12

1 91.234.34.44 (Kyiv Oblast, Ukraine) 1 redirects

ASN56485 (THEHOST-AS, UA)
PTR: gibson.gimmetravel.com

omrexchtest.omr.state.ny.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.210.7.109 (France)

ASN12876 (Online SAS, FR)
PTR: connect.sweetwaterfares.com

purelymandy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.147.195.6 (Moscow, Russian Federation) 2 redirects

ASN49392 (ASBAXETN, RU)

1ibeg.suggestedspins.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1ibeg.spinningfastloop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.6.55 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 55.6.190.35.bc.googleusercontent.com

www.dpvyw6trk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.172.200.185 (Canada) 1 redirects

ASN19324 (DOSARREST, US)
PTR: maxbounty.com

afflat3d3.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
av-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 69.172.201.115 (Canada)

ASN19324 (DOSARREST, US)

benefits-authority.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.192.193 (United States)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:27b6 (United States)

ASN13335 (CLOUDFLARENET, US)

create.lidstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.124.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-124-56.jfk50.r.cloudfront.net

api.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.22.142.87 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-142-87.compute-1.amazonaws.com

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.168.122.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-168-122-23.jfk52.r.cloudfront.net

cdn.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.124.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-124-11.jfk50.r.cloudfront.net

api.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.196.33.210 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-33-210.compute-1.amazonaws.com

trc.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.167.180.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-167-180-67.ord58.r.cloudfront.net

d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.208.131.91 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-131-91.compute-1.amazonaws.com

psp.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	pushnami.com api.pushnami.com — Cisco Umbrella Rank: 8257 cdn.pushnami.com — Cisco Umbrella Rank: 17595 trc.pushnami.com — Cisco Umbrella Rank: 8303 psp.pushnami.com — Cisco Umbrella Rank: 25396	369 KB
7	benefits-authority.com benefits-authority.com	560 KB
6	leadid.com create.leadid.com — Cisco Umbrella Rank: 15799	4 KB
2	av-api.com av-api.com	39 KB
1	cloudfront.net d2m2wsoho8qq12.cloudfront.net
1	lidstatic.com create.lidstatic.com — Cisco Umbrella Rank: 25553	39 KB
1	imgur.com i.imgur.com — Cisco Umbrella Rank: 8520	411 KB
1	afflat3d3.com 1 redirects afflat3d3.com	837 B
1	dpvyw6trk.com 1 redirects www.dpvyw6trk.com	710 B
1	spinningfastloop.com 1 redirects 1ibeg.spinningfastloop.com	972 B
1	suggestedspins.com 1 redirects 1ibeg.suggestedspins.com	1002 B
1	purelymandy.com purelymandy.com	468 B
1	state.ny.us 1 redirects omrexchtest.omr.state.ny.us	277 B
30	13

	Domain	Requested by
7	benefits-authority.com	purelymandy.com benefits-authority.com
6	create.leadid.com	create.lidstatic.com
4	psp.pushnami.com	cdn.pushnami.com api.pushnami.com
3	trc.pushnami.com	api.pushnami.com
2	cdn.pushnami.com	api.pushnami.com
2	api.pushnami.com	benefits-authority.com api.pushnami.com
2	av-api.com	benefits-authority.com
1	d2m2wsoho8qq12.cloudfront.net	create.lidstatic.com
1	create.lidstatic.com	benefits-authority.com
1	i.imgur.com
1	afflat3d3.com	1 redirects
1	www.dpvyw6trk.com	1 redirects
1	1ibeg.spinningfastloop.com	1 redirects
1	1ibeg.suggestedspins.com	1 redirects
1	purelymandy.com
1	omrexchtest.omr.state.ny.us	1 redirects
30	16

This site contains no links.

Subject Issuer	Validity	Valid
purelymandy.com Sectigo RSA Domain Validation Secure Server CA	`2024-05-16` - `2025-06-16`	a year	crt.sh
championautoinsurance.com R11	`2024-09-23` - `2024-12-22`	3 months	crt.sh
av-api.com R10	`2024-08-19` - `2024-11-17`	3 months	crt.sh
*.imgur.com Sectigo RSA Domain Validation Secure Server CA	`2024-02-15` - `2025-02-14`	a year	crt.sh
lidstatic.com E6	`2024-09-20` - `2024-12-19`	3 months	crt.sh
*.pushnami.com Amazon RSA 2048 M02	`2024-02-03` - `2025-03-03`	a year	crt.sh
create.leadid.com Amazon RSA 2048 M03	`2024-07-20` - `2025-08-18`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://benefits-authority.com/?mbi=1602276502
Frame ID: 73BFA176470297CC528338B82AEE7A12
Requests: 25 HTTP requests in this frame

Frame: https://api.pushnami.com/scripts/v1/hub
Frame ID: 4D59305279C8B2DB3E158347409CFBE4
Requests: 1 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=CEE28BDC-F9A7-DFF1-A814-EFCC9A3D3B3B&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.15.0&lck=D2FB0EC8-1E8C-A402-E4AC-9205FE98F622&lac=4B1F5928-2127-08FA-4EA5-F0DB210F6AAE
Frame ID: 59E3811A642E04B786A24DED68D277DD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Benefits Authority 2

Page URL History Show full URLs

http://omrexchtest.omr.state.ny.us/7hl4PTL3cUw.aspx?NQQYhbjjxHlk=VJcSbnRzTTFP1iejbjs01wd3u01q2wx0z25d1p06hd2qznis9 HTTP 307
https://omrexchtest.omr.state.ny.us/7hl4PTL3cUw.aspx?NQQYhbjjxHlk=VJcSbnRzTTFP1iejbjs01wd3u01q2wx0z25d1p06hd2qznis9 HTTP 307
http://omrexchtest.omr.state.ny.us/7hl4PTL3cUw.aspx?NQQYhbjjxHlk=VJcSbnRzTTFP1iejbjs01wd3u01q2wx0z25d1p06hd2qznis9 HTTP 302
https://purelymandy.com/1761401a35300e20800/35_1097433_2896449/2785_3189594_06hd2qz_61/1112807224_20... Page URL
https://1ibeg.suggestedspins.com/?kw=690052&s1=690052&s2=35_1097433_2896449&s3=1432917369&s4=45 HTTP 302
https://1ibeg.spinningfastloop.com/o/Z4LLRNST/a6b1d43a-7b9a-11ef-8b0d-c10ccf550c03/a6b9fdc2-7b9a-11ef-8b84-fdef... HTTP 302
https://www.dpvyw6trk.com/7P4RRF/QT9RR8R/?sub1=74698&sub2=a73701fa-7b9a-11ef-ba0a-09a890cdb4f9& HTTP 302
https://afflat3d3.com/lnk.asp?o=26996&c=918271&a=574293&k=8E60CC8BC6A39DC220372315C4F7B695&l=28846... HTTP 302
https://benefits-authority.com/?mbi=1602276502 Page URL

Detected technologies

Pushnami (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

api\.pushnami\.com

Page Statistics

30
Requests

100 %
HTTPS

7 %
IPv6

13
Domains

16
Subdomains

12
IPs

5
Countries

1422 kB
Transfer

2862 kB
Size

18
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://omrexchtest.omr.state.ny.us/7hl4PTL3cUw.aspx?NQQYhbjjxHlk=VJcSbnRzTTFP1iejbjs01wd3u01q2wx0z25d1p06hd2qznis9 HTTP 307
https://omrexchtest.omr.state.ny.us/7hl4PTL3cUw.aspx?NQQYhbjjxHlk=VJcSbnRzTTFP1iejbjs01wd3u01q2wx0z25d1p06hd2qznis9 HTTP 307
http://omrexchtest.omr.state.ny.us/7hl4PTL3cUw.aspx?NQQYhbjjxHlk=VJcSbnRzTTFP1iejbjs01wd3u01q2wx0z25d1p06hd2qznis9 HTTP 302
https://purelymandy.com/1761401a35300e20800/35_1097433_2896449/2785_3189594_06hd2qz_61/1112807224_208-252-80-125 Page URL
https://1ibeg.suggestedspins.com/?kw=690052&s1=690052&s2=35_1097433_2896449&s3=1432917369&s4=45 HTTP 302
https://1ibeg.spinningfastloop.com/o/Z4LLRNST/a6b1d43a-7b9a-11ef-8b0d-c10ccf550c03/a6b9fdc2-7b9a-11ef-8b84-fdef8d641156 HTTP 302
https://www.dpvyw6trk.com/7P4RRF/QT9RR8R/?sub1=74698&sub2=a73701fa-7b9a-11ef-ba0a-09a890cdb4f9& HTTP 302
https://afflat3d3.com/lnk.asp?o=26996&c=918271&a=574293&k=8E60CC8BC6A39DC220372315C4F7B695&l=28846&s1=148&s2=8fc077d9b18248419a4b75250cfef38c HTTP 302
https://benefits-authority.com/?mbi=1602276502 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://omrexchtest.omr.state.ny.us/7hl4PTL3cUw.aspx?NQQYhbjjxHlk=VJcSbnRzTTFP1iejbjs01wd3u01q2wx0z25d1p06hd2qznis9 HTTP 307
https://omrexchtest.omr.state.ny.us/7hl4PTL3cUw.aspx?NQQYhbjjxHlk=VJcSbnRzTTFP1iejbjs01wd3u01q2wx0z25d1p06hd2qznis9 HTTP 307
http://omrexchtest.omr.state.ny.us/7hl4PTL3cUw.aspx?NQQYhbjjxHlk=VJcSbnRzTTFP1iejbjs01wd3u01q2wx0z25d1p06hd2qznis9 HTTP 302
https://purelymandy.com/1761401a35300e20800/35_1097433_2896449/2785_3189594_06hd2qz_61/1112807224_208-252-80-125

30 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

1112807224_208-252-80-125
purelymandy.com/1761401a35300e20800/35_1097433_2896449/2785_3189594_06hd2qz_61/
Redirect Chain

http://omrexchtest.omr.state.ny.us/7hl4PTL3cUw.aspx?NQQYhbjjxHlk=VJcSbnRzTTFP1iejbjs01wd3u01q2wx0z25d1p06hd2qznis9
https://omrexchtest.omr.state.ny.us/7hl4PTL3cUw.aspx?NQQYhbjjxHlk=VJcSbnRzTTFP1iejbjs01wd3u01q2wx0z25d1p06hd2qznis9
http://omrexchtest.omr.state.ny.us/7hl4PTL3cUw.aspx?NQQYhbjjxHlk=VJcSbnRzTTFP1iejbjs01wd3u01q2wx0z25d1p06hd2qznis9
https://purelymandy.com/1761401a35300e20800/35_1097433_2896449/2785_3189594_06hd2qz_61/1112807224_208-252-80-125

158 B
468 B

1378ms
457ms

Document
text/html

62.210.7.109
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://purelymandy.com/1761401a35300e20800/35_1097433_2896449/2785_3189594_06hd2qz_61/1112807224_208-252-80-125
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.210.7.109 , France, ASN12876 (Online SAS, FR),
Reverse DNS: connect.sweetwaterfares.com
Software: Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Connection: close
Content-Length: 158
Content-Type: text/html; charset=UTF-8
Date: Thu, 26 Sep 2024 00:02:41 GMT
Server: Apache

Redirect headers

Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Thu, 26 Sep 2024 00:02:39 GMT
Location: https://purelymandy.com/1761401a35300e20800/35_1097433_2896449/2785_3189594_06hd2qz_61/1112807224_208-252-80-125
Server: Apache

GET
H/1.1

200
OK

Primary Request / Show response
benefits-authority.com/
Redirect Chain

https://1ibeg.suggestedspins.com/?kw=690052&s1=690052&s2=35_1097433_2896449&s3=1432917369&s4=45
https://1ibeg.spinningfastloop.com/o/Z4LLRNST/a6b1d43a-7b9a-11ef-8b0d-c10ccf550c03/a6b9fdc2-7b9a-11ef-8b84-fdef8d641156
https://www.dpvyw6trk.com/7P4RRF/QT9RR8R/?sub1=74698&sub2=a73701fa-7b9a-11ef-ba0a-09a890cdb4f9&
https://afflat3d3.com/lnk.asp?o=26996&c=918271&a=574293&k=8E60CC8BC6A39DC220372315C4F7B695&l=28846&s1=148&s2=8fc077d9b18248419a4b75250cfef38c
https://benefits-authority.com/?mbi=1602276502

3 KB
2 KB

204ms
57ms

Document
text/html

69.172.201.115
DOSARREST

General

Check archive.org

Show headers Download Go to

Full URL

https://benefits-authority.com/?mbi=1602276502

Requested by

Host: purelymandy.com
URL: https://purelymandy.com/1761401a35300e20800/35_1097433_2896449/2785_3189594_06hd2qz_61/1112807224_208-252-80-125

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.172.201.115 , Canada, ASN19324 (DOSARREST, US),

Reverse DNS

Software

nginx/1.20.2 / ASP.NET

Resource Hash

5051e2fb2fe91fdd7d5b32f1881c16a58b4dbd92a17a46c86d9d0bea5cb3e0b0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://purelymandy.com/1761401a35300e20800/35_1097433_2896449/2785_3189594_06hd2qz_61/1112807224_208-252-80-125
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1470
Content-Type: text/html
Date: Thu, 26 Sep 2024 00:02:44 GMT
ETag: "095ed8b90b6da1:0"
Keep-Alive: timeout=20
Last-Modified: Tue, 04 Jun 2024 15:04:50 GMT
Server: nginx/1.20.2
Vary: Accept-Encoding
X-DIS-Request-ID: e2bf290057c2c26b49f425778f8c47e1
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET

Redirect headers

Cache-Control: private
Connection: keep-alive
Content-Length: 166
Content-Type: text/html
Date: Thu, 26 Sep 2024 00:02:43 GMT
Keep-Alive: timeout=20
Location: https://benefits-authority.com?mbi=1602276502
Server: nginx/1.20.2
X-DIS-Request-ID: 64f7138c2e271b44fa916a6e28d45494
X-Powered-By: ASP.NET

GET
H/1.1 200
OK 2.9a56c832.chunk.css
benefits-authority.com/static/css/ 186 KB
55 KB 73ms
71ms Stylesheet
text/css 69.172.201.115
DOSARREST

General

Check archive.org

Show headers Download Go to

Full URL

https://benefits-authority.com/static/css/2.9a56c832.chunk.css

Requested by

Host: benefits-authority.com
URL: https://benefits-authority.com/?mbi=1602276502

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.172.201.115 , Canada, ASN19324 (DOSARREST, US),

Reverse DNS

Software

nginx/1.20.2 / ASP.NET

Resource Hash

14b075d2831615d4fb62e8b8271b62ed622ba8d36e51797d6df9ebbc95f96b58

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://benefits-authority.com/?mbi=1602276502

Response headers

Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
ETag: W/"095ed8b90b6da1:0"
Connection: keep-alive
X-DIS-Request-ID: 688621f2ca2b225e1309ae5c650dee18
Keep-Alive: timeout=20
Date: Thu, 26 Sep 2024 00:02:44 GMT
Content-Type: text/css
Last-Modified: Tue, 04 Jun 2024 15:04:50 GMT
Server: nginx/1.20.2
X-Powered-By: ASP.NET

GET
H/1.1 200
OK main.53dbd380.chunk.css
benefits-authority.com/static/css/ 5 KB
2 KB 137ms
50ms Stylesheet
text/css 69.172.201.115
DOSARREST

General

Check archive.org

Show headers Download Go to

Full URL

https://benefits-authority.com/static/css/main.53dbd380.chunk.css

Requested by

Host: benefits-authority.com
URL: https://benefits-authority.com/?mbi=1602276502

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.172.201.115 , Canada, ASN19324 (DOSARREST, US),

Reverse DNS

Software

nginx/1.20.2 / ASP.NET

Resource Hash

42f373b869a5f0a9438bac0f1866aad195a0ec3cf9be60a7036955499e5620a9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://benefits-authority.com/?mbi=1602276502

Response headers

X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET
Content-Encoding: gzip
ETag: "095ed8b90b6da1:0"
Connection: keep-alive
X-DIS-Request-ID: 56fb92b24d94941d38629e2037c25bf6
Accept-Ranges: bytes
Content-Length: 1634
Keep-Alive: timeout=20
Date: Thu, 26 Sep 2024 00:02:44 GMT
Content-Type: text/css
Last-Modified: Tue, 04 Jun 2024 15:04:50 GMT
Server: nginx/1.20.2
Vary: Accept-Encoding

GET
H/1.1 200
OK 2.12dd23d0.chunk.js Show response
benefits-authority.com/static/js/ 1 MB
475 KB 210ms
119ms Script
application/javascript 69.172.201.115
DOSARREST

General

Check archive.org

Show headers Download Go to

Full URL

https://benefits-authority.com/static/js/2.12dd23d0.chunk.js

Requested by

Host: benefits-authority.com
URL: https://benefits-authority.com/?mbi=1602276502

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.172.201.115 , Canada, ASN19324 (DOSARREST, US),

Reverse DNS

Software

nginx/1.20.2 / ASP.NET

Resource Hash

dd30f9294822c6d5c32e8fc4e4de069194ad4b9ca958d9f9265d321fc4aa3e44

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://benefits-authority.com/?mbi=1602276502

Response headers

X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET
Content-Encoding: gzip
ETag: "095ed8b90b6da1:0"
Connection: keep-alive
X-DIS-Request-ID: 0860f84b6f5ed7dc35d6ede445db39d3
Accept-Ranges: bytes
Content-Length: 486259
Keep-Alive: timeout=20
Date: Thu, 26 Sep 2024 00:02:44 GMT
Content-Type: application/javascript
Last-Modified: Tue, 04 Jun 2024 15:04:50 GMT
Server: nginx/1.20.2
Vary: Accept-Encoding

GET
H/1.1 200
OK main.37287f54.chunk.js Show response
benefits-authority.com/static/js/ 93 KB
22 KB 206ms
116ms Script
application/javascript 69.172.201.115
DOSARREST

General

Check archive.org

Show headers Download Go to

Full URL

https://benefits-authority.com/static/js/main.37287f54.chunk.js

Requested by

Host: benefits-authority.com
URL: https://benefits-authority.com/?mbi=1602276502

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.172.201.115 , Canada, ASN19324 (DOSARREST, US),

Reverse DNS

Software

nginx/1.20.2 / ASP.NET

Resource Hash

c02cb664f7b0323b2d7a5a5b4766f58466c22b62361a62b95b0471cc8330c5a6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://benefits-authority.com/?mbi=1602276502

Response headers

Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
ETag: W/"095ed8b90b6da1:0"
Connection: keep-alive
X-DIS-Request-ID: 8d154a75b138e711d101eff3da38705c
Keep-Alive: timeout=20
Date: Thu, 26 Sep 2024 00:02:44 GMT
Content-Type: application/javascript
Last-Modified: Tue, 04 Jun 2024 15:04:50 GMT
Server: nginx/1.20.2
X-Powered-By: ASP.NET

GET
H/1.1 200
OK a998777b1aacfbde293cbc28bffccd89 Show response
av-api.com/property/13/0/ 164 KB
32 KB 790ms
607ms Fetch
application/json 69.172.200.185
DOSARREST

General

Check archive.org

Show headers Download Go to

Full URL: https://av-api.com/property/13/0/a998777b1aacfbde293cbc28bffccd89?mbi=1602276502
Requested by: Host: benefits-authority.com
URL: https://benefits-authority.com/static/js/main.37287f54.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.172.200.185 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS: maxbounty.com
Software: nginx/1.20.2 / Express, ASP.NET
Resource Hash: 0a0e0e4969a55975dd087e82f841d813301c26e6559c3637f1ed18f7f42051ff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://benefits-authority.com/

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
ETag: W/"290d0-EXU/mOpyhgwZtaxq/9hlitIdk8o"
Connection: keep-alive
Access-Control-Allow-Credentials: true
X-DIS-Request-ID: 6c10254a8e93c7011455c234faa4afdd
Access-Control-Allow-Origin: https://benefits-authority.com
Keep-Alive: timeout=20
Date: Thu, 26 Sep 2024 00:02:45 GMT
Content-Type: application/json; charset=utf-8
Vary: Origin
Server: nginx/1.20.2
X-Powered-By: Express, ASP.NET

GET
H/1.1 200
OK favicon.ico
benefits-authority.com/ 4 KB
4 KB 31ms
31ms Other
image/x-icon 69.172.201.115
DOSARREST

General

Check archive.org

Show headers Download Go to

Full URL

https://benefits-authority.com/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.172.201.115 , Canada, ASN19324 (DOSARREST, US),

Reverse DNS

Software

nginx/1.20.2 / ASP.NET

Resource Hash

3d10f7da6c603178340081668c4ac5b3ae9743ca9a262ab0fcd312fbb9f48bdd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://benefits-authority.com/?mbi=1602276502

Response headers

X-Frame-Options: SAMEORIGIN
ETag: "25e9dfe3d35dda1:0"
Connection: keep-alive
X-DIS-Request-ID: d5918b302858fed35655dd9168e10413
Accept-Ranges: bytes
Content-Length: 3870
Keep-Alive: timeout=20
Date: Thu, 26 Sep 2024 00:02:44 GMT
Content-Type: image/x-icon
Last-Modified: Mon, 12 Feb 2024 16:52:40 GMT
Server: nginx/1.20.2
X-Powered-By: ASP.NET

GET
H/1.1 200
OK logo
av-api.com/cdn/image/site/22/ 7 KB
8 KB 181ms
86ms Image
image/png 69.172.200.185
DOSARREST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://av-api.com/cdn/image/site/22/logo
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.172.200.185 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS: maxbounty.com
Software: nginx/1.20.2 / Express, ASP.NET
Resource Hash: 5f1adb90a1acc45fd824b3a042617a48228fde56c778b5c4d7d9f0c3275dfc79

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://benefits-authority.com
Referer: https://benefits-authority.com/

Response headers

Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
X-DIS-Request-ID: 336fbeba07c8be63fb9457ef74375d16
Access-Control-Allow-Origin: https://benefits-authority.com
Keep-Alive: timeout=20
Date: Thu, 26 Sep 2024 00:02:45 GMT
Vary: Origin
Server: nginx/1.20.2
X-Powered-By: Express, ASP.NET

GET
H2 200 JgfDBX6.png
i.imgur.com/ 410 KB
411 KB 154ms
37ms Image
image/png 199.232.192.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/JgfDBX6.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.192.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

f99e785b0abda784b68fcf4840fbe98909760620f12002087f1af4b874971333

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://benefits-authority.com/

Response headers

etag: "7cc39a0991db31903bf8adc7fdbedbee"
age: 3167015
access-control-allow-methods: GET, OPTIONS
x-content-type-options: nosniff
x-cache: Miss from cloudfront, HIT, HIT
x-amz-cf-id: u-ejUqw-CLgwu1MFuWsle22RELUDKlRtquniQvj31HZtGC7rFApm4Q==
date: Thu, 26 Sep 2024 00:02:45 GMT
content-type: image/png
last-modified: Tue, 04 Jun 2024 20:04:06 GMT
x-cache-hits: 1439, 0
x-served-by: cache-iad-kjyo7100044-IAD, cache-ewr-kewr1740067-EWR
strict-transport-security: max-age=300
cache-control: public, max-age=31536000
x-timer: S1727308966.523162,VS0,VE1
accept-ranges: bytes
access-control-allow-origin: *
content-length: 420303
x-amz-cf-pop: MIA3-P1
server: cat factory 1.0
x-amz-server-side-encryption: AES256

GET
H2 200 d2fb0ec8-1e8c-a402-e4ac-9205fe98f622.js Show response
create.lidstatic.com/campaign/ 121 KB
39 KB 209ms
62ms Script
text/javascript 2606:4700:10::6816:27b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://create.lidstatic.com/campaign/d2fb0ec8-1e8c-a402-e4ac-9205fe98f622.js?snippet_version=2&callback=setUniversalLeadId
Requested by: Host: benefits-authority.com
URL: https://benefits-authority.com/static/js/main.37287f54.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:27b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b10ba9cbef05a78cee2d4a7929ca17601e5a548950222485a0d3210b843d74e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://benefits-authority.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"4abc12d0583a69a38379005e8e95eacc"
x-amz-version-id: twCQ4PuHOgpLnmrvwu5tilHUduYAvsSm
age: 875
date: Thu, 26 Sep 2024 00:02:45 GMT
content-type: text/javascript
last-modified: Mon, 15 Jul 2024 16:23:05 GMT
vary: Accept-Encoding
x-amz-id-2: tmQd/o7IImtT32m8isk4aQ3yxfMI7Rl8bRxX1v3RUwzVfz9ytHkD7H1mo9jZE5PY8tEYUo/cYZQ=
x-amz-replication-status: COMPLETED
cache-control: max-age=1800
x-amz-request-id: 24QYYD0KE8CYJDEH
cf-ray: 8c8efcaaef3043d0-EWR
access-control-allow-origin: *
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 662a836a473fc40013e65c89 Show response
api.pushnami.com/scripts/v1/pushnami-adv/ 94 KB
20 KB 181ms
44ms Script
application/javascript 18.164.124.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pushnami.com/scripts/v1/pushnami-adv/662a836a473fc40013e65c89
Requested by: Host: benefits-authority.com
URL: https://benefits-authority.com/static/js/main.37287f54.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-56.jfk50.r.cloudfront.net
Software: /
Resource Hash: 008bf334cdba91db068acb7f3756e756a356b4ddb4832486f2b10c1b27e7cdce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://benefits-authority.com/

Response headers

cache-control: no-cache
content-encoding: gzip
age: 531
via: 1.1 b85629c88fd144a4bf7989a1ad1ecc54.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: E40uPz4ABNCkhjxt8EBfAAHBInGco_XkeqZuAnIDwC4XjXWnyUfnng==
date: Wed, 25 Sep 2024 23:53:54 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding
x-amz-cf-pop: JFK50-P7

GET
H2 200 noscript.gif
create.leadid.com/ 43 B
642 B 186ms
55ms Image
image/gif 52.22.142.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://create.leadid.com/noscript.gif?lac=4b1f5928-2127-08fa-4ea5-f0db210f6aae&lck=d2fb0ec8-1e8c-a402-e4ac-9205fe98f622&snippet_version=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.22.142.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-142-87.compute-1.amazonaws.com

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://benefits-authority.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-max-age: 1728000
content-encoding: none
etag: F23C6F11-AE70-2FED-D9A8-FBD36D2FAA9A
access-control-allow-origin: *
date: Thu, 26 Sep 2024 00:02:45 GMT
content-type: image/gif
last-modified: Thu, 26 Sep 2024 00:02:45 GMT
server: nginx
access-control-allow-headers: X-Requested-With, Content-Type

GET
H/1.1 200
OK favicon.ico
benefits-authority.com/ 4 KB
0 0ms
0ms Other
image/x-icon 69.172.201.115
DOSARREST

General

Check archive.org

Show headers Download Go to

Full URL

https://benefits-authority.com/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.172.201.115 , Canada, ASN19324 (DOSARREST, US),

Reverse DNS

Software

nginx/1.20.2 / ASP.NET

Resource Hash

3d10f7da6c603178340081668c4ac5b3ae9743ca9a262ab0fcd312fbb9f48bdd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://benefits-authority.com/?mbi=1602276502

Response headers

X-Powered-By: ASP.NET
ETag: "25e9dfe3d35dda1:0"
X-DIS-Request-ID: d5918b302858fed35655dd9168e10413
Accept-Ranges: bytes
Content-Length: 3870
Date: Thu, 26 Sep 2024 00:02:44 GMT
Content-Type: image/x-icon
Last-Modified: Mon, 12 Feb 2024 16:52:40 GMT
Server: nginx/1.20.2
X-Frame-Options: SAMEORIGIN

GET
H2 200 fcm-v1-module.019781ec7a1c97363e85.bundle.js Show response
cdn.pushnami.com/js/modules/ 46 KB
15 KB 231ms
55ms Script
application/javascript 3.168.122.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pushnami.com/js/modules/fcm-v1-module.019781ec7a1c97363e85.bundle.js
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/662a836a473fc40013e65c89
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.168.122.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-168-122-23.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b41d7402cbdab32acba31cfdd479730c74b7527fa7c881b0486098bd1a895607

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://benefits-authority.com/

Response headers

vary: Accept-Encoding
content-encoding: gzip
x-amz-version-id: DKNNXfrKVNQFoskvuTtbaAOVbVs0JYVO
etag: W/"09467cbbdfbe0b4f7131476215348a19"
age: 2385
via: 1.1 a6101f490efdcd8c3e74fbf369857e00.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: NB8nbXMhPS2CkmYdG02i1570PMBCybXi022Meklw6C6AhfawReuv4g==
date: Wed, 25 Sep 2024 23:23:01 GMT
content-type: application/javascript
last-modified: Fri, 10 May 2024 21:23:38 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P7
x-amz-server-side-encryption: AES256

GET
H2 200 hub
api.pushnami.com/scripts/v1/ Frame 4D59 0
0 107ms
26ms Document
text/html 18.164.124.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pushnami.com/scripts/v1/hub

Requested by

Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/662a836a473fc40013e65c89

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-11.jfk50.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' *
X-Content-Security-Policy	default-src 'unsafe-inline' *

Request headers

Referer: https://benefits-authority.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-origin: *
age: 1590
cache-control: no-cache
content-encoding: gzip
content-security-policy: default-src 'unsafe-inline' *
content-type: text/html; charset=utf-8
date: Wed, 25 Sep 2024 23:36:15 GMT
vary: accept-encoding
via: 1.1 eb7da8ca0dd07aa429ce47312003e292.cloudfront.net (CloudFront)
x-amz-cf-id: EgpeGCFKJtTn2BQZrdXKU3x4MIrYevQpSGNPmrOnRURboXciqIseVw==
x-amz-cf-pop: JFK50-P7
x-cache: Hit from cloudfront
x-content-security-policy: default-src 'unsafe-inline' *
x-webkit-csp: default-src 'unsafe-inline' *

POST
H2 200 track Show response
trc.pushnami.com/api/push/ 2 B
168 B 72ms
72ms Fetch
text/html 44.196.33.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/662a836a473fc40013e65c89
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.196.33.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-33-210.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

key: 662a836a473fc40013e65c89
Referer: https://benefits-authority.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept: application/json, text/plain, */*
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
access-control-expose-headers: WWW-Authenticate,Server-Authorization
content-length: 2
cache-control: no-cache
date: Thu, 26 Sep 2024 00:02:45 GMT
content-type: text/html; charset=utf-8

OPTIONS
H2 204 track
trc.pushnami.com/api/push/ Frame 0
0 165ms
47ms Preflight 44.196.33.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.196.33.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-33-210.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: key
Access-Control-Request-Method: POST
Origin: https://benefits-authority.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,key
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: WWW-Authenticate,Server-Authorization
access-control-max-age: 86400
cache-control: no-cache
date: Thu, 26 Sep 2024 00:02:45 GMT

POST
H2 200 GenerateToken Show response
create.leadid.com/2.15.0/ 36 B
657 B 198ms
97ms XHR
text/plain 52.22.142.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.15.0/GenerateToken?msn=1&pid=7fcec6cc-7ecc-41c8-8654-4d67e12d5e5f&_=233325895

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/d2fb0ec8-1e8c-a402-e4ac-9205fe98f622.js?snippet_version=2&callback=setUniversalLeadId

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.22.142.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-142-87.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e769ef82d90b000307ee280bb6b2f4879fb184b4b9173e06ac316aa2bfc941a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://benefits-authority.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-max-age: 1728000
cache-control: no-cache, must-revalidate
content-encoding: gzip
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
date: Thu, 26 Sep 2024 00:02:45 GMT
content-type: text/plain;charset=UTF-8
server: nginx
access-control-allow-headers: X-Requested-With, Content-Type

GET
H2 200 psfpv4_client_1.128.0_e69807988e393582df7e4f36997f32ce191eefb9bae310a2b10e144b1d3638f9.js Show response
cdn.pushnami.com/js/exp/ 333 KB
334 KB 81ms
68ms Script
application/javascript 3.168.122.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pushnami.com/js/exp/psfpv4_client_1.128.0_e69807988e393582df7e4f36997f32ce191eefb9bae310a2b10e144b1d3638f9.js
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/662a836a473fc40013e65c89
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.168.122.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-168-122-23.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e69807988e393582df7e4f36997f32ce191eefb9bae310a2b10e144b1d3638f9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://benefits-authority.com/

Response headers

content-encoding: utf-8
x-amz-version-id: iJVtw0MDnvg5Vkf9zg8GHQyDY6vN4ZdU
etag: "4b9f77845d59f14274d2b8d4b1112ca4"
age: 2379
via: 1.1 a6101f490efdcd8c3e74fbf369857e00.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 340965
x-amz-cf-id: 5dNf3WtxasbPaCcWvbKpktPt5bYg6p72h64Nc5dguxTh1BWadk-6mA==
date: Wed, 25 Sep 2024 23:23:07 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 12 Aug 2024 17:22:56 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P7
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame 59E3 0
0 318ms
114ms Document
text/html 3.167.180.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=CEE28BDC-F9A7-DFF1-A814-EFCC9A3D3B3B&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.15.0&lck=D2FB0EC8-1E8C-A402-E4AC-9205FE98F622&lac=4B1F5928-2127-08FA-4EA5-F0DB210F6AAE

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/d2fb0ec8-1e8c-a402-e4ac-9205fe98f622.js?snippet_version=2&callback=setUniversalLeadId

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

3.167.180.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-167-180-67.ord58.r.cloudfront.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://benefits-authority.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Age: 36944
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Wed, 25 Sep 2024 13:47:02 GMT
Etag: W/"668f4bcd-dbb"
Last-Modified: Thu, 11 Jul 2024 03:04:45 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Via: 1.1 2ea352b31101ce02fe53ce49f43cbf16.cloudfront.net (CloudFront)
X-Amz-Cf-Id: VnU8w-27aDM7c8twQnU1r7jSSbnxgOZsJ9pmW1jus9hMjqUsjVtyZA==
X-Amz-Cf-Pop: ORD58-P10
X-Cache: Hit from cloudfront

POST
H2 200 SaveDom Show response
create.leadid.com/2.15.0/ 0
621 B 34ms
33ms XHR
text/plain 52.22.142.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.15.0/SaveDom?msn=2&pid=7fcec6cc-7ecc-41c8-8654-4d67e12d5e5f&token=CEE28BDC-F9A7-DFF1-A814-EFCC9A3D3B3B&_=233325896

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/d2fb0ec8-1e8c-a402-e4ac-9205fe98f622.js?snippet_version=2&callback=setUniversalLeadId

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.22.142.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-142-87.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://benefits-authority.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-max-age: 1728000
cache-control: no-cache, must-revalidate
content-encoding: gzip
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
date: Thu, 26 Sep 2024 00:02:45 GMT
content-type: text/plain;charset=UTF-8
server: nginx
access-control-allow-headers: X-Requested-With, Content-Type

POST
H2 200 InitFormData Show response
create.leadid.com/2.15.0/ 0
620 B 81ms
80ms XHR
text/plain 52.22.142.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.15.0/InitFormData?msn=3&pid=7fcec6cc-7ecc-41c8-8654-4d67e12d5e5f&token=CEE28BDC-F9A7-DFF1-A814-EFCC9A3D3B3B&_=233325897

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/d2fb0ec8-1e8c-a402-e4ac-9205fe98f622.js?snippet_version=2&callback=setUniversalLeadId

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.22.142.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-142-87.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://benefits-authority.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-max-age: 1728000
cache-control: no-cache, must-revalidate
content-encoding: gzip
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
date: Thu, 26 Sep 2024 00:02:45 GMT
content-type: text/plain;charset=UTF-8
server: nginx
access-control-allow-headers: X-Requested-With, Content-Type

OPTIONS
H2 204 data
psp.pushnami.com/psfp/ Frame 0
0 219ms
81ms Preflight 3.208.131.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/psfp/data
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.208.131.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-208-131-91.compute-1.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://benefits-authority.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Thu, 26 Sep 2024 00:02:46 GMT
vary: Access-Control-Request-Headers
x-powered-by: Express

POST
H2 201 data Show response
psp.pushnami.com/psfp/ 61 B
221 B 31ms
31ms Fetch
application/json 3.208.131.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/psfp/data
Requested by: Host: cdn.pushnami.com
URL: https://cdn.pushnami.com/js/exp/psfpv4_client_1.128.0_e69807988e393582df7e4f36997f32ce191eefb9bae310a2b10e144b1d3638f9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.208.131.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-208-131-91.compute-1.amazonaws.com
Software: / Express
Resource Hash: e97235aeca9bd454a4f365f76485e443d73f13626c6346388e1ef59b881ad33c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/octet-stream
Referer: https://benefits-authority.com/

Response headers

access-control-allow-origin: *
content-length: 61
date: Thu, 26 Sep 2024 00:02:47 GMT
etag: W/"3d-n9SL6FRjDutfkQoWbTCC0m3UWG4"
content-type: application/json; charset=utf-8
x-powered-by: Express

POST
H2 200 Snap Show response
create.leadid.com/2.15.0/ 0
620 B 119ms
82ms XHR
text/plain 52.22.142.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.15.0/Snap?msn=4&pid=7fcec6cc-7ecc-41c8-8654-4d67e12d5e5f&token=CEE28BDC-F9A7-DFF1-A814-EFCC9A3D3B3B&_=233325898

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/d2fb0ec8-1e8c-a402-e4ac-9205fe98f622.js?snippet_version=2&callback=setUniversalLeadId

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.22.142.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-142-87.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://benefits-authority.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-max-age: 1728000
cache-control: no-cache, must-revalidate
content-encoding: gzip
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
date: Thu, 26 Sep 2024 00:02:46 GMT
content-type: text/plain;charset=UTF-8
server: nginx
access-control-allow-headers: X-Requested-With, Content-Type

POST
H2 200 psp Show response
psp.pushnami.com/api/ 2 B
152 B 176ms
174ms Fetch
text/html 3.208.131.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/662a836a473fc40013e65c89
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.208.131.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-208-131-91.compute-1.amazonaws.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

key: 662a836a473fc40013e65c89
Referer: https://benefits-authority.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept: application/json, text/plain, */*
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
content-length: 2
date: Thu, 26 Sep 2024 00:02:47 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type: text/html; charset=utf-8
x-powered-by: Express

OPTIONS
H2 204 psp
psp.pushnami.com/api/ Frame 0
0 28ms
28ms Preflight 3.208.131.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.208.131.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-208-131-91.compute-1.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: key
Access-Control-Request-Method: POST
Origin: https://benefits-authority.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: key
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Thu, 26 Sep 2024 00:02:47 GMT
vary: Access-Control-Request-Headers
x-powered-by: Express

POST
H2 200 track Show response
trc.pushnami.com/api/push/ 2 B
168 B 97ms
95ms Fetch
text/html 44.196.33.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/662a836a473fc40013e65c89
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.196.33.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-33-210.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

key: 662a836a473fc40013e65c89
Referer: https://benefits-authority.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept: application/json, text/plain, */*
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
access-control-expose-headers: WWW-Authenticate,Server-Authorization
content-length: 2
cache-control: no-cache
date: Thu, 26 Sep 2024 00:02:47 GMT
content-type: text/html; charset=utf-8

POST
H2 200 Snap Show response
create.leadid.com/2.15.0/ 0
621 B 112ms
81ms XHR
text/plain 52.22.142.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.15.0/Snap?msn=5&pid=7fcec6cc-7ecc-41c8-8654-4d67e12d5e5f&token=CEE28BDC-F9A7-DFF1-A814-EFCC9A3D3B3B&_=233325899

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/d2fb0ec8-1e8c-a402-e4ac-9205fe98f622.js?snippet_version=2&callback=setUniversalLeadId

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.22.142.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-142-87.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://benefits-authority.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-max-age: 1728000
cache-control: no-cache, must-revalidate
content-encoding: gzip
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
date: Thu, 26 Sep 2024 00:02:47 GMT
content-type: text/plain;charset=UTF-8
server: nginx
access-control-allow-headers: X-Requested-With, Content-Type

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
purelymandy.com/	1970-01-21 00:31:40	Name: uid45 Value: 1432917369-20240925200241-661ad68fbf1737861b94d89283d7c15c-
1ibeg.suggestedspins.com/	1970-01-20 23:48:36	Name: yredir_session Value: eyJpdiI6IjJrY0FRUm5KQ2Y3UGFKalAxbnhrL0E9PSIsInZhbHVlIjoiZFJrcXI2VEw4cEpyWDNIWENSZ2sxVWdBUkw0L0dZVlEzQm1wZUZ5ZDFETWU3NDQ4bGRoN3VWd3ErUWgxUHN6NW4wZXBlSWtnZTNtZDdVZkk1OU5WN0JSNERUMDRJMFU2RnYwbTM5OW9pclcwbmk4NVJ1QUd6UWp3V05HRUlpV0ciLCJtYWMiOiJiMWU3YmNiYmE2MWU3MTNiODc1OGE3N2UyOWM0MGU0YzU2MDU1ZDViZjQyOTkyZThlYWU2OTg3NjdlMmFjZmI5IiwidGFnIjoiIn0%3D
1ibeg.spinningfastloop.com/	1970-01-20 23:48:36	Name: yredir_session Value: eyJpdiI6Ik9VSjh3SWN6MnlSOHN3T0hOeC95YXc9PSIsInZhbHVlIjoiL1Q5ZUc0UXlRWU8rRDNDNlYxNHdoUGFrWmF1Zm5pcHB0dWkxSmV1R2JFUDB0TWdlRWE5OE5KdVdSek43REQzaFNKbU5zUFRXQnhSSC94dmJ1UHRUU1BwNlNpYXBTWTRkb0hVM2ltVG8vK093czVaS1FpZWxJajAyZko4bzRvZ2IiLCJtYWMiOiI1MmU3ODNkYmFlNTFiYWZkNTFhMTU4NWM2MjQ5NzAzYTEwOTJjYzU2NTc3OGVhZGM3NmQ2NDJlN2I1ODc4MzU2IiwidGFnIjoiIn0%3D
www.dpvyw6trk.com/	1970-01-21 00:31:40	Name: uniqueClick_QT9RR8R Value: 2c0f8f51-9b36-4310-80a0-c41249f923ae:1727308963
www.dpvyw6trk.com/	1970-01-21 01:58:04	Name: transaction_id Value: 8fc077d9b18248419a4b75250cfef38c
afflat3d3.com/	1970-01-21 01:14:38	Name: mb_26996_SS Value: AF=574293&AC=1602276502&CS=1602850795
afflat3d3.com/	1970-01-21 09:24:28	Name: I_SS Value: 1602276502
afflat3d3.com/	1970-01-21 09:24:28	Name: I Value: 1602276502
afflat3d3.com/	1970-01-21 01:13:44	Name: mb%5F26996 Value: AC=1602276502&CS=1602850795&AF=574293
afflat3d3.com/	1969-12-31 23:59:59	Name: ASPSESSIONIDAUDQQCCR Value: LDOAEIECJBJGFKCIGAAONMNN
benefits-authority.com/	1970-01-21 09:24:28	Name: mbi Value: 1602276502
benefits-authority.com/	1970-01-21 09:24:28	Name: avtc Value: a998777b1aacfbde293cbc28bffccd89
benefits-authority.com/	1970-01-21 09:24:28	Name: avtset Value: 22-192
benefits-authority.com/	1969-12-31 23:59:59	Name: leadid_token-4B1F5928-2127-08FA-4EA5-F0DB210F6AAE-D2FB0EC8-1E8C-A402-E4AC-9205FE98F622 Value: CEE28BDC-F9A7-DFF1-A814-EFCC9A3D3B3B
.trueleadid.com/	1969-12-31 23:59:59	Name: nlbi_3051494 Value: vWV0O1sg9DkHLBGJC30iGwAAAAAMtc/WhCezelvGO7X6zinF
.trueleadid.com/	1970-01-21 08:33:06	Name: visid_incap_3051494 Value: z3OMByEpQ8qvxR9kNQ/RxaWk9GYAAAAAQUIPAAAAAADqHq5jU8gPssTcp39mGsN0
.trueleadid.com/	1969-12-31 23:59:59	Name: incap_ses_274_3051494 Value: OyEfb3P5pQIYBJifsXHNA6Wk9GYAAAAAFcuB2dFh7k7ptECknYbjww==
.deviceid.trueleadid.com/	1970-01-21 09:24:28	Name: uuid Value: 39a291ea981745ce979fdb656726e4e7

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://benefits-authority.com/?mbi=1602276502# Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1ibeg.spinningfastloop.com
1ibeg.suggestedspins.com
afflat3d3.com
api.pushnami.com
av-api.com
benefits-authority.com
cdn.pushnami.com
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
i.imgur.com
omrexchtest.omr.state.ny.us
psp.pushnami.com
purelymandy.com
trc.pushnami.com
www.dpvyw6trk.com
18.164.124.11
18.164.124.56
199.232.192.193
2606:4700:10::6816:27b6
3.167.180.67
3.168.122.23
3.208.131.91
35.190.6.55
44.196.33.210
45.147.195.6
52.22.142.87
62.210.7.109
69.172.200.185
69.172.201.115
91.234.34.44
008bf334cdba91db068acb7f3756e756a356b4ddb4832486f2b10c1b27e7cdce
0a0e0e4969a55975dd087e82f841d813301c26e6559c3637f1ed18f7f42051ff
14b075d2831615d4fb62e8b8271b62ed622ba8d36e51797d6df9ebbc95f96b58
3d10f7da6c603178340081668c4ac5b3ae9743ca9a262ab0fcd312fbb9f48bdd
42f373b869a5f0a9438bac0f1866aad195a0ec3cf9be60a7036955499e5620a9
4b10ba9cbef05a78cee2d4a7929ca17601e5a548950222485a0d3210b843d74e
5051e2fb2fe91fdd7d5b32f1881c16a58b4dbd92a17a46c86d9d0bea5cb3e0b0
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5f1adb90a1acc45fd824b3a042617a48228fde56c778b5c4d7d9f0c3275dfc79
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b41d7402cbdab32acba31cfdd479730c74b7527fa7c881b0486098bd1a895607
c02cb664f7b0323b2d7a5a5b4766f58466c22b62361a62b95b0471cc8330c5a6
dd30f9294822c6d5c32e8fc4e4de069194ad4b9ca958d9f9265d321fc4aa3e44
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e69807988e393582df7e4f36997f32ce191eefb9bae310a2b10e144b1d3638f9
e769ef82d90b000307ee280bb6b2f4879fb184b4b9173e06ac316aa2bfc941a4
e97235aeca9bd454a4f365f76485e443d73f13626c6346388e1ef59b881ad33c
f99e785b0abda784b68fcf4840fbe98909760620f12002087f1af4b874971333

benefits-authority.com Open in urlscan Pro 69.172.201.115 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

30 Requests

100 %HTTPS

7 %IPv6

13 Domains

16 Subdomains

12 IPs

5 Countries

1422 kBTransfer

2862 kBSize

18 Cookies

0 Outgoing links

Page URL History

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

benefits-authority.com Open in urlscan Pro
69.172.201.115 Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

100 %
HTTPS

7 %
IPv6

13
Domains

16
Subdomains

12
IPs

5
Countries

1422 kB
Transfer

2862 kB
Size

18
Cookies

30 HTTP transactions
0 data transactions