urlscan.io logo urlscan.io
SecurityTrails logo

benefits.benefit-relief.com Open in urlscan Pro
2606:4700:3037::6818:6602  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://life9checks.com/life/B_VqkX_
Effective URL: https://benefits.benefit-relief.com/sf/1/0?sfhp=bgchk&sfhp2=bgchk&s1=472577&s2=978677905&s3=life
Submission: On December 29 via manual from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 8 domains to perform 25 HTTP transactions. The main IP is 2606:4700:3037::6818:6602, located in United States and belongs to CLOUDFLARENET, US. The main domain is benefits.benefit-relief.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 24th 2020. Valid for: a year.
This is the only time benefits.benefit-relief.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    104.255.101.154 (United States)

ASN13830 (NEXRIL, US)
life9checks.com
1    51.81.252.11 (United States)

ASN16276 (OVH, FR)
PTR: ip11.ip-51-81-252.us
fiascors.com
5    2606:4700:3037::6818:6602 (United States)

ASN13335 (CLOUDFLARENET, US)
benefits.benefit-relief.com
1    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
2    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2606:4700:e6::ac40:cb1c (United States)

ASN13335 (CLOUDFLARENET, US)
ka-f.fontawesome.com
1    2a00:1450:4001:81e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    45.55.126.207 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
beacon.benefit-relief.com
Domain Requested by
6 ka-f.fontawesome.com kit.fontawesome.com
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
benefits.benefit-relief.com
5 benefits.benefit-relief.com fiascors.com
benefits.benefit-relief.com
3 beacon.benefit-relief.com 1 redirects benefits.benefit-relief.com
2 www.googletagmanager.com benefits.benefit-relief.com
2 life9checks.com 1 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 kit.fontawesome.com benefits.benefit-relief.com
1 fonts.googleapis.com benefits.benefit-relief.com
1 fiascors.com life9checks.com
25 10

This site contains no links.

Subject Issuer Validity Valid
www.fiascors.com
Go Daddy Secure Certificate Authority - G2		 2020-10-15 -
2021-10-15		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-09-24 -
2021-09-24		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-13 -
2021-12-14		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
beacon.benefit-relief.com
Let's Encrypt Authority X3		 2020-11-25 -
2021-02-23		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://benefits.benefit-relief.com/sf/1/0?sfhp=bgchk&sfhp2=bgchk&s1=472577&s2=978677905&s3=life
Frame ID: 8C836A392210E07F34CAF8CA8EA419BD
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://life9checks.com/life/B_VqkX_ Page URL
  2. http://life9checks.com/get/life/B_VqkX_ HTTP 307
    https://fiascors.com/1002f4185babd475800/life// Page URL
  3. https://benefits.benefit-relief.com/sf/1/0?sfhp=bgchk&sfhp2=bgchk&s1=472577&s2=978677905&s3=life Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<[^>]+data-react/i
Overall confidence: 100%
Detected patterns
  • html /<script[^>]* src=[^>]+fontawesome(?:\.js)?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

25
Requests

96 %
HTTPS

73 %
IPv6

8
Domains

10
Subdomains

11
IPs

2
Countries

178 kB
Transfer

592 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://life9checks.com/life/B_VqkX_ Page URL
  2. http://life9checks.com/get/life/B_VqkX_ HTTP 307
    https://fiascors.com/1002f4185babd475800/life// Page URL
  3. https://benefits.benefit-relief.com/sf/1/0?sfhp=bgchk&sfhp2=bgchk&s1=472577&s2=978677905&s3=life Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://life9checks.com/get/life/B_VqkX_ HTTP 307
  • https://fiascors.com/1002f4185babd475800/life//
Request Chain 21
  • https://beacon.benefit-relief.com/g2/0b545203-e67b-4ce7-b1bb-1be1c66f43aa?s1=472577&s2=978677905&s3=life&sfhp=bgchk&sfhp2=bgchk HTTP 302
  • https://beacon.benefit-relief.com/s/8d2c227a-41b4-48cb-9b49-664d3226574c?&requestid=VyzI-xQZh5&destinationid=919890070&s1=472577&s2=978677905&s3=life&sfhp=bgchk&sfhp2=bgchk

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
B_VqkX_
life9checks.com/life/ 		234 B
462 B 		Document
General
Check archive.org
Download Go to
Full URL
http://life9checks.com/life/B_VqkX_
Protocol
HTTP/1.1
Server
104.255.101.154 , United States, ASN13830 (NEXRIL, US),
Reverse DNS
Software
nginx/1.19.2 / Express
Resource Hash
55777ff2f48a35b7644b9521041bdceddbf1234e8bef3a89c9e0b051ad54e7c4

Request headers

Host
life9checks.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx/1.19.2
Date
Tue, 29 Dec 2020 02:08:45 GMT
Content-Type
text/html; charset=utf-8
Content-Length
234
Connection
keep-alive
X-Powered-By
Express
ETag
W/"ea-iXZ6LiFlJYVPsOZ1lEZUYwwiJgw"
Cookie set /
fiascors.com/1002f4185babd475800/life//
Redirect Chain
  • http://life9checks.com/get/life/B_VqkX_
  • https://fiascors.com/1002f4185babd475800/life//
159 B
452 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fiascors.com/1002f4185babd475800/life//
Requested by
Host: life9checks.com
URL: http://life9checks.com/life/B_VqkX_
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.81.252.11 , United States, ASN16276 (OVH, FR),
Reverse DNS
ip11.ip-51-81-252.us
Software
Apache /
Resource Hash
dd091a8f125926bc96c5413e05a91927f943c2e5b21e54d1f77dd1c1fafea79b

Request headers

Host
fiascors.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
http://life9checks.com/life/B_VqkX_
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://life9checks.com/life/B_VqkX_

Response headers

Date
Tue, 29 Dec 2020 02:08:47 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
159
Server
Apache
Set-Cookie
uid16327=978677905-20201228200846-eb4076398f9d21e9ab6491b857c4caaa-; domain=; expires=Fri, 29-Jan-2021 01:08:47 GMT; path=/; SameSite=None; Secure

Redirect headers

Server
nginx/1.19.2
Date
Tue, 29 Dec 2020 02:08:45 GMT
Content-Type
text/html; charset=utf-8
Content-Length
151
Connection
keep-alive
X-Powered-By
Express
Location
https://fiascors.com/1002f4185babd475800/life//
Vary
Accept
Primary Request 0
benefits.benefit-relief.com/sf/1/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://benefits.benefit-relief.com/sf/1/0?sfhp=bgchk&sfhp2=bgchk&s1=472577&s2=978677905&s3=life
Requested by
Host: fiascors.com
URL: https://fiascors.com/1002f4185babd475800/life//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6818:6602 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8c350d2202faebca4e6f7df90e09cfb4145b7bc766cf90cf04f4f9fe4044494

Request headers

:method
GET
:authority
benefits.benefit-relief.com
:scheme
https
:path
/sf/1/0?sfhp=bgchk&sfhp2=bgchk&s1=472577&s2=978677905&s3=life
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://fiascors.com/1002f4185babd475800/life//
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fiascors.com/1002f4185babd475800/life//

Response headers

date
Tue, 29 Dec 2020 02:08:47 GMT
content-type
text/html
set-cookie
__cfduid=d20f372d5bdf44561e95b24b52b2397671609207727; expires=Thu, 28-Jan-21 02:08:47 GMT; path=/; domain=.benefit-relief.com; HttpOnly; SameSite=Lax; Secure
last-modified
Thu, 22 Oct 2020 13:56:33 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
074dda5c4000004a7adc099000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NMtAVR%2F9RuL1Wv0AibYyxymffUWJlrvu7WpLGDmPOx22bJFfU3qIWlz%2B4wNpDiT3%2BlLmKHrTD3SzW7HClgzhHHtYRHYJFC2aoBQzJmZtsX9GUXuIN1CxkXane1Fd27V1jeMAjiQFdRA%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
608ff9a6cb5a4a7a-FRA
content-encoding
br
css
fonts.googleapis.com/ 		5 KB
732 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700,900|Poppins:300,400,700&display=swap
Requested by
Host: benefits.benefit-relief.com
URL: https://benefits.benefit-relief.com/sf/1/0?sfhp=bgchk&sfhp2=bgchk&s1=472577&s2=978677905&s3=life
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d5c336543068fe4bfbd6cc01688a07c7d377e61238fc8d584b9f250e29696cca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 29 Dec 2020 02:08:47 GMT
server
ESF
date
Tue, 29 Dec 2020 02:08:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 29 Dec 2020 02:08:47 GMT
268a7048dd.js
kit.fontawesome.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/268a7048dd.js
Requested by
Host: benefits.benefit-relief.com
URL: https://benefits.benefit-relief.com/sf/1/0?sfhp=bgchk&sfhp2=bgchk&s1=472577&s2=978677905&s3=life
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7e2306b0d955f8963bdf73fde958e7ae330e48b2557fa0065b5b570ca2e3b82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://benefits.benefit-relief.com/sf/1/0?sfhp=bgchk&sfhp2=bgchk&s1=472577&s2=978677905&s3=life
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Dec 2020 02:08:47 GMT
content-encoding
gzip
vary
origin, accept-encoding
cf-cache-status
MISS
strict-transport-security
max-age=31536000; preload
cf-request-id
074dda5cca0000dfadd99ee000000001
x-request-id
FlUN5u0zI76UBpNus6hi
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=60, private, must-revalidate
cf-ray
608ff9a7aa21dfad-FRA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
js
www.googletagmanager.com/gtag/ 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-92483201-41
Requested by
Host: benefits.benefit-relief.com
URL: https://benefits.benefit-relief.com/sf/1/0?sfhp=bgchk&sfhp2=bgchk&s1=472577&s2=978677905&s3=life
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1330cf24cf40d021503cea2401ccd1659eee60fdfa8650bb0d2be8f5c517e456
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://benefits.benefit-relief.com/sf/1/0?sfhp=bgchk&sfhp2=bgchk&s1=472577&s2=978677905&s3=life
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Dec 2020 02:08:47 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39019
x-xss-protection
0
last-modified
Tue, 29 Dec 2020 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 29 Dec 2020 02:08:47 GMT
bundle.caab6485ed0334f7366a.css
benefits.benefit-relief.com/sf/1/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://benefits.benefit-relief.com/sf/1/bundle.caab6485ed0334f7366a.css?t=1603374983114
Requested by
Host: benefits.benefit-relief.com
URL: https://benefits.benefit-relief.com/sf/1/0?sfhp=bgchk&sfhp2=bgchk&s1=472577&s2=978677905&s3=life
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6818:6602 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a63f5c5f94b995ae16d07922c7e1af3ff4e45108abde9b8a5797139396dc82f7

Request headers

Referer
https://benefits.benefit-relief.com/sf/1/0?sfhp=bgchk&sfhp2=bgchk&s1=472577&s2=978677905&s3=life
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Dec 2020 02:08:47 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 22 Oct 2020 13:56:33 GMT
server
cloudflare
etag
W/"5f918f91-5526"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tgmQiHuNrlG%2F4DAsrTGb%2B%2F9mWrTDwSw5YZJQ%2FgcOfzuW4QTrsou46mmluRDQVOW7I%2F6hrOaqPMQZIFAI95t1OkmOTtBRd2FDOfsDCF6MewTu26M7AiK8VQ%2F5lSx2I16bhmEyLaTgOpw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
608ff9a78c5e4a7a-FRA
cf-request-id
074dda5cba00004a7a529aa000000001
expires
Fri, 05 Nov 2021 06:07:17 GMT
logo.png
benefits.benefit-relief.com/sf/1/public/ 		602 B
952 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://benefits.benefit-relief.com/sf/1/public/logo.png?v=05468576
Requested by
Host: benefits.benefit-relief.com
URL: https://benefits.benefit-relief.com/sf/1/0?sfhp=bgchk&sfhp2=bgchk&s1=472577&s2=978677905&s3=life
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6818:6602 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ad38b7c287f942deb7829aaf55457fcde14621d6067c47a855e232598a956e3

Request headers

Referer
https://benefits.benefit-relief.com/sf/1/0?sfhp=bgchk&sfhp2=bgchk&s1=472577&s2=978677905&s3=life
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Dec 2020 02:08:47 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
content-length
602
cf-request-id
074dda5ccd00004a7a529ab000000001
last-modified
Thu, 22 Oct 2020 13:56:32 GMT
server
cloudflare
etag
"5f918f90-25a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=g%2FrdEJPuhcgIgD0jzeN%2B2Qw2bVJz9HRJkKaefEugkp0mY8aQbmdx10XgSDXiWNmyGSNHM%2F6KSTWeLFH5DO4GS8pzsppoD%2BqGZawXuJhRSSpSNSnzn8aoGCDuwANjM4W3smHrdYuf4Q8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
608ff9a7ac8d4a7a-FRA
expires
Thu, 04 Nov 2021 07:20:55 GMT
1.54b2eec3.chunk.js
benefits.benefit-relief.com/sf/1/js/ 		150 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://benefits.benefit-relief.com/sf/1/js/1.54b2eec3.chunk.js
Requested by
Host: benefits.benefit-relief.com
URL: https://benefits.benefit-relief.com/sf/1/0?sfhp=bgchk&sfhp2=bgchk&s1=472577&s2=978677905&s3=life
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6818:6602 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5464099768682211edacec2bad2aff2231bcd26acbc7fa587db105dff6e2bd00

Request headers

Referer
https://benefits.benefit-relief.com/sf/1/0?sfhp=bgchk&sfhp2=bgchk&s1=472577&s2=978677905&s3=life
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Dec 2020 02:08:47 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 22 Oct 2020 13:56:32 GMT
server
cloudflare
etag
W/"5f918f90-258e5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=C3vEbPSdTAcaK1Ewhg0Slzz8UAwENQ7BF%2B024AHZGCewHUPFe1RoTrmmfZdX1XLFLqcp%2BKQX1%2B2o2EWJkpf07PTeIVkW9ICBiotNVSXota1ickF9xlvcmkOdn5z5Z8kAIzQHif2px8g%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
608ff9a7ac8b4a7a-FRA
cf-request-id
074dda5ccf00004a7add96b000000001
expires
Wed, 03 Nov 2021 08:37:22 GMT
app.5fb4ccd0.js
benefits.benefit-relief.com/sf/1/js/ 		157 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://benefits.benefit-relief.com/sf/1/js/app.5fb4ccd0.js
Requested by
Host: benefits.benefit-relief.com
URL: https://benefits.benefit-relief.com/sf/1/0?sfhp=bgchk&sfhp2=bgchk&s1=472577&s2=978677905&s3=life
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6818:6602 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
272338fdd7c9db42a4c6bec02a89f2e195b33d442bec75e4044f4e4cc4a0f317

Request headers

Referer
https://benefits.benefit-relief.com/sf/1/0?sfhp=bgchk&sfhp2=bgchk&s1=472577&s2=978677905&s3=life
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Dec 2020 02:08:47 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 22 Oct 2020 13:56:32 GMT
server
cloudflare
etag
W/"5f918f90-274ee"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dTdS5dHugadvB16EDMK8V3beQS3DMnsiF4bT19rqo2gNN%2B8LtK58KqZ9WvThx2ov6WqxtoJ2yZsDTVGGNBAnz8viTj1CFc2k7G7rx3nYabXwuSCGpK8Psu6nfgWw0dHokJM1aKa6Wb0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
608ff9a7ac8c4a7a-FRA
cf-request-id
074dda5ccd00004a7a5b1c4000000001
expires
Sun, 07 Nov 2021 06:05:50 GMT
gtm.js
www.googletagmanager.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=@@gtagManagerId
Requested by
Host: benefits.benefit-relief.com
URL: https://benefits.benefit-relief.com/sf/1/0?sfhp=bgchk&sfhp2=bgchk&s1=472577&s2=978677905&s3=life
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://benefits.benefit-relief.com/sf/1/0?sfhp=bgchk&sfhp2=bgchk&s1=472577&s2=978677905&s3=life
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
free.min.css
ka-f.fontawesome.com/releases/v5.15.1/css/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.1/css/free.min.css
Protocol
H2
Server
2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
fa-kit-token
Origin
https://benefits.benefit-relief.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 29 Dec 2020 02:08:47 GMT
content-length
0
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-allow-headers
fa-kit-token
access-control-max-age
3000
x-cache
Hit from cloudfront
via
1.1 2e14fb9d8f93852aec2f703fe567e56d.cloudfront.net (CloudFront)
x-amz-cf-pop
ATH50-C1
x-amz-cf-id
XmLma-pps1ghnF8sr47M660fCyawKmwRT_Xbe0Z5zaBV_5Dh2UG5Iw==
age
17701
cf-cache-status
DYNAMIC
cf-request-id
074dda5cfc00004a79f8bdb000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JIOf3MlyOgukc4bLgyZqzC2Dj6tCyn6ITVN7Yhwzaj52GAYk7hGyNY5Fkd9qRy0shMQVZA8i0OO4OqxZkNUN5vmqGDBY%2Ftz7%2FYHAD4xfHP%2BQy11GRzYJ1tXPzh2uoQ1Faw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
608ff9a7ff574a79-FRA
free.min.css
ka-f.fontawesome.com/releases/v5.15.1/css/ 		59 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.1/css/free.min.css
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/268a7048dd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f02bd6f018d6f08c37c39f2d114101beac342c2c065046635e5ed0c42853590

Request headers

Referer
https://benefits.benefit-relief.com/sf/1/0?sfhp=bgchk&sfhp2=bgchk&s1=472577&s2=978677905&s3=life
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
fa-kit-token
268a7048dd

Response headers

date
Tue, 29 Dec 2020 02:08:47 GMT
via
1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
893534
x-cache
Hit from cloudfront
access-control-allow-methods
GET
content-encoding
br
cf-request-id
074dda5d3b00004a792c3a1000000001
last-modified
Wed, 14 Oct 2020 21:18:07 GMT
server
cloudflare
etag
W/"319d424ba89a84bbd230a3b5f7024193"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XvMPXPFtSV%2FBO7vduY0naR6fnBM7UWXPzC3V6QWd0ftgEReumsJBxT0igd0fedwy4rdsvUxHPJtt4ydYBxPkllgBU6rhDfvItuSjiLgG6Zj9516cQDVJlKG941%2Boq5g2jQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
x-amz-cf-pop
FRA2-C1
cf-ray
608ff9a85fba4a79-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
6ndhGAv-gzOndp7nCiK2fbXBExDofIvoOrbaNlmXdX00ysc1JEM5IA==
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v5.15.1/css/ 		26 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.1/css/free-v4-shims.min.css
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/268a7048dd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfff9ea502195a7b96fe38deca9188a59b758deeecc2cd4e78aea7d911e638c6

Request headers

Referer
https://benefits.benefit-relief.com/sf/1/0?sfhp=bgchk&sfhp2=bgchk&s1=472577&s2=978677905&s3=life
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
fa-kit-token
268a7048dd

Response headers

date
Tue, 29 Dec 2020 02:08:47 GMT
via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
965922
x-cache
Hit from cloudfront
access-control-allow-methods
GET
content-encoding
br
cf-request-id
074dda5d3b00004a79dcab3000000001
last-modified
Wed, 14 Oct 2020 21:18:07 GMT
server
cloudflare
etag
W/"2e4c3da4eae1c876a281d6ca5a7a5b4c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Pnz53zw%2FjEwBkbuctxHtjpI3pDQ%2FRpyL2hKOoO%2BcSRog8zsQRpUW7EATSBBvxMFzUmDz7xRO1hbKn4DQ4LjUsPrcntwexB6Eg7yUC55FO4x58Hu3idxnoDKluycVjPXZpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
x-amz-cf-pop
FRA2-C1
cf-ray
608ff9a85fbb4a79-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
QIkLB3ZnI4EJqWN5fJQirbdvRduhM7WE71Hi8DgzL_yGj9CVxtty1A==
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v5.15.1/css/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.1/css/free-v4-font-face.min.css
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/268a7048dd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b581327920e94c6db70647af17178ddca6ecf0c6c0a4e7ccf1b676c5a8a9163b

Request headers

Referer
https://benefits.benefit-relief.com/sf/1/0?sfhp=bgchk&sfhp2=bgchk&s1=472577&s2=978677905&s3=life
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
fa-kit-token
268a7048dd

Response headers

date
Tue, 29 Dec 2020 02:08:47 GMT
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
965922
x-cache
Hit from cloudfront
access-control-allow-methods
GET
content-encoding
br
cf-request-id
074dda5d3b00004a79cca7c000000001
last-modified
Wed, 14 Oct 2020 21:18:07 GMT
server
cloudflare
etag
W/"a59d3f1e8fae455f68a6cafb35ac4838"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=N%2Fm5I8ih%2FTvCTEh2eGydNAuKmjn4YZk7So5GhIE09B38bFjq9Ic0bjD5haZyE9no3e8AbwyOsvvVhGnQ3rpw9VaQy5JNviBYbjxqlcWlY0ST3vZ2vSRLnJDBQllPW2Qzlw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
x-amz-cf-pop
FRA6-C1
cf-ray
608ff9a85fbc4a79-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
813cBvo9OqrNENvrk_ixpbJLldjlfMbgJSkgYnsIFlwa8pA270ptKw==
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v5.15.1/css/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.1/css/free-v4-shims.min.css
Protocol
H2
Server
2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
fa-kit-token
Origin
https://benefits.benefit-relief.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 29 Dec 2020 02:08:47 GMT
content-length
0
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-allow-headers
fa-kit-token
access-control-max-age
3000
x-cache
Hit from cloudfront
via
1.1 b3404c926b62d5bf8cb54cc9471cbe42.cloudfront.net (CloudFront)
x-amz-cf-pop
ATH50-C1
x-amz-cf-id
KBRtmvVwDCvbki2cOfw5-f1l_VA-SwW7F34zuT8KFXhlRwWnRhqPag==
age
80127
cf-cache-status
DYNAMIC
cf-request-id
074dda5cfc00004a79c218f000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PVfPnxg%2B1mi5pTv4i7Z2tDdceq7O2BiqGHg5kFE8q%2FTszkyDuvUNP2%2FtWgp6wSRjdU2v6juQbTmKd%2F%2Bm5%2FxeCDDwPxek87lyBy%2BPZVps9dhpCg371DwFY%2FzNah4IDkFM0g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
608ff9a7ff584a79-FRA
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v5.15.1/css/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.1/css/free-v4-font-face.min.css
Protocol
H2
Server
2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
fa-kit-token
Origin
https://benefits.benefit-relief.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 29 Dec 2020 02:08:47 GMT
content-length
0
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-allow-headers
fa-kit-token
access-control-max-age
3000
x-cache
Hit from cloudfront
via
1.1 1bd2fdd679c28997d984e3cff5c0bc4c.cloudfront.net (CloudFront)
x-amz-cf-pop
ATH50-C1
x-amz-cf-id
ik_XvToyGmX5rSA4ZOmLM9pryOS9AOVzZLjxchgllBEnBPo84C1k3g==
age
30187
cf-cache-status
DYNAMIC
cf-request-id
074dda5cfc00004a790317b000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=X8OfQ%2BqSjQA%2BIiMM5HgIsnsQLt%2BZp2UhnTSMwHTcfhw%2Bo7bEfQWAVoQYAmamcajvYcZaQY7lrPJsnJMMB1oNrZ36R6smAFZDjtb6rcS9DpVXuhjFjtGC%2B7vN1A7u7uy64A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
608ff9a7ff594a79-FRA
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-92483201-41
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://benefits.benefit-relief.com/sf/1/0?sfhp=bgchk&sfhp2=bgchk&s1=472577&s2=978677905&s3=life
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
4720
date
Tue, 29 Dec 2020 00:50:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Tue, 29 Dec 2020 02:50:07 GMT
collect
www.google-analytics.com/j/ 		1 B
75 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=2126086390&t=pageview&_s=1&dl=https%3A%2F%2Fbenefits.benefit-relief.com%2Fsf%2F1%2F0%3Fsfhp%3Dbgchk%26sfhp2%3Dbgchk%26s1%3D472577%26s2%3D978677905%26s3%3Dlife&dr=https%3A%2F%2Ffiascors.com%2F1002f4185babd475800%2Flife%2F%2F&ul=en-us&de=UTF-8&dt=Benefit%20Relief&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=759994635&gjid=277459591&cid=1501758527.1609207727&tid=UA-92483201-41&_gid=1548317006.1609207727&_r=1&gtm=2oubu0&z=1196474660
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://benefits.benefit-relief.com/sf/1/0?sfhp=bgchk&sfhp2=bgchk&s1=472577&s2=978677905&s3=life
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Dec 2020 02:08:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://benefits.benefit-relief.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900|Poppins:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://benefits.benefit-relief.com
Referer
https://fonts.googleapis.com/css?family=Lato:400,700,900|Poppins:300,400,700&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 25 Dec 2020 06:09:43 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 22:01:44 GMT
server
sffe
age
331144
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7832
x-xss-protection
0
expires
Sat, 25 Dec 2021 06:09:43 GMT
summary
beacon.benefit-relief.com/geo/ 		118 B
576 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://beacon.benefit-relief.com/geo/summary
Requested by
Host: benefits.benefit-relief.com
URL: https://benefits.benefit-relief.com/sf/1/js/1.54b2eec3.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.55.126.207 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Kestrel /
Resource Hash
df919ff024ce3f897943a909b353f3bc8a7abd630ddfc7b0ca528f098211013d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept
application/json, text/plain, */*
Referer
https://benefits.benefit-relief.com/sf/1/0?s1=472577&s2=978677905&s3=life&sfhp=bgchk&sfhp2=bgchk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Dec 2020 02:08:47 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PATCH, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
false
strict-transport-security
max-age=2592000
access-control-allow-headers
Origin, Accept, Cache-Control, If-Modified-Since, Keep-Alive, Range, DNT, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
collect
www.google-analytics.com/ 		35 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j87&a=2126086390&t=event&_s=2&dl=https%3A%2F%2Fbenefits.benefit-relief.com%2Fsf%2F1%2F0%3Fsfhp%3Dbgchk%26sfhp2%3Dbgchk%26s1%3D472577%26s2%3D978677905%26s3%3Dlife&dr=https%3A%2F%2Ffiascors.com%2F1002f4185babd475800%2Flife%2F%2F&ul=en-us&de=UTF-8&dt=Benefit%20Relief&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pageload&ea=load&el=%2Fsf%2F1&_u=KEBAAUABAAAAAC~&jid=&gjid=&cid=1501758527.1609207727&tid=UA-92483201-41&_gid=1548317006.1609207727&gtm=2oubu0&z=237206484
Requested by
Host: benefits.benefit-relief.com
URL: https://benefits.benefit-relief.com/sf/1/0?s1=472577&s2=978677905&s3=life&sfhp=bgchk&sfhp2=bgchk
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://benefits.benefit-relief.com/sf/1/0?s1=472577&s2=978677905&s3=life&sfhp=bgchk&sfhp2=bgchk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Dec 2020 09:05:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
61410
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
8d2c227a-41b4-48cb-9b49-664d3226574c
beacon.benefit-relief.com/s/
Redirect Chain
  • https://beacon.benefit-relief.com/g2/0b545203-e67b-4ce7-b1bb-1be1c66f43aa?s1=472577&s2=978677905&s3=life&sfhp=bgchk&sfhp2=bgchk
  • https://beacon.benefit-relief.com/s/8d2c227a-41b4-48cb-9b49-664d3226574c?&requestid=VyzI-xQZh5&destinationid=919890070&s1=472577&s2=978677905&s3=life&sfhp=bgchk&sfhp2=bgchk
2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://beacon.benefit-relief.com/s/8d2c227a-41b4-48cb-9b49-664d3226574c?&requestid=VyzI-xQZh5&destinationid=919890070&s1=472577&s2=978677905&s3=life&sfhp=bgchk&sfhp2=bgchk
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.55.126.207 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Kestrel /
Resource Hash
92b80b2c3224ffb7a99a1c876a099c14bcb3656d9e5a835ae3febe98d603db5b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://benefits.benefit-relief.com/sf/1/0?s1=472577&s2=978677905&s3=life&sfhp=bgchk&sfhp2=bgchk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Dec 2020 02:08:47 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PATCH, HEAD
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
false
strict-transport-security
max-age=2592000
access-control-allow-headers
Origin, Accept, Cache-Control, If-Modified-Since, Keep-Alive, Range, DNT, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization

Redirect headers

date
Tue, 29 Dec 2020 02:08:47 GMT
server
Kestrel
location
https://beacon.benefit-relief.com/s/8d2c227a-41b4-48cb-9b49-664d3226574c?&requestid=VyzI-xQZh5&destinationid=919890070&s1=472577&s2=978677905&s3=life&sfhp=bgchk&sfhp2=bgchk
strict-transport-security
max-age=2592000
access-control-allow-methods
GET, POST, OPTIONS, PATCH, HEAD
access-control-allow-origin
*
access-control-allow-credentials
false
access-control-allow-headers
Origin, Accept, Cache-Control, If-Modified-Since, Keep-Alive, Range, DNT, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
content-length
0
collect
www.google-analytics.com/ 		35 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j87&a=2126086390&t=event&_s=3&dl=https%3A%2F%2Fbenefits.benefit-relief.com%2Fsf%2F1%2F0%3Fsfhp%3Dbgchk%26sfhp2%3Dbgchk%26s1%3D472577%26s2%3D978677905%26s3%3Dlife&dr=https%3A%2F%2Ffiascors.com%2F1002f4185babd475800%2Flife%2F%2F&dp=0%3Fs1%3D472577%26s2%3D978677905%26s3%3Dlife%26sfhp%3Dbgchk%26sfhp2%3Dbgchk&ul=en-us&de=UTF-8&dt=Benefit%20Relief&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=User%20started%20Survey%20Flow&ea=survey-flow-started&el=%2Fsf%2F1&_u=KEBAAUABAAAAAC~&jid=&gjid=&cid=1501758527.1609207727&tid=UA-92483201-41&_gid=1548317006.1609207727&gtm=2oubu0&z=598298446
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://benefits.benefit-relief.com/sf/1/0?s1=472577&s2=978677905&s3=life&sfhp=bgchk&sfhp2=bgchk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Dec 2020 09:05:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
61411
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j87&a=2126086390&t=event&_s=4&dl=https%3A%2F%2Fbenefits.benefit-relief.com%2Fsf%2F1%2F0%3Fsfhp%3Dbgchk%26sfhp2%3Dbgchk%26s1%3D472577%26s2%3D978677905%26s3%3Dlife&dr=https%3A%2F%2Ffiascors.com%2F1002f4185babd475800%2Flife%2F%2F&dp=0%3Fs1%3D472577%26s2%3D978677905%26s3%3Dlife%26sfhp%3Dbgchk%26sfhp2%3Dbgchk&ul=en-us&de=UTF-8&dt=Benefit%20Relief&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=SFHP-BGCHK&ea=view&el=%2Fsf%2F1&_u=KEBAAUABAAAAAC~&jid=&gjid=&cid=1501758527.1609207727&tid=UA-92483201-41&_gid=1548317006.1609207727&gtm=2oubu0&z=188115718
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://benefits.benefit-relief.com/sf/1/0?s1=472577&s2=978677905&s3=life&sfhp=bgchk&sfhp2=bgchk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Dec 2020 09:05:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
61411
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| gtag object| dataLayer object| FontAwesomeKitConfig object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| webpackJsonp function| _

4 Cookies

Domain/Path Name / Value
.benefit-relief.com/ Name: _gat_gtag_UA_92483201_41
Value: 1
.benefit-relief.com/ Name: _gid
Value: GA1.2.1548317006.1609207727
.benefit-relief.com/ Name: _ga
Value: GA1.2.1501758527.1609207727
.benefit-relief.com/ Name: __cfduid
Value: d20f372d5bdf44561e95b24b52b2397671609207727

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beacon.benefit-relief.com
benefits.benefit-relief.com
fiascors.com
fonts.googleapis.com
fonts.gstatic.com
ka-f.fontawesome.com
kit.fontawesome.com
life9checks.com
www.google-analytics.com
www.googletagmanager.com
104.255.101.154
2606:4700:3037::6818:6602
2606:4700::6812:1634
2606:4700:e6::ac40:cb1c
2a00:1450:4001:808::2008
2a00:1450:4001:809::200e
2a00:1450:4001:81c::200a
2a00:1450:4001:81e::2003
2a00:1450:4001:81e::200e
45.55.126.207
51.81.252.11
1330cf24cf40d021503cea2401ccd1659eee60fdfa8650bb0d2be8f5c517e456
272338fdd7c9db42a4c6bec02a89f2e195b33d442bec75e4044f4e4cc4a0f317
4ad38b7c287f942deb7829aaf55457fcde14621d6067c47a855e232598a956e3
4f02bd6f018d6f08c37c39f2d114101beac342c2c065046635e5ed0c42853590
5464099768682211edacec2bad2aff2231bcd26acbc7fa587db105dff6e2bd00
55777ff2f48a35b7644b9521041bdceddbf1234e8bef3a89c9e0b051ad54e7c4
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
92b80b2c3224ffb7a99a1c876a099c14bcb3656d9e5a835ae3febe98d603db5b
a63f5c5f94b995ae16d07922c7e1af3ff4e45108abde9b8a5797139396dc82f7
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
b581327920e94c6db70647af17178ddca6ecf0c6c0a4e7ccf1b676c5a8a9163b
b8c350d2202faebca4e6f7df90e09cfb4145b7bc766cf90cf04f4f9fe4044494
cfff9ea502195a7b96fe38deca9188a59b758deeecc2cd4e78aea7d911e638c6
d5c336543068fe4bfbd6cc01688a07c7d377e61238fc8d584b9f250e29696cca
d7e2306b0d955f8963bdf73fde958e7ae330e48b2557fa0065b5b570ca2e3b82
dd091a8f125926bc96c5413e05a91927f943c2e5b21e54d1f77dd1c1fafea79b
df919ff024ce3f897943a909b353f3bc8a7abd630ddfc7b0ca528f098211013d
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b