benefits-authority.com Open in urlscan Pro
69.172.201.115 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://omrexchtest.omr.state.ny.us/dO2W.aspx?HThTKLsWHqLK=QwHsPgKlyLDz18kzlvu01ye1l01q2wa0z25d0f1cytcdgrqpl
Effective URL:
https://benefits-authority.com/?mbi=1601417686
Submission: On September 25 via api (September 25th 2024, 1:15:54 am UTC) from BE — Scanned from US

Summary HTTP 31 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 4 countries across 13 domains to perform 31 HTTP transactions. The main IP is 69.172.201.115, located in Canada and belongs to DOSARREST, US. The main domain is benefits-authority.com.
TLS certificate: Issued by R11 on September 23rd 2024. Valid for: 3 months.

This is the only time benefits-authority.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	91.234.34.44 91.234.34.44	56485 (THEHOST-AS) (THEHOST-AS)
1	205.251.138.98 205.251.138.98	11042 (NTHL) (NTHL)
2 2	45.147.195.6 45.147.195.6	49392 (ASBAXETN) (ASBAXETN)
1 1	35.190.6.55 35.190.6.55	15169 (GOOGLE) (GOOGLE)
1 3	69.172.200.185 69.172.200.185	19324 (DOSARREST) (DOSARREST)
7	69.172.201.115 69.172.201.115	19324 (DOSARREST) (DOSARREST)
1	199.232.196.193 199.232.196.193	54113 (FASTLY) (FASTLY)
1	2606:4700:10:... 2606:4700:10::6816:27b6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.164.124.56 18.164.124.56	16509 (AMAZON-02) (AMAZON-02)
6	52.22.142.87 52.22.142.87	14618 (AMAZON-AES) (AMAZON-AES)
2	108.139.47.63 108.139.47.63	16509 (AMAZON-02) (AMAZON-02)
4	34.224.179.244 34.224.179.244	14618 (AMAZON-AES) (AMAZON-AES)
1	18.164.115.36 18.164.115.36	16509 (AMAZON-02) (AMAZON-02)
3	107.21.171.98 107.21.171.98	14618 (AMAZON-AES) (AMAZON-AES)
31	12

1 91.234.34.44 (Kyiv Oblast, Ukraine) 1 redirects

ASN56485 (THEHOST-AS, UA)
PTR: gibson.gimmetravel.com

omrexchtest.omr.state.ny.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.251.138.98 (United States)

ASN11042 (NTHL, US)
PTR: bulleye98.cockamaroo.net

systemtestsupport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.147.195.6 (Moscow, Russian Federation) 2 redirects

ASN49392 (ASBAXETN, RU)

1ibeg.suggestedspins.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1ibeg.spinningfastloop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.6.55 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 55.6.190.35.bc.googleusercontent.com

www.dpvyw6trk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.172.200.185 (Canada) 1 redirects

ASN19324 (DOSARREST, US)
PTR: maxbounty.com

afflat3d3.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
av-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 69.172.201.115 (Canada)

ASN19324 (DOSARREST, US)

benefits-authority.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.196.193 (United States)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:27b6 (United States)

ASN13335 (CLOUDFLARENET, US)

create.lidstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.164.124.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-124-56.jfk50.r.cloudfront.net

api.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.22.142.87 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-142-87.compute-1.amazonaws.com

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.139.47.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-63.jfk50.r.cloudfront.net

cdn.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.224.179.244 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-224-179-244.compute-1.amazonaws.com

trc.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.115.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-115-36.jfk50.r.cloudfront.net

d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 107.21.171.98 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-21-171-98.compute-1.amazonaws.com

psp.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	pushnami.com api.pushnami.com — Cisco Umbrella Rank: 8257 cdn.pushnami.com — Cisco Umbrella Rank: 17595 trc.pushnami.com — Cisco Umbrella Rank: 8303 psp.pushnami.com — Cisco Umbrella Rank: 25396	369 KB
7	benefits-authority.com benefits-authority.com	549 KB
6	leadid.com create.leadid.com — Cisco Umbrella Rank: 15799	4 KB
2	av-api.com av-api.com	39 KB
1	cloudfront.net d2m2wsoho8qq12.cloudfront.net
1	lidstatic.com create.lidstatic.com — Cisco Umbrella Rank: 25553	39 KB
1	imgur.com i.imgur.com — Cisco Umbrella Rank: 8520	411 KB
1	afflat3d3.com 1 redirects afflat3d3.com	839 B
1	dpvyw6trk.com 1 redirects www.dpvyw6trk.com	711 B
1	spinningfastloop.com 1 redirects 1ibeg.spinningfastloop.com	972 B
1	suggestedspins.com 1 redirects 1ibeg.suggestedspins.com	1002 B
1	systemtestsupport.com systemtestsupport.com	468 B
1	state.ny.us 1 redirects omrexchtest.omr.state.ny.us	282 B
31	13

	Domain	Requested by
7	benefits-authority.com	systemtestsupport.com benefits-authority.com
6	create.leadid.com	create.lidstatic.com
4	trc.pushnami.com	api.pushnami.com
3	psp.pushnami.com	cdn.pushnami.com api.pushnami.com
2	cdn.pushnami.com	api.pushnami.com
2	api.pushnami.com	benefits-authority.com api.pushnami.com
2	av-api.com	benefits-authority.com
1	d2m2wsoho8qq12.cloudfront.net	create.lidstatic.com
1	create.lidstatic.com	benefits-authority.com
1	i.imgur.com
1	afflat3d3.com	1 redirects
1	www.dpvyw6trk.com	1 redirects
1	1ibeg.spinningfastloop.com	1 redirects
1	1ibeg.suggestedspins.com	1 redirects
1	systemtestsupport.com
1	omrexchtest.omr.state.ny.us	1 redirects
31	16

This site contains no links.

Subject Issuer	Validity	Valid
systemtestsupport.com Sectigo RSA Domain Validation Secure Server CA	`2024-04-23` - `2025-04-23`	a year	crt.sh
championautoinsurance.com R11	`2024-09-23` - `2024-12-22`	3 months	crt.sh
av-api.com R10	`2024-08-19` - `2024-11-17`	3 months	crt.sh
*.imgur.com Sectigo RSA Domain Validation Secure Server CA	`2024-02-15` - `2025-02-14`	a year	crt.sh
lidstatic.com E6	`2024-09-20` - `2024-12-19`	3 months	crt.sh
*.pushnami.com Amazon RSA 2048 M02	`2024-02-03` - `2025-03-03`	a year	crt.sh
create.leadid.com Amazon RSA 2048 M03	`2024-07-20` - `2025-08-18`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://benefits-authority.com/?mbi=1601417686
Frame ID: 0D1F64A0595048BAED6A6C5CDF00DFB4
Requests: 26 HTTP requests in this frame

Frame: https://api.pushnami.com/scripts/v1/hub
Frame ID: 4B6962D41E293F78E91EB4FEB1D634F0
Requests: 1 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=B07AD6AE-9B0D-C166-B654-962094E4EC9B&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.15.0&lck=D2FB0EC8-1E8C-A402-E4AC-9205FE98F622&lac=4B1F5928-2127-08FA-4EA5-F0DB210F6AAE
Frame ID: 4F2CEF64AF88E8FBBE9AB3EB55F375AD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Benefits Authority 2

Page URL History Show full URLs

http://omrexchtest.omr.state.ny.us/dO2W.aspx?HThTKLsWHqLK=QwHsPgKlyLDz18kzlvu01ye1l01q2wa0z25d0f1cytcdgrqpl HTTP 307
https://omrexchtest.omr.state.ny.us/dO2W.aspx?HThTKLsWHqLK=QwHsPgKlyLDz18kzlvu01ye1l01q2wa0z25d0f1cytcdgrqpl HTTP 307
http://omrexchtest.omr.state.ny.us/dO2W.aspx?HThTKLsWHqLK=QwHsPgKlyLDz18kzlvu01ye1l01q2wa0z25d0f1cytcdgrqpl HTTP 302
https://systemtestsupport.com/1761681205edc740800/35_1294329_2896426/2785_3284121_1cytcdg_15/518983050_208... Page URL
https://1ibeg.suggestedspins.com/?kw=690070&s1=690070&s2=35_1294329_2896426&s3=1432825020&s4=45 HTTP 302
https://1ibeg.spinningfastloop.com/o/Z4LLRNST/accbd6e6-7adb-11ef-87c4-6961b55665ef/acd45f82-7adb-11ef-b70e-63fb... HTTP 302
https://www.dpvyw6trk.com/7P4RRF/QT9RR8R/?sub1=74698&sub2=ad425988-7adb-11ef-878a-a5615396315f& HTTP 302
https://afflat3d3.com/lnk.asp?o=26996&c=918271&a=574293&k=8E60CC8BC6A39DC220372315C4F7B695&l=28846... HTTP 302
https://benefits-authority.com/?mbi=1601417686 Page URL

Detected technologies

Pushnami (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

api\.pushnami\.com

Page Statistics

31
Requests

97 %
HTTPS

7 %
IPv6

13
Domains

16
Subdomains

12
IPs

4
Countries

1412 kB
Transfer

2861 kB
Size

18
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://omrexchtest.omr.state.ny.us/dO2W.aspx?HThTKLsWHqLK=QwHsPgKlyLDz18kzlvu01ye1l01q2wa0z25d0f1cytcdgrqpl HTTP 307
https://omrexchtest.omr.state.ny.us/dO2W.aspx?HThTKLsWHqLK=QwHsPgKlyLDz18kzlvu01ye1l01q2wa0z25d0f1cytcdgrqpl HTTP 307
http://omrexchtest.omr.state.ny.us/dO2W.aspx?HThTKLsWHqLK=QwHsPgKlyLDz18kzlvu01ye1l01q2wa0z25d0f1cytcdgrqpl HTTP 302
https://systemtestsupport.com/1761681205edc740800/35_1294329_2896426/2785_3284121_1cytcdg_15/518983050_208-252-80-125 Page URL
https://1ibeg.suggestedspins.com/?kw=690070&s1=690070&s2=35_1294329_2896426&s3=1432825020&s4=45 HTTP 302
https://1ibeg.spinningfastloop.com/o/Z4LLRNST/accbd6e6-7adb-11ef-87c4-6961b55665ef/acd45f82-7adb-11ef-b70e-63fbaaec67c9 HTTP 302
https://www.dpvyw6trk.com/7P4RRF/QT9RR8R/?sub1=74698&sub2=ad425988-7adb-11ef-878a-a5615396315f& HTTP 302
https://afflat3d3.com/lnk.asp?o=26996&c=918271&a=574293&k=8E60CC8BC6A39DC220372315C4F7B695&l=28846&s1=148&s2=4e6a1cadbdf34d478caeacd6bf76a8c9 HTTP 302
https://benefits-authority.com/?mbi=1601417686 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://omrexchtest.omr.state.ny.us/dO2W.aspx?HThTKLsWHqLK=QwHsPgKlyLDz18kzlvu01ye1l01q2wa0z25d0f1cytcdgrqpl HTTP 307
https://omrexchtest.omr.state.ny.us/dO2W.aspx?HThTKLsWHqLK=QwHsPgKlyLDz18kzlvu01ye1l01q2wa0z25d0f1cytcdgrqpl HTTP 307
http://omrexchtest.omr.state.ny.us/dO2W.aspx?HThTKLsWHqLK=QwHsPgKlyLDz18kzlvu01ye1l01q2wa0z25d0f1cytcdgrqpl HTTP 302
https://systemtestsupport.com/1761681205edc740800/35_1294329_2896426/2785_3284121_1cytcdg_15/518983050_208-252-80-125

31 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

518983050_208-252-80-125
systemtestsupport.com/1761681205edc740800/35_1294329_2896426/2785_3284121_1cytcdg_15/
Redirect Chain

http://omrexchtest.omr.state.ny.us/dO2W.aspx?HThTKLsWHqLK=QwHsPgKlyLDz18kzlvu01ye1l01q2wa0z25d0f1cytcdgrqpl
https://omrexchtest.omr.state.ny.us/dO2W.aspx?HThTKLsWHqLK=QwHsPgKlyLDz18kzlvu01ye1l01q2wa0z25d0f1cytcdgrqpl
http://omrexchtest.omr.state.ny.us/dO2W.aspx?HThTKLsWHqLK=QwHsPgKlyLDz18kzlvu01ye1l01q2wa0z25d0f1cytcdgrqpl
https://systemtestsupport.com/1761681205edc740800/35_1294329_2896426/2785_3284121_1cytcdg_15/518983050_208-252-80-125

158 B
468 B

923ms
366ms

Document
text/html

205.251.138.98
NTHL

General

Check archive.org

Show headers Download Go to

Full URL: https://systemtestsupport.com/1761681205edc740800/35_1294329_2896426/2785_3284121_1cytcdg_15/518983050_208-252-80-125
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 205.251.138.98 , United States, ASN11042 (NTHL, US),
Reverse DNS: bulleye98.cockamaroo.net
Software: Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Connection: close
Content-Length: 158
Content-Type: text/html; charset=UTF-8
Date: Wed, 25 Sep 2024 01:15:37 GMT
Server: Apache

Redirect headers

Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Wed, 25 Sep 2024 01:15:36 GMT
Location: https://systemtestsupport.com/1761681205edc740800/35_1294329_2896426/2785_3284121_1cytcdg_15/518983050_208-252-80-125
Server: Apache

GET
H/1.1

200
OK

Primary Request / Show response
benefits-authority.com/
Redirect Chain

https://1ibeg.suggestedspins.com/?kw=690070&s1=690070&s2=35_1294329_2896426&s3=1432825020&s4=45
https://1ibeg.spinningfastloop.com/o/Z4LLRNST/accbd6e6-7adb-11ef-87c4-6961b55665ef/acd45f82-7adb-11ef-b70e-63fbaaec67c9
https://www.dpvyw6trk.com/7P4RRF/QT9RR8R/?sub1=74698&sub2=ad425988-7adb-11ef-878a-a5615396315f&
https://afflat3d3.com/lnk.asp?o=26996&c=918271&a=574293&k=8E60CC8BC6A39DC220372315C4F7B695&l=28846&s1=148&s2=4e6a1cadbdf34d478caeacd6bf76a8c9
https://benefits-authority.com/?mbi=1601417686

3 KB
2 KB

170ms
53ms

Document
text/html

69.172.201.115
DOSARREST

General

Check archive.org

Show headers Download Go to

Full URL

https://benefits-authority.com/?mbi=1601417686

Requested by

Host: systemtestsupport.com
URL: https://systemtestsupport.com/1761681205edc740800/35_1294329_2896426/2785_3284121_1cytcdg_15/518983050_208-252-80-125

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.172.201.115 , Canada, ASN19324 (DOSARREST, US),

Reverse DNS

Software

nginx/1.20.2 / ASP.NET

Resource Hash

5051e2fb2fe91fdd7d5b32f1881c16a58b4dbd92a17a46c86d9d0bea5cb3e0b0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://systemtestsupport.com/1761681205edc740800/35_1294329_2896426/2785_3284121_1cytcdg_15/518983050_208-252-80-125
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1470
Content-Type: text/html
Date: Wed, 25 Sep 2024 01:15:40 GMT
ETag: "095ed8b90b6da1:0"
Keep-Alive: timeout=20
Last-Modified: Tue, 04 Jun 2024 15:04:50 GMT
Server: nginx/1.20.2
Vary: Accept-Encoding
X-DIS-Request-ID: a83345b11b21052f030792b0f45b1dd2
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET

Redirect headers

Cache-Control: private
Connection: keep-alive
Content-Length: 166
Content-Type: text/html
Date: Wed, 25 Sep 2024 01:15:40 GMT
Keep-Alive: timeout=20
Location: https://benefits-authority.com?mbi=1601417686
Server: nginx/1.20.2
X-DIS-Request-ID: 2f3c6bc921951276c516193ac1e0a2a3
X-Powered-By: ASP.NET

GET
H/1.1 200
OK 2.9a56c832.chunk.css
benefits-authority.com/static/css/ 186 KB
48 KB 58ms
57ms Stylesheet
text/css 69.172.201.115
DOSARREST

General

Check archive.org

Show headers Download Go to

Full URL

https://benefits-authority.com/static/css/2.9a56c832.chunk.css

Requested by

Host: benefits-authority.com
URL: https://benefits-authority.com/?mbi=1601417686

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.172.201.115 , Canada, ASN19324 (DOSARREST, US),

Reverse DNS

Software

nginx/1.20.2 / ASP.NET

Resource Hash

14b075d2831615d4fb62e8b8271b62ed622ba8d36e51797d6df9ebbc95f96b58

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://benefits-authority.com/?mbi=1601417686

Response headers

X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET
Content-Encoding: gzip
ETag: "095ed8b90b6da1:0"
Connection: keep-alive
X-DIS-Request-ID: 27fb6909e994eed018c31cd0b58bb091
Accept-Ranges: bytes
Content-Length: 48500
Keep-Alive: timeout=20
Date: Wed, 25 Sep 2024 01:15:40 GMT
Content-Type: text/css
Last-Modified: Tue, 04 Jun 2024 15:04:50 GMT
Server: nginx/1.20.2
Vary: Accept-Encoding

GET
H/1.1 200
OK main.53dbd380.chunk.css
benefits-authority.com/static/css/ 5 KB
2 KB 109ms
40ms Stylesheet
text/css 69.172.201.115
DOSARREST

General

Check archive.org

Show headers Download Go to

Full URL

https://benefits-authority.com/static/css/main.53dbd380.chunk.css

Requested by

Host: benefits-authority.com
URL: https://benefits-authority.com/?mbi=1601417686

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.172.201.115 , Canada, ASN19324 (DOSARREST, US),

Reverse DNS

Software

nginx/1.20.2 / ASP.NET

Resource Hash

42f373b869a5f0a9438bac0f1866aad195a0ec3cf9be60a7036955499e5620a9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://benefits-authority.com/?mbi=1601417686

Response headers

X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET
Content-Encoding: gzip
ETag: "095ed8b90b6da1:0"
Connection: keep-alive
X-DIS-Request-ID: f7cf593b632875ed6d110491addabcbb
Accept-Ranges: bytes
Content-Length: 1634
Keep-Alive: timeout=20
Date: Wed, 25 Sep 2024 01:15:40 GMT
Content-Type: text/css
Last-Modified: Tue, 04 Jun 2024 15:04:50 GMT
Server: nginx/1.20.2
Vary: Accept-Encoding

GET
H/1.1 200
OK 2.12dd23d0.chunk.js Show response
benefits-authority.com/static/js/ 1 MB
475 KB 191ms
107ms Script
application/javascript 69.172.201.115
DOSARREST

General

Check archive.org

Show headers Download Go to

Full URL

https://benefits-authority.com/static/js/2.12dd23d0.chunk.js

Requested by

Host: benefits-authority.com
URL: https://benefits-authority.com/?mbi=1601417686

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.172.201.115 , Canada, ASN19324 (DOSARREST, US),

Reverse DNS

Software

nginx/1.20.2 / ASP.NET

Resource Hash

dd30f9294822c6d5c32e8fc4e4de069194ad4b9ca958d9f9265d321fc4aa3e44

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://benefits-authority.com/?mbi=1601417686

Response headers

X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET
Content-Encoding: gzip
ETag: "095ed8b90b6da1:0"
Connection: keep-alive
X-DIS-Request-ID: 33963369e5fceaa88e7a79a3095de971
Accept-Ranges: bytes
Content-Length: 486259
Keep-Alive: timeout=20
Date: Wed, 25 Sep 2024 01:15:40 GMT
Content-Type: application/javascript
Last-Modified: Tue, 04 Jun 2024 15:04:50 GMT
Server: nginx/1.20.2
Vary: Accept-Encoding

GET
H/1.1 200
OK main.37287f54.chunk.js Show response
benefits-authority.com/static/js/ 93 KB
18 KB 190ms
107ms Script
application/javascript 69.172.201.115
DOSARREST

General

Check archive.org

Show headers Download Go to

Full URL

https://benefits-authority.com/static/js/main.37287f54.chunk.js

Requested by

Host: benefits-authority.com
URL: https://benefits-authority.com/?mbi=1601417686

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.172.201.115 , Canada, ASN19324 (DOSARREST, US),

Reverse DNS

Software

nginx/1.20.2 / ASP.NET

Resource Hash

c02cb664f7b0323b2d7a5a5b4766f58466c22b62361a62b95b0471cc8330c5a6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://benefits-authority.com/?mbi=1601417686

Response headers

X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET
Content-Encoding: gzip
ETag: "095ed8b90b6da1:0"
Connection: keep-alive
X-DIS-Request-ID: 4ab529ce47b25bb8040bf45e824a8f8f
Accept-Ranges: bytes
Content-Length: 18007
Keep-Alive: timeout=20
Date: Wed, 25 Sep 2024 01:15:40 GMT
Content-Type: application/javascript
Last-Modified: Tue, 04 Jun 2024 15:04:50 GMT
Server: nginx/1.20.2
Vary: Accept-Encoding

GET
H/1.1 200
OK ca635c3f7b92cf2ad66799db8638d28b Show response
av-api.com/property/13/0/ 164 KB
32 KB 713ms
590ms Fetch
application/json 69.172.200.185
DOSARREST

General

Check archive.org

Show headers Download Go to

Full URL: https://av-api.com/property/13/0/ca635c3f7b92cf2ad66799db8638d28b?mbi=1601417686
Requested by: Host: benefits-authority.com
URL: https://benefits-authority.com/static/js/main.37287f54.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.172.200.185 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS: maxbounty.com
Software: nginx/1.20.2 / Express, ASP.NET
Resource Hash: 21eda6e217f4d20a4249b05fd1ed77728d2bbedee295552202e5f9824c191b47

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://benefits-authority.com/

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
ETag: W/"290d0-LL0SeJ1536MRgBXySOsrrJAbehg"
Connection: keep-alive
Access-Control-Allow-Credentials: true
X-DIS-Request-ID: 93ffe59851c87f1952f0be24e41fbbd7
Access-Control-Allow-Origin: https://benefits-authority.com
Keep-Alive: timeout=20
Date: Wed, 25 Sep 2024 01:15:41 GMT
Content-Type: application/json; charset=utf-8
Vary: Origin
Server: nginx/1.20.2
X-Powered-By: Express, ASP.NET

GET
H/1.1 200
OK favicon.ico
benefits-authority.com/ 4 KB
4 KB 36ms
35ms Other
image/x-icon 69.172.201.115
DOSARREST

General

Check archive.org

Show headers Download Go to

Full URL

https://benefits-authority.com/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.172.201.115 , Canada, ASN19324 (DOSARREST, US),

Reverse DNS

Software

nginx/1.20.2 / ASP.NET

Resource Hash

3d10f7da6c603178340081668c4ac5b3ae9743ca9a262ab0fcd312fbb9f48bdd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://benefits-authority.com/?mbi=1601417686

Response headers

X-Frame-Options: SAMEORIGIN
ETag: "25e9dfe3d35dda1:0"
Connection: keep-alive
X-DIS-Request-ID: 84aededea6f79283ed5bfd2ea96af64f
Accept-Ranges: bytes
Content-Length: 3870
Keep-Alive: timeout=20
Date: Wed, 25 Sep 2024 01:15:40 GMT
Content-Type: image/x-icon
Last-Modified: Mon, 12 Feb 2024 16:52:40 GMT
Server: nginx/1.20.2
X-Powered-By: ASP.NET

GET
H/1.1 200
OK logo
av-api.com/cdn/image/site/22/ 7 KB
8 KB 167ms
81ms Image
image/png 69.172.200.185
DOSARREST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://av-api.com/cdn/image/site/22/logo
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.172.200.185 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS: maxbounty.com
Software: nginx/1.20.2 / Express, ASP.NET
Resource Hash: 5f1adb90a1acc45fd824b3a042617a48228fde56c778b5c4d7d9f0c3275dfc79

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://benefits-authority.com
Referer: https://benefits-authority.com/

Response headers

Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
X-DIS-Request-ID: 242cd849081f2ec35fb3ea83fdded125
Access-Control-Allow-Origin: https://benefits-authority.com
Keep-Alive: timeout=20
Date: Wed, 25 Sep 2024 01:15:41 GMT
Vary: Origin
Server: nginx/1.20.2
X-Powered-By: Express, ASP.NET

GET
H2 200 JgfDBX6.png
i.imgur.com/ 410 KB
411 KB 154ms
50ms Image
image/png 199.232.196.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/JgfDBX6.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

f99e785b0abda784b68fcf4840fbe98909760620f12002087f1af4b874971333

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://benefits-authority.com/

Response headers

etag: "7cc39a0991db31903bf8adc7fdbedbee"
age: 3084991
access-control-allow-methods: GET, OPTIONS
x-content-type-options: nosniff
x-cache: Miss from cloudfront, HIT, HIT
x-amz-cf-id: u-ejUqw-CLgwu1MFuWsle22RELUDKlRtquniQvj31HZtGC7rFApm4Q==
date: Wed, 25 Sep 2024 01:15:41 GMT
content-type: image/png
last-modified: Tue, 04 Jun 2024 20:04:06 GMT
x-cache-hits: 1439, 1
x-served-by: cache-iad-kjyo7100044-IAD, cache-ewr-kewr1740057-EWR
strict-transport-security: max-age=300
cache-control: public, max-age=31536000
x-timer: S1727226942.606263,VS0,VE7
accept-ranges: bytes
access-control-allow-origin: *
content-length: 420303
x-amz-cf-pop: MIA3-P1
server: cat factory 1.0
x-amz-server-side-encryption: AES256

GET
H2 200 d2fb0ec8-1e8c-a402-e4ac-9205fe98f622.js Show response
create.lidstatic.com/campaign/ 121 KB
39 KB 143ms
48ms Script
text/javascript 2606:4700:10::6816:27b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://create.lidstatic.com/campaign/d2fb0ec8-1e8c-a402-e4ac-9205fe98f622.js?snippet_version=2&callback=setUniversalLeadId
Requested by: Host: benefits-authority.com
URL: https://benefits-authority.com/static/js/main.37287f54.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:27b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b10ba9cbef05a78cee2d4a7929ca17601e5a548950222485a0d3210b843d74e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://benefits-authority.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"4abc12d0583a69a38379005e8e95eacc"
x-amz-version-id: twCQ4PuHOgpLnmrvwu5tilHUduYAvsSm
age: 560
date: Wed, 25 Sep 2024 01:15:41 GMT
content-type: text/javascript
last-modified: Mon, 15 Jul 2024 16:23:05 GMT
vary: Accept-Encoding
x-amz-id-2: tmQd/o7IImtT32m8isk4aQ3yxfMI7Rl8bRxX1v3RUwzVfz9ytHkD7H1mo9jZE5PY8tEYUo/cYZQ=
x-amz-replication-status: COMPLETED
cache-control: max-age=1800
x-amz-request-id: 24QYYD0KE8CYJDEH
cf-ray: 8c872a20fbd39e17-EWR
access-control-allow-origin: *
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 662a836a473fc40013e65c89 Show response
api.pushnami.com/scripts/v1/pushnami-adv/ 94 KB
20 KB 176ms
50ms Script
application/javascript 18.164.124.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pushnami.com/scripts/v1/pushnami-adv/662a836a473fc40013e65c89
Requested by: Host: benefits-authority.com
URL: https://benefits-authority.com/static/js/main.37287f54.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-56.jfk50.r.cloudfront.net
Software: /
Resource Hash: 008bf334cdba91db068acb7f3756e756a356b4ddb4832486f2b10c1b27e7cdce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://benefits-authority.com/

Response headers

cache-control: no-cache
content-encoding: gzip
age: 545
via: 1.1 021c711549f5f4a7c98f2f921f46beba.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: 3I8WfeSPPH0Oz_IZrPGBQ4wQhHAUw7PIXkFTSKPWjLUjppDenAGkVQ==
date: Wed, 25 Sep 2024 01:06:36 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding
x-amz-cf-pop: JFK50-P7

GET
H2 200 noscript.gif
create.leadid.com/ 43 B
643 B 154ms
54ms Image
image/gif 52.22.142.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://create.leadid.com/noscript.gif?lac=4b1f5928-2127-08fa-4ea5-f0db210f6aae&lck=d2fb0ec8-1e8c-a402-e4ac-9205fe98f622&snippet_version=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.22.142.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-142-87.compute-1.amazonaws.com

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://benefits-authority.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-max-age: 1728000
content-encoding: none
etag: 70CBAD73-CCF3-C8F0-4983-9D0079243412
access-control-allow-origin: *
date: Wed, 25 Sep 2024 01:15:41 GMT
content-type: image/gif
last-modified: Wed, 25 Sep 2024 01:15:41 GMT
server: nginx
access-control-allow-headers: X-Requested-With, Content-Type

GET
H/1.1 200
OK favicon.ico
benefits-authority.com/ 4 KB
0 0ms
0ms Other
image/x-icon 69.172.201.115
DOSARREST

General

Check archive.org

Show headers Download Go to

Full URL

https://benefits-authority.com/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.172.201.115 , Canada, ASN19324 (DOSARREST, US),

Reverse DNS

Software

nginx/1.20.2 / ASP.NET

Resource Hash

3d10f7da6c603178340081668c4ac5b3ae9743ca9a262ab0fcd312fbb9f48bdd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://benefits-authority.com/?mbi=1601417686

Response headers

X-Powered-By: ASP.NET
ETag: "25e9dfe3d35dda1:0"
X-DIS-Request-ID: 84aededea6f79283ed5bfd2ea96af64f
Accept-Ranges: bytes
Content-Length: 3870
Date: Wed, 25 Sep 2024 01:15:40 GMT
Content-Type: image/x-icon
Last-Modified: Mon, 12 Feb 2024 16:52:40 GMT
Server: nginx/1.20.2
X-Frame-Options: SAMEORIGIN

POST
H2 200 GenerateToken Show response
create.leadid.com/2.15.0/ 36 B
659 B 208ms
102ms XHR
text/plain 52.22.142.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.15.0/GenerateToken?msn=1&pid=50e62a96-8de0-49ba-adba-7c5b764f6b5a&_=419549564

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/d2fb0ec8-1e8c-a402-e4ac-9205fe98f622.js?snippet_version=2&callback=setUniversalLeadId

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.22.142.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-142-87.compute-1.amazonaws.com

Software

nginx /

Resource Hash

be077c6551c21c5c5ec4bc91079a1d2eb9da628d760c1d3ae030e47a6087a206

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://benefits-authority.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-max-age: 1728000
cache-control: no-cache, must-revalidate
content-encoding: gzip
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
date: Wed, 25 Sep 2024 01:15:41 GMT
content-type: text/plain;charset=UTF-8
server: nginx
access-control-allow-headers: X-Requested-With, Content-Type

GET
H2 200 fcm-v1-module.019781ec7a1c97363e85.bundle.js Show response
cdn.pushnami.com/js/modules/ 46 KB
15 KB 139ms
27ms Script
application/javascript 108.139.47.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pushnami.com/js/modules/fcm-v1-module.019781ec7a1c97363e85.bundle.js
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/662a836a473fc40013e65c89
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-63.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b41d7402cbdab32acba31cfdd479730c74b7527fa7c881b0486098bd1a895607

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://benefits-authority.com/

Response headers

vary: Accept-Encoding
content-encoding: gzip
x-amz-version-id: DKNNXfrKVNQFoskvuTtbaAOVbVs0JYVO
etag: W/"09467cbbdfbe0b4f7131476215348a19"
age: 2787
via: 1.1 043cf9310ff19c0e58a0b6e76877f570.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: qu7gbsMvXJPYDMslcjYC0xw6bRz99S1tLYSv4IGj97dCTELhFSEAPQ==
date: Wed, 25 Sep 2024 00:29:15 GMT
content-type: application/javascript
last-modified: Fri, 10 May 2024 21:23:38 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P1
x-amz-server-side-encryption: AES256

GET
H2 200 hub
api.pushnami.com/scripts/v1/ Frame 4B69 0
0 166ms
74ms Document
text/html 18.164.124.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pushnami.com/scripts/v1/hub

Requested by

Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/662a836a473fc40013e65c89

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.56 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-56.jfk50.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' *
X-Content-Security-Policy	default-src 'unsafe-inline' *

Request headers

Referer: https://benefits-authority.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-origin: *
age: 2366
cache-control: no-cache
content-encoding: gzip
content-security-policy: default-src 'unsafe-inline' *
content-type: text/html; charset=utf-8
date: Wed, 25 Sep 2024 00:36:15 GMT
vary: accept-encoding
via: 1.1 a4c7006ff62b5b4c16c58f54fdfeb656.cloudfront.net (CloudFront)
x-amz-cf-id: L2_M3BYI4qATlaewX-O2uEqmApM11wOAcpQmNEcJCHJtRYs48Cllcw==
x-amz-cf-pop: JFK50-P7
x-cache: Hit from cloudfront
x-content-security-policy: default-src 'unsafe-inline' *
x-webkit-csp: default-src 'unsafe-inline' *

POST
H2 200 track Show response
trc.pushnami.com/api/push/ 2 B
168 B 83ms
82ms Fetch
text/html 34.224.179.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/662a836a473fc40013e65c89
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.224.179.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-224-179-244.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

key: 662a836a473fc40013e65c89
Referer: https://benefits-authority.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept: application/json, text/plain, */*
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
access-control-expose-headers: WWW-Authenticate,Server-Authorization
content-length: 2
cache-control: no-cache
date: Wed, 25 Sep 2024 01:15:41 GMT
content-type: text/html; charset=utf-8

OPTIONS
H2 204 track
trc.pushnami.com/api/push/ Frame 0
0 159ms
39ms Preflight 34.224.179.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.224.179.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-224-179-244.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: key
Access-Control-Request-Method: POST
Origin: https://benefits-authority.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,key
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: WWW-Authenticate,Server-Authorization
access-control-max-age: 86400
cache-control: no-cache
date: Wed, 25 Sep 2024 01:15:41 GMT

GET
H/1.1 200
OK iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame 4F2C 0
0 192ms
36ms Document
text/html 18.164.115.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=B07AD6AE-9B0D-C166-B654-962094E4EC9B&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.15.0&lck=D2FB0EC8-1E8C-A402-E4AC-9205FE98F622&lac=4B1F5928-2127-08FA-4EA5-F0DB210F6AAE

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/d2fb0ec8-1e8c-a402-e4ac-9205fe98f622.js?snippet_version=2&callback=setUniversalLeadId

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.164.115.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-115-36.jfk50.r.cloudfront.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://benefits-authority.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Age: 45703
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Tue, 24 Sep 2024 12:33:59 GMT
Etag: W/"668f4bcd-dbb"
Last-Modified: Thu, 11 Jul 2024 03:04:45 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Via: 1.1 b260b0d4d2162fe305bab4403f7e668c.cloudfront.net (CloudFront)
X-Amz-Cf-Id: 7V8mlSwBrppm-sO5jOONRkm27hQhm7hecKRtMY0lYwUK7AOGQOJGXA==
X-Amz-Cf-Pop: JFK50-P6
X-Cache: Hit from cloudfront

POST
H2 200 SaveDom Show response
create.leadid.com/2.15.0/ 0
622 B 33ms
32ms XHR
text/plain 52.22.142.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.15.0/SaveDom?msn=2&pid=50e62a96-8de0-49ba-adba-7c5b764f6b5a&token=B07AD6AE-9B0D-C166-B654-962094E4EC9B&_=419549565

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/d2fb0ec8-1e8c-a402-e4ac-9205fe98f622.js?snippet_version=2&callback=setUniversalLeadId

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.22.142.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-142-87.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://benefits-authority.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-max-age: 1728000
cache-control: no-cache, must-revalidate
content-encoding: gzip
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
date: Wed, 25 Sep 2024 01:15:41 GMT
content-type: text/plain;charset=UTF-8
server: nginx
access-control-allow-headers: X-Requested-With, Content-Type

POST
H2 200 InitFormData Show response
create.leadid.com/2.15.0/ 0
622 B 74ms
73ms XHR
text/plain 52.22.142.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.15.0/InitFormData?msn=3&pid=50e62a96-8de0-49ba-adba-7c5b764f6b5a&token=B07AD6AE-9B0D-C166-B654-962094E4EC9B&_=419549566

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/d2fb0ec8-1e8c-a402-e4ac-9205fe98f622.js?snippet_version=2&callback=setUniversalLeadId

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.22.142.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-142-87.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://benefits-authority.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-max-age: 1728000
cache-control: no-cache, must-revalidate
content-encoding: gzip
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
date: Wed, 25 Sep 2024 01:15:41 GMT
content-type: text/plain;charset=UTF-8
server: nginx
access-control-allow-headers: X-Requested-With, Content-Type

GET
H2 200 psfpv4_client_1.128.0_e69807988e393582df7e4f36997f32ce191eefb9bae310a2b10e144b1d3638f9.js Show response
cdn.pushnami.com/js/exp/ 333 KB
334 KB 29ms
29ms Script
application/javascript 108.139.47.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pushnami.com/js/exp/psfpv4_client_1.128.0_e69807988e393582df7e4f36997f32ce191eefb9bae310a2b10e144b1d3638f9.js
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/662a836a473fc40013e65c89
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-63.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e69807988e393582df7e4f36997f32ce191eefb9bae310a2b10e144b1d3638f9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://benefits-authority.com/

Response headers

content-encoding: utf-8
x-amz-version-id: iJVtw0MDnvg5Vkf9zg8GHQyDY6vN4ZdU
etag: "4b9f77845d59f14274d2b8d4b1112ca4"
age: 2791
via: 1.1 043cf9310ff19c0e58a0b6e76877f570.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 340965
x-amz-cf-id: 2KWcq3G4MPsobtZQlHjKW24Em1iu1nJDah7d6WJXyFvS6-ueL6K1JQ==
date: Wed, 25 Sep 2024 00:29:11 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 12 Aug 2024 17:22:56 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P1
x-amz-server-side-encryption: AES256

POST
H2 200 Snap Show response
create.leadid.com/2.15.0/ 0
622 B 299ms
88ms XHR
text/plain 52.22.142.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.15.0/Snap?msn=4&pid=50e62a96-8de0-49ba-adba-7c5b764f6b5a&token=B07AD6AE-9B0D-C166-B654-962094E4EC9B&_=419549567

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/d2fb0ec8-1e8c-a402-e4ac-9205fe98f622.js?snippet_version=2&callback=setUniversalLeadId

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.22.142.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-142-87.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://benefits-authority.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-max-age: 1728000
cache-control: no-cache, must-revalidate
content-encoding: gzip
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
date: Wed, 25 Sep 2024 01:15:42 GMT
content-type: text/plain;charset=UTF-8
server: nginx
access-control-allow-headers: X-Requested-With, Content-Type

POST
H2 201 data Show response
psp.pushnami.com/psfp/ 27 B
187 B 29ms
27ms Fetch
application/json 107.21.171.98
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/psfp/data
Requested by: Host: cdn.pushnami.com
URL: https://cdn.pushnami.com/js/exp/psfpv4_client_1.128.0_e69807988e393582df7e4f36997f32ce191eefb9bae310a2b10e144b1d3638f9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.21.171.98 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-21-171-98.compute-1.amazonaws.com
Software: / Express
Resource Hash: 872f35c442fb45b92953ee6dc5f980717f993d018097ccc0b289ae206b7b129c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/octet-stream
Referer: https://benefits-authority.com/

Response headers

access-control-allow-origin: *
content-length: 27
date: Wed, 25 Sep 2024 01:15:43 GMT
etag: W/"1b-D4PNCIGKzvn9yhfD0QiKW4O6wuQ"
content-type: application/json; charset=utf-8
x-powered-by: Express

OPTIONS
H2 204 data
psp.pushnami.com/psfp/ Frame 0
0 289ms
78ms Preflight 107.21.171.98
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/psfp/data
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.21.171.98 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-21-171-98.compute-1.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://benefits-authority.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Wed, 25 Sep 2024 01:15:43 GMT
vary: Access-Control-Request-Headers
x-powered-by: Express

POST
H2 200 track Show response
trc.pushnami.com/api/push/ 2 B
168 B 71ms
70ms Fetch
text/html 34.224.179.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/662a836a473fc40013e65c89
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.224.179.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-224-179-244.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

key: 662a836a473fc40013e65c89
Referer: https://benefits-authority.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept: application/json, text/plain, */*
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
access-control-expose-headers: WWW-Authenticate,Server-Authorization
content-length: 2
cache-control: no-cache
date: Wed, 25 Sep 2024 01:15:43 GMT
content-type: text/html; charset=utf-8

OPTIONS
H2 204 psp
psp.pushnami.com/api/ Frame 0
0 40ms
40ms Preflight 107.21.171.98
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.21.171.98 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-21-171-98.compute-1.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: key
Access-Control-Request-Method: POST
Origin: https://benefits-authority.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: key
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Wed, 25 Sep 2024 01:15:43 GMT
vary: Access-Control-Request-Headers
x-powered-by: Express

POST psp
psp.pushnami.com/api/ 0
0

POST
H2 200 Snap Show response
create.leadid.com/2.15.0/ 0
622 B 101ms
73ms XHR
text/plain 52.22.142.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.15.0/Snap?msn=5&pid=50e62a96-8de0-49ba-adba-7c5b764f6b5a&token=B07AD6AE-9B0D-C166-B654-962094E4EC9B&_=419549568

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/d2fb0ec8-1e8c-a402-e4ac-9205fe98f622.js?snippet_version=2&callback=setUniversalLeadId

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.22.142.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-142-87.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://benefits-authority.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-max-age: 1728000
cache-control: no-cache, must-revalidate
content-encoding: gzip
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
date: Wed, 25 Sep 2024 01:15:43 GMT
content-type: text/plain;charset=UTF-8
server: nginx
access-control-allow-headers: X-Requested-With, Content-Type

POST
H2 200 track Show response
trc.pushnami.com/api/push/ 2 B
168 B 78ms
76ms Fetch
text/html 34.224.179.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/662a836a473fc40013e65c89
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.224.179.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-224-179-244.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

key: 662a836a473fc40013e65c89
Referer: https://benefits-authority.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept: application/json, text/plain, */*
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
access-control-expose-headers: WWW-Authenticate,Server-Authorization
content-length: 2
cache-control: no-cache
date: Wed, 25 Sep 2024 01:15:44 GMT
content-type: text/html; charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: psp.pushnami.com
URL: https://psp.pushnami.com/api/psp

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
systemtestsupport.com/	1970-01-21 00:30:18	Name: uid45 Value: 1432825020-20240924211537-c4ddde63d8f4a49accada01c83bce12e-
1ibeg.suggestedspins.com/	1970-01-20 23:47:14	Name: yredir_session Value: eyJpdiI6ImVXdW1RdjhkVHByZmI0TGNPazdWV2c9PSIsInZhbHVlIjoiQ085cElKOWlkWlhsUmYzV0JQaXBieGh4L3VFcS9FSGV2WUQyd3g1Wk40Nm8yOHZxd0RTSUxKUnBGM1pweG5JRXpCUmxhaG95d0o3ekhiS3J3ZjFnT2F6MVgxMjRsSmZGeGZaMGRobmpTZFE5dmg3ZTZJbUZpdWZKNWxWUUErMmYiLCJtYWMiOiIyZjcwOGQ5MjYwMWFkNzc2NGU1ZjdkYzQzZmUyYTc5MmNhMGQ1NGUyZDcyYTUwYzg0MzdhOGVmMTY1NjgxMmM5IiwidGFnIjoiIn0%3D
1ibeg.spinningfastloop.com/	1970-01-20 23:47:14	Name: yredir_session Value: eyJpdiI6Ino1UEFyekNZQkR4S3FVWkhsRTBQbmc9PSIsInZhbHVlIjoiQ0pNL0pQOFBWcW9DRCszOGlKVDltdjd1Mi9zd0RYVDQvUFJ3MFdiMm8yOUF6VkFneldNTzNWSG1WMU1FcHZpT2VFRGhrbmtjT0krV2VrdlIyeVRNdzJCQXZyUE05NnNJalFzOThaZmZVbW44d2ZzeEVkdnJwUjNDYmJwVTRPTEkiLCJtYWMiOiI0MTU2MGU5YjRiNGZlY2NiYTgzZjhjMjY5NjI0ZmU4YmNlNDQzMjkyODViZTM3NzZmNDE4YTAwODljMmNjNGIxIiwidGFnIjoiIn0%3D
www.dpvyw6trk.com/	1970-01-21 00:30:18	Name: uniqueClick_QT9RR8R Value: 89c94263-b056-4e24-9f30-2dd6793402ca:1727226939
www.dpvyw6trk.com/	1970-01-21 01:56:42	Name: transaction_id Value: 4e6a1cadbdf34d478caeacd6bf76a8c9
afflat3d3.com/	1970-01-21 01:13:16	Name: mb_26996_SS Value: AF=574293&AC=1601417686&CS=1601991979
afflat3d3.com/	1970-01-21 09:23:06	Name: I_SS Value: 1601417686
afflat3d3.com/	1970-01-21 09:23:06	Name: I Value: 1601417686
afflat3d3.com/	1970-01-21 01:12:18	Name: mb%5F26996 Value: AC=1601417686&CS=1601991979&AF=574293
afflat3d3.com/	1969-12-31 23:59:59	Name: ASPSESSIONIDQGBSRCCS Value: PJCNDBLBCCEEHCIMGDLCBICB
benefits-authority.com/	1970-01-21 09:23:06	Name: mbi Value: 1601417686
benefits-authority.com/	1970-01-21 09:23:06	Name: avtc Value: ca635c3f7b92cf2ad66799db8638d28b
benefits-authority.com/	1970-01-21 09:23:06	Name: avtset Value: 22-192
benefits-authority.com/	1969-12-31 23:59:59	Name: leadid_token-4B1F5928-2127-08FA-4EA5-F0DB210F6AAE-D2FB0EC8-1E8C-A402-E4AC-9205FE98F622 Value: B07AD6AE-9B0D-C166-B654-962094E4EC9B
.trueleadid.com/	1970-01-21 08:31:47	Name: visid_incap_3051494 Value: ujlGDDVRROOEKus7+YU5rD5k82YAAAAAQUIPAAAAAADiuWvvRVRqkBFB83+sqfzC
.trueleadid.com/	1969-12-31 23:59:59	Name: nlbi_3051494 Value: yBNoM0cuVSvLwnecC30iGwAAAAApymUo8uk0lM5dSJXmrDZY
.trueleadid.com/	1969-12-31 23:59:59	Name: incap_ses_1842_3051494 Value: 8wcVeyu9wSliv6WJbhmQGT5k82YAAAAAx0jTmFZKwLOGL4WouXAt/g==
.deviceid.trueleadid.com/	1970-01-21 09:23:06	Name: uuid Value: 59ec52146d6c48009c19b533da2ed365

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://benefits-authority.com/?mbi=1601417686# Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1ibeg.spinningfastloop.com
1ibeg.suggestedspins.com
afflat3d3.com
api.pushnami.com
av-api.com
benefits-authority.com
cdn.pushnami.com
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
i.imgur.com
omrexchtest.omr.state.ny.us
psp.pushnami.com
systemtestsupport.com
trc.pushnami.com
www.dpvyw6trk.com
psp.pushnami.com
107.21.171.98
108.139.47.63
18.164.115.36
18.164.124.56
199.232.196.193
205.251.138.98
2606:4700:10::6816:27b6
34.224.179.244
35.190.6.55
45.147.195.6
52.22.142.87
69.172.200.185
69.172.201.115
91.234.34.44
008bf334cdba91db068acb7f3756e756a356b4ddb4832486f2b10c1b27e7cdce
14b075d2831615d4fb62e8b8271b62ed622ba8d36e51797d6df9ebbc95f96b58
21eda6e217f4d20a4249b05fd1ed77728d2bbedee295552202e5f9824c191b47
3d10f7da6c603178340081668c4ac5b3ae9743ca9a262ab0fcd312fbb9f48bdd
42f373b869a5f0a9438bac0f1866aad195a0ec3cf9be60a7036955499e5620a9
4b10ba9cbef05a78cee2d4a7929ca17601e5a548950222485a0d3210b843d74e
5051e2fb2fe91fdd7d5b32f1881c16a58b4dbd92a17a46c86d9d0bea5cb3e0b0
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5f1adb90a1acc45fd824b3a042617a48228fde56c778b5c4d7d9f0c3275dfc79
872f35c442fb45b92953ee6dc5f980717f993d018097ccc0b289ae206b7b129c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b41d7402cbdab32acba31cfdd479730c74b7527fa7c881b0486098bd1a895607
be077c6551c21c5c5ec4bc91079a1d2eb9da628d760c1d3ae030e47a6087a206
c02cb664f7b0323b2d7a5a5b4766f58466c22b62361a62b95b0471cc8330c5a6
dd30f9294822c6d5c32e8fc4e4de069194ad4b9ca958d9f9265d321fc4aa3e44
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e69807988e393582df7e4f36997f32ce191eefb9bae310a2b10e144b1d3638f9
f99e785b0abda784b68fcf4840fbe98909760620f12002087f1af4b874971333

benefits-authority.com Open in urlscan Pro 69.172.201.115 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

31 Requests

97 %HTTPS

7 %IPv6

13 Domains

16 Subdomains

12 IPs

4 Countries

1412 kBTransfer

2861 kBSize

18 Cookies

0 Outgoing links

Page URL History

Redirected requests

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

benefits-authority.com Open in urlscan Pro
69.172.201.115 Public Scan

Screenshot
Live screenshot

Full Image

31
Requests

97 %
HTTPS

7 %
IPv6

13
Domains

16
Subdomains

12
IPs

4
Countries

1412 kB
Transfer

2861 kB
Size

18
Cookies

31 HTTP transactions
0 data transactions