benefits-authority.com Open in urlscan Pro
69.172.201.115 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://wapsir.com/?utm_source=30690&utm_campaign=c&utm_term=220590054_162200_547959
Effective URL:
https://benefits-authority.com/?mbi=1623654444
Submission: On October 25 via api (October 25th 2024, 2:42:36 pm UTC) from US — Scanned from US

Summary HTTP 30 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 4 countries across 13 domains to perform 30 HTTP transactions. The main IP is 69.172.201.115, located in Canada and belongs to DOSARREST, US. The main domain is benefits-authority.com.
TLS certificate: Issued by R11 on September 23rd 2024. Valid for: 3 months.

This is the only time benefits-authority.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	47.254.155.143 47.254.155.143	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
1	5.252.54.124 5.252.54.124	40021 (NL-811-40021) (NL-811-40021)
2 2	45.147.195.16 45.147.195.16	49392 (ASBAXETN) (ASBAXETN)
1 1	35.190.6.55 35.190.6.55	15169 (GOOGLE) (GOOGLE)
1 3	69.172.200.185 69.172.200.185	19324 (DOSARREST) (DOSARREST)
7	69.172.201.115 69.172.201.115	19324 (DOSARREST) (DOSARREST)
1	199.232.192.193 199.232.192.193	54113 (FASTLY) (FASTLY)
1	2606:4700:10:... 2606:4700:10::6816:27b6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.167.69.3 3.167.69.3	16509 (AMAZON-02) (AMAZON-02)
6	35.170.7.56 35.170.7.56	14618 (AMAZON-AES) (AMAZON-AES)
2	3.167.69.65 3.167.69.65	16509 (AMAZON-02) (AMAZON-02)
1	3.167.69.53 3.167.69.53	16509 (AMAZON-02) (AMAZON-02)
3	3.213.135.2 3.213.135.2	14618 (AMAZON-AES) (AMAZON-AES)
1	99.86.227.24 99.86.227.24	16509 (AMAZON-02) (AMAZON-02)
4	3.213.207.248 3.213.207.248	14618 (AMAZON-AES) (AMAZON-AES)
30	12

1 47.254.155.143 (Frankfurt am Main, Germany) 1 redirects

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

wapsir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.252.54.124 (Germany)

ASN40021 (NL-811-40021, US)
PTR: vmi1861642.contaboserver.net

eireires.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.147.195.16 (Moscow, Russian Federation) 2 redirects

ASN49392 (ASBAXETN, RU)
PTR: overcharge15.professionerinpick.com

rinpc.firstfitload.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rinpc.receivegained.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.6.55 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 55.6.190.35.bc.googleusercontent.com

www.dpvyw6trk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.172.200.185 (Canada) 1 redirects

ASN19324 (DOSARREST, US)
PTR: maxbounty.com

afflat3d3.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
av-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 69.172.201.115 (Canada)

ASN19324 (DOSARREST, US)

benefits-authority.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.192.193 (United States)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:27b6 (United States)

ASN13335 (CLOUDFLARENET, US)

create.lidstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.167.69.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-167-69-3.iad61.r.cloudfront.net

api.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.170.7.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-170-7-56.compute-1.amazonaws.com

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.167.69.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-167-69-65.iad61.r.cloudfront.net

cdn.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.167.69.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-167-69-53.iad61.r.cloudfront.net

api.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.213.135.2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-135-2.compute-1.amazonaws.com

trc.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.227.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-227-24.iad79.r.cloudfront.net

d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.213.207.248 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-207-248.compute-1.amazonaws.com

psp.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	pushnami.com api.pushnami.com — Cisco Umbrella Rank: 9642 cdn.pushnami.com — Cisco Umbrella Rank: 16416 trc.pushnami.com — Cisco Umbrella Rank: 10338 psp.pushnami.com — Cisco Umbrella Rank: 22665	369 KB
7	benefits-authority.com benefits-authority.com	549 KB
6	leadid.com create.leadid.com — Cisco Umbrella Rank: 14045	4 KB
2	av-api.com av-api.com	40 KB
1	cloudfront.net d2m2wsoho8qq12.cloudfront.net
1	lidstatic.com create.lidstatic.com — Cisco Umbrella Rank: 22294	39 KB
1	imgur.com i.imgur.com — Cisco Umbrella Rank: 8556	411 KB
1	afflat3d3.com 1 redirects afflat3d3.com	839 B
1	dpvyw6trk.com 1 redirects www.dpvyw6trk.com	713 B
1	receivegained.com 1 redirects rinpc.receivegained.com	970 B
1	firstfitload.com 1 redirects rinpc.firstfitload.com	993 B
1	eireires.club eireires.club	396 B
1	wapsir.com 1 redirects wapsir.com	383 B
30	13

	Domain	Requested by
7	benefits-authority.com	eireires.club benefits-authority.com
6	create.leadid.com	create.lidstatic.com
4	psp.pushnami.com	cdn.pushnami.com api.pushnami.com
3	trc.pushnami.com	api.pushnami.com
2	cdn.pushnami.com	api.pushnami.com
2	api.pushnami.com	benefits-authority.com api.pushnami.com
2	av-api.com	benefits-authority.com
1	d2m2wsoho8qq12.cloudfront.net	create.lidstatic.com
1	create.lidstatic.com	benefits-authority.com
1	i.imgur.com
1	afflat3d3.com	1 redirects
1	www.dpvyw6trk.com	1 redirects
1	rinpc.receivegained.com	1 redirects
1	rinpc.firstfitload.com	1 redirects
1	eireires.club
1	wapsir.com	1 redirects
30	16

This site contains no links.

Subject Issuer	Validity	Valid
eireires.club R11	`2024-10-03` - `2025-01-01`	3 months	crt.sh
championautoinsurance.com R11	`2024-09-23` - `2024-12-22`	3 months	crt.sh
av-api.com R11	`2024-10-17` - `2025-01-15`	3 months	crt.sh
*.imgur.com Sectigo RSA Domain Validation Secure Server CA	`2024-02-15` - `2025-02-14`	a year	crt.sh
lidstatic.com E6	`2024-09-20` - `2024-12-19`	3 months	crt.sh
*.pushnami.com Amazon RSA 2048 M02	`2024-02-03` - `2025-03-03`	a year	crt.sh
create.leadid.com Amazon RSA 2048 M03	`2024-07-20` - `2025-08-18`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://benefits-authority.com/?mbi=1623654444
Frame ID: AB2CA8B33941B6C8476D60B89DA5DD14
Requests: 25 HTTP requests in this frame

Frame: https://api.pushnami.com/scripts/v1/hub
Frame ID: 1E00978F820BD35E29492736AE2E0C82
Requests: 1 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=FE4BF683-D3D9-4964-9E4C-2EFC5A530901&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.15.1&lck=D2FB0EC8-1E8C-A402-E4AC-9205FE98F622&lac=4B1F5928-2127-08FA-4EA5-F0DB210F6AAE
Frame ID: 0FAFD6404BDEB60FE34A096A010B290F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Benefits Authority 2

Page URL History Show full URLs

http://wapsir.com/?utm_source=30690&utm_campaign=c&utm_term=220590054_162200_547959 HTTP 307
https://wapsir.com/?utm_source=30690&utm_campaign=c&utm_term=220590054_162200_547959 HTTP 302
https://eireires.club/ff66532a4818009800/118/30690_0_11/220590054_162200_547959 Page URL
https://rinpc.firstfitload.com/?kw=471129&s1=1496600571 HTTP 302
https://rinpc.receivegained.com/o/Z4LLRNST/568ffce6-92df-11ef-972c-2db46efcf6db/56982cd6-92df-11ef-95ec-595c... HTTP 302
https://www.dpvyw6trk.com/7P4RRF/QT9RR8R/?sub1=49272&sub2=5771782e-92df-11ef-bb0c-59cad0d94d42& HTTP 302
https://afflat3d3.com/lnk.asp?o=26996&c=918271&a=574293&k=8E60CC8BC6A39DC220372315C4F7B695&l=28846... HTTP 302
https://benefits-authority.com/?mbi=1623654444 Page URL

Detected technologies

Pushnami (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

api\.pushnami\.com

Page Statistics

30
Requests

100 %
HTTPS

7 %
IPv6

13
Domains

16
Subdomains

12
IPs

4
Countries

1412 kB
Transfer

2862 kB
Size

18
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://wapsir.com/?utm_source=30690&utm_campaign=c&utm_term=220590054_162200_547959 HTTP 307
https://wapsir.com/?utm_source=30690&utm_campaign=c&utm_term=220590054_162200_547959 HTTP 302
https://eireires.club/ff66532a4818009800/118/30690_0_11/220590054_162200_547959 Page URL
https://rinpc.firstfitload.com/?kw=471129&s1=1496600571 HTTP 302
https://rinpc.receivegained.com/o/Z4LLRNST/568ffce6-92df-11ef-972c-2db46efcf6db/56982cd6-92df-11ef-95ec-595c56c6bab6 HTTP 302
https://www.dpvyw6trk.com/7P4RRF/QT9RR8R/?sub1=49272&sub2=5771782e-92df-11ef-bb0c-59cad0d94d42& HTTP 302
https://afflat3d3.com/lnk.asp?o=26996&c=918271&a=574293&k=8E60CC8BC6A39DC220372315C4F7B695&l=28846&s1=148&s2=d13f40d220f3456f95a69a19c8c47d56 HTTP 302
https://benefits-authority.com/?mbi=1623654444 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://wapsir.com/?utm_source=30690&utm_campaign=c&utm_term=220590054_162200_547959 HTTP 307
https://wapsir.com/?utm_source=30690&utm_campaign=c&utm_term=220590054_162200_547959 HTTP 302
https://eireires.club/ff66532a4818009800/118/30690_0_11/220590054_162200_547959

30 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

220590054_162200_547959 Show response
eireires.club/ff66532a4818009800/118/30690_0_11/
Redirect Chain

http://wapsir.com/?utm_source=30690&utm_campaign=c&utm_term=220590054_162200_547959
https://wapsir.com/?utm_source=30690&utm_campaign=c&utm_term=220590054_162200_547959
https://eireires.club/ff66532a4818009800/118/30690_0_11/220590054_162200_547959

118 B
396 B

1027ms
237ms

Document
text/html

5.252.54.124
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL: https://eireires.club/ff66532a4818009800/118/30690_0_11/220590054_162200_547959
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.252.54.124 , Germany, ASN40021 (NL-811-40021, US),
Reverse DNS: vmi1861642.contaboserver.net
Software: nginx/1.12.2 /
Resource Hash: 0adcd085dadaa55d1e5b1843fda9224bc67426fbe65e13721829e9e8e687af99

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 25 Oct 2024 14:42:18 GMT
server: nginx/1.12.2
vary: Accept-Encoding

Redirect headers

Access-Control-Allow-Origin: *
Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Fri, 25 Oct 2024 14:42:16 GMT
Keep-Alive: timeout=5, max=100
Server: Apache/2.4.37 (Alibaba Cloud Linux) OpenSSL/1.1.1k
X-Powered-By: PHP/7.4.33
location: https://eireires.club/ff66532a4818009800/118/30690_0_11/220590054_162200_547959

GET
H/1.1

200
OK

Primary Request / Show response
benefits-authority.com/
Redirect Chain

https://rinpc.firstfitload.com/?kw=471129&s1=1496600571
https://rinpc.receivegained.com/o/Z4LLRNST/568ffce6-92df-11ef-972c-2db46efcf6db/56982cd6-92df-11ef-95ec-595c56c6bab6
https://www.dpvyw6trk.com/7P4RRF/QT9RR8R/?sub1=49272&sub2=5771782e-92df-11ef-bb0c-59cad0d94d42&
https://afflat3d3.com/lnk.asp?o=26996&c=918271&a=574293&k=8E60CC8BC6A39DC220372315C4F7B695&l=28846&s1=148&s2=d13f40d220f3456f95a69a19c8c47d56
https://benefits-authority.com/?mbi=1623654444

3 KB
2 KB

614ms
140ms

Document
text/html

69.172.201.115
DOSARREST

General

Check archive.org

Show headers Download Go to

Full URL

https://benefits-authority.com/?mbi=1623654444

Requested by

Host: eireires.club
URL: https://eireires.club/ff66532a4818009800/118/30690_0_11/220590054_162200_547959

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.172.201.115 , Canada, ASN19324 (DOSARREST, US),

Reverse DNS

Software

nginx/1.20.2 / ASP.NET

Resource Hash

5051e2fb2fe91fdd7d5b32f1881c16a58b4dbd92a17a46c86d9d0bea5cb3e0b0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://eireires.club/ff66532a4818009800/118/30690_0_11/220590054_162200_547959
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1470
Content-Type: text/html
Date: Fri, 25 Oct 2024 14:42:22 GMT
ETag: "095ed8b90b6da1:0"
Keep-Alive: timeout=20
Last-Modified: Tue, 04 Jun 2024 15:04:50 GMT
Server: nginx/1.20.2
Vary: Accept-Encoding
X-DIS-Request-ID: 6dfb23f30c2afea8cd91529d923937a2
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET

Redirect headers

Cache-Control: private
Connection: keep-alive
Content-Length: 166
Content-Type: text/html
Date: Fri, 25 Oct 2024 14:42:22 GMT
Keep-Alive: timeout=20
Location: https://benefits-authority.com?mbi=1623654444
Server: nginx/1.20.2
X-DIS-Request-ID: 721fcda525fdf99825bcd6136159b56b
X-Powered-By: ASP.NET

GET
H/1.1 200
OK 2.9a56c832.chunk.css
benefits-authority.com/static/css/ 186 KB
48 KB 82ms
79ms Stylesheet
text/css 69.172.201.115
DOSARREST

General

Check archive.org

Show headers Download Go to

Full URL

https://benefits-authority.com/static/css/2.9a56c832.chunk.css

Requested by

Host: benefits-authority.com
URL: https://benefits-authority.com/?mbi=1623654444

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.172.201.115 , Canada, ASN19324 (DOSARREST, US),

Reverse DNS

Software

nginx/1.20.2 / ASP.NET

Resource Hash

14b075d2831615d4fb62e8b8271b62ed622ba8d36e51797d6df9ebbc95f96b58

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://benefits-authority.com/?mbi=1623654444

Response headers

X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET
Content-Encoding: gzip
ETag: "095ed8b90b6da1:0"
Connection: keep-alive
X-DIS-Request-ID: aa5f5b29f10859347173c589168cc785
Accept-Ranges: bytes
Content-Length: 48500
Keep-Alive: timeout=20
Date: Fri, 25 Oct 2024 14:42:23 GMT
Content-Type: text/css
Last-Modified: Tue, 04 Jun 2024 15:04:50 GMT
Server: nginx/1.20.2
Vary: Accept-Encoding

GET
H/1.1 200
OK main.53dbd380.chunk.css
benefits-authority.com/static/css/ 5 KB
2 KB 135ms
45ms Stylesheet
text/css 69.172.201.115
DOSARREST

General

Check archive.org

Show headers Download Go to

Full URL

https://benefits-authority.com/static/css/main.53dbd380.chunk.css

Requested by

Host: benefits-authority.com
URL: https://benefits-authority.com/?mbi=1623654444

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.172.201.115 , Canada, ASN19324 (DOSARREST, US),

Reverse DNS

Software

nginx/1.20.2 / ASP.NET

Resource Hash

42f373b869a5f0a9438bac0f1866aad195a0ec3cf9be60a7036955499e5620a9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://benefits-authority.com/?mbi=1623654444

Response headers

X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET
Content-Encoding: gzip
ETag: "095ed8b90b6da1:0"
Connection: keep-alive
X-DIS-Request-ID: b987e9ab3082608584a816c8de09bd48
Accept-Ranges: bytes
Content-Length: 1634
Keep-Alive: timeout=20
Date: Fri, 25 Oct 2024 14:42:23 GMT
Content-Type: text/css
Last-Modified: Tue, 04 Jun 2024 15:04:50 GMT
Server: nginx/1.20.2
Vary: Accept-Encoding

GET
H/1.1 200
OK 2.12dd23d0.chunk.js Show response
benefits-authority.com/static/js/ 1 MB
475 KB 152ms
62ms Script
application/javascript 69.172.201.115
DOSARREST

General

Check archive.org

Show headers Download Go to

Full URL

https://benefits-authority.com/static/js/2.12dd23d0.chunk.js

Requested by

Host: benefits-authority.com
URL: https://benefits-authority.com/?mbi=1623654444

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.172.201.115 , Canada, ASN19324 (DOSARREST, US),

Reverse DNS

Software

nginx/1.20.2 / ASP.NET

Resource Hash

dd30f9294822c6d5c32e8fc4e4de069194ad4b9ca958d9f9265d321fc4aa3e44

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://benefits-authority.com/?mbi=1623654444

Response headers

X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET
Content-Encoding: gzip
ETag: "095ed8b90b6da1:0"
Connection: keep-alive
X-DIS-Request-ID: 122f3e131c4779babdfeb503db5c5a78
Accept-Ranges: bytes
Content-Length: 486259
Keep-Alive: timeout=20
Date: Fri, 25 Oct 2024 14:42:23 GMT
Content-Type: application/javascript
Last-Modified: Tue, 04 Jun 2024 15:04:50 GMT
Server: nginx/1.20.2
Vary: Accept-Encoding

GET
H/1.1 200
OK main.37287f54.chunk.js Show response
benefits-authority.com/static/js/ 93 KB
18 KB 224ms
123ms Script
application/javascript 69.172.201.115
DOSARREST

General

Check archive.org

Show headers Download Go to

Full URL

https://benefits-authority.com/static/js/main.37287f54.chunk.js

Requested by

Host: benefits-authority.com
URL: https://benefits-authority.com/?mbi=1623654444

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.172.201.115 , Canada, ASN19324 (DOSARREST, US),

Reverse DNS

Software

nginx/1.20.2 / ASP.NET

Resource Hash

c02cb664f7b0323b2d7a5a5b4766f58466c22b62361a62b95b0471cc8330c5a6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://benefits-authority.com/?mbi=1623654444

Response headers

X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET
Content-Encoding: gzip
ETag: "095ed8b90b6da1:0"
Connection: keep-alive
X-DIS-Request-ID: 98cedc3dbc983be82c4b7193b4008941
Accept-Ranges: bytes
Content-Length: 18007
Keep-Alive: timeout=20
Date: Fri, 25 Oct 2024 14:42:23 GMT
Content-Type: application/javascript
Last-Modified: Tue, 04 Jun 2024 15:04:50 GMT
Server: nginx/1.20.2
Vary: Accept-Encoding

GET
H/1.1 200
OK 90d10bbd2450b03bcdde513438057cd0 Show response
av-api.com/property/13/0/ 165 KB
32 KB 1014ms
643ms Fetch
application/json 69.172.200.185
DOSARREST

General

Check archive.org

Show headers Download Go to

Full URL: https://av-api.com/property/13/0/90d10bbd2450b03bcdde513438057cd0?mbi=1623654444
Requested by: Host: benefits-authority.com
URL: https://benefits-authority.com/static/js/main.37287f54.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.172.200.185 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS: maxbounty.com
Software: nginx/1.20.2 / Express, ASP.NET
Resource Hash: 2b2f4bd82146b247a795d5988d00c5d0bbbbbcdde1c8455fdba232bfdd7590f7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://benefits-authority.com/

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
ETag: W/"293c9-nW3w2l3kYCyJwz1TRCpaaDlI+3o"
Connection: keep-alive
Access-Control-Allow-Credentials: true
X-DIS-Request-ID: feaf59bf75bc8055fe674dfa286e9ba8
Access-Control-Allow-Origin: https://benefits-authority.com
Keep-Alive: timeout=20
Date: Fri, 25 Oct 2024 14:42:24 GMT
Content-Type: application/json; charset=utf-8
Vary: Origin
Server: nginx/1.20.2
X-Powered-By: Express, ASP.NET

GET
H/1.1 200
OK favicon.ico
benefits-authority.com/ 4 KB
4 KB 32ms
32ms Other
image/x-icon 69.172.201.115
DOSARREST

General

Check archive.org

Show headers Download Go to

Full URL

https://benefits-authority.com/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.172.201.115 , Canada, ASN19324 (DOSARREST, US),

Reverse DNS

Software

nginx/1.20.2 / ASP.NET

Resource Hash

3d10f7da6c603178340081668c4ac5b3ae9743ca9a262ab0fcd312fbb9f48bdd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://benefits-authority.com/?mbi=1623654444

Response headers

X-Frame-Options: SAMEORIGIN
ETag: "25e9dfe3d35dda1:0"
Connection: keep-alive
X-DIS-Request-ID: 9d790fa24f2f86162f4ae43690f1997d
Accept-Ranges: bytes
Content-Length: 3870
Keep-Alive: timeout=20
Date: Fri, 25 Oct 2024 14:42:23 GMT
Content-Type: image/x-icon
Last-Modified: Mon, 12 Feb 2024 16:52:40 GMT
Server: nginx/1.20.2
X-Powered-By: ASP.NET

GET
H/1.1 200
OK logo
av-api.com/cdn/image/site/22/ 7 KB
8 KB 159ms
59ms Image
image/png 69.172.200.185
DOSARREST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://av-api.com/cdn/image/site/22/logo
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.172.200.185 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS: maxbounty.com
Software: nginx/1.20.2 / Express, ASP.NET
Resource Hash: 5f1adb90a1acc45fd824b3a042617a48228fde56c778b5c4d7d9f0c3275dfc79

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://benefits-authority.com
Referer: https://benefits-authority.com/

Response headers

Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
X-DIS-Request-ID: bb5c0ccbaef66c04a03e8102d392a2eb
Access-Control-Allow-Origin: https://benefits-authority.com
Keep-Alive: timeout=20
Date: Fri, 25 Oct 2024 14:42:24 GMT
Vary: Origin
Server: nginx/1.20.2
X-Powered-By: Express, ASP.NET

GET
H2 200 JgfDBX6.png
i.imgur.com/ 410 KB
411 KB 134ms
38ms Image
image/png 199.232.192.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/JgfDBX6.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.192.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

f99e785b0abda784b68fcf4840fbe98909760620f12002087f1af4b874971333

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://benefits-authority.com/

Response headers

etag: "7cc39a0991db31903bf8adc7fdbedbee"
age: 3311636
access-control-allow-methods: GET, OPTIONS
x-content-type-options: nosniff
x-cache: Miss from cloudfront, HIT, HIT
x-amz-cf-id: u-ejUqw-CLgwu1MFuWsle22RELUDKlRtquniQvj31HZtGC7rFApm4Q==
date: Fri, 25 Oct 2024 14:42:24 GMT
content-type: image/png
last-modified: Tue, 04 Jun 2024 20:04:06 GMT
x-cache-hits: 1439, 0
x-served-by: cache-iad-kjyo7100044-IAD, cache-ewr-kewr1740064-EWR
strict-transport-security: max-age=300
cache-control: public, max-age=31536000
x-timer: S1729867345.520723,VS0,VE2
accept-ranges: bytes
access-control-allow-origin: *
content-length: 420303
x-amz-cf-pop: MIA3-P1
server: cat factory 1.0
x-amz-server-side-encryption: AES256

GET
H2 200 d2fb0ec8-1e8c-a402-e4ac-9205fe98f622.js Show response
create.lidstatic.com/campaign/ 121 KB
39 KB 181ms
63ms Script
text/javascript 2606:4700:10::6816:27b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://create.lidstatic.com/campaign/d2fb0ec8-1e8c-a402-e4ac-9205fe98f622.js?snippet_version=2&callback=setUniversalLeadId
Requested by: Host: benefits-authority.com
URL: https://benefits-authority.com/static/js/main.37287f54.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:27b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13fc38908f98b8ccbf47d9c72e37e644107d5e60c8f89db9909afadfe325cc94

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://benefits-authority.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"f0093f086eb99cb9ce22b3e46abc1b01"
x-amz-version-id: w_hKFzjKt1Nw.ucB5dGtAx9i0TL_T7YW
age: 1048
date: Fri, 25 Oct 2024 14:42:24 GMT
content-type: text/javascript
last-modified: Fri, 11 Oct 2024 12:08:32 GMT
vary: Accept-Encoding
x-amz-id-2: A2tbz7FiePfA8LynkyJZ8/w2f0iOQOcKnFTKcj2jzTDC6CJZfFhwmr6YS4hKfH7ZUoXDsl7eAHJ/EMLjGpQoErne5ztdQyEL
x-amz-replication-status: COMPLETED
cache-control: max-age=1800
x-amz-request-id: TMSKVJ8F71W818QK
cf-ray: 8d82f9179e2c42a5-EWR
access-control-allow-origin: *
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 62b332d9fa649100129f981c Show response
api.pushnami.com/scripts/v1/pushnami-adv/ 94 KB
20 KB 228ms
71ms Script
application/javascript 3.167.69.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pushnami.com/scripts/v1/pushnami-adv/62b332d9fa649100129f981c
Requested by: Host: benefits-authority.com
URL: https://benefits-authority.com/static/js/main.37287f54.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.167.69.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-167-69-3.iad61.r.cloudfront.net
Software: /
Resource Hash: ad6fe100233a041f7c239466a456eca82dc989b853801c26c729cb4ea42a56d3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://benefits-authority.com/

Response headers

cache-control: no-cache
content-encoding: gzip
age: 301
via: 1.1 129992dce1f07236bc0fef123684fb68.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: BG80oOAImVSmTH7mQOebSvUFoFP2ul-qIMCqSq_GGIEICZctChS7Ag==
date: Fri, 25 Oct 2024 14:37:23 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding
x-amz-cf-pop: IAD61-P6

GET
H2 200 noscript.gif
create.leadid.com/ 43 B
644 B 193ms
69ms Image
image/gif 35.170.7.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://create.leadid.com/noscript.gif?lac=4b1f5928-2127-08fa-4ea5-f0db210f6aae&lck=d2fb0ec8-1e8c-a402-e4ac-9205fe98f622&snippet_version=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.170.7.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-170-7-56.compute-1.amazonaws.com

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://benefits-authority.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-max-age: 1728000
content-encoding: none
etag: 97CFD265-290F-1F69-31D7-2FA0ECEB28F2
access-control-allow-origin: *
date: Fri, 25 Oct 2024 14:42:24 GMT
content-type: image/gif
last-modified: Fri, 25 Oct 2024 14:42:24 GMT
server: nginx
access-control-allow-headers: X-Requested-With, Content-Type

GET
H/1.1 200
OK favicon.ico
benefits-authority.com/ 4 KB
0 0ms
0ms Other
image/x-icon 69.172.201.115
DOSARREST

General

Check archive.org

Show headers Download Go to

Full URL

https://benefits-authority.com/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.172.201.115 , Canada, ASN19324 (DOSARREST, US),

Reverse DNS

Software

nginx/1.20.2 / ASP.NET

Resource Hash

3d10f7da6c603178340081668c4ac5b3ae9743ca9a262ab0fcd312fbb9f48bdd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://benefits-authority.com/?mbi=1623654444

Response headers

X-Powered-By: ASP.NET
ETag: "25e9dfe3d35dda1:0"
X-DIS-Request-ID: 9d790fa24f2f86162f4ae43690f1997d
Accept-Ranges: bytes
Content-Length: 3870
Date: Fri, 25 Oct 2024 14:42:23 GMT
Content-Type: image/x-icon
Last-Modified: Mon, 12 Feb 2024 16:52:40 GMT
Server: nginx/1.20.2
X-Frame-Options: SAMEORIGIN

POST
H2 200 GenerateToken Show response
create.leadid.com/2.15.1/ 36 B
661 B 179ms
83ms XHR
text/plain 35.170.7.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.15.1/GenerateToken?msn=1&pid=09cf5ca2-967b-4324-8d21-c7607e80407b&_=301250780

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/d2fb0ec8-1e8c-a402-e4ac-9205fe98f622.js?snippet_version=2&callback=setUniversalLeadId

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.170.7.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-170-7-56.compute-1.amazonaws.com

Software

nginx /

Resource Hash

cc0100557509871ef269bddc2f59756bed3636c17854352ec0964ee6f377975a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://benefits-authority.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-max-age: 1728000
cache-control: no-cache, must-revalidate
content-encoding: gzip
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
date: Fri, 25 Oct 2024 14:42:24 GMT
content-type: text/plain;charset=UTF-8
server: nginx
access-control-allow-headers: X-Requested-With, Content-Type

GET
H2 200 fcm-v1-module.019781ec7a1c97363e85.bundle.js Show response
cdn.pushnami.com/js/modules/ 46 KB
15 KB 231ms
77ms Script
application/javascript 3.167.69.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pushnami.com/js/modules/fcm-v1-module.019781ec7a1c97363e85.bundle.js
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/62b332d9fa649100129f981c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.167.69.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-167-69-65.iad61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b41d7402cbdab32acba31cfdd479730c74b7527fa7c881b0486098bd1a895607

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://benefits-authority.com/

Response headers

vary: accept-encoding
content-encoding: gzip
etag: W/"09467cbbdfbe0b4f7131476215348a19"
x-amz-version-id: DKNNXfrKVNQFoskvuTtbaAOVbVs0JYVO
age: 1530
via: 1.1 e65919f7601620126c233ab61638efee.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: mJ7r91b6gMsl1mKaSEu1KL3BWR8XPdmf41BFR-fOfQZchos-foDUgA==
date: Fri, 25 Oct 2024 14:16:55 GMT
content-type: application/javascript
last-modified: Fri, 10 May 2024 21:23:38 GMT
server: AmazonS3
x-amz-cf-pop: IAD61-P6
x-amz-server-side-encryption: AES256

GET
H2 200 hub
api.pushnami.com/scripts/v1/ Frame 1E00 0
0 161ms
44ms Document
text/html 3.167.69.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pushnami.com/scripts/v1/hub

Requested by

Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/62b332d9fa649100129f981c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.167.69.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-167-69-53.iad61.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' *
X-Content-Security-Policy	default-src 'unsafe-inline' *

Request headers

Referer: https://benefits-authority.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-origin: *
age: 363
cache-control: no-cache
content-encoding: gzip
content-security-policy: default-src 'unsafe-inline' *
content-type: text/html; charset=utf-8
date: Fri, 25 Oct 2024 14:36:21 GMT
vary: accept-encoding
via: 1.1 c297f40f50ed0c04a618a50b8a9423fe.cloudfront.net (CloudFront)
x-amz-cf-id: OBVGkuHnK6xtXwmmPJIjJWzGPYIzboc4FHojPYwat_cH7QQQex9LBg==
x-amz-cf-pop: IAD61-P6
x-cache: Hit from cloudfront
x-content-security-policy: default-src 'unsafe-inline' *
x-webkit-csp: default-src 'unsafe-inline' *

POST
H2 200 track Show response
trc.pushnami.com/api/push/ 2 B
168 B 128ms
124ms Fetch
text/html 3.213.135.2
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/62b332d9fa649100129f981c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.135.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-135-2.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

key: 62b332d9fa649100129f981c
Referer: https://benefits-authority.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept: application/json, text/plain, */*
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
access-control-expose-headers: WWW-Authenticate,Server-Authorization
content-length: 2
cache-control: no-cache
date: Fri, 25 Oct 2024 14:42:25 GMT
content-type: text/html; charset=utf-8

OPTIONS
H2 204 track
trc.pushnami.com/api/push/ Frame 0
0 213ms
95ms Preflight 3.213.135.2
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.135.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-135-2.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: key
Access-Control-Request-Method: POST
Origin: https://benefits-authority.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,key
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: WWW-Authenticate,Server-Authorization
access-control-max-age: 86400
cache-control: no-cache
date: Fri, 25 Oct 2024 14:42:24 GMT

GET
H/1.1 200
OK iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame 0FAF 0
0 161ms
32ms Document
text/html 99.86.227.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=FE4BF683-D3D9-4964-9E4C-2EFC5A530901&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.15.1&lck=D2FB0EC8-1E8C-A402-E4AC-9205FE98F622&lac=4B1F5928-2127-08FA-4EA5-F0DB210F6AAE

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/d2fb0ec8-1e8c-a402-e4ac-9205fe98f622.js?snippet_version=2&callback=setUniversalLeadId

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.227.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-227-24.iad79.r.cloudfront.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://benefits-authority.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Age: 30774
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Fri, 25 Oct 2024 06:09:31 GMT
Etag: W/"6707fed3-dbb"
Last-Modified: Thu, 10 Oct 2024 16:20:35 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Via: 1.1 3ebe5e903d733a5e00724b1dfdba02bc.cloudfront.net (CloudFront)
X-Amz-Cf-Id: rBn6GdBf_pyA1Bsov_OQZtmANrL3kTr8_mOhq3oRlz2hpzjHz8-sqg==
X-Amz-Cf-Pop: IAD79-C3
X-Cache: Hit from cloudfront

POST
H2 200 SaveDom Show response
create.leadid.com/2.15.1/ 0
623 B 38ms
35ms XHR
text/plain 35.170.7.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.15.1/SaveDom?msn=2&pid=09cf5ca2-967b-4324-8d21-c7607e80407b&token=FE4BF683-D3D9-4964-9E4C-2EFC5A530901&_=301250781

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/d2fb0ec8-1e8c-a402-e4ac-9205fe98f622.js?snippet_version=2&callback=setUniversalLeadId

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.170.7.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-170-7-56.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://benefits-authority.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-max-age: 1728000
cache-control: no-cache, must-revalidate
content-encoding: gzip
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
date: Fri, 25 Oct 2024 14:42:24 GMT
content-type: text/plain;charset=UTF-8
server: nginx
access-control-allow-headers: X-Requested-With, Content-Type

POST
H2 200 InitFormData Show response
create.leadid.com/2.15.1/ 0
623 B 88ms
85ms XHR
text/plain 35.170.7.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.15.1/InitFormData?msn=3&pid=09cf5ca2-967b-4324-8d21-c7607e80407b&token=FE4BF683-D3D9-4964-9E4C-2EFC5A530901&_=301250782

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/d2fb0ec8-1e8c-a402-e4ac-9205fe98f622.js?snippet_version=2&callback=setUniversalLeadId

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.170.7.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-170-7-56.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://benefits-authority.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-max-age: 1728000
cache-control: no-cache, must-revalidate
content-encoding: gzip
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
date: Fri, 25 Oct 2024 14:42:24 GMT
content-type: text/plain;charset=UTF-8
server: nginx
access-control-allow-headers: X-Requested-With, Content-Type

GET
H2 200 psfpv4_client_1.128.0_e69807988e393582df7e4f36997f32ce191eefb9bae310a2b10e144b1d3638f9.js Show response
cdn.pushnami.com/js/exp/ 333 KB
334 KB 114ms
113ms Script
application/javascript 3.167.69.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pushnami.com/js/exp/psfpv4_client_1.128.0_e69807988e393582df7e4f36997f32ce191eefb9bae310a2b10e144b1d3638f9.js
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/62b332d9fa649100129f981c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.167.69.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-167-69-65.iad61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e69807988e393582df7e4f36997f32ce191eefb9bae310a2b10e144b1d3638f9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://benefits-authority.com/

Response headers

content-encoding: utf-8
x-amz-version-id: iJVtw0MDnvg5Vkf9zg8GHQyDY6vN4ZdU
etag: "4b9f77845d59f14274d2b8d4b1112ca4"
age: 1013
x-cache: Hit from cloudfront
x-amz-cf-id: hKHD-ZJzTHt7XUxNGNh7koUdnY39LD6L-lmiFpbp1n_PykSvtHftBQ==
date: Fri, 25 Oct 2024 14:25:33 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding
last-modified: Mon, 12 Aug 2024 17:22:56 GMT
via: 1.1 e65919f7601620126c233ab61638efee.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 340965
x-amz-cf-pop: IAD61-P6
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 201 data Show response
psp.pushnami.com/psfp/ 61 B
221 B 34ms
33ms Fetch
application/json 3.213.207.248
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/psfp/data
Requested by: Host: cdn.pushnami.com
URL: https://cdn.pushnami.com/js/exp/psfpv4_client_1.128.0_e69807988e393582df7e4f36997f32ce191eefb9bae310a2b10e144b1d3638f9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.213.207.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-207-248.compute-1.amazonaws.com
Software: / Express
Resource Hash: 1969595780463f669776f48d7b4fe973db73bb9df026ca61220cdab952a32d64

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/octet-stream
Referer: https://benefits-authority.com/

Response headers

access-control-allow-origin: *
content-length: 61
date: Fri, 25 Oct 2024 14:42:25 GMT
etag: W/"3d-S4mSgo6peQruJOXncDlO9MCZnjQ"
content-type: application/json; charset=utf-8
x-powered-by: Express

OPTIONS
H2 204 data
psp.pushnami.com/psfp/ Frame 0
0 159ms
44ms Preflight 3.213.207.248
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/psfp/data
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.213.207.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-207-248.compute-1.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://benefits-authority.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Fri, 25 Oct 2024 14:42:25 GMT
vary: Access-Control-Request-Headers
x-powered-by: Express

POST
H2 200 psp Show response
psp.pushnami.com/api/ 2 B
152 B 111ms
109ms Fetch
text/html 3.213.207.248
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/62b332d9fa649100129f981c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.213.207.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-207-248.compute-1.amazonaws.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

key: 62b332d9fa649100129f981c
Referer: https://benefits-authority.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept: application/json, text/plain, */*
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
content-length: 2
date: Fri, 25 Oct 2024 14:42:25 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type: text/html; charset=utf-8
x-powered-by: Express

OPTIONS
H2 204 psp
psp.pushnami.com/api/ Frame 0
0 83ms
83ms Preflight 3.213.207.248
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.213.207.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-207-248.compute-1.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: key
Access-Control-Request-Method: POST
Origin: https://benefits-authority.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: key
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Fri, 25 Oct 2024 14:42:25 GMT
vary: Access-Control-Request-Headers
x-powered-by: Express

POST
H2 200 Snap Show response
create.leadid.com/2.15.1/ 0
623 B 108ms
76ms XHR
text/plain 35.170.7.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.15.1/Snap?msn=4&pid=09cf5ca2-967b-4324-8d21-c7607e80407b&token=FE4BF683-D3D9-4964-9E4C-2EFC5A530901&_=301250783

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/d2fb0ec8-1e8c-a402-e4ac-9205fe98f622.js?snippet_version=2&callback=setUniversalLeadId

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.170.7.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-170-7-56.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://benefits-authority.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-max-age: 1728000
cache-control: no-cache, must-revalidate
content-encoding: gzip
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
date: Fri, 25 Oct 2024 14:42:26 GMT
content-type: text/plain;charset=UTF-8
server: nginx
access-control-allow-headers: X-Requested-With, Content-Type

POST
H2 200 Snap Show response
create.leadid.com/2.15.1/ 0
623 B 111ms
78ms XHR
text/plain 35.170.7.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.15.1/Snap?msn=5&pid=09cf5ca2-967b-4324-8d21-c7607e80407b&token=FE4BF683-D3D9-4964-9E4C-2EFC5A530901&_=301250784

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/d2fb0ec8-1e8c-a402-e4ac-9205fe98f622.js?snippet_version=2&callback=setUniversalLeadId

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.170.7.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-170-7-56.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://benefits-authority.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-max-age: 1728000
cache-control: no-cache, must-revalidate
content-encoding: gzip
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
date: Fri, 25 Oct 2024 14:42:26 GMT
content-type: text/plain;charset=UTF-8
server: nginx
access-control-allow-headers: X-Requested-With, Content-Type

POST
H2 200 track Show response
trc.pushnami.com/api/push/ 2 B
168 B 42ms
41ms Fetch
text/html 3.213.135.2
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/62b332d9fa649100129f981c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.135.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-135-2.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

key: 62b332d9fa649100129f981c
Referer: https://benefits-authority.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept: application/json, text/plain, */*
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
access-control-expose-headers: WWW-Authenticate,Server-Authorization
content-length: 2
cache-control: no-cache
date: Fri, 25 Oct 2024 14:42:26 GMT
content-type: text/html; charset=utf-8

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
eireires.club/	1970-01-21 00:31:10	Name: uid28317 Value: 1496600571-20241025094218-8afa350a13f6422a7d8358ada7ede90b-
rinpc.firstfitload.com/	1970-01-21 00:31:14	Name: yredir_session Value: eyJpdiI6ImNFTWgrNnZjWmxQWFlETGt4YTMrNHc9PSIsInZhbHVlIjoiL1d0K0hDVWo2TUl0MHAxRFRoMTNIdXh1cWtrZm5IS2FJNDdRRVE2YjAwWUFTUWVjbzIwWm5NTnRRODNtbmJrQ25BYWhIWVNVQjE4WEhOYWlKSWFOWHNTaGNycWNxSndQMittc1dDbVBUTzNlVUxhU1Bybzd5Yy9hZkRnR0RUdVUiLCJtYWMiOiIzMzk3YjJhOGYxNDg2MDVlMTBmMjE1MjFkZDIxZjY3NDc3ZGRiZTI2MTdhYThlZTI3YzcxNzIzM2U1MzgzZDA3IiwidGFnIjoiIn0%3D
rinpc.receivegained.com/	1970-01-21 00:31:14	Name: yredir_session Value: eyJpdiI6IlN3bFI4bndyeWtwMlp6YXdUNkRsRUE9PSIsInZhbHVlIjoiRFU2Y1NTWGdBRllyL0VBUXJoS1lLUHJZMzN2dkdDbHZFQlEwL3N5Q0x4T3hmL3hXVk1VQzBEMGw5cnN4UUUvVVZrMC80LzNJcGd5UmlQY3UvM205YmVnZGVVelZ2ZUdEcFhSWHVMK0swaEU4TXdaQlovN3FJM1VjMGUzRXJraUoiLCJtYWMiOiJlMTZkMzY3Nzk2ZjM1OWVjYTJlYjFiNDViODkyNWIyZDY3MGUyNTAxNTRhOGVmMzkzNTJkZTUxODY2YThkNTJiIiwidGFnIjoiIn0%3D
www.dpvyw6trk.com/	1970-01-21 01:14:19	Name: uniqueClick_QT9RR8R Value: 8f47ad68-3b53-46c3-b4cf-71a1f6e453d8:1729867341
www.dpvyw6trk.com/	1970-01-21 02:40:43	Name: transaction_id Value: d13f40d220f3456f95a69a19c8c47d56
afflat3d3.com/	1970-01-21 01:57:16	Name: mb_26996_SS Value: AF=574293&AC=1623654444&CS=1624228737
afflat3d3.com/	1970-01-21 10:07:07	Name: I_SS Value: 1623654444
afflat3d3.com/	1970-01-21 10:07:07	Name: I Value: 1623654444
afflat3d3.com/	1970-01-21 01:56:56	Name: mb%5F26996 Value: AC=1623654444&CS=1624228737&AF=574293
afflat3d3.com/	1969-12-31 23:59:59	Name: ASPSESSIONIDCUQSRCDQ Value: CILHHDNBBAOKDGMMPFMMKDMI
benefits-authority.com/	1970-01-21 10:07:07	Name: mbi Value: 1623654444
benefits-authority.com/	1970-01-21 10:07:07	Name: avtc Value: 90d10bbd2450b03bcdde513438057cd0
benefits-authority.com/	1970-01-21 10:07:07	Name: avtset Value: 22-128
benefits-authority.com/	1969-12-31 23:59:59	Name: leadid_token-4B1F5928-2127-08FA-4EA5-F0DB210F6AAE-D2FB0EC8-1E8C-A402-E4AC-9205FE98F622 Value: FE4BF683-D3D9-4964-9E4C-2EFC5A530901
.trueleadid.com/	1970-01-21 09:16:39	Name: visid_incap_3051494 Value: 0opcP0+4TF+K9W4bhceVa1CuG2cAAAAAQUIPAAAAAAAhAxbf1XWoxUnG0e+0F76v
.trueleadid.com/	1969-12-31 23:59:59	Name: nlbi_3051494 Value: 4az0abKBHnYjPMOKC30iGwAAAAB3Vpsagr2qvFtu1T5vreMf
.trueleadid.com/	1969-12-31 23:59:59	Name: incap_ses_1543_3051494 Value: QdHENLFTIXsjTJodhNZpFVCuG2cAAAAAr7hbcgcicv1CNZH3TqGuCQ==
.deviceid.trueleadid.com/	1970-01-21 10:07:07	Name: uuid Value: e873b1ee28b243ba85c7a801e1fbaf52

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://benefits-authority.com/?mbi=1623654444# Message: [GroupMarkerNotSet(crbug.com/242999)!:A020B016EC230000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://benefits-authority.com/?mbi=1623654444# Message: [GroupMarkerNotSet(crbug.com/242999)!:A0D0000AEC230000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://benefits-authority.com/?mbi=1623654444# Message: [GroupMarkerNotSet(crbug.com/242999)!:A0F0AF16EC230000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://benefits-authority.com/?mbi=1623654444# Message: [GroupMarkerNotSet(crbug.com/242999)!:A0E01702EC230000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://benefits-authority.com/?mbi=1623654444# Message: [GroupMarkerNotSet(crbug.com/242999)!:A0C0AF16EC230000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
other	error	URL: https://benefits-authority.com/?mbi=1623654444# Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

afflat3d3.com
api.pushnami.com
av-api.com
benefits-authority.com
cdn.pushnami.com
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
eireires.club
i.imgur.com
psp.pushnami.com
rinpc.firstfitload.com
rinpc.receivegained.com
trc.pushnami.com
wapsir.com
www.dpvyw6trk.com
199.232.192.193
2606:4700:10::6816:27b6
3.167.69.3
3.167.69.53
3.167.69.65
3.213.135.2
3.213.207.248
35.170.7.56
35.190.6.55
45.147.195.16
47.254.155.143
5.252.54.124
69.172.200.185
69.172.201.115
99.86.227.24
0adcd085dadaa55d1e5b1843fda9224bc67426fbe65e13721829e9e8e687af99
13fc38908f98b8ccbf47d9c72e37e644107d5e60c8f89db9909afadfe325cc94
14b075d2831615d4fb62e8b8271b62ed622ba8d36e51797d6df9ebbc95f96b58
1969595780463f669776f48d7b4fe973db73bb9df026ca61220cdab952a32d64
2b2f4bd82146b247a795d5988d00c5d0bbbbbcdde1c8455fdba232bfdd7590f7
3d10f7da6c603178340081668c4ac5b3ae9743ca9a262ab0fcd312fbb9f48bdd
42f373b869a5f0a9438bac0f1866aad195a0ec3cf9be60a7036955499e5620a9
5051e2fb2fe91fdd7d5b32f1881c16a58b4dbd92a17a46c86d9d0bea5cb3e0b0
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5f1adb90a1acc45fd824b3a042617a48228fde56c778b5c4d7d9f0c3275dfc79
ad6fe100233a041f7c239466a456eca82dc989b853801c26c729cb4ea42a56d3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b41d7402cbdab32acba31cfdd479730c74b7527fa7c881b0486098bd1a895607
c02cb664f7b0323b2d7a5a5b4766f58466c22b62361a62b95b0471cc8330c5a6
cc0100557509871ef269bddc2f59756bed3636c17854352ec0964ee6f377975a
dd30f9294822c6d5c32e8fc4e4de069194ad4b9ca958d9f9265d321fc4aa3e44
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e69807988e393582df7e4f36997f32ce191eefb9bae310a2b10e144b1d3638f9
f99e785b0abda784b68fcf4840fbe98909760620f12002087f1af4b874971333

benefits-authority.com Open in urlscan Pro 69.172.201.115 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

30 Requests

100 %HTTPS

7 %IPv6

13 Domains

16 Subdomains

12 IPs

4 Countries

1412 kBTransfer

2862 kBSize

18 Cookies

0 Outgoing links

Page URL History

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

benefits-authority.com Open in urlscan Pro
69.172.201.115 Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

100 %
HTTPS

7 %
IPv6

13
Domains

16
Subdomains

12
IPs

4
Countries

1412 kB
Transfer

2862 kB
Size

18
Cookies

30 HTTP transactions
0 data transactions