rl-wellbeing.group-login.com Open in urlscan Pro
185.184.156.149 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://leadingloyalty.com/tracker.php?lid=9984813&cid=1483&nid=9789&uid=1533823&sh=60af615210f9dd4858a61aa6809c8d8e19da1c6...
Effective URL:
https://rl-wellbeing.group-login.com/login
Submission: On January 04 via manual (January 4th 2022, 4:24:06 pm UTC) from GB — Scanned from GB

Summary HTTP 23 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 23 HTTP transactions. The main IP is 185.184.156.149, located in United Kingdom and belongs to VOOSERVERS, GB. The main domain is rl-wellbeing.group-login.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 7th 2021. Valid for: a year.

This is the only time rl-wellbeing.group-login.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	185.184.156.146 185.184.156.146	62217 (VOOSERVERS) (VOOSERVERS)
1 4	185.184.156.149 185.184.156.149	62217 (VOOSERVERS) (VOOSERVERS)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
5	2a02:6ea0:c70... 2a02:6ea0:c700::4	60068 (CDN77 ^_^) (CDN77 ^_^)
6	2a02:6ea0:c70... 2a02:6ea0:c700::10	60068 (CDN77 ^_^) (CDN77 ^_^)
2	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (HIGHWINDS3) (HIGHWINDS3)
5	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
23	7

1 185.184.156.146 (United Kingdom) 1 redirects

ASN62217 (VOOSERVERS, GB)

leadingloyalty.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.184.156.149 (United Kingdom) 1 redirects

ASN62217 (VOOSERVERS, GB)

rl-wellbeing.group-login.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
group-login.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6ea0:c700::4 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn77.wrkit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn77.leadingloyalty.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	leadingloyalty.com 1 redirects leadingloyalty.com cdn77.leadingloyalty.com	257 KB
5	google-analytics.com www.google-analytics.com	20 KB
5	wrkit.com cdn77.wrkit.com	51 KB
4	group-login.com 1 redirects rl-wellbeing.group-login.com group-login.com	19 KB
2	jquery.com code.jquery.com	35 KB
1	gstatic.com fonts.gstatic.com	44 KB
1	googleapis.com fonts.googleapis.com	1 KB
23	7

	Domain	Requested by
6	cdn77.leadingloyalty.com	rl-wellbeing.group-login.com
5	www.google-analytics.com	rl-wellbeing.group-login.com
5	cdn77.wrkit.com	rl-wellbeing.group-login.com
3	rl-wellbeing.group-login.com	1 redirects rl-wellbeing.group-login.com
2	code.jquery.com	rl-wellbeing.group-login.com
1	group-login.com	rl-wellbeing.group-login.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	rl-wellbeing.group-login.com
1	leadingloyalty.com	1 redirects
23	9

This site contains no links.

Subject Issuer	Validity	Valid
*.group-login.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-07` - `2022-10-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
1934471171.rsc.cdn77.org R3	`2021-11-23` - `2022-02-21`	3 months	crt.sh
1966402236.rsc.cdn77.org R3	`2021-10-30` - `2022-01-28`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://rl-wellbeing.group-login.com/login
Frame ID: 39EDBA690FF280FBC142348E4DC8C676
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

rl-wellbeing.group-login.com - Login

Page URL History Show full URLs

https://leadingloyalty.com/tracker.php?lid=9984813&cid=1483&nid=9789&uid=1533823&sh=60af615210f9dd4858a... HTTP 307
https://rl-wellbeing.group-login.com/ HTTP 302
https://rl-wellbeing.group-login.com/login Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

23
Requests

100 %
HTTPS

75 %
IPv6

7
Domains

9
Subdomains

7
IPs

3
Countries

425 kB
Transfer

752 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://leadingloyalty.com/tracker.php?lid=9984813&cid=1483&nid=9789&uid=1533823&sh=60af615210f9dd4858a61aa6809c8d8e19da1c64e17a4b8693fa8494084de358&uh=dfead375deaabfd552dbe77069cac3bc7fdc906836b16168bc73b2376bb8171c HTTP 307
https://rl-wellbeing.group-login.com/ HTTP 302
https://rl-wellbeing.group-login.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
rl-wellbeing.group-login.com/
Redirect Chain

https://leadingloyalty.com/tracker.php?lid=9984813&cid=1483&nid=9789&uid=1533823&sh=60af615210f9dd4858a61aa6809c8d8e19da1c64e17a4b8693fa8494084de358&uh=dfead375deaabfd552dbe77069cac3bc7fdc906836b16...
https://rl-wellbeing.group-login.com/
https://rl-wellbeing.group-login.com/login

12 KB
4 KB

102ms
102ms

Document
text/html

185.184.156.149
VOOSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://rl-wellbeing.group-login.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.184.156.149 , United Kingdom, ASN62217 (VOOSERVERS, GB),

Reverse DNS

Software

Resource Hash

c8a0d37051e27962ad75670ed0fced79b6ad2521c9f01f52164a4cb00673f823

Security Headers

Name	Value
Content-Security-Policy	default-src 'report-sample' 'self' 'unsafe-inline' .group-login.com group-login.com .wrkit.com wrkit.com .groupscheme.com .rewardhubdiscounts.com .rewardflo.com .powrlife.com .certasenergyextras.co.uk .mytrustbenefits.co.uk .pushalert.co cdn77.leadingloyalty.com leadingloyalty.com cdn77hd.leadingloyalty.com fonts.googleapis.com fonts.gstatic.com .google-analytics.com code.jquery.com .google.com player.vimeo.com; img-src 'report-sample' 'self' .group-login.com group-login.com .wrkit.com wrkit.com .groupscheme.com .rewardhubdiscounts.com .rewardflo.com .powrlife.com .certasenergyextras.co.uk .mytrustbenefits.co.uk .pushalert.co cdn77.leadingloyalty.com leadingloyalty.com cdn77hd.leadingloyalty.com fonts.googleapis.com fonts.gstatic.com .google-analytics.com code.jquery.com .google.com data:; worker-src 'self' blob:; frame-ancestors 'self'
Strict-Transport-Security	max-age=21600000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9

Response headers

date: Tue, 04 Jan 2022 16:24:00 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'report-sample' 'self' 'unsafe-inline' *.group-login.com group-login.com *.wrkit.com wrkit.com *.groupscheme.com *.rewardhubdiscounts.com *.rewardflo.com *.powrlife.com *.certasenergyextras.co.uk *.mytrustbenefits.co.uk *.pushalert.co cdn77.leadingloyalty.com leadingloyalty.com cdn77hd.leadingloyalty.com fonts.googleapis.com fonts.gstatic.com *.google-analytics.com code.jquery.com *.google.com player.vimeo.com; img-src 'report-sample' 'self' *.group-login.com group-login.com *.wrkit.com wrkit.com *.groupscheme.com *.rewardhubdiscounts.com *.rewardflo.com *.powrlife.com *.certasenergyextras.co.uk *.mytrustbenefits.co.uk *.pushalert.co cdn77.leadingloyalty.com leadingloyalty.com cdn77hd.leadingloyalty.com fonts.googleapis.com fonts.gstatic.com *.google-analytics.com code.jquery.com *.google.com data:; worker-src 'self' blob:; frame-ancestors 'self'
vary: User-Agent,Host,Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip
expect-ct: max-age=86400
content-length: 3592
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=21600000

Redirect headers

date: Tue, 04 Jan 2022 16:24:00 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'report-sample' 'self' 'unsafe-inline' *.group-login.com group-login.com *.wrkit.com wrkit.com *.groupscheme.com *.rewardhubdiscounts.com *.rewardflo.com *.powrlife.com *.certasenergyextras.co.uk *.mytrustbenefits.co.uk *.pushalert.co cdn77.leadingloyalty.com leadingloyalty.com cdn77hd.leadingloyalty.com fonts.googleapis.com fonts.gstatic.com *.google-analytics.com code.jquery.com *.google.com player.vimeo.com; img-src 'report-sample' 'self' *.group-login.com group-login.com *.wrkit.com wrkit.com *.groupscheme.com *.rewardhubdiscounts.com *.rewardflo.com *.powrlife.com *.certasenergyextras.co.uk *.mytrustbenefits.co.uk *.pushalert.co cdn77.leadingloyalty.com leadingloyalty.com cdn77hd.leadingloyalty.com fonts.googleapis.com fonts.gstatic.com *.google-analytics.com code.jquery.com *.google.com data:; worker-src 'self' blob:; frame-ancestors 'self'
vary: User-Agent,Host
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
location: /login
expect-ct: max-age=86400
content-length: 0
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=21600000

GET
H2 200 css
fonts.googleapis.com/ 15 KB
1 KB 117ms
42ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,700,700i&subset=latin-ext

Requested by

Host: rl-wellbeing.group-login.com
URL: https://rl-wellbeing.group-login.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

be77a523566477dd4964bd0a41ae633eadae722218dc0e744f76243eb8190147

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://rl-wellbeing.group-login.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 04 Jan 2022 16:24:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 04 Jan 2022 16:24:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 04 Jan 2022 16:24:00 GMT

GET
H2 200 fontawesome-all.min.css
cdn77.wrkit.com/_assets/css/ 56 KB
13 KB 146ms
45ms Stylesheet
text/css 2a02:6ea0:c700::4
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn77.wrkit.com/_assets/css/fontawesome-all.min.css

Requested by

Host: rl-wellbeing.group-login.com
URL: https://rl-wellbeing.group-login.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

c6f2afa230dad0fdd164bf680e5b6d8e2d144380219c4462a9450e9cf8f4b369

Security Headers

Name	Value
Content-Security-Policy	default-src 'report-sample' 'self' 'unsafe-inline' .group-login.com group-login.com .wrkit.com wrkit.com .groupscheme.com .rewardhubdiscounts.com .rewardflo.com .powrlife.com .certasenergyextras.co.uk .mytrustbenefits.co.uk .pushalert.co cdn77.leadingloyalty.com leadingloyalty.com cdn77hd.leadingloyalty.com fonts.googleapis.com fonts.gstatic.com .google-analytics.com code.jquery.com .google.com player.vimeo.com; img-src 'report-sample' 'self' .group-login.com group-login.com .wrkit.com wrkit.com .groupscheme.com .rewardhubdiscounts.com .rewardflo.com .powrlife.com .certasenergyextras.co.uk .mytrustbenefits.co.uk .pushalert.co cdn77.leadingloyalty.com leadingloyalty.com cdn77hd.leadingloyalty.com fonts.googleapis.com fonts.gstatic.com .google-analytics.com code.jquery.com .google.com data:; worker-src 'self' blob:; frame-ancestors 'self'
Strict-Transport-Security	max-age=21600000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://rl-wellbeing.group-login.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 04 Jan 2022 16:24:00 GMT
content-encoding: br
x-content-type-options: nosniff
x-77-cache: HIT
x-cache: HIT
strict-transport-security: max-age=21600000
x-xss-protection: 1; mode=block
x-77-nzt: AcO1rzU23WP/cNsGAA==
x-accel-expires: @1641900848
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Dec 2021 17:24:49 GMT
server: CDN77-Turbo
x-frame-options: SAMEORIGIN
x-77-nzt-ray: H9N8NGcxs7A=
expect-ct: max-age=86400
vary: User-Agent,Host,Accept-Encoding
content-type: text/css
content-security-policy: default-src 'report-sample' 'self' 'unsafe-inline' *.group-login.com group-login.com *.wrkit.com wrkit.com *.groupscheme.com *.rewardhubdiscounts.com *.rewardflo.com *.powrlife.com *.certasenergyextras.co.uk *.mytrustbenefits.co.uk *.pushalert.co cdn77.leadingloyalty.com leadingloyalty.com cdn77hd.leadingloyalty.com fonts.googleapis.com fonts.gstatic.com *.google-analytics.com code.jquery.com *.google.com player.vimeo.com; img-src 'report-sample' 'self' *.group-login.com group-login.com *.wrkit.com wrkit.com *.groupscheme.com *.rewardhubdiscounts.com *.rewardflo.com *.powrlife.com *.certasenergyextras.co.uk *.mytrustbenefits.co.uk *.pushalert.co cdn77.leadingloyalty.com leadingloyalty.com cdn77hd.leadingloyalty.com fonts.googleapis.com fonts.gstatic.com *.google-analytics.com code.jquery.com *.google.com data:; worker-src 'self' blob:; frame-ancestors 'self'
x-age: 449392

GET
H2 200 style.php
rl-wellbeing.group-login.com/_assets/css/ 80 KB
13 KB 97ms
96ms Stylesheet
text/css 185.184.156.149
VOOSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://rl-wellbeing.group-login.com/_assets/css/style.php?ts=20210419

Requested by

Host: rl-wellbeing.group-login.com
URL: https://rl-wellbeing.group-login.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.184.156.149 , United Kingdom, ASN62217 (VOOSERVERS, GB),

Reverse DNS

Software

Resource Hash

d57f3c25b83ddd03dde52b6a65a3981b2cd67f3040310b28d838e25e8994e613

Security Headers

Name	Value
Content-Security-Policy	default-src 'report-sample' 'self' 'unsafe-inline' .group-login.com group-login.com .wrkit.com wrkit.com .groupscheme.com .rewardhubdiscounts.com .rewardflo.com .powrlife.com .certasenergyextras.co.uk .mytrustbenefits.co.uk .pushalert.co cdn77.leadingloyalty.com leadingloyalty.com cdn77hd.leadingloyalty.com fonts.googleapis.com fonts.gstatic.com .google-analytics.com code.jquery.com .google.com player.vimeo.com; img-src 'report-sample' 'self' .group-login.com group-login.com .wrkit.com wrkit.com .groupscheme.com .rewardhubdiscounts.com .rewardflo.com .powrlife.com .certasenergyextras.co.uk .mytrustbenefits.co.uk .pushalert.co cdn77.leadingloyalty.com leadingloyalty.com cdn77hd.leadingloyalty.com fonts.googleapis.com fonts.gstatic.com .google-analytics.com code.jquery.com .google.com data:; worker-src 'self' blob:; frame-ancestors 'self'
Strict-Transport-Security	max-age=21600000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://rl-wellbeing.group-login.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: cache
date: Tue, 04 Jan 2022 16:24:00 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
expect-ct: max-age=86400
x-frame-options: SAMEORIGIN
content-type: text/css; charset: UTF-8;charset=UTF-8
cache-control: private, max-age=604800
x-content-type-options: nosniff
content-security-policy: default-src 'report-sample' 'self' 'unsafe-inline' *.group-login.com group-login.com *.wrkit.com wrkit.com *.groupscheme.com *.rewardhubdiscounts.com *.rewardflo.com *.powrlife.com *.certasenergyextras.co.uk *.mytrustbenefits.co.uk *.pushalert.co cdn77.leadingloyalty.com leadingloyalty.com cdn77hd.leadingloyalty.com fonts.googleapis.com fonts.gstatic.com *.google-analytics.com code.jquery.com *.google.com player.vimeo.com; img-src 'report-sample' 'self' *.group-login.com group-login.com *.wrkit.com wrkit.com *.groupscheme.com *.rewardhubdiscounts.com *.rewardflo.com *.powrlife.com *.certasenergyextras.co.uk *.mytrustbenefits.co.uk *.pushalert.co cdn77.leadingloyalty.com leadingloyalty.com cdn77hd.leadingloyalty.com fonts.googleapis.com fonts.gstatic.com *.google-analytics.com code.jquery.com *.google.com data:; worker-src 'self' blob:; frame-ancestors 'self'
strict-transport-security: max-age=21600000
vary: User-Agent,Host,Accept-Encoding
content-length: 13313
x-xss-protection: 1; mode=block
expires: Tue, 11 Jan 2022 16:24:00 GMT

GET
H2 200 respond.min.js Show response
cdn77.wrkit.com/_assets/js/vendor/ 4 KB
3 KB 146ms
46ms Script
application/javascript 2a02:6ea0:c700::4
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn77.wrkit.com/_assets/js/vendor/respond.min.js

Requested by

Host: rl-wellbeing.group-login.com
URL: https://rl-wellbeing.group-login.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

82069c15edd6943dfaa59f5ac3f6acc86fd44a28fe925e410ccdcadec194a8ba

Security Headers

Name	Value
Content-Security-Policy	default-src 'report-sample' 'self' 'unsafe-inline' .group-login.com group-login.com .wrkit.com wrkit.com .groupscheme.com .rewardhubdiscounts.com .rewardflo.com .powrlife.com .certasenergyextras.co.uk .mytrustbenefits.co.uk .pushalert.co cdn77.leadingloyalty.com leadingloyalty.com cdn77hd.leadingloyalty.com fonts.googleapis.com fonts.gstatic.com .google-analytics.com code.jquery.com .google.com player.vimeo.com; img-src 'report-sample' 'self' .group-login.com group-login.com .wrkit.com wrkit.com .groupscheme.com .rewardhubdiscounts.com .rewardflo.com .powrlife.com .certasenergyextras.co.uk .mytrustbenefits.co.uk .pushalert.co cdn77.leadingloyalty.com leadingloyalty.com cdn77hd.leadingloyalty.com fonts.googleapis.com fonts.gstatic.com .google-analytics.com code.jquery.com .google.com data:; worker-src 'self' blob:; frame-ancestors 'self'
Strict-Transport-Security	max-age=21600000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://rl-wellbeing.group-login.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 04 Jan 2022 16:24:00 GMT
content-encoding: br
x-content-type-options: nosniff
x-77-cache: HIT
x-cache: HIT
strict-transport-security: max-age=21600000
x-xss-protection: 1; mode=block
x-77-nzt: AcO1rzWBf5j/cNsGAA==
x-accel-expires: @1641900848
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Dec 2021 17:26:53 GMT
server: CDN77-Turbo
x-frame-options: SAMEORIGIN
x-77-nzt-ray: 4f5M+9SHZAg=
expect-ct: max-age=86400
vary: User-Agent,Host,Accept-Encoding
content-type: application/javascript
content-security-policy: default-src 'report-sample' 'self' 'unsafe-inline' *.group-login.com group-login.com *.wrkit.com wrkit.com *.groupscheme.com *.rewardhubdiscounts.com *.rewardflo.com *.powrlife.com *.certasenergyextras.co.uk *.mytrustbenefits.co.uk *.pushalert.co cdn77.leadingloyalty.com leadingloyalty.com cdn77hd.leadingloyalty.com fonts.googleapis.com fonts.gstatic.com *.google-analytics.com code.jquery.com *.google.com player.vimeo.com; img-src 'report-sample' 'self' *.group-login.com group-login.com *.wrkit.com wrkit.com *.groupscheme.com *.rewardhubdiscounts.com *.rewardflo.com *.powrlife.com *.certasenergyextras.co.uk *.mytrustbenefits.co.uk *.pushalert.co cdn77.leadingloyalty.com leadingloyalty.com cdn77hd.leadingloyalty.com fonts.googleapis.com fonts.gstatic.com *.google-analytics.com code.jquery.com *.google.com data:; worker-src 'self' blob:; frame-ancestors 'self'
x-age: 449392

GET
H2 200 logo-royal-london-ver-1.png
cdn77.leadingloyalty.com/images/350/80/350/80/logos/ 8 KB
9 KB 293ms
185ms Image
image/png 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn77.leadingloyalty.com/images/350/80/350/80/logos/logo-royal-london-ver-1.png
Requested by: Host: rl-wellbeing.group-login.com
URL: https://rl-wellbeing.group-login.com/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4c21ee622c02b3a15196b20724a48c7d74895354638be4763c6fd01c269e4b35

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://rl-wellbeing.group-login.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-77-nzt: Abk73BC9wMeh
x-accel-expires: @1642350241
date: Tue, 04 Jan 2022 16:24:01 GMT
last-modified: Wed, 10 Nov 2021 16:05:34 GMT
server: CDN77-Turbo
x-77-nzt-ray: nr1+7YacXW8=
x-77-cache: MISS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=1036800
x-cache: MISS
accept-ranges: bytes
x-77-pop: frankfurtDE
content-length: 8517
expires: Sun, 16 Jan 2022 16:24:01 GMT

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 182ms
62ms Script
application/javascript 2001:4de0:ac18::1:a:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: rl-wellbeing.group-login.com
URL: https://rl-wellbeing.group-login.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer: https://rl-wellbeing.group-login.com/login
Origin: https://rl-wellbeing.group-login.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 16:24:01 GMT
content-encoding: gzip
last-modified: Tue, 02 Mar 2021 17:27:20 GMT
server: nginx
etag: W/"603e7578-15d9d"
vary: Accept-Encoding
x-hw: 1641313441.dop204.ml1.t,1641313441.cds221.ml1.hn,1641313441.cds012.ml1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H2 200 jquery-migrate-3.3.2.min.js Show response
code.jquery.com/ 11 KB
4 KB 233ms
117ms Script
application/javascript 2001:4de0:ac18::1:a:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-migrate-3.3.2.min.js
Requested by: Host: rl-wellbeing.group-login.com
URL: https://rl-wellbeing.group-login.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Referer: https://rl-wellbeing.group-login.com/login
Origin: https://rl-wellbeing.group-login.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 16:24:01 GMT
content-encoding: gzip
last-modified: Tue, 17 Nov 2020 23:42:49 GMT
server: nginx
etag: W/"5fb45ff9-2bd8"
vary: Accept-Encoding
x-hw: 1641313441.dop204.ml1.t,1641313441.cds221.ml1.hn,1641313441.cds224.ml1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 4165

GET
H2 200 plugins.js Show response
cdn77.wrkit.com/_assets/js/ 100 KB
30 KB 97ms
96ms Script
application/javascript 2a02:6ea0:c700::4
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn77.wrkit.com/_assets/js/plugins.js

Requested by

Host: rl-wellbeing.group-login.com
URL: https://rl-wellbeing.group-login.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

4af4d5342c392b629e78f7fc900fe7cb4e442cce3fb90cc3cac7fe96007d5cd7

Security Headers

Name	Value
Content-Security-Policy	default-src 'report-sample' 'self' 'unsafe-inline' .group-login.com group-login.com .wrkit.com wrkit.com .groupscheme.com .rewardhubdiscounts.com .rewardflo.com .powrlife.com .certasenergyextras.co.uk .mytrustbenefits.co.uk .pushalert.co cdn77.leadingloyalty.com leadingloyalty.com cdn77hd.leadingloyalty.com fonts.googleapis.com fonts.gstatic.com .google-analytics.com code.jquery.com .google.com player.vimeo.com; img-src 'report-sample' 'self' .group-login.com group-login.com .wrkit.com wrkit.com .groupscheme.com .rewardhubdiscounts.com .rewardflo.com .powrlife.com .certasenergyextras.co.uk .mytrustbenefits.co.uk .pushalert.co cdn77.leadingloyalty.com leadingloyalty.com cdn77hd.leadingloyalty.com fonts.googleapis.com fonts.gstatic.com .google-analytics.com code.jquery.com .google.com data:; worker-src 'self' blob:; frame-ancestors 'self'
Strict-Transport-Security	max-age=21600000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://rl-wellbeing.group-login.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 04 Jan 2022 16:24:01 GMT
content-encoding: br
x-content-type-options: nosniff
x-77-cache: HIT
x-cache: HIT
strict-transport-security: max-age=21600000
x-xss-protection: 1; mode=block
x-77-nzt: AcO1rzWqgjL/cdsGAA==
x-accel-expires: @1641900848
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Dec 2021 17:25:03 GMT
server: CDN77-Turbo
x-frame-options: SAMEORIGIN
x-77-nzt-ray: ou9bCJeMeKY=
expect-ct: max-age=86400
vary: User-Agent,Host,Accept-Encoding
content-type: application/javascript
content-security-policy: default-src 'report-sample' 'self' 'unsafe-inline' *.group-login.com group-login.com *.wrkit.com wrkit.com *.groupscheme.com *.rewardhubdiscounts.com *.rewardflo.com *.powrlife.com *.certasenergyextras.co.uk *.mytrustbenefits.co.uk *.pushalert.co cdn77.leadingloyalty.com leadingloyalty.com cdn77hd.leadingloyalty.com fonts.googleapis.com fonts.gstatic.com *.google-analytics.com code.jquery.com *.google.com player.vimeo.com; img-src 'report-sample' 'self' *.group-login.com group-login.com *.wrkit.com wrkit.com *.groupscheme.com *.rewardhubdiscounts.com *.rewardflo.com *.powrlife.com *.certasenergyextras.co.uk *.mytrustbenefits.co.uk *.pushalert.co cdn77.leadingloyalty.com leadingloyalty.com cdn77hd.leadingloyalty.com fonts.googleapis.com fonts.gstatic.com *.google-analytics.com code.jquery.com *.google.com data:; worker-src 'self' blob:; frame-ancestors 'self'
x-age: 449393

GET
H2 200 main.js Show response
cdn77.wrkit.com/_assets/js/ 4 KB
2 KB 102ms
101ms Script
application/javascript 2a02:6ea0:c700::4
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn77.wrkit.com/_assets/js/main.js

Requested by

Host: rl-wellbeing.group-login.com
URL: https://rl-wellbeing.group-login.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

b743f94be1b917dc8d6881d287a341f744bdfefdfa4104d6ea83c5326aad2c49

Security Headers

Name	Value
Content-Security-Policy	default-src 'report-sample' 'self' 'unsafe-inline' .group-login.com group-login.com .wrkit.com wrkit.com .groupscheme.com .rewardhubdiscounts.com .rewardflo.com .powrlife.com .certasenergyextras.co.uk .mytrustbenefits.co.uk .pushalert.co cdn77.leadingloyalty.com leadingloyalty.com cdn77hd.leadingloyalty.com fonts.googleapis.com fonts.gstatic.com .google-analytics.com code.jquery.com .google.com player.vimeo.com; img-src 'report-sample' 'self' .group-login.com group-login.com .wrkit.com wrkit.com .groupscheme.com .rewardhubdiscounts.com .rewardflo.com .powrlife.com .certasenergyextras.co.uk .mytrustbenefits.co.uk .pushalert.co cdn77.leadingloyalty.com leadingloyalty.com cdn77hd.leadingloyalty.com fonts.googleapis.com fonts.gstatic.com .google-analytics.com code.jquery.com .google.com data:; worker-src 'self' blob:; frame-ancestors 'self'
Strict-Transport-Security	max-age=21600000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://rl-wellbeing.group-login.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 04 Jan 2022 16:24:01 GMT
content-encoding: br
x-content-type-options: nosniff
x-77-cache: HIT
x-cache: HIT
strict-transport-security: max-age=21600000
x-xss-protection: 1; mode=block
x-77-nzt: AcO1rzUQDqP/cNsGAA==
x-accel-expires: @1641900849
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Dec 2021 17:25:03 GMT
server: CDN77-Turbo
x-frame-options: SAMEORIGIN
x-77-nzt-ray: ALbFMEQ+0Rc=
expect-ct: max-age=86400
vary: User-Agent,Host,Accept-Encoding
content-type: application/javascript
content-security-policy: default-src 'report-sample' 'self' 'unsafe-inline' *.group-login.com group-login.com *.wrkit.com wrkit.com *.groupscheme.com *.rewardhubdiscounts.com *.rewardflo.com *.powrlife.com *.certasenergyextras.co.uk *.mytrustbenefits.co.uk *.pushalert.co cdn77.leadingloyalty.com leadingloyalty.com cdn77hd.leadingloyalty.com fonts.googleapis.com fonts.gstatic.com *.google-analytics.com code.jquery.com *.google.com player.vimeo.com; img-src 'report-sample' 'self' *.group-login.com group-login.com *.wrkit.com wrkit.com *.groupscheme.com *.rewardhubdiscounts.com *.rewardflo.com *.powrlife.com *.certasenergyextras.co.uk *.mytrustbenefits.co.uk *.pushalert.co cdn77.leadingloyalty.com leadingloyalty.com cdn77hd.leadingloyalty.com fonts.googleapis.com fonts.gstatic.com *.google-analytics.com code.jquery.com *.google.com data:; worker-src 'self' blob:; frame-ancestors 'self'
x-age: 449392

GET
H2 200 js.cookie.js Show response
cdn77.wrkit.com/_assets/js/vendor/ 4 KB
2 KB 103ms
102ms Script
application/javascript 2a02:6ea0:c700::4
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn77.wrkit.com/_assets/js/vendor/js.cookie.js

Requested by

Host: rl-wellbeing.group-login.com
URL: https://rl-wellbeing.group-login.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

807b1433f9c2340e253f71cf9862932aa639805cbd1001e790d3f98782c69613

Security Headers

Name	Value
Content-Security-Policy	default-src 'report-sample' 'self' 'unsafe-inline' .group-login.com group-login.com .wrkit.com wrkit.com .groupscheme.com .rewardhubdiscounts.com .rewardflo.com .powrlife.com .certasenergyextras.co.uk .mytrustbenefits.co.uk .pushalert.co cdn77.leadingloyalty.com leadingloyalty.com cdn77hd.leadingloyalty.com fonts.googleapis.com fonts.gstatic.com .google-analytics.com code.jquery.com .google.com player.vimeo.com; img-src 'report-sample' 'self' .group-login.com group-login.com .wrkit.com wrkit.com .groupscheme.com .rewardhubdiscounts.com .rewardflo.com .powrlife.com .certasenergyextras.co.uk .mytrustbenefits.co.uk .pushalert.co cdn77.leadingloyalty.com leadingloyalty.com cdn77hd.leadingloyalty.com fonts.googleapis.com fonts.gstatic.com .google-analytics.com code.jquery.com .google.com data:; worker-src 'self' blob:; frame-ancestors 'self'
Strict-Transport-Security	max-age=21600000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://rl-wellbeing.group-login.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 04 Jan 2022 16:24:01 GMT
content-encoding: br
x-content-type-options: nosniff
x-77-cache: HIT
x-cache: HIT
strict-transport-security: max-age=21600000
x-xss-protection: 1; mode=block
x-77-nzt: AcO1rzW1iTr/ZfoEAA==
x-accel-expires: @1642023996
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Dec 2021 17:26:52 GMT
server: CDN77-Turbo
x-frame-options: SAMEORIGIN
x-77-nzt-ray: aX+6aa+BBjQ=
expect-ct: max-age=86400
vary: User-Agent,Host,Accept-Encoding
content-type: application/javascript
content-security-policy: default-src 'report-sample' 'self' 'unsafe-inline' *.group-login.com group-login.com *.wrkit.com wrkit.com *.groupscheme.com *.rewardhubdiscounts.com *.rewardflo.com *.powrlife.com *.certasenergyextras.co.uk *.mytrustbenefits.co.uk *.pushalert.co cdn77.leadingloyalty.com leadingloyalty.com cdn77hd.leadingloyalty.com fonts.googleapis.com fonts.gstatic.com *.google-analytics.com code.jquery.com *.google.com player.vimeo.com; img-src 'report-sample' 'self' *.group-login.com group-login.com *.wrkit.com wrkit.com *.groupscheme.com *.rewardhubdiscounts.com *.rewardflo.com *.powrlife.com *.certasenergyextras.co.uk *.mytrustbenefits.co.uk *.pushalert.co cdn77.leadingloyalty.com leadingloyalty.com cdn77hd.leadingloyalty.com fonts.googleapis.com fonts.gstatic.com *.google-analytics.com code.jquery.com *.google.com data:; worker-src 'self' blob:; frame-ancestors 'self'
x-age: 326245

GET
H2 200 cookieconsent.min.css
cdn77.leadingloyalty.com/_cdn-vendors/css/ 5 KB
1 KB 170ms
61ms Stylesheet
text/css 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn77.leadingloyalty.com/_cdn-vendors/css/cookieconsent.min.css
Requested by: Host: rl-wellbeing.group-login.com
URL: https://rl-wellbeing.group-login.com/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://rl-wellbeing.group-login.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-77-nzt: Abk73BCs7hT/nKEDAA==
x-accel-expires: @1642112261
date: Tue, 04 Jan 2022 16:24:01 GMT
content-encoding: br
last-modified: Thu, 07 Oct 2021 15:47:46 GMT
server: CDN77-Turbo
x-77-nzt-ray: RPQL9IQMmbs=
x-77-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-cache: HIT
x-age: 237980
x-77-pop: frankfurtDE

GET
H2 200 cookieconsent.min.js Show response
cdn77.leadingloyalty.com/_cdn-vendors/js/ 20 KB
7 KB 171ms
62ms Script
application/javascript 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn77.leadingloyalty.com/_cdn-vendors/js/cookieconsent.min.js
Requested by: Host: rl-wellbeing.group-login.com
URL: https://rl-wellbeing.group-login.com/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: abe6ce181ad75f9346604cb22d0bda452ac71bb8ab49014df42f4f870a5846c7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://rl-wellbeing.group-login.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-77-nzt: Abk73BAcdg3/nKEDAA==
x-accel-expires: @1642112261
date: Tue, 04 Jan 2022 16:24:01 GMT
content-encoding: br
last-modified: Thu, 07 Oct 2021 15:55:28 GMT
server: CDN77-Turbo
x-77-nzt-ray: LAIe3rm4s3U=
x-77-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-cache: HIT
x-age: 237980
x-77-pop: frankfurtDE

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 104ms
32ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: rl-wellbeing.group-login.com
URL: https://rl-wellbeing.group-login.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://rl-wellbeing.group-login.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2947
date: Tue, 04 Jan 2022 15:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 04 Jan 2022 17:34:54 GMT

GET
H2 200 ua-parser.min.js Show response
cdn77.leadingloyalty.com/_cdn-vendors/js/ 20 KB
7 KB 170ms
62ms Script
application/javascript 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn77.leadingloyalty.com/_cdn-vendors/js/ua-parser.min.js
Requested by: Host: rl-wellbeing.group-login.com
URL: https://rl-wellbeing.group-login.com/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2c6d30046daef775ef149a76b9faf5a48f741e9d13575fe69955fd5caa061864

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://rl-wellbeing.group-login.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-77-nzt: Abk73BBXleD/7hwEAA==
x-accel-expires: @1642080691
date: Tue, 04 Jan 2022 16:24:01 GMT
content-encoding: br
last-modified: Thu, 07 Oct 2021 15:43:34 GMT
server: CDN77-Turbo
x-77-nzt-ray: ehpq0AaDfkc=
x-77-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-cache: HIT
x-age: 269550
x-77-pop: frankfurtDE

GET
H2 404 bg-main-rl-wellbeing-group-login-com.jpg
cdn77.leadingloyalty.com/images/bfx-bg/ 0
0 289ms
183ms Image
text/html 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn77.leadingloyalty.com/images/bfx-bg/bg-main-rl-wellbeing-group-login-com.jpg
Requested by: Host: rl-wellbeing.group-login.com
URL: https://rl-wellbeing.group-login.com/_assets/css/style.php?ts=20210419
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://rl-wellbeing.group-login.com/_assets/css/style.php?ts=20210419
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 200 bg-main-default.jpg
cdn77.leadingloyalty.com/images/bfx-bg/ 232 KB
232 KB 149ms
44ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn77.leadingloyalty.com/images/bfx-bg/bg-main-default.jpg
Requested by: Host: rl-wellbeing.group-login.com
URL: https://rl-wellbeing.group-login.com/_assets/css/style.php?ts=20210419
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: fc81914a3bbcee63b76f9064886bb7e0ac2bd9b135aa7b4ce268ac683ecc57c9

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://rl-wellbeing.group-login.com/_assets/css/style.php?ts=20210419
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 04 Jan 2022 16:24:01 GMT
x-77-cache: HIT
x-cnection: close
x-cache: HIT
x-age: 703484
content-length: 237410
x-77-nzt: Abk73BAaslf//LsKAA==
x-accel-expires: @1641646757
last-modified: Fri, 03 Apr 2020 12:21:08 GMT
server: CDN77-Turbo
x-77-nzt-ray: qIBUcdXhHSU=
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1036800
accept-ranges: bytes
expires: Tue, 15 Jun 2021 14:46:18 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 101ms
31ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,700,700i&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://rl-wellbeing.group-login.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 13:52:02 GMT
x-content-type-options: nosniff
age: 354719
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 31 Dec 2022 13:52:02 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 31ms
30ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1419228305&t=pageview&_s=1&dl=https%3A%2F%2Frl-wellbeing.groupscheme.com%2Fmain-portal%2Flogin&dp=%2Fgroupscheme.com%2Frl-wellbeing.groupscheme.com%2Fmain-portal%2Flogin&dh=rl-wellbeing.groupscheme.com&ul=en-us&de=UTF-8&dt=rl-wellbeing.group-login.com%20-%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YIAAAAAB~&cid=23683f46-dccd-4460-a60f-0f7429cd3fab&tid=UA-47090203-4&_gid=770187641.1641313441&z=1731042633

Requested by

Host: rl-wellbeing.group-login.com
URL: https://rl-wellbeing.group-login.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://rl-wellbeing.group-login.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Jan 2022 02:12:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 51114
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 31ms
31ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: rl-wellbeing.group-login.com
URL: https://rl-wellbeing.group-login.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://rl-wellbeing.group-login.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Jan 2022 02:12:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 51114
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 31ms
31ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1419228305&t=pageview&_s=1&dl=https%3A%2F%2Frl-wellbeing.groupscheme.com%2Fmain-portal%2Flogin&dp=%2Frl-wellbeing.groupscheme.com%2Fmain-portal%2Flogin&dh=rl-wellbeing.groupscheme.com&ul=en-us&de=UTF-8&dt=rl-wellbeing.group-login.com%20-%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YIAAAAAB~&cid=23683f46-dccd-4460-a60f-0f7429cd3fab&tid=UA-56304475-1&_gid=1587466145.1641313441&z=690304504

Requested by

Host: rl-wellbeing.group-login.com
URL: https://rl-wellbeing.group-login.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://rl-wellbeing.group-login.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Jan 2022 02:12:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 51114
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 32ms
31ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1419228305&t=pageview&_s=1&dl=https%3A%2F%2Frl-wellbeing.groupscheme.com%2Fmain-portal%2Flogin&dp=%2Fmain-portal%2Flogin&dh=rl-wellbeing.groupscheme.com&ul=en-us&de=UTF-8&dt=rl-wellbeing.group-login.com%20-%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YIAAAAAB~&cid=23683f46-dccd-4460-a60f-0f7429cd3fab&tid=UA-56304475-2&_gid=1466798770.1641313441&z=904509329

Requested by

Host: rl-wellbeing.group-login.com
URL: https://rl-wellbeing.group-login.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://rl-wellbeing.group-login.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Jan 2022 02:12:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 51114
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.php
group-login.com/_ajax/ 43 B
533 B 106ms
63ms Image
image/gif 185.184.156.149
VOOSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://group-login.com/_ajax/analytics.php?rnd=1353686297.1641313441&uh=&vh=63f604c697d91ba14e3db198fedcebe2270ed8baaf1a512765e52c62e1552224&idp=1483&sp=0&mid=0&sid=7fb50b15740b228d080e4d49ad9aec234a6343f788b0861aae6c9387d5b8b759&dln=https%3A%2F%2Frl-wellbeing.group-login.com%2Flogin&dhe=rl-wellbeing.group-login.com&dph=%2Flogin&dqy=&dte=rl-wellbeing.group-login.com%20-%20Login&drr=&dle=888&dvt=pc&dvo=Windows&dvb=Chrome&dvr=1600x1200

Requested by

Host: rl-wellbeing.group-login.com
URL: https://rl-wellbeing.group-login.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.184.156.149 , United Kingdom, ASN62217 (VOOSERVERS, GB),

Reverse DNS

Software

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name

Value

Content-Security-Policy

default-src 'report-sample' 'self' 'unsafe-inline' *.group-login.com group-login.com *.wrkit.com wrkit.com *.groupscheme.com *.rewardhubdiscounts.com *.rewardflo.com *.powrlife.com *.certasenergyextras.co.uk *.mytrustbenefits.co.uk *.pushalert.co cdn77.leadingloyalty.com leadingloyalty.com cdn77hd.leadingloyalty.com fonts.googleapis.com fonts.gstatic.com *.google-analytics.com code.jquery.com *.google.com player.vimeo.com; img-src 'report-sample' 'self' *.group-login.com group-login.com *.wrkit.com wrkit.com *.groupscheme.com *.rewardhubdiscounts.com *.rewardflo.com *.powrlife.com *.certasenergyextras.co.uk *.mytrustbenefits.co.uk *.pushalert.co cdn77.leadingloyalty.com leadingloyalty.com cdn77hd.leadingloyalty.com fonts.googleapis.com fonts.gstatic.com *.google-analytics.com code.jquery.com *.google.com data:; worker-src 'self' blob:; frame-ancestors 'self'

Strict-Transport-Security

max-age=21600000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://rl-wellbeing.group-login.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 16:24:01 GMT
last-modified: Mon, 04 Jan 2021 16:24:01 GMT
expect-ct: max-age=86400
vary: User-Agent,Host
content-type: image/gif
access-control-allow-origin: *
cache-control: must-revalidate
content-security-policy: default-src 'report-sample' 'self' 'unsafe-inline' *.group-login.com group-login.com *.wrkit.com wrkit.com *.groupscheme.com *.rewardhubdiscounts.com *.rewardflo.com *.powrlife.com *.certasenergyextras.co.uk *.mytrustbenefits.co.uk *.pushalert.co cdn77.leadingloyalty.com leadingloyalty.com cdn77hd.leadingloyalty.com fonts.googleapis.com fonts.gstatic.com *.google-analytics.com code.jquery.com *.google.com player.vimeo.com; img-src 'report-sample' 'self' *.group-login.com group-login.com *.wrkit.com wrkit.com *.groupscheme.com *.rewardhubdiscounts.com *.rewardflo.com *.powrlife.com *.certasenergyextras.co.uk *.mytrustbenefits.co.uk *.pushalert.co cdn77.leadingloyalty.com leadingloyalty.com cdn77hd.leadingloyalty.com fonts.googleapis.com fonts.gstatic.com *.google-analytics.com code.jquery.com *.google.com data:; worker-src 'self' blob:; frame-ancestors 'self'
strict-transport-security: max-age=21600000
content-length: 43
expires: Mon, 04 Jan 2021 16:24:01 GMT

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
leadingloyalty.com/	1969-12-31 23:59:59	Name: BIGipServer~GroupSchemes~GRO_leadingloyalty_VirtServer.app~GRO_leadingloyalty_VirtServer_pool Value: !8KLu94P0LIyyTPzuA6D24N8TY7QU5MudJGO9NociIXNNpJR6WqU5mPsmpYFWn62uqWS1D+csQMzLMw==
rl-wellbeing.group-login.com/	1969-12-31 23:59:59	Name: loyalty Value: mb7qf1f2hmf2jsi7o22l0konh1g9kpuaahsamvjh
.group-login.com/	1970-01-19 23:55:20	Name: ZENSESSIONID Value: 4-0a0a3204-1152
rl-wellbeing.group-login.com/	1969-12-31 23:59:59	Name: BIGipServer~GroupSchemes~GRO_group-login_VirtServer.app~GRO_group-login_VirtServer_pool Value: !44pwso0ZA7TrC0nuA6D24N8TY7QU5EIIyLm/ov3ogdly5yKKVKi5tu7vkutD67Y9wrkm38GQnK20dg==
rl-wellbeing.group-login.com/	1969-12-31 23:59:59	Name: TS0132543f Value: 01721ce65356b9f1a86cfcab765a01eee96f75d16a352c20ad3c1cd70876353563aafffe31aa8cc9b7f68d20d7fddb2f1fbd4c91fa
.group-login.com/	1969-12-31 23:59:59	Name: TS012b8855 Value: 01721ce65356b9f1a86cfcab765a01eee96f75d16a352c20ad3c1cd70876353563aafffe31aa8cc9b7f68d20d7fddb2f1fbd4c91fa
group-login.com/	1969-12-31 23:59:59	Name: BIGipServer~GroupSchemes~GRO_group-login_VirtServer.app~GRO_group-login_VirtServer_pool Value: !/yEYqeUGPd6eGjPuA6D24N8TY7QU5EwjApui4I0zFQmzgdZIPfiIMalO+yL2BtkKNxUiGU2xzv8c+Q==
.group-login.com/	1969-12-31 23:59:59	Name: TS018b2207 Value: 01721ce653581bbdaf2a1b077a2e6c2179da17a0910489dd70184e6135768b1027885d5cd84c5b6ddc7a211271d19c13106fc35a72

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdn77.leadingloyalty.com/images/bfx-bg/bg-main-rl-wellbeing-group-login-com.jpg Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'report-sample' 'self' 'unsafe-inline' .group-login.com group-login.com .wrkit.com wrkit.com .groupscheme.com .rewardhubdiscounts.com .rewardflo.com .powrlife.com .certasenergyextras.co.uk .mytrustbenefits.co.uk .pushalert.co cdn77.leadingloyalty.com leadingloyalty.com cdn77hd.leadingloyalty.com fonts.googleapis.com fonts.gstatic.com .google-analytics.com code.jquery.com .google.com player.vimeo.com; img-src 'report-sample' 'self' .group-login.com group-login.com .wrkit.com wrkit.com .groupscheme.com .rewardhubdiscounts.com .rewardflo.com .powrlife.com .certasenergyextras.co.uk .mytrustbenefits.co.uk .pushalert.co cdn77.leadingloyalty.com leadingloyalty.com cdn77hd.leadingloyalty.com fonts.googleapis.com fonts.gstatic.com .google-analytics.com code.jquery.com .google.com data:; worker-src 'self' blob:; frame-ancestors 'self'
Strict-Transport-Security	max-age=21600000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn77.leadingloyalty.com
cdn77.wrkit.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
group-login.com
leadingloyalty.com
rl-wellbeing.group-login.com
www.google-analytics.com
185.184.156.146
185.184.156.149
2001:4de0:ac18::1:a:2a
2a00:1450:4001:801::200a
2a00:1450:4001:80f::200e
2a00:1450:4001:82a::2003
2a02:6ea0:c700::10
2a02:6ea0:c700::4
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
2c6d30046daef775ef149a76b9faf5a48f741e9d13575fe69955fd5caa061864
4af4d5342c392b629e78f7fc900fe7cb4e442cce3fb90cc3cac7fe96007d5cd7
4c21ee622c02b3a15196b20724a48c7d74895354638be4763c6fd01c269e4b35
807b1433f9c2340e253f71cf9862932aa639805cbd1001e790d3f98782c69613
82069c15edd6943dfaa59f5ac3f6acc86fd44a28fe925e410ccdcadec194a8ba
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
abe6ce181ad75f9346604cb22d0bda452ac71bb8ab49014df42f4f870a5846c7
b743f94be1b917dc8d6881d287a341f744bdfefdfa4104d6ea83c5326aad2c49
be77a523566477dd4964bd0a41ae633eadae722218dc0e744f76243eb8190147
c6f2afa230dad0fdd164bf680e5b6d8e2d144380219c4462a9450e9cf8f4b369
c8a0d37051e27962ad75670ed0fced79b6ad2521c9f01f52164a4cb00673f823
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
d57f3c25b83ddd03dde52b6a65a3981b2cd67f3040310b28d838e25e8994e613
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fc81914a3bbcee63b76f9064886bb7e0ac2bd9b135aa7b4ce268ac683ecc57c9
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

rl-wellbeing.group-login.com Open in urlscan Pro 185.184.156.149 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

100 %HTTPS

75 %IPv6

7 Domains

9 Subdomains

7 IPs

3 Countries

425 kBTransfer

752 kBSize

8 Cookies

0 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

8 Cookies

1 Console Messages

Security Headers

Indicators

rl-wellbeing.group-login.com Open in urlscan Pro
185.184.156.149 Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

100 %
HTTPS

75 %
IPv6

7
Domains

9
Subdomains

7
IPs

3
Countries

425 kB
Transfer

752 kB
Size

8
Cookies

23 HTTP transactions
0 data transactions