urlscan.io logo urlscan.io
SecurityTrails logo

benefits-authority.com Open in urlscan Pro
69.172.201.115  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://afflat3d3.com/lnk.asp?o=26996&c=918273&a=260612&k=7b2e5661cc2d1ccb974a5d2048696404&l=28846
Effective URL: https://benefits-authority.com/?mbi=1517079338
Submission: On June 03 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 7 domains to perform 28 HTTP transactions. The main IP is 69.172.201.115, located in Canada and belongs to DOSARREST, US. The main domain is benefits-authority.com.
TLS certificate: Issued by R3 on May 27th 2024. Valid for: 3 months.
This is the only time benefits-authority.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 69.172.200.185 19324 (DOSARREST)
7 69.172.201.115 19324 (DOSARREST)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 13.32.208.23 16509 (AMAZON-02)
6 52.70.100.105 14618 (AMAZON-AES)
2 54.235.198.136 14618 (AMAZON-AES)
1 18.160.41.57 16509 (AMAZON-02)
1 99.86.227.55 16509 (AMAZON-02)
4 34.227.175.110 14618 (AMAZON-AES)
28 10
4    69.172.200.185 (Canada)

ASN19324 (DOSARREST, US)
PTR: maxbounty.com
afflat3d3.com
av-api.com
7    69.172.201.115 (Canada)

ASN19324 (DOSARREST, US)
benefits-authority.com
1    2606:4700:10::6816:27b6 (United States)

ASN13335 (CLOUDFLARENET, US)
create.lidstatic.com
2    13.32.208.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-208-23.iad66.r.cloudfront.net
api.pushnami.com
6    52.70.100.105 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-100-105.compute-1.amazonaws.com
create.leadid.com
2    54.235.198.136 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-235-198-136.compute-1.amazonaws.com
trc.pushnami.com
1    18.160.41.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-41-57.iad55.r.cloudfront.net
cdn.pushnami.com
1    99.86.227.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-227-55.iad79.r.cloudfront.net
d2m2wsoho8qq12.cloudfront.net
4    34.227.175.110 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-227-175-110.compute-1.amazonaws.com
psp.pushnami.com
Apex Domain
Subdomains		 Transfer
9 pushnami.com
api.pushnami.com — Cisco Umbrella Rank: 6986
trc.pushnami.com — Cisco Umbrella Rank: 7471
cdn.pushnami.com — Cisco Umbrella Rank: 14793
psp.pushnami.com — Cisco Umbrella Rank: 22039
351 KB
7 benefits-authority.com
benefits-authority.com
549 KB
6 leadid.com
create.leadid.com — Cisco Umbrella Rank: 13668
4 KB
3 av-api.com
av-api.com
1 MB
1 cloudfront.net
d2m2wsoho8qq12.cloudfront.net
1 lidstatic.com
create.lidstatic.com — Cisco Umbrella Rank: 20871
38 KB
1 afflat3d3.com
afflat3d3.com
835 B
28 7
Domain Requested by
7 benefits-authority.com benefits-authority.com
6 create.leadid.com create.lidstatic.com
4 psp.pushnami.com cdn.pushnami.com
api.pushnami.com
3 av-api.com benefits-authority.com
2 trc.pushnami.com api.pushnami.com
2 api.pushnami.com benefits-authority.com
api.pushnami.com
1 d2m2wsoho8qq12.cloudfront.net create.lidstatic.com
1 cdn.pushnami.com api.pushnami.com
1 create.lidstatic.com benefits-authority.com
1 afflat3d3.com 1 redirects
28 10

This site contains no links.

Subject Issuer Validity Valid
championautoinsurance.com
R3		 2024-05-27 -
2024-08-25		 3 months crt.sh
av-api.com
R3		 2024-04-22 -
2024-07-21		 3 months crt.sh
lidstatic.com
E1		 2024-05-25 -
2024-08-23		 3 months crt.sh
*.pushnami.com
Amazon RSA 2048 M02		 2024-02-03 -
2025-03-03		 a year crt.sh
create.leadid.com
Amazon RSA 2048 M02		 2023-08-21 -
2024-09-17		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh

This page contains 3 frames:

Primary Page: https://benefits-authority.com/?mbi=1517079338
Frame ID: 0C7CB5CD8B82A4F5B67A7EF6CACEBE60
Requests: 23 HTTP requests in this frame

Frame: https://api.pushnami.com/scripts/v1/hub
Frame ID: 70D59553D33D092FDC58D92D3E56E584
Requests: 1 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=B589CD48-B1A2-356F-022E-B06ED81A056C&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=D2FB0EC8-1E8C-A402-E4AC-9205FE98F622&lac=4B1F5928-2127-08FA-4EA5-F0DB210F6AAE
Frame ID: E374B2CBB1086B7B8A3C5DEB8ACAE4D1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Benefits Authority

Page URL History Show full URLs

  1. http://afflat3d3.com/lnk.asp?o=26996&c=918273&a=260612&k=7b2e5661cc2d1ccb974a5d2048696404&l=28846 HTTP 307
    https://afflat3d3.com/lnk.asp?o=26996&c=918273&a=260612&k=7b2e5661cc2d1ccb974a5d2048696404&l=28846 HTTP 302
    https://benefits-authority.com/?mbi=1517079338 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • api\.pushnami\.com

Page Statistics

28
Requests

96 %
HTTPS

11 %
IPv6

7
Domains

10
Subdomains

10
IPs

2
Countries

2306 kB
Transfer

3721 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://afflat3d3.com/lnk.asp?o=26996&c=918273&a=260612&k=7b2e5661cc2d1ccb974a5d2048696404&l=28846 HTTP 307
    https://afflat3d3.com/lnk.asp?o=26996&c=918273&a=260612&k=7b2e5661cc2d1ccb974a5d2048696404&l=28846 HTTP 302
    https://benefits-authority.com/?mbi=1517079338 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
benefits-authority.com/
Redirect Chain
  • http://afflat3d3.com/lnk.asp?o=26996&c=918273&a=260612&k=7b2e5661cc2d1ccb974a5d2048696404&l=28846
  • https://afflat3d3.com/lnk.asp?o=26996&c=918273&a=260612&k=7b2e5661cc2d1ccb974a5d2048696404&l=28846
  • https://benefits-authority.com/?mbi=1517079338
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://benefits-authority.com/?mbi=1517079338
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.201.115 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
nginx/1.20.2 / ASP.NET
Resource Hash
ff7952749d7fb5aa592de5b0efc5648c3de68898d5ab02da74c3d74248053df3
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Mon, 03 Jun 2024 21:09:30 GMT
ETag
W/"409f9ae3d35dda1:0"
Keep-Alive
timeout=20
Last-Modified
Mon, 12 Feb 2024 16:52:39 GMT
Server
nginx/1.20.2
Transfer-Encoding
chunked
X-DIS-Request-ID
55e93b1e9934d55678fd65d48ab48502
X-Frame-Options
SAMEORIGIN
X-Powered-By
ASP.NET

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
166
Content-Type
text/html
Date
Mon, 03 Jun 2024 21:09:30 GMT
Keep-Alive
timeout=20
Location
https://benefits-authority.com?mbi=1517079338
Server
nginx/1.20.2
X-DIS-Request-ID
caf477e92a599edcf418484da9acb4aa
X-Powered-By
ASP.NET
2.9a56c832.chunk.css
benefits-authority.com/static/css/ 		186 KB
48 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://benefits-authority.com/static/css/2.9a56c832.chunk.css
Requested by
Host: benefits-authority.com
URL: https://benefits-authority.com/?mbi=1517079338
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.201.115 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
nginx/1.20.2 / ASP.NET
Resource Hash
14b075d2831615d4fb62e8b8271b62ed622ba8d36e51797d6df9ebbc95f96b58
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://benefits-authority.com/?mbi=1517079338
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 03 Jun 2024 21:09:30 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Feb 2024 16:52:40 GMT
Server
nginx/1.20.2
ETag
"07cabe3d35dda1:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
48500
X-DIS-Request-ID
68af0091c33945456af8f674cb38ab58
main.53dbd380.chunk.css
benefits-authority.com/static/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://benefits-authority.com/static/css/main.53dbd380.chunk.css
Requested by
Host: benefits-authority.com
URL: https://benefits-authority.com/?mbi=1517079338
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.201.115 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
nginx/1.20.2 / ASP.NET
Resource Hash
42f373b869a5f0a9438bac0f1866aad195a0ec3cf9be60a7036955499e5620a9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://benefits-authority.com/?mbi=1517079338
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 03 Jun 2024 21:09:30 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Feb 2024 16:52:40 GMT
Server
nginx/1.20.2
ETag
"07cabe3d35dda1:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
1634
X-DIS-Request-ID
e58370a1abf9ecb3a0627445a74013f5
2.12dd23d0.chunk.js
benefits-authority.com/static/js/ 		1 MB
475 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://benefits-authority.com/static/js/2.12dd23d0.chunk.js
Requested by
Host: benefits-authority.com
URL: https://benefits-authority.com/?mbi=1517079338
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.201.115 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
nginx/1.20.2 / ASP.NET
Resource Hash
dd30f9294822c6d5c32e8fc4e4de069194ad4b9ca958d9f9265d321fc4aa3e44
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://benefits-authority.com/?mbi=1517079338
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 03 Jun 2024 21:09:31 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Feb 2024 16:52:41 GMT
Server
nginx/1.20.2
ETag
"801244e4d35dda1:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
486259
X-DIS-Request-ID
35e9a3d1ca1c905ec63bfa5dca4c0ee2
main.d49d32d4.chunk.js
benefits-authority.com/static/js/ 		92 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://benefits-authority.com/static/js/main.d49d32d4.chunk.js
Requested by
Host: benefits-authority.com
URL: https://benefits-authority.com/?mbi=1517079338
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.201.115 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
nginx/1.20.2 / ASP.NET
Resource Hash
340e9a31b128e0ed1a2d1257ffaccc5b080b22574128bb03b2c480b7904cebfa
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://benefits-authority.com/?mbi=1517079338
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 03 Jun 2024 21:09:31 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Feb 2024 16:52:41 GMT
Server
nginx/1.20.2
ETag
"801244e4d35dda1:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
17901
X-DIS-Request-ID
787d0d54e2c89a17d12fef3fb227ff8c
6d37a2e1a7d64a79049bb074eb2b9db2
av-api.com/property/13/0/ 		160 KB
31 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://av-api.com/property/13/0/6d37a2e1a7d64a79049bb074eb2b9db2?mbi=1517079338
Requested by
Host: benefits-authority.com
URL: https://benefits-authority.com/static/js/main.d49d32d4.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.185 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
maxbounty.com
Software
nginx/1.20.2 / Express, ASP.NET
Resource Hash
36cff46ad7832022b774af9185f17a70f4f1b30fbdf74ff9d268cdbf19965736

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://benefits-authority.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 03 Jun 2024 21:09:32 GMT
Content-Encoding
gzip
Server
nginx/1.20.2
ETag
W/"28174-rQz1kFkwHHPHqOv/ymyqM0NjwNA"
X-Powered-By
Express, ASP.NET
Transfer-Encoding
chunked
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://benefits-authority.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=20
X-DIS-Request-ID
cb6e9c591cd0c311942328ddcafc23e9
favicon.ico
benefits-authority.com/ 		4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://benefits-authority.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.201.115 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
nginx/1.20.2 / ASP.NET
Resource Hash
3d10f7da6c603178340081668c4ac5b3ae9743ca9a262ab0fcd312fbb9f48bdd
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://benefits-authority.com/?mbi=1517079338
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 03 Jun 2024 21:09:31 GMT
Last-Modified
Mon, 12 Feb 2024 16:52:40 GMT
Server
nginx/1.20.2
ETag
"25e9dfe3d35dda1:0"
X-Powered-By
ASP.NET
X-Frame-Options
SAMEORIGIN
Content-Type
image/x-icon
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
3870
X-DIS-Request-ID
943fdfd55b562eafefceec87416ff31e
mainBackground
av-api.com/cdn/image/site/15/ 		0
1 MB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://av-api.com/cdn/image/site/15/mainBackground
Requested by
Host: benefits-authority.com
URL: https://benefits-authority.com/static/js/main.d49d32d4.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.185 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
maxbounty.com
Software
nginx/1.20.2 / Express, ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://benefits-authority.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 03 Jun 2024 21:09:32 GMT
Server
nginx/1.20.2
X-Powered-By
Express, ASP.NET
Transfer-Encoding
chunked
Vary
Origin
Access-Control-Allow-Origin
https://benefits-authority.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=20
X-DIS-Request-ID
cab68e9acb0e5a226d6f20d36e061359
logo
av-api.com/cdn/image/site/15/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://av-api.com/cdn/image/site/15/logo
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.185 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
maxbounty.com
Software
nginx/1.20.2 / Express, ASP.NET
Resource Hash
5f1adb90a1acc45fd824b3a042617a48228fde56c778b5c4d7d9f0c3275dfc79

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://benefits-authority.com/
Origin
https://benefits-authority.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 03 Jun 2024 21:09:32 GMT
Server
nginx/1.20.2
X-Powered-By
Express, ASP.NET
Transfer-Encoding
chunked
Vary
Origin
Access-Control-Allow-Origin
https://benefits-authority.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=20
X-DIS-Request-ID
ab66d82d70c6daf973cd2fcbe4841da0
d2fb0ec8-1e8c-a402-e4ac-9205fe98f622.js
create.lidstatic.com/campaign/ 		121 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://create.lidstatic.com/campaign/d2fb0ec8-1e8c-a402-e4ac-9205fe98f622.js?snippet_version=2&callback=setUniversalLeadId
Requested by
Host: benefits-authority.com
URL: https://benefits-authority.com/static/js/main.d49d32d4.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:27b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fa7b0beaf1f6f28f1536562e6b37d99f740f74d4da5a04878cc04cfa2ddc2ef

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://benefits-authority.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 03 Jun 2024 21:09:32 GMT
x-amz-version-id
jcg6xR0RLnEPx2ja2xFg.e3XkhCnSGFF
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
NTE8HV0PXH12Z602
age
1744
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
cQAQZSbngOrMMjfiZJSvZQuA6DKNBe5kjxM1IylmqEP4Tpz/WghN33+oYX2E2v4MW7h7SAWW3T2v8tyOPpG04zubD64306uzPQav9k1hOmc=
last-modified
Thu, 18 Jan 2024 01:16:08 GMT
server
cloudflare
etag
W/"49f74114288373e445b00e2803c93e34"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=1800
cf-ray
88e2aa2f5d62ac52-YYZ
662a836a473fc40013e65c89
api.pushnami.com/scripts/v1/pushnami-adv/ 		92 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.pushnami.com/scripts/v1/pushnami-adv/662a836a473fc40013e65c89
Requested by
Host: benefits-authority.com
URL: https://benefits-authority.com/static/js/main.d49d32d4.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.208.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-23.iad66.r.cloudfront.net
Software
/
Resource Hash
5107b5ac913468b589ce4546c7cc1323fd64ce4e5901420db5baf7d1cf092429

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://benefits-authority.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 03 Jun 2024 21:06:22 GMT
content-encoding
gzip
via
1.1 4e3880ea97e52abcc2c96cf65b515f10.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD66-C1
age
190
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
no-cache
x-amz-cf-id
UHrxC_w1dxepV2CjmSKPMYMpFAogRRwiW5RLFUHbPJDkBYCYszNGXg==
noscript.gif
create.leadid.com/ 		43 B
644 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://create.leadid.com/noscript.gif?lac=4b1f5928-2127-08fa-4ea5-f0db210f6aae&lck=d2fb0ec8-1e8c-a402-e4ac-9205fe98f622&snippet_version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.70.100.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-100-105.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://benefits-authority.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 03 Jun 2024 21:09:32 GMT
content-encoding
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Mon, 03 Jun 2024 21:09:32 GMT
server
nginx
etag
A51900F4-FA79-1ABC-D5EE-37FE598BFA9E
access-control-max-age
1728000
content-type
image/gif
access-control-allow-origin
*
access-control-allow-headers
X-Requested-With, Content-Type
favicon.ico
benefits-authority.com/ 		4 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://benefits-authority.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.201.115 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
nginx/1.20.2 / ASP.NET
Resource Hash
3d10f7da6c603178340081668c4ac5b3ae9743ca9a262ab0fcd312fbb9f48bdd
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://benefits-authority.com/?mbi=1517079338
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 03 Jun 2024 21:09:31 GMT
Last-Modified
Mon, 12 Feb 2024 16:52:40 GMT
Server
nginx/1.20.2
ETag
"25e9dfe3d35dda1:0"
X-Powered-By
ASP.NET
X-Frame-Options
SAMEORIGIN
Content-Type
image/x-icon
Accept-Ranges
bytes
Content-Length
3870
X-DIS-Request-ID
943fdfd55b562eafefceec87416ff31e
acdb30d5-830e-4063-ae1d-5a1af48d3ffe
https://benefits-authority.com/ 		1 MB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
blob:https://benefits-authority.com/acdb30d5-830e-4063-ae1d-5a1af48d3ffe
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
57ab700ae891720133074d3d5f10a06d0b21b6cf7980aa690fd2d3a65bb9d48c

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length
1356916
Content-Type
hub
api.pushnami.com/scripts/v1/ Frame 70D5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://api.pushnami.com/scripts/v1/hub
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/662a836a473fc40013e65c89
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.208.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-23.iad66.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' *
X-Content-Security-Policy default-src 'unsafe-inline' *

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://benefits-authority.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-headers
X-Requested-With
access-control-allow-methods
GET,PUT,POST,DELETE
access-control-allow-origin
*
age
3500
cache-control
no-cache
content-encoding
gzip
content-security-policy
default-src 'unsafe-inline' *
content-type
text/html; charset=utf-8
date
Mon, 03 Jun 2024 20:11:13 GMT
vary
accept-encoding
via
1.1 3a7c02063c5f3d8ad13db0f8e016ccc2.cloudfront.net (CloudFront)
x-amz-cf-id
R2gyRpO5gxmvxx4tKCckfYkguCsYiTq6qf7kksGk69Clms1U6OqXCg==
x-amz-cf-pop
IAD66-C1
x-cache
Hit from cloudfront
x-content-security-policy
default-src 'unsafe-inline' *
x-webkit-csp
default-src 'unsafe-inline' *
track
trc.pushnami.com/api/push/ 		2 B
168 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trc.pushnami.com/api/push/track
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/662a836a473fc40013e65c89
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.235.198.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-198-136.compute-1.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type
application/x-www-form-urlencoded
accept
application/json, text/plain, */*
Referer
https://benefits-authority.com/
key
662a836a473fc40013e65c89
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Mon, 03 Jun 2024 21:09:33 GMT
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
content-length
2
content-type
text/html; charset=utf-8
track
trc.pushnami.com/api/push/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc.pushnami.com/api/push/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.235.198.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-198-136.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
key
Access-Control-Request-Method
POST
Origin
https://benefits-authority.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Accept,Authorization,Content-Type,If-None-Match,key
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
WWW-Authenticate,Server-Authorization
access-control-max-age
86400
cache-control
no-cache
date
Mon, 03 Jun 2024 21:09:33 GMT
GenerateToken
create.leadid.com/2.12.1/ 		36 B
660 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.12.1/GenerateToken?msn=1&pid=134e9c56-efeb-45e1-a7c7-db04aa2d4930&_=309217042
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/d2fb0ec8-1e8c-a402-e4ac-9205fe98f622.js?snippet_version=2&callback=setUniversalLeadId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.70.100.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-100-105.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6c6eb0661671e130d8a5c74cee5d49a03dfc54f00c819722ffa814d448304163
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://benefits-authority.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 03 Jun 2024 21:09:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
psfpv4_client_1.0.1_b72578ebd9d26f7bf3b5fc418d3d6fe0f65e21737d8c6c08863c6213b6db1eb8.js
cdn.pushnami.com/js/exp/ 		330 KB
331 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pushnami.com/js/exp/psfpv4_client_1.0.1_b72578ebd9d26f7bf3b5fc418d3d6fe0f65e21737d8c6c08863c6213b6db1eb8.js
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/662a836a473fc40013e65c89
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.41.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-41-57.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6c1f31b8e98591134a9f0a6d56432c21eaad4c56a62efc174b80a2c2e6c117eb

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://benefits-authority.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
XYQIAZBCNnKDQbMIWLdeERrsFJdv2kxi
content-encoding
utf-8
via
1.1 1063d14b5dde23a7d5dd1293e6ceb59c.cloudfront.net (CloudFront)
date
Mon, 03 Jun 2024 20:52:35 GMT
x-amz-cf-pop
IAD55-P1
age
1019
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
338254
last-modified
Fri, 24 May 2024 21:51:08 GMT
server
AmazonS3
etag
"2af390fadae7c24acd02955a6d8332c7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
accept-ranges
bytes
x-amz-cf-id
QwSpvR9yG_qpcMzY0p6Fq-gr4q0TfDPv3G6KjBmSni8sq2CDDuz7bA==
iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame E374 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=B589CD48-B1A2-356F-022E-B06ED81A056C&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=D2FB0EC8-1E8C-A402-E4AC-9205FE98F622&lac=4B1F5928-2127-08FA-4EA5-F0DB210F6AAE
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/d2fb0ec8-1e8c-a402-e4ac-9205fe98f622.js?snippet_version=2&callback=setUniversalLeadId
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.227.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-227-55.iad79.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://benefits-authority.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Headers
*
Access-Control-Allow-Origin
*
Age
46909
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Mon, 03 Jun 2024 08:07:44 GMT
Etag
W/"65a0715c-dbb"
Last-Modified
Thu, 11 Jan 2024 22:53:16 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Via
1.1 8b91488fa62e73ed6328bc389e6d1cbe.cloudfront.net (CloudFront)
X-Amz-Cf-Id
at-jOlyq6u4mPHjJN8zSrMOWqsT1vcexAWv9zDEqTT8ST_-u48cRkA==
X-Amz-Cf-Pop
IAD79-C3
X-Cache
Hit from cloudfront
SaveDom
create.leadid.com/2.12.1/ 		0
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.12.1/SaveDom?msn=2&pid=134e9c56-efeb-45e1-a7c7-db04aa2d4930&token=B589CD48-B1A2-356F-022E-B06ED81A056C&_=309217043
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/d2fb0ec8-1e8c-a402-e4ac-9205fe98f622.js?snippet_version=2&callback=setUniversalLeadId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.70.100.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-100-105.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://benefits-authority.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 03 Jun 2024 21:09:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
InitFormData
create.leadid.com/2.12.1/ 		0
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.12.1/InitFormData?msn=3&pid=134e9c56-efeb-45e1-a7c7-db04aa2d4930&token=B589CD48-B1A2-356F-022E-B06ED81A056C&_=309217044
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/d2fb0ec8-1e8c-a402-e4ac-9205fe98f622.js?snippet_version=2&callback=setUniversalLeadId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.70.100.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-100-105.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://benefits-authority.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 03 Jun 2024 21:09:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
Snap
create.leadid.com/2.12.1/ 		0
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.12.1/Snap?msn=4&pid=134e9c56-efeb-45e1-a7c7-db04aa2d4930&token=B589CD48-B1A2-356F-022E-B06ED81A056C&_=309217045
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/d2fb0ec8-1e8c-a402-e4ac-9205fe98f622.js?snippet_version=2&callback=setUniversalLeadId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.70.100.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-100-105.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://benefits-authority.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 03 Jun 2024 21:09:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
data
psp.pushnami.com/psfp/ 		27 B
187 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://psp.pushnami.com/psfp/data
Requested by
Host: cdn.pushnami.com
URL: https://cdn.pushnami.com/js/exp/psfpv4_client_1.0.1_b72578ebd9d26f7bf3b5fc418d3d6fe0f65e21737d8c6c08863c6213b6db1eb8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.227.175.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-175-110.compute-1.amazonaws.com
Software
/ Express
Resource Hash
872f35c442fb45b92953ee6dc5f980717f993d018097ccc0b289ae206b7b129c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://benefits-authority.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/octet-stream

Response headers

access-control-allow-origin
*
date
Mon, 03 Jun 2024 21:09:34 GMT
x-powered-by
Express
content-length
27
etag
W/"1b-D4PNCIGKzvn9yhfD0QiKW4O6wuQ"
content-type
application/json; charset=utf-8
data
psp.pushnami.com/psfp/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://psp.pushnami.com/psfp/data
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.227.175.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-175-110.compute-1.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://benefits-authority.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
date
Mon, 03 Jun 2024 21:09:34 GMT
vary
Access-Control-Request-Headers
x-powered-by
Express
psp
psp.pushnami.com/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://psp.pushnami.com/api/psp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.227.175.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-175-110.compute-1.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
key
Access-Control-Request-Method
POST
Origin
https://benefits-authority.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
key
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
date
Mon, 03 Jun 2024 21:09:34 GMT
vary
Access-Control-Request-Headers
x-powered-by
Express
psp
psp.pushnami.com/api/ 		2 B
152 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://psp.pushnami.com/api/psp
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/662a836a473fc40013e65c89
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.227.175.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-175-110.compute-1.amazonaws.com
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type
application/x-www-form-urlencoded
accept
application/json, text/plain, */*
Referer
https://benefits-authority.com/
key
662a836a473fc40013e65c89
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Mon, 03 Jun 2024 21:09:38 GMT
x-powered-by
Express
content-length
2
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type
text/html; charset=utf-8
Snap
create.leadid.com/2.12.1/ 		0
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.12.1/Snap?msn=5&pid=134e9c56-efeb-45e1-a7c7-db04aa2d4930&token=B589CD48-B1A2-356F-022E-B06ED81A056C&_=309217046
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/d2fb0ec8-1e8c-a402-e4ac-9205fe98f622.js?snippet_version=2&callback=setUniversalLeadId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.70.100.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-100-105.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://benefits-authority.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 03 Jun 2024 21:09:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| webpackJsonpavatar-site-builder function| setImmediate function| clearImmediate function| _ object| FontAwesomeConfig object| ___FONT_AWESOME___ function| setUniversalLeadId object| isRollbar object| pushWrap function| pnFirebaseModuleInterfaceInstantiator object| pnFirebaseModuleInterface function| showFbChkOptIn object| mailnamiPromptModule undefined| o object| mailnami function| CrossStorageClient object| pushnamiStorage function| uuid object| Pushnami object| LeadiDconfig object| LeadiD string| label string| id boolean| sensitiveData object| defaultStyleFrame object| Psfp

13 Cookies

Domain/Path Name / Value
afflat3d3.com/ Name: mb_26996_SS
Value: AF=260612&AC=1517079338&CS=1517339950
afflat3d3.com/ Name: I_SS
Value: 1517079338
afflat3d3.com/ Name: I
Value: 1517079338
afflat3d3.com/ Name: mb%5F26996
Value: AC=1517079338&CS=1517339950&AF=260612
afflat3d3.com/ Name: ASPSESSIONIDSGTRCDAT
Value: JMOFJHBDLCMPMDCIENEFEBCO
benefits-authority.com/ Name: mbi
Value: 1517079338
benefits-authority.com/ Name: avtc
Value: 6d37a2e1a7d64a79049bb074eb2b9db2
benefits-authority.com/ Name: avtset
Value: 15-159
benefits-authority.com/ Name: leadid_token-4B1F5928-2127-08FA-4EA5-F0DB210F6AAE-D2FB0EC8-1E8C-A402-E4AC-9205FE98F622
Value: B589CD48-B1A2-356F-022E-B06ED81A056C
.trueleadid.com/ Name: nlbi_3051494
Value: eAX2Isrb0hlzDDl7C30iGwAAAABG3HCUP0ZeDpXSeRD6AGo5
.trueleadid.com/ Name: visid_incap_3051494
Value: Iu+lPWptScmTDNc4RI/m3Q4xXmYAAAAAQUIPAAAAAAARi1wLivt9153lKtCYZORy
.trueleadid.com/ Name: incap_ses_641_3051494
Value: eO3WEAalWx0nY+ziKkrlCA4xXmYAAAAA1st6fZCKRuCzdwr/Ma7IKg==
.deviceid.trueleadid.com/ Name: uuid
Value: 60513454d7854f19b4aaf932ecf43ecf

16 Console Messages

Source Level URL
Text
other error URL: https://benefits-authority.com/?mbi=1517079338#
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
other warning URL: https://benefits-authority.com/?mbi=1517079338#
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://benefits-authority.com/?mbi=1517079338#
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://benefits-authority.com/?mbi=1517079338#
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://benefits-authority.com/?mbi=1517079338#
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://benefits-authority.com/?mbi=1517079338#
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://benefits-authority.com/?mbi=1517079338#
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://benefits-authority.com/?mbi=1517079338#
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://benefits-authority.com/?mbi=1517079338#
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://benefits-authority.com/?mbi=1517079338#
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://benefits-authority.com/?mbi=1517079338#
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://benefits-authority.com/?mbi=1517079338#
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://benefits-authority.com/?mbi=1517079338#
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://benefits-authority.com/?mbi=1517079338#
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://benefits-authority.com/?mbi=1517079338#
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://benefits-authority.com/?mbi=1517079338#
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

afflat3d3.com
api.pushnami.com
av-api.com
benefits-authority.com
cdn.pushnami.com
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
psp.pushnami.com
trc.pushnami.com
13.32.208.23
18.160.41.57
2606:4700:10::6816:27b6
34.227.175.110
52.70.100.105
54.235.198.136
69.172.200.185
69.172.201.115
99.86.227.55
14b075d2831615d4fb62e8b8271b62ed622ba8d36e51797d6df9ebbc95f96b58
340e9a31b128e0ed1a2d1257ffaccc5b080b22574128bb03b2c480b7904cebfa
36cff46ad7832022b774af9185f17a70f4f1b30fbdf74ff9d268cdbf19965736
3d10f7da6c603178340081668c4ac5b3ae9743ca9a262ab0fcd312fbb9f48bdd
42f373b869a5f0a9438bac0f1866aad195a0ec3cf9be60a7036955499e5620a9
5107b5ac913468b589ce4546c7cc1323fd64ce4e5901420db5baf7d1cf092429
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57ab700ae891720133074d3d5f10a06d0b21b6cf7980aa690fd2d3a65bb9d48c
5f1adb90a1acc45fd824b3a042617a48228fde56c778b5c4d7d9f0c3275dfc79
6c1f31b8e98591134a9f0a6d56432c21eaad4c56a62efc174b80a2c2e6c117eb
6c6eb0661671e130d8a5c74cee5d49a03dfc54f00c819722ffa814d448304163
872f35c442fb45b92953ee6dc5f980717f993d018097ccc0b289ae206b7b129c
9fa7b0beaf1f6f28f1536562e6b37d99f740f74d4da5a04878cc04cfa2ddc2ef
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
dd30f9294822c6d5c32e8fc4e4de069194ad4b9ca958d9f9265d321fc4aa3e44
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ff7952749d7fb5aa592de5b0efc5648c3de68898d5ab02da74c3d74248053df3