urlscan.io logo urlscan.io
SecurityTrails logo

hiddenhealthbenefits.com Open in urlscan Pro
65.181.111.155  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://echo4.bluehornet.com/ct/102785032:7IQ-WLIaN:m:1:3668107852:D24E30D286F2E70B2AF244C6A106785B:r
Effective URL: https://hiddenhealthbenefits.com/?ef_transaction_id=63b879708a114c249931e9f5341f9c74
Submission: On April 19 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 6 domains to perform 19 HTTP transactions. The main IP is 65.181.111.155, located in United States and belongs to FORTRESSITX, US. The main domain is hiddenhealthbenefits.com.
TLS certificate: Issued by R3 on February 24th 2024. Valid for: 3 months.
This is the only time hiddenhealthbenefits.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 54.149.45.45 16509 (AMAZON-02)
1 1 34.36.162.171 396982 (GOOGLE-CL...)
16 65.181.111.155 25653 (FORTRESSITX)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.17.24.14 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
19 4
1    54.149.45.45 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-149-45-45.us-west-2.compute.amazonaws.com
echo4.bluehornet.com
1    34.36.162.171 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 171.162.36.34.bc.googleusercontent.com
www.npvnt7trk.com
16    65.181.111.155 (United States)

ASN25653 (FORTRESSITX, US)
PTR: s1049.use1.mysecurecloudhost.com
hiddenhealthbenefits.com
1    2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
16 hiddenhealthbenefits.com
hiddenhealthbenefits.com
413 KB
1 gstatic.com
fonts.gstatic.com
30 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
5 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
2 KB
1 npvnt7trk.com
www.npvnt7trk.com
468 B
1 bluehornet.com
echo4.bluehornet.com — Cisco Umbrella Rank: 260855
622 B
19 6
Domain Requested by
16 hiddenhealthbenefits.com hiddenhealthbenefits.com
1 fonts.gstatic.com fonts.googleapis.com
1 cdnjs.cloudflare.com hiddenhealthbenefits.com
1 fonts.googleapis.com hiddenhealthbenefits.com
1 www.npvnt7trk.com 1 redirects
1 echo4.bluehornet.com 1 redirects
19 6

This site contains links to these domains. Also see Links.

Domain
apply.hiddenhealthbenefits.com
Subject Issuer Validity Valid
apply.hiddenhealthbenefits.com
R3		 2024-02-24 -
2024-05-24		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://hiddenhealthbenefits.com/?ef_transaction_id=63b879708a114c249931e9f5341f9c74
Frame ID: 58FF54C6737EEF6DDC4DC7D5A46284A4
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hidden Health Benefits

Page URL History Show full URLs

  1. http://echo4.bluehornet.com/ct/102785032:7IQ-WLIaN:m:1:3668107852:D24E30D286F2E70B2AF244C6A106785B:r HTTP 307
    https://echo4.bluehornet.com/ct/102785032:7IQ-WLIaN:m:1:3668107852:D24E30D286F2E70B2AF244C6A106785B:r HTTP 302
    https://www.npvnt7trk.com/7BZ2W/G3L799/?sub1=BH HTTP 302
    https://hiddenhealthbenefits.com/?ef_transaction_id=63b879708a114c249931e9f5341f9c74 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • select2(?:\.min|\.full)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

100 %
HTTPS

33 %
IPv6

6
Domains

6
Subdomains

4
IPs

3
Countries

450 kB
Transfer

905 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://echo4.bluehornet.com/ct/102785032:7IQ-WLIaN:m:1:3668107852:D24E30D286F2E70B2AF244C6A106785B:r HTTP 307
    https://echo4.bluehornet.com/ct/102785032:7IQ-WLIaN:m:1:3668107852:D24E30D286F2E70B2AF244C6A106785B:r HTTP 302
    https://www.npvnt7trk.com/7BZ2W/G3L799/?sub1=BH HTTP 302
    https://hiddenhealthbenefits.com/?ef_transaction_id=63b879708a114c249931e9f5341f9c74 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
hiddenhealthbenefits.com/
Redirect Chain
  • http://echo4.bluehornet.com/ct/102785032:7IQ-WLIaN:m:1:3668107852:D24E30D286F2E70B2AF244C6A106785B:r
  • https://echo4.bluehornet.com/ct/102785032:7IQ-WLIaN:m:1:3668107852:D24E30D286F2E70B2AF244C6A106785B:r
  • https://www.npvnt7trk.com/7BZ2W/G3L799/?sub1=BH
  • https://hiddenhealthbenefits.com/?ef_transaction_id=63b879708a114c249931e9f5341f9c74
7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hiddenhealthbenefits.com/?ef_transaction_id=63b879708a114c249931e9f5341f9c74
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.181.111.155 , United States, ASN25653 (FORTRESSITX, US),
Reverse DNS
s1049.use1.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
6ca2b7abafbaf0ff4b78afbabdc16f73e05eb9e94f5ec2bde79583b306c72610

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
1968
content-type
text/html; charset=UTF-8
date
Fri, 19 Apr 2024 00:16:07 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent

Redirect headers

accept-ch
Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
107
content-type
text/html; charset=utf-8
date
Fri, 19 Apr 2024 00:16:06 GMT
location
https://hiddenhealthbenefits.com/?ef_transaction_id=63b879708a114c249931e9f5341f9c74
server
nginx
vary
Origin
via
1.1 google
x-eflow-request-id
032e7c8d-b176-4172-a68a-c8a1f149bc9f
css
fonts.googleapis.com/ 		25 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Kumbh+Sans:300,400,500,600,700,800,900&display=swap
Requested by
Host: hiddenhealthbenefits.com
URL: https://hiddenhealthbenefits.com/?ef_transaction_id=63b879708a114c249931e9f5341f9c74
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c7c7893b6e85c67fb5c81b735f7a31697bd8e30faa8828ce30d3e855bb4753d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hiddenhealthbenefits.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 19 Apr 2024 00:16:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 19 Apr 2024 00:16:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 19 Apr 2024 00:16:07 GMT
bootstrap.min.css
hiddenhealthbenefits.com/assets/bootstrap/css/ 		227 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hiddenhealthbenefits.com/assets/bootstrap/css/bootstrap.min.css
Requested by
Host: hiddenhealthbenefits.com
URL: https://hiddenhealthbenefits.com/?ef_transaction_id=63b879708a114c249931e9f5341f9c74
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.181.111.155 , United States, ASN25653 (FORTRESSITX, US),
Reverse DNS
s1049.use1.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
3b4b080b4438819e21e302be4b5a4c02b6316da27495604c610f25d3c165225e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hiddenhealthbenefits.com/?ef_transaction_id=63b879708a114c249931e9f5341f9c74
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 00:16:07 GMT
content-encoding
br
last-modified
Mon, 04 Mar 2024 19:30:19 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
28271
expires
Fri, 26 Apr 2024 00:16:07 GMT
styles.css
hiddenhealthbenefits.com/assets/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hiddenhealthbenefits.com/assets/css/styles.css
Requested by
Host: hiddenhealthbenefits.com
URL: https://hiddenhealthbenefits.com/?ef_transaction_id=63b879708a114c249931e9f5341f9c74
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.181.111.155 , United States, ASN25653 (FORTRESSITX, US),
Reverse DNS
s1049.use1.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
76c520dc5073091e2d1c1e455190ebb8d124f36fce14eb0e78fc0feb9b98d4bb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hiddenhealthbenefits.com/?ef_transaction_id=63b879708a114c249931e9f5341f9c74
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 00:16:07 GMT
content-encoding
br
last-modified
Mon, 04 Mar 2024 20:40:51 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2162
expires
Fri, 26 Apr 2024 00:16:07 GMT
warning_icon.png
hiddenhealthbenefits.com/assets/img/ 		936 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hiddenhealthbenefits.com/assets/img/warning_icon.png
Requested by
Host: hiddenhealthbenefits.com
URL: https://hiddenhealthbenefits.com/?ef_transaction_id=63b879708a114c249931e9f5341f9c74
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.181.111.155 , United States, ASN25653 (FORTRESSITX, US),
Reverse DNS
s1049.use1.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
308e2dd50d2de2ada39b7ed1dc47116bbb20c5b96ccd232fd1469ab0cbbbdde8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hiddenhealthbenefits.com/?ef_transaction_id=63b879708a114c249931e9f5341f9c74
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 00:16:07 GMT
last-modified
Mon, 04 Mar 2024 19:30:04 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
936
expires
Fri, 26 Apr 2024 00:16:07 GMT
hhbenefits-logo.png
hiddenhealthbenefits.com/assets/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hiddenhealthbenefits.com/assets/img/hhbenefits-logo.png
Requested by
Host: hiddenhealthbenefits.com
URL: https://hiddenhealthbenefits.com/?ef_transaction_id=63b879708a114c249931e9f5341f9c74
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.181.111.155 , United States, ASN25653 (FORTRESSITX, US),
Reverse DNS
s1049.use1.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
997e9b563b8ebe1a3f359ed8aed74f0f7eb9bbe810481219f55ef798c6a50307

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hiddenhealthbenefits.com/?ef_transaction_id=63b879708a114c249931e9f5341f9c74
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 00:16:07 GMT
last-modified
Mon, 04 Mar 2024 20:35:56 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
6376
expires
Fri, 26 Apr 2024 00:16:07 GMT
model.png
hiddenhealthbenefits.com/assets/img/ 		190 KB
190 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hiddenhealthbenefits.com/assets/img/model.png
Requested by
Host: hiddenhealthbenefits.com
URL: https://hiddenhealthbenefits.com/?ef_transaction_id=63b879708a114c249931e9f5341f9c74
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.181.111.155 , United States, ASN25653 (FORTRESSITX, US),
Reverse DNS
s1049.use1.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
9cf124200833e08b2a1b8c6e36354529247771eb8314b45baa3d908bc971ad0a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hiddenhealthbenefits.com/?ef_transaction_id=63b879708a114c249931e9f5341f9c74
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 00:16:07 GMT
last-modified
Mon, 04 Mar 2024 19:30:04 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
194272
expires
Fri, 26 Apr 2024 00:16:07 GMT
BinaxNow.jpeg
hiddenhealthbenefits.com/assets/img/ 		90 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hiddenhealthbenefits.com/assets/img/BinaxNow.jpeg
Requested by
Host: hiddenhealthbenefits.com
URL: https://hiddenhealthbenefits.com/?ef_transaction_id=63b879708a114c249931e9f5341f9c74
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.181.111.155 , United States, ASN25653 (FORTRESSITX, US),
Reverse DNS
s1049.use1.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
bfbecde83268dd075fb6e7a896b543ac0e24f33c2b014fbb8c235e7e4104b362

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hiddenhealthbenefits.com/?ef_transaction_id=63b879708a114c249931e9f5341f9c74
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 00:16:07 GMT
last-modified
Mon, 04 Mar 2024 19:29:59 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
91932
expires
Fri, 26 Apr 2024 00:16:07 GMT
logo-2.png
hiddenhealthbenefits.com/assets/img/ 		994 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hiddenhealthbenefits.com/assets/img/logo-2.png
Requested by
Host: hiddenhealthbenefits.com
URL: https://hiddenhealthbenefits.com/?ef_transaction_id=63b879708a114c249931e9f5341f9c74
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.181.111.155 , United States, ASN25653 (FORTRESSITX, US),
Reverse DNS
s1049.use1.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
dbba050a14af3ee1bc2b7b36d9b6b69a65866f1a1ddf7e9bc350afdd8aa10578

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hiddenhealthbenefits.com/?ef_transaction_id=63b879708a114c249931e9f5341f9c74
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 00:16:07 GMT
last-modified
Mon, 04 Mar 2024 19:30:00 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
994
expires
Fri, 26 Apr 2024 00:16:07 GMT
hhbenefits-logo-white.png
hiddenhealthbenefits.com/assets/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hiddenhealthbenefits.com/assets/img/hhbenefits-logo-white.png
Requested by
Host: hiddenhealthbenefits.com
URL: https://hiddenhealthbenefits.com/?ef_transaction_id=63b879708a114c249931e9f5341f9c74
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.181.111.155 , United States, ASN25653 (FORTRESSITX, US),
Reverse DNS
s1049.use1.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
87868982ceda46c099bc9bfa2de3666727a9941f94638123ee0cf3162a9dfdcc

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hiddenhealthbenefits.com/?ef_transaction_id=63b879708a114c249931e9f5341f9c74
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 00:16:07 GMT
last-modified
Mon, 04 Mar 2024 20:38:50 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
6305
expires
Fri, 26 Apr 2024 00:16:07 GMT
jquery.min.js
hiddenhealthbenefits.com/assets/js/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hiddenhealthbenefits.com/assets/js/jquery.min.js
Requested by
Host: hiddenhealthbenefits.com
URL: https://hiddenhealthbenefits.com/?ef_transaction_id=63b879708a114c249931e9f5341f9c74
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.181.111.155 , United States, ASN25653 (FORTRESSITX, US),
Reverse DNS
s1049.use1.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hiddenhealthbenefits.com/?ef_transaction_id=63b879708a114c249931e9f5341f9c74
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 00:16:07 GMT
content-encoding
br
last-modified
Mon, 04 Mar 2024 19:30:09 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
30267
expires
Fri, 26 Apr 2024 00:16:07 GMT
jquery.validate.min.js
hiddenhealthbenefits.com/assets/js/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hiddenhealthbenefits.com/assets/js/jquery.validate.min.js
Requested by
Host: hiddenhealthbenefits.com
URL: https://hiddenhealthbenefits.com/?ef_transaction_id=63b879708a114c249931e9f5341f9c74
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.181.111.155 , United States, ASN25653 (FORTRESSITX, US),
Reverse DNS
s1049.use1.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
270524b0d27afd1d3b6622d1a176c678daed94564c143297e217a63e21ce9820

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hiddenhealthbenefits.com/?ef_transaction_id=63b879708a114c249931e9f5341f9c74
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 00:16:07 GMT
content-encoding
br
last-modified
Mon, 04 Mar 2024 19:30:10 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
7675
expires
Fri, 26 Apr 2024 00:16:07 GMT
jquery.mask.js
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.16/ 		23 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.16/jquery.mask.js
Requested by
Host: hiddenhealthbenefits.com
URL: https://hiddenhealthbenefits.com/?ef_transaction_id=63b879708a114c249931e9f5341f9c74
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c84e4b2e9e47490ff3fa125e0aa933f617633649358da8861b4b430ab6ae9a70
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hiddenhealthbenefits.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 00:16:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
24780
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4957
last-modified
Mon, 04 May 2020 16:11:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec3-5a89"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QVFpfRsjzufnRyie0ydsojVwXc%2FrRQ%2Bmwm85ysIQ1WO%2BwmigcwuUp9o%2FAIr9QD0hQCw8vf2fvj64Jxvzaw9XG6QlNkum7QN0vo83HxFjhKQXUAsL1zHC044LoXZwUolpk4eM67re"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8768b43ddbeb694c-FRA
expires
Wed, 09 Apr 2025 00:16:07 GMT
bootstrap.min.js
hiddenhealthbenefits.com/assets/bootstrap/js/ 		79 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hiddenhealthbenefits.com/assets/bootstrap/js/bootstrap.min.js
Requested by
Host: hiddenhealthbenefits.com
URL: https://hiddenhealthbenefits.com/?ef_transaction_id=63b879708a114c249931e9f5341f9c74
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.181.111.155 , United States, ASN25653 (FORTRESSITX, US),
Reverse DNS
s1049.use1.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
66af34efad8ad6be518c955fb42163a9f1178a2f51b6b16e7864a46973b04349

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hiddenhealthbenefits.com/?ef_transaction_id=63b879708a114c249931e9f5341f9c74
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 00:16:07 GMT
content-encoding
br
last-modified
Mon, 04 Mar 2024 19:30:16 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
22871
expires
Fri, 26 Apr 2024 00:16:07 GMT
additional-methods.min.js
hiddenhealthbenefits.com/assets/js/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hiddenhealthbenefits.com/assets/js/additional-methods.min.js
Requested by
Host: hiddenhealthbenefits.com
URL: https://hiddenhealthbenefits.com/?ef_transaction_id=63b879708a114c249931e9f5341f9c74
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.181.111.155 , United States, ASN25653 (FORTRESSITX, US),
Reverse DNS
s1049.use1.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
f74465ceecfca4864ae20f68d88ee718afbd9f9714f516ddb781adc513b96ab0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hiddenhealthbenefits.com/?ef_transaction_id=63b879708a114c249931e9f5341f9c74
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 00:16:07 GMT
content-encoding
br
last-modified
Mon, 04 Mar 2024 19:30:08 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
6239
expires
Fri, 26 Apr 2024 00:16:07 GMT
select2.min.js
hiddenhealthbenefits.com/assets/js/ 		69 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hiddenhealthbenefits.com/assets/js/select2.min.js
Requested by
Host: hiddenhealthbenefits.com
URL: https://hiddenhealthbenefits.com/?ef_transaction_id=63b879708a114c249931e9f5341f9c74
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.181.111.155 , United States, ASN25653 (FORTRESSITX, US),
Reverse DNS
s1049.use1.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
c8467b98f112bb1b06a33cde66a70de85c05d22a455f91f592554c804a50a729

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hiddenhealthbenefits.com/?ef_transaction_id=63b879708a114c249931e9f5341f9c74
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 00:16:07 GMT
content-encoding
br
last-modified
Mon, 04 Mar 2024 19:30:11 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
18498
expires
Fri, 26 Apr 2024 00:16:07 GMT
script.js
hiddenhealthbenefits.com/assets/js/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hiddenhealthbenefits.com/assets/js/script.js?v=708177634
Requested by
Host: hiddenhealthbenefits.com
URL: https://hiddenhealthbenefits.com/?ef_transaction_id=63b879708a114c249931e9f5341f9c74
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.181.111.155 , United States, ASN25653 (FORTRESSITX, US),
Reverse DNS
s1049.use1.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
9fe7c6b03ea46efe89c95a20422a41047eb2220b4452316edf58010ac3a2f992

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hiddenhealthbenefits.com/?ef_transaction_id=63b879708a114c249931e9f5341f9c74
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 00:16:07 GMT
content-encoding
br
last-modified
Mon, 04 Mar 2024 19:30:10 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2150
expires
Fri, 26 Apr 2024 00:16:07 GMT
c4mw1n92AsfhuCq6tVsaoIx1LQICk0boNoq0ShNPVo0.woff2
fonts.gstatic.com/s/kumbhsans/v22/ 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/kumbhsans/v22/c4mw1n92AsfhuCq6tVsaoIx1LQICk0boNoq0ShNPVo0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Kumbh+Sans:300,400,500,600,700,800,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f8a754efdbc7fe7aae0e3fd79f2afb1f5a66dd0de46cfce359aa6a6bc5939db5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://hiddenhealthbenefits.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 04:38:33 GMT
x-content-type-options
nosniff
age
502654
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29776
x-xss-protection
0
last-modified
Thu, 25 Jan 2024 21:29:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Apr 2025 04:38:33 GMT
favicon.ico
hiddenhealthbenefits.com/ 		1 KB
620 B 		Other
General
Check archive.org
Download Go to
Full URL
https://hiddenhealthbenefits.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
65.181.111.155 , United States, ASN25653 (FORTRESSITX, US),
Reverse DNS
s1049.use1.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
741eac57032a02fce6e904d63e9431108046d41909278e5c3231601b5ed59cd6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hiddenhealthbenefits.com/?ef_transaction_id=63b879708a114c249931e9f5341f9c74
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 00:16:08 GMT
content-encoding
br
last-modified
Mon, 04 Mar 2024 21:02:31 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
image/x-icon
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
328
expires
Fri, 26 Apr 2024 00:16:08 GMT

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery number| uidEvent object| bootstrap

4 Cookies

Domain/Path Name / Value
echo4.bluehornet.com/ Name: AWSALB
Value: PxegJU43PoK4cIgy3Qj93177oOyksErvIA3fpYyAeDBnv8Yg3bbj7YYfj2nWwpRc7LfQfkp/dLVPipJgWNRjCh4PIY7pKobBV8/DC9wSt1VePW+RSDleaOrSoBZl
echo4.bluehornet.com/ Name: AWSALBCORS
Value: PxegJU43PoK4cIgy3Qj93177oOyksErvIA3fpYyAeDBnv8Yg3bbj7YYfj2nWwpRc7LfQfkp/dLVPipJgWNRjCh4PIY7pKobBV8/DC9wSt1VePW+RSDleaOrSoBZl
www.npvnt7trk.com/ Name: uniqueClick_G3L799
Value: f825b548-340a-4048-a647-0924f668f472:1713485766
www.npvnt7trk.com/ Name: transaction_id
Value: 63b879708a114c249931e9f5341f9c74

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
echo4.bluehornet.com
fonts.googleapis.com
fonts.gstatic.com
hiddenhealthbenefits.com
www.npvnt7trk.com
104.17.24.14
2a00:1450:4001:81c::2003
2a00:1450:4001:81d::200a
34.36.162.171
54.149.45.45
65.181.111.155
270524b0d27afd1d3b6622d1a176c678daed94564c143297e217a63e21ce9820
308e2dd50d2de2ada39b7ed1dc47116bbb20c5b96ccd232fd1469ab0cbbbdde8
3b4b080b4438819e21e302be4b5a4c02b6316da27495604c610f25d3c165225e
66af34efad8ad6be518c955fb42163a9f1178a2f51b6b16e7864a46973b04349
6ca2b7abafbaf0ff4b78afbabdc16f73e05eb9e94f5ec2bde79583b306c72610
741eac57032a02fce6e904d63e9431108046d41909278e5c3231601b5ed59cd6
76c520dc5073091e2d1c1e455190ebb8d124f36fce14eb0e78fc0feb9b98d4bb
87868982ceda46c099bc9bfa2de3666727a9941f94638123ee0cf3162a9dfdcc
997e9b563b8ebe1a3f359ed8aed74f0f7eb9bbe810481219f55ef798c6a50307
9cf124200833e08b2a1b8c6e36354529247771eb8314b45baa3d908bc971ad0a
9fe7c6b03ea46efe89c95a20422a41047eb2220b4452316edf58010ac3a2f992
bfbecde83268dd075fb6e7a896b543ac0e24f33c2b014fbb8c235e7e4104b362
c7c7893b6e85c67fb5c81b735f7a31697bd8e30faa8828ce30d3e855bb4753d8
c8467b98f112bb1b06a33cde66a70de85c05d22a455f91f592554c804a50a729
c84e4b2e9e47490ff3fa125e0aa933f617633649358da8861b4b430ab6ae9a70
dbba050a14af3ee1bc2b7b36d9b6b69a65866f1a1ddf7e9bc350afdd8aa10578
f74465ceecfca4864ae20f68d88ee718afbd9f9714f516ddb781adc513b96ab0
f8a754efdbc7fe7aae0e3fd79f2afb1f5a66dd0de46cfce359aa6a6bc5939db5
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e