cdcsbf.apply-plus.com Open in urlscan Pro
40.112.166.161  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request prequal Show response cdcsbf.apply-plus.com/	1 KB 1 KB	695ms 183ms	Document text/html	40.112.166.161 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://cdcsbf.apply-plus.com/prequal?rc=undefined Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.112.166.161 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 13a8f9e2ef4a3666d9bd0728dce2578c13a228477ca50ac9680ff97f7bd7db90 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Content-Encoding gzip Content-Type text/html Date Fri, 26 May 2023 19:28:03 GMT ETag "1d98e9d19eb4d50" Last-Modified Thu, 25 May 2023 00:08:58 GMT Server Microsoft-IIS/10.0 Strict-Transport-Security max-age=2592000 Transfer-Encoding chunked Vary Accept-Encoding X-Powered-By ASP.NET
GET H2	200	embed.min.js Show response app.termly.io/	235 KB 79 KB	65ms 24ms	Script application/javascript	2606:4700::6813:a67a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.termly.io/embed.min.js Requested by Host: cdcsbf.apply-plus.com URL: https://cdcsbf.apply-plus.com/prequal?rc=undefined Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:a67a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1940c6c698245de58ce850f20591d405b2a132a780b352dc5424451e102f786 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://cdcsbf.apply-plus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Fri, 26 May 2023 19:28:03 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 6511 alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy no-referrer last-modified Thu, 25 May 2023 23:00:08 GMT server cloudflare etag W/"646fe878-3aaea" vary Accept-Encoding content-type application/javascript cache-control public, max-age=14400 cf-ray 7cd86b4648216958-FRA expires Fri, 26 May 2023 23:28:03 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	233 KB 81 KB	59ms 24ms	Script application/javascript	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-V70ZLBZTKX Requested by Host: cdcsbf.apply-plus.com URL: https://cdcsbf.apply-plus.com/prequal?rc=undefined Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash b1274bf7cba282fbec5318f1f3ae87977099a1b200f804319d89be71f42ba401 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cdcsbf.apply-plus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Fri, 26 May 2023 19:28:03 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 82712 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Fri, 26 May 2023 19:28:03 GMT
GET H/1.1	200 OK	tinymce.min.js Show response cdcsbf.apply-plus.com/tinymce/	383 KB 169 KB	169ms 168ms	Script application/javascript	40.112.166.161 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://cdcsbf.apply-plus.com/tinymce/tinymce.min.js Requested by Host: cdcsbf.apply-plus.com URL: https://cdcsbf.apply-plus.com/prequal?rc=undefined Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.112.166.161 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 045933445d7763626285859d3deff1e2ac2c2d3d021eb8dc3272d9fc14cd1b04 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers accept-language de-DE,de;q=0.9 Referer https://cdcsbf.apply-plus.com/prequal?rc=undefined User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Date Fri, 26 May 2023 19:28:03 GMT Content-Encoding gzip Strict-Transport-Security max-age=2592000 Last-Modified Thu, 25 May 2023 00:02:40 GMT Server Microsoft-IIS/10.0 ETag "1d98e9c3898eabf" X-Powered-By ASP.NET Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Accept-Ranges bytes
GET H2	200	css fonts.googleapis.com/	9 KB 1 KB	53ms 18ms	Stylesheet text/css	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap Requested by Host: cdcsbf.apply-plus.com URL: https://cdcsbf.apply-plus.com/prequal?rc=undefined Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 886e1e675050878cd1710ba030a7787613e5bbbe02a2b099683306c16ac8c8cd Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cdcsbf.apply-plus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 26 May 2023 19:28:03 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 26 May 2023 19:13:30 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 26 May 2023 19:28:03 GMT
GET H/1.1	200 OK	main.47024098.js Show response cdcsbf.apply-plus.com/static/js/	2 MB 616 KB	167ms 166ms	Script application/javascript	40.112.166.161 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://cdcsbf.apply-plus.com/static/js/main.47024098.js Requested by Host: cdcsbf.apply-plus.com URL: https://cdcsbf.apply-plus.com/prequal?rc=undefined Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.112.166.161 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 16356548c1f225e1aa88096114f2685153e6b2e433e32119fb140b93a3dfee35 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers accept-language de-DE,de;q=0.9 Referer https://cdcsbf.apply-plus.com/prequal?rc=undefined User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Date Fri, 26 May 2023 19:28:03 GMT Content-Encoding gzip Strict-Transport-Security max-age=2592000 Last-Modified Thu, 25 May 2023 00:08:58 GMT Server Microsoft-IIS/10.0 ETag "1d98e9d19f280e1" X-Powered-By ASP.NET Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Accept-Ranges bytes
GET H/1.1	200 OK	main.e49fc82f.css cdcsbf.apply-plus.com/static/css/	934 B 972 B	168ms 167ms	Stylesheet text/css	40.112.166.161 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://cdcsbf.apply-plus.com/static/css/main.e49fc82f.css Requested by Host: cdcsbf.apply-plus.com URL: https://cdcsbf.apply-plus.com/prequal?rc=undefined Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.112.166.161 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash c35840b153fd0b48d7ff0fecc9467045e904815f31441994795cc685d830f418 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers accept-language de-DE,de;q=0.9 Referer https://cdcsbf.apply-plus.com/prequal?rc=undefined User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Date Fri, 26 May 2023 19:28:03 GMT Content-Encoding gzip Strict-Transport-Security max-age=2592000 Last-Modified Thu, 25 May 2023 00:08:58 GMT Server Microsoft-IIS/10.0 ETag "1d98e9d19eb4aa6" X-Powered-By ASP.NET Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css Accept-Ranges bytes
GET H2	200	423.min.js Show response app.termly.io/	179 KB 59 KB	24ms 23ms	Script application/javascript	2606:4700::6813:a67a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.termly.io/423.min.js Requested by Host: app.termly.io URL: https://app.termly.io/embed.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:a67a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash abd97db36ee85f34da93b4999347040f264dd72e96b10ae2cb7ec2f1d1ff8128 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://cdcsbf.apply-plus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Fri, 26 May 2023 19:28:04 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 6514 alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy no-referrer last-modified Thu, 25 May 2023 23:00:08 GMT server cloudflare etag W/"646fe878-2cd84" vary Accept-Encoding content-type application/javascript cache-control public, max-age=14400 cf-ray 7cd86b4a2cdf6958-FRA expires Fri, 26 May 2023 23:28:04 GMT
GET H2	200	828.min.js Show response app.termly.io/	19 KB 6 KB	18ms 18ms	Script application/javascript	2606:4700::6813:a67a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.termly.io/828.min.js Requested by Host: app.termly.io URL: https://app.termly.io/embed.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:a67a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 95b1784f9bcdb034c87b983897b92a64a690cdcde7e803ea368b2131ff8c6f44 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://cdcsbf.apply-plus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Fri, 26 May 2023 19:28:04 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 6515 alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy no-referrer last-modified Thu, 25 May 2023 23:00:08 GMT server cloudflare etag W/"646fe878-4dd5" vary Accept-Encoding content-type application/javascript cache-control public, max-age=14400 cf-ray 7cd86b4a4cfd6958-FRA expires Fri, 26 May 2023 23:28:04 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 258 B	39ms 14ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-V70ZLBZTKX&gtm=45je35o0&_p=84475602&cid=1514800574.1685129284&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1685129283&sct=1&seg=0&dl=https%3A%2F%2Fcdcsbf.apply-plus.com%2Fprequal%3Frc%3Dundefined&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-V70ZLBZTKX Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://cdcsbf.apply-plus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers pragma no-cache date Fri, 26 May 2023 19:28:03 GMT server Golfe2 content-type text/plain access-control-allow-origin https://cdcsbf.apply-plus.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	3afe4ea5-6b73-49df-ab64-4f86b14ea81f Show response app.termly.io/api/v1/snippets/websites/	5 KB 2 KB	704ms 685ms	XHR application/json	2606:4700::6813:a67a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.termly.io/api/v1/snippets/websites/3afe4ea5-6b73-49df-ab64-4f86b14ea81f Requested by Host: app.termly.io URL: https://app.termly.io/423.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6813:a67a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d0c18ecd3125c1aa7236c2c514c7d085271ae7dfab0a3f0245d254ab0ea17bf2 Security Headers Name Value Content-Security-Policy default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https: Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept application/json, text/plain, */* Referer https://cdcsbf.apply-plus.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers x-rack-cors hit date Fri, 26 May 2023 19:28:04 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff content-security-policy default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https: cf-cache-status MISS content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block x-request-id b45684ee-4728-4c52-94ad-0da04a978846 x-runtime 0.004513 server cloudflare etag W/"d0c18ecd3125c1aa7236c2c514c7d085" access-control-max-age 600 access-control-allow-methods GET content-type application/json access-control-allow-origin * access-control-expose-headers cache-control public, max-age=14400 vary Origin, Accept-Encoding cf-ray 7cd86b4a98dc039a-FRA expires Fri, 26 May 2023 23:28:04 GMT
GET H3	200	ip Show response app.termly.io/api/v1/snippets/websites/3afe4ea5-6b73-49df-ab64-4f86b14ea81f/	160 B 700 B	677ms 658ms	XHR application/json	2606:4700::6813:a67a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.termly.io/api/v1/snippets/websites/3afe4ea5-6b73-49df-ab64-4f86b14ea81f/ip?random-uuid=47fa09fb-8087-bf73-0080-5331416569b8 Requested by Host: app.termly.io URL: https://app.termly.io/423.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6813:a67a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 60195f0c97852ec9ce2770e471be4f132307d421c8c2d66d9b405e8113da7935 Security Headers Name Value Content-Security-Policy default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https: Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept application/json, text/plain, */* Referer https://cdcsbf.apply-plus.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers x-rack-cors hit date Fri, 26 May 2023 19:28:04 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff content-security-policy default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https: cf-cache-status MISS content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block x-request-id fc442f8c-7300-44eb-a168-87ced4e9f490 x-runtime 0.003980 server cloudflare etag W/"60195f0c97852ec9ce2770e471be4f13" access-control-max-age 600 access-control-allow-methods GET content-type application/json access-control-allow-origin * access-control-expose-headers cache-control public, max-age=14400 vary Origin, Accept-Encoding cf-ray 7cd86b4a98de039a-FRA expires Fri, 26 May 2023 23:28:04 GMT
GET H/1.1	200 OK	meta.json Show response cdcsbf.apply-plus.com/	28 B 514 B	171ms 170ms	Fetch application/json	40.112.166.161 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://cdcsbf.apply-plus.com/meta.json Requested by Host: cdcsbf.apply-plus.com URL: https://cdcsbf.apply-plus.com/static/js/main.47024098.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.112.166.161 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 5299b91d066a74c18639bca2fa66ee2345cb1590ca0d9db188a3544827d480c9 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers accept-language de-DE,de;q=0.9 Referer https://cdcsbf.apply-plus.com/prequal?rc=undefined User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Date Fri, 26 May 2023 19:28:04 GMT Content-Encoding gzip Strict-Transport-Security max-age=2592000 Last-Modified Thu, 25 May 2023 00:06:14 GMT Server Microsoft-IIS/10.0 ETag "1d98e9cb82adf1c" X-Powered-By ASP.NET Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/json Accept-Ranges bytes
OPTIONS H3	200	statistics app.termly.io/api/v1/snippets/websites/3afe4ea5-6b73-49df-ab64-4f86b14ea81f/	0 0	177ms 177ms	Preflight	2606:4700::6813:a67a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.termly.io/api/v1/snippets/websites/3afe4ea5-6b73-49df-ab64-4f86b14ea81f/statistics Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6813:a67a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Content-Security-Policy default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https: Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://cdcsbf.apply-plus.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers access-control-allow-headers content-type access-control-allow-methods POST access-control-allow-origin * access-control-expose-headers access-control-max-age 600 alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7cd86b4eef60039a-FRA content-security-policy default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https: date Fri, 26 May 2023 19:28:05 GMT server cloudflare strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff x-xss-protection 1; mode=block
POST H3	201	statistics Show response app.termly.io/api/v1/snippets/websites/3afe4ea5-6b73-49df-ab64-4f86b14ea81f/	3 B 534 B	201ms 201ms	XHR application/json	2606:4700::6813:a67a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.termly.io/api/v1/snippets/websites/3afe4ea5-6b73-49df-ab64-4f86b14ea81f/statistics Requested by Host: app.termly.io URL: https://app.termly.io/423.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6813:a67a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 43974ed74066b207c30ffd0fed5146762e6c60745ac977004bc14507c7c42b50 Security Headers Name Value Content-Security-Policy default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https: Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept application/json, text/plain, */* Referer https://cdcsbf.apply-plus.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Content-Type application/json Response headers x-rack-cors hit date Fri, 26 May 2023 19:28:05 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff content-security-policy default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https: cf-cache-status DYNAMIC alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block x-request-id 57fbdffd-2457-41c2-a83b-f26dcadca976 x-runtime 0.016443 server cloudflare etag W/"43974ed74066b207c30ffd0fed514676" access-control-max-age 600 access-control-allow-methods POST content-type application/json access-control-allow-origin * access-control-expose-headers cache-control max-age=0, private, must-revalidate vary Origin cf-ray 7cd86b5008f0039a-FRA
GET H3	200	cookies Show response app.termly.io/api/v1/snippets/websites/3afe4ea5-6b73-49df-ab64-4f86b14ea81f/documents/a6fe1a37-bf8a-46eb-a4c8-e4d222c59508/	2 KB 1 KB	667ms 666ms	XHR application/json	2606:4700::6813:a67a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.termly.io/api/v1/snippets/websites/3afe4ea5-6b73-49df-ab64-4f86b14ea81f/documents/a6fe1a37-bf8a-46eb-a4c8-e4d222c59508/cookies Requested by Host: app.termly.io URL: https://app.termly.io/423.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6813:a67a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 676516824498dde91abfbe100438f5a840c4cfa803f7933c1a9069e95f1f4e07 Security Headers Name Value Content-Security-Policy default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https: Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept application/json, text/plain, */* Referer https://cdcsbf.apply-plus.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers x-rack-cors hit date Fri, 26 May 2023 19:28:05 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff content-security-policy default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https: cf-cache-status MISS content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block x-request-id 2ac5f1a6-7d55-4983-ae67-49f3feb015c3 x-runtime 0.016117 server cloudflare etag W/"676516824498dde91abfbe100438f5a8" access-control-max-age 600 access-control-allow-methods GET content-type application/json access-control-allow-origin * access-control-expose-headers cache-control public, max-age=14400 vary Origin, Accept-Encoding cf-ray 7cd86b4eff86039a-FRA expires Fri, 26 May 2023 23:28:05 GMT
GET H3	200	882.min.js Show response app.termly.io/	526 B 597 B	44ms 42ms	Script application/javascript	2606:4700::6813:a67a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.termly.io/882.min.js Requested by Host: app.termly.io URL: https://app.termly.io/embed.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6813:a67a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf7ce21f45728a85fbd894bcbb83cc9c99d855f5deeabccfb969a76760fb2a5a Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://cdcsbf.apply-plus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Fri, 26 May 2023 19:28:04 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 6511 alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy no-referrer last-modified Thu, 25 May 2023 23:00:08 GMT server cloudflare etag W/"646fe878-20e" vary Accept-Encoding content-type application/javascript cache-control public, max-age=14400 cf-ray 7cd86b4efd359040-FRA expires Fri, 26 May 2023 23:28:04 GMT
GET H3	200	931.min.js Show response app.termly.io/	23 KB 10 KB	30ms 29ms	Script application/javascript	2606:4700::6813:a67a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.termly.io/931.min.js Requested by Host: app.termly.io URL: https://app.termly.io/embed.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6813:a67a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6d461938e318dfe701892be7dd45c5024a49b43061e79fd7a04081d01a32095b Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://cdcsbf.apply-plus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Fri, 26 May 2023 19:28:05 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 6512 alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy no-referrer last-modified Thu, 25 May 2023 23:00:08 GMT server cloudflare etag W/"646fe878-5cb8" vary Accept-Encoding content-type application/javascript cache-control public, max-age=14400 cf-ray 7cd86b4f4db79040-FRA expires Fri, 26 May 2023 23:28:05 GMT
GET H3	200	744.min.js Show response app.termly.io/	7 KB 3 KB	32ms 31ms	Script application/javascript	2606:4700::6813:a67a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.termly.io/744.min.js Requested by Host: app.termly.io URL: https://app.termly.io/embed.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6813:a67a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 36ad82ca2870b66ffc422407a4f058fcedac27895332de10f3e2b435c446a8c5 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://cdcsbf.apply-plus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Fri, 26 May 2023 19:28:05 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 6512 alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy no-referrer last-modified Thu, 25 May 2023 23:00:08 GMT server cloudflare etag W/"646fe878-1ab3" vary Accept-Encoding content-type application/javascript cache-control public, max-age=14400 cf-ray 7cd86b4f4db89040-FRA expires Fri, 26 May 2023 23:28:05 GMT
GET H/1.1	200 OK	getsession Show response cdcsbf.apply-plus.com/api/users/	78 B 472 B	172ms 170ms	Fetch application/json	40.112.166.161 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://cdcsbf.apply-plus.com/api/users/getsession Requested by Host: cdcsbf.apply-plus.com URL: https://cdcsbf.apply-plus.com/static/js/main.47024098.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.112.166.161 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 79dff47ed9009426b66ec7f5d987b54b75d2dd81251b16264782569ec7dc1091 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers accept application/json Referer https://cdcsbf.apply-plus.com/prequal?rc=undefined accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Date Fri, 26 May 2023 19:28:04 GMT Content-Encoding gzip Strict-Transport-Security max-age=2592000 Server Microsoft-IIS/10.0 X-Powered-By ASP.NET Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/json; charset=utf-8
GET H/1.1	200 OK	byurl Show response cdcsbf.apply-plus.com/api/tenants/	549 B 823 B	171ms 169ms	Fetch application/json	40.112.166.161 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://cdcsbf.apply-plus.com/api/tenants/byurl Requested by Host: cdcsbf.apply-plus.com URL: https://cdcsbf.apply-plus.com/static/js/main.47024098.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.112.166.161 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 74a0b1c70fbb02c4e4889649e46d4f4568afc8ce91329b0f0330d3c14dbb6824 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers accept application/json Referer https://cdcsbf.apply-plus.com/prequal?rc=undefined accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Date Fri, 26 May 2023 19:28:04 GMT Content-Encoding gzip Strict-Transport-Security max-age=2592000 Server Microsoft-IIS/10.0 X-Powered-By ASP.NET Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/json; charset=utf-8
GET H3	200	837.min.js Show response app.termly.io/	4 KB 834 B	21ms 20ms	Script application/javascript	2606:4700::6813:a67a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.termly.io/837.min.js Requested by Host: app.termly.io URL: https://app.termly.io/embed.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6813:a67a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b68931f5d135bc4205ca636306760a9d192fb758446fd75dfa3414f343a41575 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://cdcsbf.apply-plus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Fri, 26 May 2023 19:28:05 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 6511 alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy no-referrer last-modified Thu, 25 May 2023 23:00:08 GMT server cloudflare etag W/"646fe878-106e" vary Accept-Encoding content-type application/javascript cache-control public, max-age=14400 cf-ray 7cd86b4f9e1a9040-FRA expires Fri, 26 May 2023 23:28:05 GMT
GET H/1.1	200 OK	settings Show response cdcsbf.apply-plus.com/api/Prequal/	796 B 864 B	176ms 175ms	Fetch application/json	40.112.166.161 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://cdcsbf.apply-plus.com/api/Prequal/settings?isLenderEdit=false&referralCode=undefined&productCode= Requested by Host: cdcsbf.apply-plus.com URL: https://cdcsbf.apply-plus.com/static/js/main.47024098.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.112.166.161 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash f3ecdb7a7e44aa0848642c1dddf7652df446c70c6888c15727f74635bb7969a2 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers accept application/json Referer https://cdcsbf.apply-plus.com/prequal?rc=undefined accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Date Fri, 26 May 2023 19:28:04 GMT Content-Encoding gzip Strict-Transport-Security max-age=2592000 Server Microsoft-IIS/10.0 X-Powered-By ASP.NET Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/json; charset=utf-8
GET H/1.1	200 OK	ba5477d8-4347-4cbb-a940-aae0619c7d10_LOGO20230110T135356374.png applyplusblobs.blob.core.windows.net/cdcsbf-public/logos/	61 KB 61 KB	702ms 173ms	Image application/octet-stream	20.150.35.100 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://applyplusblobs.blob.core.windows.net/cdcsbf-public/logos/ba5477d8-4347-4cbb-a940-aae0619c7d10_LOGO20230110T135356374.png Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.150.35.100 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash d21189ee6331dbaa6b48f77877ba6bf2f82879b1f4dccd5deb6c8da6ce2cac1f Request headers accept-language de-DE,de;q=0.9 Referer https://cdcsbf.apply-plus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob Date Fri, 26 May 2023 19:28:05 GMT Last-Modified Tue, 10 Jan 2023 13:53:56 GMT Server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 Content-MD5 TPGquuzcEaZgKjhfjiazZg== ETag 0x8DAF3121DF5E311 Content-Type application/octet-stream x-ms-request-id 6a793b59-901e-0047-4908-907692000000 x-ms-version 2009-09-19 Content-Length 62041
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 15 KB	34ms 10ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://cdcsbf.apply-plus.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Tue, 23 May 2023 22:48:48 GMT x-content-type-options nosniff age 247157 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 22 May 2024 22:48:48 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	32ms 8ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://cdcsbf.apply-plus.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Tue, 23 May 2023 16:10:14 GMT x-content-type-options nosniff age 271071 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 22 May 2024 16:10:14 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	16 KB 16 KB	37ms 15ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://cdcsbf.apply-plus.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Sat, 20 May 2023 18:58:23 GMT x-content-type-options nosniff age 520182 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15920 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 19 May 2024 18:58:23 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 54 B	15ms 14ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-V70ZLBZTKX&gtm=45je35o0&_p=84475602&cid=1514800574.1685129284&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&ngs=1&_s=2&sid=1685129283&sct=1&seg=0&dl=https%3A%2F%2Fcdcsbf.apply-plus.com%2Fprequal%3Frc%3Dundefined&dt=&en=scroll&epn.percent_scrolled=90&_et=5 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-V70ZLBZTKX Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://cdcsbf.apply-plus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers pragma no-cache date Fri, 26 May 2023 19:28:08 GMT server Golfe2 content-type text/plain access-control-allow-origin https://cdcsbf.apply-plus.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| webpackChunk_termly_web_resource_blocker function| clearImmediate function| setImmediate object| regeneratorRuntime boolean| TERMLY_RESOURCE_BLOCKER_LOADED object| Termly function| getUpdatedCookieWhitelistByTermly function| getCookieWhitelistByTermly function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| tinymce object| tinyMCE number| 2f1acc6c3a606b082e5eef5e54414ffb function| termlyUnblockingCookies function| displayPreferenceModal object| termlyCookies

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.cdcsbf.apply-plus.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: 8f63d99877d3789fd93ae78ced6cc2fbee7de1649451f5a7b5224c5368877844
			.cdcsbf.apply-plus.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 8f63d99877d3789fd93ae78ced6cc2fbee7de1649451f5a7b5224c5368877844
			.apply-plus.com/	1970-01-20 21:41:29	Name: _ga Value: GA1.1.1514800574.1685129284
			.apply-plus.com/	1970-01-20 21:41:29	Name: _ga_V70ZLBZTKX Value: GS1.1.1685129283.1.0.1685129283.0.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.termly.io
applyplusblobs.blob.core.windows.net
cdcsbf.apply-plus.com
fonts.googleapis.com
fonts.gstatic.com
region1.google-analytics.com
www.googletagmanager.com
20.150.35.100
2001:4860:4802:34::36
2606:4700::6813:a67a
2a00:1450:4001:806::2008
2a00:1450:4001:828::200a
2a00:1450:4001:831::2003
40.112.166.161
045933445d7763626285859d3deff1e2ac2c2d3d021eb8dc3272d9fc14cd1b04
13a8f9e2ef4a3666d9bd0728dce2578c13a228477ca50ac9680ff97f7bd7db90
16356548c1f225e1aa88096114f2685153e6b2e433e32119fb140b93a3dfee35
36ad82ca2870b66ffc422407a4f058fcedac27895332de10f3e2b435c446a8c5
43974ed74066b207c30ffd0fed5146762e6c60745ac977004bc14507c7c42b50
5299b91d066a74c18639bca2fa66ee2345cb1590ca0d9db188a3544827d480c9
60195f0c97852ec9ce2770e471be4f132307d421c8c2d66d9b405e8113da7935
676516824498dde91abfbe100438f5a840c4cfa803f7933c1a9069e95f1f4e07
6d461938e318dfe701892be7dd45c5024a49b43061e79fd7a04081d01a32095b
74a0b1c70fbb02c4e4889649e46d4f4568afc8ce91329b0f0330d3c14dbb6824
79dff47ed9009426b66ec7f5d987b54b75d2dd81251b16264782569ec7dc1091
886e1e675050878cd1710ba030a7787613e5bbbe02a2b099683306c16ac8c8cd
95b1784f9bcdb034c87b983897b92a64a690cdcde7e803ea368b2131ff8c6f44
abd97db36ee85f34da93b4999347040f264dd72e96b10ae2cb7ec2f1d1ff8128
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1274bf7cba282fbec5318f1f3ae87977099a1b200f804319d89be71f42ba401
b1940c6c698245de58ce850f20591d405b2a132a780b352dc5424451e102f786
b68931f5d135bc4205ca636306760a9d192fb758446fd75dfa3414f343a41575
c35840b153fd0b48d7ff0fecc9467045e904815f31441994795cc685d830f418
cf7ce21f45728a85fbd894bcbb83cc9c99d855f5deeabccfb969a76760fb2a5a
d0c18ecd3125c1aa7236c2c514c7d085271ae7dfab0a3f0245d254ab0ea17bf2
d21189ee6331dbaa6b48f77877ba6bf2f82879b1f4dccd5deb6c8da6ce2cac1f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f3ecdb7a7e44aa0848642c1dddf7652df446c70c6888c15727f74635bb7969a2
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615