cloud.benefitsapplication.com Open in urlscan Pro
2606:4700:3036::6815:190f Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://alphatra.cx/tracker/662f0a86-5bee-4601-9123-9ec39aa34829?src=bap-zip&utm_source=bap-zip&postal_code=04281&pr...
Effective URL:
https://cloud.benefitsapplication.com/?src=bap-zip&utm_source=bap-zip&postal_code=04281&program=LIHEAP&nx_clid=35025e17-ea87-4b2b-8192...
Submission: On February 28 via manual (February 28th 2024, 7:37:59 pm UTC) from US — Scanned from NL

Summary HTTP 50 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 24 IPs in 4 countries across 23 domains to perform 50 HTTP transactions. The main IP is 2606:4700:3036::6815:190f, located in United States and belongs to CLOUDFLARENET, US. The main domain is cloud.benefitsapplication.com.
TLS certificate: Issued by GTS CA 1P5 on January 27th 2024. Valid for: 3 months.

This is the only time cloud.benefitsapplication.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3036::6815:190f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.26.1.240 104.26.1.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:812::201b	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1 1	54.88.172.227 54.88.172.227	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:26d... 2600:9000:26db:2000:1c:7f1a:6680:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:1f0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:20:... 2606:4700:20::681a:f0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	199.232.188.157 199.232.188.157	54113 (FASTLY) (FASTLY)
1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2400:52e0:1e0... 2400:52e0:1e00::1081:1	200325 (BUNNYCDN) (BUNNYCDN)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:27b6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.66.41.8 172.66.41.8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
7	34.233.112.162 34.233.112.162	14618 (AMAZON-AES) (AMAZON-AES)
4	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	13.32.23.8 13.32.23.8	16509 (AMAZON-02) (AMAZON-02)
2	104.20.94.138 104.20.94.138	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	45.223.19.68 45.223.19.68	19551 (INCAPSULA) (INCAPSULA)
50	24

1 2a06:98c1:3121::7 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

alphatra.cx	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 188.114.97.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tracker.cx	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
influx.consumerco.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:190f (United States)

ASN13335 (CLOUDFLARENET, US)

cloud.benefitsapplication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.1.240 (None, )

ASN13335 (CLOUDFLARENET, US)

fonts.heyflow.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.88.172.227 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-172-227.compute-1.amazonaws.com

api.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26db:2000:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:1f0 (United States)

ASN13335 (CLOUDFLARENET, US)

fonts.heyflow.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:f0 (United States)

ASN13335 (CLOUDFLARENET, US)

tracking.heyflow.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.188.157 (Munich, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2400:52e0:1e00::1081:1 (Germany)

ASN200325 (BUNNYCDN, SI)

a.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

influx.consumerco.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:27b6 (United States)

ASN13335 (CLOUDFLARENET, US)

create.lidstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.66.41.8 (United States)

ASN13335 (CLOUDFLARENET, US)

api.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.233.112.162 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-112-162.compute-1.amazonaws.com

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.23.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-23-8.fra56.r.cloudfront.net

d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.20.94.138 (None, )

ASN13335 (CLOUDFLARENET, US)

www.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.223.19.68 (United States)

ASN19551 (INCAPSULA, US)

deviceid.trueleadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	heyflow.cloud fonts.heyflow.cloud — Cisco Umbrella Rank: 276801 tracking.heyflow.cloud — Cisco Umbrella Rank: 342471	52 KB
7	leadid.com create.leadid.com — Cisco Umbrella Rank: 15696	4 KB
5	consumerco.com influx.consumerco.com — Cisco Umbrella Rank: 314106	102 KB
4	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2124	425 B
4	omappapi.com a.omappapi.com — Cisco Umbrella Rank: 5695 api.omappapi.com — Cisco Umbrella Rank: 5845	28 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	353 KB
3	trueleadid.com deviceid.trueleadid.com — Cisco Umbrella Rank: 17370	23 KB
2	statcounter.com www.statcounter.com — Cisco Umbrella Rank: 17010 c.statcounter.com — Cisco Umbrella Rank: 10707	14 KB
2	trustedform.com 1 redirects api.trustedform.com — Cisco Umbrella Rank: 28519 cdn.trustedform.com — Cisco Umbrella Rank: 32407	4 KB
2	googleapis.com storage.googleapis.com — Cisco Umbrella Rank: 335	14 KB
1	cloudfront.net d2m2wsoho8qq12.cloudfront.net	2 KB
1	google.nl www.google.nl — Cisco Umbrella Rank: 9434	455 B
1	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
1	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35	1 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 136	2 KB
1	lidstatic.com create.lidstatic.com — Cisco Umbrella Rank: 22909	38 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 802	725 B
1	t.co t.co — Cisco Umbrella Rank: 660	377 B
1	bing.com bat.bing.com — Cisco Umbrella Rank: 368
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 783	15 KB
1	benefitsapplication.com cloud.benefitsapplication.com	167 KB
1	tracker.cx 1 redirects tracker.cx	946 B
1	alphatra.cx 1 redirects alphatra.cx	594 B
50	23

	Domain	Requested by
7	create.leadid.com	create.lidstatic.com deviceid.trueleadid.com
6	tracking.heyflow.cloud	cloud.benefitsapplication.com
5	influx.consumerco.com	cloud.benefitsapplication.com www.googletagmanager.com influx.consumerco.com
4	region1.google-analytics.com	www.googletagmanager.com
4	www.googletagmanager.com	cloud.benefitsapplication.com www.googletagmanager.com
3	deviceid.trueleadid.com	d2m2wsoho8qq12.cloudfront.net deviceid.trueleadid.com
3	a.omappapi.com	cloud.benefitsapplication.com a.omappapi.com
3	fonts.heyflow.cloud	cloud.benefitsapplication.com fonts.heyflow.cloud
2	storage.googleapis.com	cloud.benefitsapplication.com
1	c.statcounter.com	www.statcounter.com
1	www.statcounter.com	cloud.benefitsapplication.com
1	d2m2wsoho8qq12.cloudfront.net	create.lidstatic.com
1	www.google.nl	cloud.benefitsapplication.com
1	www.google.com	1 redirects
1	googleads.g.doubleclick.net	1 redirects
1	www.googleadservices.com	www.googletagmanager.com
1	api.omappapi.com	a.omappapi.com
1	create.lidstatic.com	cloud.benefitsapplication.com
1	analytics.twitter.com	cloud.benefitsapplication.com
1	t.co	cloud.benefitsapplication.com
1	bat.bing.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	cdn.trustedform.com	cloud.benefitsapplication.com
1	api.trustedform.com	1 redirects
1	cloud.benefitsapplication.com
1	tracker.cx	1 redirects
1	alphatra.cx	1 redirects
50	27

This site contains links to these domains. Also see Links.

Domain
www.benefitsapplication.com
foundmoneyguide.com
www.statcounter.com

Subject Issuer	Validity	Valid
cloud.benefitsapplication.com GTS CA 1P5	`2024-01-27` - `2024-04-26`	3 months	crt.sh
heyflow.cloud GTS CA 1P5	`2024-02-14` - `2024-05-14`	3 months	crt.sh
storage.googleapis.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
consumerco.com GTS CA 1P5	`2024-02-25` - `2024-05-25`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-01-21` - `2024-06-27`	5 months	crt.sh
a.omappapi.com R3	`2024-02-14` - `2024-05-14`	3 months	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-07` - `2025-01-06`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
lidstatic.com E1	`2024-01-28` - `2024-04-27`	3 months	crt.sh
omappapi.com GTS CA 1P5	`2024-02-19` - `2024-05-19`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
create.leadid.com Amazon RSA 2048 M02	`2023-08-21` - `2024-09-17`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-05` - `2025-01-03`	a year	crt.sh
imperva.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-01-16` - `2024-07-14`	6 months	crt.sh

This page contains 3 frames:

Primary Page: https://cloud.benefitsapplication.com/?src=bap-zip&utm_source=bap-zip&postal_code=04281&program=LIHEAP&nx_clid=35025e17-ea87-4b2b-8192-0c7f8972a2f4
Frame ID: 87BC46678225E3AB7431B03566AB52A4
Requests: 42 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=B0D45995-0111-8C64-F6B3-8A3AAE30A94D&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=D5F2EDD4-61EF-CFC3-73A7-4A04FACD3370&lac=EC8E09E9-A051-4FE7-7CC0-C53197F1C2D2
Frame ID: E50DF23A65199A4FFCC325D3254A80D7
Requests: 1 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=B0D45995-0111-8C64-F6B3-8A3AAE30A94D&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=D5F2EDD4-61EF-CFC3-73A7-4A04FACD3370&lac=EC8E09E9-A051-4FE7-7CC0-C53197F1C2D2
Frame ID: 91EF08FDE0D1CD03AE79E8917B3E7C10
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BenefitsApplication.com - Calculate Your Potential Benefits

Page URL History Show full URLs

https://alphatra.cx/tracker/662f0a86-5bee-4601-9123-9ec39aa34829?src=bap-zip&utm_source=bap-zip&... HTTP 307
https://tracker.cx/?src=bap-zip&utm_source=bap-zip&postal_code=04281&program=LIHEAP&flux_fts=to... HTTP 307
https://cloud.benefitsapplication.com/?src=bap-zip&utm_source=bap-zip&postal_code=04281&program=LIHEAP&nx_clid=350... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

Statcounter (Analytics) Expand

Overall confidence: 100%
Detected patterns

statcounter\.com/counter/counter

Page Statistics

50
Requests

96 %
HTTPS

56 %
IPv6

23
Domains

27
Subdomains

24
IPs

4
Countries

819 kB
Transfer

3745 kB
Size

22
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.benefitsapplication.com/text-terms
Title: Texting Terms

Search URL Search Domain Scan URL

URL: https://www.benefitsapplication.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.benefitsapplication.com/terms
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://foundmoneyguide.com/privacy-notice/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.statcounter.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://alphatra.cx/tracker/662f0a86-5bee-4601-9123-9ec39aa34829?src=bap-zip&utm_source=bap-zip&postal_code=04281&program=LIHEAP HTTP 307
https://tracker.cx/?src=bap-zip&utm_source=bap-zip&postal_code=04281&program=LIHEAP&flux_fts=tozpqcczzizziqaotazetoqzccxaxqqzzqqoixaef357&nx_clid=35025e17-ea87-4b2b-8192-0c7f8972a2f4 HTTP 307
https://cloud.benefitsapplication.com/?src=bap-zip&utm_source=bap-zip&postal_code=04281&program=LIHEAP&nx_clid=35025e17-ea87-4b2b-8192-0c7f8972a2f4 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://api.trustedform.com/trustedform.js?field=trusted_form_cert_url&ping_field=trusted_form_ping_url&l=1709149070976.025 HTTP 301
https://cdn.trustedform.com/bootstrap.js?field=trusted_form_cert_url&ping_field=trusted_form_ping_url&l=1709149070976.025

Request Chain 29

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1008539476/?random=672206012&cv=11&fst=1709149072840&bg=ffffff&guid=ON&async=1&gtm=45be42q1v9133000711z89100160315za201&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fcloud.benefitsapplication.com%2F%3Fsrc%3Dbap-zip%26utm_source%3Dbap-zip%26postal_code%3D04281%26program%3DLIHEAP%26nx_clid%3D35025e17-ea87-4b2b-8192-0c7f8972a2f4&label=OmnCCNyBtgQQ1K704AM&hn=www.googleadservices.com&frm=0&tiba=BenefitsApplication.com%20-%20Calculate%20Your%20Potential%20Benefits&value=0&npa=0&pscdl=noapi&auid=1686413803.1709149071&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=kIvfZfKwOvfFmLAP2oKOiAs&sscte=1&crd=COy7sQII4b2xAg&eitems=ChEIgND7rgYQmInFl4Xi4uSVARIdAGKtoUM8N6XGSZEZtS7LneRFBJUq1WUC0S256HQ&pscrd=Ek5DaEFJZ05EN3JnWVEyZmkxcHBESW5KUVZFaVlBQjM5eWlMNEFVSl94bE9EUDVUSlJPb2lQRDM1d1l0OERtMk9ydDZPeVowSjd0UWYzcXcaWkNoRUlnTkQ3cmdZUW92anp6ZmJ4dHJ2MUFSSXVBT3NHT1NKMUlzQzFHTlRRSThiQldzejl5MjI2bXBoWWJ2R1FTT3pEMVJ4cWxhd3dIYm5XNWJpZ1hPVW4tdyITCPK48rrkzoQDFfciBgAdWoEDsTICCAMyAggEMgIIBzICCAgyAggJMgIICjICCAI HTTP 302
https://www.google.com/pagead/1p-conversion/1008539476/?random=672206012&cv=11&fst=1709149072840&bg=ffffff&guid=ON&async=1&gtm=45be42q1v9133000711z89100160315za201&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fcloud.benefitsapplication.com%2F%3Fsrc%3Dbap-zip%26utm_source%3Dbap-zip%26postal_code%3D04281%26program%3DLIHEAP%26nx_clid%3D35025e17-ea87-4b2b-8192-0c7f8972a2f4&label=OmnCCNyBtgQQ1K704AM&hn=www.googleadservices.com&frm=0&tiba=BenefitsApplication.com%20-%20Calculate%20Your%20Potential%20Benefits&value=0&npa=0&pscdl=noapi&auid=1686413803.1709149071&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=kIvfZfKwOvfFmLAP2oKOiAs&sscte=1&crd=COy7sQII4b2xAg&pscrd=Ek5DaEFJZ05EN3JnWVEyZmkxcHBESW5KUVZFaVlBQjM5eWlMNEFVSl94bE9EUDVUSlJPb2lQRDM1d1l0OERtMk9ydDZPeVowSjd0UWYzcXcaWkNoRUlnTkQ3cmdZUW92anp6ZmJ4dHJ2MUFSSXVBT3NHT1NKMUlzQzFHTlRRSThiQldzejl5MjI2bXBoWWJ2R1FTT3pEMVJ4cWxhd3dIYm5XNWJpZ1hPVW4tdyITCPK48rrkzoQDFfciBgAdWoEDsTICCAMyAggEMgIIBzICCAgyAggJMgIICjICCAI&is_vtc=1&cid=CAQSGwB7FLtq3fr3VR0USf2Zciq4yd48jw3gddOtzw&eitems=ChEIgND7rgYQmInFl4Xi4uSVARIdAGKtoUOfd3j4_K8qbaOgalzKEUXAYhi6UheAU8M&random=1719412344 HTTP 302
https://www.google.nl/pagead/1p-conversion/1008539476/?random=672206012&cv=11&fst=1709149072840&bg=ffffff&guid=ON&async=1&gtm=45be42q1v9133000711z89100160315za201&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fcloud.benefitsapplication.com%2F%3Fsrc%3Dbap-zip%26utm_source%3Dbap-zip%26postal_code%3D04281%26program%3DLIHEAP%26nx_clid%3D35025e17-ea87-4b2b-8192-0c7f8972a2f4&label=OmnCCNyBtgQQ1K704AM&hn=www.googleadservices.com&frm=0&tiba=BenefitsApplication.com%20-%20Calculate%20Your%20Potential%20Benefits&value=0&npa=0&pscdl=noapi&auid=1686413803.1709149071&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=kIvfZfKwOvfFmLAP2oKOiAs&sscte=1&crd=COy7sQII4b2xAg&pscrd=Ek5DaEFJZ05EN3JnWVEyZmkxcHBESW5KUVZFaVlBQjM5eWlMNEFVSl94bE9EUDVUSlJPb2lQRDM1d1l0OERtMk9ydDZPeVowSjd0UWYzcXcaWkNoRUlnTkQ3cmdZUW92anp6ZmJ4dHJ2MUFSSXVBT3NHT1NKMUlzQzFHTlRRSThiQldzejl5MjI2bXBoWWJ2R1FTT3pEMVJ4cWxhd3dIYm5XNWJpZ1hPVW4tdyITCPK48rrkzoQDFfciBgAdWoEDsTICCAMyAggEMgIIBzICCAgyAggJMgIICjICCAI&is_vtc=1&cid=CAQSGwB7FLtq3fr3VR0USf2Zciq4yd48jw3gddOtzw&eitems=ChEIgND7rgYQmInFl4Xi4uSVARIdAGKtoUOfd3j4_K8qbaOgalzKEUXAYhi6UheAU8M&random=1719412344&ipr=y

50 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
cloud.benefitsapplication.com/
Redirect Chain

https://alphatra.cx/tracker/662f0a86-5bee-4601-9123-9ec39aa34829?src=bap-zip&utm_source=bap-zip&postal_code=04281&program=LIHEAP
https://tracker.cx/?src=bap-zip&utm_source=bap-zip&postal_code=04281&program=LIHEAP&flux_fts=tozpqcczzizziqaotazetoqzccxaxqqzzqqoixaef357&nx_clid=35025e17-ea87-4b2b-8192-0c7f8972a2f4
https://cloud.benefitsapplication.com/?src=bap-zip&utm_source=bap-zip&postal_code=04281&program=LIHEAP&nx_clid=35025e17-ea87-4b2b-8192-0c7f8972a2f4

828 KB
167 KB

864ms
486ms

Document
text/html

2606:4700:3036::6815:190f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud.benefitsapplication.com/?src=bap-zip&utm_source=bap-zip&postal_code=04281&program=LIHEAP&nx_clid=35025e17-ea87-4b2b-8192-0c7f8972a2f4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:190f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: d7ef44068ddd6d6f5044ed24402560c6e7a1d2c4fcdf84e23d99eaf7bc7ddba9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 85cb1fcd798666d6-AMS
content-encoding: br
content-type: text/html
date: Wed, 28 Feb 2024 19:37:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=03gmHzjVDAfp%2BgfUcZKa2Lfy2mpD7txrazE0rSiqr94uYDyBbEk8Q%2FuAvj3DUR3q81tsdNxfesIK9AoKjqvfXH6ZdUgtZJgbZPCwN2h7pHGj5tK9%2BWAbL37JhAp0uLSjLoUpjG3T1%2FXrX80v%2FoXOp08wJHfVYPbS72jpQw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
via: 1.1 google, 1.1 google
x-cloud-trace-context: 6baf007fe3947d1e57cfd0d0f851620c
x-powered-by: Express

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 85cb1fc6af62d5bc-CDG
content-type: text/html; charset=utf-8
date: Wed, 28 Feb 2024 19:37:47 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://cloud.benefitsapplication.com/?src=bap-zip&utm_source=bap-zip&postal_code=04281&program=LIHEAP&nx_clid=35025e17-ea87-4b2b-8192-0c7f8972a2f4
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="This is not a P3P policy"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pMaqSPHTxnbyGPjciYS1LNbugcNEhuUXFIWFKKeht4o4KOrOJI9ZAw5jxOyx%2B%2BDDySwjfUIfQDBiZBprEq7gRsgeSfXdq9y89IKf62C9qGi0rezxjwJkpuRcWdak"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.3.14
x-robots-tag: noindex, noarchive, nofollow

GET
H2 200 icon
fonts.heyflow.cloud/ 571 B
834 B 440ms
43ms Stylesheet
text/css 104.26.1.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.heyflow.cloud/icon?family=Material+Icons
Requested by: Host: cloud.benefitsapplication.com
URL: https://cloud.benefitsapplication.com/?src=bap-zip&utm_source=bap-zip&postal_code=04281&program=LIHEAP&nx_clid=35025e17-ea87-4b2b-8192-0c7f8972a2f4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.1.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: a8bc8ee122bc863cd29c35603c97a2aa62350a14e71e7d7980d65d128e289ead

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cloud.benefitsapplication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 19:37:49 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 28 Feb 2024 19:37:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tW2KLIJQ09srx%2FLsvXLUdaMCLqcsF8sWJ7I0XnICrwshLKgIPkOM9ASNRTtagimalLJA%2BOWcn72KN8glrWkvgPNCEVUFVqR4olsnVOBJEdYAT9cln1JitjBPI6Q4noSY0Fe2y4E%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: f06a09e6b43a65f9a8d3922700757f28
cache-control: private, max-age=604800
cf-ray: 85cb1fd3eed12c59-FRA

GET
H2 200 css
fonts.heyflow.cloud/ 34 KB
2 KB 1951ms
1554ms Stylesheet
text/css 104.26.1.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.heyflow.cloud/css?family=Open+Sans:300,400,500,600,700,800&display=swap
Requested by: Host: cloud.benefitsapplication.com
URL: https://cloud.benefitsapplication.com/?src=bap-zip&utm_source=bap-zip&postal_code=04281&program=LIHEAP&nx_clid=35025e17-ea87-4b2b-8192-0c7f8972a2f4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.1.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 87751b687b0afcd35a4c6ed51230e5e3ad887c454e80efcfabb58432fb364186

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cloud.benefitsapplication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 19:37:50 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 28 Feb 2024 19:37:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BD%2FPt46fGN6W34ksONqVyeFfMHXHGH0PXlrG8GGmNkVUK5m1%2ByJFjhR96ou2I4AdIHth2cE6CLYEcCmDVUnz4YcP5x1kh9y71s03CfAHKhazDHvtnk1qVv8rcsmyUUanjXnJL3Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 9bdd487a4ca23b9762418ad0715aab4a
cache-control: private, max-age=604800
cf-ray: 85cb1fd3eece2c59-FRA

GET
H2 200 8a597c01-1406-4688-9a9c-fd47420a77ad.svg
storage.googleapis.com/builder.zenflow.de/calculate-your-benefits/www/assets/ 45 KB
14 KB 226ms
51ms Image
image/svg+xml 2a00:1450:4001:812::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/builder.zenflow.de/calculate-your-benefits/www/assets/8a597c01-1406-4688-9a9c-fd47420a77ad.svg
Requested by: Host: cloud.benefitsapplication.com
URL: https://cloud.benefitsapplication.com/?src=bap-zip&utm_source=bap-zip&postal_code=04281&program=LIHEAP&nx_clid=35025e17-ea87-4b2b-8192-0c7f8972a2f4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e0efed8d38e63c83fdf8e72c1223ed2771d92d65d76797b2048bddb094fb7dc0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cloud.benefitsapplication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 19:37:50 GMT
content-encoding: gzip
x-guploader-uploadid: ABPtcPolIj7mV1DENW1t8KEeVZHuKJypyc5uk0i5em0OwZepmrHELXjC_Gyl-THyllu7t-XNTgM
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13420
last-modified: Wed, 23 Aug 2023 17:31:34 GMT
server: UploadServer
etag: "709e08f450df5ed3cd42e5955933e6c0"
vary: Accept-Encoding
x-goog-generation: 1692811894717919
content-type: image/svg+xml
access-control-allow-origin: *
x-goog-hash: crc32c=M9CJnw==, md5=cJ4I9FDfXtPNQuWVWTPmwA==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 13420
accept-ranges: bytes
expires: Wed, 28 Feb 2024 20:37:50 GMT

GET
H2 200 c29d0437-c598-48c9-bd45-d26fb740c973.png
storage.googleapis.com/builder.zenflow.de/calculate-your-benefits/www/assets/ 1012 KB
0 319ms
144ms Image
image/png 2a00:1450:4001:812::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/builder.zenflow.de/calculate-your-benefits/www/assets/c29d0437-c598-48c9-bd45-d26fb740c973.png
Requested by: Host: cloud.benefitsapplication.com
URL: https://cloud.benefitsapplication.com/?src=bap-zip&utm_source=bap-zip&postal_code=04281&program=LIHEAP&nx_clid=35025e17-ea87-4b2b-8192-0c7f8972a2f4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cloud.benefitsapplication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 19:37:50 GMT
x-guploader-uploadid: ABPtcPpPpslPkQbb1EI5VoRvMj9o8sOtkcLN9QIL8n5tdWR59LcZFJJ9xFkQtZoJFaagsslvTTA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified: Wed, 23 Aug 2023 17:31:14 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1692811874828624
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=7GaZPg==, md5=+W56qrpcU7tFlsApPM+DdQ==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 1538654
accept-ranges: none
expires: Wed, 28 Feb 2024 20:37:50 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 240 KB
84 KB 180ms
56ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TVQXVCD

Requested by

Host: cloud.benefitsapplication.com
URL: https://cloud.benefitsapplication.com/?src=bap-zip&utm_source=bap-zip&postal_code=04281&program=LIHEAP&nx_clid=35025e17-ea87-4b2b-8192-0c7f8972a2f4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c9f3414caad43e775235d2551f63a8656dae41b06f59a42925dd6bc8a32b9497

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cloud.benefitsapplication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 19:37:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 86107
x-xss-protection: 0
last-modified: Wed, 28 Feb 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 28 Feb 2024 19:37:51 GMT

GET
H2

200

bootstrap.js Show response
cdn.trustedform.com/
Redirect Chain

https://api.trustedform.com/trustedform.js?field=trusted_form_cert_url&ping_field=trusted_form_ping_url&l=1709149070976.025
https://cdn.trustedform.com/bootstrap.js?field=trusted_form_cert_url&ping_field=trusted_form_ping_url&l=1709149070976.025

8 KB
4 KB

1117ms
265ms

Script
application/javascript

2600:9000:26db:2000:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/bootstrap.js?field=trusted_form_cert_url&ping_field=trusted_form_ping_url&l=1709149070976.025
Requested by: Host: cloud.benefitsapplication.com
URL: https://cloud.benefitsapplication.com/?src=bap-zip&utm_source=bap-zip&postal_code=04281&program=LIHEAP&nx_clid=35025e17-ea87-4b2b-8192-0c7f8972a2f4
Protocol: H2
Server: 2600:9000:26db:2000:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 35cbf6a6e5e7ff72ebb142669e1727de048df4fc13fc9fb5d9bd2d8334de7a71

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cloud.benefitsapplication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 19:37:53 GMT
x-amz-version-id: D_l7Wi1wOYgTC52uzRMI5HnwJykAKtLr
content-encoding: gzip
last-modified: Wed, 08 Nov 2023 19:52:40 GMT
server: AmazonS3
via: 1.1 55965767fb32678a90a721ccc878aa86.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
etag: W/"e11406d1e7ba652ddbe0623e1207c210"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: VkkG3E_neDoPEt9Dy5orIuMBXHTqcYtbkaFwYFfZxAcKCFF6BbUq5g==

Redirect headers

location: https://cdn.trustedform.com:443/bootstrap.js?field=trusted_form_cert_url&ping_field=trusted_form_ping_url&l=1709149070976.025
date: Wed, 28 Feb 2024 19:37:51 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.heyflow.cloud/s/opensans/v40/ 47 KB
48 KB 644ms
57ms Font
font/woff2 2606:4700:20::681a:1f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.heyflow.cloud/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by: Host: fonts.heyflow.cloud
URL: https://fonts.heyflow.cloud/css?family=Open+Sans:300,400,500,600,700,800&display=swap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Request headers

Referer: https://fonts.heyflow.cloud/css?family=Open+Sans:300,400,500,600,700,800&display=swap
Origin: https://cloud.benefitsapplication.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 19:37:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 478319
x-powered-by: Express
content-length: 48236
last-modified: Fri, 23 Feb 2024 06:45:52 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oNVuTamskTaQIWpwXb7fsBgrF%2BIm0qkMzs7roRWz1nW3q4Qq3rp%2FN2Kjh7SzzGJWQ9gikg3m8ZGtbnXoWJ0v%2FSX9XopWLrPtqJ9FU1cbYw1conTolhewrjvEx5ZuS2wEk8pIOOLBLkYHgwZ4OAZfx98%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
x-cloud-trace-context: 629d5319db94713f9bb50b7b3a2116fd;o=1
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 85cb1fe19d06085b-FRA

GET
H2 200 variables.js Show response
influx.consumerco.com/js/ 19 KB
7 KB 633ms
108ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://influx.consumerco.com/js/variables.js
Requested by: Host: cloud.benefitsapplication.com
URL: https://cloud.benefitsapplication.com/?src=bap-zip&utm_source=bap-zip&postal_code=04281&program=LIHEAP&nx_clid=35025e17-ea87-4b2b-8192-0c7f8972a2f4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 559486dba0628a84165b8851743b600c67b1890f0e877b65e5160d7723463818

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cloud.benefitsapplication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 19:37:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 510
cf-polished: origSize=18970
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 04 Aug 2023 22:06:51 GMT
server: cloudflare
etag: W/"64cd767b-4a1a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2FaCWmSAxiXrg1fNPHhX87izo2YZ8zFgq9dzo8COV5P7EboJYsEcIH5Kxai%2B0cGqJjakqa0zQGj6V6f4uoM2GeR%2BbYkWGWVTAzu7EzItHRWCwpnUGiWurNcc3Z2svHxqI21kcHoYslU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 85cb1fe18d1343b2-EWR

POST
H2 200 / Show response
tracking.heyflow.cloud/ 2 B
317 B 94ms
94ms XHR
text/plain 2606:4700:20::681a:f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.heyflow.cloud/
Requested by: Host: cloud.benefitsapplication.com
URL: https://cloud.benefitsapplication.com/?src=bap-zip&utm_source=bap-zip&postal_code=04281&program=LIHEAP&nx_clid=35025e17-ea87-4b2b-8192-0c7f8972a2f4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json, text/plain, */*
Referer: https://cloud.benefitsapplication.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Wed, 28 Feb 2024 19:37:51 GMT
via: 1.1 google, 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: GET, POST, PUT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ohsod7AILDNJmVNWWrxYqDbtkFN9%2BUu%2BFQu%2Fmi2lhnsI%2FY4oWomD5S4daV6Afo1HFROfv70noOhrWXfadDr49IQ3C5vEMUGeElH7wYUglizVu4gi%2FLw8v7q9LEoAdHYOHSKTzus1dCiycfxUjl%2Bi8a12JJM%3D"}],"group":"cf-nel","max_age":604800}
x-cloud-trace-context: 9f2df614d22253cd68f719af778ddcb7
cf-ray: 85cb1fe02a6b694b-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 2

OPTIONS
H2 200 /
tracking.heyflow.cloud/ Frame 0
0 346ms
42ms Preflight
text/plain 2606:4700:20::681a:f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.heyflow.cloud/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://cloud.benefitsapplication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, PUT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 85cb1fdfea52694b-FRA
content-length: 2
content-type: text/plain; charset=utf-8
date: Wed, 28 Feb 2024 19:37:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i4ZONOeWdZV7NbQvH85V72vuEHfkwHjC2fMm9CpEUH1igNsXo39LHQQUGPP2LkgTofNq4DM6yOBfiCgnp83MXqVJNYbdVn2BxaTPLBo0qBYufmlU0kB7f%2F2o40Sill%2F5Z8sjuUNqhOqhmBZM%2FFLp9NDH2vk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google, 1.1 google
x-cloud-trace-context: 3559e7d4d3f2b5ef1a6faecffdb7f758

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 295 KB
97 KB 41ms
41ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XW69MMEQH2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TVQXVCD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a8889b2cddbce694cd0d9a5cae60da8eee2c0d8fc397165b5c6123c2c5d957d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cloud.benefitsapplication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 19:37:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 98995
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 28 Feb 2024 19:37:51 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 286 KB
95 KB 482ms
482ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JQ93NJ8P4Q&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TVQXVCD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6596b8146d932cc11cc29d8c817d01514d5956783179532007b90df6cbd70f6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cloud.benefitsapplication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 19:37:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97128
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 28 Feb 2024 19:37:51 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 215 KB
77 KB 182ms
182ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-1008539476&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TVQXVCD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3011e507cb626bffd05e68fc16d7fed58d8147b68d62bfa906ddb5561a6dfc4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cloud.benefitsapplication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 19:37:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78725
x-xss-protection: 0
last-modified: Wed, 28 Feb 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 28 Feb 2024 19:37:51 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 83ms
25ms Script
application/javascript 199.232.188.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TVQXVCD
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cloud.benefitsapplication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 19:37:51 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
x-amz-server-side-encryption: AES256
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kiad7000089-IAD, cache-muc13975-MUC

GET
H2 200 bat.js
bat.bing.com/ 5 KB
0 733ms
42ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TVQXVCD

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cloud.benefitsapplication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 28 Feb 2024 19:37:51 GMT
last-modified: Thu, 22 Feb 2024 21:00:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D921FEF109CF44579D23CBD4C907BF44 Ref B: FRAEDGE1410 Ref C: 2024-02-28T19:37:52Z
etag: "0adee36d265da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13197

GET
H2 200 api.min.js Show response
a.omappapi.com/app/js/ 51 KB
18 KB 616ms
28ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.js
Requested by: Host: cloud.benefitsapplication.com
URL: https://cloud.benefitsapplication.com/?src=bap-zip&utm_source=bap-zip&postal_code=04281&program=LIHEAP&nx_clid=35025e17-ea87-4b2b-8192-0c7f8972a2f4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 8424b8a3d195c1501a24371ab141becbb9c81ae93f7a86df80d63585683f47a6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cloud.benefitsapplication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 19:37:51 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-680
cdn-cachedat: 02/28/2024 14:48:06
cdn-pullzone: 293267
last-modified: Tue, 23 Jan 2024 18:36:58 GMT
server: BunnyCDN-DE1-1081
cdn-fileserver: 728
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65b0074a-cb9e"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: b186294eb6ac499f22b58b3776128e05
cdn-requestcountrycode: NL
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 nxt-15rpjopo634g Show response
influx.consumerco.com/tag/ 590 B
1 KB 717ms
548ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://influx.consumerco.com/tag/nxt-15rpjopo634g
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TVQXVCD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4011ec4af4fab274e5ebd0e21a6988dbf55b6af34c98fe9bd61ff2152f710011

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cloud.benefitsapplication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 19:37:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2B7IDizNfIEIFgE1eSY7IveCXO739nAa%2BLFyMDmHxRYeXTENG%2Fm1TctPxEGpjiyW87Cn8T6STRjjDJK9pBAOE6Cf9FFNPokaDC6gyHkQ5cW6naDHwxn%2FQP94AqikNcNPsPp58uNr%2BYE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, private
cf-ray: 85cb1fe18d1643b2-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 adsct
t.co/1/i/ 43 B
377 B 240ms
197ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=ea19bc7f-90d8-451b-bdf7-71db32a3aea4&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=b43f4426-9bed-4cd8-b229-a47984da20cf&tw_document_href=https%3A%2F%2Fcloud.benefitsapplication.com%2F%3Fsrc%3Dbap-zip%26utm_source%3Dbap-zip%26postal_code%3D04281%26program%3DLIHEAP%26nx_clid%3D35025e17-ea87-4b2b-8192-0c7f8972a2f4%23welcome-loader&tw_iframe_status=0&txn_id=ohxjw&type=javascript&version=2.3.29

Requested by

Host: cloud.benefitsapplication.com
URL: https://cloud.benefitsapplication.com/?src=bap-zip&utm_source=bap-zip&postal_code=04281&program=LIHEAP&nx_clid=35025e17-ea87-4b2b-8192-0c7f8972a2f4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cloud.benefitsapplication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-response-time: 177
date: Wed, 28 Feb 2024 19:37:50 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 8d1b3a2532452260
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: d41da9c244b9dd0f2466ea052b0eadcdcea50580f384c4e1d1f4969f8700661b
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
725 B 182ms
134ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=ea19bc7f-90d8-451b-bdf7-71db32a3aea4&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=b43f4426-9bed-4cd8-b229-a47984da20cf&tw_document_href=https%3A%2F%2Fcloud.benefitsapplication.com%2F%3Fsrc%3Dbap-zip%26utm_source%3Dbap-zip%26postal_code%3D04281%26program%3DLIHEAP%26nx_clid%3D35025e17-ea87-4b2b-8192-0c7f8972a2f4%23welcome-loader&tw_iframe_status=0&txn_id=ohxjw&type=javascript&version=2.3.29

Requested by

Host: cloud.benefitsapplication.com
URL: https://cloud.benefitsapplication.com/?src=bap-zip&utm_source=bap-zip&postal_code=04281&program=LIHEAP&nx_clid=35025e17-ea87-4b2b-8192-0c7f8972a2f4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cloud.benefitsapplication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-response-time: 116
date: Wed, 28 Feb 2024 19:37:50 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 92f36157944cd4ea
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: fe06081dd3781299c9fc501bc44675a2342ec1c51db3fa10370886cb1ae62047
content-length: 43

POST
H3 200 variables Show response
influx.consumerco.com/api/ 14 KB
3 KB 507ms
507ms XHR
application/json 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://influx.consumerco.com/api/variables
Requested by: Host: influx.consumerco.com
URL: https://influx.consumerco.com/js/variables.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccf7d7089c9831143e2ee046b8405cc74ca02c20668ae8ce4c725061d258fcce

Request headers

Accept: application/json, text/plain, */*
Referer: https://cloud.benefitsapplication.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 28 Feb 2024 19:37:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-ratelimit-remaining: 299
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kW6P97faSaKIX6FT671GlE2DSRfhZqWa3trHp7XfGdQh00p7kz59Wdtksu6cpwyERbAVLIXAo9INmD9Gi0cdY8EuUuXPF%2B%2Bz0kX4C4GlE9TXF6eunThvEh4zzVQwLgnn%2F3eL8CKRX7Vky0cskXhbTYIEo%2BE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-ratelimit-limit: 300
cf-ray: 85cb1fe74ad66610-AMS
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 204 variables
influx.consumerco.com/api/ Frame 0
0 849ms
800ms Preflight 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://influx.consumerco.com/api/variables
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://cloud.benefitsapplication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 0
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 85cb1fe248c56610-AMS
date: Wed, 28 Feb 2024 19:37:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gn770Roe%2FmRBXpkhi8Af33BP9AXP23zvI3yHt1KW3bzOO7VVvq3d83%2B38j8JUhabVyZh3ydkpTl7DmpQJ2ljUXJixn5MZY5ufFHjToClqsd9FhIhULC0m4doBaPF4JhqF6FctKpY20zg0Mhq5ULj7SuOB5c%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Access-Control-Request-Method, Access-Control-Request-Headers

POST
H2 200 / Show response
tracking.heyflow.cloud/ 2 B
317 B 102ms
101ms XHR
text/plain 2606:4700:20::681a:f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.heyflow.cloud/
Requested by: Host: cloud.benefitsapplication.com
URL: https://cloud.benefitsapplication.com/?src=bap-zip&utm_source=bap-zip&postal_code=04281&program=LIHEAP&nx_clid=35025e17-ea87-4b2b-8192-0c7f8972a2f4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json, text/plain, */*
Referer: https://cloud.benefitsapplication.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Wed, 28 Feb 2024 19:37:51 GMT
via: 1.1 google, 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: GET, POST, PUT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Og9%2B%2B48n6CKBufPKNN89loLVk5vYyyzvkFcO5DwNWzmezLlcIgYkOphlIHZ0pv4JyvY4wBIapJ2NtJDpiMhacwKBkCQANoQ81gerKUG1ZNy1kpVxg13Nds1VKOBC%2Be%2FaA8AXE%2FeWS66juR20mPyx3NnyE8%3D"}],"group":"cf-nel","max_age":604800}
x-cloud-trace-context: 3e1e2a3a9879a32ebd115800d3bccbb2
cf-ray: 85cb1fe27b60694b-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 2

OPTIONS
H2 200 /
tracking.heyflow.cloud/ Frame 0
0 46ms
46ms Preflight
text/plain 2606:4700:20::681a:f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.heyflow.cloud/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://cloud.benefitsapplication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, PUT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 85cb1fe23b40694b-FRA
content-length: 2
content-type: text/plain; charset=utf-8
date: Wed, 28 Feb 2024 19:37:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WTk3DiTvEh50IPJV%2Bg6uFJdAbFFKVZ8Rxa8VaVyK0fNylQcTTRnqV4Y2amX%2FEoZ2vqa646wOvzSXWoRWEEbx2Zau1MH4MBsPSN1K5Dx5mF4epH2VqE0xUcYGAF9Q9jSF4lyMRGpLUncSrVU4dmSN8dW0maw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google, 1.1 google
x-cloud-trace-context: e28a5b41c5ec62bc4caf9eb55ae9e92a

GET
H2 200 d5f2edd4-61ef-cfc3-73a7-4a04facd3370.js Show response
create.lidstatic.com/campaign/ 121 KB
38 KB 750ms
698ms Script
text/javascript 2606:4700:10::6816:27b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://create.lidstatic.com/campaign/d5f2edd4-61ef-cfc3-73a7-4a04facd3370.js?snippet_version=2
Requested by: Host: cloud.benefitsapplication.com
URL: https://cloud.benefitsapplication.com/?src=bap-zip&utm_source=bap-zip&postal_code=04281&program=LIHEAP&nx_clid=35025e17-ea87-4b2b-8192-0c7f8972a2f4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:27b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da48ec01c55957cdf72d3675557fac2d81421bde443d0ea92ac46ec528b9c6fa

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cloud.benefitsapplication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 19:37:52 GMT
x-amz-version-id: BDvqc7s2rorJg5NAdOzNdJ94vtmHhGn2
content-encoding: gzip
cf-cache-status: MISS
x-amz-request-id: 7F168NGAG76XJK10
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: OOem4T3fuQAB8NvSvg0XIpfBuMx1R2osVm7pA93r3YR28b3uxnIwWGlMaBgczYpx0LsmnFFac0dI9meRP81s4ymixYddUq+k31zu6IzbmUw=
last-modified: Thu, 18 Jan 2024 01:26:14 GMT
server: cloudflare
etag: W/"50c002ebf9b8c8ecae24a527d7d75424"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=1800
cf-ray: 85cb1fe43cd72be9-FRA

GET
H2 200 api.min.css
a.omappapi.com/app/js/ 10 KB
3 KB 22ms
22ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.css
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 182645413d8e9ce24afe2a8f46f4b1a622934cc12b0b5b4f1c6a9146c47c6e9f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cloud.benefitsapplication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 19:37:52 GMT
content-encoding: br
cdn-edgestorageid: 1082
perma-cache: HIT
cdn-storageserver: DE-679
cdn-cachedat: 02/28/2024 14:48:06
cdn-pullzone: 293267
last-modified: Tue, 23 Jan 2024 18:36:56 GMT
server: BunnyCDN-DE1-1081
cdn-fileserver: 599
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65b00748-2644"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 4927ea3086d3b4df408c9077a9746dd0
cdn-requestcountrycode: NL
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 172542 Show response
api.omappapi.com/v2/embed/ 260 B
969 B 474ms
122ms XHR
application/json 172.66.41.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.omappapi.com/v2/embed/172542?d=cloud.benefitsapplication.com
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.41.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86485eb5965948b834843a0e8588ab9dff6de1e53974fba1a93a5c571bbbb0c5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cloud.benefitsapplication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 19:37:52 GMT
via: 1.1 80b00aa2dcc58ca61b2465a37c89fc92.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: DYNAMIC
x-cache-config: 0 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA60-P10
x-cache-status: HIT
x-cache: Miss from cloudfront
x-optinmonster-account: 186974
x-user-agent: standard--
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: cloudflare
etag: W/"b91e5dc54e033e761837b7b846da520f"
vary: Accept-Encoding, User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BJWaZSmFRFF7ohzMWfhhFgriLSc0IgVj%2B3Hn7FlkRsDxDquW%2FgSCAHFeZeV%2FiQLsTG0PwIedHXzCQeMI9IRaqeGApNSC%2Fx0NAje63BqALts%2BnlDM1b0FF6Job8lgS8kwE1s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: X-OptinMonster-Account, X-User-Agent
cache-control: public, max-age=30, stale-while-revalidate=1800
cf-ray: 85cb1fe6bbae9a24-FRA
access-control-allow-headers: X-CSRF-Token
x-amz-cf-id: TKuhSAHHa2Q0sKG7sbJULsIPbf-jwBmFWeoRqVZtY7UWXylTrM_3Mg==
expires: Wed, 28 Feb 2024 19:21:48 GMT

GET
H2 200 escape-redirect.js Show response
influx.consumerco.com/js/ 254 KB
91 KB 119ms
118ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://influx.consumerco.com/js/escape-redirect.js?152511335
Requested by: Host: influx.consumerco.com
URL: https://influx.consumerco.com/tag/nxt-15rpjopo634g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 250889a4c2fd0181e652172464ace819132f7c4e297718b79a595ded4be3dc62

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cloud.benefitsapplication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 19:37:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1323
cf-polished: origSize=259780
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 04 Aug 2023 22:06:51 GMT
server: cloudflare
etag: W/"64cd767b-3f6c4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1BLwkPSzwxTlQASeZ622B48Ti2YYR2uJ74hwklRQQ6mIiwh8R4UvSuYlIl2vP9z96Nj%2F6IK0XC4UezwmLDTWzOnHHIlRpF%2FvoSWz2wn4vyy7TJa4oFOS3mc%2BcdtT%2BOn8RvJBjdQoEUc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 85cb1fe4fa7743b2-EWR

GET
H2 200 5.f30be17a.min.js Show response
a.omappapi.com/app/js/ 16 KB
6 KB 18ms
18ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/5.f30be17a.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: f8f188be3fa88f30858ed09ca59fb7c1d5f0293aad425355438711181da9c912

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cloud.benefitsapplication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 19:37:52 GMT
content-encoding: br
cdn-edgestorageid: 1082
perma-cache: HIT
cdn-storageserver: DE-679
cdn-cachedat: 02/28/2024 14:48:06
cdn-pullzone: 293267
last-modified: Tue, 23 Jan 2024 18:37:15 GMT
server: BunnyCDN-DE1-1081
cdn-fileserver: 709
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65b0075b-418d"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: bb71883c0434a5eefca04db845ad91e5
cdn-requestcountrycode: NL
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/1008539476/ 3 KB
2 KB 138ms
38ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1008539476/?random=1709149072840&cv=11&fst=1709149072840&bg=ffffff&guid=ON&async=1&gtm=45be42q1v9133000711z89100160315za201&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fcloud.benefitsapplication.com%2F%3Fsrc%3Dbap-zip%26utm_source%3Dbap-zip%26postal_code%3D04281%26program%3DLIHEAP%26nx_clid%3D35025e17-ea87-4b2b-8192-0c7f8972a2f4&label=OmnCCNyBtgQQ1K704AM&hn=www.googleadservices.com&frm=0&tiba=BenefitsApplication.com%20-%20Calculate%20Your%20Potential%20Benefits&value=0&bttype=purchase&npa=0&pscdl=noapi&auid=1686413803.1709149071&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-1008539476&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

bc318aa2727a61357a9872bac2563232239bfbb341b865f55b006e483a782820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cloud.benefitsapplication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Feb 2024 19:37:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1810
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.nl/pagead/1p-conversion/1008539476/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1008539476/?random=672206012&cv=11&fst=1709149072840&bg=ffffff&guid=ON&async=1&gtm=45be42q1v9133000711z89100160315za201&gcd=13l3l3l3...
https://www.google.com/pagead/1p-conversion/1008539476/?random=672206012&cv=11&fst=1709149072840&bg=ffffff&guid=ON&async=1&gtm=45be42q1v9133000711z89100160315za201&gcd=13l3l3l3l1&dma_cps=sypham&dma...
https://www.google.nl/pagead/1p-conversion/1008539476/?random=672206012&cv=11&fst=1709149072840&bg=ffffff&guid=ON&async=1&gtm=45be42q1v9133000711z89100160315za201&gcd=13l3l3l3l1&dma_cps=sypham&dma=...

42 B
455 B

368ms
322ms

Image
image/gif

2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-conversion/1008539476/?random=672206012&cv=11&fst=1709149072840&bg=ffffff&guid=ON&async=1&gtm=45be42q1v9133000711z89100160315za201&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fcloud.benefitsapplication.com%2F%3Fsrc%3Dbap-zip%26utm_source%3Dbap-zip%26postal_code%3D04281%26program%3DLIHEAP%26nx_clid%3D35025e17-ea87-4b2b-8192-0c7f8972a2f4&label=OmnCCNyBtgQQ1K704AM&hn=www.googleadservices.com&frm=0&tiba=BenefitsApplication.com%20-%20Calculate%20Your%20Potential%20Benefits&value=0&npa=0&pscdl=noapi&auid=1686413803.1709149071&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=kIvfZfKwOvfFmLAP2oKOiAs&sscte=1&crd=COy7sQII4b2xAg&pscrd=Ek5DaEFJZ05EN3JnWVEyZmkxcHBESW5KUVZFaVlBQjM5eWlMNEFVSl94bE9EUDVUSlJPb2lQRDM1d1l0OERtMk9ydDZPeVowSjd0UWYzcXcaWkNoRUlnTkQ3cmdZUW92anp6ZmJ4dHJ2MUFSSXVBT3NHT1NKMUlzQzFHTlRRSThiQldzejl5MjI2bXBoWWJ2R1FTT3pEMVJ4cWxhd3dIYm5XNWJpZ1hPVW4tdyITCPK48rrkzoQDFfciBgAdWoEDsTICCAMyAggEMgIIBzICCAgyAggJMgIICjICCAI&is_vtc=1&cid=CAQSGwB7FLtq3fr3VR0USf2Zciq4yd48jw3gddOtzw&eitems=ChEIgND7rgYQmInFl4Xi4uSVARIdAGKtoUOfd3j4_K8qbaOgalzKEUXAYhi6UheAU8M&random=1719412344&ipr=y

Requested by

Host: cloud.benefitsapplication.com
URL: https://cloud.benefitsapplication.com/?src=bap-zip&utm_source=bap-zip&postal_code=04281&program=LIHEAP&nx_clid=35025e17-ea87-4b2b-8192-0c7f8972a2f4

Protocol

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cloud.benefitsapplication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Feb 2024 19:37:55 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 28 Feb 2024 19:37:55 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.nl/pagead/1p-conversion/1008539476/?random=672206012&cv=11&fst=1709149072840&bg=ffffff&guid=ON&async=1&gtm=45be42q1v9133000711z89100160315za201&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fcloud.benefitsapplication.com%2F%3Fsrc%3Dbap-zip%26utm_source%3Dbap-zip%26postal_code%3D04281%26program%3DLIHEAP%26nx_clid%3D35025e17-ea87-4b2b-8192-0c7f8972a2f4&label=OmnCCNyBtgQQ1K704AM&hn=www.googleadservices.com&frm=0&tiba=BenefitsApplication.com%20-%20Calculate%20Your%20Potential%20Benefits&value=0&npa=0&pscdl=noapi&auid=1686413803.1709149071&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=kIvfZfKwOvfFmLAP2oKOiAs&sscte=1&crd=COy7sQII4b2xAg&pscrd=Ek5DaEFJZ05EN3JnWVEyZmkxcHBESW5KUVZFaVlBQjM5eWlMNEFVSl94bE9EUDVUSlJPb2lQRDM1d1l0OERtMk9ydDZPeVowSjd0UWYzcXcaWkNoRUlnTkQ3cmdZUW92anp6ZmJ4dHJ2MUFSSXVBT3NHT1NKMUlzQzFHTlRRSThiQldzejl5MjI2bXBoWWJ2R1FTT3pEMVJ4cWxhd3dIYm5XNWJpZ1hPVW4tdyITCPK48rrkzoQDFfciBgAdWoEDsTICCAMyAggEMgIIBzICCAgyAggJMgIICjICCAI&is_vtc=1&cid=CAQSGwB7FLtq3fr3VR0USf2Zciq4yd48jw3gddOtzw&eitems=ChEIgND7rgYQmInFl4Xi4uSVARIdAGKtoUOfd3j4_K8qbaOgalzKEUXAYhi6UheAU8M&random=1719412344&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 GenerateToken Show response
create.leadid.com/2.12.1/ 36 B
660 B 387ms
159ms XHR
text/plain 34.233.112.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.12.1/GenerateToken?msn=1&pid=c596c092-1e50-41be-a6d7-c82ea5546322&_=138618107

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/d5f2edd4-61ef-cfc3-73a7-4a04facd3370.js?snippet_version=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.233.112.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-233-112-162.compute-1.amazonaws.com

Software

nginx /

Resource Hash

05420601a59ffaeb3313bf7315f3e86746b6259371e677190c252138a53d37d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://cloud.benefitsapplication.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 28 Feb 2024 19:37:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
263 B 210ms
63ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-XW69MMEQH2&gtm=45je42q1v896975293z89100160315za220&_p=1709149070975&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1408071893.1709149073&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1709149073&sct=1&seg=0&dl=https%3A%2F%2Fcloud.benefitsapplication.com%2F%3Fsrc%3Dbap-zip%26utm_source%3Dbap-zip%26postal_code%3D04281%26program%3DLIHEAP%26nx_clid%3D35025e17-ea87-4b2b-8192-0c7f8972a2f4&dt=BenefitsApplication.com%20-%20Calculate%20Your%20Potential%20Benefits&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=7495
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XW69MMEQH2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cloud.benefitsapplication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Feb 2024 19:37:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cloud.benefitsapplication.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 137ms
102ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-JQ93NJ8P4Q&gtm=45je42q1v9104349748z89100160315za200&_p=1709149070975&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1408071893.1709149073&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1709149073&sct=1&seg=0&dl=https%3A%2F%2Fcloud.benefitsapplication.com%2F%3Fsrc%3Dbap-zip%26utm_source%3Dbap-zip%26postal_code%3D04281%26program%3DLIHEAP%26nx_clid%3D35025e17-ea87-4b2b-8192-0c7f8972a2f4&dt=BenefitsApplication.com%20-%20Calculate%20Your%20Potential%20Benefits&en=page_view&_fv=1&_ss=1&tfd=7608
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JQ93NJ8P4Q&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cloud.benefitsapplication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Feb 2024 19:37:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cloud.benefitsapplication.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK iframe.html Show response
d2m2wsoho8qq12.cloudfront.net/ Frame E50D 3 KB
2 KB 83ms
19ms Document
text/html 13.32.23.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=B0D45995-0111-8C64-F6B3-8A3AAE30A94D&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=D5F2EDD4-61EF-CFC3-73A7-4A04FACD3370&lac=EC8E09E9-A051-4FE7-7CC0-C53197F1C2D2

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/d5f2edd4-61ef-cfc3-73a7-4a04facd3370.js?snippet_version=2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.32.23.8 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-23-8.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://cloud.benefitsapplication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Age: 82962
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Tue, 27 Feb 2024 20:35:53 GMT
Etag: W/"65a0715c-dbb"
Last-Modified: Thu, 11 Jan 2024 22:53:16 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Via: 1.1 c1e2423613b2dcb4230386a2b285734e.cloudfront.net (CloudFront)
X-Amz-Cf-Id: QL1SiSzH-To5GhVlk7-CzmUOFpYTzc8qGIzTtknHlc8b5_84I6dCSw==
X-Amz-Cf-Pop: FRA56-C2
X-Cache: Hit from cloudfront

POST
H2 200 SaveDom Show response
create.leadid.com/2.12.1/ 0
622 B 106ms
106ms XHR
text/plain 34.233.112.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.12.1/SaveDom?msn=2&pid=c596c092-1e50-41be-a6d7-c82ea5546322&token=B0D45995-0111-8C64-F6B3-8A3AAE30A94D&_=138618108

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/d5f2edd4-61ef-cfc3-73a7-4a04facd3370.js?snippet_version=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.233.112.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-233-112-162.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://cloud.benefitsapplication.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 28 Feb 2024 19:37:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 InitFormData Show response
create.leadid.com/2.12.1/ 0
623 B 524ms
418ms XHR
text/plain 34.233.112.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.12.1/InitFormData?msn=3&pid=c596c092-1e50-41be-a6d7-c82ea5546322&token=B0D45995-0111-8C64-F6B3-8A3AAE30A94D&_=138618109

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/d5f2edd4-61ef-cfc3-73a7-4a04facd3370.js?snippet_version=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.233.112.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-233-112-162.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://cloud.benefitsapplication.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 28 Feb 2024 19:37:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 counter.js Show response
www.statcounter.com/counter/ 35 KB
13 KB 91ms
31ms Script
application/javascript 104.20.94.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.statcounter.com/counter/counter.js
Requested by: Host: cloud.benefitsapplication.com
URL: https://cloud.benefitsapplication.com/?src=bap-zip&utm_source=bap-zip&postal_code=04281&program=LIHEAP&nx_clid=35025e17-ea87-4b2b-8192-0c7f8972a2f4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.94.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b85cab2ce3acacb8e4ff31872231b0c5914539ab27e88f3ed9449a31c044711

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cloud.benefitsapplication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 19:37:53 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 26 Feb 2024 20:00:53 GMT
server: cloudflare
age: 9937
etag: W/"65dcedf5-8b94"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 85cb1feea89d5bed-FRA
expires: Thu, 29 Feb 2024 04:52:16 GMT

GET
H2 200 iframe.html Show response
deviceid.trueleadid.com/ Frame 91EF 4 KB
2 KB 162ms
107ms Document
text/html 45.223.19.68
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://deviceid.trueleadid.com/iframe.html?token=B0D45995-0111-8C64-F6B3-8A3AAE30A94D&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=D5F2EDD4-61EF-CFC3-73A7-4A04FACD3370&lac=EC8E09E9-A051-4FE7-7CC0-C53197F1C2D2

Requested by

Host: d2m2wsoho8qq12.cloudfront.net
URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=B0D45995-0111-8C64-F6B3-8A3AAE30A94D&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=D5F2EDD4-61EF-CFC3-73A7-4A04FACD3370&lac=EC8E09E9-A051-4FE7-7CC0-C53197F1C2D2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.19.68 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

73807b5b2c21ae4be7422e6d0ae6d966abb6f06646de155ca11eac4e88300564

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: max-age=86400 public
content-encoding: gzip
content-type: text/html
date: Wed, 28 Feb 2024 19:37:53 GMT
etag: W/"6554d155-1049"
expires: Thu, 29 Feb 2024 19:37:53 GMT
last-modified: Wed, 15 Nov 2023 14:10:29 GMT
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
server: nginx
strict-transport-security: max-age=31536000
x-cdn: Imperva
x-iinfo: 57-88558393-88512920 pNNy RT(1709149073306 15) q(0 0 0 0) r(1 1) U24
x-incap-sess-cookie-hdr: pmohGskMNmi+loMDrohwF5GL32UAAAAAKiqsHOOXuXn2MZ3p4gctkA==

GET
H2 200 t.php Show response
c.statcounter.com/ 192 B
577 B 165ms
149ms XHR
application/json 104.20.94.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?sc_project=12835804&u1=4806EAAC62974F98DE993EC21E24A035&java=1&security=571a3dc5&sc_snum=1&sess=a85201&sc_rum_e_s=7770&sc_rum_e_e=7773&sc_rum_f_s=0&sc_rum_f_e=7751&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&sc_ev_src=bap-zip&sc_ev_utm_source=bap-zip&resolution=1600&h=1200&camefrom=&u=https%3A//cloud.benefitsapplication.com/%3Fsrc%3Dbap-zip%26utm_source%3Dbap-zip%26postal_code%3D04281%26program%3DLIHEAP%26nx_clid%3D35025e17-ea87-4b2b-8192-0c7f8972a2f4%23welcome-loader&t=BenefitsApplication.com%20-%20Calculate%20Your%20Potential%20Benefits&get_config=true
Requested by: Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.94.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cloud.benefitsapplication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 19:37:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/json
access-control-allow-origin: https://cloud.benefitsapplication.com
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials: true
cf-ray: 85cb1fef18dc5bed-FRA
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 _Incapsula_Resource Show response
deviceid.trueleadid.com/ Frame 91EF 144 KB
20 KB 19ms
19ms Script
application/javascript 45.223.19.68
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://deviceid.trueleadid.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1815864200

Requested by

Host: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=B0D45995-0111-8C64-F6B3-8A3AAE30A94D&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=D5F2EDD4-61EF-CFC3-73A7-4A04FACD3370&lac=EC8E09E9-A051-4FE7-7CC0-C53197F1C2D2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.19.68 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

2dff1d9efc9095546b40cc0d2bec78bfc7b8118312e410ece7b3a94d3be50f0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://deviceid.trueleadid.com/iframe.html?token=B0D45995-0111-8C64-F6B3-8A3AAE30A94D&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=D5F2EDD4-61EF-CFC3-73A7-4A04FACD3370&lac=EC8E09E9-A051-4FE7-7CC0-C53197F1C2D2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
cache-control: no-cache, no-store
content-encoding: gzip
x-robots-tag: noindex
content-length: 20557
content-type: application/javascript

GET
H2 200 SaveDeviceId.js Show response
create.leadid.com/2.12.1/ Frame 91EF 0
627 B 352ms
144ms Script
text/javascript 34.233.112.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.12.1/SaveDeviceId.js?lac=EC8E09E9-A051-4FE7-7CC0-C53197F1C2D2&lck=D5F2EDD4-61EF-CFC3-73A7-4A04FACD3370&methods=48&token=B0D45995-0111-8C64-F6B3-8A3AAE30A94D&uuid=daddbe5da15743418e0018e96807609e

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.233.112.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-233-112-162.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://deviceid.trueleadid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 19:37:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 Snap Show response
create.leadid.com/2.12.1/ 0
623 B 726ms
471ms XHR
text/plain 34.233.112.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.12.1/Snap?msn=4&pid=c596c092-1e50-41be-a6d7-c82ea5546322&token=B0D45995-0111-8C64-F6B3-8A3AAE30A94D&_=138618110

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/d5f2edd4-61ef-cfc3-73a7-4a04facd3370.js?snippet_version=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.233.112.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-233-112-162.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://cloud.benefitsapplication.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 28 Feb 2024 19:37:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 _Incapsula_Resource
deviceid.trueleadid.com/ Frame 91EF 1 B
36 B 13ms
13ms Image
text/plain 45.223.19.68
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://deviceid.trueleadid.com/_Incapsula_Resource?SWKMTFSR=1&e=0.37503131657313515

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.19.68 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://deviceid.trueleadid.com/iframe.html?token=B0D45995-0111-8C64-F6B3-8A3AAE30A94D&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=D5F2EDD4-61EF-CFC3-73A7-4A04FACD3370&lac=EC8E09E9-A051-4FE7-7CC0-C53197F1C2D2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

GET
DATA 200
OK truncated
/ 49 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/gif

POST
H2 200 / Show response
tracking.heyflow.cloud/ 2 B
322 B 341ms
341ms XHR
text/plain 2606:4700:20::681a:f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.heyflow.cloud/
Requested by: Host: cloud.benefitsapplication.com
URL: https://cloud.benefitsapplication.com/?src=bap-zip&utm_source=bap-zip&postal_code=04281&program=LIHEAP&nx_clid=35025e17-ea87-4b2b-8192-0c7f8972a2f4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json, text/plain, */*
Referer: https://cloud.benefitsapplication.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Wed, 28 Feb 2024 19:37:54 GMT
via: 1.1 google, 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: GET, POST, PUT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lq9LNBUyLraZvwwADTk%2FzZ%2FEaGTMALx6vC%2F2rK%2F5Bg6PVSaVPDq71Rm4REJz5%2BeLiLZNdiyfKwJVLQWdbGzJXZRTnCX4lbmhtjjg5%2BOFsRUVBkemM%2Fui9o3CtX0Ag7HD8000kcP8D7OV6yJhh3zgCeCr3yo%3D"}],"group":"cf-nel","max_age":604800}
x-cloud-trace-context: 1d616cd90eab2ddbed96163145cbe9f2
cf-ray: 85cb1ff10ceb694b-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 2

OPTIONS
H2 200 /
tracking.heyflow.cloud/ Frame 0
0 39ms
39ms Preflight
text/plain 2606:4700:20::681a:f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.heyflow.cloud/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://cloud.benefitsapplication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, PUT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 85cb1ff0cca7694b-FRA
content-length: 2
content-type: text/plain; charset=utf-8
date: Wed, 28 Feb 2024 19:37:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c8Z6dt4IJFX6e0l3mxtrXHPHp32DvcqUNOThIfnxQ7qmDi6zbRGeLbHfIUceDExRgx9JNHCQM7nxSm6CiEaoVwKV6Fi08r5l5aKgS25lmR81EIPe3lK%2FEmB4PFrqrCiJyMgRdszjxEzMJQH8HCWVzXijKQ8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google, 1.1 google
x-cloud-trace-context: 30e3a80dc234bbdb4631b2e9b6b3f7ba

POST
H2 200 InitFormData Show response
create.leadid.com/2.12.1/ 0
623 B 408ms
407ms XHR
text/plain 34.233.112.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.12.1/InitFormData?msn=5&pid=c596c092-1e50-41be-a6d7-c82ea5546322&token=B0D45995-0111-8C64-F6B3-8A3AAE30A94D&_=138618111

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/d5f2edd4-61ef-cfc3-73a7-4a04facd3370.js?snippet_version=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.233.112.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-233-112-162.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://cloud.benefitsapplication.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 28 Feb 2024 19:37:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 Snap Show response
create.leadid.com/2.12.1/ 0
623 B 729ms
274ms XHR
text/plain 34.233.112.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.12.1/Snap?msn=6&pid=c596c092-1e50-41be-a6d7-c82ea5546322&token=B0D45995-0111-8C64-F6B3-8A3AAE30A94D&_=138618112

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/d5f2edd4-61ef-cfc3-73a7-4a04facd3370.js?snippet_version=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.233.112.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-233-112-162.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://cloud.benefitsapplication.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 28 Feb 2024 19:37:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 21ms
21ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-XW69MMEQH2&gtm=45je42q1v896975293za220&_p=1709149070975&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1408071893.1709149073&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEA&_s=2&sid=1709149073&sct=1&seg=0&dl=https%3A%2F%2Fcloud.benefitsapplication.com%2F%3Fsrc%3Dbap-zip%26utm_source%3Dbap-zip%26postal_code%3D04281%26program%3DLIHEAP%26nx_clid%3D35025e17-ea87-4b2b-8192-0c7f8972a2f4&dt=BenefitsApplication.com%20-%20Calculate%20Your%20Potential%20Benefits&en=scroll&epn.percent_scrolled=90&_et=7&tfd=12503
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XW69MMEQH2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cloud.benefitsapplication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Feb 2024 19:37:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cloud.benefitsapplication.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 29ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-JQ93NJ8P4Q&gtm=45je42q1v9104349748za200&_p=1709149070975&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1408071893.1709149073&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEA&_s=2&sid=1709149073&sct=1&seg=0&dl=https%3A%2F%2Fcloud.benefitsapplication.com%2F%3Fsrc%3Dbap-zip%26utm_source%3Dbap-zip%26postal_code%3D04281%26program%3DLIHEAP%26nx_clid%3D35025e17-ea87-4b2b-8192-0c7f8972a2f4&dt=BenefitsApplication.com%20-%20Calculate%20Your%20Potential%20Benefits&en=scroll&epn.percent_scrolled=90&_et=6&tfd=12614
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JQ93NJ8P4Q&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cloud.benefitsapplication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Feb 2024 19:37:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cloud.benefitsapplication.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
tracker.cx/	1970-01-20 18:47:15	Name: PHPSESSID Value: d873f8acf6260decc629d69212347452
tracker.cx/	1970-01-21 03:31:25	Name: csid3 Value: d873f8acf6260decc629d69212347452
.benefitsapplication.com/	1970-01-20 20:55:25	Name: _gcl_au Value: 1.1.1686413803.1709149071
.twitter.com/	1970-01-21 04:21:49	Name: guest_id_marketing Value: v1%3A170914907158339642
.twitter.com/	1970-01-21 04:21:49	Name: guest_id_ads Value: v1%3A170914907158339642
.twitter.com/	1970-01-21 04:21:49	Name: personalization_id Value: "v1_UekUGLs5QIsk42TPiY8I3g=="
.twitter.com/	1970-01-21 04:21:49	Name: guest_id Value: v1%3A170914907158339642
.t.co/	1970-01-21 04:21:49	Name: muc_ads Value: df4af2ea-ca38-4e29-adbd-e2c1f94ef768
cloud.benefitsapplication.com/	1970-01-21 04:21:49	Name: _omappvp Value: zZqDNhyXhezOXFgO8R3LPd6XY1LDTRAqvAuyEECR13TYgByoP6r7MzsERSapZvve23ACpfjvUjgLjOvPLiBCVaVBxfMCb6Au
cloud.benefitsapplication.com/	1970-01-20 18:45:50	Name: _omappvs Value: 1709149072071
.doubleclick.net/	1970-01-20 18:45:49	Name: test_cookie Value: CheckForPermission
.benefitsapplication.com/	1970-01-21 04:21:49	Name: _ga Value: GA1.1.1408071893.1709149073
.benefitsapplication.com/	1970-01-21 04:21:49	Name: _ga_XW69MMEQH2 Value: GS1.1.1709149073.1.0.1709149073.0.0.0
.benefitsapplication.com/	1970-01-21 04:21:49	Name: _ga_JQ93NJ8P4Q Value: GS1.1.1709149073.1.0.1709149073.0.0.0
cloud.benefitsapplication.com/	1970-01-20 18:45:49	Name: leadid_token-EC8E09E9-A051-4FE7-7CC0-C53197F1C2D2-D5F2EDD4-61EF-CFC3-73A7-4A04FACD3370 Value: B0D45995-0111-8C64-F6B3-8A3AAE30A94D
.cloud.benefitsapplication.com/	1970-01-21 04:21:49	Name: sc_is_visitor_unique Value: rx12835804.1709149074.4806EAAC62974F98DE993EC21E24A035.1.1.1.1.1.1.1.1.1
.trueleadid.com/	1969-12-31 23:59:59	Name: nlbi_3051494 Value: 8APMYLstSE21lUcCC30iGwAAAAA2wqPJ/8BADWYcDL/lwcHc
.trueleadid.com/	1970-01-21 03:30:09	Name: visid_incap_3051494 Value: a8r2PpMkR/uaip0MUYMh35GL32UAAAAAQUIPAAAAAACs91+P+6lUhnre6QElNg1G
.trueleadid.com/	1969-12-31 23:59:59	Name: incap_ses_1689_3051494 Value: vWTEbK99sxS+loMDrohwF5GL32UAAAAAV9DxhWLy+XD2CLI7Qj6uQw==
.deviceid.trueleadid.com/	1970-01-21 04:21:49	Name: uuid Value: daddbe5da15743418e0018e96807609e
.statcounter.com/	1970-01-21 04:21:49	Name: is_unique Value: sc12835804.1709149073.0
.statcounter.com/	1970-01-21 04:21:49	Name: is_visitor_unique Value: 1709149073267122339

22 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cloud.benefitsapplication.com/?src=bap-zip&utm_source=bap-zip&postal_code=04281&program=LIHEAP&nx_clid=35025e17-ea87-4b2b-8192-0c7f8972a2f4#welcome-loader Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cloud.benefitsapplication.com/?src=bap-zip&utm_source=bap-zip&postal_code=04281&program=LIHEAP&nx_clid=35025e17-ea87-4b2b-8192-0c7f8972a2f4#welcome-loader Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cloud.benefitsapplication.com/?src=bap-zip&utm_source=bap-zip&postal_code=04281&program=LIHEAP&nx_clid=35025e17-ea87-4b2b-8192-0c7f8972a2f4#welcome-loader Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cloud.benefitsapplication.com/?src=bap-zip&utm_source=bap-zip&postal_code=04281&program=LIHEAP&nx_clid=35025e17-ea87-4b2b-8192-0c7f8972a2f4#welcome-loader Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cloud.benefitsapplication.com/?src=bap-zip&utm_source=bap-zip&postal_code=04281&program=LIHEAP&nx_clid=35025e17-ea87-4b2b-8192-0c7f8972a2f4#welcome-loader Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cloud.benefitsapplication.com/?src=bap-zip&utm_source=bap-zip&postal_code=04281&program=LIHEAP&nx_clid=35025e17-ea87-4b2b-8192-0c7f8972a2f4#welcome-loader Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cloud.benefitsapplication.com/?src=bap-zip&utm_source=bap-zip&postal_code=04281&program=LIHEAP&nx_clid=35025e17-ea87-4b2b-8192-0c7f8972a2f4#welcome-loader Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cloud.benefitsapplication.com/?src=bap-zip&utm_source=bap-zip&postal_code=04281&program=LIHEAP&nx_clid=35025e17-ea87-4b2b-8192-0c7f8972a2f4#welcome-loader Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cloud.benefitsapplication.com/?src=bap-zip&utm_source=bap-zip&postal_code=04281&program=LIHEAP&nx_clid=35025e17-ea87-4b2b-8192-0c7f8972a2f4#welcome-loader Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cloud.benefitsapplication.com/?src=bap-zip&utm_source=bap-zip&postal_code=04281&program=LIHEAP&nx_clid=35025e17-ea87-4b2b-8192-0c7f8972a2f4#welcome-loader Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cloud.benefitsapplication.com/?src=bap-zip&utm_source=bap-zip&postal_code=04281&program=LIHEAP&nx_clid=35025e17-ea87-4b2b-8192-0c7f8972a2f4#welcome-loader Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cloud.benefitsapplication.com/?src=bap-zip&utm_source=bap-zip&postal_code=04281&program=LIHEAP&nx_clid=35025e17-ea87-4b2b-8192-0c7f8972a2f4#welcome-loader Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cloud.benefitsapplication.com/?src=bap-zip&utm_source=bap-zip&postal_code=04281&program=LIHEAP&nx_clid=35025e17-ea87-4b2b-8192-0c7f8972a2f4#welcome-loader Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cloud.benefitsapplication.com/?src=bap-zip&utm_source=bap-zip&postal_code=04281&program=LIHEAP&nx_clid=35025e17-ea87-4b2b-8192-0c7f8972a2f4#welcome-loader Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cloud.benefitsapplication.com/?src=bap-zip&utm_source=bap-zip&postal_code=04281&program=LIHEAP&nx_clid=35025e17-ea87-4b2b-8192-0c7f8972a2f4#welcome-loader Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cloud.benefitsapplication.com/?src=bap-zip&utm_source=bap-zip&postal_code=04281&program=LIHEAP&nx_clid=35025e17-ea87-4b2b-8192-0c7f8972a2f4#welcome-loader Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cloud.benefitsapplication.com/?src=bap-zip&utm_source=bap-zip&postal_code=04281&program=LIHEAP&nx_clid=35025e17-ea87-4b2b-8192-0c7f8972a2f4#welcome-loader Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cloud.benefitsapplication.com/?src=bap-zip&utm_source=bap-zip&postal_code=04281&program=LIHEAP&nx_clid=35025e17-ea87-4b2b-8192-0c7f8972a2f4#welcome-loader Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cloud.benefitsapplication.com/?src=bap-zip&utm_source=bap-zip&postal_code=04281&program=LIHEAP&nx_clid=35025e17-ea87-4b2b-8192-0c7f8972a2f4#welcome-loader Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cloud.benefitsapplication.com/?src=bap-zip&utm_source=bap-zip&postal_code=04281&program=LIHEAP&nx_clid=35025e17-ea87-4b2b-8192-0c7f8972a2f4#welcome-loader Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cloud.benefitsapplication.com/?src=bap-zip&utm_source=bap-zip&postal_code=04281&program=LIHEAP&nx_clid=35025e17-ea87-4b2b-8192-0c7f8972a2f4#welcome-loader Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cloud.benefitsapplication.com/?src=bap-zip&utm_source=bap-zip&postal_code=04281&program=LIHEAP&nx_clid=35025e17-ea87-4b2b-8192-0c7f8972a2f4#welcome Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.omappapi.com
alphatra.cx
analytics.twitter.com
api.omappapi.com
api.trustedform.com
bat.bing.com
c.statcounter.com
cdn.trustedform.com
cloud.benefitsapplication.com
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
deviceid.trueleadid.com
fonts.heyflow.cloud
googleads.g.doubleclick.net
influx.consumerco.com
region1.google-analytics.com
static.ads-twitter.com
storage.googleapis.com
t.co
tracker.cx
tracking.heyflow.cloud
www.google.com
www.google.nl
www.googleadservices.com
www.googletagmanager.com
www.statcounter.com
104.20.94.138
104.244.42.3
104.244.42.69
104.26.1.240
13.32.23.8
142.250.186.162
172.66.41.8
188.114.97.3
199.232.188.157
2001:4860:4802:32::36
2400:52e0:1e00::1081:1
2600:9000:26db:2000:1c:7f1a:6680:93a1
2606:4700:10::6816:27b6
2606:4700:20::681a:1f0
2606:4700:20::681a:f0
2606:4700:3036::6815:190f
2620:1ec:c11::200
2a00:1450:4001:800::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:812::201b
2a00:1450:4001:830::2008
2a00:1450:4001:831::2003
2a06:98c1:3120::3
2a06:98c1:3121::7
34.233.112.162
45.223.19.68
54.88.172.227
05420601a59ffaeb3313bf7315f3e86746b6259371e677190c252138a53d37d1
0b85cab2ce3acacb8e4ff31872231b0c5914539ab27e88f3ed9449a31c044711
182645413d8e9ce24afe2a8f46f4b1a622934cc12b0b5b4f1c6a9146c47c6e9f
250889a4c2fd0181e652172464ace819132f7c4e297718b79a595ded4be3dc62
2dff1d9efc9095546b40cc0d2bec78bfc7b8118312e410ece7b3a94d3be50f0c
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3011e507cb626bffd05e68fc16d7fed58d8147b68d62bfa906ddb5561a6dfc4c
35cbf6a6e5e7ff72ebb142669e1727de048df4fc13fc9fb5d9bd2d8334de7a71
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
4011ec4af4fab274e5ebd0e21a6988dbf55b6af34c98fe9bd61ff2152f710011
559486dba0628a84165b8851743b600c67b1890f0e877b65e5160d7723463818
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
6596b8146d932cc11cc29d8c817d01514d5956783179532007b90df6cbd70f6b
73807b5b2c21ae4be7422e6d0ae6d966abb6f06646de155ca11eac4e88300564
8424b8a3d195c1501a24371ab141becbb9c81ae93f7a86df80d63585683f47a6
86485eb5965948b834843a0e8588ab9dff6de1e53974fba1a93a5c571bbbb0c5
87751b687b0afcd35a4c6ed51230e5e3ad887c454e80efcfabb58432fb364186
a8889b2cddbce694cd0d9a5cae60da8eee2c0d8fc397165b5c6123c2c5d957d5
a8bc8ee122bc863cd29c35603c97a2aa62350a14e71e7d7980d65d128e289ead
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
bc318aa2727a61357a9872bac2563232239bfbb341b865f55b006e483a782820
c9f3414caad43e775235d2551f63a8656dae41b06f59a42925dd6bc8a32b9497
ccf7d7089c9831143e2ee046b8405cc74ca02c20668ae8ce4c725061d258fcce
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d7ef44068ddd6d6f5044ed24402560c6e7a1d2c4fcdf84e23d99eaf7bc7ddba9
da48ec01c55957cdf72d3675557fac2d81421bde443d0ea92ac46ec528b9c6fa
e0efed8d38e63c83fdf8e72c1223ed2771d92d65d76797b2048bddb094fb7dc0
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8f188be3fa88f30858ed09ca59fb7c1d5f0293aad425355438711181da9c912

cloud.benefitsapplication.com Open in urlscan Pro 2606:4700:3036::6815:190f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

50 Requests

96 %HTTPS

56 %IPv6

23 Domains

27 Subdomains

24 IPs

4 Countries

819 kBTransfer

3745 kBSize

22 Cookies

5 Outgoing links

Page URL History

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

cloud.benefitsapplication.com Open in urlscan Pro
2606:4700:3036::6815:190f Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

96 %
HTTPS

56 %
IPv6

23
Domains

27
Subdomains

24
IPs

4
Countries

819 kB
Transfer

3745 kB
Size

22
Cookies

50 HTTP transactions
1 data transactions