urlscan.io logo urlscan.io
SecurityTrails logo

cform-benefitsearchers-com.pages.dev Open in urlscan Pro
188.114.96.3  Public Scan

Go To Rescan Add Verdict Report
URL: https://cform-benefitsearchers-com.pages.dev/
Submission: On July 02 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 8 domains to perform 24 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is cform-benefitsearchers-com.pages.dev.
TLS certificate: Issued by WE1 on July 2nd 2024. Valid for: 3 months.
This is the only time cform-benefitsearchers-com.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 188.114.96.3 13335 (CLOUDFLAR...)
2 2620:1ec:bdf::45 8075 (MICROSOFT...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2600:9000:216... 16509 (AMAZON-02)
3 52.184.215.111 8075 (MICROSOFT...)
5 45.223.19.68 19551 (INCAPSULA)
2 54.209.223.249 14618 (AMAZON-AES)
1 2 13.74.129.1 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 54.192.196.209 16509 (AMAZON-02)
24 10
7    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
cform-benefitsearchers-com.pages.dev
2    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    2606:4700:10::6816:27b6 (United States)

ASN13335 (CLOUDFLARENET, US)
create.lidstatic.com
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
ip2geo.improvetool.com
1    2600:9000:2165:4e00:4:1957:6500:93a1 (United States)

ASN16509 (AMAZON-02, US)
b-js.ringba.com
3    52.184.215.111 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
j.clarity.ms
5    45.223.19.68 (United States)

ASN19551 (INCAPSULA, US)
create.leadid.com
2    54.209.223.249 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-223-249.compute-1.amazonaws.com
display.ringba.com
2    13.74.129.1 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    54.192.196.209 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-196-209.muc50.r.cloudfront.net
d2m2wsoho8qq12.cloudfront.net
Apex Domain
Subdomains		 Transfer
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 743
j.clarity.ms — Cisco Umbrella Rank: 19742
c.clarity.ms — Cisco Umbrella Rank: 1434
29 KB
7 pages.dev
cform-benefitsearchers-com.pages.dev
532 KB
5 leadid.com
create.leadid.com — Cisco Umbrella Rank: 13933
4 KB
3 ringba.com
b-js.ringba.com — Cisco Umbrella Rank: 142264
display.ringba.com — Cisco Umbrella Rank: 124582
14 KB
1 cloudfront.net
d2m2wsoho8qq12.cloudfront.net
1 bing.com
c.bing.com — Cisco Umbrella Rank: 224
766 B
1 improvetool.com
ip2geo.improvetool.com — Cisco Umbrella Rank: 316117
612 B
1 lidstatic.com
create.lidstatic.com — Cisco Umbrella Rank: 21704
39 KB
24 8
Domain Requested by
7 cform-benefitsearchers-com.pages.dev cform-benefitsearchers-com.pages.dev
5 create.leadid.com cform-benefitsearchers-com.pages.dev
3 j.clarity.ms cform-benefitsearchers-com.pages.dev
2 c.clarity.ms 1 redirects
2 display.ringba.com cform-benefitsearchers-com.pages.dev
2 www.clarity.ms cform-benefitsearchers-com.pages.dev
www.clarity.ms
1 d2m2wsoho8qq12.cloudfront.net create.lidstatic.com
1 c.bing.com 1 redirects
1 b-js.ringba.com cform-benefitsearchers-com.pages.dev
1 ip2geo.improvetool.com cform-benefitsearchers-com.pages.dev
1 create.lidstatic.com cform-benefitsearchers-com.pages.dev
24 11

This site contains links to these domains. Also see Links.

Domain
benefitsearchers.com
Subject Issuer Validity Valid
cform-benefitsearchers-com.pages.dev
WE1		 2024-07-02 -
2024-09-30		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
lidstatic.com
E1		 2024-05-25 -
2024-08-23		 3 months crt.sh
improvetool.com
E1		 2024-05-28 -
2024-08-26		 3 months crt.sh
*.ringba.com
Amazon RSA 2048 M03		 2023-11-27 -
2024-12-23		 a year crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 a year crt.sh
imperva.com
GlobalSign Atlas R3 DV TLS CA 2024 Q2		 2024-04-24 -
2024-10-21		 6 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh

This page contains 2 frames:

Primary Page: https://cform-benefitsearchers-com.pages.dev/
Frame ID: C649187B7B049B78CC76B77B59FABC09
Requests: 22 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=C48DD603-D1D5-A067-5673-BBA7F76227A1&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=606A1E16-C197-43D0-BEE9-F9ED9FA65CA4&lac=0B6352C8-91EB-58E7-A152-31291728A75C
Frame ID: 817374E063AF8C500DF68C16CC54ED97
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

BenefitSearchers

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Page Statistics

24
Requests

96 %
HTTPS

45 %
IPv6

8
Domains

11
Subdomains

10
IPs

3
Countries

617 kB
Transfer

1956 kB
Size

18
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=AB4314F69A7D44DB981E3AD4A1339D27&RedC=c.clarity.ms&MXFR=3FC3A822824567901D51BC9286456984 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=AB4314F69A7D44DB981E3AD4A1339D27&MUID=37EED096B3976B4B057BC426B29F6A6B

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
cform-benefitsearchers-com.pages.dev/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cform-benefitsearchers-com.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7be7772515e4ef78dbb93843e28c9f7e920b080bc381a54dd0bbbbffc4554376
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-ray
89cf528dbf9a4178-AMS
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 02 Jul 2024 14:28:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IziyHVuNCrTfVv9lvZJkY57h%2FRyerZTPlJMNmPipN2daCq%2FRPEkAhoFHqLNY9TxfpbwYhnNWnLIBuODrJtHkMbHlnTVbHV9VoynEwkyam6fi75dZFy3QM6gTM9VkL%2BqbZLIPhE6gtznzdvMk0X8OIMQa4QlW2I8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
index.8081f568.js
cform-benefitsearchers-com.pages.dev/assets/ 		1 MB
257 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cform-benefitsearchers-com.pages.dev/assets/index.8081f568.js
Requested by
Host: cform-benefitsearchers-com.pages.dev
URL: https://cform-benefitsearchers-com.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
059f8deb7f952b9ca920190f0cc54638b9a1e2cf1d83b8e4f3c4991b9f0361ad
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cform-benefitsearchers-com.pages.dev/
Origin
https://cform-benefitsearchers-com.pages.dev
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 14:28:28 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"58456c243eebce3f1900ca5b88e3df3f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qg8txnp6MzX%2BRWSMfVxdvnpnlkAqyqEAO3cK1gua%2FLDx114qIWORgENxie8vV1Xzw3M%2FKNRGKbueBMqN%2B2DcSPaKRRdSB5Ay3BEIUch9Fj2KHbnqfEZvZxuuV5WFuuerpw8FRqTVI5BPUL418ZSynOed31tBHU4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
89cf528e682a4178-AMS
alt-svc
h3=":443"; ma=86400
index.89111623.css
cform-benefitsearchers-com.pages.dev/assets/ 		56 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cform-benefitsearchers-com.pages.dev/assets/index.89111623.css
Requested by
Host: cform-benefitsearchers-com.pages.dev
URL: https://cform-benefitsearchers-com.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89111623c275ebb7f1800edcc4e50462f761265e9737e844a3efa13ea908e51f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cform-benefitsearchers-com.pages.dev/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 14:28:28 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5fb3c3d75e63f67f19a5e040b1755acf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=or1tWbvRzPptnmkcn%2BUfC6IPYvDKP02sOEtZfgXsQmpd2FqjxwQ4qdv12UmS1Di5U0a9nQel3Qab6PybXR5k9ubbfTbWf7xgnP%2FrpdygBenH36baT9rEqp%2B1MGVPzIiyBp0R%2FrplmE6pEgBooUalZmuwG8xffRA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
89cf528e682b4178-AMS
alt-svc
h3=":443"; ma=86400
mm28mazpk8
www.clarity.ms/tag/ 		637 B
1000 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/mm28mazpk8
Requested by
Host: cform-benefitsearchers-com.pages.dev
URL: https://cform-benefitsearchers-com.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f1d5df4344069ad345a80bb9590d75b40824ee1d303d609835d416f73b086c7f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cform-benefitsearchers-com.pages.dev/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
-1
date
Tue, 02 Jul 2024 14:28:28 GMT
x-azure-ref
20240702T142828Z-178b74c5885rw6g72xr3x1qrg800000007y000000000n1cx
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
637
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
606a1e16-c197-43d0-bee9-f9ed9fa65ca4.js
create.lidstatic.com/campaign/ 		121 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://create.lidstatic.com/campaign/606a1e16-c197-43d0-bee9-f9ed9fa65ca4.js?snippet_version=2
Requested by
Host: cform-benefitsearchers-com.pages.dev
URL: https://cform-benefitsearchers-com.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:27b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9617f186b48b4aa154f4189345b43edccfd3c2a1236ce4439c6339acf7342df0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cform-benefitsearchers-com.pages.dev/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 14:28:29 GMT
x-amz-version-id
WF24WDR45lUb2DHYRI0UWnbc_GDrsM_O
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
1SS6JRSFR130D6JA
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
c9IB+6fRD8LL2X2Bb2IGUMtpRGPJOldr8l3A1OwICi2Rjbtc2I4/N9RH9ktL9P4BE0ZRKiQy60A=
last-modified
Tue, 02 Jul 2024 10:36:32 GMT
server
cloudflare
etag
W/"d850ea89deca713fbb0ec46e03489e5f"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=1800
cf-ray
89cf528f4cf6971f-AMS
/
ip2geo.improvetool.com/ 		214 B
612 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ip2geo.improvetool.com/
Requested by
Host: cform-benefitsearchers-com.pages.dev
URL: https://cform-benefitsearchers-com.pages.dev/assets/index.8081f568.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
089d8012d052d11cd032a161d3c4fb653a24d288ad2e441fbf2963d43ee67f49

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cform-benefitsearchers-com.pages.dev/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 14:28:29 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C5lQNzuCvyhy07VaQMxkoc6NmbC8oprWD9bHRGyCF5bL2loZuH2Pz%2BEME4F6b%2Fs48hUOdUqhGNagfrhb06UG%2FtxvG6AIkj7cT%2FJWURqKHhydMYn6nRK3uhwvi5cjIB1pevIgiuChLaheylBJXepMYRLT%2F8AD"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cf-ray
89cf52903d36667f-AMS
alt-svc
h3=":443"; ma=86400
CAa2dedaf645244cc9b96f5ef86e1ca11e
b-js.ringba.com/ 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-js.ringba.com/CAa2dedaf645244cc9b96f5ef86e1ca11e
Requested by
Host: cform-benefitsearchers-com.pages.dev
URL: https://cform-benefitsearchers-com.pages.dev/assets/index.8081f568.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2165:4e00:4:1957:6500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b2170d5a4f720a78ae2c066a9f632225ffc6de796f21d95f1dcf8811702506ef

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cform-benefitsearchers-com.pages.dev/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-runtime
28.0000
date
Tue, 02 Jul 2024 14:28:28 GMT
via
1.1 6b15d1c60d9f387a4132de8eb9595b1e.cloudfront.net (CloudFront)
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-amz-cf-pop
MUC50-P6
x-powered-by
ASP.NET
access-control-max-age
300
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
public
content-length
13212
x-amz-cf-id
GI4roV0bftc8xFljhtilkaqMa9r8JobDYYZrjUkdG89y2RdFsJ_mtA==
expires
Tue, 02 Jul 2024 14:33:29 GMT
Roboto-Bold.ec685a46.ttf
cform-benefitsearchers-com.pages.dev/assets/ 		163 KB
87 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cform-benefitsearchers-com.pages.dev/assets/Roboto-Bold.ec685a46.ttf
Requested by
Host: cform-benefitsearchers-com.pages.dev
URL: https://cform-benefitsearchers-com.pages.dev/assets/index.89111623.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec685a46105296fe46c8744da4a11cf8118ba6c11271941766f7a546df6aa7c7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cform-benefitsearchers-com.pages.dev/assets/index.89111623.css
Origin
https://cform-benefitsearchers-com.pages.dev
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 14:28:28 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"f8945f378d58411db1bca70fedf03933"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DaqMczMOIlCOinF4V3U1ztHbOKl1UVRP6fhb6bfCLu7b9YIPc3pFL6HeoKjvjE46XtZyVhZPwWjPD%2B%2FWJxOfRyMPg4eXHusxXJiD2rMCvRYGSw6rCsZaYRsQFjw2ciU2TyOu%2BQg%2F%2FlSafqtrrFP0yrdeTrsdhT4%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
89cf528fe96f4178-AMS
alt-svc
h3=":443"; ma=86400
Roboto-Medium.9d0d55a3.ttf
cform-benefitsearchers-com.pages.dev/assets/ 		165 KB
88 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cform-benefitsearchers-com.pages.dev/assets/Roboto-Medium.9d0d55a3.ttf
Requested by
Host: cform-benefitsearchers-com.pages.dev
URL: https://cform-benefitsearchers-com.pages.dev/assets/index.89111623.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d0d55a303bfd13b79a87721f65185e93f235e2d77fe398b2dca67ac519915f5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cform-benefitsearchers-com.pages.dev/assets/index.89111623.css
Origin
https://cform-benefitsearchers-com.pages.dev
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 14:28:28 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"9749ddc858c4fceefb5af204e5470b7d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u%2B3D34%2Ba%2Bl4sArrB7e8w3No%2FlNnPCq%2Bn9qoQaD2j6ApZxxPAWwQ93K0MFp8hcQgWqaFcwfiQofoQaDr3M%2FtO4k6EWUHgrYHIhikr3jzxm4zKbp%2FmR93Oo1L7L3u29vfqI8wjBTxZl4CBj6bEG6eJTQ%2B6rKF0rZY%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
89cf528fe9704178-AMS
alt-svc
h3=":443"; ma=86400
Roboto-Regular.4e147ab6.ttf
cform-benefitsearchers-com.pages.dev/assets/ 		164 KB
87 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cform-benefitsearchers-com.pages.dev/assets/Roboto-Regular.4e147ab6.ttf
Requested by
Host: cform-benefitsearchers-com.pages.dev
URL: https://cform-benefitsearchers-com.pages.dev/assets/index.89111623.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e147ab64b9fdf6d89d01f6b8c3ca0b3cddc59d608a8e2218f9a2504b5c98e14
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cform-benefitsearchers-com.pages.dev/assets/index.89111623.css
Origin
https://cform-benefitsearchers-com.pages.dev
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 14:28:28 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"c409fafc6687f55d6bfa3a192e4db4a1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0G3svcSRbEamnN4tsqEdyYb5soQqJ0pvEttju7BDTjt%2B51%2BGWoHrKwl%2FBGhszIEo4cpHhYU3hbff5aQjhI%2BO09raST9LbvTN2U816tPuNiuUfRhYpVfhEM0dnBbEnWbwYmnp8ioaH21ayr5V%2F%2FYr75JtzNwJ5W4%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
89cf528fe9724178-AMS
alt-svc
h3=":443"; ma=86400
clarity.js
www.clarity.ms/s/0.7.34/ 		61 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.34/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/mm28mazpk8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fffc6ed23cfeabaaace717503bfabd907816869c8c5ff38a2127b8284e8c5988

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cform-benefitsearchers-com.pages.dev/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 14:28:28 GMT
content-encoding
br
last-modified
Thu, 23 May 2024 23:20:12 GMT
etag
W/"0x8DC7B7EE5574D78"
vary
Accept-Encoding
x-azure-ref
20240702T142828Z-178b74c5885rw6g72xr3x1qrg800000007y000000000n1e1
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
5cd5958a-001e-0079-14ad-c6d2ff000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
collect
j.clarity.ms/ 		0
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://j.clarity.ms/collect
Requested by
Host: cform-benefitsearchers-com.pages.dev
URL: https://cform-benefitsearchers-com.pages.dev/assets/index.8081f568.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.184.215.111 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/x-clarity-gzip
Referer
https://cform-benefitsearchers-com.pages.dev/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://cform-benefitsearchers-com.pages.dev
Date
Tue, 02 Jul 2024 14:28:29 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
GenerateToken
create.leadid.com/2.12.1/ 		36 B
982 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.12.1/GenerateToken?msn=1&pid=e4e4cc19-6160-445d-bc19-909ac4ea65a5&_=454196247
Requested by
Host: cform-benefitsearchers-com.pages.dev
URL: https://cform-benefitsearchers-com.pages.dev/assets/index.8081f568.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.223.19.68 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
2f9b0b1fe93663357dd758021f46f5d4241e87da06d70d73a63e5bb199329751
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://cform-benefitsearchers-com.pages.dev/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jul 2024 14:28:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
x-cdn
Imperva
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
x-iinfo
59-235109419-235109430 NNNN CT(99 86 0) RT(1719930508707 26) q(0 0 2 0) r(3 3) U24
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
gnbulk
display.ringba.com/v2/nis/ 		396 B
803 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.ringba.com/v2/nis/gnbulk
Requested by
Host: cform-benefitsearchers-com.pages.dev
URL: https://cform-benefitsearchers-com.pages.dev/assets/index.8081f568.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.223.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-223-249.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0f6e2470fd1e8cd0af53f9011843000fa1c7313791d9f84e54e0680ce98f234d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
text/plain
Referer
https://cform-benefitsearchers-com.pages.dev/
baggage
sentry-environment=BenefitSearchers,sentry-transaction=InitStep,sentry-public_key=02f8f0444380428699ef279e8620ddfe,sentry-trace_id=1ad68f38cd974608b7b587a617c1b194,sentry-sample_rate=0.1
sentry-trace
1ad68f38cd974608b7b587a617c1b194-8a7e1ce1b5d1c95c-0
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Tue, 02 Jul 2024 14:28:28 GMT
X-Runtime
0.0290
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Access-Control-Max-Age
300
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://cform-benefitsearchers-com.pages.dev
Cache-Control
no-cache
Connection
keep-alive
Content-Length
396
Expires
-1
gnbulk
display.ringba.com/v2/nis/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://display.ringba.com/v2/nis/gnbulk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.223.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-223-249.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
baggage,sentry-trace
Access-Control-Request-Method
POST
Origin
https://cform-benefitsearchers-com.pages.dev
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
baggage,sentry-trace
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
https://cform-benefitsearchers-com.pages.dev
Access-Control-Max-Age
300
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Date
Tue, 02 Jul 2024 14:28:29 GMT
Expires
-1
Pragma
no-cache
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=AB4314F69A7D44DB981E3AD4A1339D27&RedC=c.clarity.ms&MXFR=3FC3A822824567901D51BC9286456984
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=AB4314F69A7D44DB981E3AD4A1339D27&MUID=37EED096B3976B4B057BC426B29F6A6B
42 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=AB4314F69A7D44DB981E3AD4A1339D27&MUID=37EED096B3976B4B057BC426B29F6A6B
Protocol
H2
Server
13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://cform-benefitsearchers-com.pages.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jul 2024 14:28:29 GMT
last-modified
Tue, 25 Jun 2024 19:30:12 GMT
server
Microsoft-IIS/10.0
etag
"7473f1936c7da1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 02 Jul 2024 14:28:29 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: AB70B8A8FB8D4D8BA98C8803EBC3BB9C Ref B: AMS04EDGE3108 Ref C: 2024-07-02T14:28:29Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=AB4314F69A7D44DB981E3AD4A1339D27&MUID=37EED096B3976B4B057BC426B29F6A6B
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
favicon-32x32.png
cform-benefitsearchers-com.pages.dev/benefitcheckers/ 		590 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cform-benefitsearchers-com.pages.dev/benefitcheckers/favicon-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f77b0f0f8d3c1ba62a00dd202f3c878eb643ec3c6033cdebee1e8b32e422620b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cform-benefitsearchers-com.pages.dev/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 14:28:29 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"f3c6695f580df6aae593dcdbe1f1a4f2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JHnkyTq%2BUCWQ1QRmDbslE7F1bF2oocNUEplKpjvAotQ0z5t%2B5fcIJQshjwyBctQqgtFKmbwSTYVsc5PdL%2BqznlX95Rf42zZekk%2FXdfZsjD8RoXT3e%2BbZujo7S5J4fyPLcoqw%2BXYIbCkGfRGsRVLkAL4IkvpSipg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
89cf5292dbc24178-AMS
alt-svc
h3=":443"; ma=86400
content-length
590
iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame 8173 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=C48DD603-D1D5-A067-5673-BBA7F76227A1&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=606A1E16-C197-43D0-BEE9-F9ED9FA65CA4&lac=0B6352C8-91EB-58E7-A152-31291728A75C
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/606a1e16-c197-43d0-bee9-f9ed9fa65ca4.js?snippet_version=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.196.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-196-209.muc50.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://cform-benefitsearchers-com.pages.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Headers
*
Access-Control-Allow-Origin
*
Age
28994
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Tue, 02 Jul 2024 06:25:23 GMT
Etag
W/"65a0715c-dbb"
Last-Modified
Thu, 11 Jan 2024 22:53:16 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Via
1.1 0ef755569b0bb31a32a90b7cdddb6f18.cloudfront.net (CloudFront)
X-Amz-Cf-Id
QgkgndcNWKG_GcisYk6gUz4bywsrVZgR50u2LVKcnxG9zGIY9pmHJw==
X-Amz-Cf-Pop
MUC50-P6
X-Cache
Hit from cloudfront
SaveDom
create.leadid.com/2.12.1/ 		0
736 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.12.1/SaveDom?msn=2&pid=e4e4cc19-6160-445d-bc19-909ac4ea65a5&token=C48DD603-D1D5-A067-5673-BBA7F76227A1&_=454196248
Requested by
Host: cform-benefitsearchers-com.pages.dev
URL: https://cform-benefitsearchers-com.pages.dev/assets/index.8081f568.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.223.19.68 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://cform-benefitsearchers-com.pages.dev/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jul 2024 14:28:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
x-cdn
Imperva
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
x-iinfo
59-235109419-235109524 NNNN CT(110 137 0) RT(1719930508707 395) q(0 0 2 7) r(4 4) U24
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
InitFormData
create.leadid.com/2.12.1/ 		0
732 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.12.1/InitFormData?msn=3&pid=e4e4cc19-6160-445d-bc19-909ac4ea65a5&token=C48DD603-D1D5-A067-5673-BBA7F76227A1&_=454196249
Requested by
Host: cform-benefitsearchers-com.pages.dev
URL: https://cform-benefitsearchers-com.pages.dev/assets/index.8081f568.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.223.19.68 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://cform-benefitsearchers-com.pages.dev/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jul 2024 14:28:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
x-cdn
Imperva
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
x-iinfo
59-235109419-235109526 NNNY CT(87 86 0) RT(1719930508707 403) q(0 0 0 4) r(0 1) U24
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
Snap
create.leadid.com/2.12.1/ 		0
723 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.12.1/Snap?msn=4&pid=e4e4cc19-6160-445d-bc19-909ac4ea65a5&token=C48DD603-D1D5-A067-5673-BBA7F76227A1&_=454196250
Requested by
Host: cform-benefitsearchers-com.pages.dev
URL: https://cform-benefitsearchers-com.pages.dev/assets/index.8081f568.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.223.19.68 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://cform-benefitsearchers-com.pages.dev/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jul 2024 14:28:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
x-cdn
Imperva
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
x-iinfo
59-235109419-235109430 PNNN RT(1719930508707 656) q(0 0 0 3) r(6 6) U24
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
collect
j.clarity.ms/ 		0
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://j.clarity.ms/collect
Requested by
Host: cform-benefitsearchers-com.pages.dev
URL: https://cform-benefitsearchers-com.pages.dev/assets/index.8081f568.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.184.215.111 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/x-clarity-gzip
Referer
https://cform-benefitsearchers-com.pages.dev/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://cform-benefitsearchers-com.pages.dev
Date
Tue, 02 Jul 2024 14:28:30 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
Snap
create.leadid.com/2.12.1/ 		0
747 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.12.1/Snap?msn=5&pid=e4e4cc19-6160-445d-bc19-909ac4ea65a5&token=C48DD603-D1D5-A067-5673-BBA7F76227A1&_=454196251
Requested by
Host: cform-benefitsearchers-com.pages.dev
URL: https://cform-benefitsearchers-com.pages.dev/assets/index.8081f568.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.223.19.68 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://cform-benefitsearchers-com.pages.dev/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jul 2024 14:28:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
x-cdn
Imperva
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
x-iinfo
59-235109419-235109526 PNNy RT(1719930508707 1116) q(0 0 0 0) r(1 1) U24
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
collect
j.clarity.ms/ 		0
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://j.clarity.ms/collect
Requested by
Host: cform-benefitsearchers-com.pages.dev
URL: https://cform-benefitsearchers-com.pages.dev/assets/index.8081f568.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.184.215.111 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/x-clarity-gzip
Referer
https://cform-benefitsearchers-com.pages.dev/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://cform-benefitsearchers-com.pages.dev
Date
Tue, 02 Jul 2024 14:28:32 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage function| clarity object| __vueuse_ssr_handlers__ function| Cleave object| __SENTRY__ boolean| __VUE__ object| LeadiDconfig object| LeadiD object| ringba_known_numbers object| _rgba object| ringba object| _rgba_tags string| label string| id boolean| sensitiveData object| defaultStyleFrame

18 Cookies

Domain/Path Name / Value
www.clarity.ms/ Name: CLID
Value: 523ecf6e549a4f9ab5c3fd7f844ff5eb.20240702.20250702
.cform-benefitsearchers-com.pages.dev/ Name: _clck
Value: 1druykm%7C2%7Cfn4%7C0%7C1644
.bing.com/ Name: MUID
Value: 37EED096B3976B4B057BC426B29F6A6B
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 37EED096B3976B4B057BC426B29F6A6B
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 37EED096B3976B4B057BC426B29F6A6B
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
cform-benefitsearchers-com.pages.dev/ Name: leadid_token-0B6352C8-91EB-58E7-A152-31291728A75C-606A1E16-C197-43D0-BEE9-F9ED9FA65CA4
Value: C48DD603-D1D5-A067-5673-BBA7F76227A1
.cform-benefitsearchers-com.pages.dev/ Name: _clsk
Value: 1sd2g7w%7C1719930509763%7C1%7C1%7Cj.clarity.ms%2Fcollect
.trueleadid.com/ Name: nlbi_3051494
Value: G3nNdbmEunczIqsmC30iGwAAAABN4b1+BDvfryVXmWhAtOFH
.trueleadid.com/ Name: visid_incap_3051494
Value: xl9jAhlMRNOSeBkE/DyOfI0OhGYAAAAAQUIPAAAAAACqKOEaP9zCZie0m0k9OH94
.trueleadid.com/ Name: incap_ses_1688_3051494
Value: 7NqNTW9rUhaV4t9oIftsF40OhGYAAAAAP5zJCZTM/vgcbs15GZ9O5A==
.deviceid.trueleadid.com/ Name: uuid
Value: bc6d1a0f4bfe4f549d996651dfa8fc27
.leadid.com/ Name: visid_incap_3079785
Value: ffNdoAlSR12OUr9K/GDwi40OhGYAAAAAQUIPAAAAAAA3B3yyG9ITr3OXd5VCMNtZ
.leadid.com/ Name: nlbi_3079785
Value: gj3mcE4mjH04A6vsoCxIyQAAAAAUrSLZOQQJg7fc4evQ2wFQ
.leadid.com/ Name: incap_ses_1688_3079785
Value: hYjIB628SD6y5N9oIftsF40OhGYAAAAAKokdTycLjbBXjl57T5oBWA==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b-js.ringba.com
c.bing.com
c.clarity.ms
cform-benefitsearchers-com.pages.dev
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
display.ringba.com
ip2geo.improvetool.com
j.clarity.ms
www.clarity.ms
13.74.129.1
188.114.96.3
2600:9000:2165:4e00:4:1957:6500:93a1
2606:4700:10::6816:27b6
2620:1ec:bdf::45
2620:1ec:c11::237
2a06:98c1:3121::3
45.223.19.68
52.184.215.111
54.192.196.209
54.209.223.249
059f8deb7f952b9ca920190f0cc54638b9a1e2cf1d83b8e4f3c4991b9f0361ad
089d8012d052d11cd032a161d3c4fb653a24d288ad2e441fbf2963d43ee67f49
0f6e2470fd1e8cd0af53f9011843000fa1c7313791d9f84e54e0680ce98f234d
2f9b0b1fe93663357dd758021f46f5d4241e87da06d70d73a63e5bb199329751
4e147ab64b9fdf6d89d01f6b8c3ca0b3cddc59d608a8e2218f9a2504b5c98e14
7be7772515e4ef78dbb93843e28c9f7e920b080bc381a54dd0bbbbffc4554376
89111623c275ebb7f1800edcc4e50462f761265e9737e844a3efa13ea908e51f
9617f186b48b4aa154f4189345b43edccfd3c2a1236ce4439c6339acf7342df0
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9d0d55a303bfd13b79a87721f65185e93f235e2d77fe398b2dca67ac519915f5
b2170d5a4f720a78ae2c066a9f632225ffc6de796f21d95f1dcf8811702506ef
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec685a46105296fe46c8744da4a11cf8118ba6c11271941766f7a546df6aa7c7
f1d5df4344069ad345a80bb9590d75b40824ee1d303d609835d416f73b086c7f
f77b0f0f8d3c1ba62a00dd202f3c878eb643ec3c6033cdebee1e8b32e422620b
fffc6ed23cfeabaaace717503bfabd907816869c8c5ff38a2127b8284e8c5988