www.medicare-providers.net Open in urlscan Pro
69.20.112.197 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_me...
Effective URL:
https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_me...
Submission: On December 23 via manual (December 23rd 2020, 8:20:03 pm UTC) from US

Summary HTTP 66 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 23 IPs in 4 countries across 20 domains to perform 66 HTTP transactions. The main IP is 69.20.112.197, located in San Antonio, United States and belongs to RACKSPACE, US. The main domain is www.medicare-providers.net.
TLS certificate: Issued by Entrust Certification Authority - L1K on July 14th 2020. Valid for: a year.

This is the only time www.medicare-providers.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	69.20.112.197 69.20.112.197	27357 (RACKSPACE) (RACKSPACE)
6	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE)
1	216.58.210.2 216.58.210.2	15169 (GOOGLE) (GOOGLE)
1	13.32.240.122 13.32.240.122	16509 (AMAZON-02) (AMAZON-02)
2	34.239.201.54 34.239.201.54	14618 (AMAZON-AES) (AMAZON-AES)
1	69.20.94.14 69.20.94.14	27357 (RACKSPACE) (RACKSPACE)
3	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
2	65.9.96.128 65.9.96.128	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:81e::2003	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:824::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:27b6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	44.238.151.153 44.238.151.153	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:824::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	18.134.109.232 18.134.109.232	16509 (AMAZON-02) (AMAZON-02)
2	52.71.17.67 52.71.17.67	14618 (AMAZON-AES) (AMAZON-AES)
5	54.173.215.17 54.173.215.17	14618 (AMAZON-AES) (AMAZON-AES)
1	52.222.136.202 52.222.136.202	16509 (AMAZON-02) (AMAZON-02)
2	52.1.202.139 52.1.202.139	14618 (AMAZON-AES) (AMAZON-AES)
66	23

20 69.20.112.197 (San Antonio, United States)

ASN27357 (RACKSPACE, US)
PTR: www.medicare-providers.net

www.medicare-providers.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.210.2 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.240.122 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-240-122.ams50.r.cloudfront.net

js.alocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.239.201.54 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-201-54.compute-1.amazonaws.com

js7.invoca.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
json7.ringrevenue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.20.94.14 (San Antonio, United States)

ASN27357 (RACKSPACE, US)
PTR: secure.apolloi.com

secure.apolloi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.96.128 (Seattle, United States)

ASN16509 (AMAZON-02, US)

api.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:27b6 (United States)

ASN13335 (CLOUDFLARENET, US)

create.lidstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.238.151.153 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-151-153.us-west-2.compute.amazonaws.com

p.alocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.134.109.232 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-134-109-232.eu-west-2.compute.amazonaws.com

script.anura.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.71.17.67 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-17-67.compute-1.amazonaws.com

trc.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.173.215.17 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-173-215-17.compute-1.amazonaws.com

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.136.202 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-136-202.ams50.r.cloudfront.net

d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.1.202.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-202-139.compute-1.amazonaws.com

psp.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	medicare-providers.net www.medicare-providers.net	475 KB
6	pushnami.com api.pushnami.com trc.pushnami.com psp.pushnami.com	61 KB
6	googleapis.com fonts.googleapis.com	4 KB
5	leadid.com create.leadid.com	1 KB
3	anura.io script.anura.io	46 KB
3	gstatic.com fonts.gstatic.com	27 KB
3	google-analytics.com www.google-analytics.com	54 KB
3	alocdn.com 1 redirects js.alocdn.com p.alocdn.com	2 KB
2	facebook.com www.facebook.com	523 B
2	google.de www.google.de	1 KB
2	google.com www.google.com	608 B
2	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	2 KB
2	facebook.net connect.facebook.net	94 KB
2	bing.com bat.bing.com	9 KB
1	cloudfront.net d2m2wsoho8qq12.cloudfront.net
1	ringrevenue.com json7.ringrevenue.com	867 B
1	lidstatic.com create.lidstatic.com	39 KB
1	apolloi.com secure.apolloi.com
1	invoca.net js7.invoca.net	12 KB
1	googleadservices.com www.googleadservices.com	12 KB
66	20

	Domain	Requested by
20	www.medicare-providers.net	www.medicare-providers.net
6	fonts.googleapis.com	www.medicare-providers.net
5	create.leadid.com	create.lidstatic.com
3	script.anura.io	www.medicare-providers.net script.anura.io
3	fonts.gstatic.com	fonts.googleapis.com
3	www.google-analytics.com	www.medicare-providers.net www.google-analytics.com
2	psp.pushnami.com	api.pushnami.com
2	trc.pushnami.com	api.pushnami.com
2	www.facebook.com	www.medicare-providers.net
2	www.google.de	www.medicare-providers.net
2	www.google.com	www.medicare-providers.net
2	p.alocdn.com	1 redirects www.medicare-providers.net
2	connect.facebook.net	www.medicare-providers.net connect.facebook.net
2	bat.bing.com	www.medicare-providers.net
2	api.pushnami.com	www.medicare-providers.net api.pushnami.com
1	d2m2wsoho8qq12.cloudfront.net	create.lidstatic.com
1	json7.ringrevenue.com	js7.invoca.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	create.lidstatic.com	www.medicare-providers.net
1	googleads.g.doubleclick.net	www.googleadservices.com
1	secure.apolloi.com	www.medicare-providers.net
1	js7.invoca.net	www.medicare-providers.net
1	js.alocdn.com	www.medicare-providers.net
1	www.googleadservices.com	www.medicare-providers.net
66	24

This site contains links to these domains. Also see Links.

Domain
www.hhs.gov
www.medicare.gov
www.cms.gov

Subject Issuer	Validity	Valid
www.medicare-providers.net Entrust Certification Authority - L1K	`2020-07-14` - `2021-08-13`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.alocdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-03-11` - `2021-03-11`	a year	crt.sh
invoca.net Amazon	`2020-01-21` - `2021-02-21`	a year	crt.sh
secure.apolloi.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2020-12-14` - `2021-12-14`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.pushnami.com Amazon	`2020-05-16` - `2021-06-16`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2020-10-27` - `2021-04-27`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-11-02` - `2021-01-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
lidstatic.com Cloudflare Inc ECC CA-3	`2020-05-31` - `2021-05-31`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
script.anura.io Amazon	`2020-09-09` - `2021-10-09`	a year	crt.sh
ringrevenue.com Amazon	`2020-01-28` - `2021-02-28`	a year	crt.sh
create.leadid.com Amazon	`2020-05-22` - `2021-06-22`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
Frame ID: A6688BB52C3149DFFDDAEFBD8CA055D1
Requests: 62 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=7C16CF33-63D8-DA5E-8364-C50FB0A5E10F&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.7.0&lck=81C0E214-F497-A92B-AD7F-7276E94695AB&lac=478B1969-F034-6785-243D-D2DE64FC7F68
Frame ID: 87723C01F221D81922E2B9011992E95D
Requests: 1 HTTP requests in this frame

Frame: https://api.pushnami.com/scripts/v1/hub
Frame ID: F0D377AEB00DED43A72148102AC4F1BB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

66
Requests

100 %
HTTPS

48 %
IPv6

20
Domains

24
Subdomains

23
IPs

4
Countries

840 kB
Transfer

2195 kB
Size

13
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.hhs.gov/sites/default/files/AmericanPatientsFirst.pdf
Title: here

Search URL Search Domain Scan URL

URL: http://www.medicare.gov/
Title: Medicare.gov

Search URL Search Domain Scan URL

URL: http://www.cms.gov/
Title: CMS.gov

Search URL Search Domain Scan URL

URL: http://www.cms.gov/medicare-coverage-database/
Title: MCD.gov

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://p.alocdn.com/c/99r6lv79/a/etarget/p.gif?label=162262475&title=Find%20Plans%20%7C%20Medicare%20Providers&url=https%3A%2F%2Fwww.medicare-providers.net%2Fplans%2Ftrumpcaremedicare%2F%3FReferrer%3DB2D2%26Subreferrer%3D704700%26Subid%3D206910899%26utm_source%3Db2d2%26utm_medium%3DDisplay%26utm_content%3DTrumpmedicare%26utm_campaign%3D1%23FXDDW_VYTB9_28KMH HTTP 302
https://p.alocdn.com/c/99r6lv79/a/etarget/p.gif?label=162262475&title=Find%20Plans%20%7C%20Medicare%20Providers&url=https%3A%2F%2Fwww.medicare-providers.net%2Fplans%2Ftrumpcaremedicare%2F%3FReferrer%3DB2D2%26Subreferrer%3D704700%26Subid%3D206910899%26utm_source%3Db2d2%26utm_medium%3DDisplay%26utm_content%3DTrumpmedicare%26utm_campaign%3D1%23FXDDW_VYTB9_28KMH&tdc=1

66 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
www.medicare-providers.net/plans/trumpcaremedicare/ 49 KB
13 KB 665ms
403ms Document
text/html 69.20.112.197
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.112.197 San Antonio, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

c01132a403b88ca20c568fa0f9d2128d1bb7537532f887489b41dd3a756a1526

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Host: www.medicare-providers.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=54a98a67b1c7a82b0c1bfd081f4c6a80; path=/; HttpOnly XSRF-TOKEN=eyJpdiI6Ik9jalhwaUpOR0s5TEdaa3o1QTlIbkE9PSIsInZhbHVlIjoiRG55ek9hSzhwTGpNamloS0RHc2lIbnFXZHppSjk1QkZEN1NMY05vRkgrNzh3bEhkRlwvUVRlWlRzZklDK1oyd3lkZTB0NkhwK1YrUjhyOHVoRGtLMzBBPT0iLCJtYWMiOiIwZDJkYzUzYTVkNDg1YWMxZGVlZDJkM2EwYWFhMGFhMTg5ZDcwNTYwZjBmMDliNWE3MjBkNDcxNDM4NWQ1NzI0In0%3D; expires=Wed, 23-Dec-2020 22:19:42 GMT; Max-Age=7200; path=/ laravel_session=eyJpdiI6IlNZNGF2U081NlwvTHRyTzBaWEVBb2l3PT0iLCJ2YWx1ZSI6IlJQd3NOd1ppQWZCZFkrZVZDOEUwSmx1VjNnTlFNdVdFOU5Ldk9BVG5RZmdBUWpjajQzVmFnT3RWR0RcL0dYZ2ZRQVRVVTB4alRtb0djazhzRDFMcnJRQT09IiwibWFjIjoiZDlmN2JmYzg4N2ZjNDQ5Mjk3OTlmODkyODhiMThhZmQ3YjIyNjUyY2ZiYTA5YjI3ZWQ0MTkyYWU5YmE5OGZhYyJ9; expires=Wed, 23-Dec-2020 22:19:42 GMT; Max-Age=7200; path=/; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate no-cache
Pragma: no-cache
Date: Wed, 23 Dec 2020 20:19:42 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK fontawesome.min.css
www.medicare-providers.net/common_scripts/leadgen/fonts/fontawesome/ 34 KB
9 KB 110ms
109ms Stylesheet
text/css 69.20.112.197
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.medicare-providers.net/common_scripts/leadgen/fonts/fontawesome/fontawesome.min.css

Requested by

Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.112.197 San Antonio, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

889e5b0e0831a15afbf0a7afe2916c25500b2fa6abb5f62727b0c245415a5f12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Dec 2020 20:19:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 11 Dec 2019 16:48:23 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"5df11dd7-870a"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Cache-Control: max-age=900, public, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Wed, 23 Dec 2020 20:34:43 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
636 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c68d781eeb01bd19249e5301c2e13974cf71f00e32efe05c043b14142c0d2a00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 23 Dec 2020 18:48:18 GMT
server: ESF
date: Wed, 23 Dec 2020 20:19:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Dec 2020 20:19:43 GMT

GET
H/1.1 200
OK mp.css
www.medicare-providers.net/common_scripts/leadgen/laravel/css/ 404 KB
77 KB 227ms
115ms Stylesheet
text/css 69.20.112.197
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.medicare-providers.net/common_scripts/leadgen/laravel/css/mp.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.112.197 San Antonio, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

ed2ee739fa9e5c4c6039a4371b9730ee08cef89758236aaa18b03aa71839f612

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Dec 2020 20:19:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 22 Dec 2020 21:34:35 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"5fe2666b-6501c"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Cache-Control: max-age=900, public, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Wed, 23 Dec 2020 20:34:43 GMT

GET
H/1.1 200
OK mp.js Show response
www.medicare-providers.net/common_scripts/leadgen/laravel/js/ 498 KB
165 KB 349ms
130ms Script
application/javascript 69.20.112.197
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.medicare-providers.net/common_scripts/leadgen/laravel/js/mp.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.112.197 San Antonio, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

a69a839d977f844352cef80e578d44c8a405e1e3aef0444e1b074c80c711178b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Dec 2020 20:19:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 22 Dec 2020 21:34:35 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"5fe2666b-7c962"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=900, public, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Wed, 23 Dec 2020 20:34:43 GMT

GET
H/1.1 200
OK logo.png
www.medicare-providers.net/images/ 3 KB
3 KB 112ms
109ms Image
image/png 69.20.112.197
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.medicare-providers.net/images/logo.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.112.197 San Antonio, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

2b2d857fc5c80a20d6e07a2d98b8e002c9753662955a8ebac6967e46518702ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Dec 2020 20:19:43 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 31 Jul 2018 21:30:37 GMT
Server: nginx
ETag: "5b60d4fd-bdb"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: image/png
Cache-Control: max-age=900, public, no-cache, must-revalidate
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 3035
Expires: Wed, 23 Dec 2020 20:34:43 GMT

GET
H/1.1 200
OK btn-chevron.png
www.medicare-providers.net/images/medicarealert/ 19 KB
20 KB 110ms
107ms Image
image/png 69.20.112.197
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.medicare-providers.net/images/medicarealert/btn-chevron.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.112.197 San Antonio, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

304d56b837c5d9bcdae32502bd0e3cf7716b3f706f08ed8dc51d6ba13cb33b00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Dec 2020 20:19:43 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 28 Jul 2017 18:09:26 GMT
Server: nginx
ETag: "597b7dd6-4cef"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: image/png
Cache-Control: max-age=900, public, no-cache, must-revalidate
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 19695
Expires: Wed, 23 Dec 2020 20:34:43 GMT

GET
H/1.1 200
OK stock-1.jpg
www.medicare-providers.net/images/31421/ 27 KB
28 KB 129ms
126ms Image
image/jpeg 69.20.112.197
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.medicare-providers.net/images/31421/stock-1.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.112.197 San Antonio, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

78549c0eb6095bbdc03a3ee91b61662e7efc30db63e4bf8bd411787685d36572

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Dec 2020 20:19:43 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 20 Nov 2017 18:59:19 GMT
Server: nginx
ETag: "5a132607-6cda"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: image/jpeg
Cache-Control: max-age=900, public, no-cache, must-revalidate
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 27866
Expires: Wed, 23 Dec 2020 20:34:43 GMT

GET
H/1.1 200
OK stock-2.jpg
www.medicare-providers.net/images/31421/ 30 KB
31 KB 220ms
108ms Image
image/jpeg 69.20.112.197
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.medicare-providers.net/images/31421/stock-2.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.112.197 San Antonio, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

a1820c8c0119b36e17d2e52afd9b56f3638d335c0f0dafe7d2f5d0abba533625

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Dec 2020 20:19:43 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 20 Nov 2017 18:59:19 GMT
Server: nginx
ETag: "5a132607-79cd"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: image/jpeg
Cache-Control: max-age=900, public, no-cache, must-revalidate
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 31181
Expires: Wed, 23 Dec 2020 20:34:43 GMT

GET
H/1.1 200
OK stock-3.jpg
www.medicare-providers.net/images/31421/ 43 KB
43 KB 223ms
111ms Image
image/jpeg 69.20.112.197
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.medicare-providers.net/images/31421/stock-3.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.112.197 San Antonio, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

df6e6c1253a4d12ec60534bf851d89a74c2feef171d1769bc20d66cf99c9b22d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Dec 2020 20:19:43 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 20 Nov 2017 18:59:19 GMT
Server: nginx
ETag: "5a132607-aab2"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: image/jpeg
Cache-Control: max-age=900, public, no-cache, must-revalidate
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 43698
Expires: Wed, 23 Dec 2020 20:34:43 GMT

GET
H/1.1 200
OK logo.png
www.medicare-providers.net/images/31421/ 3 KB
3 KB 325ms
193ms Image
image/png 69.20.112.197
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.medicare-providers.net/images/31421/logo.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.112.197 San Antonio, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

bee9c302260c287106b2bfa7b08e94d40d785541153c1e0808ec01c372b4c319

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Dec 2020 20:19:43 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 20 Nov 2017 18:59:19 GMT
Server: nginx
ETag: "5a132607-a21"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: image/png
Cache-Control: max-age=900, public, no-cache, must-revalidate
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 2593
Expires: Wed, 23 Dec 2020 20:34:43 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 30 KB
12 KB 159ms
58ms Script
text/javascript 216.58.210.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

09494b789c55d639e0aabeffc59433963f0e8e766baba0fea88eae8a63c40ccd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Dec 2020 20:19:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11865
x-xss-protection: 0
server: cafe
etag: 18432201170715473949
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 23 Dec 2020 20:19:43 GMT

GET
H2 200 99r6lv79.js Show response
js.alocdn.com/c/ 1 KB
1 KB 110ms
34ms Script
application/javascript 13.32.240.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.alocdn.com/c/99r6lv79.js
Requested by: Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.240.122 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-240-122.ams50.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: bd9fb046f5c5555a10b554af3fd2d7fd26d4f0efaaef5f0d034d3fbf0db5b853

Request headers

Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Dec 2020 15:45:19 GMT
via: 1.1 b2bc712713f500af8be071fa65fa924d.cloudfront.net (CloudFront)
server: nginx/1.16.1
age: 16464
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=28800
x-amz-cf-pop: AMS50-C1
x-amz-cf-id: RqhSa9mFwsf4HRUloss1we6vP9Ryxy6_RuCFfewgtQ-wlJ-AFqU16w==

GET
H2 200 integration.js Show response
js7.invoca.net/7/ 28 KB
12 KB 362ms
114ms Script
application/javascript 34.239.201.54
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://js7.invoca.net/7/integration.js
Requested by: Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.201.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-201-54.compute-1.amazonaws.com
Software: nginx/1.17.8 /
Resource Hash: 76682765765202442439cb73fefdfdaf34cf341dce9202375813faa29477d837

Request headers

Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Dec 2020 20:19:43 GMT
content-encoding: gzip
last-modified: Tue, 22 Dec 2020 23:32:32 GMT
server: nginx/1.17.8
content-type: application/javascript

GET
H/1.1 200
OK visit.php Show response
secure.apolloi.com/leadgen/pxl/ 0
0 352ms
111ms Script
text/html 69.20.94.14
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.apolloi.com/leadgen/pxl/visit.php?visit_id=162262475
Requested by: Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 69.20.94.14 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS: secure.apolloi.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 css
fonts.googleapis.com/ 2 KB
648 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Slab

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4c6cf80c740a9177f610b1f6c7b148317e456c5a3b8733019b7df7c423214cc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 23 Dec 2020 18:42:05 GMT
server: ESF
date: Wed, 23 Dec 2020 20:19:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Dec 2020 20:19:43 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
764 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,900

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d67ca5d28f1dd6fc58ae8f8ab79b70755b30a52eb04572a6df8e50869ff748e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 23 Dec 2020 20:19:43 GMT
server: ESF
date: Wed, 23 Dec 2020 20:19:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Dec 2020 20:19:43 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
644 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:400,700,900

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a13dd8fe620cd232cfa72df8cc10cd8bec9eb6f98a366c8fed0430596bd3418a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 23 Dec 2020 20:17:58 GMT
server: ESF
date: Wed, 23 Dec 2020 20:19:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Dec 2020 20:19:43 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
479 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oxygen:300,400,700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

846c368e0ddf8a012965eb146041936ec86aaa04e652c7eed20a1c3117d75509

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 23 Dec 2020 20:19:43 GMT
server: ESF
date: Wed, 23 Dec 2020 20:19:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Dec 2020 20:19:43 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
600 B 25ms
25ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3fc6cf05f3910ead58e414f122581283b5dbd969596c39fcae4f6b442da1ab1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 23 Dec 2020 19:37:38 GMT
server: ESF
date: Wed, 23 Dec 2020 20:19:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Dec 2020 20:19:43 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 5376
date: Wed, 23 Dec 2020 18:50:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Wed, 23 Dec 2020 20:50:07 GMT

GET
H2 200 593ad82461c3a6d644c6428c Show response
api.pushnami.com/scripts/v1/pushnami-adv/ 242 KB
61 KB 403ms
312ms Script
application/javascript 65.9.96.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pushnami.com/scripts/v1/pushnami-adv/593ad82461c3a6d644c6428c
Requested by: Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.96.128 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 76409acbecc08cf121fcc62d458377d61e0a41025b2dbfdd52badfa288d0c140

Request headers

Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Dec 2020 20:19:43 GMT
via: 1.1 2a5c925255bb252ff0ed65977311f74f.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: no-cache
content-encoding: gzip
x-amz-cf-id: KXgy1wHTU1FZlxpQkHpgXE2Zm5GVqkkwJDIZF7_OmpEQpZX27RaUQg==

GET
H/1.1 200
OK bg-stripe.png
www.medicare-providers.net/images/31421/ 107 B
590 B 211ms
106ms Image
image/png 69.20.112.197
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.medicare-providers.net/images/31421/bg-stripe.png

Requested by

Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/common_scripts/leadgen/laravel/css/mp.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.112.197 San Antonio, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

fce9a6f2f7ea34cf08c5bb2847357f438d9106922abeefa20ab7c344cd493372

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.medicare-providers.net/common_scripts/leadgen/laravel/css/mp.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Dec 2020 20:19:43 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 18 Sep 2017 19:15:06 GMT
Server: nginx
ETag: "59c01b3a-6b"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: image/png
Cache-Control: max-age=900, public, no-cache, must-revalidate
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 107
Expires: Wed, 23 Dec 2020 20:34:43 GMT

GET
H/1.1 200
OK hero.jpg
www.medicare-providers.net/images/31421/ 74 KB
75 KB 229ms
125ms Image
image/jpeg 69.20.112.197
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.medicare-providers.net/images/31421/hero.jpg

Requested by

Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/common_scripts/leadgen/laravel/css/mp.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.112.197 San Antonio, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

4745bfb123d90c3944b1af19732e3c7d74880f98379caa9ec776d603588659b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.medicare-providers.net/common_scripts/leadgen/laravel/css/mp.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Dec 2020 20:19:43 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 20 Nov 2017 18:59:19 GMT
Server: nginx
ETag: "5a132607-1291a"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: image/jpeg
Cache-Control: max-age=900, public, no-cache, must-revalidate
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 76058
Expires: Wed, 23 Dec 2020 20:34:43 GMT

GET
H/1.1 200
OK icon-phone.png
www.medicare-providers.net/images/31421/ 2 KB
3 KB 196ms
106ms Image
image/png 69.20.112.197
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.medicare-providers.net/images/31421/icon-phone.png

Requested by

Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/common_scripts/leadgen/laravel/css/mp.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.112.197 San Antonio, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

fc7fab33a384c604e1e892730d4272f7c4ad6a82eaabb818da857e40eb56e071

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.medicare-providers.net/common_scripts/leadgen/laravel/css/mp.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Dec 2020 20:19:43 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 18 Sep 2017 20:04:23 GMT
Server: nginx
ETag: "59c026c7-85a"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: image/png
Cache-Control: max-age=900, public, no-cache, must-revalidate
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 2138
Expires: Wed, 23 Dec 2020 20:34:43 GMT

GET
H/1.1 200
OK icon-check.png
www.medicare-providers.net/images/31421/ 531 B
1015 B 184ms
106ms Image
image/png 69.20.112.197
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.medicare-providers.net/images/31421/icon-check.png

Requested by

Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/common_scripts/leadgen/laravel/css/mp.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.112.197 San Antonio, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

57991fd35887bc08a67879ec52d707c684c0e0288e7a323970b568802affc42f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.medicare-providers.net/common_scripts/leadgen/laravel/css/mp.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Dec 2020 20:19:43 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 18 Sep 2017 20:04:23 GMT
Server: nginx
ETag: "59c026c7-213"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: image/png
Cache-Control: max-age=900, public, no-cache, must-revalidate
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 531
Expires: Wed, 23 Dec 2020 20:34:43 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.medicare-providers.net
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,900
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Dec 2020 16:31:05 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 445718
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Sat, 18 Dec 2021 16:31:05 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.medicare-providers.net
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,900
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Dec 2020 11:36:52 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:27 GMT
server: sffe
age: 463371
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9080
x-xss-protection: 0
expires: Sat, 18 Dec 2021 11:36:52 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.medicare-providers.net
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,900
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 21:30:53 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:49 GMT
server: sffe
age: 514130
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9180
x-xss-protection: 0
expires: Fri, 17 Dec 2021 21:30:53 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 27 KB
9 KB 33ms
31ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515

Request headers

Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Dec 2020 20:19:42 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 22:19:32 GMT
x-msedge-ref: Ref A: 43F2D9F46B47431AA218953B15AAE4C4 Ref B: FRAEDGE1215 Ref C: 2020-12-23T20:19:43Z
etag: "0b27f152fa7d61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8454

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 90 KB
24 KB 20ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

abdf01dbab06efbec289cf85e83f8ec3618f996ab6803e9f9437db14bc5cbf53

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23470
x-fb-rlafr: 0
pragma: public
x-fb-debug: DIC0JMA4Z4UC6geiP1cwygr0N4uWwj8oUhN7oOpXE17F5VP+ALr9G1m8SuUJSRjHVqK2SthGHTWd8rgGgaz/qg==
x-fb-trip-id: 436667874
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 23 Dec 2020 20:19:43 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/979637013/ 2 KB
2 KB 37ms
18ms Script
text/javascript 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/979637013/?random=1608754783687&cv=9&fst=1608754783687&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.medicare-providers.net%2Fplans%2Ftrumpcaremedicare%2F%3FReferrer%3DB2D2%26Subreferrer%3D704700%26Subid%3D206910899%26utm_source%3Db2d2%26utm_medium%3DDisplay%26utm_content%3DTrumpmedicare%26utm_campaign%3D1&tiba=Find%20Plans%20%7C%20Medicare%20Providers&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d15431c8ca055785e1fb4216dfe7bfced8ecd552033686a38d59a080548aeacc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Dec 2020 20:19:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1099
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 81c0e214-f497-a92b-ad7f-7276e94695ab.js Show response
create.lidstatic.com/campaign/ 123 KB
39 KB 456ms
425ms Script
text/javascript 2606:4700:10::6816:27b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://create.lidstatic.com/campaign/81c0e214-f497-a92b-ad7f-7276e94695ab.js?snippet_version=2
Requested by: Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:27b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fb799c38061a05f5c2741c76d07845a7ddc1d49fc9d79ff1ccd640ce76dd7f0

Request headers

Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Dec 2020 20:19:44 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-amz-request-id: 7Q2T7W8V5Z2HFX3J
cf-ray: 6064c7764e464a92-FRA
x-amz-replication-status: COMPLETED
x-amz-id-2: piZ1bM4fsd+YK+dkfBX/LyX6AiBt62rdK8N8F9WE6pE22lmypmMdgb+YXiWQDGeoug2t688gNcA=
last-modified: Tue, 21 Apr 2020 13:45:10 GMT
server: cloudflare
etag: W/"8108b11fbbd90eeed35351fdf493e825"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: JB7Cl1X6IBGtBN8WvyX80SthIxZYWU2.
cache-control: max-age=1800
cf-request-id: 0732dafdea00004a9273075000000001
content-type: text/javascript

GET
H3-Q050 200 js Show response
www.google-analytics.com/gtm/ 90 KB
35 KB 52ms
39ms Script
application/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-KFT29QZ&cid=1250430443.1608754784

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

54edc880e64e3e1c459a8f09c398473e1aaa182fe6ca19763b2e9c305e398a77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Dec 2020 20:19:43 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35773
x-xss-protection: 0
expires: Wed, 23 Dec 2020 20:19:43 GMT

GET
H2

200

p.gif
p.alocdn.com/c/99r6lv79/a/etarget/
Redirect Chain

https://p.alocdn.com/c/99r6lv79/a/etarget/p.gif?label=162262475&title=Find%20Plans%20%7C%20Medicare%20Providers&url=https%3A%2F%2Fwww.medicare-providers.net%2Fplans%2Ftrumpcaremedicare%2F%3FReferre...
https://p.alocdn.com/c/99r6lv79/a/etarget/p.gif?label=162262475&title=Find%20Plans%20%7C%20Medicare%20Providers&url=https%3A%2F%2Fwww.medicare-providers.net%2Fplans%2Ftrumpcaremedicare%2F%3FReferre...

42 B
351 B

216ms
215ms

Image
image/gif

44.238.151.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.alocdn.com/c/99r6lv79/a/etarget/p.gif?label=162262475&title=Find%20Plans%20%7C%20Medicare%20Providers&url=https%3A%2F%2Fwww.medicare-providers.net%2Fplans%2Ftrumpcaremedicare%2F%3FReferrer%3DB2D2%26Subreferrer%3D704700%26Subid%3D206910899%26utm_source%3Db2d2%26utm_medium%3DDisplay%26utm_content%3DTrumpmedicare%26utm_campaign%3D1%23FXDDW_VYTB9_28KMH&tdc=1
Requested by: Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.238.151.153 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-238-151-153.us-west-2.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Dec 2020 20:19:44 GMT
server: nginx/1.16.1
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: image/GIF

Redirect headers

location: /c/99r6lv79/a/etarget/p.gif?label=162262475&title=Find%20Plans%20%7C%20Medicare%20Providers&url=https%3A%2F%2Fwww.medicare-providers.net%2Fplans%2Ftrumpcaremedicare%2F%3FReferrer%3DB2D2%26Subreferrer%3D704700%26Subid%3D206910899%26utm_source%3Db2d2%26utm_medium%3DDisplay%26utm_content%3DTrumpmedicare%26utm_campaign%3D1%23FXDDW_VYTB9_28KMH&tdc=1
date: Wed, 23 Dec 2020 20:19:44 GMT
server: nginx/1.16.1
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: image/GIF

GET
H2 200 1908078899324062 Show response
connect.facebook.net/signals/config/ 239 KB
70 KB 74ms
74ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1908078899324062?v=2.9.31&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3a99bdcd39a74e2684067c7fee253041e7244e6f71970f93aefdea263db4695

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: ERV09Li28vRTxep+hbpfwDX8eAiGG8bPLzKrbA+MWRyEyZ0wAF97YIzAqEULUcLuZ5VDxvbN4i+du3aQ4R+vXA==
x-fb-trip-id: 436667874
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 23 Dec 2020 20:19:43 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 2041865861
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/979637013/ 42 B
337 B 21ms
20ms Image
image/gif 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/979637013/?random=1608754783687&cv=9&fst=1608753600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.medicare-providers.net%2Fplans%2Ftrumpcaremedicare%2F%3FReferrer%3DB2D2%26Subreferrer%3D704700%26Subid%3D206910899%26utm_source%3Db2d2%26utm_medium%3DDisplay%26utm_content%3DTrumpmedicare%26utm_campaign%3D1&tiba=Find%20Plans%20%7C%20Medicare%20Providers&fmt=3&is_vtc=1&random=775552408&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Dec 2020 20:19:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/979637013/ 42 B
552 B 51ms
31ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/979637013/?random=1608754783687&cv=9&fst=1608753600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.medicare-providers.net%2Fplans%2Ftrumpcaremedicare%2F%3FReferrer%3DB2D2%26Subreferrer%3D704700%26Subid%3D206910899%26utm_source%3Db2d2%26utm_medium%3DDisplay%26utm_content%3DTrumpmedicare%26utm_campaign%3D1&tiba=Find%20Plans%20%7C%20Medicare%20Providers&fmt=3&is_vtc=1&random=775552408&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Dec 2020 20:19:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
177 B 14ms
13ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1505806512&t=pageview&_s=1&dl=https%3A%2F%2Fwww.medicare-providers.net%2Fplans%2Ftrumpcaremedicare%2F%3FReferrer%3DB2D2%26Subreferrer%3D704700%26Subid%3D206910899%26utm_source%3Db2d2%26utm_medium%3DDisplay%26utm_content%3DTrumpmedicare%26utm_campaign%3D1&ul=en-us&de=UTF-8&dt=Find%20Plans%20%7C%20Medicare%20Providers&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAAEADQAAAAC~&jid=1927152905&gjid=2026807810&cid=1250430443.1608754784&tid=UA-12025801-1&_gid=1261799013.1608754784&_r=1&_slc=1&z=1306155290

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 23 Dec 2020 20:19:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.medicare-providers.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
454 B 42ms
15ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-12025801-1&cid=1250430443.1608754784&jid=1927152905&gjid=2026807810&_gid=1261799013.1608754784&_u=KGBAAEACQAAAAC~&z=913712760

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 23 Dec 2020 20:19:43 GMT
content-type: text/plain
access-control-allow-origin: https://www.medicare-providers.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
377 B 20ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1908078899324062&ev=PageView&dl=https%3A%2F%2Fwww.medicare-providers.net%2Fplans%2Ftrumpcaremedicare%2F%3FReferrer%3DB2D2%26Subreferrer%3D704700%26Subid%3D206910899%26utm_source%3Db2d2%26utm_medium%3DDisplay%26utm_content%3DTrumpmedicare%26utm_campaign%3D1%23FXDDW_VYTB9_28KMH&rl=&if=false&ts=1608754783852&sw=1600&sh=1200&v=2.9.31&r=stable&ec=0&o=30&fbp=fb.1.1608754783850.1070771394&it=1608754783744&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Dec 2020 20:19:43 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 23 Dec 2020 20:19:43 GMT

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
271 B 20ms
18ms Image
image/gif 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-12025801-1&cid=1250430443.1608754784&jid=1927152905&_u=KGBAAEACQAAAAC~&z=1075894045

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Dec 2020 20:19:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.de/ads/ 42 B
483 B 48ms
33ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-12025801-1&cid=1250430443.1608754784&jid=1927152905&_u=KGBAAEACQAAAAC~&z=1075894045

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Dec 2020 20:19:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 request.js Show response
script.anura.io/ 45 KB
45 KB 196ms
101ms Script
application/javascript 18.134.109.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/request.js?instance=2761973509&source=B2D2&campaign=704700-MP&variable=AnuraResponse&181644333679

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.134.109.232 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-134-109-232.eu-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

7e83df77700d7ff48a03f4d2cfd41ab862fac91420831a43f876c93b8af7df4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Dec 2020 20:19:44 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
x-content-type-options: nosniff
expires: Sun, 28 Dec 1980 18:57:00 EST
server: nginx
content-type: application/javascript; charset=utf-8

GET
H2 200 map_number Show response
json7.ringrevenue.com/7/ 183 B
867 B 808ms
577ms Script
text/javascript 34.239.201.54
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://json7.ringrevenue.com/7/map_number?av_id=30279&referer=&cookies_for_url=%7B%7D&url_without_pool_params=https%3A%2F%2Fwww.medicare-providers.net%2Fplans%2Ftrumpcaremedicare%2F%3FReferrer%3DB2D2%26Subreferrer%3D704700%26Subid%3D206910899%26utm_source%3Db2d2%26utm_medium%3DDisplay%26utm_content%3DTrumpmedicare%26utm_campaign%3D1%23FXDDW_VYTB9_28KMH&request_cookies=true&jsoncallback=json_rr1&url=https%3A%2F%2Fwww.medicare-providers.net%2Fplans%2Ftrumpcaremedicare%2F%3FReferrer%3DB2D2%26Subreferrer%3D704700%26Subid%3D206910899%26utm_source%3Db2d2%26utm_medium%3DDisplay%26utm_content%3DTrumpmedicare%26utm_campaign%3D1%23FXDDW_VYTB9_28KMH

Requested by

Host: js7.invoca.net
URL: https://js7.invoca.net/7/integration.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.239.201.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-239-201-54.compute-1.amazonaws.com

Software

nginx/1.17.8 /

Resource Hash

b17e45610e48e2c90576302c4e42d757cf1f1b20c5fdb22572eadf540f1ded8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-runtime: 0.029024
date: Wed, 23 Dec 2020 20:19:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.17.8
etag: W/"95c680c0becf6ac9701c620614de6648"
x-frame-options: SAMEORIGIN
p3p: CP="CAO DSP CURa ADMa DEVa OUR NOR DEM STA" policyref="/w3c/p3p.xml"
cache-control: max-age=0, private, must-revalidate
content-type: text/javascript; charset=utf-8
x-xss-protection: 1; mode=block
x-request-id: 3e0d44251ecc5621852a7248475fae12

GET
H2 204 0
bat.bing.com/action/ 0
171 B 30ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5751758&Ver=2&mid=32a2e45f-e284-4eac-813c-1d42ce9cad37&sid=31c81aa0455c11eb8811b9b22c69423c&vid=31c84750455c11eb9d2ff1d57d7b4b51&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Find%20Plans%20%7C%20Medicare%20Providers&p=https%3A%2F%2Fwww.medicare-providers.net%2Fplans%2Ftrumpcaremedicare%2F%3FReferrer%3DB2D2%26Subreferrer%3D704700%26Subid%3D206910899%26utm_source%3Db2d2%26utm_medium%3DDisplay%26utm_content%3DTrumpmedicare%26utm_campaign%3D1%23FXDDW_VYTB9_28KMH&r=&lt=1583&evt=pageLoad&msclkid=N&sv=1&rn=257780
Requested by: Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 23 Dec 2020 20:19:43 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 9268D4FCDCC949ECA486151431283F31 Ref B: FRAEDGE1215 Ref C: 2020-12-23T20:19:43Z
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track Show response
trc.pushnami.com/api/push/ 2 B
168 B 141ms
141ms Fetch
text/html 52.71.17.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/593ad82461c3a6d644c6428c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.71.17.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-17-67.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept: application/json, text/plain, */*
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
key: 593ad82461c3a6d644c6428c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Wed, 23 Dec 2020 20:19:44 GMT
cache-control: no-cache
content-type: text/html; charset=utf-8
content-length: 2
access-control-expose-headers: WWW-Authenticate,Server-Authorization

OPTIONS
H2 204 track
trc.pushnami.com/api/push/ Frame 0
0 335ms
111ms Other 52.71.17.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Protocol: H2
Server: 52.71.17.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-17-67.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: key
Origin: https://www.medicare-providers.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 23 Dec 2020 20:19:44 GMT
access-control-allow-origin: *
access-control-allow-methods: POST
access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,key
access-control-max-age: 86400
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache

POST
H2 200 GenerateToken Show response
create.leadid.com/2.7.0/ 36 B
333 B 409ms
171ms XHR
text/plain 54.173.215.17
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.7.0/GenerateToken?msn=1&pid=34a547d1-6022-4ee8-a1bd-bce8b6ef53db&_=35470042
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/81c0e214-f497-a92b-ad7f-7276e94695ab.js?snippet_version=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.173.215.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-173-215-17.compute-1.amazonaws.com
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: 6b7d80b4834e280b887c5207b4032d1a81a8ff972f191345ec77fb925b916622

Request headers

Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 23 Dec 2020 20:19:44 GMT
content-encoding: gzip
server: nginx/1.17.6
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 response.json Show response
script.anura.io/ 52 B
405 B 171ms
82ms XHR
application/json 18.134.109.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/response.json

Requested by

Host: script.anura.io
URL: https://script.anura.io/request.js?instance=2761973509&source=B2D2&campaign=704700-MP&variable=AnuraResponse&181644333679

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.134.109.232 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-134-109-232.eu-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

bf7449a403106158ebaaaac86ce20fb19163efd21a1ec02752155823f0eafd19

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 23 Dec 2020 20:19:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H/1.1 200
OK iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame 8772 0
0 117ms
32ms Document
text/html 52.222.136.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=7C16CF33-63D8-DA5E-8364-C50FB0A5E10F&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.7.0&lck=81C0E214-F497-A92B-AD7F-7276E94695AB&lac=478B1969-F034-6785-243D-D2DE64FC7F68
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/81c0e214-f497-a92b-ad7f-7276e94695ab.js?snippet_version=2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.136.202 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-136-202.ams50.r.cloudfront.net
Software: nginx/1.17.6 /
Resource Hash

Request headers

Host: d2m2wsoho8qq12.cloudfront.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1

Response headers

Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Date: Wed, 23 Dec 2020 07:31:48 GMT
Server: nginx/1.17.6
Last-Modified: Tue, 22 Dec 2020 16:28:54 GMT
ETag: W/"5fe21ec6-dbc"
P3P: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
Content-Encoding: gzip
X-Cache: Hit from cloudfront
Via: 1.1 ec354e6d520d6c5c48f3933476169123.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS50-C1
X-Amz-Cf-Id: VKbQeNELhfjMX-aZO7CHuqaz1XQgfgyxsZj_X7Guz076YtplmNWpPw==
Age: 46076

POST
H2 200 SaveDom Show response
create.leadid.com/2.7.0/ 0
298 B 114ms
114ms XHR
text/plain 54.173.215.17
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.7.0/SaveDom?msn=2&pid=34a547d1-6022-4ee8-a1bd-bce8b6ef53db&token=7C16CF33-63D8-DA5E-8364-C50FB0A5E10F&_=35470043
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/81c0e214-f497-a92b-ad7f-7276e94695ab.js?snippet_version=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.173.215.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-173-215-17.compute-1.amazonaws.com
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 23 Dec 2020 20:19:44 GMT
content-encoding: gzip
server: nginx/1.17.6
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 InitFormData Show response
create.leadid.com/2.7.0/ 0
298 B 115ms
115ms XHR
text/plain 54.173.215.17
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.7.0/InitFormData?msn=3&pid=34a547d1-6022-4ee8-a1bd-bce8b6ef53db&token=7C16CF33-63D8-DA5E-8364-C50FB0A5E10F&_=35470044
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/81c0e214-f497-a92b-ad7f-7276e94695ab.js?snippet_version=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.173.215.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-173-215-17.compute-1.amazonaws.com
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 23 Dec 2020 20:19:44 GMT
content-encoding: gzip
server: nginx/1.17.6
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 result.json Show response
script.anura.io/ 27 B
384 B 61ms
61ms XHR
application/json 18.134.109.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/result.json

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.134.109.232 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-134-109-232.eu-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

59855fb273cce24eaff91d16cdb093b5b26a2bdca96f6a5ec4d95d81d657e929

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 23 Dec 2020 20:19:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H/1.1 200
OK fraud_status.php Show response
www.medicare-providers.net/common_scripts/omg/ 0
538 B 144ms
143ms XHR
text/html 69.20.112.197
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.medicare-providers.net/common_scripts/omg/fraud_status.php?source=anura&response=

Requested by

Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/common_scripts/leadgen/laravel/js/mp.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.112.197 San Antonio, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Dec 2020 20:19:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK fraud_status.php Show response
www.medicare-providers.net/common_scripts/omg/ 0
538 B 149ms
148ms XHR
text/html 69.20.112.197
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.medicare-providers.net/common_scripts/omg/fraud_status.php?source=anura&response={%22result%22:%22bad%22,%22mobile%22:0}

Requested by

Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/common_scripts/leadgen/laravel/js/mp.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.112.197 San Antonio, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Dec 2020 20:19:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK fraud_status.php Show response
www.medicare-providers.net/common_scripts/omg/ 0
538 B 148ms
147ms XHR
text/html 69.20.112.197
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.medicare-providers.net/common_scripts/omg/fraud_status.php?source=anura&response={%22result%22:%22bad%22,%22mobile%22:0}

Requested by

Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/common_scripts/leadgen/laravel/js/mp.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.112.197 San Antonio, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Dec 2020 20:19:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H/1.1 200
OK check_web_user Show response
www.medicare-providers.net/api/ 0
511 B 175ms
175ms XHR
text/html 69.20.112.197
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.medicare-providers.net/api/check_web_user

Requested by

Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/common_scripts/leadgen/laravel/js/mp.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.112.197 San Antonio, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Dec 2020 20:19:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, no-cache
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H/1.1 200
OK phone_imp.php Show response
www.medicare-providers.net/common_scripts/omg/pxl/ 0
486 B 147ms
147ms XHR
text/html 69.20.112.197
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.medicare-providers.net/common_scripts/omg/pxl/phone_imp.php?pn=8553982897&url=www.medicare-providers.net%2Fplans%2Ftrumpcaremedicare%2F%3FReferrer%3DB2D2%26Subreferrer%3D704700%26Subid%3D206910899%26utm_source%3Db2d2%26utm_medium%3DDisplay%26utm_content%3DTrumpmedicare%26utm_campaign%3D1

Requested by

Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/common_scripts/leadgen/laravel/js/mp.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.112.197 San Antonio, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Dec 2020 20:19:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H/1.1 200
OK set_visit_ulid Show response
www.medicare-providers.net/api/ 0
511 B 167ms
166ms XHR
text/html 69.20.112.197
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.medicare-providers.net/api/set_visit_ulid

Requested by

Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/common_scripts/leadgen/laravel/js/mp.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.112.197 San Antonio, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 23 Dec 2020 20:19:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, no-cache
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
146 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1908078899324062&ev=Microdata&dl=https%3A%2F%2Fwww.medicare-providers.net%2Fplans%2Ftrumpcaremedicare%2F%3FReferrer%3DB2D2%26Subreferrer%3D704700%26Subid%3D206910899%26utm_source%3Db2d2%26utm_medium%3DDisplay%26utm_content%3DTrumpmedicare%26utm_campaign%3D1%23FXDDW_VYTB9_28KMH&rl=&if=false&ts=1608754785370&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Find%20Plans%20%7C%20Medicare%20Providers%20%22%2C%22meta%3Adescription%22%3A%22%20%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.31&r=stable&ec=1&o=30&fbp=fb.1.1608754783850.1070771394&it=1608754783744&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Dec 2020 20:19:45 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 23 Dec 2020 20:19:45 GMT

GET
H2 200 hub
api.pushnami.com/scripts/v1/ Frame F0D3 0
0 45ms
45ms Document
text/html 65.9.96.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pushnami.com/scripts/v1/hub

Requested by

Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/593ad82461c3a6d644c6428c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.128 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' *
X-Content-Security-Policy	default-src 'unsafe-inline' *

Request headers

:method: GET
:authority: api.pushnami.com
:scheme: https
:path: /scripts/v1/hub
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1

Response headers

content-type: text/html; charset=utf-8
date: Wed, 23 Dec 2020 19:49:54 GMT
access-control-allow-origin: *
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: X-Requested-With
content-security-policy: default-src 'unsafe-inline' *
x-content-security-policy: default-src 'unsafe-inline' *
x-webkit-csp: default-src 'unsafe-inline' *
cache-control: no-cache
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 2a5c925255bb252ff0ed65977311f74f.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: dO5s2Oq2EHsUjxmLFUObOvscpAaTkk7M1KlslHlf_GNhKaORHVd6-Q==
age: 1791

POST
H2 200 psp Show response
psp.pushnami.com/api/ 2 B
231 B 108ms
108ms Fetch
text/html 52.1.202.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/593ad82461c3a6d644c6428c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.202.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-202-139.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept: application/json, text/plain, */*
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
key: 593ad82461c3a6d644c6428c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.medicare-providers.net
date: Wed, 23 Dec 2020 20:19:46 GMT
cache-control: no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: accept-encoding
content-type: text/html; charset=utf-8

OPTIONS
H2 200 psp
psp.pushnami.com/api/ Frame 0
0 335ms
108ms Other
application/json 52.1.202.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Protocol: H2
Server: 52.1.202.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-202-139.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: key
Origin: https://www.medicare-providers.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 23 Dec 2020 20:19:45 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.medicare-providers.net
access-control-allow-credentials: true
access-control-expose-headers: content-type, content-length, etag
access-control-max-age: 600
access-control-allow-headers: key
access-control-allow-methods: POST
cache-control: no-cache
vary: accept-encoding
content-encoding: gzip

POST
H2 200 Snap Show response
create.leadid.com/2.7.0/ 0
298 B 454ms
332ms XHR
text/plain 54.173.215.17
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.7.0/Snap?msn=4&pid=34a547d1-6022-4ee8-a1bd-bce8b6ef53db&token=7C16CF33-63D8-DA5E-8364-C50FB0A5E10F&_=35470045
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/81c0e214-f497-a92b-ad7f-7276e94695ab.js?snippet_version=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.173.215.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-173-215-17.compute-1.amazonaws.com
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 23 Dec 2020 20:19:47 GMT
content-encoding: gzip
server: nginx/1.17.6
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 Snap Show response
create.leadid.com/2.7.0/ 0
298 B 430ms
212ms XHR
text/plain 54.173.215.17
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.7.0/Snap?msn=5&pid=34a547d1-6022-4ee8-a1bd-bce8b6ef53db&token=7C16CF33-63D8-DA5E-8364-C50FB0A5E10F&_=35470046
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/81c0e214-f497-a92b-ad7f-7276e94695ab.js?snippet_version=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.173.215.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-173-215-17.compute-1.amazonaws.com
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 23 Dec 2020 20:19:47 GMT
content-encoding: gzip
server: nginx/1.17.6
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

112 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.medicare-providers.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: 54a98a67b1c7a82b0c1bfd081f4c6a80
.medicare-providers.net/	1970-01-19 14:54:01	Name: _uetsid Value: 31c81aa0455c11eb8811b9b22c69423c
.medicare-providers.net/	1970-01-19 15:15:58	Name: _uetvid Value: 31c84750455c11eb9d2ff1d57d7b4b51
.medicare-providers.net/	1970-01-19 17:02:10	Name: _fbp Value: fb.1.1608754783850.1070771394
.medicare-providers.net/	1970-01-19 14:54:01	Name: _gid Value: GA1.2.1261799013.1608754784
www.medicare-providers.net/	1969-12-31 23:59:59	Name: omg_visit_id Value: 5fe3a660e15aa7682
.medicare-providers.net/	1970-01-19 14:52:34	Name: _gat Value: 1
.medicare-providers.net/	1970-01-20 08:23:46	Name: _ga Value: GA1.2.1250430443.1608754784
.medicare-providers.net/	1970-01-19 15:35:46	Name: rrCookie_affiliateInfo Value: %7B%22status%22%3A%22invalid%22%2C%22mobile%22%3Afalse%2C%22number_to_replace%22%3A%22999-999-9999%22%2C%22last_validated_at%22%3A1608754784759%7D
www.medicare-providers.net/	1970-01-19 14:52:41	Name: laravel_session Value: eyJpdiI6IlNZNGF2U081NlwvTHRyTzBaWEVBb2l3PT0iLCJ2YWx1ZSI6IlJQd3NOd1ppQWZCZFkrZVZDOEUwSmx1VjNnTlFNdVdFOU5Ldk9BVG5RZmdBUWpjajQzVmFnT3RWR0RcL0dYZ2ZRQVRVVTB4alRtb0djazhzRDFMcnJRQT09IiwibWFjIjoiZDlmN2JmYzg4N2ZjNDQ5Mjk3OTlmODkyODhiMThhZmQ3YjIyNjUyY2ZiYTA5YjI3ZWQ0MTkyYWU5YmE5OGZhYyJ9
www.medicare-providers.net/	1970-01-19 14:52:41	Name: XSRF-TOKEN Value: eyJpdiI6Ik9jalhwaUpOR0s5TEdaa3o1QTlIbkE9PSIsInZhbHVlIjoiRG55ek9hSzhwTGpNamloS0RHc2lIbnFXZHppSjk1QkZEN1NMY05vRkgrNzh3bEhkRlwvUVRlWlRzZklDK1oyd3lkZTB0NkhwK1YrUjhyOHVoRGtLMzBBPT0iLCJtYWMiOiIwZDJkYzUzYTVkNDg1YWMxZGVlZDJkM2EwYWFhMGFhMTg5ZDcwNTYwZjBmMDliNWE3MjBkNDcxNDM4NWQ1NzI0In0%3D
.deviceid.trueleadid.com/	1970-01-25 20:28:19	Name: uuid Value: 15d647a47dca4ce0b513e8b11497afac
www.medicare-providers.net/	1969-12-31 23:59:59	Name: leadid_token-478B1969-F034-6785-243D-D2DE64FC7F68-81C0E214-F497-A92B-AD7F-7276E94695AB Value: 7C16CF33-63D8-DA5E-8364-C50FB0A5E10F

31 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1(Line 79) Message: Now is after the close time, not displaying
console-api	log	URL: https://www.medicare-providers.net/common_scripts/leadgen/laravel/js/mp.js(Line 15) Message: JS: slickform.js loaded
console-api	log	URL: https://www.medicare-providers.net/common_scripts/leadgen/laravel/js/mp.js(Line 16) Message: JS: onestep.js loaded
console-api	log	URL: https://www.medicare-providers.net/common_scripts/leadgen/laravel/js/mp.js(Line 16) Message: JS: oetimer.js loaded
console-api	log	URL: https://www.medicare-providers.net/common_scripts/leadgen/laravel/js/mp.js(Line 16) Message: JS: clicklistings.js loaded
console-api	log	URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1(Line 341) Message: Created anura script
console-api	log	URL: https://api.pushnami.com/scripts/v1/pushnami-adv/593ad82461c3a6d644c6428c(Line 226) Message: {"event":"webpush-ssl-optin-shown","scope":"Website","scopeId":"593ad82461c3a6d644c6428d","pstag_android":"modern_Test_1_Desktop_Fallback"}
console-api	debug	URL: https://script.anura.io/request.js?instance=2761973509&source=B2D2&campaign=704700-MP&variable=AnuraResponse&181644333679(Line 16) Message: [object HTMLImageElement]
console-api	log	URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1(Line 356) Message: Passed object test
console-api	log	URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1(Line 356) Message: Passed object test
console-api	log	URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1(Line 356) Message: Passed object test
console-api	log	URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1(Line 356) Message: Passed object test
console-api	log	URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1(Line 356) Message: Passed object test
console-api	log	URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1(Line 356) Message: Passed object test
console-api	log	URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1(Line 356) Message: Passed object test
console-api	debug	URL: https://script.anura.io/request.js?instance=2761973509&source=B2D2&campaign=704700-MP&variable=AnuraResponse&181644333679(Line 47) Message:
console-api	log	URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1(Line 356) Message: Passed object test
console-api	log	URL: https://api.pushnami.com/scripts/v1/pushnami-adv/593ad82461c3a6d644c6428c(Line 247) Message: Tracking OK [object Response]
console-api	log	URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1(Line 356) Message: Passed object test
console-api	log	URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1(Line 356) Message: Passed object test
console-api	log	URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1(Line 356) Message: Passed object test
console-api	log	URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1(Line 356) Message: Passed object test
console-api	log	URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1(Line 361) Message: Got result: 2226284992.789eb2cb1f8c483fc78feaed2ba039ae
console-api	log	URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1(Line 401) Message: gonna get it!
console-api	log	URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1(Line 406) Message: got it?
console-api	log	URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1(Line 401) Message: gonna get it!
console-api	log	URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1(Line 406) Message: got it?
console-api	log	URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1(Line 401) Message: gonna get it!
console-api	log	URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1(Line 406) Message: got it?
console-api	log	URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=B2D2&Subreferrer=704700&Subid=206910899&utm_source=b2d2&utm_medium=Display&utm_content=Trumpmedicare&utm_campaign=1(Line 483) Message: Repeat user:
console-api	log	URL: https://api.pushnami.com/scripts/v1/pushnami-adv/593ad82461c3a6d644c6428c(Line 480) Message: {}

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.pushnami.com
bat.bing.com
connect.facebook.net
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.alocdn.com
js7.invoca.net
json7.ringrevenue.com
p.alocdn.com
psp.pushnami.com
script.anura.io
secure.apolloi.com
stats.g.doubleclick.net
trc.pushnami.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.medicare-providers.net
13.32.240.122
18.134.109.232
216.58.210.2
2606:4700:10::6816:27b6
2620:1ec:c11::200
2a00:1450:4001:806::2003
2a00:1450:4001:809::200e
2a00:1450:4001:81d::200a
2a00:1450:4001:81e::2003
2a00:1450:4001:824::2002
2a00:1450:4001:824::2004
2a00:1450:400c:c0c::9c
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.239.201.54
44.238.151.153
52.1.202.139
52.222.136.202
52.71.17.67
54.173.215.17
65.9.96.128
69.20.112.197
69.20.94.14
09494b789c55d639e0aabeffc59433963f0e8e766baba0fea88eae8a63c40ccd
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
2b2d857fc5c80a20d6e07a2d98b8e002c9753662955a8ebac6967e46518702ea
304d56b837c5d9bcdae32502bd0e3cf7716b3f706f08ed8dc51d6ba13cb33b00
3d67ca5d28f1dd6fc58ae8f8ab79b70755b30a52eb04572a6df8e50869ff748e
3fc6cf05f3910ead58e414f122581283b5dbd969596c39fcae4f6b442da1ab1e
4745bfb123d90c3944b1af19732e3c7d74880f98379caa9ec776d603588659b3
4c6cf80c740a9177f610b1f6c7b148317e456c5a3b8733019b7df7c423214cc5
4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515
4fb799c38061a05f5c2741c76d07845a7ddc1d49fc9d79ff1ccd640ce76dd7f0
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
54edc880e64e3e1c459a8f09c398473e1aaa182fe6ca19763b2e9c305e398a77
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57991fd35887bc08a67879ec52d707c684c0e0288e7a323970b568802affc42f
59855fb273cce24eaff91d16cdb093b5b26a2bdca96f6a5ec4d95d81d657e929
6b7d80b4834e280b887c5207b4032d1a81a8ff972f191345ec77fb925b916622
76409acbecc08cf121fcc62d458377d61e0a41025b2dbfdd52badfa288d0c140
76682765765202442439cb73fefdfdaf34cf341dce9202375813faa29477d837
78549c0eb6095bbdc03a3ee91b61662e7efc30db63e4bf8bd411787685d36572
7e83df77700d7ff48a03f4d2cfd41ab862fac91420831a43f876c93b8af7df4f
846c368e0ddf8a012965eb146041936ec86aaa04e652c7eed20a1c3117d75509
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
889e5b0e0831a15afbf0a7afe2916c25500b2fa6abb5f62727b0c245415a5f12
a13dd8fe620cd232cfa72df8cc10cd8bec9eb6f98a366c8fed0430596bd3418a
a1820c8c0119b36e17d2e52afd9b56f3638d335c0f0dafe7d2f5d0abba533625
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a69a839d977f844352cef80e578d44c8a405e1e3aef0444e1b074c80c711178b
abdf01dbab06efbec289cf85e83f8ec3618f996ab6803e9f9437db14bc5cbf53
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b17e45610e48e2c90576302c4e42d757cf1f1b20c5fdb22572eadf540f1ded8b
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
bd9fb046f5c5555a10b554af3fd2d7fd26d4f0efaaef5f0d034d3fbf0db5b853
bee9c302260c287106b2bfa7b08e94d40d785541153c1e0808ec01c372b4c319
bf7449a403106158ebaaaac86ce20fb19163efd21a1ec02752155823f0eafd19
c01132a403b88ca20c568fa0f9d2128d1bb7537532f887489b41dd3a756a1526
c68d781eeb01bd19249e5301c2e13974cf71f00e32efe05c043b14142c0d2a00
d15431c8ca055785e1fb4216dfe7bfced8ecd552033686a38d59a080548aeacc
df6e6c1253a4d12ec60534bf851d89a74c2feef171d1769bc20d66cf99c9b22d
e3a99bdcd39a74e2684067c7fee253041e7244e6f71970f93aefdea263db4695
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ed2ee739fa9e5c4c6039a4371b9730ee08cef89758236aaa18b03aa71839f612
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fc7fab33a384c604e1e892730d4272f7c4ad6a82eaabb818da857e40eb56e071
fce9a6f2f7ea34cf08c5bb2847357f438d9106922abeefa20ab7c344cd493372

www.medicare-providers.net Open in urlscan Pro 69.20.112.197 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

66 Requests

100 %HTTPS

48 %IPv6

20 Domains

24 Subdomains

23 IPs

4 Countries

840 kBTransfer

2195 kBSize

13 Cookies

4 Outgoing links

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.medicare-providers.net Open in urlscan Pro
69.20.112.197 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

100 %
HTTPS

48 %
IPv6

20
Domains

24
Subdomains

23
IPs

4
Countries

840 kB
Transfer

2195 kB
Size

13
Cookies

66 HTTP transactions
0 data transactions