urlscan.io logo urlscan.io
SecurityTrails logo

www.medicareadvantage.com Open in urlscan Pro
40.71.199.117  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://str.visionarygeek.eu/Polycleituss/d4-r8Y7BuIfkRGeO8o-F7QvVgsfl0Fmq5l95V0pWTceef4ca4-850GQezRrBBH5rrMJ-4_zSmKBSKkNzLX-...
Effective URL: https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&...
Submission: On February 06 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 47 IPs in 9 countries across 44 domains to perform 107 HTTP transactions. The main IP is 40.71.199.117, located in Washington, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.medicareadvantage.com.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on September 3rd 2019. Valid for: a year.
This is the only time www.medicareadvantage.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 86.106.95.57 201117 (EBONE-NET-AS)
1 103.83.36.136 136171 (MEDHAHOST...)
17 40.71.199.117 8075 (MICROSOFT...)
2 13.35.253.29 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
7 108.168.152.148 36351 (SOFTLAYER)
2 143.204.214.23 16509 (AMAZON-02)
1 172.217.23.98 15169 (GOOGLE)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
5 2a03:2880:f02... 32934 (FACEBOOK)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a02:2638:1::3 44788 (ASN-CRITE...)
3 2001:4860:480... 15169 (GOOGLE)
4 35.186.194.58 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2 2a00:1450:400... 15169 (GOOGLE)
2 3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 5 178.250.2.151 44788 (ASN-CRITE...)
1 74.119.119.150 19750 (AS-CRITEO)
4 2a03:2880:f12... 32934 (FACEBOOK)
2 52.200.79.99 14618 (AMAZON-AES)
1 2 35.227.248.159 15169 (GOOGLE)
1 34.253.126.105 16509 (AMAZON-02)
1 1 2a00:1288:f03... 10310 (YAHOO-1)
1 212.82.100.181 34010 (YAHOO-IRD)
1 35.190.72.21 15169 (GOOGLE)
2 2 172.217.23.130 15169 (GOOGLE)
3 4 37.252.172.250 29990 (ASN-APPNEX)
2 2 52.29.20.136 16509 (AMAZON-02)
1 2 35.157.167.170 16509 (AMAZON-02)
1 69.173.144.138 26667 (RUBICONPR...)
1 23.210.248.44 16625 (AKAMAI-AS)
1 2 70.42.32.127 22075 (AS-OUTBRAIN)
1 2 2.21.37.92 20940 (AKAMAI-ASN1)
1 2 34.95.120.147 15169 (GOOGLE)
1 185.64.190.80 62713 (AS-PUBMATIC)
1 23.58.216.132 16625 (AKAMAI-AS)
1 2 52.59.91.136 16509 (AMAZON-02)
1 52.30.161.101 16509 (AMAZON-02)
1 185.86.137.110 201081 (SMARTADSE...)
1 23.210.248.12 16625 (AKAMAI-AS)
1 2 52.57.163.110 16509 (AMAZON-02)
1 2a02:26f0:f1:... 20940 (AKAMAI-ASN1)
1 5.178.65.250 50673 (SERVERIUS-AS)
1 18.215.83.217 14618 (AMAZON-AES)
1 162.210.196.208 30633 (LEASEWEB-...)
107 47
1    86.106.95.57 (United Kingdom)

ASN201117 (EBONE-NET-AS, GB)
str.visionarygeek.eu
1    103.83.36.136 (Asheville, United States)

ASN136171 (MEDHAHOSTING-AS-AP Medha Hosting, IN)
PTR: 3fak.btuk.stream
www.yilopeet.com
17    40.71.199.117 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.medicareadvantage.com
2    13.35.253.29 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-29.fra6.r.cloudfront.net
widget.trustpilot.com
1    2a00:1450:4001:824::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:819::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
8    2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
7    108.168.152.148 (Dallas, United States)

ASN36351 (SOFTLAYER, US)
PTR: 94.98.a86c.ip4.static.sl-reverse.com
api.trustedform.com
2    143.204.214.23 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-23.fra53.r.cloudfront.net
solutions.invocacdn.com
1    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net
www.googleadservices.com
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
5    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2606:4700:20::681a:b13 (United States)

ASN13335 (CLOUDFLARENET, US)
loader.wisepops.com
popup.wisepops.com
app.wisepops.com
2    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
3    2001:4860:4802:34::15 (United States)

ASN15169 (GOOGLE, US)
fullstory.com
4    35.186.194.58 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com
rs.fullstory.com
1    2a00:1450:4001:818::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:816::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
5    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
sslwidget.criteo.com
dis.criteo.com
1    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
widget.us.criteo.com
4    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    52.200.79.99 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-79-99.compute-1.amazonaws.com
pnapi.invoca.net
2    35.227.248.159 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
1    34.253.126.105 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-126-105.eu-west-1.compute.amazonaws.com
customer.mediawallahscript.com
1    2a00:1288:f03d:1fa::2000 (United Kingdom)

ASN10310 (YAHOO-1, US)
ads.yahoo.com
1    212.82.100.181 (Switzerland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com
sp.analytics.yahoo.com
1    35.190.72.21 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 21.72.190.35.bc.googleusercontent.com
idsync.rlcdn.com
2    172.217.23.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s18-in-f2.1e100.net
cm.g.doubleclick.net
4    37.252.172.250 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
2    52.29.20.136 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-20-136.eu-central-1.compute.amazonaws.com
pixel.advertising.com
2    35.157.167.170 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-167-170.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    23.210.248.44 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-44.deploy.static.akamaitechnologies.com
cw.addthis.com
2    70.42.32.127 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
2    2.21.37.92 (France)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-21-37-92.deploy.static.akamaitechnologies.com
r.casalemedia.com
2    34.95.120.147 (United States)

ASN15169 (GOOGLE, US)
PTR: 147.120.95.34.bc.googleusercontent.com
us-u.openx.net
1    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    23.58.216.132 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-58-216-132.deploy.static.akamaitechnologies.com
contextual.media.net
2    52.59.91.136 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-91-136.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    52.30.161.101 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-161-101.eu-west-1.compute.amazonaws.com
cm.revcontent.com
1    185.86.137.110 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    23.210.248.12 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-12.deploy.static.akamaitechnologies.com
criteo-sync.teads.tv
2    52.57.163.110 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-163-110.eu-central-1.compute.amazonaws.com
ad.360yield.com
1    2a02:26f0:f1:184::143a (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
ade.clmbtech.com
1    5.178.65.250 (Renswoude, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
sync.e-planning.net
1    18.215.83.217 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-215-83-217.compute-1.amazonaws.com
crb.kargo.com
1    162.210.196.208 (Arlington, United States)

ASN30633 (LEASEWEB-USA-WDC-01, US)
sync.aralego.com
Apex Domain
Subdomains		 Transfer
17 medicareadvantage.com
www.medicareadvantage.com
524 KB
8 gstatic.com
fonts.gstatic.com
82 KB
7 fullstory.com
fullstory.com
rs.fullstory.com
191 KB
7 trustedform.com
api.trustedform.com
23 KB
6 criteo.com
sslwidget.criteo.com
widget.us.criteo.com
gum.criteo.com Failed
dis.criteo.com
5 KB
5 doubleclick.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
2 KB
5 facebook.net
connect.facebook.net
128 KB
5 google-analytics.com
www.google-analytics.com
42 KB
4 adnxs.com
secure.adnxs.com
4 KB
4 yahoo.com
ads.yahoo.com
sp.analytics.yahoo.com
ups.analytics.yahoo.com
2 KB
4 facebook.com
www.facebook.com
583 B
4 googleapis.com
ajax.googleapis.com
fonts.googleapis.com
7 KB
3 google.de
www.google.de
328 B
3 google.com
www.google.com
487 B
3 wisepops.com
loader.wisepops.com
popup.wisepops.com
app.wisepops.com
81 KB
3 bing.com
bat.bing.com
8 KB
2 360yield.com
ad.360yield.com
847 B
2 bidswitch.net
x.bidswitch.net
1004 B
2 openx.net
us-u.openx.net
505 B
2 casalemedia.com
r.casalemedia.com
2 KB
2 outbrain.com
sync.outbrain.com
791 B
2 advertising.com
pixel.advertising.com
699 B
2 tapad.com
pixel.tapad.com
774 B
2 invoca.net
pnapi.invoca.net
1 KB
2 criteo.net
static.criteo.net
10 KB
2 invocacdn.com
solutions.invocacdn.com
34 KB
2 googletagmanager.com
www.googletagmanager.com
65 KB
2 trustpilot.com
widget.trustpilot.com
7 KB
1 aralego.com
sync.aralego.com
509 B
1 kargo.com
crb.kargo.com
505 B
1 e-planning.net
sync.e-planning.net
104 B
1 clmbtech.com
ade.clmbtech.com
239 B
1 teads.tv
criteo-sync.teads.tv
286 B
1 smartadserver.com
rtb-csync.smartadserver.com
680 B
1 revcontent.com
cm.revcontent.com
335 B
1 media.net
contextual.media.net
49 B
1 pubmatic.com
simage2.pubmatic.com
993 B
1 addthis.com
cw.addthis.com
426 B
1 rubiconproject.com
pixel.rubiconproject.com
239 B
1 rlcdn.com
idsync.rlcdn.com
433 B
1 mediawallahscript.com
customer.mediawallahscript.com
367 B
1 googleadservices.com
www.googleadservices.com
10 KB
1 yilopeet.com
www.yilopeet.com
572 B
1 visionarygeek.eu
str.visionarygeek.eu
368 B
107 44
Domain Requested by
17 www.medicareadvantage.com www.yilopeet.com
www.medicareadvantage.com
8 fonts.gstatic.com www.medicareadvantage.com
app.wisepops.com
7 api.trustedform.com www.medicareadvantage.com
api.trustedform.com
5 connect.facebook.net www.yilopeet.com
connect.facebook.net
5 www.google-analytics.com 1 redirects www.medicareadvantage.com
www.google-analytics.com
4 secure.adnxs.com 3 redirects
4 dis.criteo.com
4 www.facebook.com www.medicareadvantage.com
4 rs.fullstory.com fullstory.com
3 www.google.de www.medicareadvantage.com
3 www.google.com 2 redirects www.medicareadvantage.com
3 fullstory.com www.yilopeet.com
fullstory.com
3 bat.bing.com www.yilopeet.com
www.medicareadvantage.com
3 fonts.googleapis.com www.medicareadvantage.com
ajax.googleapis.com
app.wisepops.com
2 ad.360yield.com 1 redirects
2 x.bidswitch.net 1 redirects
2 us-u.openx.net 1 redirects
2 r.casalemedia.com 1 redirects
2 sync.outbrain.com 1 redirects
2 ups.analytics.yahoo.com 1 redirects
2 pixel.advertising.com 2 redirects
2 cm.g.doubleclick.net 2 redirects
2 pixel.tapad.com 1 redirects
2 pnapi.invoca.net solutions.invocacdn.com
2 stats.g.doubleclick.net 2 redirects
2 static.criteo.net www.googletagmanager.com
www.yilopeet.com
2 solutions.invocacdn.com www.yilopeet.com
solutions.invocacdn.com
2 www.googletagmanager.com www.medicareadvantage.com
www.googletagmanager.com
2 widget.trustpilot.com www.medicareadvantage.com
widget.trustpilot.com
1 sync.aralego.com
1 crb.kargo.com
1 sync.e-planning.net
1 ade.clmbtech.com
1 criteo-sync.teads.tv
1 rtb-csync.smartadserver.com
1 cm.revcontent.com
1 contextual.media.net
1 simage2.pubmatic.com
1 cw.addthis.com
1 pixel.rubiconproject.com
1 idsync.rlcdn.com
1 sp.analytics.yahoo.com
1 ads.yahoo.com 1 redirects
1 customer.mediawallahscript.com
1 app.wisepops.com loader.wisepops.com
1 widget.us.criteo.com www.medicareadvantage.com
1 sslwidget.criteo.com 1 redirects
1 popup.wisepops.com loader.wisepops.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 loader.wisepops.com www.yilopeet.com
1 www.googleadservices.com www.googletagmanager.com
1 ajax.googleapis.com www.medicareadvantage.com
1 www.yilopeet.com
1 str.visionarygeek.eu 1 redirects
0 gum.criteo.com Failed
107 55

This site contains links to these domains. Also see Links.

Domain
www.bbb.org
www.facebook.com
www.medicare.gov
Subject Issuer Validity Valid
www.yilopeet.com
Let's Encrypt Authority X3		 2020-01-26 -
2020-04-25		 3 months crt.sh
medicareadvantage.com
Sectigo RSA Organization Validation Secure Server CA		 2019-09-03 -
2020-12-22		 a year crt.sh
*.trustpilot.com
Amazon		 2019-05-29 -
2020-06-29		 a year crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-01-14 -
2020-04-07		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-01-21 -
2020-04-14		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-01-14 -
2020-04-07		 3 months crt.sh
*.trustedform.com
Go Daddy Secure Certificate Authority - G2		 2019-01-04 -
2020-03-05		 a year crt.sh
invocacdn.com
Amazon		 2020-01-21 -
2021-02-21		 a year crt.sh
www.googleadservices.com
GTS CA 1O1		 2020-01-21 -
2020-04-14		 3 months crt.sh
www.bing.com
Microsoft IT TLS CA 2		 2019-04-30 -
2021-04-30		 2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-01-16 -
2020-04-15		 3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-07-30 -
2020-07-29		 a year crt.sh
*.criteo.net
DigiCert ECC Secure Server CA		 2019-12-03 -
2021-04-06		 a year crt.sh
*.fullstory.com
COMODO RSA Domain Validation Secure Server CA		 2017-12-27 -
2021-03-26		 3 years crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-01-21 -
2020-04-14		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-01-21 -
2020-04-14		 3 months crt.sh
*.us.criteo.com
DigiCert ECC Secure Server CA		 2019-06-12 -
2020-06-16		 a year crt.sh
www.google.com
GTS CA 1O1		 2020-01-21 -
2020-04-14		 3 months crt.sh
*.invoca.net
Go Daddy Secure Certificate Authority - G2		 2018-08-08 -
2020-10-30		 2 years crt.sh
*.tapad.com
DigiCert SHA2 Secure Server CA		 2019-11-02 -
2020-11-06		 a year crt.sh
*.mediawallahscript.com
Amazon		 2019-06-18 -
2020-07-18		 a year crt.sh
*.criteo.com
DigiCert ECC Secure Server CA		 2019-12-05 -
2021-04-08		 a year crt.sh
*.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2019-10-06 -
2020-04-03		 6 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-04-24 -
2020-04-23		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2019-10-30 -
2020-04-27		 6 months crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA		 2019-01-10 -
2021-01-14		 2 years crt.sh
odc-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2019-10-10 -
2020-09-04		 a year crt.sh
*.outbrain.com
Thawte RSA CA 2018		 2019-10-29 -
2021-11-23		 2 years crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2019-07-17 -
2020-03-09		 8 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2018-01-04 -
2020-07-09		 3 years crt.sh
*.pubmatic.com
Sectigo RSA Organization Validation Secure Server CA		 2019-02-22 -
2021-02-21		 2 years crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2018-12-30 -
2020-03-30		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2019-04-17 -
2020-05-04		 a year crt.sh
revcontent.com
Amazon		 2019-09-19 -
2020-10-19		 a year crt.sh
*.smartadserver.com
Thawte RSA CA 2018		 2018-09-07 -
2020-02-17		 a year crt.sh
teads.tv
Let's Encrypt Authority X3		 2020-01-08 -
2020-04-07		 3 months crt.sh
*.360yield.com
Amazon		 2019-09-24 -
2020-10-24		 a year crt.sh
static.clmbtech.com
GeoTrust RSA CA 2018		 2019-02-08 -
2020-05-09		 a year crt.sh
*.e-planning.net
COMODO RSA Domain Validation Secure Server CA		 2018-02-16 -
2021-02-15		 3 years crt.sh
kargo.com
Amazon		 2019-12-09 -
2021-01-09		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-23 -
2021-11-21		 2 years crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA		 2019-01-23 -
2021-03-08		 2 years crt.sh

This page contains 4 frames:

Primary Page: https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
Frame ID: C915A25794510E690FA91FC518582E0B
Requests: 76 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/539ad60defb9600b94d7df2c/index.html?templateId=539ad60defb9600b94d7df2c&businessunitId=5cb78f39fe9c960001425562
Frame ID: EDECD01ABBCC3B241C8E5720828BBCEE
Requests: 1 HTTP requests in this frame

Frame: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2926&partner_device_id=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57
Frame ID: B17FB4685268F9AF62152C582FD010D6
Requests: 28 HTTP requests in this frame

Frame: https://static.criteo.net/empty.html
Frame ID: 115767DA9A2E8AB0276369BDAC8E3203
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://str.visionarygeek.eu/Polycleituss/d4-r8Y7BuIfkRGeO8o-F7QvVgsfl0Fmq5l95V0pWTceef4ca4-850GQezRrBBH5... HTTP 302
    https://www.yilopeet.com/DasWMndL8n8BSe98BtZGmB85mC7D41acZcKI1_E--RVgTOublSXOQcbyF2xLkJHYwccNgNuQRLJ1... Page URL
  2. https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
  • script /googleapis\.com\/.+webfont/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i

Page Statistics

107
Requests

99 %
HTTPS

33 %
IPv6

44
Domains

55
Subdomains

47
IPs

9
Countries

1231 kB
Transfer

3199 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://str.visionarygeek.eu/Polycleituss/d4-r8Y7BuIfkRGeO8o-F7QvVgsfl0Fmq5l95V0pWTceef4ca4-850GQezRrBBH5rrMJ-4_zSmKBSKkNzLX-SyRf2FYdrUoijdM2kyozgmQpNmDKnXL6BFgZ9HnR5zBdP0SAthTZckw7QNxkFiU9M6UhlmjkpNCH9y_1R45UVaxb_8Dj2SltQonBl2ZnI2rG HTTP 302
    https://www.yilopeet.com/DasWMndL8n8BSe98BtZGmB85mC7D41acZcKI1_E--RVgTOublSXOQcbyF2xLkJHYwccNgNuQRLJ1retZb4ewfw~~/594912/0d0d1dfc4acdd3d00d21f3f3e8a92b9a/70063067/ Page URL
  2. https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://str.visionarygeek.eu/Polycleituss/d4-r8Y7BuIfkRGeO8o-F7QvVgsfl0Fmq5l95V0pWTceef4ca4-850GQezRrBBH5rrMJ-4_zSmKBSKkNzLX-SyRf2FYdrUoijdM2kyozgmQpNmDKnXL6BFgZ9HnR5zBdP0SAthTZckw7QNxkFiU9M6UhlmjkpNCH9y_1R45UVaxb_8Dj2SltQonBl2ZnI2rG HTTP 302
  • https://www.yilopeet.com/DasWMndL8n8BSe98BtZGmB85mC7D41acZcKI1_E--RVgTOublSXOQcbyF2xLkJHYwccNgNuQRLJ1retZb4ewfw~~/594912/0d0d1dfc4acdd3d00d21f3f3e8a92b9a/70063067/
Request Chain 44
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j80&tid=UA-66468741-1&cid=183028413.1580980365&jid=2048463874&gjid=464135181&_gid=489600871.1580980365&_u=aGDAgEADQ~&z=1981909038 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-66468741-1&cid=183028413.1580980365&jid=2048463874&_v=j80&z=1981909038 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-66468741-1&cid=183028413.1580980365&jid=2048463874&_v=j80&z=1981909038&slf_rd=1&random=1460628954
Request Chain 45
  • https://www.google-analytics.com/r/collect?v=1&_v=j80&a=1953210822&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.medicareadvantage.com%2F%3Fsrc%3Dtz_ma_email_mad%26afid%3D521124%26tfn%3DMjAxLTc0Ni0xODky%26q_creative%3DMA_MadTest_Email1%26sub_id%3Dstate%26q_campaignid%3D1_state%26pub_id%3D160007%26q_placement%3D527909946%26q_publisher%3D594912&dr=https%3A%2F%2Fwww.yilopeet.com%2FDasWMndL8n8BSe98BtZGmB85mC7D41acZcKI1_E--RVgTOublSXOQcbyF2xLkJHYwccNgNuQRLJ1retZb4ewfw~~%2F594912%2F0d0d1dfc4acdd3d00d21f3f3e8a92b9a%2F70063067%2F&ul=en-us&de=UTF-8&dt=Compare%20Medicare%20Advantage%20Plans%20%7C%20MedicareAdvantage.com&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Set%20http%20referrer&ea=www.yilopeet.com&_u=aGDAAEADQ~&jid=986324910&gjid=1203757334&cid=183028413.1580980365&tid=UA-66468741-1&_gid=489600871.1580980365&_r=1&gtm=2wg1t0KX4TVG&cd12=www.yilopeet.com&z=179647455 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-66468741-1&cid=183028413.1580980365&jid=986324910&_gid=489600871.1580980365&gjid=1203757334&_v=j80&z=179647455 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-66468741-1&cid=183028413.1580980365&jid=986324910&_v=j80&z=179647455 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-66468741-1&cid=183028413.1580980365&jid=986324910&_v=j80&z=179647455&slf_rd=1&random=1128919346
Request Chain 47
  • https://sslwidget.criteo.com/event?a=34878&v=5.5.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.yilopeet.com&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&tld=medicareadvantage.com&dtycbr=34597 HTTP 302
  • https://widget.us.criteo.com/event?a=34878&v=5.5.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.yilopeet.com&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&tld=medicareadvantage.com&dtycbr=34597
Request Chain 70
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2926&partner_device_id=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2926&partner_device_id=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57
Request Chain 73
  • https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1 HTTP 302
  • https://dis.criteo.com/dis/rtb/rightmedia/cookiematch.aspx?xid=E0
Request Chain 76
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57&google_cm&google_hm=6-YMteT63kex4Yv99WZ8Vw HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57&google_gid=CAESEHZ2hFmv5B7lIXTjRuQp1RM&google_cver=1&google_ula=913071,0
Request Chain 77
  • https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D95287%26redir%3Dhttps%253A%252F%252Fsecure.adnxs.com%252Fgetuid%253Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fappnexus%252Fcookiematch.aspx%253Fappnxsid%253D%2524UID HTTP 302
  • https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6055554268042479802
Request Chain 78
  • https://pixel.advertising.com/ups/55945/sync?uid=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57&_origin=1 HTTP 302
  • https://pixel.advertising.com/ups/55945/sync?uid=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57&_origin=1&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/55945/sync?uid=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57&_origin=1&apid=UPd70d86ec-48c0-11ea-a2e2-02dd778c1250 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55945/sync?uid=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57&_origin=1&apid=UPd70d86ec-48c0-11ea-a2e2-02dd778c1250&verify=true
Request Chain 81
  • https://sync.outbrain.com/cookie-sync?p=criteo&uid=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=criteo&uid=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57&rdrctExp=true
Request Chain 82
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57 HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57&C=1
Request Chain 83
  • https://us-u.openx.net/w/1.0/sd?id=537072953&val=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57&c=us HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072953&val=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57&c=us
Request Chain 86
  • https://x.bidswitch.net/sync?dsp_id=46&user_id=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57&expires=30 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57&expires=30
Request Chain 90
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57 HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57
Request Chain 97
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=6-YMteT63kex4Yv99WZ8Vw HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0

107 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set /
www.yilopeet.com/DasWMndL8n8BSe98BtZGmB85mC7D41acZcKI1_E--RVgTOublSXOQcbyF2xLkJHYwccNgNuQRLJ1retZb4ewfw~~/594912/0d0d1dfc4acdd3d00d21f3f3e8a92b9a/70063067/
Redirect Chain
  • http://str.visionarygeek.eu/Polycleituss/d4-r8Y7BuIfkRGeO8o-F7QvVgsfl0Fmq5l95V0pWTceef4ca4-850GQezRrBBH5rrMJ-4_zSmKBSKkNzLX-SyRf2FYdrUoijdM2kyozgmQpNmDKnXL6BFgZ9HnR5zBdP0SAthTZckw7QNxkFiU9M6Uhlmjkp...
  • https://www.yilopeet.com/DasWMndL8n8BSe98BtZGmB85mC7D41acZcKI1_E--RVgTOublSXOQcbyF2xLkJHYwccNgNuQRLJ1retZb4ewfw~~/594912/0d0d1dfc4acdd3d00d21f3f3e8a92b9a/70063067/
268 B
572 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.yilopeet.com/DasWMndL8n8BSe98BtZGmB85mC7D41acZcKI1_E--RVgTOublSXOQcbyF2xLkJHYwccNgNuQRLJ1retZb4ewfw~~/594912/0d0d1dfc4acdd3d00d21f3f3e8a92b9a/70063067/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.83.36.136 Asheville, United States, ASN136171 (MEDHAHOSTING-AS-AP Medha Hosting, IN),
Reverse DNS
3fak.btuk.stream
Software
Apache /
Resource Hash
2b0074727dba8a3e2f0ab8e461808c552389783e7bbe035e2cf476f8a96fef77

Request headers

Host
www.yilopeet.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Thu, 06 Feb 2020 09:12:44 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
268
Server
Apache
Set-Cookie
uid4660=527909946-20200206041244-44d3def81b7f81f69bf8adb622ccebdf-; domain=yilopeet.com; expires=Sat, 07-Mar-2020 09:12:44 GMT; path=/; SameSite=None; Secure

Redirect headers

Server
nginx
Date
Thu, 06 Feb 2020 09:12:44 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
Access-Control-Allow-Origin
*
location
https://www.yilopeet.com/DasWMndL8n8BSe98BtZGmB85mC7D41acZcKI1_E--RVgTOublSXOQcbyF2xLkJHYwccNgNuQRLJ1retZb4ewfw~~/594912/0d0d1dfc4acdd3d00d21f3f3e8a92b9a/70063067/
Primary Request /
www.medicareadvantage.com/ 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
Requested by
Host: www.yilopeet.com
URL: https://www.yilopeet.com/DasWMndL8n8BSe98BtZGmB85mC7D41acZcKI1_E--RVgTOublSXOQcbyF2xLkJHYwccNgNuQRLJ1retZb4ewfw~~/594912/0d0d1dfc4acdd3d00d21f3f3e8a92b9a/70063067/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.71.199.117 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d1c988eed0362353f1a11a5b8231ef9a5e3c222a502b5f26a696016e98066472
Security Headers
Name Value
X-Frame-Options SAMEORIGIN SAMEORIGIN

Request headers

:method
GET
:authority
www.medicareadvantage.com
:scheme
https
:path
/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://www.yilopeet.com/DasWMndL8n8BSe98BtZGmB85mC7D41acZcKI1_E--RVgTOublSXOQcbyF2xLkJHYwccNgNuQRLJ1retZb4ewfw~~/594912/0d0d1dfc4acdd3d00d21f3f3e8a92b9a/70063067/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.yilopeet.com/DasWMndL8n8BSe98BtZGmB85mC7D41acZcKI1_E--RVgTOublSXOQcbyF2xLkJHYwccNgNuQRLJ1retZb4ewfw~~/594912/0d0d1dfc4acdd3d00d21f3f3e8a92b9a/70063067/

Response headers

status
200
cache-control
private
content-length
13458
content-type
text/html; charset=utf-8
content-encoding
br
vary
Accept-Encoding
set-cookie
ASP.NET_SessionId=yz0gactfex1oo4c3wh2kom5f; path=/; HttpOnly; SameSite=Lax ASP.NET_SessionId=yz0gactfex1oo4c3wh2kom5f; path=/; HttpOnly; SameSite=Lax __RequestVerificationToken=Z9djbFRkrkD8lzBylMR77u_cK4SvDnN0PBS0k41x6aOS1x6NrAIqznYpcPCCoyd-yKNLS7b5py_8OXpy_Dmhgs0QU_aVHIk57TL9nt85VKc1; path=/; HttpOnly ARRAffinity=75ce112a088adede3d2a2eaa4b9273f9eea76541a198d6a5d467f064a6324249;Path=/;HttpOnly;Domain=www.medicareadvantage.com
x-frame-options
SAMEORIGIN SAMEORIGIN
request-context
appId=cid-v1:fbd9fb0b-8ff4-4767-8cab-a851e58b7320
access-control-expose-headers
Request-Context
date
Thu, 06 Feb 2020 09:12:44 GMT
open-sans-condensed-v12-latin-700.woff2
www.medicareadvantage.com/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.medicareadvantage.com/fonts/open-sans-condensed-v12-latin-700.woff2
Requested by
Host: www.medicareadvantage.com
URL: https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.71.199.117 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2e3d279ce7882d2b0bb2e9147db63968eb26f0e926ba3d4ba37901cf3847fcad
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
Origin
https://www.medicareadvantage.com

Response headers

date
Thu, 06 Feb 2020 09:12:44 GMT
last-modified
Thu, 26 Sep 2019 16:50:46 GMT
etag
"077c88a8a74d51:0"
x-frame-options
SAMEORIGIN
content-type
application/x-font-woff2
status
200
access-control-expose-headers
Request-Context
cache-control
public,max-age=1209600
accept-ranges
bytes
content-length
15892
request-context
appId=cid-v1:fbd9fb0b-8ff4-4767-8cab-a851e58b7320
bundle.css
www.medicareadvantage.com/Content/css/ 		365 KB
44 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.medicareadvantage.com/Content/css/bundle.css
Requested by
Host: www.medicareadvantage.com
URL: https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.71.199.117 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f35fa941ec6364fc02ba2ef295da8ab672a24e0ccf8afcb53787e3eafca8126a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 06 Feb 2020 09:12:44 GMT
content-encoding
br
last-modified
Thu, 26 Sep 2019 16:50:42 GMT
x-frame-options
SAMEORIGIN
etag
"01d66888a74d51:0"
vary
Accept-Encoding
content-type
text/css
status
200
access-control-expose-headers
Request-Context
cache-control
private,max-age=604800
accept-ranges
bytes
content-length
45164
request-context
appId=cid-v1:fbd9fb0b-8ff4-4767-8cab-a851e58b7320
tp.widget.bootstrap.min.js
widget.trustpilot.com/bootstrap/v5/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
Requested by
Host: www.medicareadvantage.com
URL: https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-29.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5d9371e0c41f5f47e50429fdb0aeecca88b5f31c047093468614211ce03e5d90

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 26 Jan 2020 21:16:28 GMT
content-encoding
gzip
age
64416
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
6493
last-modified
Wed, 22 Jan 2020 10:29:21 GMT
server
AmazonS3
etag
"cc8c66d103e872eaaae4c3628bf0ac0c"
content-type
application/x-javascript
via
1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-amz-cf-id
eG93WtSDD2q9eZNscmHAWpClvUM_DIMsPODbF78MUcyUCoub4nzkgg==
ma-logo-color-stacked.svg
www.medicareadvantage.com/Content/img/ 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.medicareadvantage.com/Content/img/ma-logo-color-stacked.svg
Requested by
Host: www.medicareadvantage.com
URL: https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.71.199.117 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
73b318f137888cf807a521c67aac1e32ac6f9e9388b84c1cdfd41e90fbba9181
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 06 Feb 2020 09:12:44 GMT
content-encoding
br
last-modified
Thu, 26 Sep 2019 16:50:44 GMT
x-frame-options
SAMEORIGIN
etag
"04a97898a74d51:0"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
access-control-expose-headers
Request-Context
cache-control
private,max-age=604800
accept-ranges
bytes
content-length
1309
request-context
appId=cid-v1:fbd9fb0b-8ff4-4767-8cab-a851e58b7320
ma-logo-color.svg
www.medicareadvantage.com/Content/img/ 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.medicareadvantage.com/Content/img/ma-logo-color.svg
Requested by
Host: www.medicareadvantage.com
URL: https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.71.199.117 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ffd5962bd47592ab10ccb3b117fba293a4c4bab5cf0ccef70de298c3428c0fa7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 06 Feb 2020 09:12:45 GMT
content-encoding
br
last-modified
Thu, 26 Sep 2019 16:50:44 GMT
x-frame-options
SAMEORIGIN
etag
"04a97898a74d51:0"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
access-control-expose-headers
Request-Context
cache-control
private,max-age=604800
accept-ranges
bytes
content-length
1303
request-context
appId=cid-v1:fbd9fb0b-8ff4-4767-8cab-a851e58b7320
plan-pills.svg
www.medicareadvantage.com/media/1542/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.medicareadvantage.com/media/1542/plan-pills.svg
Requested by
Host: www.medicareadvantage.com
URL: https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.71.199.117 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9fc738e4dd975d17435d3848ffd9964152a4d195dac73b5cd041b4c40c714126
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 06 Feb 2020 09:12:45 GMT
last-modified
Thu, 26 Sep 2019 16:50:58 GMT
etag
"085ef918a74d51:0"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
status
200
access-control-expose-headers
Request-Context
cache-control
public,max-age=1814400
accept-ranges
bytes
content-length
3257
request-context
appId=cid-v1:fbd9fb0b-8ff4-4767-8cab-a851e58b7320
plan-glasses.svg
www.medicareadvantage.com/media/1543/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.medicareadvantage.com/media/1543/plan-glasses.svg
Requested by
Host: www.medicareadvantage.com
URL: https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.71.199.117 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3a198e74a03f5e42b5c094d57cb6683ae97f60196cfb92910cebc1f2421546af
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 06 Feb 2020 09:12:45 GMT
last-modified
Thu, 26 Sep 2019 16:50:58 GMT
etag
"085ef918a74d51:0"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
status
200
access-control-expose-headers
Request-Context
cache-control
public,max-age=1814400
accept-ranges
bytes
content-length
1048
request-context
appId=cid-v1:fbd9fb0b-8ff4-4767-8cab-a851e58b7320
plan-pig.svg
www.medicareadvantage.com/media/1544/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.medicareadvantage.com/media/1544/plan-pig.svg
Requested by
Host: www.medicareadvantage.com
URL: https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.71.199.117 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2865ded653f1b1acaee6cf385c92fd7dcfbf2017f321c29f25a3e1602f33fb1b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 06 Feb 2020 09:12:45 GMT
content-encoding
br
last-modified
Thu, 26 Sep 2019 16:50:58 GMT
x-frame-options
SAMEORIGIN
etag
"085ef918a74d51:0"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
access-control-expose-headers
Request-Context
cache-control
public,max-age=1814400
accept-ranges
bytes
content-length
1324
request-context
appId=cid-v1:fbd9fb0b-8ff4-4767-8cab-a851e58b7320
millionpeople.svg
www.medicareadvantage.com/media/1512/ 		94 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.medicareadvantage.com/media/1512/millionpeople.svg
Requested by
Host: www.medicareadvantage.com
URL: https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.71.199.117 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c6c66a57fa80f7b6643eeb450478c9fd70a1daed0d1c0d11323b2971f18734b5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 06 Feb 2020 09:12:45 GMT
content-encoding
br
last-modified
Thu, 26 Sep 2019 16:50:56 GMT
x-frame-options
SAMEORIGIN
etag
"058be908a74d51:0"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
access-control-expose-headers
Request-Context
cache-control
public,max-age=1814400
accept-ranges
bytes
content-length
37726
request-context
appId=cid-v1:fbd9fb0b-8ff4-4767-8cab-a851e58b7320
guide-large.png
www.medicareadvantage.com/media/1522/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.medicareadvantage.com/media/1522/guide-large.png
Requested by
Host: www.medicareadvantage.com
URL: https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.71.199.117 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
345936abb6d8682e5f3573e6d3245490c4e0ca4a8a357f0bd8a1f47e56f19a88
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 06 Feb 2020 09:12:45 GMT
last-modified
Thu, 26 Sep 2019 16:50:58 GMT
etag
"085ef918a74d51:0"
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
access-control-expose-headers
Request-Context
cache-control
public,max-age=1814400
accept-ranges
bytes
content-length
78090
request-context
appId=cid-v1:fbd9fb0b-8ff4-4767-8cab-a851e58b7320
fireworks.png
www.medicareadvantage.com/media/1539/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.medicareadvantage.com/media/1539/fireworks.png
Requested by
Host: www.medicareadvantage.com
URL: https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.71.199.117 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c76967d28a687a5cc3cb12e02860772e4009d1502dfd7c1bc802a8422ea6d342
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 06 Feb 2020 09:12:45 GMT
last-modified
Thu, 26 Sep 2019 16:50:58 GMT
etag
"085ef918a74d51:0"
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
access-control-expose-headers
Request-Context
cache-control
public,max-age=1814400
accept-ranges
bytes
content-length
15242
request-context
appId=cid-v1:fbd9fb0b-8ff4-4767-8cab-a851e58b7320
bundle.js
www.medicareadvantage.com/Content/js/ 		302 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.medicareadvantage.com/Content/js/bundle.js
Requested by
Host: www.medicareadvantage.com
URL: https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.71.199.117 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
063a9ec59354724ad529c305837e51109f1b3338783e1777b678e86f66003eee
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 06 Feb 2020 09:12:44 GMT
content-encoding
br
last-modified
Thu, 26 Sep 2019 16:50:44 GMT
x-frame-options
SAMEORIGIN
etag
"04a97898a74d51:0"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
access-control-expose-headers
Request-Context
cache-control
private,max-age=604800
accept-ranges
bytes
content-length
96397
request-context
appId=cid-v1:fbd9fb0b-8ff4-4767-8cab-a851e58b7320
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Requested by
Host: www.medicareadvantage.com
URL: https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 05 Feb 2020 03:21:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
107502
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
5437
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 Feb 2021 03:21:03 GMT
css
fonts.googleapis.com/ 		1 KB
496 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Kalam
Requested by
Host: www.medicareadvantage.com
URL: https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
55ced71ea4228031709df886da6495168b120a644b841c1699599c225df61517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 06 Feb 2020 09:12:45 GMT
server
ESF
access-control-allow-origin
*
date
Thu, 06 Feb 2020 09:12:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Thu, 06 Feb 2020 09:12:45 GMT
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.medicareadvantage.com
URL: https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7edf06d6436ec9420c26e56bd02ef5f5c93a9fb189ed16b1db402e57a0ea796
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 24 Jan 2020 01:10:36 GMT
server
Golfe2
age
5055
date
Thu, 06 Feb 2020 07:48:30 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17926
expires
Thu, 06 Feb 2020 09:48:30 GMT
gtm.js
www.googletagmanager.com/ 		137 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KX4TVG
Requested by
Host: www.medicareadvantage.com
URL: https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5097dfa297f9d9cabcc2b66e2aeaa775da27a5ee0438dc7cb89b5463012ff276
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 06 Feb 2020 09:12:45 GMT
content-encoding
br
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
private, max-age=900
access-control-allow-credentials
true
strict-transport-security
max-age=604800; includeSubDomains
access-control-allow-headers
Cache-Control
content-length
38123
x-xss-protection
0
expires
Thu, 06 Feb 2020 09:12:45 GMT
hero-xlg.jpg
www.medicareadvantage.com/media/1538/ 		134 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.medicareadvantage.com/media/1538/hero-xlg.jpg
Requested by
Host: www.medicareadvantage.com
URL: https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.71.199.117 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
22c44c1cf017c400479ea8a4e5c80e5b9f0287219b746b74ed531d1938d3e1b2
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 06 Feb 2020 09:12:45 GMT
last-modified
Thu, 26 Sep 2019 16:50:58 GMT
etag
"085ef918a74d51:0"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
status
200
access-control-expose-headers
Request-Context
cache-control
public,max-age=1814400
accept-ranges
bytes
content-length
137025
request-context
appId=cid-v1:fbd9fb0b-8ff4-4767-8cab-a851e58b7320
line.svg
www.medicareadvantage.com/Content/img/ 		563 B
605 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.medicareadvantage.com/Content/img/line.svg
Requested by
Host: www.medicareadvantage.com
URL: https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.71.199.117 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
93973492eb84cf5b25fe4aac945a281bc71b470574aecdb3050a4d6b95180ce4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.medicareadvantage.com/Content/css/bundle.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 06 Feb 2020 09:12:45 GMT
last-modified
Thu, 26 Sep 2019 16:50:44 GMT
etag
"04a97898a74d51:0"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
status
200
access-control-expose-headers
Request-Context
cache-control
private,max-age=604800
accept-ranges
bytes
content-length
563
request-context
appId=cid-v1:fbd9fb0b-8ff4-4767-8cab-a851e58b7320
video-spanish.jpg
www.medicareadvantage.com/media/1534/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.medicareadvantage.com/media/1534/video-spanish.jpg
Requested by
Host: www.medicareadvantage.com
URL: https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.71.199.117 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
474b0c4de380d57f97b6eb34a8932950b7e10c224cb75109d82a53b8277de0c3
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 06 Feb 2020 09:12:45 GMT
last-modified
Thu, 26 Sep 2019 16:50:58 GMT
etag
"085ef918a74d51:0"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
status
200
access-control-expose-headers
Request-Context
cache-control
public,max-age=1814400
accept-ranges
bytes
content-length
40422
request-context
appId=cid-v1:fbd9fb0b-8ff4-4767-8cab-a851e58b7320
line.png
www.medicareadvantage.com/Content/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.medicareadvantage.com/Content/img/line.png
Requested by
Host: www.medicareadvantage.com
URL: https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.71.199.117 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
156c95e3749e7d2b48981a237f966d6dfd52c7b712460c76bb73b39acc290fb6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.medicareadvantage.com/Content/css/bundle.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 06 Feb 2020 09:12:45 GMT
last-modified
Thu, 26 Sep 2019 16:50:44 GMT
etag
"04a97898a74d51:0"
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
access-control-expose-headers
Request-Context
cache-control
private,max-age=604800
accept-ranges
bytes
content-length
1202
request-context
appId=cid-v1:fbd9fb0b-8ff4-4767-8cab-a851e58b7320
medicare-advantage.woff2
www.medicareadvantage.com/fonts/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.medicareadvantage.com/fonts/medicare-advantage.woff2?maynzp
Requested by
Host: www.medicareadvantage.com
URL: https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.71.199.117 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e4bd109458efd809ef10a7dbb1154cdcae99c610b25b977a9756aa9e9c63434d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.medicareadvantage.com/Content/css/bundle.css
Origin
https://www.medicareadvantage.com

Response headers

date
Thu, 06 Feb 2020 09:12:45 GMT
last-modified
Thu, 26 Sep 2019 16:51:24 GMT
etag
"0ce6ea18a74d51:0"
x-frame-options
SAMEORIGIN
content-type
application/x-font-woff2
status
200
access-control-expose-headers
Request-Context
cache-control
public,max-age=1209600
accept-ranges
bytes
content-length
45248
request-context
appId=cid-v1:fbd9fb0b-8ff4-4767-8cab-a851e58b7320
YA9dr0Wd4kDdMthROCfhsCkA.woff2
fonts.gstatic.com/s/kalam/v10/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/kalam/v10/YA9dr0Wd4kDdMthROCfhsCkA.woff2
Requested by
Host: www.medicareadvantage.com
URL: https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81149e87be7f93d9e207c69b0e17dda3135e3c923263f551f5c3a79569f1fd33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Kalam
Origin
https://www.medicareadvantage.com

Response headers

date
Fri, 31 Jan 2020 21:19:20 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 23:49:49 GMT
server
sffe
age
474805
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
14048
x-xss-protection
0
expires
Sat, 30 Jan 2021 21:19:20 GMT
trustedform.js
api.trustedform.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=15809803654490.9113644066615514
Requested by
Host: www.medicareadvantage.com
URL: https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.168.152.148 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
94.98.a86c.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
0cffe7b8cc41d6bfc3511e492789f8fab53861e912f272142733f7f1a0419b45
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status
200
date
Thu, 06 Feb 2020 09:12:45 GMT
cache-control
max-age=0, private, must-revalidate
server
nginx
content-encoding
gzip
strict-transport-security
max-age=15768000
content-type
application/javascript; charset=utf-8
index.html
widget.trustpilot.com/trustboxes/539ad60defb9600b94d7df2c/ Frame EDEC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/trustboxes/539ad60defb9600b94d7df2c/index.html?templateId=539ad60defb9600b94d7df2c&businessunitId=5cb78f39fe9c960001425562
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-29.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

:method
GET
:authority
widget.trustpilot.com
:scheme
https
:path
/trustboxes/539ad60defb9600b94d7df2c/index.html?templateId=539ad60defb9600b94d7df2c&businessunitId=5cb78f39fe9c960001425562
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912

Response headers

status
200
content-type
text/html
content-length
3188
date
Thu, 06 Feb 2020 09:12:46 GMT
last-modified
Thu, 23 Jan 2020 10:29:44 GMT
etag
"de47c8427ef4f3f683ffa93e2c79ee97"
x-amz-server-side-encryption
AES256
cache-control
max-age=86400
content-encoding
gzip
accept-ranges
bytes
server
AmazonS3
x-cache
Miss from cloudfront
via
1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
ogcBnl3b-OEjetTTqVR0kNnd9Xjs4lyEJLgsJYd6e_3R3fe_Xj-pgg==
css
fonts.googleapis.com/ 		10 KB
763 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5c06b6329970d1560039f39c4935a041d96fcf0f877b47951d8ece559a1b4dc6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 06 Feb 2020 09:12:45 GMT
server
ESF
access-control-allow-origin
*
date
Thu, 06 Feb 2020 09:12:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Thu, 06 Feb 2020 09:12:45 GMT
js
www.google-analytics.com/gtm/ 		63 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-W7RGLWD&cid=183028413.1580980365
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
764ec907880a85a302c0c8b2bd413e4ba464f5d460c3cc1da9191dec8a08d632
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 06 Feb 2020 09:12:45 GMT
content-encoding
br
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
private, max-age=900
access-control-allow-credentials
true
strict-transport-security
max-age=604800; includeSubDomains
access-control-allow-headers
Cache-Control
content-length
24023
x-xss-protection
0
expires
Thu, 06 Feb 2020 09:12:45 GMT
pnapi_integration-latest.min.js
solutions.invocacdn.com/js/ 		88 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://solutions.invocacdn.com/js/pnapi_integration-latest.min.js
Requested by
Host: www.yilopeet.com
URL: https://www.yilopeet.com/DasWMndL8n8BSe98BtZGmB85mC7D41acZcKI1_E--RVgTOublSXOQcbyF2xLkJHYwccNgNuQRLJ1retZb4ewfw~~/594912/0d0d1dfc4acdd3d00d21f3f3e8a92b9a/70063067/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.214.23 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-23.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c03628d9933445974fb52e2a61530b55bfb27101c25716eb35a031a3a81151c9

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-amz-version-id
bbDEPkpenxKKvKwJa7oBfu6o3yLH332L
content-encoding
gzip
last-modified
Sat, 14 Dec 2019 00:09:15 GMT
server
AmazonS3
age
592
date
Thu, 06 Feb 2020 09:02:54 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
status
200
cache-control
max-age=3600
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
uB_jgSR7qMQiXMG3CYt0T1A057DHajBoGXNkXHMKjhZVQkT9BhBBVQ==
via
1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
conversion_async.js
www.googleadservices.com/pagead/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KX4TVG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
ec7024e764e94caa58c7a18f4624dc84c9ee15537ff5418fd44e2f037f8abc30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 06 Feb 2020 09:12:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9931
x-xss-protection
0
server
cafe
etag
8273558640064030436
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 06 Feb 2020 09:12:45 GMT
bat.js
bat.bing.com/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.yilopeet.com
URL: https://www.yilopeet.com/DasWMndL8n8BSe98BtZGmB85mC7D41acZcKI1_E--RVgTOublSXOQcbyF2xLkJHYwccNgNuQRLJ1retZb4ewfw~~/594912/0d0d1dfc4acdd3d00d21f3f3e8a92b9a/70063067/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
89b531e78902333807b825faf77cd11cc927fe364ea2ba9307f65365f7e811f7

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 06 Feb 2020 09:12:45 GMT
content-encoding
gzip
last-modified
Fri, 31 Jan 2020 21:01:31 GMT
x-msedge-ref
Ref A: 4D7D05EDE3A34322AE6D2F2078F6C2D7 Ref B: FRAEDGE0709 Ref C: 2020-02-06T09:12:45Z
access-control-allow-origin
*
etag
"8087c39c79d8d51:0"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
7297
fbevents.js
connect.facebook.net/en_US/ 		126 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.yilopeet.com
URL: https://www.yilopeet.com/DasWMndL8n8BSe98BtZGmB85mC7D41acZcKI1_E--RVgTOublSXOQcbyF2xLkJHYwccNgNuQRLJ1retZb4ewfw~~/594912/0d0d1dfc4acdd3d00d21f3f3e8a92b9a/70063067/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
30466
x-xss-protection
0
pragma
public
x-fb-debug
psevgQBZWdQpDB6h0qY+WlWCpI9Flze4V7LhQ/GrQ/T6ltHeKyNkbkTVjDAdcx2+vVPSK3bGwmAiR99IrUj5Kg==
x-fb-trip-id
1850256238
date
Thu, 06 Feb 2020 09:12:45 GMT, Thu, 06 Feb 2020 09:12:45 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
get-loader.js
loader.wisepops.com/ 		32 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://loader.wisepops.com/get-loader.js?v=1&site=DwcvfpvHj3
Requested by
Host: www.yilopeet.com
URL: https://www.yilopeet.com/DasWMndL8n8BSe98BtZGmB85mC7D41acZcKI1_E--RVgTOublSXOQcbyF2xLkJHYwccNgNuQRLJ1retZb4ewfw~~/594912/0d0d1dfc4acdd3d00d21f3f3e8a92b9a/70063067/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4945981c3af2b35d46db5c32b6fdc0424a5053e7907588598fd74f06b535cbd

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 06 Feb 2020 09:12:45 GMT
content-encoding
br
cf-cache-status
MISS
server
cloudflare
x-wisepops-server
popup-prod-eu-6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
cf-ray
560c01149ec7972a-FRA
x-robots-tag
noindex, nofollow
ld.js
static.criteo.net/js/ld/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/ld.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KX4TVG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
6a60018cab3d38d035188490d869d5dc1283a7dd115917226df457ca92887f7f

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 06 Feb 2020 09:12:45 GMT
content-encoding
gzip
last-modified
Mon, 16 Dec 2019 15:00:50 GMT
server
nginx
access-control-allow-origin
*
etag
W/"5df79c22-7533"
content-type
text/javascript
status
200
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Fri, 07 Feb 2020 09:12:45 GMT
js
www.googletagmanager.com/gtag/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-9365637
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KX4TVG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cd4311d31dfee2b200b30a5f575deb187e869bb67673dce32dfb017e24a2cca0
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 06 Feb 2020 09:12:45 GMT
content-encoding
br
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
private, max-age=900
access-control-allow-credentials
true
strict-transport-security
max-age=604800; includeSubDomains
access-control-allow-headers
Cache-Control
content-length
28363
x-xss-protection
0
expires
Thu, 06 Feb 2020 09:12:45 GMT
fs.js
fullstory.com/s/ 		176 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fullstory.com/s/fs.js
Requested by
Host: www.yilopeet.com
URL: https://www.yilopeet.com/DasWMndL8n8BSe98BtZGmB85mC7D41acZcKI1_E--RVgTOublSXOQcbyF2xLkJHYwccNgNuQRLJ1retZb4ewfw~~/594912/0d0d1dfc4acdd3d00d21f3f3e8a92b9a/70063067/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
44a4f15376c7e859b49fd3aced1c4dfc56c5d6677d600fc073587686cb5a258c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
Origin
https://www.medicareadvantage.com

Response headers

strict-transport-security
max-age=63072000
content-encoding
gzip
server
Google Frontend
age
323
etag
"3301mQ"
vary
Accept-Encoding
content-type
application/javascript
status
200
x-cloud-trace-context
03b93d53ce5a52c80ad3010b1b2ac9a8
cache-control
public, max-age=600
date
Thu, 06 Feb 2020 09:07:22 GMT
timing-allow-origin
*
access-control-allow-origin
*
content-length
63989
expires
Thu, 06 Feb 2020 09:17:22 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: www.medicareadvantage.com
URL: https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Origin
https://www.medicareadvantage.com

Response headers

date
Sat, 01 Feb 2020 00:22:27 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:49 GMT
server
sffe
age
463818
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9132
x-xss-protection
0
expires
Sun, 31 Jan 2021 00:22:27 GMT
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
Requested by
Host: www.medicareadvantage.com
URL: https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Origin
https://www.medicareadvantage.com

Response headers

date
Wed, 05 Feb 2020 01:55:05 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:44 GMT
server
sffe
age
112660
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9180
x-xss-protection
0
expires
Thu, 04 Feb 2021 01:55:05 GMT
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: www.medicareadvantage.com
URL: https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Origin
https://www.medicareadvantage.com

Response headers

date
Tue, 04 Feb 2020 20:18:40 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:31:11 GMT
server
sffe
age
132845
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9080
x-xss-protection
0
expires
Wed, 03 Feb 2021 20:18:40 GMT
mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
Requested by
Host: www.medicareadvantage.com
URL: https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Origin
https://www.medicareadvantage.com

Response headers

date
Tue, 04 Feb 2020 20:40:52 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:37 GMT
server
sffe
age
131513
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9016
x-xss-protection
0
expires
Wed, 03 Feb 2021 20:40:52 GMT
174588406419360
connect.facebook.net/signals/config/ 		100 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/174588406419360?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
280b6a352a9dd2f7ea2908003e156b076b7851bfde150888559e00c478c81758
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
kwyyVlkhvPNkg5sGO34Zp4JES1mDnJqG9+G4vd0KpV067rJlgjlToIJEH/ki4QGyKIekvLQVO7H4eFWhSrQnew==
x-fb-trip-id
1850256238
date
Thu, 06 Feb 2020 09:12:45 GMT, Thu, 06 Feb 2020 09:12:45 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
page
rs.fullstory.com/rec/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/page
Requested by
Host: fullstory.com
URL: https://fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.186.194.58 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
d7ee592cbc5e416afbab559331e3cd7011852fb044424ca4ef6d62fefa065159

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
Origin
https://www.medicareadvantage.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 06 Feb 2020 09:12:46 GMT
via
1.1 google
status
200
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.medicareadvantage.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
0
0
bat.bing.com/action/ 		0
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5010995&Ver=2&mid=d31846a8-885e-e8e7-14b9-f418d05f10cb&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Compare%20Medicare%20Advantage%20Plans%20%7C%20MedicareAdvantage.com&kw=medicare,%20medicare%20advantage,%20free%20quote,%20medicare%20advantage%20plans,%20compare%20quotes,%20free%20online%20quote,%20Original%20Medicare,%20Medicare%20Part%20C,%20Medicareadvantage.com&p=https%3A%2F%2Fwww.medicareadvantage.com%2F%3Fsrc%3Dtz_ma_email_mad%26afid%3D521124%26tfn%3DMjAxLTc0Ni0xODky%26q_creative%3DMA_MadTest_Email1%26sub_id%3Dstate%26q_campaignid%3D1_state%26pub_id%3D160007%26q_placement%3D527909946%26q_publisher%3D594912&r=https%3A%2F%2Fwww.yilopeet.com%2FDasWMndL8n8BSe98BtZGmB85mC7D41acZcKI1_E--RVgTOublSXOQcbyF2xLkJHYwccNgNuQRLJ1retZb4ewfw~~%2F594912%2F0d0d1dfc4acdd3d00d21f3f3e8a92b9a%2F70063067%2F&lt=725&evt=pageLoad&msclkid=N&rn=799401
Requested by
Host: www.medicareadvantage.com
URL: https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status
204
pragma
no-cache
date
Thu, 06 Feb 2020 09:12:45 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: B1FDDD9A8D2249C8872D35648437C6B7 Ref B: FRAEDGE0709 Ref C: 2020-02-06T09:12:45Z
access-control-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/942774981/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/942774981/?random=1580980365592&cv=9&fst=1580980365592&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg1t0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.medicareadvantage.com%2F%3Fsrc%3Dtz_ma_email_mad%26afid%3D521124%26tfn%3DMjAxLTc0Ni0xODky%26q_creative%3DMA_MadTest_Email1%26sub_id%3Dstate%26q_campaignid%3D1_state%26pub_id%3D160007%26q_placement%3D527909946%26q_publisher%3D594912&ref=https%3A%2F%2Fwww.yilopeet.com%2FDasWMndL8n8BSe98BtZGmB85mC7D41acZcKI1_E--RVgTOublSXOQcbyF2xLkJHYwccNgNuQRLJ1retZb4ewfw~~%2F594912%2F0d0d1dfc4acdd3d00d21f3f3e8a92b9a%2F70063067%2F&tiba=Compare%20Medicare%20Advantage%20Plans%20%7C%20MedicareAdvantage.com&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dd3ca874cf4bf8b47ce9407b1f052171796ebc09ab7da25660c92d13975cddd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Feb 2020 09:12:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1279
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j80&a=1953210822&t=pageview&_s=1&dl=https%3A%2F%2Fwww.medicareadvantage.com%2F%3Fsrc%3Dtz_ma_email_mad%26afid%3D521124%26tfn%3DMjAxLTc0Ni0xODky%26q_creative%3DMA_MadTest_Email1%26sub_id%3Dstate%26q_campaignid%3D1_state%26pub_id%3D160007%26q_placement%3D527909946%26q_publisher%3D594912&dr=https%3A%2F%2Fwww.yilopeet.com%2FDasWMndL8n8BSe98BtZGmB85mC7D41acZcKI1_E--RVgTOublSXOQcbyF2xLkJHYwccNgNuQRLJ1retZb4ewfw~~%2F594912%2F0d0d1dfc4acdd3d00d21f3f3e8a92b9a%2F70063067%2F&ul=en-us&de=UTF-8&dt=Compare%20Medicare%20Advantage%20Plans%20%7C%20MedicareAdvantage.com&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGDAgEADQ~&jid=2048463874&gjid=464135181&cid=183028413.1580980365&tid=UA-66468741-1&_gid=489600871.1580980365&gtm=2wg1t0KX4TVG&cd2=1580980365512.auijbhl7&cd7=10%3A12%3A45&cd17=https%3A%2F%2Fwww.yilopeet.com%2FDasWMndL8n8BSe98BtZGmB85mC7D41acZcKI1_E--RVgTOublSXOQcbyF2xLkJHYwccNgNuQRLJ1retZb4ewfw~~%2F594912%2F0d0d1dfc4acdd3d00d21f3f3e8a92b9a%2F70063067%2F&cd18=2020-02-06T10%3A12%3A45.512%2B01%3A00&cd16=183028413.1580980365&z=1060325539
Requested by
Host: www.medicareadvantage.com
URL: https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Feb 2020 19:21:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
136280
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j80&tid=UA-66468741-1&cid=183028413.1580980365&jid=2048463874&gjid=464135181&_gid=489600871.1580980365&_u=aGDAgEADQ~&z=1981909038
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-66468741-1&cid=183028413.1580980365&jid=2048463874&_v=j80&z=1981909038
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-66468741-1&cid=183028413.1580980365&jid=2048463874&_v=j80&z=1981909038&slf_rd=1&random=1460628954
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-66468741-1&cid=183028413.1580980365&jid=2048463874&_v=j80&z=1981909038&slf_rd=1&random=1460628954
Requested by
Host: www.medicareadvantage.com
URL: https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Feb 2020 09:12:45 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 06 Feb 2020 09:12:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-66468741-1&cid=183028413.1580980365&jid=2048463874&_v=j80&z=1981909038&slf_rd=1&random=1460628954
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j80&a=1953210822&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.medicareadvantage.com%2F%3Fsrc%3Dtz_ma_email_mad%26afid%3D521124%26tfn%3DMjAxLTc0Ni0xODky%2...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-66468741-1&cid=183028413.1580980365&jid=986324910&_gid=489600871.1580980365&gjid=1203757334&_v=j80&z=179647455
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-66468741-1&cid=183028413.1580980365&jid=986324910&_v=j80&z=179647455
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-66468741-1&cid=183028413.1580980365&jid=986324910&_v=j80&z=179647455&slf_rd=1&random=1128919346
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-66468741-1&cid=183028413.1580980365&jid=986324910&_v=j80&z=179647455&slf_rd=1&random=1128919346
Requested by
Host: www.medicareadvantage.com
URL: https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Feb 2020 09:12:45 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 06 Feb 2020 09:12:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-66468741-1&cid=183028413.1580980365&jid=986324910&_v=j80&z=179647455&slf_rd=1&random=1128919346
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
my-wisepop
popup.wisepops.com/ 		127 B
234 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://popup.wisepops.com/my-wisepop
Requested by
Host: loader.wisepops.com
URL: https://loader.wisepops.com/get-loader.js?v=1&site=DwcvfpvHj3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
028ea6c3faedf0583cb3fbcda2036161a66e24e76e46351e6b9b00f39e9d68fa

Request headers

Accept
application/json
Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
Origin
https://www.medicareadvantage.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 06 Feb 2020 09:12:45 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
x-wisepops-server
popup-prod-eu-6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
content-type
application/json
access-control-allow-origin
https://www.medicareadvantage.com
x-robots-tag
noindex, nofollow
access-control-allow-credentials
true
cf-ray
560c01152f47972a-FRA
event
widget.us.criteo.com/
Redirect Chain
  • https://sslwidget.criteo.com/event?a=34878&v=5.5.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.yilopeet.com&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&tld=medicareadvantage.com&dtycbr=34597
  • https://widget.us.criteo.com/event?a=34878&v=5.5.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.yilopeet.com&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&tld=medicareadvantage.com&dtycbr=34597
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.us.criteo.com/event?a=34878&v=5.5.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.yilopeet.com&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&tld=medicareadvantage.com&dtycbr=34597
Requested by
Host: www.medicareadvantage.com
URL: https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8aaca454fd1d9e4a83e0c720178335d8cd74f86d7c66e849e17ee23774cdcaa1

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Feb 2020 09:12:45 GMT
content-encoding
gzip
content-type
application/x-javascript
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
status
200
cache-control
no-cache
timing-allow-origin
*
content-length
3286
expires
0

Redirect headers

pragma
no-cache
date
Thu, 06 Feb 2020 09:12:45 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
location
https://widget.us.criteo.com/event?a=34878&v=5.5.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.yilopeet.com&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&tld=medicareadvantage.com&dtycbr=34597
status
302
cache-control
no-cache
timing-allow-origin
*
content-length
0
expires
0
/
www.google.com/pagead/1p-user-list/942774981/ 		42 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/942774981/?random=1580980365592&cv=9&fst=1580979600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg1t0&sendb=1&frm=0&url=https%3A%2F%2Fwww.medicareadvantage.com%2F%3Fsrc%3Dtz_ma_email_mad%26afid%3D521124%26tfn%3DMjAxLTc0Ni0xODky%26q_creative%3DMA_MadTest_Email1%26sub_id%3Dstate%26q_campaignid%3D1_state%26pub_id%3D160007%26q_placement%3D527909946%26q_publisher%3D594912&ref=https%3A%2F%2Fwww.yilopeet.com%2FDasWMndL8n8BSe98BtZGmB85mC7D41acZcKI1_E--RVgTOublSXOQcbyF2xLkJHYwccNgNuQRLJ1retZb4ewfw~~%2F594912%2F0d0d1dfc4acdd3d00d21f3f3e8a92b9a%2F70063067%2F&tiba=Compare%20Medicare%20Advantage%20Plans%20%7C%20MedicareAdvantage.com&async=1&fmt=3&is_vtc=1&random=3335539130&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.medicareadvantage.com
URL: https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Feb 2020 09:12:45 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/942774981/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/942774981/?random=1580980365592&cv=9&fst=1580979600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg1t0&sendb=1&frm=0&url=https%3A%2F%2Fwww.medicareadvantage.com%2F%3Fsrc%3Dtz_ma_email_mad%26afid%3D521124%26tfn%3DMjAxLTc0Ni0xODky%26q_creative%3DMA_MadTest_Email1%26sub_id%3Dstate%26q_campaignid%3D1_state%26pub_id%3D160007%26q_placement%3D527909946%26q_publisher%3D594912&ref=https%3A%2F%2Fwww.yilopeet.com%2FDasWMndL8n8BSe98BtZGmB85mC7D41acZcKI1_E--RVgTOublSXOQcbyF2xLkJHYwccNgNuQRLJ1retZb4ewfw~~%2F594912%2F0d0d1dfc4acdd3d00d21f3f3e8a92b9a%2F70063067%2F&tiba=Compare%20Medicare%20Advantage%20Plans%20%7C%20MedicareAdvantage.com&async=1&fmt=3&is_vtc=1&random=3335539130&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.medicareadvantage.com
URL: https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Feb 2020 09:12:45 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tag-live.js
solutions.invocacdn.com/js/networks/1458/3326147965/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://solutions.invocacdn.com/js/networks/1458/3326147965/tag-live.js
Requested by
Host: solutions.invocacdn.com
URL: https://solutions.invocacdn.com/js/pnapi_integration-latest.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.214.23 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-23.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
861289df344675c131d2ea1deaa2df24c4e47fac10ab5efae4270b401e0aed8e

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 05 Feb 2020 07:25:55 GMT
content-encoding
gzip
last-modified
Wed, 08 Jan 2020 14:41:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
x-amz-version-id
Q.DSSqhHusnH6lB.5hGFMeP0sD8ieqAA
status
200
cache-control
max-age=300
x-amz-replication-status
COMPLETED
content-type
text/javascript
x-amz-cf-id
PBVx7tFYTleQcXYOlWnYWniLH7xJu9d5tItZPDH8YOKvxL_PXSQWuQ==
via
1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
139185626725322
connect.facebook.net/signals/config/ 		100 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/139185626725322?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9cda238320f313167eb271a97b684a0f3ed3cd4dbf2d5c5087c952ac153f8f36
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
xONeS7JJhCWOG+sx2N47FKo7+XoClsYBcaKQhBtemCXIMUCUsBkZw9wdbyOc533meG6y1G+pH4WXo5pvLePo7g==
x-fb-trip-id
1850256238
date
Thu, 06 Feb 2020 09:12:45 GMT, Thu, 06 Feb 2020 09:12:45 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=174588406419360&ev=PageView&dl=https%3A%2F%2Fwww.medicareadvantage.com%2F%3Fsrc%3Dtz_ma_email_mad%26afid%3D521124%26tfn%3DMjAxLTc0Ni0xODky%26q_creative%3DMA_MadTest_Email1%26sub_id%3Dstate%26q_campaignid%3D1_state%26pub_id%3D160007%26q_placement%3D527909946%26q_publisher%3D594912&rl=https%3A%2F%2Fwww.yilopeet.com%2FDasWMndL8n8BSe98BtZGmB85mC7D41acZcKI1_E--RVgTOublSXOQcbyF2xLkJHYwccNgNuQRLJ1retZb4ewfw~~%2F594912%2F0d0d1dfc4acdd3d00d21f3f3e8a92b9a%2F70063067%2F&if=false&ts=1580980365657&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=28&fbp=fb.1.1580980365656.1440807780&it=1580980365566&coo=false&rqm=GET
Requested by
Host: www.medicareadvantage.com
URL: https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 06 Feb 2020 09:12:45 GMT, Thu, 06 Feb 2020 09:12:45 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Thu, 06 Feb 2020 09:12:45 GMT
189741.js
app.wisepops.com/shared/wisepops/eff6a6d632c6199a31d4b81aeab3b532/ 		260 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.wisepops.com/shared/wisepops/eff6a6d632c6199a31d4b81aeab3b532/189741.js?v=1579188295000
Requested by
Host: loader.wisepops.com
URL: https://loader.wisepops.com/get-loader.js?v=1&site=DwcvfpvHj3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2a9c76f9edd3c5589c0667cff536ac6f81a3e1d8a0edf8f1ff2019aa5aaded8

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 06 Feb 2020 09:12:45 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 16 Jan 2020 15:25:48 GMT
server
cloudflare
access-control-allow-origin
*
etag
W/"40fd6-59c43708c1a2d-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31536000, s-maxage=10
cf-ray
560c01158fb4972a-FRA
x-robots-tag
noindex, follow
371184110055554
connect.facebook.net/signals/config/ 		100 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/371184110055554?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6ec9b07d327c1714a655948643b32e88e25719a415cef6d2fa70dea439358feb
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
C4ResJlvzwGFSHcD9JSXlye0Rkf3sxWc7a4PDytNaR++s40gFxWZ/fod0p/NLj7DCYCIPwmryLg+m/eTWB6XRQ==
x-fb-trip-id
1850256238
date
Thu, 06 Feb 2020 09:12:45 GMT, Thu, 06 Feb 2020 09:12:45 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=139185626725322&ev=PageView&dl=https%3A%2F%2Fwww.medicareadvantage.com%2F%3Fsrc%3Dtz_ma_email_mad%26afid%3D521124%26tfn%3DMjAxLTc0Ni0xODky%26q_creative%3DMA_MadTest_Email1%26sub_id%3Dstate%26q_campaignid%3D1_state%26pub_id%3D160007%26q_placement%3D527909946%26q_publisher%3D594912&rl=https%3A%2F%2Fwww.yilopeet.com%2FDasWMndL8n8BSe98BtZGmB85mC7D41acZcKI1_E--RVgTOublSXOQcbyF2xLkJHYwccNgNuQRLJ1retZb4ewfw~~%2F594912%2F0d0d1dfc4acdd3d00d21f3f3e8a92b9a%2F70063067%2F&if=false&ts=1580980365730&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=28&fbp=fb.1.1580980365656.1440807780&it=1580980365566&coo=false&rqm=GET
Requested by
Host: www.medicareadvantage.com
URL: https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 06 Feb 2020 09:12:45 GMT, Thu, 06 Feb 2020 09:12:45 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Thu, 06 Feb 2020 09:12:45 GMT
189269471741754
connect.facebook.net/signals/config/ 		100 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/189269471741754?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b8d5649bb6b5d2dc8b9104902811880a5f3b32688871cadc7da29b7a110f07fb
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
5no6yAYxH8HpjQZcIwrUAn3w/YEzOUYSOAVstf/f2l8jiT7UtahmT7fPVrnXVhcWVBJmZpXJLb+pECnAtN7CnA==
x-fb-trip-id
1850256238
date
Thu, 06 Feb 2020 09:12:45 GMT, Thu, 06 Feb 2020 09:12:45 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=371184110055554&ev=PageView&dl=https%3A%2F%2Fwww.medicareadvantage.com%2F%3Fsrc%3Dtz_ma_email_mad%26afid%3D521124%26tfn%3DMjAxLTc0Ni0xODky%26q_creative%3DMA_MadTest_Email1%26sub_id%3Dstate%26q_campaignid%3D1_state%26pub_id%3D160007%26q_placement%3D527909946%26q_publisher%3D594912&rl=https%3A%2F%2Fwww.yilopeet.com%2FDasWMndL8n8BSe98BtZGmB85mC7D41acZcKI1_E--RVgTOublSXOQcbyF2xLkJHYwccNgNuQRLJ1retZb4ewfw~~%2F594912%2F0d0d1dfc4acdd3d00d21f3f3e8a92b9a%2F70063067%2F&if=false&ts=1580980365790&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=28&fbp=fb.1.1580980365656.1440807780&it=1580980365566&coo=false&rqm=GET
Requested by
Host: www.medicareadvantage.com
URL: https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 06 Feb 2020 09:12:45 GMT, Thu, 06 Feb 2020 09:12:45 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Thu, 06 Feb 2020 09:12:45 GMT
css
fonts.googleapis.com/ 		7 KB
695 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,700
Requested by
Host: app.wisepops.com
URL: https://app.wisepops.com/shared/wisepops/eff6a6d632c6199a31d4b81aeab3b532/189741.js?v=1579188295000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d0cbfb1ab0f94123834567e32df7ec74a1c210793f797368d41a4b4c2732d4a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 06 Feb 2020 09:12:45 GMT
server
ESF
access-control-allow-origin
*
date
Thu, 06 Feb 2020 09:12:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Thu, 06 Feb 2020 09:12:45 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: www.medicareadvantage.com
URL: https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,700
Origin
https://www.medicareadvantage.com

Response headers

date
Sat, 01 Feb 2020 11:35:32 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
423433
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11016
x-xss-protection
0
expires
Sun, 31 Jan 2021 11:35:32 GMT
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
Requested by
Host: app.wisepops.com
URL: https://app.wisepops.com/shared/wisepops/eff6a6d632c6199a31d4b81aeab3b532/189741.js?v=1579188295000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,700
Origin
https://www.medicareadvantage.com

Response headers

date
Tue, 04 Feb 2020 02:00:53 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:52 GMT
server
sffe
age
198712
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11180
x-xss-protection
0
expires
Wed, 03 Feb 2021 02:00:53 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: app.wisepops.com
URL: https://app.wisepops.com/shared/wisepops/eff6a6d632c6199a31d4b81aeab3b532/189741.js?v=1579188295000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,700
Origin
https://www.medicareadvantage.com

Response headers

date
Fri, 31 Jan 2020 00:50:19 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
548546
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11020
x-xss-protection
0
expires
Sat, 30 Jan 2021 00:50:19 GMT
/
www.facebook.com/tr/ 		44 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=189269471741754&ev=PageView&dl=https%3A%2F%2Fwww.medicareadvantage.com%2F%3Fsrc%3Dtz_ma_email_mad%26afid%3D521124%26tfn%3DMjAxLTc0Ni0xODky%26q_creative%3DMA_MadTest_Email1%26sub_id%3Dstate%26q_campaignid%3D1_state%26pub_id%3D160007%26q_placement%3D527909946%26q_publisher%3D594912&rl=https%3A%2F%2Fwww.yilopeet.com%2FDasWMndL8n8BSe98BtZGmB85mC7D41acZcKI1_E--RVgTOublSXOQcbyF2xLkJHYwccNgNuQRLJ1retZb4ewfw~~%2F594912%2F0d0d1dfc4acdd3d00d21f3f3e8a92b9a%2F70063067%2F&if=false&ts=1580980365882&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=28&fbp=fb.1.1580980365656.1440807780&it=1580980365566&coo=false&rqm=GET
Requested by
Host: www.medicareadvantage.com
URL: https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 06 Feb 2020 09:12:45 GMT, Thu, 06 Feb 2020 09:12:45 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Thu, 06 Feb 2020 09:12:45 GMT
t.js
api.trustedform.com/10a6c24b32a354f7c23de439e24b01b97154204d/ 		56 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/10a6c24b32a354f7c23de439e24b01b97154204d/t.js?lo=https%3A%2F%2Fwww.medicareadvantage.com%2F%3Fsrc%3Dtz_ma_email_mad%26afid%3D521124%26tfn%3DMjAxLTc0Ni0xODky%26q_creative%3DMA_MadTest_Email1%26sub_id%3Dstate%26q_campaignid%3D1_state%26pub_id%3D160007%26q_placement%3D527909946%26q_publisher%3D594912&l=15809803654490.9113644066615514&f=false&n=e6bae14f77b799f3891df39a31e490eb4a395fb9&cs=g3QAAAACZAABdGJeO9iNZAABdnQAAAADbQAAAAVmaWVsZG0AAAAUeHhUcnVzdGVkRm9ybUNlcnRVcmxtAAAAAWxtAAAAHzE1ODA5ODAzNjU0NDkwLjkxMTM2NDQwNjY2MTU1MTRtAAAAEHByb3ZpZGVfcmVmZXJyZXJkAAVmYWxzZQ%3D%3D&csh=9FwDGOxPlA1wPkHvOVhW1MTWUPUOz4qI4fuCN9tnxe8%3D
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=15809803654490.9113644066615514
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.168.152.148 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
94.98.a86c.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
5861b12e9f25dbecacf3559faf34117ed5a279d2b3639de1d368ae0a68b7ba5e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status
200
date
Thu, 06 Feb 2020 09:12:46 GMT
cache-control
max-age=0, private, must-revalidate
server
nginx
content-encoding
gzip
strict-transport-security
max-age=15768000
content-type
application/javascript; charset=utf-8
map_number.jsonp
pnapi.invoca.net/2/api/2014-09-01/ 		505 B
684 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pnapi.invoca.net/2/api/2014-09-01/map_number.jsonp?network_id=1458&js_version=3.6.22&tag_id=1458%2F3326147965&client_info=%7B%22url%22%3A%22https%3A%2F%2Fwww.medicareadvantage.com%2F%3Fsrc%3Dtz_ma_email_mad%26afid%3D521124%26tfn%3DMjAxLTc0Ni0xODky%26q_creative%3DMA_MadTest_Email1%26sub_id%3Dstate%26q_campaignid%3D1_state%26pub_id%3D160007%26q_placement%3D527909946%26q_publisher%3D594912%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.yilopeet.com%2FDasWMndL8n8BSe98BtZGmB85mC7D41acZcKI1_E--RVgTOublSXOQcbyF2xLkJHYwccNgNuQRLJ1retZb4ewfw~~%2F594912%2F0d0d1dfc4acdd3d00d21f3f3e8a92b9a%2F70063067%2F%22%2C%22cores%22%3A16%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22screenWidth%22%3A1600%2C%22screenHeight%22%3A1200%2C%22language%22%3A%22en-US%22%7D&request_data_shared_params=%7B%22q_publisher%22%3A%22594912%22%2C%22q_placement%22%3A%22527909946%22%2C%22pub_id%22%3A%22160007%22%2C%22q_campaignid%22%3A%221_state%22%2C%22sub_id%22%3A%22state%22%2C%22q_creative%22%3A%22MA_MadTest_Email1%22%2C%22tfn%22%3A%22MjAxLTc0Ni0xODky%22%2C%22afid%22%3A%22521124%22%2C%22src%22%3A%22tz_ma_email_mad%22%2C%22exp_landing%22%3Anull%2C%22full_url%22%3A%22https%3A%2F%2Fwww.medicareadvantage.com%2F%3Fsrc%3Dtz_ma_email_mad%26afid%3D521124%26tfn%3DMjAxLTc0Ni0xODky%26q_creative%3DMA_MadTest_Email1%26sub_id%3Dstate%26q_campaignid%3D1_state%26pub_id%3D160007%26q_placement%3D527909946%26q_publisher%3D594912%22%2C%22gclid%22%3Anull%2C%22google_property_id%22%3A%22UA-66468741-1%22%2C%22g_cid%22%3Anull%2C%22Interaction_id%22%3Anull%2C%22k_clickid%22%3Anull%2C%22msclkid%22%3Anull%2C%22original_call_start_time_local%22%3Anull%2C%22original_call_start_time_utc%22%3Anull%2C%22profile_name%22%3Anull%2C%22q_accountid%22%3Anull%2C%22q_adgroupid%22%3Anull%2C%22q_adid%22%3Anull%2C%22q_adposition%22%3Anull%2C%22q_criteria%22%3Anull%2C%22q_device%22%3Anull%2C%22q_devicemodel%22%3Anull%2C%22q_feeditemid%22%3Anull%2C%22q_keyword%22%3Anull%2C%22q_matchtype%22%3Anull%2C%22q_network%22%3Anull%2C%22q_query%22%3Anull%2C%22q_targetid%22%3Anull%2C%22utm_medium%22%3A%22referral%22%2C%22utm_source%22%3A%22yilopeet.com%22%7D&request_data=%5B%7B%22advertiser_campaign_id_from_network%22%3A%22362498%22%2C%22request_id%22%3A%22362498%22%7D%2C%7B%22advertiser_campaign_id_from_network%22%3A%22625218%22%2C%22request_id%22%3A%22625218%22%7D%5D&destination_settings=%7B%22paramName%22%3Anull%7D&jsoncallback=json_rr1&
Requested by
Host: solutions.invocacdn.com
URL: https://solutions.invocacdn.com/js/pnapi_integration-latest.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.79.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-79-99.compute-1.amazonaws.com
Software
Goliath /
Resource Hash
71648a8f6f19033103d7d732854f1bd0f9545bf955b05126083deb0e49f3a17e

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 06 Feb 2020 09:12:46 GMT
Server
Goliath
Connection
keep-alive
processing_time
48.21352ms
Content-Length
505
bundle
rs.fullstory.com/rec/ 		29 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/bundle?OrgId=PGJDY&UserId=5622472154251264&SessionId=5318331561377792&PageId=5603949516390400&Seq=1&PageStart=1580980365870&PrevBundleTime=0&LastActivity=588
Requested by
Host: fullstory.com
URL: https://fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.186.194.58 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
b3c10d686989ed9f6317b454c15f0fe3f3a3b2fe370d835dffb40b333c51c705

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
Origin
https://www.medicareadvantage.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 06 Feb 2020 09:12:46 GMT
via
1.1 google
status
200
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.medicareadvantage.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
29
expires
0
h
api.trustedform.com/10a6c24b32a354f7c23de439e24b01b97154204d/ 		0
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/10a6c24b32a354f7c23de439e24b01b97154204d/h?n=4298bcdf1165fb2a365dc996f9bacfc7ab291822&l=15809803654490.9113644066615514&a=1&ce=z&t=cors
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/10a6c24b32a354f7c23de439e24b01b97154204d/t.js?lo=https%3A%2F%2Fwww.medicareadvantage.com%2F%3Fsrc%3Dtz_ma_email_mad%26afid%3D521124%26tfn%3DMjAxLTc0Ni0xODky%26q_creative%3DMA_MadTest_Email1%26sub_id%3Dstate%26q_campaignid%3D1_state%26pub_id%3D160007%26q_placement%3D527909946%26q_publisher%3D594912&l=15809803654490.9113644066615514&f=false&n=e6bae14f77b799f3891df39a31e490eb4a395fb9&cs=g3QAAAACZAABdGJeO9iNZAABdnQAAAADbQAAAAVmaWVsZG0AAAAUeHhUcnVzdGVkRm9ybUNlcnRVcmxtAAAAAWxtAAAAHzE1ODA5ODAzNjU0NDkwLjkxMTM2NDQwNjY2MTU1MTRtAAAAEHByb3ZpZGVfcmVmZXJyZXJkAAVmYWxzZQ%3D%3D&csh=9FwDGOxPlA1wPkHvOVhW1MTWUPUOz4qI4fuCN9tnxe8%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.168.152.148 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
94.98.a86c.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
Origin
https://www.medicareadvantage.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 06 Feb 2020 09:12:46 GMT
server
nginx
status
200
access-control-max-age
1728000
access-control-allow-methods
POST
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
strict-transport-security
max-age=15768000
access-control-allow-headers
Content-Type,Content-Length,X-Requested-With
content-length
0
f
api.trustedform.com/10a6c24b32a354f7c23de439e24b01b97154204d/ 		0
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/10a6c24b32a354f7c23de439e24b01b97154204d/f?l=15809803654490.9113644066615514&n=5d314b7adecab20c4f5be226892ceb0b44372fd1&rn=0&a=1&t=cors
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/10a6c24b32a354f7c23de439e24b01b97154204d/t.js?lo=https%3A%2F%2Fwww.medicareadvantage.com%2F%3Fsrc%3Dtz_ma_email_mad%26afid%3D521124%26tfn%3DMjAxLTc0Ni0xODky%26q_creative%3DMA_MadTest_Email1%26sub_id%3Dstate%26q_campaignid%3D1_state%26pub_id%3D160007%26q_placement%3D527909946%26q_publisher%3D594912&l=15809803654490.9113644066615514&f=false&n=e6bae14f77b799f3891df39a31e490eb4a395fb9&cs=g3QAAAACZAABdGJeO9iNZAABdnQAAAADbQAAAAVmaWVsZG0AAAAUeHhUcnVzdGVkRm9ybUNlcnRVcmxtAAAAAWxtAAAAHzE1ODA5ODAzNjU0NDkwLjkxMTM2NDQwNjY2MTU1MTRtAAAAEHByb3ZpZGVfcmVmZXJyZXJkAAVmYWxzZQ%3D%3D&csh=9FwDGOxPlA1wPkHvOVhW1MTWUPUOz4qI4fuCN9tnxe8%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.168.152.148 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
94.98.a86c.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
Origin
https://www.medicareadvantage.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 06 Feb 2020 09:12:46 GMT
server
nginx
status
200
access-control-max-age
1728000
access-control-allow-methods
POST
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
strict-transport-security
max-age=15768000
access-control-allow-headers
Content-Type,Content-Length,X-Requested-With
content-length
0
md
api.trustedform.com/10a6c24b32a354f7c23de439e24b01b97154204d/ 		0
263 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/10a6c24b32a354f7c23de439e24b01b97154204d/md?a=1&t=cors
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/10a6c24b32a354f7c23de439e24b01b97154204d/t.js?lo=https%3A%2F%2Fwww.medicareadvantage.com%2F%3Fsrc%3Dtz_ma_email_mad%26afid%3D521124%26tfn%3DMjAxLTc0Ni0xODky%26q_creative%3DMA_MadTest_Email1%26sub_id%3Dstate%26q_campaignid%3D1_state%26pub_id%3D160007%26q_placement%3D527909946%26q_publisher%3D594912&l=15809803654490.9113644066615514&f=false&n=e6bae14f77b799f3891df39a31e490eb4a395fb9&cs=g3QAAAACZAABdGJeO9iNZAABdnQAAAADbQAAAAVmaWVsZG0AAAAUeHhUcnVzdGVkRm9ybUNlcnRVcmxtAAAAAWxtAAAAHzE1ODA5ODAzNjU0NDkwLjkxMTM2NDQwNjY2MTU1MTRtAAAAEHByb3ZpZGVfcmVmZXJyZXJkAAVmYWxzZQ%3D%3D&csh=9FwDGOxPlA1wPkHvOVhW1MTWUPUOz4qI4fuCN9tnxe8%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.168.152.148 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
94.98.a86c.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
Origin
https://www.medicareadvantage.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 06 Feb 2020 09:12:46 GMT
server
nginx
status
200
access-control-max-age
1728000
access-control-allow-methods
POST
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
strict-transport-security
max-age=15768000
access-control-allow-headers
Content-Type,Content-Length,X-Requested-With
content-length
0
0
bat.bing.com/action/ 		0
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5010995&Ver=2&mid=d31846a8-885e-e8e7-14b9-f418d05f10cb&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Compare%20Medicare%20Advantage%20Plans%20%7C%20MedicareAdvantage.com&kw=medicare,%20medicare%20advantage,%20free%20quote,%20medicare%20advantage%20plans,%20compare%20quotes,%20free%20online%20quote,%20Original%20Medicare,%20Medicare%20Part%20C,%20Medicareadvantage.com&p=https%3A%2F%2Fwww.medicareadvantage.com%2F%3Fsrc%3Dtz_ma_email_mad%26afid%3D521124%26tfn%3DMjAxLTc0Ni0xODky%26q_creative%3DMA_MadTest_Email1%26sub_id%3Dstate%26q_campaignid%3D1_state%26pub_id%3D160007%26q_placement%3D527909946%26q_publisher%3D594912&r=https%3A%2F%2Fwww.yilopeet.com%2FDasWMndL8n8BSe98BtZGmB85mC7D41acZcKI1_E--RVgTOublSXOQcbyF2xLkJHYwccNgNuQRLJ1retZb4ewfw~~%2F594912%2F0d0d1dfc4acdd3d00d21f3f3e8a92b9a%2F70063067%2F&lt=725&evt=pageLoad&msclkid=N&rn=799401
Requested by
Host: www.medicareadvantage.com
URL: https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status
204
pragma
no-cache
date
Thu, 06 Feb 2020 09:12:46 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 6CD6C302828547D2BBD8C62EE54AC2FD Ref B: FRAEDGE0709 Ref C: 2020-02-06T09:12:46Z
access-control-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
check
pixel.tapad.com/idsync/ex/receive/ Frame B17F
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2926&partner_device_id=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2926&partner_device_id=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57
95 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2926&partner_device_id=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.227.248.159 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
Jetty(8.1.13.v20130916) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
via
1.1 google
server
Jetty(8.1.13.v20130916)
date
Thu, 06 Feb 2020 09:12:46 GMT
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
status
200
content-type
image/png
alt-svc
clear
content-length
95

Redirect headers

strict-transport-security
max-age=31536000
via
1.1 google
server
Jetty(8.1.13.v20130916)
date
Thu, 06 Feb 2020 09:12:46 GMT
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2926&partner_device_id=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
status
302
alt-svc
clear
content-length
0
/
customer.mediawallahscript.com/ Frame B17F 		32 B
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://customer.mediawallahscript.com/?account_id=1043&customer_id=1037&uid=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57&custom=&tag_format=img&tag_action=sync&custom=&cb=005d9eae-367b-4de0-b6d6-163680cb3657
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.126.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-126-105.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Thu, 06 Feb 2020 09:12:46 GMT
Server
nginx/1.12.1
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
private, no-cache, must-revalidate, no-store, max-age=0
Connection
keep-alive
Content-Type
image/png
Content-Length
32
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
gum.criteo.com/ Frame B17F 		0
0
cookiematch.aspx
dis.criteo.com/dis/rtb/rightmedia/ Frame B17F
Redirect Chain
  • https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1
  • https://dis.criteo.com/dis/rtb/rightmedia/cookiematch.aspx?xid=E0
43 B
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/rightmedia/cookiematch.aspx?xid=E0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Feb 2020 09:12:46 GMT
server
Microsoft-IIS/10.0
timing-allow-origin
*
x-powered-by
ASP.NET
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
status
200
cache-control
no-cache
content-type
image/gif
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Thu, 06 Feb 2020 09:12:46 GMT
referrer-policy
no-referrer-when-downgrade
server
ATS
age
0
location
https://dis.criteo.com/dis/rtb/rightmedia/cookiematch.aspx?xid=E0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
p3p
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
status
302
x-content-type-options
nosniff
content-length
0
x-xss-protection
1; mode=block
spp.pl
sp.analytics.yahoo.com/ Frame B17F 		43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=10028862&js=no
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 , Switzerland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 06 Feb 2020 09:12:46 GMT
x-content-type-options
nosniff
age
0
status
200
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
accept-ranges
bytes
expires
Thu, 06 Feb 2020 09:12:46 GMT
362338.gif
idsync.rlcdn.com/ Frame B17F 		42 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362338.gif?partner_uid=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57&ct=3&cv=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.72.21 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
21.72.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 06 Feb 2020 09:12:46 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
status
200
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
clear
content-length
42
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame B17F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57&google_cm&google_hm=6-YMteT63kex4Yv99WZ8Vw
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57&google_gid=CAESEHZ2hFmv5B7lIXTjRuQp1RM&google_cver=1&google_ula=913071,0
43 B
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57&google_gid=CAESEHZ2hFmv5B7lIXTjRuQp1RM&google_cver=1&google_ula=913071,0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Feb 2020 09:12:46 GMT
server
Microsoft-IIS/10.0
timing-allow-origin
*
x-powered-by
ASP.NET
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
status
200
cache-control
no-cache
content-type
image/gif
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 06 Feb 2020 09:12:46 GMT
server
HTTP server (unknown)
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57&google_gid=CAESEHZ2hFmv5B7lIXTjRuQp1RM&google_cver=1&google_ula=913071,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
394
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame B17F
Redirect Chain
  • https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D95287%26redir%3Dhttps%253A%252F%252Fsecure.adnxs.com%252Fgetuid%253Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fappnexus%252Fcookiematch.as...
  • https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6055554268042479802
43 B
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6055554268042479802
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Feb 2020 09:12:46 GMT
server
Microsoft-IIS/10.0
timing-allow-origin
*
x-powered-by
ASP.NET
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
status
200
cache-control
no-cache
content-type
image/gif
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 06 Feb 2020 09:12:48 GMT
AN-X-Request-Uuid
b3dc177f-416b-46fd-8bfa-d5033bd6d7ac
Content-Type
text/html; charset=utf-8
Server
nginx/1.13.4
Location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6055554268042479802
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
82.102.19.133; 82.102.19.133; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.39:80
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ups.analytics.yahoo.com/ups/55945/ Frame B17F
Redirect Chain
  • https://pixel.advertising.com/ups/55945/sync?uid=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57&_origin=1
  • https://pixel.advertising.com/ups/55945/sync?uid=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57&_origin=1&verify=true
  • https://ups.analytics.yahoo.com/ups/55945/sync?uid=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57&_origin=1&apid=UPd70d86ec-48c0-11ea-a2e2-02dd778c1250
  • https://ups.analytics.yahoo.com/ups/55945/sync?uid=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57&_origin=1&apid=UPd70d86ec-48c0-11ea-a2e2-02dd778c1250&verify=true
0
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55945/sync?uid=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57&_origin=1&apid=UPd70d86ec-48c0-11ea-a2e2-02dd778c1250&verify=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.167.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-167-170.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status
204
date
Thu, 06 Feb 2020 09:12:46 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status
302
date
Thu, 06 Feb 2020 09:12:46 GMT
strict-transport-security
max-age=31536000
content-length
0
location
https://ups.analytics.yahoo.com/ups/55945/sync?uid=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57&_origin=1&apid=UPd70d86ec-48c0-11ea-a2e2-02dd778c1250&verify=true
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
tap.php
pixel.rubiconproject.com/ Frame B17F 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57&expires=30
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
image/gif
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Expires
0
t.gif
cw.addthis.com/ Frame B17F 		0
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cw.addthis.com/t.gif?pid=113&pdid=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-248-44.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status
204
pragma
no-cache
date
Thu, 06 Feb 2020 09:12:46 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 06 Feb 2020 09:12:46 GMT
cookie-sync
sync.outbrain.com/ Frame B17F
Redirect Chain
  • https://sync.outbrain.com/cookie-sync?p=criteo&uid=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57
  • https://sync.outbrain.com/cookie-sync?p=criteo&uid=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57&rdrctExp=true
0
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57&rdrctExp=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-TraceId
e26eb40b13ded46b31bdfcba299e3775
Date
Thu, 06 Feb 2020 09:12:47 GMT
Content-Length
0

Redirect headers

Location
https://sync.outbrain.com/cookie-sync?p=criteo&uid=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57&rdrctExp=true
Date
Thu, 06 Feb 2020 09:12:47 GMT
X-TraceId
f924561b4996455246e1b860bdcee9b
Content-Length
0
rum
r.casalemedia.com/ Frame B17F
Redirect Chain
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57&C=1
43 B
995 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.37.92 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-21-37-92.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 Feb 2020 09:12:46 GMT
Server
Apache
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 06 Feb 2020 09:12:46 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 06 Feb 2020 09:12:46 GMT
Server
Apache
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
292
Expires
Thu, 06 Feb 2020 09:12:46 GMT
sd
us-u.openx.net/w/1.0/ Frame B17F
Redirect Chain
  • https://us-u.openx.net/w/1.0/sd?id=537072953&val=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57&c=us
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072953&val=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57&c=us
43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072953&val=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57&c=us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.174.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Feb 2020 09:12:46 GMT
via
1.1 google
server
OXGW/16.174.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
status
200
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Thu, 06 Feb 2020 09:12:46 GMT
via
1.1 google
server
OXGW/16.174.1
location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072953&val=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57&c=us
p3p
CP="CUR ADM OUR NOR STA NID"
status
302
alt-svc
clear
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame B17F 		42 B
993 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:b50ce6eb-fae4-47de-b1e1-8bfdf5667c57
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 Feb 2020 09:12:46 GMT
X-lat
Pug23028:0:396
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
Cache-Control
no-store, no-cache, private
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
X-Cnection
close
Content-Type
image/gif; charset=utf-8
Content-Length
42
cksync.php
contextual.media.net/ Frame B17F 		49 B
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.58.216.132 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-216-132.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Thu, 06 Feb 2020 09:12:47 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
status
200
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
49
x-mnet-hl2
E
expires
Thu, 06 Feb 2020 09:12:47 GMT
sync
x.bidswitch.net/ul_cb/ Frame B17F
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=46&user_id=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57&expires=30
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57&expires=30
43 B
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57&expires=30
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.91.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-91-136.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status
200
date
Thu, 06 Feb 2020 09:12:46 GMT
cache-control
no-cache, no-store, must-revalidate
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
43
content-type
image/gif

Redirect headers

status
302
date
Thu, 06 Feb 2020 09:12:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
location
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57&expires=30
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel_sync
cm.revcontent.com/ Frame B17F 		35 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.revcontent.com/pixel_sync?bidder=151&bidder_uid=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.161.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-161-101.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status
200
date
Thu, 06 Feb 2020 09:12:46 GMT
x-powered-by
Express
content-length
35
content-type
image/gif
/
rtb-csync.smartadserver.com/redir/ Frame B17F 		43 B
680 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=110&partneruserid=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.86.137.110 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 Feb 2020 09:12:46 GMT
Cache-Control
no-cache, no-store
P3P
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Content-Type
image/gif
Content-Length
43
Expires
-1
um
criteo-sync.teads.tv/ Frame B17F 		23 B
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.248.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-248-12.deploy.static.akamaitechnologies.com
Software
akka-http/10.1.5 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Feb 2020 09:12:46 GMT
server
akka-http/10.1.5
content-type
image/gif
status
200
cache-control
max-age=0, no-cache, no-store
content-length
23
expires
Thu, 06 Feb 2020 09:12:46 GMT
match
ad.360yield.com/ul_cb/ Frame B17F
Redirect Chain
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57
43 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.163.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-163-110.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status
200
date
Thu, 06 Feb 2020 09:12:46 GMT
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
43
content-type
image/gif

Redirect headers

status
302
date
Thu, 06 Feb 2020 09:12:46 GMT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
0
location
https://ad.360yield.com:443/ul_cb/match?publisher_dsp_id=38&external_user_id=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57
content-type
text/plain
sync.htm
ade.clmbtech.com/uid/ Frame B17F 		68 B
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.clmbtech.com/uid/sync.htm?pid=13079&cuid=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:f1:184::143a , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
nginx /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
server
nginx
date
Thu, 06 Feb 2020 09:12:47 GMT
x-frame-options
sameorigin
content-type
image/jpeg
status
200
content-disposition
inline;filename=f.txt
content-length
68
x-xss-protection
1; mode=block
um
sync.e-planning.net/ Frame B17F 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57&dc=6884a087b48abdb1&ibd=1&iss=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.250 Renswoude, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status
200
date
Thu, 06 Feb 2020 09:12:46 GMT
server
openresty
content-type
image/gif
Criteo
crb.kargo.com/api/v1/dsync/ Frame B17F 		43 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Criteo?exid=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.215.83.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-215-83-217.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 Feb 2020 09:12:47 GMT
Vary
Origin
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
43
X-Accel-Expires
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
sync.aralego.com/idSync/ Frame B17F 		35 B
509 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idSync/?ucf_nid=dsp-833DD22BEB97673FB4E8B8DBB882B99&ucf_user_id=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Arlington, United States, ASN30633 (LEASEWEB-USA-WDC-01, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 06 Feb 2020 09:12:47 GMT
connection
close
content-length
35
content-type
image/gif
collect
www.google-analytics.com/ 		35 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j80&a=1953210822&t=timing&_s=2&dl=https%3A%2F%2Fwww.medicareadvantage.com%2F%3Fsrc%3Dtz_ma_email_mad%26afid%3D521124%26tfn%3DMjAxLTc0Ni0xODky%26q_creative%3DMA_MadTest_Email1%26sub_id%3Dstate%26q_campaignid%3D1_state%26pub_id%3D160007%26q_placement%3D527909946%26q_publisher%3D594912&dr=https%3A%2F%2Fwww.yilopeet.com%2FDasWMndL8n8BSe98BtZGmB85mC7D41acZcKI1_E--RVgTOublSXOQcbyF2xLkJHYwccNgNuQRLJ1retZb4ewfw~~%2F594912%2F0d0d1dfc4acdd3d00d21f3f3e8a92b9a%2F70063067%2F&ul=en-us&de=UTF-8&dt=Compare%20Medicare%20Advantage%20Plans%20%7C%20MedicareAdvantage.com&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&plt=1902&pdt=4&dns=31&rrt=3&srt=143&tcp=204&dit=723&clt=723&_gst=651&_gbt=737&_cst=652&_cbt=758&_u=aHDAgEADQ~&jid=&gjid=&cid=183028413.1580980365&tid=UA-66468741-1&_gid=489600871.1580980365&gtm=2wg1t0KX4TVG&cd2=1580980365512.auijbhl7&cd7=10%3A12%3A45&cd17=https%3A%2F%2Fwww.yilopeet.com%2FDasWMndL8n8BSe98BtZGmB85mC7D41acZcKI1_E--RVgTOublSXOQcbyF2xLkJHYwccNgNuQRLJ1retZb4ewfw~~%2F594912%2F0d0d1dfc4acdd3d00d21f3f3e8a92b9a%2F70063067%2F&cd18=2020-02-06T10%3A12%3A45.512%2B01%3A00&cd16=183028413.1580980365&z=1675741429
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Feb 2020 19:21:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
136281
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
fs.js
fullstory.com/s/ Frame 1157 		176 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fullstory.com/s/fs.js
Requested by
Host: fullstory.com
URL: https://fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
44a4f15376c7e859b49fd3aced1c4dfc56c5d6677d600fc073587686cb5a258c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
Origin
https://www.medicareadvantage.com

Response headers

strict-transport-security
max-age=63072000
content-encoding
gzip
server
Google Frontend
age
324
etag
"3301mQ"
vary
Accept-Encoding
content-type
application/javascript
status
200
x-cloud-trace-context
03b93d53ce5a52c80ad3010b1b2ac9a8
cache-control
public, max-age=600
date
Thu, 06 Feb 2020 09:07:22 GMT
timing-allow-origin
*
access-control-allow-origin
*
content-length
63989
expires
Thu, 06 Feb 2020 09:17:22 GMT
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame B17F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=6-YMteT63kex4Yv99WZ8Vw
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
43 B
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Feb 2020 09:12:46 GMT
server
Microsoft-IIS/10.0
timing-allow-origin
*
x-powered-by
ASP.NET
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
status
200
cache-control
no-cache
content-type
image/gif
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 06 Feb 2020 09:12:47 GMT
server
HTTP server (unknown)
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
279
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
secure.adnxs.com/ Frame B17F 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/setuid?entity=52&code=b50ce6eb-fae4-47de-b1e1-8bfdf5667c57&seg=95287
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 Feb 2020 09:12:49 GMT
AN-X-Request-Uuid
24f6f1d9-6bc4-4057-b180-4aeb30645ebe
Content-Type
image/gif
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
82.102.19.133; 82.102.19.133; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.205:80
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fs.js
fullstory.com/s/ Frame B17F 		176 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fullstory.com/s/fs.js
Requested by
Host: fullstory.com
URL: https://fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
44a4f15376c7e859b49fd3aced1c4dfc56c5d6677d600fc073587686cb5a258c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Origin
https://www.medicareadvantage.com

Response headers

strict-transport-security
max-age=63072000
content-encoding
gzip
server
Google Frontend
age
325
etag
"3301mQ"
vary
Accept-Encoding
content-type
application/javascript
status
200
x-cloud-trace-context
03b93d53ce5a52c80ad3010b1b2ac9a8
cache-control
public, max-age=600
date
Thu, 06 Feb 2020 09:07:22 GMT
timing-allow-origin
*
access-control-allow-origin
*
content-length
63989
expires
Thu, 06 Feb 2020 09:17:22 GMT
e
api.trustedform.com/10a6c24b32a354f7c23de439e24b01b97154204d/ 		0
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/10a6c24b32a354f7c23de439e24b01b97154204d/e?cs=g2JeO9iO&csh=NFf%252BflzpDRTCwzccxan%252FUQ%252FPK0v55InI06uP%252Fm2ZpuU%253D&a=1&t=cors
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/10a6c24b32a354f7c23de439e24b01b97154204d/t.js?lo=https%3A%2F%2Fwww.medicareadvantage.com%2F%3Fsrc%3Dtz_ma_email_mad%26afid%3D521124%26tfn%3DMjAxLTc0Ni0xODky%26q_creative%3DMA_MadTest_Email1%26sub_id%3Dstate%26q_campaignid%3D1_state%26pub_id%3D160007%26q_placement%3D527909946%26q_publisher%3D594912&l=15809803654490.9113644066615514&f=false&n=e6bae14f77b799f3891df39a31e490eb4a395fb9&cs=g3QAAAACZAABdGJeO9iNZAABdnQAAAADbQAAAAVmaWVsZG0AAAAUeHhUcnVzdGVkRm9ybUNlcnRVcmxtAAAAAWxtAAAAHzE1ODA5ODAzNjU0NDkwLjkxMTM2NDQwNjY2MTU1MTRtAAAAEHByb3ZpZGVfcmVmZXJyZXJkAAVmYWxzZQ%3D%3D&csh=9FwDGOxPlA1wPkHvOVhW1MTWUPUOz4qI4fuCN9tnxe8%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.168.152.148 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
94.98.a86c.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
Origin
https://www.medicareadvantage.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 06 Feb 2020 09:12:47 GMT
server
nginx
status
200
access-control-max-age
1728000
access-control-allow-methods
POST
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
strict-transport-security
max-age=15768000
access-control-allow-headers
Content-Type,Content-Length,X-Requested-With
content-length
0
map_number.jsonp
pnapi.invoca.net/2/api/2014-09-01/ 		505 B
684 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pnapi.invoca.net/2/api/2014-09-01/map_number.jsonp?network_id=1458&js_version=3.6.22&tag_id=1458%2F3326147965&client_info=%7B%22url%22%3A%22https%3A%2F%2Fwww.medicareadvantage.com%2F%3Fsrc%3Dtz_ma_email_mad%26afid%3D521124%26tfn%3DMjAxLTc0Ni0xODky%26q_creative%3DMA_MadTest_Email1%26sub_id%3Dstate%26q_campaignid%3D1_state%26pub_id%3D160007%26q_placement%3D527909946%26q_publisher%3D594912%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.yilopeet.com%2FDasWMndL8n8BSe98BtZGmB85mC7D41acZcKI1_E--RVgTOublSXOQcbyF2xLkJHYwccNgNuQRLJ1retZb4ewfw~~%2F594912%2F0d0d1dfc4acdd3d00d21f3f3e8a92b9a%2F70063067%2F%22%2C%22cores%22%3A16%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22screenWidth%22%3A1600%2C%22screenHeight%22%3A1200%2C%22language%22%3A%22en-US%22%7D&request_data_shared_params=%7B%22invoca_id%22%3A%22i-d9347814-4241-4cd5-a24a-4cd868c59a10%22%2C%22utm_medium%22%3A%22referral%22%2C%22utm_source%22%3A%22yilopeet.com%22%2C%22afid%22%3A%22521124%22%2C%22full_url%22%3A%22https%3A%2F%2Fwww.medicareadvantage.com%2F%3Fsrc%3Dtz_ma_email_mad%26afid%3D521124%26tfn%3DMjAxLTc0Ni0xODky%26q_creative%3DMA_MadTest_Email1%26sub_id%3Dstate%26q_campaignid%3D1_state%26pub_id%3D160007%26q_placement%3D527909946%26q_publisher%3D594912%22%2C%22google_property_id%22%3A%22UA-66468741-1%22%2C%22pub_id%22%3A%22160007%22%2C%22q_campaignid%22%3A%221_state%22%2C%22q_creative%22%3A%22MA_MadTest_Email1%22%2C%22q_placement%22%3A%22527909946%22%2C%22q_publisher%22%3A%22594912%22%2C%22src%22%3A%22tz_ma_email_mad%22%2C%22sub_id%22%3A%22state%22%2C%22tfn%22%3A%22MjAxLTc0Ni0xODky%22%2C%22g_cid%22%3A%22183028413.1580980365%22%2C%22exp_landing%22%3Anull%2C%22gclid%22%3Anull%2C%22Interaction_id%22%3Anull%2C%22k_clickid%22%3Anull%2C%22msclkid%22%3Anull%2C%22original_call_start_time_local%22%3Anull%2C%22original_call_start_time_utc%22%3Anull%2C%22profile_name%22%3Anull%2C%22q_accountid%22%3Anull%2C%22q_adgroupid%22%3Anull%2C%22q_adid%22%3Anull%2C%22q_adposition%22%3Anull%2C%22q_criteria%22%3Anull%2C%22q_device%22%3Anull%2C%22q_devicemodel%22%3Anull%2C%22q_feeditemid%22%3Anull%2C%22q_keyword%22%3Anull%2C%22q_matchtype%22%3Anull%2C%22q_network%22%3Anull%2C%22q_query%22%3Anull%2C%22q_targetid%22%3Anull%7D&request_data=%5B%7B%22advertiser_campaign_id_from_network%22%3A%22362498%22%2C%22request_id%22%3A%22362498%22%7D%2C%7B%22advertiser_campaign_id_from_network%22%3A%22625218%22%2C%22request_id%22%3A%22625218%22%7D%5D&destination_settings=%7B%22paramName%22%3Anull%7D&metrics=%5B%5B%22initialLoad%22%2C1580980365649%5D%2C%5B%22startRun%22%2C1580980366074%5D%2C%5B%22startMapNumberRequest%22%2C1580980366136%5D%2C%5B%22startWaitForData%22%2C1580980366179%5D%2C%5B%22endMapNumberRequest%22%2C1580980366646%5D%2C%5B%22endNumberReplacement%22%2C1580980366647%5D%2C%5B%22endWaitForData%22%2C1580980367309%5D%5D&jsoncallback=json_rr2&
Requested by
Host: solutions.invocacdn.com
URL: https://solutions.invocacdn.com/js/pnapi_integration-latest.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.79.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-79-99.compute-1.amazonaws.com
Software
Goliath /
Resource Hash
43286c0e0af11a748792f203193cb4dec9124108007786493adebbf7e0ae00fe

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 06 Feb 2020 09:12:47 GMT
Server
Goliath
Connection
keep-alive
processing_time
56.55195ms
Content-Length
505
e
api.trustedform.com/10a6c24b32a354f7c23de439e24b01b97154204d/ 		0
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/10a6c24b32a354f7c23de439e24b01b97154204d/e?cs=g2JeO9iO&csh=NFf%252BflzpDRTCwzccxan%252FUQ%252FPK0v55InI06uP%252Fm2ZpuU%253D&a=1&t=cors
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/10a6c24b32a354f7c23de439e24b01b97154204d/t.js?lo=https%3A%2F%2Fwww.medicareadvantage.com%2F%3Fsrc%3Dtz_ma_email_mad%26afid%3D521124%26tfn%3DMjAxLTc0Ni0xODky%26q_creative%3DMA_MadTest_Email1%26sub_id%3Dstate%26q_campaignid%3D1_state%26pub_id%3D160007%26q_placement%3D527909946%26q_publisher%3D594912&l=15809803654490.9113644066615514&f=false&n=e6bae14f77b799f3891df39a31e490eb4a395fb9&cs=g3QAAAACZAABdGJeO9iNZAABdnQAAAADbQAAAAVmaWVsZG0AAAAUeHhUcnVzdGVkRm9ybUNlcnRVcmxtAAAAAWxtAAAAHzE1ODA5ODAzNjU0NDkwLjkxMTM2NDQwNjY2MTU1MTRtAAAAEHByb3ZpZGVfcmVmZXJyZXJkAAVmYWxzZQ%3D%3D&csh=9FwDGOxPlA1wPkHvOVhW1MTWUPUOz4qI4fuCN9tnxe8%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.168.152.148 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
94.98.a86c.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
Origin
https://www.medicareadvantage.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 06 Feb 2020 09:12:48 GMT
server
nginx
status
200
access-control-max-age
1728000
access-control-allow-methods
POST
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
strict-transport-security
max-age=15768000
access-control-allow-headers
Content-Type,Content-Length,X-Requested-With
content-length
0
bundle
rs.fullstory.com/rec/ 		29 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/bundle?OrgId=PGJDY&UserId=5622472154251264&SessionId=5318331561377792&PageId=5603949516390400&Seq=2&PageStart=1580980365870&PrevBundleTime=1580980366245&LastActivity=4857
Requested by
Host: fullstory.com
URL: https://fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.186.194.58 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
cf6c8a732bbd56cb2fa33e1838f94134c4fe0a18b9e912771b2ccffba7ea19e7

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
Origin
https://www.medicareadvantage.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 06 Feb 2020 09:12:51 GMT
via
1.1 google
status
200
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.medicareadvantage.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
29
expires
0
empty.html
static.criteo.net/ Frame 1157 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/empty.html
Requested by
Host: www.yilopeet.com
URL: https://www.yilopeet.com/DasWMndL8n8BSe98BtZGmB85mC7D41acZcKI1_E--RVgTOublSXOQcbyF2xLkJHYwccNgNuQRLJ1retZb4ewfw~~/594912/0d0d1dfc4acdd3d00d21f3f3e8a92b9a/70063067/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
static.criteo.net
:scheme
https
:path
/empty.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912

Response headers

status
200
server
nginx
date
Thu, 06 Feb 2020 09:12:51 GMT
content-type
text/html; charset=UTF-8
content-length
214
last-modified
Wed, 27 Aug 2008 18:21:54 GMT
etag
"48b59b42-d6"
expires
Sun, 31 Jan 2021 09:12:51 GMT
cache-control
max-age=31104000 public
timing-allow-origin
*
access-control-allow-origin
*
accept-ranges
bytes
bundle
rs.fullstory.com/rec/ 		29 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/bundle?OrgId=PGJDY&UserId=5622472154251264&SessionId=5318331561377792&PageId=5603949516390400&Seq=3&PageStart=1580980365870&PrevBundleTime=1580980371263&LastActivity=9857
Requested by
Host: fullstory.com
URL: https://fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.186.194.58 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
3728d5119ee1307402faa49ae9aab42d7c53f1457f65d3e05027b21511bb1ebc

Request headers

Referer
https://www.medicareadvantage.com/?src=tz_ma_email_mad&afid=521124&tfn=MjAxLTc0Ni0xODky&q_creative=MA_MadTest_Email1&sub_id=state&q_campaignid=1_state&pub_id=160007&q_placement=527909946&q_publisher=594912
Origin
https://www.medicareadvantage.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 06 Feb 2020 09:12:56 GMT
via
1.1 google
status
200
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.medicareadvantage.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
29
expires
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
gum.criteo.com
URL
https://gum.criteo.com/sync?c=383&r=1&a=1&u=https%3A%2F%2Fd.turn.com%2Fr%2Fdd%2Fid%2FL2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI%2Fdpuid%2F%40USERID%40%2Furl%2Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fcdb%252Fcookiematch.aspx%253F%2526extid%253D%2524!%7BTURN_UUID%7D

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| WebFontConfig object| dataLayer string| GoogleAnalyticsObject function| ga object| Trustpilot function| onYouTubeIframeAPIReady function| loadYoutubeApi function| GetIsPassiveSupported function| InitValidation function| SetupSidebarValidation function| IsAllFormItemsFilled function| setupPageStartEvents function| InitTooltipsterOnElements function| getZipcodeData function| getPageLanguage function| ValidationApplyMasks function| GetValidationRulesForPage function| ValidationApplyRules function| SetupPageDripForm boolean| isPassiveSupported undefined| player number| TRIGGER_SCROLL_AFTER string| zipChecker string| medicareSupplementTemplate function| $ function| jQuery object| vanillaTextMask function| Vue object| WebFont object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager function| postscribe string| InvocaTagId object| uetq function| fbq function| _fbq string| WisePopsObject function| wisepops boolean| _fs_debug string| _fs_host string| _fs_script string| _fs_org string| _fs_namespace function| FS string| _fs_loaded function| _fs_shutdown function| UET function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| google_optimize object| wiseStorage function| WisepopsAddToCookiePage object| criteo_q string| deviceType function| gtag object| __core-js_shared__ object| Invoca object| scCGSHMRCache number| tf_nst number| tf_sti string| tf_l function| invocaUUID object| JSON3 boolean| tf_r_t function| trustedFormStartRecording function| trustedFormStopRecording object| json_rr1 object| json_rr2

14 Cookies

Domain/Path Name / Value
.medicareadvantage.com/ Name: invoca_session
Value: %7B%22ttl%22%3A%222020-02-21T09%3A12%3A46.646Z%22%2C%22session%22%3A%7B%22invoca_id%22%3A%22i-d9347814-4241-4cd5-a24a-4cd868c59a10%22%7D%2C%22config%22%3A%7B%22campaignIdOverrideParam%22%3Anull%2C%22campaignIdOverrideValue%22%3Anull%2C%22requirementsNeeded%22%3Afalse%2C%22cookieName%22%3A%22invoca_session%22%7D%7D
.medicareadvantage.com/ Name: fs_uid
Value: rs.fullstory.com#PGJDY#5622472154251264:5318331561377792/1612516365
.medicareadvantage.com/ Name: _fbp
Value: fb.1.1580980365656.1440807780
.medicareadvantage.com/ Name: wisepops_visits
Value: %5B%222020-02-06T09%3A12%3A45.515Z%22%5D
.medicareadvantage.com/ Name: wisepops
Value: %7B%22csd%22%3A1%2C%22popups%22%3A%7B%7D%2C%22sub%22%3A0%2C%22ucrn%22%3A99%2C%22cid%22%3A%2242842%22%2C%22v%22%3A4%7D
.medicareadvantage.com/ Name: _dc_gtm_UA-66468741-1
Value: 1
.medicareadvantage.com/ Name: _ga
Value: GA1.2.183028413.1580980365
.medicareadvantage.com/ Name: wisepops_session
Value: %7B%22arrivalOnSite%22%3A%222020-02-06T09%3A12%3A45.515Z%22%2C%22mtime%22%3A%222020-02-06T09%3A12%3A45.620Z%22%2C%22pageviews%22%3A1%2C%22popups%22%3A%7B%7D%2C%22src%22%3A%22https%3A%2F%2Fwww.yilopeet.com%2FDasWMndL8n8BSe98BtZGmB85mC7D41acZcKI1_E--RVgTOublSXOQcbyF2xLkJHYwccNgNuQRLJ1retZb4ewfw~~%2F594912%2F0d0d1dfc4acdd3d00d21f3f3e8a92b9a%2F70063067%2F%22%2C%22utm%22%3A%7B%7D%7D
.medicareadvantage.com/ Name: _gcl_au
Value: 1.1.291251706.1580980366
.medicareadvantage.com/ Name: _gat_UA-66468741-1
Value: 1
.www.medicareadvantage.com/ Name: ARRAffinity
Value: 75ce112a088adede3d2a2eaa4b9273f9eea76541a198d6a5d467f064a6324249
.medicareadvantage.com/ Name: _gid
Value: GA1.2.489600871.1580980365
www.medicareadvantage.com/ Name: __RequestVerificationToken
Value: Z9djbFRkrkD8lzBylMR77u_cK4SvDnN0PBS0k41x6aOS1x6NrAIqznYpcPCCoyd-yKNLS7b5py_8OXpy_Dmhgs0QU_aVHIk57TL9nt85VKc1
www.medicareadvantage.com/ Name: ASP.NET_SessionId
Value: yz0gactfex1oo4c3wh2kom5f

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
ade.clmbtech.com
ads.yahoo.com
ajax.googleapis.com
api.trustedform.com
app.wisepops.com
bat.bing.com
cm.g.doubleclick.net
cm.revcontent.com
connect.facebook.net
contextual.media.net
crb.kargo.com
criteo-sync.teads.tv
customer.mediawallahscript.com
cw.addthis.com
dis.criteo.com
fonts.googleapis.com
fonts.gstatic.com
fullstory.com
googleads.g.doubleclick.net
gum.criteo.com
idsync.rlcdn.com
loader.wisepops.com
pixel.advertising.com
pixel.rubiconproject.com
pixel.tapad.com
pnapi.invoca.net
popup.wisepops.com
r.casalemedia.com
rs.fullstory.com
rtb-csync.smartadserver.com
secure.adnxs.com
simage2.pubmatic.com
solutions.invocacdn.com
sp.analytics.yahoo.com
sslwidget.criteo.com
static.criteo.net
stats.g.doubleclick.net
str.visionarygeek.eu
sync.aralego.com
sync.e-planning.net
sync.outbrain.com
ups.analytics.yahoo.com
us-u.openx.net
widget.trustpilot.com
widget.us.criteo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.medicareadvantage.com
www.yilopeet.com
x.bidswitch.net
gum.criteo.com
103.83.36.136
108.168.152.148
13.35.253.29
143.204.214.23
162.210.196.208
172.217.23.130
172.217.23.98
178.250.2.151
18.215.83.217
185.64.190.80
185.86.137.110
2.21.37.92
2001:4860:4802:34::15
212.82.100.181
23.210.248.12
23.210.248.44
23.58.216.132
2606:4700:20::681a:b13
2620:1ec:c11::200
2a00:1288:f03d:1fa::2000
2a00:1450:4001:816::2004
2a00:1450:4001:818::2002
2a00:1450:4001:818::2003
2a00:1450:4001:819::2008
2a00:1450:4001:81f::2003
2a00:1450:4001:820::200a
2a00:1450:4001:824::200a
2a00:1450:4001:824::200e
2a00:1450:400c:c00::9a
2a02:2638:1::3
2a02:26f0:f1:184::143a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.253.126.105
34.95.120.147
35.157.167.170
35.186.194.58
35.190.72.21
35.227.248.159
37.252.172.250
40.71.199.117
5.178.65.250
52.200.79.99
52.29.20.136
52.30.161.101
52.57.163.110
52.59.91.136
69.173.144.138
70.42.32.127
74.119.119.150
86.106.95.57
028ea6c3faedf0583cb3fbcda2036161a66e24e76e46351e6b9b00f39e9d68fa
063a9ec59354724ad529c305837e51109f1b3338783e1777b678e86f66003eee
0cffe7b8cc41d6bfc3511e492789f8fab53861e912f272142733f7f1a0419b45
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
156c95e3749e7d2b48981a237f966d6dfd52c7b712460c76bb73b39acc290fb6
22c44c1cf017c400479ea8a4e5c80e5b9f0287219b746b74ed531d1938d3e1b2
280b6a352a9dd2f7ea2908003e156b076b7851bfde150888559e00c478c81758
2865ded653f1b1acaee6cf385c92fd7dcfbf2017f321c29f25a3e1602f33fb1b
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b0074727dba8a3e2f0ab8e461808c552389783e7bbe035e2cf476f8a96fef77
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e3d279ce7882d2b0bb2e9147db63968eb26f0e926ba3d4ba37901cf3847fcad
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
345936abb6d8682e5f3573e6d3245490c4e0ca4a8a357f0bd8a1f47e56f19a88
3728d5119ee1307402faa49ae9aab42d7c53f1457f65d3e05027b21511bb1ebc
3a198e74a03f5e42b5c094d57cb6683ae97f60196cfb92910cebc1f2421546af
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
43286c0e0af11a748792f203193cb4dec9124108007786493adebbf7e0ae00fe
44a4f15376c7e859b49fd3aced1c4dfc56c5d6677d600fc073587686cb5a258c
474b0c4de380d57f97b6eb34a8932950b7e10c224cb75109d82a53b8277de0c3
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5097dfa297f9d9cabcc2b66e2aeaa775da27a5ee0438dc7cb89b5463012ff276
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
55ced71ea4228031709df886da6495168b120a644b841c1699599c225df61517
5861b12e9f25dbecacf3559faf34117ed5a279d2b3639de1d368ae0a68b7ba5e
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5c06b6329970d1560039f39c4935a041d96fcf0f877b47951d8ece559a1b4dc6
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5d9371e0c41f5f47e50429fdb0aeecca88b5f31c047093468614211ce03e5d90
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
6a60018cab3d38d035188490d869d5dc1283a7dd115917226df457ca92887f7f
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ec9b07d327c1714a655948643b32e88e25719a415cef6d2fa70dea439358feb
71648a8f6f19033103d7d732854f1bd0f9545bf955b05126083deb0e49f3a17e
73b318f137888cf807a521c67aac1e32ac6f9e9388b84c1cdfd41e90fbba9181
764ec907880a85a302c0c8b2bd413e4ba464f5d460c3cc1da9191dec8a08d632
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
81149e87be7f93d9e207c69b0e17dda3135e3c923263f551f5c3a79569f1fd33
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1
861289df344675c131d2ea1deaa2df24c4e47fac10ab5efae4270b401e0aed8e
89b531e78902333807b825faf77cd11cc927fe364ea2ba9307f65365f7e811f7
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aaca454fd1d9e4a83e0c720178335d8cd74f86d7c66e849e17ee23774cdcaa1
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
93973492eb84cf5b25fe4aac945a281bc71b470574aecdb3050a4d6b95180ce4
9cda238320f313167eb271a97b684a0f3ed3cd4dbf2d5c5087c952ac153f8f36
9fc738e4dd975d17435d3848ffd9964152a4d195dac73b5cd041b4c40c714126
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2a9c76f9edd3c5589c0667cff536ac6f81a3e1d8a0edf8f1ff2019aa5aaded8
b3c10d686989ed9f6317b454c15f0fe3f3a3b2fe370d835dffb40b333c51c705
b8d5649bb6b5d2dc8b9104902811880a5f3b32688871cadc7da29b7a110f07fb
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
c03628d9933445974fb52e2a61530b55bfb27101c25716eb35a031a3a81151c9
c6c66a57fa80f7b6643eeb450478c9fd70a1daed0d1c0d11323b2971f18734b5
c76967d28a687a5cc3cb12e02860772e4009d1502dfd7c1bc802a8422ea6d342
cd4311d31dfee2b200b30a5f575deb187e869bb67673dce32dfb017e24a2cca0
cf6c8a732bbd56cb2fa33e1838f94134c4fe0a18b9e912771b2ccffba7ea19e7
d0cbfb1ab0f94123834567e32df7ec74a1c210793f797368d41a4b4c2732d4a0
d1c988eed0362353f1a11a5b8231ef9a5e3c222a502b5f26a696016e98066472
d7ee592cbc5e416afbab559331e3cd7011852fb044424ca4ef6d62fefa065159
dd3ca874cf4bf8b47ce9407b1f052171796ebc09ab7da25660c92d13975cddd1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4bd109458efd809ef10a7dbb1154cdcae99c610b25b977a9756aa9e9c63434d
e7edf06d6436ec9420c26e56bd02ef5f5c93a9fb189ed16b1db402e57a0ea796
ec7024e764e94caa58c7a18f4624dc84c9ee15537ff5418fd44e2f037f8abc30
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f35fa941ec6364fc02ba2ef295da8ab672a24e0ccf8afcb53787e3eafca8126a
f4945981c3af2b35d46db5c32b6fdc0424a5053e7907588598fd74f06b535cbd
ffd5962bd47592ab10ccb3b117fba293a4c4bab5cf0ccef70de298c3428c0fa7