www.healthplansamerica.org Open in urlscan Pro
69.20.75.133 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://musept15.info/c/1QJxti-7MTnDpyDbKE8gI7qJzQCpHHyW023AQxDA2uk=/U%2Fe9kQ%3D%3D
Effective URL:
https://www.healthplansamerica.org/quotes/bidencare/?Eref=PJO2QCN1ZD&Subreferrer=162585&Subid=571022b726c149d3b7f3bed2a41bf29c
Submission: On July 17 via manual (July 17th 2023, 2:53:49 am UTC) from US — Scanned from DE

Summary HTTP 52 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 24 IPs in 5 countries across 22 domains to perform 52 HTTP transactions. The main IP is 69.20.75.133, located in United States and belongs to RACKSPACE, US. The main domain is www.healthplansamerica.org.
TLS certificate: Issued by Sectigo ECC Organization Validation S... on May 9th 2023. Valid for: a year.

This is the only time www.healthplansamerica.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3033::ac43:b21f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3034::ac43:89f2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	69.20.75.133 69.20.75.133	27357 (RACKSPACE) (RACKSPACE)
3	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
1	69.20.94.14 69.20.94.14	27357 (RACKSPACE) (RACKSPACE)
3	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
2	13.32.99.54 13.32.99.54	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f08... 2a03:2880:f080:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:10:... 2606:4700:10::6816:27b6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.224.189.93 13.224.189.93	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	3.11.26.20 3.11.26.20	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:10:... 2606:4700:10::6816:1cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	3.220.49.97 3.220.49.97	14618 (AMAZON-AES) (AMAZON-AES)
2	34.202.220.30 34.202.220.30	14618 (AMAZON-AES) (AMAZON-AES)
1	13.225.84.207 13.225.84.207	16509 (AMAZON-02) (AMAZON-02)
1	34.195.170.58 34.195.170.58	14618 (AMAZON-AES) (AMAZON-AES)
2	18.235.114.152 18.235.114.152	14618 (AMAZON-AES) (AMAZON-AES)
52	24

1 2606:4700:3033::ac43:b21f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

musept15.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:89f2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.zalkkweet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 69.20.75.133 (United States)

ASN27357 (RACKSPACE, US)
PTR: www.healthplansamerica.org

www.healthplansamerica.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.20.94.14 (United States)

ASN27357 (RACKSPACE, US)
PTR: secure.apolloi.com

secure.apolloi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-54.fra60.r.cloudfront.net

api.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:cc (United States)

ASN13335 (CLOUDFLARENET, US)

acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f080:9:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:27b6 (United States)

ASN13335 (CLOUDFLARENET, US)

create.lidstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.189.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-93.fra2.r.cloudfront.net

solutions.invocacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.11.26.20 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-11-26-20.eu-west-2.compute.amazonaws.com

script.anura.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1cc (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.220.49.97 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-49-97.compute-1.amazonaws.com

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.202.220.30 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-220-30.compute-1.amazonaws.com

trc.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.84.207 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-207.fra2.r.cloudfront.net

d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.195.170.58 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-170-58.compute-1.amazonaws.com

deviceid.trueleadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.235.114.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-114-152.compute-1.amazonaws.com

psp.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	healthplansamerica.org www.healthplansamerica.org	831 KB
6	pushnami.com api.pushnami.com — Cisco Umbrella Rank: 4849 trc.pushnami.com — Cisco Umbrella Rank: 5326 psp.pushnami.com — Cisco Umbrella Rank: 17536	20 KB
5	leadid.com create.leadid.com — Cisco Umbrella Rank: 14416	3 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 390	13 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 63	84 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88	2 KB
2	anura.io script.anura.io — Cisco Umbrella Rank: 62780	20 KB
2	gstatic.com fonts.gstatic.com	51 KB
2	invocacdn.com solutions.invocacdn.com — Cisco Umbrella Rank: 6653	42 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	90 KB
2	acsbapp.com acsbapp.com — Cisco Umbrella Rank: 3709 cdn.acsbapp.com — Cisco Umbrella Rank: 4055	29 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	139 KB
1	trueleadid.com deviceid.trueleadid.com — Cisco Umbrella Rank: 15801	2 KB
1	cloudfront.net d2m2wsoho8qq12.cloudfront.net	2 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	185 B
1	google.de www.google.de — Cisco Umbrella Rank: 4752	408 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 130	253 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2556	262 B
1	lidstatic.com create.lidstatic.com — Cisco Umbrella Rank: 25724	38 KB
1	apolloi.com secure.apolloi.com — Cisco Umbrella Rank: 945691
1	zalkkweet.com 1 redirects www.zalkkweet.com — Cisco Umbrella Rank: 714986	790 B
1	musept15.info 1 redirects musept15.info	844 B
52	22

	Domain	Requested by
12	www.healthplansamerica.org	www.healthplansamerica.org
5	create.leadid.com	create.lidstatic.com deviceid.trueleadid.com
3	bat.bing.com	www.healthplansamerica.org bat.bing.com
3	www.google-analytics.com	www.healthplansamerica.org www.google-analytics.com
3	fonts.googleapis.com	www.healthplansamerica.org
2	psp.pushnami.com	api.pushnami.com
2	trc.pushnami.com	api.pushnami.com
2	script.anura.io	www.healthplansamerica.org script.anura.io
2	fonts.gstatic.com	fonts.googleapis.com
2	solutions.invocacdn.com	www.healthplansamerica.org solutions.invocacdn.com
2	connect.facebook.net	www.healthplansamerica.org connect.facebook.net
2	api.pushnami.com	www.healthplansamerica.org api.pushnami.com
2	www.googletagmanager.com	www.healthplansamerica.org
1	deviceid.trueleadid.com	d2m2wsoho8qq12.cloudfront.net
1	d2m2wsoho8qq12.cloudfront.net	create.lidstatic.com
1	cdn.acsbapp.com	acsbapp.com
1	www.facebook.com	www.healthplansamerica.org
1	www.google.de	www.healthplansamerica.org
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	create.lidstatic.com	www.healthplansamerica.org
1	acsbapp.com	www.healthplansamerica.org
1	secure.apolloi.com	www.healthplansamerica.org
1	www.zalkkweet.com	1 redirects
1	musept15.info	1 redirects
52	25

This site contains links to these domains. Also see Links.

Domain
accessibe.com

Subject Issuer	Validity	Valid
www.healthplansamerica.org Sectigo ECC Organization Validation Secure Server CA	`2023-05-09` - `2024-05-08`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
secure.apolloi.com Sectigo ECC Organization Validation Secure Server CA	`2023-06-06` - `2024-06-05`	a year	crt.sh
*.pushnami.com Amazon RSA 2048 M01	`2023-03-04` - `2024-04-02`	a year	crt.sh
acsbapp.com GTS CA 1P5	`2023-07-02` - `2023-09-30`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-04-25` - `2023-07-24`	3 months	crt.sh
lidstatic.com Cloudflare Inc ECC CA-3	`2023-02-28` - `2024-02-28`	a year	crt.sh
invocacdn.com Amazon RSA 2048 M02	`2023-02-28` - `2023-11-22`	9 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
script.anura.io Amazon RSA 2048 M01	`2023-06-12` - `2024-07-10`	a year	crt.sh
create.leadid.com Amazon RSA 2048 M02	`2023-02-23` - `2023-10-19`	8 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
deviceid.trueleadid.com Amazon RSA 2048 M02	`2023-02-24` - `2024-01-06`	10 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.healthplansamerica.org/quotes/bidencare/?Eref=PJO2QCN1ZD&Subreferrer=162585&Subid=571022b726c149d3b7f3bed2a41bf29c
Frame ID: 63F95C52A4B13303754575C47E7E52F2
Requests: 49 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=CCE251D9-70A9-3A0D-B034-1046E8CAAADB&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.13&lck=C03EF9DE-4523-077B-661E-F0BBDAA0049B&lac=478B1969-F034-6785-243D-D2DE64FC7F68
Frame ID: 12FA71D08EA4C81711F48FBBA82555D1
Requests: 1 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=CCE251D9-70A9-3A0D-B034-1046E8CAAADB&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.13&lck=C03EF9DE-4523-077B-661E-F0BBDAA0049B&lac=478B1969-F034-6785-243D-D2DE64FC7F68
Frame ID: A89FF502BB9BD0AB8226DD4861AC2BC4
Requests: 2 HTTP requests in this frame

Frame: https://api.pushnami.com/scripts/v1/hub
Frame ID: A0665E975B934D7E7A377AB35AC0BBB1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BidenCare | Health Plans of America logo-bbblogo-ssl

Page URL History Show full URLs

http://musept15.info/c/1QJxti-7MTnDpyDbKE8gI7qJzQCpHHyW023AQxDA2uk=/U%2Fe9kQ%3D%3D HTTP 307
https://www.zalkkweet.com/BDL9J672/BXN2ZDJ/?__efq=1XzZiNTLF3A50YdxRQOBoukKCPAkQkWS&sub1=WHUSG656IIHFUR... HTTP 302
https://www.healthplansamerica.org/quotes/bidencare/?Eref=PJO2QCN1ZD&Subreferrer=162585&Subid=571022b726c149d3b... Page URL

Detected technologies

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Pushnami (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

api\.pushnami\.com

Page Statistics

52
Requests

100 %
HTTPS

60 %
IPv6

22
Domains

25
Subdomains

24
IPs

5
Countries

1365 kB
Transfer

3958 kB
Size

17
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://accessibe.com/blog/knowledgebase/screen-reader-guide
Title: Accessibility Screen-Reader Guide, Feedback, and Issue Reporting

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://musept15.info/c/1QJxti-7MTnDpyDbKE8gI7qJzQCpHHyW023AQxDA2uk=/U%2Fe9kQ%3D%3D HTTP 307
https://www.zalkkweet.com/BDL9J672/BXN2ZDJ/?__efq=1XzZiNTLF3A50YdxRQOBoukKCPAkQkWS&sub1=WHUSG656IIHFURMKQISKDKRCBE2VZ7ZWY4BAYXU5NPZA%3D%3D%3D%3D&sub2=64b41d384e707373937bf35d HTTP 302
https://www.healthplansamerica.org/quotes/bidencare/?Eref=PJO2QCN1ZD&Subreferrer=162585&Subid=571022b726c149d3b7f3bed2a41bf29c Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

52 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.healthplansamerica.org/quotes/bidencare/
Redirect Chain

http://musept15.info/c/1QJxti-7MTnDpyDbKE8gI7qJzQCpHHyW023AQxDA2uk=/U%2Fe9kQ%3D%3D
https://www.zalkkweet.com/BDL9J672/BXN2ZDJ/?__efq=1XzZiNTLF3A50YdxRQOBoukKCPAkQkWS&sub1=WHUSG656IIHFURMKQISKDKRCBE2VZ7ZWY4BAYXU5NPZA%3D%3D%3D%3D&sub2=64b41d384e707373937bf35d
https://www.healthplansamerica.org/quotes/bidencare/?Eref=PJO2QCN1ZD&Subreferrer=162585&Subid=571022b726c149d3b7f3bed2a41bf29c

62 KB
21 KB

950ms
525ms

Document
text/html

69.20.75.133
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthplansamerica.org/quotes/bidencare/?Eref=PJO2QCN1ZD&Subreferrer=162585&Subid=571022b726c149d3b7f3bed2a41bf29c

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.20.75.133 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.healthplansamerica.org

Software

nginx /

Resource Hash

69a141c56247d76ab3dac58834f16c9b355f93332f83d512d32696a4d99b3e52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 17 Jul 2023 02:53:41 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

accept-ch: Sec-Ch-Ua-Platform-Version
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7e7f3224ba1c914c-FRA
content-type: text/html; charset=utf-8
date: Mon, 17 Jul 2023 02:53:40 GMT
location: https://www.healthplansamerica.org/quotes/bidencare/?Eref=PJO2QCN1ZD&Subreferrer=162585&Subid=571022b726c149d3b7f3bed2a41bf29c
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a0iZglGShvXGkVji0J%2BPSf6dG4HQb5OnFU6PE8zL244UuzWrKBOUBA4aQdJrhptQA1CuWXfLYV2VGu0eyRGLNghSbXjVkqdXNtf2WYmsS%2FoRrkq1%2FUshYAqNlk5s3TXLgPNwjmex%2BDfUcbhqv4iRnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
x-eflow-request-id: 66ce3275-38b9-4407-960d-ec343f477cf6

GET
H2 200 fontawesome.min.css
www.healthplansamerica.org/common_scripts/leadgen/fonts/fontawesome/ 34 KB
9 KB 278ms
278ms Stylesheet
text/css 69.20.75.133
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthplansamerica.org/common_scripts/leadgen/fonts/fontawesome/fontawesome.min.css

Requested by

Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/quotes/bidencare/?Eref=PJO2QCN1ZD&Subreferrer=162585&Subid=571022b726c149d3b7f3bed2a41bf29c

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.20.75.133 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.healthplansamerica.org

Software

nginx /

Resource Hash

889e5b0e0831a15afbf0a7afe2916c25500b2fa6abb5f62727b0c245415a5f12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/quotes/bidencare/?Eref=PJO2QCN1ZD&Subreferrer=162585&Subid=571022b726c149d3b7f3bed2a41bf29c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 02:53:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 11 Dec 2019 16:48:23 GMT
server: nginx
content-encoding: gzip
etag: W/"5df11dd7-870a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=900, public, no-cache, must-revalidate
expires: Mon, 17 Jul 2023 03:08:41 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
482 B 41ms
18ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oxygen:300,400,700

Requested by

Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/quotes/bidencare/?Eref=PJO2QCN1ZD&Subreferrer=162585&Subid=571022b726c149d3b7f3bed2a41bf29c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

19ce67db79346040bc7067b5a3c9065ab018050bf1391abe275761f702e6fc11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 17 Jul 2023 02:53:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 17 Jul 2023 02:53:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 Jul 2023 02:53:41 GMT

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
897 B 41ms
18ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Catamaran:wght@400;500;700;800&display=swap

Requested by

Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/quotes/bidencare/?Eref=PJO2QCN1ZD&Subreferrer=162585&Subid=571022b726c149d3b7f3bed2a41bf29c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

15b670ba853786ad01965de2362282cfdb3b0c105726f3e80cc4e2d92533483b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 17 Jul 2023 02:53:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 17 Jul 2023 02:53:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 Jul 2023 02:53:41 GMT

GET
H2 200 hpa.css
www.healthplansamerica.org/common_scripts/laravel/leadgen/8/css/ 851 KB
159 KB 280ms
280ms Stylesheet
text/css 69.20.75.133
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthplansamerica.org/common_scripts/laravel/leadgen/8/css/hpa.css

Requested by

Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/quotes/bidencare/?Eref=PJO2QCN1ZD&Subreferrer=162585&Subid=571022b726c149d3b7f3bed2a41bf29c

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.20.75.133 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.healthplansamerica.org

Software

nginx /

Resource Hash

3d200a3cf09b916c80d0ac3e6cd21d8f29e7fa3ec8fd3268b8766d1f0e802270

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/quotes/bidencare/?Eref=PJO2QCN1ZD&Subreferrer=162585&Subid=571022b726c149d3b7f3bed2a41bf29c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 02:53:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Fri, 14 Jul 2023 18:00:34 GMT
server: nginx
content-encoding: gzip
etag: W/"64b18d42-d4de9"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=900, public, no-cache, must-revalidate
expires: Mon, 17 Jul 2023 03:08:41 GMT

GET
H2 200 hpa.js Show response
www.healthplansamerica.org/common_scripts/laravel/leadgen/8/js/ 1 MB
343 KB 372ms
372ms Script
application/javascript 69.20.75.133
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthplansamerica.org/common_scripts/laravel/leadgen/8/js/hpa.js

Requested by

Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/quotes/bidencare/?Eref=PJO2QCN1ZD&Subreferrer=162585&Subid=571022b726c149d3b7f3bed2a41bf29c

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.20.75.133 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.healthplansamerica.org

Software

nginx /

Resource Hash

ae1b6e7effa026c5530b036f8c22ef926b9cbe2d50e4b5ed81fd8f2aa393be22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/quotes/bidencare/?Eref=PJO2QCN1ZD&Subreferrer=162585&Subid=571022b726c149d3b7f3bed2a41bf29c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 02:53:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Fri, 14 Jul 2023 18:00:34 GMT
server: nginx
content-encoding: gzip
etag: W/"64b18d42-11b111"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=900, public, no-cache, must-revalidate
expires: Mon, 17 Jul 2023 03:08:41 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 259 KB
86 KB 52ms
29ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YENM2WZJRQ

Requested by

Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/quotes/bidencare/?Eref=PJO2QCN1ZD&Subreferrer=162585&Subid=571022b726c149d3b7f3bed2a41bf29c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7986cf9512889aef172bed0afe519eee6d71c9dc57c9f1121a4b0ec7a19caf4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 02:53:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88086
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 17 Jul 2023 02:53:41 GMT

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
805 B 22ms
20ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Merriweather&family=Nunito+Sans:wght@700;800&display=swap

Requested by

Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/quotes/bidencare/?Eref=PJO2QCN1ZD&Subreferrer=162585&Subid=571022b726c149d3b7f3bed2a41bf29c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46ace3a30fb099edafafe8450eb10986f42aab5b77dc5ff506272eb230aa72bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 17 Jul 2023 02:53:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 17 Jul 2023 02:53:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 Jul 2023 02:53:41 GMT

GET
H2 200 biden-content.jpg
www.healthplansamerica.org/images/biden/ 40 KB
40 KB 95ms
94ms Image
image/jpeg 69.20.75.133
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.healthplansamerica.org/images/biden/biden-content.jpg

Requested by

Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/quotes/bidencare/?Eref=PJO2QCN1ZD&Subreferrer=162585&Subid=571022b726c149d3b7f3bed2a41bf29c

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.20.75.133 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.healthplansamerica.org

Software

nginx /

Resource Hash

078e7a60b04ee3e147dc98ff75aea55b9685f51292fec211e9bb9f4f567b627d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/quotes/bidencare/?Eref=PJO2QCN1ZD&Subreferrer=162585&Subid=571022b726c149d3b7f3bed2a41bf29c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 02:53:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Mon, 07 Dec 2020 22:43:40 GMT
server: nginx
etag: "5fceb01c-a01f"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=900, public, no-cache, must-revalidate
accept-ranges: bytes
content-length: 40991
expires: Mon, 17 Jul 2023 03:08:41 GMT

GET
H2 200 visit.php Show response
secure.apolloi.com/leadgen/pxl/ 0
0 711ms
102ms Script
text/html 69.20.94.14
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.apolloi.com/leadgen/pxl/visit.php?visit_id=277750654
Requested by: Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/quotes/bidencare/?Eref=PJO2QCN1ZD&Subreferrer=162585&Subid=571022b726c149d3b7f3bed2a41bf29c
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.20.94.14 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS: secure.apolloi.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 140 KB
52 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T8D2T6P

Requested by

Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/quotes/bidencare/?Eref=PJO2QCN1ZD&Subreferrer=162585&Subid=571022b726c149d3b7f3bed2a41bf29c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6adbc323c5876fc49e387b093e4975c5d86e1a1c1a6067f0e297e688ac0f7561

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 02:53:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53435
x-xss-protection: 0
last-modified: Mon, 17 Jul 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 17 Jul 2023 02:53:42 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 333ms
7ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/quotes/bidencare/?Eref=PJO2QCN1ZD&Subreferrer=162585&Subid=571022b726c149d3b7f3bed2a41bf29c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 17 Jul 2023 02:35:19 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1103
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 17 Jul 2023 04:35:19 GMT

GET
H2 200 58a34f3625ceb64f65edb3a4 Show response
api.pushnami.com/scripts/v1/pushnami-adv/ 88 KB
18 KB 816ms
481ms Script
application/javascript 13.32.99.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pushnami.com/scripts/v1/pushnami-adv/58a34f3625ceb64f65edb3a4
Requested by: Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/quotes/bidencare/?Eref=PJO2QCN1ZD&Subreferrer=162585&Subid=571022b726c149d3b7f3bed2a41bf29c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-54.fra60.r.cloudfront.net
Software: /
Resource Hash: a07552be28c358fbc5bc07583d51a0bb7d5c0c0c460a4329bedb92f39aacbc8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 02:53:42 GMT
content-encoding: gzip
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: no-cache
x-amz-cf-id: oXfMudwfB66hhDG2LuFDSsOiD94kqjiBwv8HLmSn5-eDEbI-zkn0yA==

GET
H2 200 app.js Show response
acsbapp.com/apps/app/dist/js/ 120 KB
28 KB 453ms
119ms Script
application/javascript 2606:4700:10::6816:cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://acsbapp.com/apps/app/dist/js/app.js
Requested by: Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/quotes/bidencare/?Eref=PJO2QCN1ZD&Subreferrer=162585&Subid=571022b726c149d3b7f3bed2a41bf29c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d31160bae17bd582caaf9b44c5cc2ef5cfff679044f681a1c122260ea9697af4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 02:53:42 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-guploader-uploadid: ADPycduzTbwa3HeApk_w66HNgSCoIwEUrfMzq4VUZldJehk_zuMjGxD5isB6IxJd-VZdUamTFBkfjuC67ozBXpQC4F9Y4Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
last-modified: Tue, 11 Jul 2023 12:43:45 GMT
server: cloudflare
etag: W/"e3e5ee33ed2752a76e73222eeeaf2a18"
vary: Accept-Encoding
x-goog-hash: crc32c=zCumUQ==, md5=4+XuM+0nUqducyIu7q8qGA==
x-goog-generation: 1689079425711801
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=300, must-revalidate
x-goog-stored-content-length: 122847
cf-ray: 7e7f3233ad4f196d-FRA
expires: Tue, 16 Jul 2024 02:53:42 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 361ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/quotes/bidencare/?Eref=PJO2QCN1ZD&Subreferrer=162585&Subid=571022b726c149d3b7f3bed2a41bf29c

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 17 Jul 2023 02:53:41 GMT
last-modified: Thu, 11 May 2023 18:08:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B20BC6753D3C44278B07F35EF3C9BF7D Ref B: FRA31EDGE0814 Ref C: 2023-07-17T02:53:42Z
etag: "80df77953384d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12183

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 171 KB
47 KB 348ms
14ms Script
application/x-javascript 2a03:2880:f080:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/quotes/bidencare/?Eref=PJO2QCN1ZD&Subreferrer=162585&Subid=571022b726c149d3b7f3bed2a41bf29c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2da988427b34614d705adbf808e2e61d91f67bf147db9049e34c99b3624171e8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 17 Jul 2023 02:53:42 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 46863
x-xss-protection: 0
pragma: public
x-fb-debug: obg31xhZ6rAIAKSb2T2P/hZL0wjx+eVDKepvYz/Ff7ZDZ3orUOA7O7YO7t7/l/aOIl33LIiAnWbu50tbTMN/Lg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 c03ef9de-4523-077b-661e-f0bbdaa0049b.js Show response
create.lidstatic.com/campaign/ 118 KB
38 KB 741ms
408ms Script
text/javascript 2606:4700:10::6816:27b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://create.lidstatic.com/campaign/c03ef9de-4523-077b-661e-f0bbdaa0049b.js?snippet_version=2
Requested by: Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/quotes/bidencare/?Eref=PJO2QCN1ZD&Subreferrer=162585&Subid=571022b726c149d3b7f3bed2a41bf29c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:27b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d3b3287a296e9f6ff200ce28a416d7de842463722fafc528737af8ef928bc7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 02:53:42 GMT
x-amz-version-id: TXO3IldGIE2Zrezb5hiGm9e7Rh.LnGKn
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Mon, 09 Jan 2023 17:53:34 GMT
server: cloudflare
x-amz-request-id: 9XHN0R6CY3RQWVKK
etag: W/"02ed40c56918997bf2398dd15cdc2bdf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1800
x-amz-replication-status: COMPLETED
cf-ray: 7e7f3233a85d9b70-FRA
x-amz-id-2: LZkfGYVCGPmkffmddx7yoCT+0jiVojFaBYo3dddbt8ImTvkm8gdi/ZDaiuC/emP5DjvJPs+IsZI=

GET
H2 200 invoca-latest.min.js Show response
solutions.invocacdn.com/js/ 125 KB
40 KB 340ms
7ms Script
text/javascript 13.224.189.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://solutions.invocacdn.com/js/invoca-latest.min.js
Requested by: Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/quotes/bidencare/?Eref=PJO2QCN1ZD&Subreferrer=162585&Subid=571022b726c149d3b7f3bed2a41bf29c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-93.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 95ee6abb4a7f8a9eded7eba52d5939aa1f4a39d2fdfe9b418e1b4343d5fbbe79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: _gm2az10x.WUtOld5C9lgjg4Fh78zQJx
content-encoding: gzip
via: 1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
date: Mon, 17 Jul 2023 01:53:46 GMT
x-amz-cf-pop: FRA2-C1
age: 3597
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 16 May 2023 13:58:02 GMT
server: AmazonS3
etag: W/"eb2e12c8d2ed9c8b90426b26cb204f84"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
x-amz-cf-id: 03B4w_eTF88sHIxEkf7BJJQbYPa8QxO_DOeYoGxJqWFC58M_EkAtwg==

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3c6ddd2118f68eec5a27d055e606b9320250b5ceb2bf1a0688a253871e5f00f5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 hero-bg-biden.jpg
www.healthplansamerica.org/images/biden/ 33 KB
33 KB 94ms
94ms Image
image/jpeg 69.20.75.133
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.healthplansamerica.org/images/biden/hero-bg-biden.jpg

Requested by

Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/common_scripts/laravel/leadgen/8/css/hpa.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.20.75.133 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.healthplansamerica.org

Software

nginx /

Resource Hash

c1a6dceca196282a843e1d6dcdff4257db81ffa1c11d3ad38f1f359f1751551a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/common_scripts/laravel/leadgen/8/css/hpa.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 02:53:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Mon, 07 Dec 2020 22:43:40 GMT
server: nginx
etag: "5fceb01c-8352"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=900, public, no-cache, must-revalidate
accept-ranges: bytes
content-length: 33618
expires: Mon, 17 Jul 2023 03:08:41 GMT

GET
H2 200 hero-biden.png
www.healthplansamerica.org/images/biden/ 155 KB
155 KB 95ms
95ms Image
image/png 69.20.75.133
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.healthplansamerica.org/images/biden/hero-biden.png

Requested by

Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/common_scripts/laravel/leadgen/8/css/hpa.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.20.75.133 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.healthplansamerica.org

Software

nginx /

Resource Hash

ea9ecd90c56a640800680d99ad67544cff546780c8051c7710f699fca8c55eb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/common_scripts/laravel/leadgen/8/css/hpa.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 02:53:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Mon, 07 Dec 2020 22:43:40 GMT
server: nginx
etag: "5fceb01c-26ac2"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=900, public, no-cache, must-revalidate
accept-ranges: bytes
content-length: 158402
expires: Mon, 17 Jul 2023 03:08:41 GMT

GET
DATA 200
OK truncated
/ 236 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e17e36c42f172beb6933d87ad903d732dff64f5116734449804a8e73bafc56b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2aed9093cd994e0a960717ca819e9e4f8894a6632625cd1d467b9a1257680930

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 italianno-regular-webfont.woff2
www.healthplansamerica.org/includes/fonts/ 30 KB
30 KB 96ms
96ms Font
application/font-woff2 69.20.75.133
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthplansamerica.org/includes/fonts/italianno-regular-webfont.woff2

Requested by

Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/common_scripts/laravel/leadgen/8/css/hpa.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.20.75.133 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.healthplansamerica.org

Software

nginx /

Resource Hash

fa4241715b942ec0257a7765c4a5517e94e32d43bf0f1016a794d37850d621de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.healthplansamerica.org/common_scripts/laravel/leadgen/8/css/hpa.css
Origin: https://www.healthplansamerica.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 02:53:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 23:51:38 GMT
server: nginx
etag: "6094810a-7704"
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
cache-control: max-age=900, public, no-cache, must-revalidate
accept-ranges: bytes
content-length: 30468
expires: Mon, 17 Jul 2023 03:08:41 GMT

GET
H2 200 pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2
fonts.gstatic.com/s/nunitosans/v15/ 30 KB
30 KB 336ms
11ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v15/pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather&family=Nunito+Sans:wght@700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.healthplansamerica.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:39:37 GMT
x-content-type-options: nosniff
age: 303245
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31052
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 00:27:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Jul 2024 14:39:37 GMT

GET
H2 200 u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/ 20 KB
20 KB 332ms
7ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather&family=Nunito+Sans:wght@700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.healthplansamerica.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 01:52:20 GMT
x-content-type-options: nosniff
age: 435682
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20028
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:41:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Jul 2024 01:52:20 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
262 B 273ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-YENM2WZJRQ&gtm=45je37c0&_p=840825492&_gaz=1&cid=266858774.1689562422&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1689562422&sct=1&seg=0&dl=https%3A%2F%2Fwww.healthplansamerica.org%2Fquotes%2Fbidencare%2F%3FEref%3DPJO2QCN1ZD%26Subreferrer%3D162585%26Subid%3D571022b726c149d3b7f3bed2a41bf29c&dt=BidenCare%20%7C%20Health%20Plans%20of%20America&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YENM2WZJRQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 02:53:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.healthplansamerica.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
253 B 278ms
19ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-YENM2WZJRQ&cid=266858774.1689562422&gtm=45je37c0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YENM2WZJRQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 02:53:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.healthplansamerica.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 278ms
20ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-YENM2WZJRQ&cid=266858774.1689562422&gtm=45je37c0&aip=1&z=553333306

Requested by

Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/quotes/bidencare/?Eref=PJO2QCN1ZD&Subreferrer=162585&Subid=571022b726c149d3b7f3bed2a41bf29c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 02:53:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 172 KB
63 KB 23ms
23ms Script
application/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-NXJZNQR&cid=266858774.1689562422

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

baaf3237348282817651ddeeebd3ef0ebceb3b25c885a7bacc26c99ae626a8b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 02:53:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 64139
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 17 Jul 2023 02:53:42 GMT

GET
H2 200 tag-live.js Show response
solutions.invocacdn.com/js/networks/585/0419737375/ 6 KB
2 KB 403ms
401ms Script
text/javascript 13.224.189.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://solutions.invocacdn.com/js/networks/585/0419737375/tag-live.js
Requested by: Host: solutions.invocacdn.com
URL: https://solutions.invocacdn.com/js/invoca-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-93.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a592564b9b2d607aa653f3ca77adba6b405022dd91b1dfc9edf789a4eb02b953

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: 0Qfdvo0f_YNgaplQS3YTle3ByArvqRkM
content-encoding: gzip
via: 1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
date: Mon, 17 Jul 2023 02:53:43 GMT
last-modified: Thu, 15 Jul 2021 19:25:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: W/"7beabea2e2cfeadff0e6ab423c2ac7fa"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/javascript
cache-control: max-age=300
x-amz-replication-status: COMPLETED
x-amz-cf-id: -bNNoqmc-tlumxdDkhHq6wecaHIoDGX8r_wrcbQ-VIBdcd71MXCfjw==

GET
H2 204 4046953.js Show response
bat.bing.com/p/action/ 0
118 B 106ms
106ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/4046953.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Mon, 17 Jul 2023 02:53:41 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A13F920C737B45CDBE8CD94F99AE7CA6 Ref B: FRA31EDGE0814 Ref C: 2023-07-17T02:53:42Z
x-cache: CONFIG_NOCACHE

GET
H2 200 484161251792257 Show response
connect.facebook.net/signals/config/ 152 KB
43 KB 61ms
61ms Script
application/x-javascript 2a03:2880:f080:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/484161251792257?v=2.9.111&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7f365d50920dcf8e2e3a620a9ad8e2bfd1c32c78f1240a6c4311681158d8c39b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 17 Jul 2023 02:53:42 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 545OgdRB5pyhCw5N6MJd8KcEyJCbyacKfvnXzF491PlShkNKDtHRt/deghuoQ0tSd9JpYjGlxvzQdypJefEcnA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
23 B 14ms
14ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=840825492&t=pageview&_s=1&dl=https%3A%2F%2Fwww.healthplansamerica.org%2Fquotes%2Fbidencare%2F%3FEref%3DPJO2QCN1ZD%26Subreferrer%3D162585%26Subid%3D571022b726c149d3b7f3bed2a41bf29c&ul=en-us&de=UTF-8&dt=BidenCare%20%7C%20Health%20Plans%20of%20America&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KCDAAEADQAAAACAAI~&jid=921671902&gjid=88693456&cid=266858774.1689562422&tid=UA-23882117-1&_gid=823842227.1689562422&_r=1&_slc=1&z=426765530

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.healthplansamerica.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 02:53:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.healthplansamerica.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 request.js Show response
script.anura.io/ 55 KB
20 KB 971ms
911ms Script
application/javascript 3.11.26.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/request.js?instance=2761973509&source=MADBC&campaign=162585-HPA&variable=AnuraResponse&440525770946

Requested by

Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/quotes/bidencare/?Eref=PJO2QCN1ZD&Subreferrer=162585&Subid=571022b726c149d3b7f3bed2a41bf29c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.11.26.20 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-11-26-20.eu-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

ddf745ccf4f52650fc714df05d6d147e057d8f12c590ef4ed8cf2352d2e012b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 02:53:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H2 204 0
bat.bing.com/action/ 0
287 B 34ms
34ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=4046953&Ver=2&mid=d21bf21a-60de-4365-afbb-13e433074313&sid=23acff80244d11ee93d63903c7ccc1dd&vid=23ad26e0244d11ee965e092e81e129a3&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=BidenCare%20%7C%20Health%20Plans%20of%20America&kw=Find%20%26%20Compare,%20Health%20Insurance,%20Quotes,%20Medicare%20Insurance,%20Plans,%20healthplansamerica.org&p=https%3A%2F%2Fwww.healthplansamerica.org%2Fquotes%2Fbidencare%2F%3FEref%3DPJO2QCN1ZD%26Subreferrer%3D162585%26Subid%3D571022b726c149d3b7f3bed2a41bf29c&r=&lt=2745&evt=pageLoad&sv=1&rn=68867

Requested by

Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/quotes/bidencare/?Eref=PJO2QCN1ZD&Subreferrer=162585&Subid=571022b726c149d3b7f3bed2a41bf29c

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 17 Jul 2023 02:53:41 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BBFE67457A984BAD8D038EB8DC3639D2 Ref B: FRA31EDGE0814 Ref C: 2023-07-17T02:53:42Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 30ms
8ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=484161251792257&ev=PageView&dl=https%3A%2F%2Fwww.healthplansamerica.org%2Fquotes%2Fbidencare%2F%3FEref%3DPJO2QCN1ZD%26Subreferrer%3D162585%26Subid%3D571022b726c149d3b7f3bed2a41bf29c&rl=&if=false&ts=1689562422478&sw=1600&sh=1200&v=2.9.111&r=stable&ec=0&o=28&fbp=fb.1.1689562422475.24807742&cs_est=true&it=1689562422389&coo=false&exp=a0&rqm=GET

Requested by

Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/quotes/bidencare/?Eref=PJO2QCN1ZD&Subreferrer=162585&Subid=571022b726c149d3b7f3bed2a41bf29c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 17 Jul 2023 02:53:42 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 config.json Show response
cdn.acsbapp.com/config/healthplansamerica.org/ 164 B
723 B 150ms
123ms Fetch
application/json 2606:4700:10::6816:1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.acsbapp.com/config/healthplansamerica.org/config.json
Requested by: Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fec6ca7b38da801d709044e2fcd1dafe0c483b3a68f659cc2cbfacc8725bbe9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 02:53:42 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-guploader-uploadid: ADPycdsOJZjWjN0J4TV7300eeA5Hjra-D1CNtQkNNr6qA54JuS5UNfaOiMf_q2jofpCE_OAFzz9D_zkVaa1O84YnxYMh2VZgGKpO
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Wed, 08 Feb 2023 13:54:32 GMT
server: cloudflare
etag: W/"abd74db40ff6b688431602addfe434de"
vary: Accept-Encoding
x-goog-generation: 1675864472482921
content-type: application/json
access-control-allow-origin: *
x-goog-hash: crc32c=N44MEg==, md5=q9dNtA/2tohDFgKt3+Q03g==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=300, must-revalidate
x-goog-stored-content-length: 164
cf-ray: 7e7f3234dae9995d-FRA
expires: Tue, 16 Jul 2024 02:53:42 GMT

GET
H2 200 fa-solid-900.woff2
www.healthplansamerica.org/common_scripts/leadgen/fonts/fontawesome/ 39 KB
40 KB 281ms
281ms Font
application/font-woff2 69.20.75.133
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthplansamerica.org/common_scripts/leadgen/fonts/fontawesome/fa-solid-900.woff2

Requested by

Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/common_scripts/leadgen/fonts/fontawesome/fontawesome.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.20.75.133 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.healthplansamerica.org

Software

nginx /

Resource Hash

434466b59545a8a1cac6ddb38197cdc6b35995a98c3f3812fb88d61b1c300dd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.healthplansamerica.org/common_scripts/leadgen/fonts/fontawesome/fontawesome.min.css
Origin: https://www.healthplansamerica.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 02:53:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 11 Dec 2019 16:48:23 GMT
server: nginx
etag: "5df11dd7-9cd4"
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
cache-control: max-age=900, public, no-cache, must-revalidate
accept-ranges: bytes
content-length: 40148
expires: Mon, 17 Jul 2023 03:08:42 GMT

POST
H2 200 GenerateToken Show response
create.leadid.com/2.11.13/ 36 B
660 B 339ms
140ms XHR
text/plain 3.220.49.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.13/GenerateToken?msn=1&pid=ec3f8df6-e3f2-41b1-acc4-e631d25fdf69&_=210207240

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/c03ef9de-4523-077b-661e-f0bbdaa0049b.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.220.49.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-220-49-97.compute-1.amazonaws.com

Software

nginx /

Resource Hash

d3c8cc21c1d8e20d2dc7952c0af3e97db356b1a51fc71ac33be2100dbb183cd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.healthplansamerica.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 17 Jul 2023 02:53:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 track Show response
trc.pushnami.com/api/push/ 2 B
168 B 860ms
860ms Fetch
text/html 34.202.220.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/58a34f3625ceb64f65edb3a4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.220.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-220-30.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept: application/json, text/plain, */*
Referer: https://www.healthplansamerica.org/
accept-language: de-DE,de;q=0.9
key: 58a34f3625ceb64f65edb3a4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Mon, 17 Jul 2023 02:53:43 GMT
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
content-length: 2
content-type: text/html; charset=utf-8

OPTIONS
H2 204 track
trc.pushnami.com/api/push/ Frame 0
0 305ms
105ms Preflight 34.202.220.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.220.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-220-30.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: key
Access-Control-Request-Method: POST
Origin: https://www.healthplansamerica.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,key
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: WWW-Authenticate,Server-Authorization
access-control-max-age: 86400
cache-control: no-cache
date: Mon, 17 Jul 2023 02:53:43 GMT

GET
H/1.1 200
OK iframe.html Show response
d2m2wsoho8qq12.cloudfront.net/ Frame 12FA 3 KB
2 KB 46ms
8ms Document
text/html 13.225.84.207
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=CCE251D9-70A9-3A0D-B034-1046E8CAAADB&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.13&lck=C03EF9DE-4523-077B-661E-F0BBDAA0049B&lac=478B1969-F034-6785-243D-D2DE64FC7F68

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/c03ef9de-4523-077b-661e-f0bbdaa0049b.js?snippet_version=2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.225.84.207 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-84-207.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.healthplansamerica.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 83546
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sun, 16 Jul 2023 03:41:17 GMT
ETag: W/"6487351c-dbb"
Last-Modified: Mon, 12 Jun 2023 15:09:16 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Via: 1.1 e56e6732f380db727425bac2d6158760.cloudfront.net (CloudFront)
X-Amz-Cf-Id: wZmmg0gh6nvzls5SeWD3347PSMkw-_EDeCQohrdt1UEe-1VzUZvTlA==
X-Amz-Cf-Pop: FRA2-C2
X-Cache: Hit from cloudfront

POST
H2 200 SaveDom Show response
create.leadid.com/2.11.13/ 0
623 B 95ms
95ms XHR
text/plain 3.220.49.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.13/SaveDom?msn=2&pid=ec3f8df6-e3f2-41b1-acc4-e631d25fdf69&token=CCE251D9-70A9-3A0D-B034-1046E8CAAADB&_=210207241

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/c03ef9de-4523-077b-661e-f0bbdaa0049b.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.220.49.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-220-49-97.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.healthplansamerica.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 17 Jul 2023 02:53:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 InitFormData Show response
create.leadid.com/2.11.13/ 0
623 B 97ms
96ms XHR
text/plain 3.220.49.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.13/InitFormData?msn=3&pid=ec3f8df6-e3f2-41b1-acc4-e631d25fdf69&token=CCE251D9-70A9-3A0D-B034-1046E8CAAADB&_=210207242

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/c03ef9de-4523-077b-661e-f0bbdaa0049b.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.220.49.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-220-49-97.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.healthplansamerica.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 17 Jul 2023 02:53:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 set_visit_ulid Show response
www.healthplansamerica.org/api/ 7 B
400 B 116ms
115ms XHR
text/html 69.20.75.133
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthplansamerica.org/api/set_visit_ulid

Requested by

Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/common_scripts/laravel/leadgen/8/js/hpa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.20.75.133 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.healthplansamerica.org

Software

nginx /

Resource Hash

c88a0b907419a70c27ab7c1f8e5fb54441a4d9c3567e4c928fa7b2091194aecf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.healthplansamerica.org/quotes/bidencare/?Eref=PJO2QCN1ZD&Subreferrer=162585&Subid=571022b726c149d3b7f3bed2a41bf29c
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 02:53:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx
x-ratelimit-remaining: 599
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, no-cache, private
x-ratelimit-limit: 600
x-frame-options: SAMEORIGIN
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 iframe.html Show response
deviceid.trueleadid.com/ Frame A89F 4 KB
2 KB 334ms
91ms Document
text/html 34.195.170.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://deviceid.trueleadid.com/iframe.html?token=CCE251D9-70A9-3A0D-B034-1046E8CAAADB&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.13&lck=C03EF9DE-4523-077B-661E-F0BBDAA0049B&lac=478B1969-F034-6785-243D-D2DE64FC7F68
Requested by: Host: d2m2wsoho8qq12.cloudfront.net
URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=CCE251D9-70A9-3A0D-B034-1046E8CAAADB&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.13&lck=C03EF9DE-4523-077B-661E-F0BBDAA0049B&lac=478B1969-F034-6785-243D-D2DE64FC7F68
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.170.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-170-58.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a

Request headers

Referer: https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=86400 public
content-encoding: gzip
content-type: text/html
date: Mon, 17 Jul 2023 02:53:43 GMT
etag: W/"649348e0-1049"
expires: Tue, 18 Jul 2023 02:53:43 GMT
last-modified: Wed, 21 Jun 2023 19:00:48 GMT
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
server: nginx

POST
H2 200 check_web_user Show response
www.healthplansamerica.org/api/ 0
393 B 108ms
108ms XHR
text/html 69.20.75.133
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthplansamerica.org/api/check_web_user

Requested by

Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/common_scripts/laravel/leadgen/8/js/hpa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.20.75.133 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.healthplansamerica.org

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.healthplansamerica.org/quotes/bidencare/?Eref=PJO2QCN1ZD&Subreferrer=162585&Subid=571022b726c149d3b7f3bed2a41bf29c
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 02:53:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx
x-ratelimit-remaining: 598
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, no-cache, private
x-ratelimit-limit: 600
x-frame-options: SAMEORIGIN
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H2 200 phone_imp.php Show response
www.healthplansamerica.org/common_scripts/omg/pxl/ 0
342 B 198ms
197ms XHR
text/html 69.20.75.133
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthplansamerica.org/common_scripts/omg/pxl/phone_imp.php?pn=8775610052&url=www.healthplansamerica.org%2Fquotes%2Fbidencare%2F%3FEref%3DPJO2QCN1ZD%26Subreferrer%3D162585%26Subid%3D571022b726c149d3b7f3bed2a41bf29c

Requested by

Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/common_scripts/laravel/leadgen/8/js/hpa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.20.75.133 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.healthplansamerica.org

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.healthplansamerica.org/quotes/bidencare/?Eref=PJO2QCN1ZD&Subreferrer=162585&Subid=571022b726c149d3b7f3bed2a41bf29c
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 02:53:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 SaveDeviceId.js Show response
create.leadid.com/2.11.13/ Frame A89F 0
627 B 277ms
96ms Script
text/javascript 3.220.49.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.13/SaveDeviceId.js?lac=478B1969-F034-6785-243D-D2DE64FC7F68&lck=C03EF9DE-4523-077B-661E-F0BBDAA0049B&methods=48&token=CCE251D9-70A9-3A0D-B034-1046E8CAAADB&uuid=92bd7ae2bb1e4e2fb1c401fa0c5b6ead

Requested by

Host: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=CCE251D9-70A9-3A0D-B034-1046E8CAAADB&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.13&lck=C03EF9DE-4523-077B-661E-F0BBDAA0049B&lac=478B1969-F034-6785-243D-D2DE64FC7F68

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.220.49.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-220-49-97.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deviceid.trueleadid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 02:53:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 400 response.json Show response
script.anura.io/ 21 B
320 B 952ms
911ms XHR
application/json 3.11.26.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/response.json

Requested by

Host: script.anura.io
URL: https://script.anura.io/request.js?instance=2761973509&source=MADBC&campaign=162585-HPA&variable=AnuraResponse&440525770946

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.11.26.20 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-11-26-20.eu-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

d7cb2c2f08454c0b1f346e0343bbf085b65da2d6b0997b5e12bbea90ed541be6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.healthplansamerica.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 02:53:44 GMT
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H2 200 hub Show response
api.pushnami.com/scripts/v1/ Frame A066 2 KB
1 KB 7ms
7ms Document
text/html 13.32.99.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pushnami.com/scripts/v1/hub

Requested by

Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/58a34f3625ceb64f65edb3a4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-54.fra60.r.cloudfront.net

Software

Resource Hash

2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' *
X-Content-Security-Policy	default-src 'unsafe-inline' *

Request headers

Referer: https://www.healthplansamerica.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-origin: *
age: 1343
cache-control: no-cache
content-encoding: gzip
content-security-policy: default-src 'unsafe-inline' *
content-type: text/html; charset=utf-8
date: Mon, 17 Jul 2023 02:31:21 GMT
vary: accept-encoding
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
x-amz-cf-id: VyjwUWeD_oo_q4Dqpp7Z-hpn-dje_svSLs51OS_FdiQwIRE6iNSNKw==
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
x-content-security-policy: default-src 'unsafe-inline' *
x-webkit-csp: default-src 'unsafe-inline' *

POST
H2 200 psp Show response
psp.pushnami.com/api/ 2 B
231 B 272ms
272ms Fetch
text/html 18.235.114.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/58a34f3625ceb64f65edb3a4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.235.114.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-235-114-152.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept: application/json, text/plain, */*
Referer: https://www.healthplansamerica.org/
accept-language: de-DE,de;q=0.9
key: 58a34f3625ceb64f65edb3a4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.healthplansamerica.org
date: Mon, 17 Jul 2023 02:53:44 GMT
cache-control: no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: accept-encoding
content-type: text/html; charset=utf-8

OPTIONS
H2 200 psp
psp.pushnami.com/api/ Frame 0
0 375ms
93ms Preflight
application/json 18.235.114.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.235.114.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-235-114-152.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: key
Access-Control-Request-Method: POST
Origin: https://www.healthplansamerica.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: key
access-control-allow-methods: POST
access-control-allow-origin: https://www.healthplansamerica.org
access-control-expose-headers: content-type, content-length, etag
access-control-max-age: 600
cache-control: no-cache
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 17 Jul 2023 02:53:44 GMT
vary: accept-encoding

POST
H2 200 Snap Show response
create.leadid.com/2.11.13/ 0
623 B 460ms
189ms XHR
text/plain 3.220.49.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.13/Snap?msn=4&pid=ec3f8df6-e3f2-41b1-acc4-e631d25fdf69&token=CCE251D9-70A9-3A0D-B034-1046E8CAAADB&_=210207243

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/c03ef9de-4523-077b-661e-f0bbdaa0049b.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.220.49.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-220-49-97.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.healthplansamerica.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 17 Jul 2023 02:53:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.zalkkweet.com/	1970-01-20 13:20:48	Name: uniqueClick_BXN2ZDJ Value: 5deb7bf0-ba96-4be6-a48a-1a77c14f585c:1689562420
www.zalkkweet.com/	1970-01-20 15:28:58	Name: transaction_id Value: 571022b726c149d3b7f3bed2a41bf29c
www.healthplansamerica.org/	1969-12-31 23:59:59	Name: PHPSESSID Value: 3c2ba089122020b334bdad1bb3e9df3e
.www.healthplansamerica.org/	1970-01-20 13:20:48	Name: mobile_detection Value: a%3A0%3A%7B%7D
www.healthplansamerica.org/	1970-01-20 13:19:29	Name: laravel_session Value: eyJpdiI6Im5KaWdoNE1aNUxtRk5xbGw1NkR0T1E9PSIsInZhbHVlIjoiTjByQW5oellLcXlDUythZmR1L0o4cmdYa2tnbFA4K3hQUzNod0ZQWTJqSGFJMklPQm05L2JxVkh1UHA4OTQ2ODB0Z09XT0ttWkc1MmZFSHErdTA0NWh1SXRub0FycDUzR1h1KzNRam84c0NrYmlKZVBtNGpEN1lzVncveE1VbEsiLCJtYWMiOiJlZGU4ZjFjMjU4ZDljYTNiOGIyNGY4MTg5NzQyMGE1ODVjODExOTllMDlmYzExZmViYzEzYWVkZGZhNzVhMGMzIiwidGFnIjoiIn0%3D
.healthplansamerica.org/	1970-01-20 22:55:22	Name: _ga_YENM2WZJRQ Value: GS1.1.1689562422.1.0.1689562422.60.0.0
.healthplansamerica.org/	1970-01-20 22:55:22	Name: _ga Value: GA1.2.266858774.1689562422
.healthplansamerica.org/	1970-01-20 13:20:48	Name: _gid Value: GA1.2.823842227.1689562422
.healthplansamerica.org/	1970-01-20 13:19:22	Name: _gat Value: 1
.healthplansamerica.org/	1970-01-20 13:20:48	Name: _uetsid Value: 23acff80244d11ee93d63903c7ccc1dd
.healthplansamerica.org/	1970-01-20 22:40:58	Name: _uetvid Value: 23ad26e0244d11ee965e092e81e129a3
.healthplansamerica.org/	1970-01-20 15:28:58	Name: _fbp Value: fb.1.1689562422475.24807742
.bing.com/	1970-01-20 22:40:58	Name: MUID Value: 2748736456246F1E3C2B603557886EC3
.healthplansamerica.org/	1970-01-20 22:55:22	Name: invoca_session Value: %7B%22ttl%22%3A%222023-08-16T02%3A53%3A42.777Z%22%2C%22session%22%3A%7B%7D%2C%22config%22%3A%7B%22ce%22%3Atrue%2C%22fv%22%3Atrue%7D%7D
www.healthplansamerica.org/	1970-01-20 13:19:23	Name: leadid_token-478B1969-F034-6785-243D-D2DE64FC7F68-C03EF9DE-4523-077B-661E-F0BBDAA0049B Value: CCE251D9-70A9-3A0D-B034-1046E8CAAADB
www.healthplansamerica.org/	1969-12-31 23:59:59	Name: omg_visit_id Value: 64b4ad37b3cdb6984
.deviceid.trueleadid.com/	1970-01-20 22:55:22	Name: uuid Value: 92bd7ae2bb1e4e2fb1c401fa0c5b6ead

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://script.anura.io/response.json Message: Failed to load resource: the server responded with a status of 400 ()
other	error	URL: https://www.healthplansamerica.org/quotes/bidencare/?Eref=PJO2QCN1ZD&Subreferrer=162585&Subid=571022b726c149d3b7f3bed2a41bf29c Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acsbapp.com
api.pushnami.com
bat.bing.com
cdn.acsbapp.com
connect.facebook.net
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
deviceid.trueleadid.com
fonts.googleapis.com
fonts.gstatic.com
musept15.info
psp.pushnami.com
region1.analytics.google.com
script.anura.io
secure.apolloi.com
solutions.invocacdn.com
stats.g.doubleclick.net
trc.pushnami.com
www.facebook.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
www.healthplansamerica.org
www.zalkkweet.com
13.224.189.93
13.225.84.207
13.32.99.54
18.235.114.152
2001:4860:4802:32::36
2606:4700:10::6816:1cc
2606:4700:10::6816:27b6
2606:4700:10::6816:cc
2606:4700:3033::ac43:b21f
2606:4700:3034::ac43:89f2
2620:1ec:c11::200
2a00:1450:4001:803::2008
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:813::200e
2a00:1450:4001:829::200a
2a00:1450:400c:c00::9d
2a03:2880:f080:9:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.11.26.20
3.220.49.97
34.195.170.58
34.202.220.30
69.20.75.133
69.20.94.14
078e7a60b04ee3e147dc98ff75aea55b9685f51292fec211e9bb9f4f567b627d
1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3
15b670ba853786ad01965de2362282cfdb3b0c105726f3e80cc4e2d92533483b
19ce67db79346040bc7067b5a3c9065ab018050bf1391abe275761f702e6fc11
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d3b3287a296e9f6ff200ce28a416d7de842463722fafc528737af8ef928bc7f
2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4
2aed9093cd994e0a960717ca819e9e4f8894a6632625cd1d467b9a1257680930
2da988427b34614d705adbf808e2e61d91f67bf147db9049e34c99b3624171e8
3c6ddd2118f68eec5a27d055e606b9320250b5ceb2bf1a0688a253871e5f00f5
3d200a3cf09b916c80d0ac3e6cd21d8f29e7fa3ec8fd3268b8766d1f0e802270
434466b59545a8a1cac6ddb38197cdc6b35995a98c3f3812fb88d61b1c300dd3
46ace3a30fb099edafafe8450eb10986f42aab5b77dc5ff506272eb230aa72bd
4fec6ca7b38da801d709044e2fcd1dafe0c483b3a68f659cc2cbfacc8725bbe9
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a
679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d
69a141c56247d76ab3dac58834f16c9b355f93332f83d512d32696a4d99b3e52
6adbc323c5876fc49e387b093e4975c5d86e1a1c1a6067f0e297e688ac0f7561
7986cf9512889aef172bed0afe519eee6d71c9dc57c9f1121a4b0ec7a19caf4d
7f365d50920dcf8e2e3a620a9ad8e2bfd1c32c78f1240a6c4311681158d8c39b
889e5b0e0831a15afbf0a7afe2916c25500b2fa6abb5f62727b0c245415a5f12
95ee6abb4a7f8a9eded7eba52d5939aa1f4a39d2fdfe9b418e1b4343d5fbbe79
a07552be28c358fbc5bc07583d51a0bb7d5c0c0c460a4329bedb92f39aacbc8e
a592564b9b2d607aa653f3ca77adba6b405022dd91b1dfc9edf789a4eb02b953
ae1b6e7effa026c5530b036f8c22ef926b9cbe2d50e4b5ed81fd8f2aa393be22
baaf3237348282817651ddeeebd3ef0ebceb3b25c885a7bacc26c99ae626a8b6
c1a6dceca196282a843e1d6dcdff4257db81ffa1c11d3ad38f1f359f1751551a
c88a0b907419a70c27ab7c1f8e5fb54441a4d9c3567e4c928fa7b2091194aecf
d31160bae17bd582caaf9b44c5cc2ef5cfff679044f681a1c122260ea9697af4
d3c8cc21c1d8e20d2dc7952c0af3e97db356b1a51fc71ac33be2100dbb183cd9
d7cb2c2f08454c0b1f346e0343bbf085b65da2d6b0997b5e12bbea90ed541be6
ddf745ccf4f52650fc714df05d6d147e057d8f12c590ef4ed8cf2352d2e012b7
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e17e36c42f172beb6933d87ad903d732dff64f5116734449804a8e73bafc56b4
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea9ecd90c56a640800680d99ad67544cff546780c8051c7710f699fca8c55eb0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa4241715b942ec0257a7765c4a5517e94e32d43bf0f1016a794d37850d621de

www.healthplansamerica.org Open in urlscan Pro 69.20.75.133 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

52 Requests

100 %HTTPS

60 %IPv6

22 Domains

25 Subdomains

24 IPs

5 Countries

1365 kBTransfer

3958 kBSize

17 Cookies

1 Outgoing links

Page URL History

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.healthplansamerica.org Open in urlscan Pro
69.20.75.133 Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

100 %
HTTPS

60 %
IPv6

22
Domains

25
Subdomains

24
IPs

5
Countries

1365 kB
Transfer

3958 kB
Size

17
Cookies

52 HTTP transactions
3 data transactions