www.healthplansamerica.org Open in urlscan Pro
69.20.75.133 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://173.247.233.234/qs=r-acacafcjiekbagbbghjhdafcidiabababaefadfiaccajbiaddhcakccchacb
Effective URL:
https://www.healthplansamerica.org/quotes/bidencare/?prepop=1&first_name=&last_name=&email=&Eref=P2OCC1KD&Subreferrer=202673&Subid=...
Submission: On January 26 via manual (January 26th 2022, 11:47:44 pm UTC) from US — Scanned from US

Summary HTTP 67 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 25 IPs in 1 countries across 21 domains to perform 67 HTTP transactions. The main IP is 69.20.75.133, located in United States and belongs to RACKSPACE, US. The main domain is www.healthplansamerica.org.
TLS certificate: Issued by Entrust Certification Authority - L1K on March 30th 2021. Valid for: a year.

This is the only time www.healthplansamerica.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	173.247.233.234 173.247.233.234	17139 (NETRANGE) (NETRANGE)
2	23.250.1.134 23.250.1.134	55286 (SERVER-MANIA) (SERVER-MANIA)
2	2607:f8b0:400... 2607:f8b0:4006:81f::2008	15169 (GOOGLE) (GOOGLE)
1	143.204.149.87 143.204.149.87	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:1f97	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	34.232.232.115 34.232.232.115	14618 (AMAZON-AES) (AMAZON-AES)
15	69.20.75.133 69.20.75.133	27357 (RACKSPACE) (RACKSPACE)
2	2607:f8b0:400... 2607:f8b0:4006:81d::200a	15169 (GOOGLE) (GOOGLE)
2	104.78.189.101 104.78.189.101	16625 (AKAMAI-AS) (AKAMAI-AS)
2	69.20.94.14 69.20.94.14	27357 (RACKSPACE) (RACKSPACE)
3	2607:f8b0:400... 2607:f8b0:4006:808::200e	15169 (GOOGLE) (GOOGLE)
2	13.226.31.62 13.226.31.62	16509 (AMAZON-02) (AMAZON-02)
5	2607:f8b0:400... 2607:f8b0:4006:820::2003	15169 (GOOGLE) (GOOGLE)
3	206.189.191.180 206.189.191.180	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:10:... 2606:4700:10::6816:26b6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.225.63.64 13.225.63.64	16509 (AMAZON-02) (AMAZON-02)
3	52.200.255.42 52.200.255.42	14618 (AMAZON-AES) (AMAZON-AES)
2	3.225.97.182 3.225.97.182	14618 (AMAZON-AES) (AMAZON-AES)
5	34.230.206.204 34.230.206.204	14618 (AMAZON-AES) (AMAZON-AES)
1	54.192.100.102 54.192.100.102	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f11... 2a03:2880:f112:182:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	52.5.60.250 52.5.60.250	14618 (AMAZON-AES) (AMAZON-AES)
2	52.207.0.73 52.207.0.73	14618 (AMAZON-AES) (AMAZON-AES)
67	25

1 173.247.233.234 (United States) 1 redirects

ASN17139 (NETRANGE, US)
PTR: redhatfit.com

173.247.233.234	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.250.1.134 (Buffalo, United States)

ASN55286 (SERVER-MANIA, CA)

blueskyace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81f::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.149.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-149-87.ewr52.r.cloudfront.net

static.traversedlp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1f97 (United States)

ASN13335 (CLOUDFLARENET, US)

signals.aimtell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.232.232.115 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-232-115.compute-1.amazonaws.com

api.traversedlp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 69.20.75.133 (United States)

ASN27357 (RACKSPACE, US)
PTR: www.healthplansamerica.org

www.healthplansamerica.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81d::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.78.189.101 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-78-189-101.deploy.static.akamaitechnologies.com

cdn.nextinsure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.nextinsure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.20.94.14 (United States)

ASN27357 (RACKSPACE, US)
PTR: secure.apolloi.com

secure.apolloi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:808::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.226.31.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-31-62.ewr53.r.cloudfront.net

api.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:820::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 206.189.191.180 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: cdn102.acsbapp.com

acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:26b6 (United States)

ASN13335 (CLOUDFLARENET, US)

create.lidstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.63.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-64.ewr53.r.cloudfront.net

solutions.invocacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.200.255.42 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-255-42.compute-1.amazonaws.com

script.anura.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.225.97.182 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-97-182.compute-1.amazonaws.com

trc.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.230.206.204 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-206-204.compute-1.amazonaws.com

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.192.100.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-100-102.ewr53.r.cloudfront.net

d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.5.60.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-60-250.compute-1.amazonaws.com

deviceid.trueleadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.207.0.73 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-0-73.compute-1.amazonaws.com

psp.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	healthplansamerica.org www.healthplansamerica.org	612 KB
6	pushnami.com api.pushnami.com — Cisco Umbrella Rank: 3757 trc.pushnami.com — Cisco Umbrella Rank: 3884 psp.pushnami.com — Cisco Umbrella Rank: 16382	63 KB
5	leadid.com create.leadid.com — Cisco Umbrella Rank: 13339	3 KB
5	gstatic.com fonts.gstatic.com	86 KB
4	traversedlp.com static.traversedlp.com — Cisco Umbrella Rank: 24044 api.traversedlp.com — Cisco Umbrella Rank: 7193	5 KB
3	anura.io script.anura.io — Cisco Umbrella Rank: 40527	18 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 385	11 KB
3	acsbapp.com acsbapp.com — Cisco Umbrella Rank: 5410 cdn.acsbapp.com — Cisco Umbrella Rank: 5805	163 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	58 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	498 B
2	invocacdn.com solutions.invocacdn.com — Cisco Umbrella Rank: 7356	41 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	114 KB
2	apolloi.com secure.apolloi.com — Cisco Umbrella Rank: 338871
2	nextinsure.com cdn.nextinsure.com — Cisco Umbrella Rank: 41920 www.nextinsure.com — Cisco Umbrella Rank: 31193	10 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	71 KB
2	blueskyace.com blueskyace.com	7 KB
1	trueleadid.com deviceid.trueleadid.com — Cisco Umbrella Rank: 2181	2 KB
1	cloudfront.net d2m2wsoho8qq12.cloudfront.net	2 KB
1	lidstatic.com create.lidstatic.com — Cisco Umbrella Rank: 22663	39 KB
1	aimtell.com signals.aimtell.com — Cisco Umbrella Rank: 10645	333 B
67	21

	Domain	Requested by
15	www.healthplansamerica.org	blueskyace.com www.healthplansamerica.org
5	create.leadid.com	create.lidstatic.com deviceid.trueleadid.com
5	fonts.gstatic.com	fonts.googleapis.com
3	script.anura.io	www.healthplansamerica.org script.anura.io
3	bat.bing.com	www.healthplansamerica.org bat.bing.com
3	www.google-analytics.com	www.healthplansamerica.org www.google-analytics.com
3	api.traversedlp.com	static.traversedlp.com
2	psp.pushnami.com	api.pushnami.com
2	www.facebook.com	www.healthplansamerica.org
2	cdn.acsbapp.com	acsbapp.com
2	trc.pushnami.com	api.pushnami.com
2	solutions.invocacdn.com	www.healthplansamerica.org solutions.invocacdn.com
2	connect.facebook.net	www.healthplansamerica.org connect.facebook.net
2	api.pushnami.com	www.healthplansamerica.org api.pushnami.com
2	secure.apolloi.com	www.healthplansamerica.org
2	fonts.googleapis.com	www.healthplansamerica.org
2	www.googletagmanager.com	blueskyace.com www.healthplansamerica.org
2	blueskyace.com	blueskyace.com
1	deviceid.trueleadid.com	d2m2wsoho8qq12.cloudfront.net
1	d2m2wsoho8qq12.cloudfront.net	create.lidstatic.com
1	create.lidstatic.com	www.healthplansamerica.org
1	acsbapp.com	www.healthplansamerica.org
1	www.nextinsure.com	www.healthplansamerica.org
1	cdn.nextinsure.com	www.healthplansamerica.org
1	signals.aimtell.com
1	static.traversedlp.com	www.googletagmanager.com
67	26

This site contains links to these domains. Also see Links.

Domain
accessibe.com

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.traversedlp.com Go Daddy Secure Certificate Authority - G2	`2020-12-29` - `2022-01-30`	a year	crt.sh
aimtell.com Cloudflare Inc ECC CA-3	`2021-06-07` - `2022-06-06`	a year	crt.sh
www.healthplansamerica.org Entrust Certification Authority - L1K	`2021-03-30` - `2022-04-18`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
www.quinstreet.com GeoTrust RSA CA 2018	`2022-01-10` - `2022-09-13`	8 months	crt.sh
secure.apolloi.com Entrust Certification Authority - L1K	`2021-11-23` - `2022-11-23`	a year	crt.sh
*.pushnami.com Amazon	`2021-04-18` - `2022-05-17`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.acsbapp.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-09-23` - `2022-10-05`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-12-22` - `2022-06-22`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-05` - `2022-02-03`	3 months	crt.sh
lidstatic.com Cloudflare Inc ECC CA-3	`2021-04-30` - `2022-04-29`	a year	crt.sh
invocacdn.com Amazon	`2021-11-24` - `2022-12-22`	a year	crt.sh
script.anura.io Amazon	`2021-06-23` - `2022-07-22`	a year	crt.sh
create.leadid.com Amazon	`2021-10-22` - `2022-11-19`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
deviceid.trueleadid.com Amazon	`2022-01-07` - `2023-02-05`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.healthplansamerica.org/quotes/bidencare/?prepop=1&first_name=&last_name=&email=&Eref=P2OCC1KD&Subreferrer=202673&Subid=e7a36845a4b389e2823baf0dadebe370
Frame ID: DA16779B375DA7E1CBF9F24030592148
Requests: 63 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=C132F38C-0E3B-1D26-BFB8-879044971081&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=C03EF9DE-4523-077B-661E-F0BBDAA0049B&lac=478B1969-F034-6785-243D-D2DE64FC7F68
Frame ID: 6656F60D100237C850CD63FA3D4E3D3A
Requests: 1 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=C132F38C-0E3B-1D26-BFB8-879044971081&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=C03EF9DE-4523-077B-661E-F0BBDAA0049B&lac=478B1969-F034-6785-243D-D2DE64FC7F68
Frame ID: 45B3D0E096A1729636CC28AEB2AF37B0
Requests: 2 HTTP requests in this frame

Frame: https://api.pushnami.com/scripts/v1/hub
Frame ID: D3EDBBA25D402A82F05C481B0767EAE0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BidenCare | Health Plans of America logo-bbblogo-ssl

Page URL History Show full URLs

http://173.247.233.234/qs=r-acacafcjiekbagbbghjhdafcidiabababaefadfiaccajbiaddhcakccchacb HTTP 302
http://blueskyace.com/a69169cf9b38022651440c6212e2a5b3c/?sid1=41727_50056862_11&sid2=1_1_0_0_0_418... Page URL
https://www.healthplansamerica.org/quotes/bidencare/?prepop=1&first_name=&last_name=&email=&Eref=P2OCC1KD&Subre... Page URL

Detected technologies

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Pushnami (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

api\.pushnami\.com

Page Statistics

67
Requests

97 %
HTTPS

36 %
IPv6

21
Domains

26
Subdomains

25
IPs

1
Countries

1308 kB
Transfer

3590 kB
Size

19
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://accessibe.com/?utm_medium=link&utm_source=widget
Title: Web Accessibility Solution By accessiBe

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://173.247.233.234/qs=r-acacafcjiekbagbbghjhdafcidiabababaefadfiaccajbiaddhcakccchacb HTTP 302
http://blueskyace.com/a69169cf9b38022651440c6212e2a5b3c/?sid1=41727_50056862_11&sid2=1_1_0_0_0_4187390_34_2261_91116_50056862_10_807&sid3=34 Page URL
https://www.healthplansamerica.org/quotes/bidencare/?prepop=1&first_name=&last_name=&email=&Eref=P2OCC1KD&Subreferrer=202673&Subid=e7a36845a4b389e2823baf0dadebe370 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://173.247.233.234/qs=r-acacafcjiekbagbbghjhdafcidiabababaefadfiaccajbiaddhcakccchacb HTTP 302
http://blueskyace.com/a69169cf9b38022651440c6212e2a5b3c/?sid1=41727_50056862_11&sid2=1_1_0_0_0_4187390_34_2261_91116_50056862_10_807&sid3=34

67 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
blueskyace.com/a69169cf9b38022651440c6212e2a5b3c/
Redirect Chain

http://173.247.233.234/qs=r-acacafcjiekbagbbghjhdafcidiabababaefadfiaccajbiaddhcakccchacb
http://blueskyace.com/a69169cf9b38022651440c6212e2a5b3c/?sid1=41727_50056862_11&sid2=1_1_0_0_0_4187390_34_2261_91116_50056862_10_807&sid3=34

6 KB
7 KB

309ms
275ms

Document
text/html

23.250.1.134
SERVER-MANIA

General

Check archive.org

Show headers Download Go to

Full URL: http://blueskyace.com/a69169cf9b38022651440c6212e2a5b3c/?sid1=41727_50056862_11&sid2=1_1_0_0_0_4187390_34_2261_91116_50056862_10_807&sid3=34
Protocol: HTTP/1.1
Server: 23.250.1.134 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
Software: nginx / PHP/7.3.33
Resource Hash: 94820795d425ece8a5233a06ef2cd855969be04790cdbe707a802bdfbced6375

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept-Language: en-US,en;q=0.9

Response headers

Server: nginx
Date: Wed, 26 Jan 2022 23:56:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.33

Redirect headers

Date: Wed, 26 Jan 2022 23:47:38 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
X-Powered-By: PHP/5.4.16
location: http://blueskyace.com/a69169cf9b38022651440c6212e2a5b3c/?sid1=41727_50056862_11&sid2=1_1_0_0_0_4187390_34_2261_91116_50056862_10_807&sid3=34
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 80 KB
32 KB 41ms
20ms Script
application/javascript 2607:f8b0:4006:81f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MB79N3N

Requested by

Host: blueskyace.com
URL: http://blueskyace.com/a69169cf9b38022651440c6212e2a5b3c/?sid1=41727_50056862_11&sid2=1_1_0_0_0_4187390_34_2261_91116_50056862_10_807&sid3=34

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

78449ca19b25c3133a390e015a111f1f2c8b48474982d16e2caf2d6d57d47462

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://blueskyace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Wed, 26 Jan 2022 23:47:39 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31993
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 23:19:44 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 26 Jan 2022 23:47:39 GMT

POST
H/1.1 200
OK fp.php Show response
blueskyace.com/ 0
194 B 178ms
178ms XHR
text/html 23.250.1.134
SERVER-MANIA

General

Check archive.org

Show headers Download Go to

Full URL: http://blueskyace.com/fp.php
Requested by: Host: blueskyace.com
URL: http://blueskyace.com/a69169cf9b38022651440c6212e2a5b3c/?sid1=41727_50056862_11&sid2=1_1_0_0_0_4187390_34_2261_91116_50056862_10_807&sid3=34
Protocol: HTTP/1.1
Server: 23.250.1.134 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
Software: nginx / PHP/7.3.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://blueskyace.com/a69169cf9b38022651440c6212e2a5b3c/?sid1=41727_50056862_11&sid2=1_1_0_0_0_4187390_34_2261_91116_50056862_10_807&sid3=34
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 26 Jan 2022 23:56:13 GMT
Server: nginx
Connection: keep-alive
X-Powered-By: PHP/7.3.33
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK retargeting.js Show response
static.traversedlp.com/v1/ 11 KB
4 KB 51ms
6ms Script
application/javascript 143.204.149.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.traversedlp.com/v1/retargeting.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MB79N3N
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.149.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-149-87.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3ad3fefdb207753cf1f7f14c610030fd6b00660db09420776630d056c35a2c58

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://blueskyace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

x-amz-version-id: F12F5DseUFay5ZveUw335ReTN1KGpJUZ
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 10 Jun 2021 05:37:15 GMT
Server: AmazonS3
Age: 1133
ETag: W/"c31ba40743566f87f00f822e3cefb390"
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 7b6b24479d403ba8e499b225c726a688.cloudfront.net (CloudFront)
Connection: keep-alive
Date: Wed, 26 Jan 2022 23:28:47 GMT
X-Amz-Cf-Pop: EWR52-C2
X-Amz-Cf-Id: jAHjR_NqMTlFLcXEiBj0Kqia4VrXVVMLZ04KIn2f519ZTtmifD6KIA==

GET
H2 200 matches
signals.aimtell.com/ 43 B
333 B 55ms
17ms Image
image/gif 2606:4700::6812:1f97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://signals.aimtell.com/matches?token=f5d7c95ea0af0ed4512d414529c2dffa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1f97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://blueskyace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Wed, 26 Jan 2022 23:47:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 6d3da0ae48301879-EWR
access-control-allow-headers: Content-Type, *
content-length: 43

GET
H2 200 cookie Show response
api.traversedlp.com/retargeting/v1/ 18 B
409 B 38ms
13ms XHR
application/json 34.232.232.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.traversedlp.com/retargeting/v1/cookie
Requested by: Host: static.traversedlp.com
URL: https://static.traversedlp.com/v1/retargeting.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.232.232.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-232-115.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 306094011fa17d1eb215263299126f9f95f50a1c2235c991846ccfd1911a6dce

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://blueskyace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Wed, 26 Jan 2022 23:47:39 GMT
server: nginx/1.20.0
etag: W/"12-86d81FY+WDtP4sdiTK7DKw"
vary: Accept-Encoding
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
access-control-allow-origin: http://blueskyace.com
access-control-expose-headers
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 18

POST
H2 200 enqueue Show response
api.traversedlp.com/retargetinginclusion/ 0
324 B 14ms
14ms XHR
text/plain 34.232.232.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.traversedlp.com/retargetinginclusion/enqueue
Requested by: Host: static.traversedlp.com
URL: https://static.traversedlp.com/v1/retargeting.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.232.232.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-232-115.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://blueskyace.com/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: http://blueskyace.com
date: Wed, 26 Jan 2022 23:47:39 GMT
access-control-allow-credentials: true
server: nginx/1.20.0
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
vary: X-HTTP-Method-Override
access-control-expose-headers

OPTIONS
H2 200 enqueue
api.traversedlp.com/retargetinginclusion/ Frame 0
0 33ms
11ms Preflight
text/html 34.232.232.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.traversedlp.com/retargetinginclusion/enqueue
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.232.232.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-232-115.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://blueskyace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Sec-Fetch-Mode: cors

Response headers

date: Wed, 26 Jan 2022 23:47:39 GMT
content-type: text/html; charset=utf-8
content-length: 228
server: nginx/1.20.0
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
access-control-allow-origin: http://blueskyace.com
access-control-allow-credentials: true
access-control-expose-headers
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
access-control-allow-headers: content-type,authorization
allow: ACL,BIND,CHECKOUT,CONNECT,COPY,DELETE,GET,HEAD,LINK,LOCK,M-SEARCH,MERGE,MKACTIVITY,MKCALENDAR,MKCOL,MOVE,NOTIFY,PATCH,POST,PROPFIND,PROPPATCH,PURGE,PUT,REBIND,REPORT,SEARCH,SOURCE,SUBSCRIBE,TRACE,UNBIND,UNLINK,UNLOCK,UNSUBSCRIBE
etag: W/"e4-6lFXkgJZ15OAZuBnvvjMtg"
vary: Accept-Encoding

GET
H/1.1 200
OK Primary Request / Show response
www.healthplansamerica.org/quotes/bidencare/ 66 KB
23 KB 618ms
567ms Document
text/html 69.20.75.133
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthplansamerica.org/quotes/bidencare/?prepop=1&first_name=&last_name=&email=&Eref=P2OCC1KD&Subreferrer=202673&Subid=e7a36845a4b389e2823baf0dadebe370

Requested by

Host: blueskyace.com
URL: http://blueskyace.com/a69169cf9b38022651440c6212e2a5b3c/?sid1=41727_50056862_11&sid2=1_1_0_0_0_4187390_34_2261_91116_50056862_10_807&sid3=34

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.75.133 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.healthplansamerica.org

Software

nginx /

Resource Hash

f318d51c6417063e2bf948b77cb622fc9c97ef21074cadfb163e8833690cd342

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept-Language: en-US,en;q=0.9
Referer: http://blueskyace.com/

Response headers

Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate no-cache
Pragma: no-cache
Date: Wed, 26 Jan 2022 23:47:40 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK fontawesome.min.css
www.healthplansamerica.org/common_scripts/leadgen/fonts/fontawesome/ 34 KB
9 KB 16ms
15ms Stylesheet
text/css 69.20.75.133
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthplansamerica.org/common_scripts/leadgen/fonts/fontawesome/fontawesome.min.css

Requested by

Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/quotes/bidencare/?prepop=1&first_name=&last_name=&email=&Eref=P2OCC1KD&Subreferrer=202673&Subid=e7a36845a4b389e2823baf0dadebe370

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.75.133 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.healthplansamerica.org

Software

nginx /

Resource Hash

889e5b0e0831a15afbf0a7afe2916c25500b2fa6abb5f62727b0c245415a5f12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.healthplansamerica.org/quotes/bidencare/?prepop=1&first_name=&last_name=&email=&Eref=P2OCC1KD&Subreferrer=202673&Subid=e7a36845a4b389e2823baf0dadebe370
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Date: Wed, 26 Jan 2022 23:47:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 11 Dec 2019 16:48:23 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"5df11dd7-870a"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Cache-Control: max-age=900, public, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 27 Jan 2022 00:02:40 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
921 B 52ms
20ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oxygen:300,400,700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aaac1ee6b9c6440ad1693c509e910730abc89c7f19f171d87d8a96bdbef8819c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 22:39:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 26 Jan 2022 23:47:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Jan 2022 23:47:41 GMT

GET
H/1.1 200
OK hpa.css
www.healthplansamerica.org/common_scripts/leadgen/laravel/css/ 562 KB
109 KB 33ms
17ms Stylesheet
text/css 69.20.75.133
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthplansamerica.org/common_scripts/leadgen/laravel/css/hpa.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.75.133 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.healthplansamerica.org

Software

nginx /

Resource Hash

70e18e2761626373932316a5020c12456c07ee393a877de8f633a189363365e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.healthplansamerica.org/quotes/bidencare/?prepop=1&first_name=&last_name=&email=&Eref=P2OCC1KD&Subreferrer=202673&Subid=e7a36845a4b389e2823baf0dadebe370
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Date: Wed, 26 Jan 2022 23:47:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 26 Jan 2022 01:10:07 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"61f09f6f-8c970"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Cache-Control: max-age=900, public, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 27 Jan 2022 00:02:40 GMT

GET
H/1.1 200
OK hpa.js Show response
www.healthplansamerica.org/common_scripts/leadgen/laravel/js/ 518 KB
169 KB 43ms
12ms Script
application/javascript 69.20.75.133
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthplansamerica.org/common_scripts/leadgen/laravel/js/hpa.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.75.133 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.healthplansamerica.org

Software

nginx /

Resource Hash

36d82f1a5c7b40a24590371e853968c18c7d1c0fea6d7b65bc0740c88fd85f73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.healthplansamerica.org/quotes/bidencare/?prepop=1&first_name=&last_name=&email=&Eref=P2OCC1KD&Subreferrer=202673&Subid=e7a36845a4b389e2823baf0dadebe370
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Date: Wed, 26 Jan 2022 23:47:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 25 Jan 2022 17:54:38 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"61f0395e-8165e"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=900, public, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 27 Jan 2022 00:02:40 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
739 B 52ms
21ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Merriweather&family=Nunito+Sans:wght@700;800&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aa75cb9de75a961ae4cfd4ce291b9a48fbf0fb0c52eaeed712267f33bbd670be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 23:47:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 26 Jan 2022 23:47:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Jan 2022 23:47:41 GMT

GET
H/1.1 200
OK biden-content.jpg
www.healthplansamerica.org/images/biden/ 40 KB
41 KB 11ms
10ms Image
image/jpeg 69.20.75.133
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.healthplansamerica.org/images/biden/biden-content.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.75.133 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.healthplansamerica.org

Software

nginx /

Resource Hash

078e7a60b04ee3e147dc98ff75aea55b9685f51292fec211e9bb9f4f567b627d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.healthplansamerica.org/quotes/bidencare/?prepop=1&first_name=&last_name=&email=&Eref=P2OCC1KD&Subreferrer=202673&Subid=e7a36845a4b389e2823baf0dadebe370
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Date: Wed, 26 Jan 2022 23:47:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 07 Dec 2020 22:43:40 GMT
Server: nginx
ETag: "5fceb01c-a01f"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: image/jpeg
Cache-Control: max-age=900, public, no-cache, must-revalidate
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 40991
Expires: Thu, 27 Jan 2022 00:02:41 GMT

GET
H2 200 opt
cdn.nextinsure.com/imaging/ 9 KB
9 KB 191ms
4ms Image
image/png 104.78.189.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nextinsure.com/imaging/opt?u=aHR0cHM6Ly9pbWFnZXNlcnZlci5xdWluc3RyZWV0LmNvbS9jb250ZW50L29uZS81NDAxL1Bhc3RlZCBpbWFnZSBhdCAyMDE4XzA3XzExIDA4XzU1IEFNICh3ZWNvbXByZXNzLmNvbSkucG5n&w=120

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.78.189.101 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-78-189-101.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/8.5 /

Resource Hash

d8553fe07ff832dd75fefe2be0ad9806abb528e3bfc9e49d0bba51246313932d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-aspnet-version: 4.0.30319
x-cfg: v28
x-cache: TCP_MEM_HIT from a104-70-120-214.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
content-length: 8990
server: Microsoft-IIS/8.5
x-frame-options: SAMEORIGIN
date: Wed, 26 Jan 2022 23:47:41 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/png
access-control-allow-origin: *
x-origin-s: G2
cache-control: public, max-age=24963947
access-control-allow-credentials: false
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Fri, 11 Nov 2022 22:13:28 GMT

GET
H2 200 imp_px.ashx
www.nextinsure.com/ListingDisplay/handlers/ 49 B
825 B 265ms
79ms Image
image/gif 104.78.189.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nextinsure.com/ListingDisplay/handlers/imp_px.ashx?I=f388ea61-64bf-4bdb-a10c-3c00cc587b33&SI=33c5c18c-e8c2-4ec8-9b57-019ecf065c3d&SDT=637788160607043323&R=1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.78.189.101 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-78-189-101.deploy.static.akamaitechnologies.com

Software

Resource Hash

93db6ff0af01c1416a4cf5643fa970e6facf75aa2c38a66404085039c2314e33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

x-cfg-version: v78
date: Wed, 26 Jan 2022 23:47:41 GMT
x-content-type-options: nosniff
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control
x-frame-options: SAMEORIGIN
access-control-allow-methods: OPTIONS,POST,GET
content-type: image/gif
access-control-allow-origin: *
cache-control: private
strict-transport-security: max-age=31536000 ; includeSubDomains
timing-allow-origin: *
content-security-policy-report-only: default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net; style-src *.googleapis.com 'unsafe-inline';script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com; img-src * data:; style-src-elem * 'unsafe-inline'; report-uri /ListingDisplay/handlers/csp.ashx;
content-length: 49
x-xss-protection: 1; mode=block
x-ld: e3

GET
H/1.1 200
OK user_listings.php Show response
secure.apolloi.com/leadgen/pxl/ 0
0 51ms
15ms Script
text/html 69.20.94.14
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.apolloi.com/leadgen/pxl/user_listings.php?selected_listing_type=puI&selected_listing=SH&listing_page_settings_ids=%255B%255D&visit_id=212285178&state=NY&site_id=hpa
Requested by: Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/quotes/bidencare/?prepop=1&first_name=&last_name=&email=&Eref=P2OCC1KD&Subreferrer=202673&Subid=e7a36845a4b389e2823baf0dadebe370
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 69.20.94.14 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS: secure.apolloi.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

GET
H/1.1 200
OK visit.php Show response
secure.apolloi.com/leadgen/pxl/ 0
0 41ms
18ms Script
text/html 69.20.94.14
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.apolloi.com/leadgen/pxl/visit.php?visit_id=212285178
Requested by: Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/quotes/bidencare/?prepop=1&first_name=&last_name=&email=&Eref=P2OCC1KD&Subreferrer=202673&Subid=e7a36845a4b389e2823baf0dadebe370
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 69.20.94.14 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS: secure.apolloi.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 23ms
4ms Script
text/javascript 2607:f8b0:4006:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4002
date: Wed, 26 Jan 2022 22:40:59 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 27 Jan 2022 00:40:59 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 103 KB
40 KB 27ms
26ms Script
application/javascript 2607:f8b0:4006:81f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T8D2T6P

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c2a386dfbe9e74acec053124d040483cd80f3edda278163af6c87416f1d368b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Wed, 26 Jan 2022 23:47:41 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40390
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 23:19:44 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 26 Jan 2022 23:47:41 GMT

GET
H2 200 58a34f3625ceb64f65edb3a4 Show response
api.pushnami.com/scripts/v1/pushnami-adv/ 243 KB
61 KB 28ms
10ms Script
application/javascript 13.226.31.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pushnami.com/scripts/v1/pushnami-adv/58a34f3625ceb64f65edb3a4
Requested by: Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/quotes/bidencare/?prepop=1&first_name=&last_name=&email=&Eref=P2OCC1KD&Subreferrer=202673&Subid=e7a36845a4b389e2823baf0dadebe370
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.31.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-31-62.ewr53.r.cloudfront.net
Software: /
Resource Hash: 69121f74c87d0d76bd3071030cb983f8630fcd881af8eb9b061adf5b6984ce97

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Wed, 26 Jan 2022 23:38:24 GMT
via: 1.1 ef8392d3895fa7368e6a67a055402788.cloudfront.net (CloudFront)
age: 557
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: no-cache
x-amz-cf-pop: EWR53-C2
content-encoding: gzip
x-amz-cf-id: RZKuNSAAqpYFDHK2MVCVfGQKoTVfGPhrq9CAlZ8-HxmhKy9JqHtBsQ==

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dea92681f53237877d78e6b652197caa1f0010ebf9d177468d204423c74fac98

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H/1.1 200
OK hero-bg-biden.jpg
www.healthplansamerica.org/images/biden/ 33 KB
33 KB 12ms
11ms Image
image/jpeg 69.20.75.133
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.healthplansamerica.org/images/biden/hero-bg-biden.jpg

Requested by

Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/common_scripts/leadgen/laravel/css/hpa.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.75.133 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.healthplansamerica.org

Software

nginx /

Resource Hash

c1a6dceca196282a843e1d6dcdff4257db81ffa1c11d3ad38f1f359f1751551a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.healthplansamerica.org/common_scripts/leadgen/laravel/css/hpa.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Date: Wed, 26 Jan 2022 23:47:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 07 Dec 2020 22:43:40 GMT
Server: nginx
ETag: "5fceb01c-8352"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: image/jpeg
Cache-Control: max-age=900, public, no-cache, must-revalidate
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 33618
Expires: Thu, 27 Jan 2022 00:02:41 GMT

GET
H/1.1 200
OK hero-biden.png
www.healthplansamerica.org/images/biden/ 155 KB
155 KB 11ms
10ms Image
image/png 69.20.75.133
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.healthplansamerica.org/images/biden/hero-biden.png

Requested by

Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/common_scripts/leadgen/laravel/css/hpa.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.75.133 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.healthplansamerica.org

Software

nginx /

Resource Hash

ea9ecd90c56a640800680d99ad67544cff546780c8051c7710f699fca8c55eb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.healthplansamerica.org/common_scripts/leadgen/laravel/css/hpa.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Date: Wed, 26 Jan 2022 23:47:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 07 Dec 2020 22:43:40 GMT
Server: nginx
ETag: "5fceb01c-26ac2"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: image/png
Cache-Control: max-age=900, public, no-cache, must-revalidate
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 158402
Expires: Thu, 27 Jan 2022 00:02:41 GMT

GET
DATA 200
OK truncated
/ 217 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa711cb743caa96b19557672470e7ded8e47d3d7902a60a86ec2f845fba252ca

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f5471385485dd010cece4e82b5eec41d05c38c3d3f93643fcb646ecde1f2abd

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H/1.1 200
OK italianno-regular-webfont.woff2
www.healthplansamerica.org/includes/fonts/ 30 KB
30 KB 13ms
10ms Font
application/font-woff2 69.20.75.133
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthplansamerica.org/includes/fonts/italianno-regular-webfont.woff2

Requested by

Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/common_scripts/leadgen/laravel/css/hpa.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.75.133 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.healthplansamerica.org

Software

nginx /

Resource Hash

fa4241715b942ec0257a7765c4a5517e94e32d43bf0f1016a794d37850d621de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.healthplansamerica.org/common_scripts/leadgen/laravel/css/hpa.css
Origin: https://www.healthplansamerica.org
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Date: Wed, 26 Jan 2022 23:47:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 06 May 2021 23:51:38 GMT
Server: nginx
ETag: "6094810a-7704"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: application/font-woff2
Cache-Control: max-age=900, public, no-cache, must-revalidate
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 30468
Expires: Thu, 27 Jan 2022 00:02:41 GMT

GET
H2 200 pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2
fonts.gstatic.com/s/nunitosans/v8/ 17 KB
17 KB 30ms
6ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v8/pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather&family=Nunito+Sans:wght@700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abf55d853f3bbe3a244ea8f3b8ed9b4127f028a096fefc942020a3605433d99a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.healthplansamerica.org
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sat, 22 Jan 2022 13:35:40 GMT
x-content-type-options: nosniff
age: 382321
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17108
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 18:12:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sun, 22 Jan 2023 13:35:40 GMT

GET
H2 200 pe03MImSLYBIv1o4X1M8cc8aBc5tU1E.woff2
fonts.gstatic.com/s/nunitosans/v8/ 17 KB
17 KB 40ms
16ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v8/pe03MImSLYBIv1o4X1M8cc8aBc5tU1E.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather&family=Nunito+Sans:wght@700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b913028cae336af75686538cf833779bac3d2e42701ac7800415dfe3d32a76d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.healthplansamerica.org
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sat, 22 Jan 2022 13:59:48 GMT
x-content-type-options: nosniff
age: 380873
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17228
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 18:12:51 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sun, 22 Jan 2023 13:59:48 GMT

GET
H2 200 u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v28/ 20 KB
20 KB 33ms
10ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v28/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather&family=Nunito+Sans:wght@700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.healthplansamerica.org
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Wed, 26 Jan 2022 21:27:41 GMT
x-content-type-options: nosniff
age: 8400
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20028
x-xss-protection: 0
last-modified: Wed, 15 Dec 2021 02:22:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 26 Jan 2023 21:27:41 GMT

GET
H/1.1 200
OK fa-solid-900.woff2
www.healthplansamerica.org/common_scripts/leadgen/fonts/fontawesome/ 39 KB
40 KB 20ms
11ms Font
application/font-woff2 69.20.75.133
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthplansamerica.org/common_scripts/leadgen/fonts/fontawesome/fa-solid-900.woff2

Requested by

Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/common_scripts/leadgen/fonts/fontawesome/fontawesome.min.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.75.133 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.healthplansamerica.org

Software

nginx /

Resource Hash

434466b59545a8a1cac6ddb38197cdc6b35995a98c3f3812fb88d61b1c300dd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.healthplansamerica.org/common_scripts/leadgen/fonts/fontawesome/fontawesome.min.css
Origin: https://www.healthplansamerica.org
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Date: Wed, 26 Jan 2022 23:47:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 11 Dec 2019 16:48:23 GMT
Server: nginx
ETag: "5df11dd7-9cd4"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: application/font-woff2
Cache-Control: max-age=900, public, no-cache, must-revalidate
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 40148
Expires: Thu, 27 Jan 2022 00:02:41 GMT

GET
H2 200 app.js Show response
acsbapp.com/apps/app/dist/js/ 423 KB
138 KB 30ms
9ms Script
application/x-javascript 206.189.191.180
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://acsbapp.com/apps/app/dist/js/app.js
Requested by: Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/quotes/bidencare/?prepop=1&first_name=&last_name=&email=&Eref=P2OCC1KD&Subreferrer=202673&Subid=e7a36845a4b389e2823baf0dadebe370
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 206.189.191.180 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: cdn102.acsbapp.com
Software: /
Resource Hash: 5ff1f48762983a74ab221de9e3d761ff6a64788c4b3034a6940510a67c3ad8c4

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Wed, 26 Jan 2022 23:47:41 GMT
content-encoding: br
last-modified: Wed, 29 Dec 2021 22:49:19 GMT
etag: "69df1-61cce5ef-75807bfd1398c3e7;br"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=432000 public
accept-ranges: bytes
access-control-allow-headers: *
content-length: 141410
expires: Thu, 27 Jan 2022 23:47:41 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 36 KB
11 KB 35ms
22ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/quotes/bidencare/?prepop=1&first_name=&last_name=&email=&Eref=P2OCC1KD&Subreferrer=202673&Subid=e7a36845a4b389e2823baf0dadebe370
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Wed, 26 Jan 2022 23:47:40 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 01:53:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E3A97462BACE4BA9843EB89C077E1404 Ref B: EWR311000103023 Ref C: 2022-01-26T23:47:41Z
etag: "0cb09ee8e7d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 10468

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 15ms
4ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c55508ea7ce1ad08364772fbfadb835d2b1d1b9238d345c45eee1943ada4ff6f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26237
x-xss-protection: 0
pragma: public
x-fb-debug: 6wA8OtaImHIzGAy0LqgpgsMIctgX389078VVEFX0MyQjX6QEKBz5HqZm0nU0UEzbSZUy3DCD+KBLyOtsAHiM5A==
x-fb-trip-id: 1512268381
x-frame-options: DENY
date: Wed, 26 Jan 2022 23:47:41 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 c03ef9de-4523-077b-661e-f0bbdaa0049b.js Show response
create.lidstatic.com/campaign/ 123 KB
39 KB 52ms
20ms Script
text/javascript 2606:4700:10::6816:26b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://create.lidstatic.com/campaign/c03ef9de-4523-077b-661e-f0bbdaa0049b.js?snippet_version=2
Requested by: Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/quotes/bidencare/?prepop=1&first_name=&last_name=&email=&Eref=P2OCC1KD&Subreferrer=202673&Subid=e7a36845a4b389e2823baf0dadebe370
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:26b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 498587d138256fab11a62d15c9f0ec3046a1799433a9d66a10637f6b329f4a6b

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Wed, 26 Jan 2022 23:47:41 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 162
x-amz-replication-status: COMPLETED
x-amz-request-id: PBRCN5WK82R3SRXW
x-amz-id-2: 38l1gJfswTm6Pqb2l8DdVCmszGnLuJZlhaTv3YHpSmzovq9HmsV1+UKR6CVjuHm6vynvOMFwWZc=
last-modified: Fri, 12 Nov 2021 01:13:45 GMT
server: cloudflare
etag: W/"4a93d403ca605856131122645ef331bb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1800
x-amz-version-id: GOu11vhRz5Xd.a4zIBYhapYLb7GVXQEF
cf-ray: 6d3da0b66a158c0b-EWR

GET
H2 200 invoca-latest.min.js Show response
solutions.invocacdn.com/js/ 122 KB
40 KB 81ms
5ms Script
text/javascript 13.225.63.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://solutions.invocacdn.com/js/invoca-latest.min.js
Requested by: Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/quotes/bidencare/?prepop=1&first_name=&last_name=&email=&Eref=P2OCC1KD&Subreferrer=202673&Subid=e7a36845a4b389e2823baf0dadebe370
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.63.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-63-64.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 11d3e985311d7dd1bb6a299ed74c44e11d26a3506172aababa53c0ff13ba281c

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Wed, 26 Jan 2022 23:32:27 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 23:32:23 GMT
server: AmazonS3
age: 915
etag: W/"017fdf1662ab738398a466f4f67db5da"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: Wbi3pIC6FMb9uNJN7d71WoQ8Yo21fec3
via: 1.1 1ffe498380a643d1bb2efaa624b761a6.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-replication-status: PENDING
x-amz-cf-pop: EWR53-C1
content-type: text/javascript; charset=utf-8
x-amz-cf-id: hM4rlLBBirbh2ifUXFhRnpeYDL8-pVaSnR-DTY0QYpRUcplAu5VAaQ==

GET
H2 200 request.js Show response
script.anura.io/ 48 KB
17 KB 118ms
80ms Script
application/javascript 52.200.255.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/request.js?instance=2761973509&source=XPBC&campaign=202673-HPA&variable=AnuraResponse&925809474127

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.200.255.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-200-255-42.compute-1.amazonaws.com

Software

nginx /

Resource Hash

7bf9488b9631a374fb89bce531c7e031f979d6372c4776f5d1fca5e279db0b0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 23:47:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H3 200 2sDcZG1Wl4LcnbuCNWgzaGW5.woff2
fonts.gstatic.com/s/oxygen/v10/ 16 KB
16 KB 21ms
8ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oxygen/v10/2sDcZG1Wl4LcnbuCNWgzaGW5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oxygen:300,400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5f9ecb6ce5cd13a976187541227e0246570ae91864d052b3e9cc0a4636dc8a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.healthplansamerica.org
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sat, 22 Jan 2022 07:48:11 GMT
x-content-type-options: nosniff
age: 403170
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16184
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:03:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sun, 22 Jan 2023 07:48:11 GMT

GET
H3 200 2sDfZG1Wl4LcnbuKjk0m.woff2
fonts.gstatic.com/s/oxygen/v10/ 16 KB
16 KB 18ms
6ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oxygen/v10/2sDfZG1Wl4LcnbuKjk0m.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oxygen:300,400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ccfa0fba5ab2cfef812fff3452cfdc73b6573900a9613b2828dfa691535b57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.healthplansamerica.org
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sat, 22 Jan 2022 07:31:53 GMT
x-content-type-options: nosniff
age: 404148
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16344
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:02:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sun, 22 Jan 2023 07:31:53 GMT

GET
H3 200 js Show response
www.google-analytics.com/gtm/ 103 KB
38 KB 49ms
39ms Script
application/javascript 2607:f8b0:4006:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-NXJZNQR&cid=521923114.1643240861

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8f650b22a28d7dc58833f19baa998cec85b92b89b3e46d4653eebb8f4c19994b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Wed, 26 Jan 2022 23:47:41 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38532
x-xss-protection: 0
expires: Wed, 26 Jan 2022 23:47:41 GMT

POST
H2 200 track Show response
trc.pushnami.com/api/push/ 2 B
168 B 60ms
27ms Fetch
text/html 3.225.97.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/58a34f3625ceb64f65edb3a4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.97.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-97-182.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept: application/json, text/plain, */*
Referer: https://www.healthplansamerica.org/
key: 58a34f3625ceb64f65edb3a4
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Wed, 26 Jan 2022 23:47:41 GMT
cache-control: no-cache
content-type: text/html; charset=utf-8
content-length: 2
access-control-expose-headers: WWW-Authenticate,Server-Authorization

OPTIONS
H2 204 track
trc.pushnami.com/api/push/ Frame 0
0 48ms
12ms Preflight 3.225.97.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.97.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-97-182.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: key
Origin: https://www.healthplansamerica.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Sec-Fetch-Mode: cors

Response headers

date: Wed, 26 Jan 2022 23:47:41 GMT
access-control-allow-origin: *
access-control-allow-methods: POST
access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,key
access-control-max-age: 86400
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache

GET
H2 200 config.json Show response
cdn.acsbapp.com/cache/app/healthplansamerica.org/ 136 B
323 B 36ms
5ms Fetch
application/json 206.189.191.180
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.acsbapp.com/cache/app/healthplansamerica.org/config.json
Requested by: Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 206.189.191.180 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: cdn102.acsbapp.com
Software: /
Resource Hash: 6f3aab1afe406177f953f92806bc101cee906a8a6ce409efd81313b3510c6136

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Wed, 26 Jan 2022 23:47:41 GMT
last-modified: Wed, 26 Jan 2022 16:06:19 GMT
etag: "88-61f1717b-5ef18a1400b1f139;;;"
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=432000 public
accept-ranges: bytes
access-control-allow-headers: *
content-length: 136
expires: Thu, 27 Jan 2022 23:47:41 GMT

GET
H2 204 4046953.js Show response
bat.bing.com/p/action/ 0
119 B 197ms
196ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/4046953.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

access-control-allow-origin: *
date: Wed, 26 Jan 2022 23:47:41 GMT
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 598A8E9BD4CD425EBC3BAD2C92BFF546 Ref B: EWR311000103023 Ref C: 2022-01-26T23:47:41Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
152 B 19ms
19ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=4046953&Ver=2&mid=209d3cbd-295b-4fb2-848d-281004a8aaae&sid=59ac9d707f0211ec9b24e92409b5ec5a&vid=59ad29e07f0211ecbb6abf2d008492a7&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=BidenCare%20%7C%20Health%20Plans%20of%20America&kw=Find%20%26%20Compare,%20Health%20Insurance,%20Quotes,%20Medicare%20Insurance,%20Plans,%20healthplansamerica.org&p=https%3A%2F%2Fwww.healthplansamerica.org%2Fquotes%2Fbidencare%2F%3Fprepop%3D1%26first_name%3D%26last_name%3D%26email%3D%26Eref%3DP2OCC1KD%26Subreferrer%3D202673%26Subid%3De7a36845a4b389e2823baf0dadebe370&r=http%3A%2F%2Fblueskyace.com%2F&lt=841&evt=pageLoad&msclkid=N&sv=1&rn=227590
Requested by: Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/quotes/bidencare/?prepop=1&first_name=&last_name=&email=&Eref=P2OCC1KD&Subreferrer=202673&Subid=e7a36845a4b389e2823baf0dadebe370
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 23:47:40 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 39C9A2ED2D094D76A1E4797BB0C0DFC0 Ref B: EWR311000103023 Ref C: 2022-01-26T23:47:41Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 484161251792257 Show response
connect.facebook.net/signals/config/ 306 KB
88 KB 63ms
57ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/484161251792257?v=2.9.51&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

50be2c7b72737d01aface8146c512d39e879fa57204c3a6bf890001eed7f88ec

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: kobw2bklIAeC0uF/LJN0pOj6Z2YUpygWsgEAxPpQiNF/sgBOymqPqjoTL59iFdEHw668Pa4QcLIRO+WyGrZhmg==
x-frame-options: DENY
date: Wed, 26 Jan 2022 23:47:41 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 GenerateToken Show response
create.leadid.com/2.11.9/ 36 B
660 B 127ms
62ms XHR
text/plain 34.230.206.204
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/GenerateToken?msn=1&pid=f960f1fe-8dbe-4f70-8a68-4b8b2f6b756c&_=784759909

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/c03ef9de-4523-077b-661e-f0bbdaa0049b.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.230.206.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-230-206-204.compute-1.amazonaws.com

Software

nginx /

Resource Hash

fb5c3e6c725b6e94d8c02564d514c9a151af84e76bcfdf57579c30560e5a176f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.healthplansamerica.org/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 26 Jan 2022 23:47:41 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 tag-live.js Show response
solutions.invocacdn.com/js/networks/585/0419737375/ 6 KB
2 KB 5ms
5ms Script
text/javascript 13.225.63.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://solutions.invocacdn.com/js/networks/585/0419737375/tag-live.js
Requested by: Host: solutions.invocacdn.com
URL: https://solutions.invocacdn.com/js/invoca-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.63.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-63-64.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a592564b9b2d607aa653f3ca77adba6b405022dd91b1dfc9edf789a4eb02b953

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

x-amz-version-id: 0Qfdvo0f_YNgaplQS3YTle3ByArvqRkM
content-encoding: gzip
last-modified: Thu, 15 Jul 2021 19:25:03 GMT
server: AmazonS3
age: 219
etag: W/"7beabea2e2cfeadff0e6ab423c2ac7fa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 1ffe498380a643d1bb2efaa624b761a6.cloudfront.net (CloudFront)
cache-control: max-age=300
date: Wed, 26 Jan 2022 23:44:03 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-pop: EWR53-C1
x-amz-cf-id: GtMhSAz7NoOO38CEMsenqhxdb1yxWmnMBTr669SdcBCYsb9ahm8OOw==

GET
H2 200 en.build.json Show response
cdn.acsbapp.com/cache/app/ 232 KB
25 KB 10ms
9ms Fetch
application/json 206.189.191.180
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.acsbapp.com/cache/app/en.build.json
Requested by: Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 206.189.191.180 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: cdn102.acsbapp.com
Software: /
Resource Hash: 9859f66ffd13e43307308c79d3a53d60fd72254e8a2dda9161146533c1a6263c

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Wed, 26 Jan 2022 23:47:41 GMT
content-encoding: br
last-modified: Wed, 29 Dec 2021 22:51:03 GMT
etag: "3a145-61cce657-9579b6f518b4721e;br"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=432000 public
accept-ranges: bytes
access-control-allow-headers: *
content-length: 25259
expires: Thu, 27 Jan 2022 23:47:41 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 20ms
20ms XHR
text/plain 2607:f8b0:4006:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1906511795&t=pageview&_s=1&dl=https%3A%2F%2Fwww.healthplansamerica.org%2Fquotes%2Fbidencare%2F%3Fprepop%3D1%26first_name%3D%26last_name%3D%26email%3D%26Eref%3DP2OCC1KD%26Subreferrer%3D202673%26Subid%3De7a36845a4b389e2823baf0dadebe370&dr=http%3A%2F%2Fblueskyace.com%2F&ul=en-us&de=UTF-8&dt=BidenCare%20%7C%20Health%20Plans%20of%20America&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAAAADQAAAAC~&jid=2053093832&gjid=1422466733&cid=521923114.1643240861&tid=UA-23882117-1&_gid=882937729.1643240861&_r=1&_slc=1&z=2146528670

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.healthplansamerica.org/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 23:47:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.healthplansamerica.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK iframe.html Show response
d2m2wsoho8qq12.cloudfront.net/ Frame 6656 3 KB
2 KB 54ms
5ms Document
text/html 54.192.100.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=C132F38C-0E3B-1D26-BFB8-879044971081&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=C03EF9DE-4523-077B-661E-F0BBDAA0049B&lac=478B1969-F034-6785-243D-D2DE64FC7F68

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/c03ef9de-4523-077b-661e-f0bbdaa0049b.js?snippet_version=2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.192.100.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-100-102.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept-Language: en-US,en;q=0.9
Referer: https://www.healthplansamerica.org/

Response headers

Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Last-Modified: Fri, 19 Nov 2021 20:21:09 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Max-Age: 1728000
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
P3P: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
Content-Encoding: gzip
Date: Wed, 26 Jan 2022 12:55:53 GMT
ETag: W/"61980735-dbb"
X-Cache: Hit from cloudfront
Via: 1.1 121f18299e6385d2cf97a45a6dcf2c8c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: EWR53-C3
X-Amz-Cf-Id: kwLqZKmOM6ldTIxablB-ne-etQSlxDaBrCaTNiBHEAFZ-HoHP4t9hw==
Age: 39109

POST
H2 200 SaveDom Show response
create.leadid.com/2.11.9/ 0
623 B 16ms
16ms XHR
text/plain 34.230.206.204
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/SaveDom?msn=2&pid=f960f1fe-8dbe-4f70-8a68-4b8b2f6b756c&token=C132F38C-0E3B-1D26-BFB8-879044971081&_=784759910

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/c03ef9de-4523-077b-661e-f0bbdaa0049b.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.230.206.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-230-206-204.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.healthplansamerica.org/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 26 Jan 2022 23:47:41 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 InitFormData Show response
create.leadid.com/2.11.9/ 0
622 B 13ms
13ms XHR
text/plain 34.230.206.204
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/InitFormData?msn=3&pid=f960f1fe-8dbe-4f70-8a68-4b8b2f6b756c&token=C132F38C-0E3B-1D26-BFB8-879044971081&_=784759911

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/c03ef9de-4523-077b-661e-f0bbdaa0049b.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.230.206.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-230-206-204.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.healthplansamerica.org/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 26 Jan 2022 23:47:41 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
407 B 22ms
6ms Image
image/gif 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=484161251792257&ev=PageView&dl=https%3A%2F%2Fwww.healthplansamerica.org%2Fquotes%2Fbidencare%2F%3Fprepop%3D1%26first_name%3D_removed_%26last_name%3D_removed_%26email%3D%26Eref%3DP2OCC1KD%26Subreferrer%3D202673%26Subid%3De7a36845a4b389e2823baf0dadebe370%26_filteredParams%3D%257B%2522unwantedParams%2522%253A%255B%2522last_name%2522%252C%2522first_name%2522%255D%252C%2522sensitiveParams%2522%253A%255B%255D%257D&rl=http%3A%2F%2Fblueskyace.com%2F%3F_filteredParams%3D%257B%2522unwantedParams%2522%253A%255B%255D%252C%2522sensitiveParams%2522%253A%255B%255D%257D&if=false&ts=1643240861581&sw=1600&sh=1200&v=2.9.51&r=stable&ec=0&o=30&fbp=fb.1.1643240861573.861485519&it=1643240861299&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Wed, 26 Jan 2022 23:47:41 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Wed, 26 Jan 2022 23:47:41 GMT

POST
H/1.1 200
OK set_visit_ulid Show response
www.healthplansamerica.org/api/ 0
511 B 27ms
26ms XHR
text/html 69.20.75.133
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthplansamerica.org/api/set_visit_ulid

Requested by

Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/common_scripts/leadgen/laravel/js/hpa.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.75.133 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.healthplansamerica.org

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.healthplansamerica.org/quotes/bidencare/?prepop=1&first_name=&last_name=&email=&Eref=P2OCC1KD&Subreferrer=202673&Subid=e7a36845a4b389e2823baf0dadebe370
X-Requested-With: XMLHttpRequest
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 26 Jan 2022 23:47:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, no-cache
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 iframe.html Show response
deviceid.trueleadid.com/ Frame 45B3 4 KB
2 KB 99ms
11ms Document
text/html 52.5.60.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://deviceid.trueleadid.com/iframe.html?token=C132F38C-0E3B-1D26-BFB8-879044971081&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=C03EF9DE-4523-077B-661E-F0BBDAA0049B&lac=478B1969-F034-6785-243D-D2DE64FC7F68
Requested by: Host: d2m2wsoho8qq12.cloudfront.net
URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=C132F38C-0E3B-1D26-BFB8-879044971081&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=C03EF9DE-4523-077B-661E-F0BBDAA0049B&lac=478B1969-F034-6785-243D-D2DE64FC7F68
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.5.60.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-60-250.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept-Language: en-US,en;q=0.9
Referer: https://d2m2wsoho8qq12.cloudfront.net/

Response headers

date: Wed, 26 Jan 2022 23:47:41 GMT
content-type: text/html
server: nginx
last-modified: Fri, 31 Dec 2021 14:51:34 GMT
etag: W/"61cf18f6-1049"
expires: Thu, 27 Jan 2022 23:47:41 GMT
cache-control: max-age=86400 public
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
content-encoding: gzip

GET
H2 200 SaveDeviceId.js Show response
create.leadid.com/2.11.9/ Frame 45B3 0
626 B 36ms
14ms Script
text/javascript 34.230.206.204
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/SaveDeviceId.js?lac=478B1969-F034-6785-243D-D2DE64FC7F68&lck=C03EF9DE-4523-077B-661E-F0BBDAA0049B&methods=48&token=C132F38C-0E3B-1D26-BFB8-879044971081&uuid=0e9906ca5a7d4ff1aaa278ca54fa210a

Requested by

Host: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=C132F38C-0E3B-1D26-BFB8-879044971081&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=C03EF9DE-4523-077B-661E-F0BBDAA0049B&lac=478B1969-F034-6785-243D-D2DE64FC7F68

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.230.206.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-230-206-204.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://deviceid.trueleadid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Wed, 26 Jan 2022 23:47:41 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 response.json Show response
script.anura.io/ 51 B
403 B 85ms
58ms XHR
application/json 52.200.255.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/response.json

Requested by

Host: script.anura.io
URL: https://script.anura.io/request.js?instance=2761973509&source=XPBC&campaign=202673-HPA&variable=AnuraResponse&925809474127

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.200.255.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-200-255-42.compute-1.amazonaws.com

Software

nginx /

Resource Hash

3929b931bc4d9c9a37a7f0b8fbad85d300a4b10a3ab9f82408606f1f8e8adb63

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.healthplansamerica.org/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 23:47:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H2 200 hub Show response
api.pushnami.com/scripts/v1/ Frame D3ED 2 KB
1 KB 6ms
6ms Document
text/html 13.226.31.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pushnami.com/scripts/v1/hub

Requested by

Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/58a34f3625ceb64f65edb3a4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.31.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-31-62.ewr53.r.cloudfront.net

Software

Resource Hash

2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' *
X-Content-Security-Policy	default-src 'unsafe-inline' *

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept-Language: en-US,en;q=0.9
Referer: https://www.healthplansamerica.org/

Response headers

content-type: text/html; charset=utf-8
date: Wed, 26 Jan 2022 23:44:47 GMT
access-control-allow-origin: *
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: X-Requested-With
content-security-policy: default-src 'unsafe-inline' *
x-content-security-policy: default-src 'unsafe-inline' *
x-webkit-csp: default-src 'unsafe-inline' *
cache-control: no-cache
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 ef8392d3895fa7368e6a67a055402788.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
x-amz-cf-id: v5Xsz0-T9RRmWrXNC99eU-Ten3gQvKaFl3MVffreImApEfWuVPUGRg==
age: 174

POST
H2 200 psp Show response
psp.pushnami.com/api/ 2 B
231 B 16ms
15ms Fetch
text/html 52.207.0.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/58a34f3625ceb64f65edb3a4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.207.0.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-0-73.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept: application/json, text/plain, */*
Referer: https://www.healthplansamerica.org/
key: 58a34f3625ceb64f65edb3a4
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.healthplansamerica.org
date: Wed, 26 Jan 2022 23:47:41 GMT
cache-control: no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: accept-encoding
content-type: text/html; charset=utf-8

OPTIONS
H2 200 psp
psp.pushnami.com/api/ Frame 0
0 42ms
13ms Preflight
application/json 52.207.0.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.207.0.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-0-73.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: key
Origin: https://www.healthplansamerica.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Sec-Fetch-Mode: cors

Response headers

date: Wed, 26 Jan 2022 23:47:41 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.healthplansamerica.org
access-control-allow-credentials: true
access-control-expose-headers: content-type, content-length, etag
access-control-max-age: 600
access-control-allow-headers: key
access-control-allow-methods: POST
cache-control: no-cache
vary: accept-encoding
content-encoding: gzip

POST
H2 200 result.json Show response
script.anura.io/ 27 B
384 B 44ms
44ms XHR
application/json 52.200.255.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/result.json

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.200.255.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-200-255-42.compute-1.amazonaws.com

Software

nginx /

Resource Hash

59855fb273cce24eaff91d16cdb093b5b26a2bdca96f6a5ec4d95d81d657e929

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.healthplansamerica.org/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 23:47:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H/1.1 200
OK fraud_status.php Show response
www.healthplansamerica.org/common_scripts/omg/ 0
538 B 97ms
97ms XHR
text/html 69.20.75.133
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthplansamerica.org/common_scripts/omg/fraud_status.php?source=anura&response=

Requested by

Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/common_scripts/leadgen/laravel/js/hpa.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.75.133 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.healthplansamerica.org

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.healthplansamerica.org/quotes/bidencare/?prepop=1&first_name=&last_name=&email=&Eref=P2OCC1KD&Subreferrer=202673&Subid=e7a36845a4b389e2823baf0dadebe370
X-Requested-With: XMLHttpRequest
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Pragma: no-cache
Date: Wed, 26 Jan 2022 23:47:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK fraud_status.php Show response
www.healthplansamerica.org/common_scripts/omg/ 0
538 B 95ms
94ms XHR
text/html 69.20.75.133
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthplansamerica.org/common_scripts/omg/fraud_status.php?source=anura&response={%22result%22:%22bad%22,%22mobile%22:0}

Requested by

Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/common_scripts/leadgen/laravel/js/hpa.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.75.133 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.healthplansamerica.org

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.healthplansamerica.org/quotes/bidencare/?prepop=1&first_name=&last_name=&email=&Eref=P2OCC1KD&Subreferrer=202673&Subid=e7a36845a4b389e2823baf0dadebe370
X-Requested-With: XMLHttpRequest
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Pragma: no-cache
Date: Wed, 26 Jan 2022 23:47:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK fraud_status.php Show response
www.healthplansamerica.org/common_scripts/omg/ 0
538 B 95ms
94ms XHR
text/html 69.20.75.133
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthplansamerica.org/common_scripts/omg/fraud_status.php?source=anura&response={%22result%22:%22bad%22,%22mobile%22:0}

Requested by

Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/common_scripts/leadgen/laravel/js/hpa.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.75.133 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.healthplansamerica.org

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.healthplansamerica.org/quotes/bidencare/?prepop=1&first_name=&last_name=&email=&Eref=P2OCC1KD&Subreferrer=202673&Subid=e7a36845a4b389e2823baf0dadebe370
X-Requested-With: XMLHttpRequest
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Pragma: no-cache
Date: Wed, 26 Jan 2022 23:47:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 10ms
4ms Image
image/gif 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=484161251792257&ev=Microdata&dl=https%3A%2F%2Fwww.healthplansamerica.org%2Fquotes%2Fbidencare%2F%3Fprepop%3D1%26first_name%3D%26last_name%3D%26email%3D%26Eref%3DP2OCC1KD%26Subreferrer%3D202673%26Subid%3De7a36845a4b389e2823baf0dadebe370&rl=http%3A%2F%2Fblueskyace.com%2F&if=false&ts=1643240862106&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22BidenCare%20%7C%20Health%20Plans%20of%20America%20%22%2C%22meta%3Adescription%22%3A%22Learn%20more%20about%20health%20and%20medicare%20insurance%20coverage.%22%2C%22meta%3Akeywords%22%3A%22Find%20%26%20Compare%2C%20Health%20Insurance%2C%20Quotes%2C%20Medicare%20Insurance%2C%20Plans%2C%20healthplansamerica.org%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22BidenCare%20%7C%20Health%20Plans%20of%20America%22%2C%22og%3Adescription%22%3A%22Learn%20more%20about%20health%20and%20medicare%20insurance%20coverage.%22%2C%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Asite_name%22%3A%22Health%20Plans%20of%20America%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.healthplansamerica.org%2Fimages%2Farticle-img-biden.jpg%22%2C%22og%3Aimage%3Aalt%22%3A%22healthplansamerica.org%22%2C%22og%3Aimage%3Awidth%22%3A%221020%22%2C%22og%3Aimage%3Aheight%22%3A%22512%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.healthplansamerica.org%2Fquotes%2Fbidencare%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.51&r=stable&ec=1&o=30&fbp=fb.1.1643240861573.861485519&it=1643240861299&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Wed, 26 Jan 2022 23:47:42 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Wed, 26 Jan 2022 23:47:42 GMT

POST
H2 200 InitFormData Show response
create.leadid.com/2.11.9/ 0
623 B 15ms
14ms XHR
text/plain 34.230.206.204
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/InitFormData?msn=4&pid=f960f1fe-8dbe-4f70-8a68-4b8b2f6b756c&token=C132F38C-0E3B-1D26-BFB8-879044971081&_=784759912

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/c03ef9de-4523-077b-661e-f0bbdaa0049b.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.230.206.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-230-206-204.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.healthplansamerica.org/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 26 Jan 2022 23:47:42 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK check_web_user Show response
www.healthplansamerica.org/api/ 0
511 B 22ms
21ms XHR
text/html 69.20.75.133
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthplansamerica.org/api/check_web_user

Requested by

Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/common_scripts/leadgen/laravel/js/hpa.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.75.133 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.healthplansamerica.org

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.healthplansamerica.org/quotes/bidencare/?prepop=1&first_name=&last_name=&email=&Eref=P2OCC1KD&Subreferrer=202673&Subid=e7a36845a4b389e2823baf0dadebe370
X-Requested-With: XMLHttpRequest
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Pragma: no-cache
Date: Wed, 26 Jan 2022 23:47:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, no-cache
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H/1.1 200
OK phone_imp.php Show response
www.healthplansamerica.org/common_scripts/omg/pxl/ 0
486 B 102ms
102ms XHR
text/html 69.20.75.133
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthplansamerica.org/common_scripts/omg/pxl/phone_imp.php?pn=8885230960&url=www.healthplansamerica.org%2Fquotes%2Fbidencare%2F%3Fprepop%3D1%26first_name%3D%26last_name%3D%26email%3D%26Eref%3DP2OCC1KD%26Subreferrer%3D202673%26Subid%3De7a36845a4b389e2823baf0dadebe370

Requested by

Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/common_scripts/leadgen/laravel/js/hpa.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.75.133 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.healthplansamerica.org

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.healthplansamerica.org/quotes/bidencare/?prepop=1&first_name=&last_name=&email=&Eref=P2OCC1KD&Subreferrer=202673&Subid=e7a36845a4b389e2823baf0dadebe370
X-Requested-With: XMLHttpRequest
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Pragma: no-cache
Date: Wed, 26 Jan 2022 23:47:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expires: Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
blueskyace.com/	1970-01-20 01:10:32	Name: clkcheck27633 Value: e7a36845a4b389e2823baf0dadebe370_202673
www.healthplansamerica.org/	1969-12-31 23:59:59	Name: PHPSESSID Value: 92efc5c0431ddef6fd08e90e5c02b6f6
.www.healthplansamerica.org/	1970-01-20 00:28:47	Name: mobile_detection Value: a%3A0%3A%7B%7D
www.healthplansamerica.org/	1970-01-20 00:27:28	Name: XSRF-TOKEN Value: eyJpdiI6IkhMb0JFanBIa2M0STNMOFZjZHZ1U0E9PSIsInZhbHVlIjoidHFxS1lpM21Tc3htVGRvMmdXTFRGZjhwczNiSGVVOXg4NmdRa3V4UlhHOVRtS1I2bDRFcURyN0tqMFczaTFVZzRicUZJeStaYzdWRjA0a3NFaTJhRXc9PSIsIm1hYyI6ImM0NzkyMTE1NTU0YjNlZGUyOTZlMDEwYzk4YzcyZjFlNzA0MGMzYTE0OTczNmIyYzI0OGZhMjVjODBiY2EzZDgifQ%3D%3D
www.healthplansamerica.org/	1970-01-20 00:27:28	Name: laravel_session Value: eyJpdiI6IlZpTVdPdFwvakxHaFNSNWxzZjNwOG93PT0iLCJ2YWx1ZSI6ImxCakpvNzJhYTR5ZVwvTUxCUkNmSlM1OHl1NFlmZE5ha0hZd1R1M3NWdjd6YXhEb3hzVmFFdTdVQ1RmY2FZVENTcDFSVGludmNEZGVjZTVuMXhRR3NlZz09IiwibWFjIjoiZTIxZmZiZDI3NGYyZjRhZWRhZWMzYTMwYjBkZmY3YTM4ZmRlNmZhYzQ2ZWU1MDc5NzA3MTZhMzc5ZWQ1NzExMyJ9
.bing.com/	1970-01-20 09:48:56	Name: MUID Value: 2C7EBA1985D16BEE0524AB21845B6A6A
.bat.bing.com/	1970-01-20 00:37:25	Name: MR Value: 0
.healthplansamerica.org/	1970-01-20 17:58:32	Name: _ga Value: GA1.2.521923114.1643240861
.healthplansamerica.org/	1970-01-20 00:28:47	Name: _gid Value: GA1.2.882937729.1643240861
.healthplansamerica.org/	1970-01-20 00:28:47	Name: _uetsid Value: 59ac9d707f0211ec9b24e92409b5ec5a
.healthplansamerica.org/	1970-01-20 09:48:56	Name: _uetvid Value: 59ad29e07f0211ecbb6abf2d008492a7
www.nextinsure.com/	1970-01-23 16:06:13	Name: uid Value: 0bd0ab66c8f2c8bd8f1448c952b48893
.healthplansamerica.org/	1970-01-20 00:27:20	Name: _gat Value: 1
www.healthplansamerica.org/	1969-12-31 23:59:59	Name: leadid_token-478B1969-F034-6785-243D-D2DE64FC7F68-C03EF9DE-4523-077B-661E-F0BBDAA0049B Value: C132F38C-0E3B-1D26-BFB8-879044971081
.healthplansamerica.org/	1970-02-25 12:27:20	Name: invoca_session Value: %7B%22ttl%22%3A%222022-02-25T23%3A47%3A41.552Z%22%2C%22session%22%3A%7B%7D%2C%22config%22%3A%7B%22ce%22%3Atrue%2C%22fv%22%3Atrue%7D%7D
.healthplansamerica.org/	1970-01-20 02:36:56	Name: _fbp Value: fb.1.1643240861573.861485519
.facebook.com/	1970-01-20 02:36:56	Name: fr Value: 0fHBJ9Wf9hTTRhjq1..Bh8d2d...1.0.Bh8d2d.
.deviceid.trueleadid.com/	1970-01-25 20:28:19	Name: uuid Value: 0e9906ca5a7d4ff1aaa278ca54fa210a
www.healthplansamerica.org/	1969-12-31 23:59:59	Name: omg_visit_id Value: 61f1dd9e1cafb8402

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://www.healthplansamerica.org/quotes/bidencare/?prepop=1&first_name=&last_name=&email=&Eref=P2OCC1KD&Subreferrer=202673&Subid=e7a36845a4b389e2823baf0dadebe370 Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acsbapp.com
api.pushnami.com
api.traversedlp.com
bat.bing.com
blueskyace.com
cdn.acsbapp.com
cdn.nextinsure.com
connect.facebook.net
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
deviceid.trueleadid.com
fonts.googleapis.com
fonts.gstatic.com
psp.pushnami.com
script.anura.io
secure.apolloi.com
signals.aimtell.com
solutions.invocacdn.com
static.traversedlp.com
trc.pushnami.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.healthplansamerica.org
www.nextinsure.com
104.78.189.101
13.225.63.64
13.226.31.62
143.204.149.87
173.247.233.234
206.189.191.180
23.250.1.134
2606:4700:10::6816:26b6
2606:4700::6812:1f97
2607:f8b0:4006:808::200e
2607:f8b0:4006:81d::200a
2607:f8b0:4006:81f::2008
2607:f8b0:4006:820::2003
2620:1ec:c11::200
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:182:face:b00c:0:25de
3.225.97.182
34.230.206.204
34.232.232.115
52.200.255.42
52.207.0.73
52.5.60.250
54.192.100.102
69.20.75.133
69.20.94.14
078e7a60b04ee3e147dc98ff75aea55b9685f51292fec211e9bb9f4f567b627d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11d3e985311d7dd1bb6a299ed74c44e11d26a3506172aababa53c0ff13ba281c
2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4
306094011fa17d1eb215263299126f9f95f50a1c2235c991846ccfd1911a6dce
36d82f1a5c7b40a24590371e853968c18c7d1c0fea6d7b65bc0740c88fd85f73
3929b931bc4d9c9a37a7f0b8fbad85d300a4b10a3ab9f82408606f1f8e8adb63
3ad3fefdb207753cf1f7f14c610030fd6b00660db09420776630d056c35a2c58
434466b59545a8a1cac6ddb38197cdc6b35995a98c3f3812fb88d61b1c300dd3
498587d138256fab11a62d15c9f0ec3046a1799433a9d66a10637f6b329f4a6b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50be2c7b72737d01aface8146c512d39e879fa57204c3a6bf890001eed7f88ec
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
59855fb273cce24eaff91d16cdb093b5b26a2bdca96f6a5ec4d95d81d657e929
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
5f5471385485dd010cece4e82b5eec41d05c38c3d3f93643fcb646ecde1f2abd
5ff1f48762983a74ab221de9e3d761ff6a64788c4b3034a6940510a67c3ad8c4
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a
69121f74c87d0d76bd3071030cb983f8630fcd881af8eb9b061adf5b6984ce97
6f3aab1afe406177f953f92806bc101cee906a8a6ce409efd81313b3510c6136
70e18e2761626373932316a5020c12456c07ee393a877de8f633a189363365e4
78449ca19b25c3133a390e015a111f1f2c8b48474982d16e2caf2d6d57d47462
78ccfa0fba5ab2cfef812fff3452cfdc73b6573900a9613b2828dfa691535b57
7bf9488b9631a374fb89bce531c7e031f979d6372c4776f5d1fca5e279db0b0b
889e5b0e0831a15afbf0a7afe2916c25500b2fa6abb5f62727b0c245415a5f12
8f650b22a28d7dc58833f19baa998cec85b92b89b3e46d4653eebb8f4c19994b
93db6ff0af01c1416a4cf5643fa970e6facf75aa2c38a66404085039c2314e33
94820795d425ece8a5233a06ef2cd855969be04790cdbe707a802bdfbced6375
9859f66ffd13e43307308c79d3a53d60fd72254e8a2dda9161146533c1a6263c
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a592564b9b2d607aa653f3ca77adba6b405022dd91b1dfc9edf789a4eb02b953
aa711cb743caa96b19557672470e7ded8e47d3d7902a60a86ec2f845fba252ca
aa75cb9de75a961ae4cfd4ce291b9a48fbf0fb0c52eaeed712267f33bbd670be
aaac1ee6b9c6440ad1693c509e910730abc89c7f19f171d87d8a96bdbef8819c
abf55d853f3bbe3a244ea8f3b8ed9b4127f028a096fefc942020a3605433d99a
b913028cae336af75686538cf833779bac3d2e42701ac7800415dfe3d32a76d0
c1a6dceca196282a843e1d6dcdff4257db81ffa1c11d3ad38f1f359f1751551a
c2a386dfbe9e74acec053124d040483cd80f3edda278163af6c87416f1d368b4
c55508ea7ce1ad08364772fbfadb835d2b1d1b9238d345c45eee1943ada4ff6f
d8553fe07ff832dd75fefe2be0ad9806abb528e3bfc9e49d0bba51246313932d
dea92681f53237877d78e6b652197caa1f0010ebf9d177468d204423c74fac98
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea9ecd90c56a640800680d99ad67544cff546780c8051c7710f699fca8c55eb0
f318d51c6417063e2bf948b77cb622fc9c97ef21074cadfb163e8833690cd342
f5f9ecb6ce5cd13a976187541227e0246570ae91864d052b3e9cc0a4636dc8a2
fa4241715b942ec0257a7765c4a5517e94e32d43bf0f1016a794d37850d621de
fb5c3e6c725b6e94d8c02564d514c9a151af84e76bcfdf57579c30560e5a176f

www.healthplansamerica.org Open in urlscan Pro 69.20.75.133 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

67 Requests

97 %HTTPS

36 %IPv6

21 Domains

26 Subdomains

25 IPs

1 Countries

1308 kBTransfer

3590 kBSize

19 Cookies

1 Outgoing links

Page URL History

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.healthplansamerica.org Open in urlscan Pro
69.20.75.133 Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

97 %
HTTPS

36 %
IPv6

21
Domains

26
Subdomains

25
IPs

1
Countries

1308 kB
Transfer

3590 kB
Size

19
Cookies

67 HTTP transactions
3 data transactions