obamacareenrollment.org Open in urlscan Pro
192.124.249.117 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://obamacareenrollment.org/
Effective URL:
https://obamacareenrollment.org/
Submission: On April 11 via api (April 11th 2024, 5:47:04 am UTC) from US — Scanned from US

Summary HTTP 123 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 14 IPs in 5 countries across 12 domains to perform 123 HTTP transactions. The main IP is 192.124.249.117, located in Menifee, United States and belongs to SUCURI-SEC, US. The main domain is obamacareenrollment.org.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on October 3rd 2023. Valid for: a year.

This is the only time obamacareenrollment.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Gaming (Entertainment)

Domain & IP information

	IP Address	AS Autonomous System
41	192.124.249.117 192.124.249.117	30148 (SUCURI-SEC) (SUCURI-SEC)
3	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.18.11.207 104.18.11.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	211.152.148.32 211.152.148.32	139341 (ACE-AS-AP...) (ACE-AS-AP ACE)
36	43.152.138.87 43.152.138.87	139341 (ACE-AS-AP...) (ACE-AS-AP ACE)
1	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:2844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:807::200a	15169 (GOOGLE) (GOOGLE)
1	162.249.168.129 162.249.168.129	26548 (PUREVOLTA...) (PUREVOLTAGE-INC)
2	169.197.85.95 169.197.85.95	26548 (PUREVOLTA...) (PUREVOLTAGE-INC)
2	240e:97c:2f:1... 240e:97c:2f:1::6e	58466 (CT-GUANGZ...) (CT-GUANGZHOU-IDC CHINANET Guangdong province network)
3	124.156.190.80 124.156.190.80	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
1	2600:141b:1c0... 2600:141b:1c00:8::1728:b32e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
123	14

41 192.124.249.117 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10117.sucuri.net

obamacareenrollment.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 211.152.148.32 (Atlanta, United States)

ASN139341 (ACE-AS-AP ACE, SG)

cdn-go.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 43.152.138.87 (Singapore)

ASN139341 (ACE-AS-AP ACE, SG)

cdn.midasbuy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2844 (United States)

ASN13335 (CLOUDFLARENET, US)

site-assets.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:807::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.249.168.129 (United States)

ASN26548 (PUREVOLTAGE-INC, US)

i.postimg.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 169.197.85.95 (United States)

ASN26548 (PUREVOLTAGE-INC, US)

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 240e:97c:2f:1::6e (China)

ASN58466 (CT-GUANGZHOU-IDC CHINANET Guangdong province network, CN)

aegis.qq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 124.156.190.80 (Hong Kong, Hong Kong)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

kepler.captcha.qcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:1c00:8::1728:b32e (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

www.pubgmobile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	obamacareenrollment.org obamacareenrollment.org	2 MB
36	midasbuy.com cdn.midasbuy.com — Cisco Umbrella Rank: 218746 report1.midasbuy.com Failed	3 MB
3	qcloud.com kepler.captcha.qcloud.com — Cisco Umbrella Rank: 83990	57 KB
3	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1847 stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 4322	20 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 381	18 KB
2	qq.com aegis.qq.com — Cisco Umbrella Rank: 13850	413 B
2	ibb.co i.ibb.co — Cisco Umbrella Rank: 9667	56 KB
1	pubgmobile.com www.pubgmobile.com — Cisco Umbrella Rank: 25421	816 B
1	postimg.cc i.postimg.cc — Cisco Umbrella Rank: 17916	4 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 116	1 KB
1	fontawesome.com site-assets.fontawesome.com — Cisco Umbrella Rank: 68838	80 KB
1	cdn-go.cn cdn-go.cn — Cisco Umbrella Rank: 20682	22 KB
123	12

	Domain	Requested by
41	obamacareenrollment.org	obamacareenrollment.org cdn.midasbuy.com cdn-go.cn
36	cdn.midasbuy.com	obamacareenrollment.org cdn.midasbuy.com
3	kepler.captcha.qcloud.com	obamacareenrollment.org cdn-go.cn
3	cdnjs.cloudflare.com	obamacareenrollment.org
2	aegis.qq.com	cdn-go.cn
2	i.ibb.co	obamacareenrollment.org
2	maxcdn.bootstrapcdn.com	obamacareenrollment.org
1	www.pubgmobile.com	obamacareenrollment.org
1	i.postimg.cc	obamacareenrollment.org
1	fonts.googleapis.com	obamacareenrollment.org
1	site-assets.fontawesome.com	obamacareenrollment.org
1	stackpath.bootstrapcdn.com	obamacareenrollment.org
1	cdn-go.cn	obamacareenrollment.org
0	report1.midasbuy.com Failed	obamacareenrollment.org
123	14

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.pubgmobile.com
www.midasbuy.com
cdn.midasbuy.com

Subject Issuer	Validity	Valid
obamacareenrollment.org Go Daddy Secure Certificate Authority - G2	`2023-10-03` - `2024-10-03`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-03-27` - `2024-06-25`	3 months	crt.sh
cdnv4-go.cn DigiCert Secure Site CN CA G3	`2024-03-05` - `2025-03-20`	a year	crt.sh
*.midasbuy.com DigiCert Secure Site CN CA G3	`2023-04-11` - `2024-05-11`	a year	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-04` - `2025-01-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
postimg.cc R3	`2024-02-21` - `2024-05-21`	3 months	crt.sh
ibb.co R3	`2024-02-07` - `2024-05-07`	3 months	crt.sh
*.aegis.qq.com DigiCert Secure Site CN CA G3	`2024-03-15` - `2025-03-15`	a year	crt.sh
feb04-2024-1.ias.qcloud.com DigiCert Secure Site CN CA G3	`2024-02-04` - `2025-02-04`	a year	crt.sh
wetv.acc.qq.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-30` - `2024-10-30`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://obamacareenrollment.org/
Frame ID: 7FF764E2CAAF6D8F6A65936E794C88A4
Requests: 134 HTTP requests in this frame

Frame: https://obamacareenrollment.org/apps/login/home/ot?hidePop=1
Frame ID: 4BC0C0EB5906220B7039C53294ACF83F
Requests: 1 HTTP requests in this frame

Frame: https://obamacareenrollment.org/receivemsg?buy_type_key=CURRENT_BUY_ITEM_SAVE_page_020303566589533517
Frame ID: A17284C5B8C4511560176C726D2E6B4F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PUBG Mobile - Midasbuy

Page URL History Show full URLs

http://obamacareenrollment.org/ HTTP 307
https://obamacareenrollment.org/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

123
Requests

77 %
HTTPS

31 %
IPv6

12
Domains

14
Subdomains

14
IPs

5
Countries

5985 kB
Transfer

9077 kB
Size

3
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/midasbuy
Title: Follow Midasbuy

Search URL Search Domain Scan URL

URL: http://www.pubgmobile.com/terms.html
Title: Terms of Service

Search URL Search Domain Scan URL

URL: http://www.pubgmobile.com/privacy.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.midasbuy.com/oversea_web/static/privacy.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://cdn.midasbuy.com/oversea_web/static/cookie.html
Title: here

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://obamacareenrollment.org/ HTTP 307
https://obamacareenrollment.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

123 HTTP transactions
13 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
obamacareenrollment.org/
Redirect Chain

http://obamacareenrollment.org/
https://obamacareenrollment.org/

215 KB
38 KB

105ms
32ms

Document
text/html

192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://obamacareenrollment.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

0942c920040ab16d83928b465baf237aef0aadcf197fe4250c8bfc07a85c13cb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-length: 38915
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
date: Thu, 11 Apr 2024 05:46:44 GMT
server: nginx
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-sucuri-cache: HIT
x-sucuri-id: 17017
x-xss-protection: 1; mode=block

Redirect headers

Location: https://obamacareenrollment.org/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 88ms
46ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 05:46:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 635929
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=glv13kp0Iel7VLdHKwRyp%2FP5kXReXiBK50B%2Bntpjv2OK1HV2%2BLNGrCow5vjLqpN3sKG0IeSDw5UF459uxuknqcO9RIemZIxkJM%2FGED8TPfNOvfHH3RFE9urWRSyD45mEe2nBvIh6"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8728ad902d83220f-MIA
expires: Tue, 01 Apr 2025 05:46:45 GMT

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/ 26 KB
6 KB 138ms
48ms Stylesheet
text/css 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css

Requested by

Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 05:46:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 3555311
cdn-cachedat: 09/18/2022 09:38:56
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"0831cba6a670e405168b84aa20798347"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 4eaa1711cec7a8ca364e106c01e7176b
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8728ad908b84dab1-MIA
cdn-requestpullsuccess: True

GET
H2 200 aegis.min.js Show response
cdn-go.cn/aegis/aegis-sdk/latest/ 67 KB
22 KB 1441ms
51ms Script
application/javascript 211.152.148.32
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-go.cn/aegis/aegis-sdk/latest/aegis.min.js?_bid=3977
Requested by: Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 211.152.148.32 Atlanta, United States, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: NWSs /
Resource Hash: d8dcb49319bd61ccd67610c592b1212bf50921fe2081f97be84d3fa3dff52dbf

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 05:46:46 GMT
content-encoding: gzip
x-cache-lookup: Hit From MemCache Gz
last-modified: Thu, 18 Jan 2024 04:18:18 GMT
server: NWSs
is-immutable-in-the-future: false
vary: Origin
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=666
x-nws-log-uuid: 9371c853-2ca8-4c71-8353-ec93858edce0
accept-ranges: bytes
timing-allow-origin: *
content-length: 21938
expires: Thu, 11 Apr 2024 05:57:51 GMT

GET
H2 200 vendor.91a5974c.css
cdn.midasbuy.com/oversea_web/static/css/ 711 KB
249 KB 1677ms
288ms Stylesheet
text/css 43.152.138.87
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.midasbuy.com/oversea_web/static/css/vendor.91a5974c.css?max_age=864000
Requested by: Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.152.138.87 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: bdbe1dbed51583afce30ccee067510d40597607966f458921d271082be633ee9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-serverip: 43.152.138.87
date: Thu, 11 Apr 2024 05:46:46 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Mon, 05 Dec 2022 10:34:37 GMT
server: Lego Server
etag: "550631167664fa2a0aa20bffd1cf2c817ff9f68c"
content-type: text/css
client-ip: 38.132.118.75
x-nws-log-uuid: 1862832414826518684
accept-ranges: bytes
content-length: 254200

GET
H2 200 mallpage.1a79afe3.css
cdn.midasbuy.com/oversea_web/static/css/ 31 KB
11 KB 1469ms
81ms Stylesheet
text/css 43.152.138.87
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.midasbuy.com/oversea_web/static/css/mallpage.1a79afe3.css?max_age=864000
Requested by: Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.152.138.87 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: f859777194a60eecd42d41c1340d5b69d44b9982565581cc495ea11b32eeccd3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-serverip: 43.152.138.87
date: Thu, 11 Apr 2024 05:46:46 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Mon, 05 Dec 2022 10:34:35 GMT
server: Lego Server
etag: "641f3d4e002759df336d5ac862aa372d205363cd"
content-type: text/css
client-ip: 38.132.118.75
x-nws-log-uuid: 9888728219948524608
accept-ranges: bytes
content-length: 11178

GET
H2 200 media.78aaa009.css
cdn.midasbuy.com/oversea_web/static/css/ 243 KB
51 KB 1454ms
67ms Stylesheet
text/css 43.152.138.87
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.midasbuy.com/oversea_web/static/css/media.78aaa009.css?max_age=864000
Requested by: Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.152.138.87 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 4c81b4d626f6951c9cf9d81c113407a391cca1cb13fc8237637174b07205e2ee

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-serverip: 43.152.138.87
date: Thu, 11 Apr 2024 05:46:46 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Tue, 13 Dec 2022 08:33:24 GMT
server: Lego Server
content-type: text/css
client-ip: 38.132.118.75
cache-control: max-age=864000
x-nws-log-uuid: 16054042058369857942
accept-ranges: bytes
content-length: 52196

GET
H2 200 vendor.afc3f335.css
cdn.midasbuy.com/oversea_web/static/css/ 637 KB
230 KB 1451ms
63ms Stylesheet
text/css 43.152.138.87
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.midasbuy.com/oversea_web/static/css/vendor.afc3f335.css?max_age=864000
Requested by: Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.152.138.87 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 792f51b7df80cf64ce739ea2f858628def16033f1c632fb7bb3deee7e47717b7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-serverip: 43.152.138.87
date: Thu, 11 Apr 2024 05:46:46 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Wed, 28 Sep 2022 10:45:20 GMT
server: Lego Server
content-type: text/css
client-ip: 38.132.118.75
cache-control: max-age=864000
x-nws-log-uuid: 17428923490280427710
accept-ranges: bytes
content-length: 234940

GET
H2 200 buypage.c6deb7d4.css
cdn.midasbuy.com/oversea_web/static/css/ 42 KB
14 KB 1710ms
322ms Stylesheet
text/css 43.152.138.87
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.midasbuy.com/oversea_web/static/css/buypage.c6deb7d4.css?max_age=864000
Requested by: Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.152.138.87 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 98e0b03a88ae73940b4280ae996f4ce027c1a6b715d495b14873bafd0ba83a79

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-serverip: 43.152.138.87
date: Thu, 11 Apr 2024 05:46:46 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 21 Oct 2022 12:53:18 GMT
server: Lego Server
content-type: text/css
client-ip: 38.132.118.75
cache-control: max-age=864000
x-nws-log-uuid: 2458290940741721582
accept-ranges: bytes
content-length: 13829

GET
H2 200 media.ac7e56d9.css
cdn.midasbuy.com/oversea_web/static/css/ 230 KB
49 KB 1452ms
65ms Stylesheet
text/css 43.152.138.87
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.midasbuy.com/oversea_web/static/css/media.ac7e56d9.css?max_age=864000
Requested by: Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.152.138.87 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 05d11f7958b571ee1637d67da1ea766f5e9863ba735ba0619c7085fbba1d420b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-serverip: 43.152.138.87
date: Thu, 11 Apr 2024 05:46:46 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 21 Oct 2022 12:53:20 GMT
server: Lego Server
content-type: text/css
client-ip: 38.132.118.75
cache-control: max-age=864000
x-nws-log-uuid: 9518156343961142310
accept-ranges: bytes
content-length: 49706

GET
H2 200 style.css
obamacareenrollment.org/css/ 6 KB
1 KB 255ms
249ms Stylesheet
text/css 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://obamacareenrollment.org/css/style.css

Requested by

Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

fb3cf184434501306554d60085888ffd578238c0f46343c5136c6ec3bbd36195

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 05:46:45 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: br
x-sucuri-cache: MISS
content-length: 1091
x-xss-protection: 1; mode=block
last-modified: Fri, 28 Jul 2023 14:12:36 GMT
server: nginx
etag: "11c0813-19f2-6018cac2ddd00-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 17017
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 facebook.css
obamacareenrollment.org/css/ 4 KB
1 KB 247ms
242ms Stylesheet
text/css 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://obamacareenrollment.org/css/facebook.css

Requested by

Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

f7292d60c8276727fb6716115be320891db1af5d07c8d981bc72808086137400

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 05:46:45 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: br
x-sucuri-cache: MISS
content-length: 795
x-xss-protection: 1; mode=block
last-modified: Fri, 28 Jul 2023 14:12:36 GMT
server: nginx
etag: "11c0811-ee2-6018cac2ddd00-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 17017
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 twitter.css
obamacareenrollment.org/css/ 3 KB
1 KB 253ms
249ms Stylesheet
text/css 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://obamacareenrollment.org/css/twitter.css

Requested by

Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

f3f269f33fb9c1729d4d6ef2b56e7dc514454da87dbe4cd43a9225752a02598e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 05:46:45 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: br
x-sucuri-cache: MISS
content-length: 816
x-xss-protection: 1; mode=block
last-modified: Fri, 28 Jul 2023 14:12:36 GMT
server: nginx
etag: "11c0814-d35-6018cac2ddd00-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 17017
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
8 KB 129ms
45ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 05:46:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 876
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 548328
cdn-cachedat: 03/18/2024 12:59:19
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 4bddc0b069625a1966c4f6a766b995a2
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8728ad908ba27477-MIA
cdn-requestpullsuccess: True

GET
H2 200 all.css
site-assets.fontawesome.com/releases/v6.1.1/css/ 486 KB
80 KB 157ms
63ms Stylesheet
text/css 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://site-assets.fontawesome.com/releases/v6.1.1/css/all.css
Requested by: Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a35f901d01118e5649091bd03ac5784a7db52e111fb3806524c412f3d1dcfc5d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 05:46:45 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 22 Mar 2022 15:39:41 GMT
server: cloudflare
x-amz-request-id: D5WNB5FKCYNAJPYY
age: 12695528
etag: W/"325672b036bab9b57f6873aed5eccc43"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31556926
cf-ray: 8728ad909a462884-MIA
x-amz-id-2: qRJjqRKhEfJAfx4qnMISfsiJesif7D/eoCgbJHlse2UHKPioniy98ARcPPGETa6dWn0x+3Ry/3o=

GET
H3 200 material-design-iconic-font.min.css
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/ 69 KB
6 KB 66ms
44ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css

Requested by

Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 05:46:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 549819
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5845
last-modified: Mon, 04 May 2020 16:12:09 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed9-1149f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vQ9Q1GMbrzS%2BrHxCizpeBmHXeK1mxiPSo5W9nZDE944R8dVfQmO4wD6UutSDJ7qxmthet1SPsPA6GyR4LdT%2BohprqJtajr7tdlhlznYtfsHBn6CxCJFOuvJEJkDlKFyFCoFo9Lqf"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8728ad902d84220f-MIA
expires: Tue, 01 Apr 2025 05:46:45 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 245ms
82ms Stylesheet
text/css 2607:f8b0:4006:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@300;400&display=swap

Requested by

Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

78414e4b4cd2e42924268ca0a17631c493d3b1ed55c5c246216c7dd7d8fe78db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 11 Apr 2024 05:46:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 11 Apr 2024 04:18:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Apr 2024 05:46:45 GMT

GET
H2 200 midas-oversea-h5page.js Show response
cdn.midasbuy.com/h5/overseah5/js/ 56 KB
9 KB 1451ms
66ms Script
application/javascript 43.152.138.87
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.midasbuy.com/h5/overseah5/js/midas-oversea-h5page.js
Requested by: Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.152.138.87 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: a7ca0cd38fc1898212f5bd5884c7f308fcdf918bb45e7b2c715604fc7ee97d53

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-serverip: 43.152.138.87
date: Thu, 11 Apr 2024 05:46:46 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 24 Nov 2023 09:44:32 GMT
server: Lego Server
content-type: application/javascript
client-ip: 38.132.118.75
cache-control: max-age=600
x-nws-log-uuid: 1831211904927315474
accept-ranges: bytes
content-length: 8854

GET
H2 200 midas.runtimev1.js Show response
cdn.midasbuy.com/oversea_web/static/js/ 332 KB
107 KB 1711ms
327ms Script
application/javascript 43.152.138.87
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.midasbuy.com/oversea_web/static/js/midas.runtimev1.js
Requested by: Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.152.138.87 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: e41a623a73d2b33ce30626d1ba9342ebf7b921d2f28ab368ac7cf7dc91efdbdc

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-serverip: 43.152.138.87
date: Thu, 11 Apr 2024 05:46:46 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Tue, 22 Nov 2022 14:30:27 GMT
server: Lego Server
content-type: application/javascript
client-ip: 38.132.118.75
cache-control: max-age=600
x-nws-log-uuid: 4461472905126687692
accept-ranges: bytes
content-length: 109236

GET
H2 200 kEc9hjFh5DQJbz_iPEWrfFxadMVk4PbLDS-5P8jE73pfdUuDwNGKNVZjdEztcHdofAVaHXo6zRGXgLwuvsK_afAEj6w_mKyiUmq-7AesIRU~.js Show response
cdn.midasbuy.com/js/x-midas/ 55 KB
20 KB 1450ms
66ms Script
application/javascript 43.152.138.87
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.midasbuy.com/js/x-midas/kEc9hjFh5DQJbz_iPEWrfFxadMVk4PbLDS-5P8jE73pfdUuDwNGKNVZjdEztcHdofAVaHXo6zRGXgLwuvsK_afAEj6w_mKyiUmq-7AesIRU~.js?max_age=31536000
Requested by: Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.152.138.87 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 2ab08d983fd6007359e6d1ab6c80dc87b34c0d1bccf702dea67e6d20b824a872

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-serverip: 43.152.138.87
date: Thu, 11 Apr 2024 05:46:46 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Wed, 24 Mar 2021 09:43:44 GMT
server: Lego Server
content-type: application/javascript
client-ip: 38.132.118.75
cache-control: max-age=31536000
x-nws-log-uuid: 9737958843633016806
accept-ranges: bytes
content-length: 20219

GET
H2 200 1.jpg
obamacareenrollment.org/img/ 106 KB
106 KB 35ms
34ms Image
image/jpeg 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://obamacareenrollment.org/img/1.jpg

Requested by

Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

8dc0edfbacc44b01492bec0695e55c0230b1bb41b8a72c4c771ee896e9ad6513

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 05:46:44 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Fri, 28 Jul 2023 14:12:36 GMT
server: nginx
etag: "12224f1-1a7ad-6018cac2ddd00"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 17017
accept-ranges: bytes
content-length: 108461
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 seasontoken.png
obamacareenrollment.org/img/ 29 KB
30 KB 73ms
72ms Image
image/png 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://obamacareenrollment.org/img/seasontoken.png

Requested by

Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

7fb8131422bba9cda088005359870721b090dcd043d3cea030367be68c6328a6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 05:46:44 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Fri, 28 Jul 2023 14:12:36 GMT
server: nginx
etag: "1222501-74f6-6018cac2ddd00"
x-frame-options: SAMEORIGIN
content-type: image/png
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 17017
accept-ranges: bytes
content-length: 29942
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2.jpg
obamacareenrollment.org/img/ 109 KB
109 KB 42ms
34ms Image
image/jpeg 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://obamacareenrollment.org/img/2.jpg

Requested by

Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

112e5098ca24fd16143838f8cab6da606970821bf8b7ecbff8c0008532074253

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 05:46:45 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Fri, 28 Jul 2023 14:12:36 GMT
server: nginx
etag: "12224f5-1b323-6018cac2ddd00"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 17017
accept-ranges: bytes
content-length: 111395
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 3.jpg
obamacareenrollment.org/img/ 74 KB
74 KB 42ms
36ms Image
image/jpeg 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://obamacareenrollment.org/img/3.jpg

Requested by

Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

e94b49b2efb38c8468a0b854bc60fa4f350256c014a0628e632c4ee5f100f796

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 05:46:45 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Fri, 28 Jul 2023 14:12:36 GMT
server: nginx
etag: "12224f6-1284a-6018cac2ddd00"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 17017
accept-ranges: bytes
content-length: 75850
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 4.jpg
obamacareenrollment.org/img/ 74 KB
74 KB 43ms
34ms Image
image/jpeg 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://obamacareenrollment.org/img/4.jpg

Requested by

Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

8bf1eaeb00b9b214126dfaf2830232d2b58fd87c3d6521f88330fec2d4abb7b5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 05:46:46 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Fri, 28 Jul 2023 14:12:36 GMT
server: nginx
etag: "12224f7-127f0-6018cac2ddd00"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 17017
accept-ranges: bytes
content-length: 75760
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 5.jpg
obamacareenrollment.org/img/ 74 KB
74 KB 44ms
35ms Image
image/jpeg 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://obamacareenrollment.org/img/5.jpg

Requested by

Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

a32f2fefa6eaffcb3d8b5fb93bc848efccf697c57eabcfbd32566b4bade0a5a5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 05:46:46 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Fri, 28 Jul 2023 14:12:36 GMT
server: nginx
etag: "12224f8-127eb-6018cac2ddd00"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 17017
accept-ranges: bytes
content-length: 75755
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 6.jpg
obamacareenrollment.org/img/ 66 KB
67 KB 46ms
37ms Image
image/jpeg 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://obamacareenrollment.org/img/6.jpg

Requested by

Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

2ce04bfd832a13541cc5c7e7bc3a3a8772a2b0a789a488769c3ff2d29c6e4f60

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 05:46:46 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Fri, 28 Jul 2023 14:12:36 GMT
server: nginx
etag: "12224f9-109f2-6018cac2ddd00"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 17017
accept-ranges: bytes
content-length: 68082
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 7.jpg
obamacareenrollment.org/img/ 72 KB
72 KB 47ms
38ms Image
image/jpeg 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://obamacareenrollment.org/img/7.jpg

Requested by

Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

d5d98b309cc9233c7e514bef13869c25c9d5112a00a8fe55720de8eea292393b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 05:46:46 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Fri, 28 Jul 2023 14:12:36 GMT
server: nginx
etag: "12224fa-11f75-6018cac2ddd00"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 17017
accept-ranges: bytes
content-length: 73589
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 8.jpg
obamacareenrollment.org/img/ 73 KB
74 KB 48ms
39ms Image
image/jpeg 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://obamacareenrollment.org/img/8.jpg

Requested by

Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

eb1335f199225b9a13084d6c56d95b4d41b6cd1734a09ef2a999690345607207

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 05:46:46 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Fri, 28 Jul 2023 14:12:36 GMT
server: nginx
etag: "12224fb-1257c-6018cac2ddd00"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 17017
accept-ranges: bytes
content-length: 75132
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 9.jpg
obamacareenrollment.org/img/ 80 KB
80 KB 86ms
77ms Image
image/jpeg 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://obamacareenrollment.org/img/9.jpg

Requested by

Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

58d2846d87ba6f454c8e4764b0a734de95267406de7ab3a3fb5df88e32ecad3f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 05:46:46 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Fri, 28 Jul 2023 14:12:36 GMT
server: nginx
etag: "12224fc-13f64-6018cac2ddd00"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 17017
accept-ranges: bytes
content-length: 81764
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 10.jpg
obamacareenrollment.org/img/ 80 KB
81 KB 90ms
81ms Image
image/jpeg 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://obamacareenrollment.org/img/10.jpg

Requested by

Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

721306c5fca6a4af7b071955fca0d6f6e481136230131cfdebff83dd0448e8e7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 05:46:46 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Fri, 28 Jul 2023 14:12:36 GMT
server: nginx
etag: "12224f2-1418e-6018cac2ddd00"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 17017
accept-ranges: bytes
content-length: 82318
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 11.jpg
obamacareenrollment.org/img/ 79 KB
80 KB 91ms
82ms Image
image/jpeg 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://obamacareenrollment.org/img/11.jpg

Requested by

Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

7985065bdb394e36c249ff65da1d3a621f1a2758641861153b634a9afdb40465

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 05:46:46 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Fri, 28 Jul 2023 14:12:36 GMT
server: nginx
etag: "12224f3-13d6e-6018cac2ddd00"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 17017
accept-ranges: bytes
content-length: 81262
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 12.jpg
obamacareenrollment.org/img/ 79 KB
80 KB 94ms
86ms Image
image/jpeg 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://obamacareenrollment.org/img/12.jpg

Requested by

Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

4d11f7d47e44a8af2aafbadf5ada4594741585e93b01d4fe96fc43ca7722b933

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 05:46:46 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Fri, 28 Jul 2023 14:12:36 GMT
server: nginx
etag: "12224f4-13d12-6018cac2ddd00"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 17017
accept-ranges: bytes
content-length: 81170
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 facebook-text.png
obamacareenrollment.org/img/ 28 KB
28 KB 95ms
87ms Image
image/png 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://obamacareenrollment.org/img/facebook-text.png

Requested by

Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 05:46:46 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Fri, 28 Jul 2023 14:12:36 GMT
server: nginx
etag: "12224fd-7075-6018cac2ddd00"
x-frame-options: SAMEORIGIN
content-type: image/png
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 17017
accept-ranges: bytes
content-length: 28789
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon_2.jpg
obamacareenrollment.org/img/ 41 KB
41 KB 95ms
87ms Image
image/jpeg 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://obamacareenrollment.org/img/icon_2.jpg

Requested by

Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

0fa244d4efd45a45b32d1319ec495e307381445f62dceb071892f47e431daa81

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 05:46:46 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Fri, 28 Jul 2023 14:12:36 GMT
server: nginx
etag: "12224fe-a2c8-6018cac2ddd00"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 17017
accept-ranges: bytes
content-length: 41672
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 login-Method2.png
i.postimg.cc/dtyfWFF2/ 4 KB
4 KB 284ms
82ms Image
image/png 162.249.168.129
PUREVOLTAGE-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/dtyfWFF2/login-Method2.png
Requested by: Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.249.168.129 , United States, ASN26548 (PUREVOLTAGE-INC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1be5d05ce6faad469f7f9c5a5879f2d9f8d267b60eb394e92c19217268bcea8f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 05:46:47 GMT
last-modified: Sun, 26 Dec 2021 01:53:00 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 4298
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Twitter-Show-Password.png
i.ibb.co/PYpHF6b/ 28 KB
28 KB 281ms
74ms Image
image/png 169.197.85.95
PUREVOLTAGE-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/PYpHF6b/Twitter-Show-Password.png
Requested by: Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.85.95 , United States, ASN26548 (PUREVOLTAGE-INC, US),
Reverse DNS
Software: nginx /
Resource Hash: 6b82611fa96f118128b0db9692dd982ca0fe79b1b4d8048946880600cc4f97c8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 05:46:47 GMT
last-modified: Tue, 17 Jan 2023 04:04:57 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 28355
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Twitter-Hide-Password.png
i.ibb.co/pZDr8sd/ 27 KB
28 KB 282ms
76ms Image
image/png 169.197.85.95
PUREVOLTAGE-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/pZDr8sd/Twitter-Hide-Password.png
Requested by: Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.85.95 , United States, ASN26548 (PUREVOLTAGE-INC, US),
Reverse DNS
Software: nginx /
Resource Hash: e4cff1f68b85c3343554090b3479273a54e5eed2dbb3e56ceb9f86c4ebe8b0e7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 05:46:47 GMT
last-modified: Tue, 17 Jan 2023 04:04:57 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 28029
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 auto-report2.0.2.umd.js Show response
cdn.midasbuy.com/oversea_web/static/js/ 6 KB
2 KB 272ms
271ms Script
application/javascript 43.152.138.87
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.midasbuy.com/oversea_web/static/js/auto-report2.0.2.umd.js
Requested by: Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.152.138.87 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: f6e8f25939adc054f88f9bd13e23dd9fca56979f5981d2c1463c51e60b1dcfc4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-serverip: 43.152.138.87
date: Thu, 11 Apr 2024 05:46:46 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Mon, 22 Nov 2021 11:18:46 GMT
server: Lego Server
content-type: application/javascript
client-ip: 38.132.118.75
cache-control: max-age=600
x-nws-log-uuid: 10856694534891203304
accept-ranges: bytes
content-length: 1930

GET
H2 200 loginSdk2.0.1.42f19978.js Show response
cdn.midasbuy.com/oversea_web/static/js/ 28 KB
9 KB 279ms
278ms Script
application/javascript 43.152.138.87
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.midasbuy.com/oversea_web/static/js/loginSdk2.0.1.42f19978.js
Requested by: Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.152.138.87 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: fbbbb3e8e0858e0d878663667f565583c9682c3ee18f575d0b46d22b8c3200b9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-serverip: 43.152.138.87
date: Thu, 11 Apr 2024 05:46:46 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Wed, 27 Jul 2022 09:04:48 GMT
server: Lego Server
content-type: application/javascript
client-ip: 38.132.118.75
cache-control: max-age=600
x-nws-log-uuid: 3473964356376247514
accept-ranges: bytes
content-length: 9329

GET
H2 200 polyfills.343f3206.js Show response
cdn.midasbuy.com/oversea_web/static/js/ 109 KB
38 KB 59ms
58ms Script
application/javascript 43.152.138.87
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.midasbuy.com/oversea_web/static/js/polyfills.343f3206.js
Requested by: Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.152.138.87 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 49c8d7d9c05c2d50f76fa8ef8d050fad3ee1d1c1a820aa03cf3ed85808a7c27c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-serverip: 43.152.138.87
date: Thu, 11 Apr 2024 05:46:46 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Tue, 07 Mar 2023 19:08:52 GMT
server: Lego Server
content-type: application/javascript
client-ip: 38.132.118.75
cache-control: max-age=600
x-nws-log-uuid: 2575727588503168465
accept-ranges: bytes
content-length: 38697

GET
H2 200 default.71c7960f.js Show response
cdn.midasbuy.com/oversea_web/static/js/ 100 KB
31 KB 58ms
57ms Script
application/javascript 43.152.138.87
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.midasbuy.com/oversea_web/static/js/default.71c7960f.js
Requested by: Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.152.138.87 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 38989b13cbdb33fb5cd2b273423f122312f37d5996f2da4722cbeefe21a258b4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-serverip: 43.152.138.87
date: Thu, 11 Apr 2024 05:46:46 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Mon, 28 Nov 2022 11:27:25 GMT
server: Lego Server
content-type: application/javascript
client-ip: 38.132.118.75
cache-control: max-age=600
x-nws-log-uuid: 2078883620605615445
accept-ranges: bytes
content-length: 31156

GET
H2 200 buypage.21333a60.js Show response
cdn.midasbuy.com/oversea_web/static/js/ 366 KB
90 KB 77ms
66ms Script
application/javascript 43.152.138.87
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.midasbuy.com/oversea_web/static/js/buypage.21333a60.js
Requested by: Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.152.138.87 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 9fe6db302410bbf6ed854a6bda9db89f0b7951719fe1a4d6d819467459ac4f72

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-serverip: 43.152.138.87
date: Thu, 11 Apr 2024 05:46:46 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Wed, 28 Sep 2022 10:48:08 GMT
server: Lego Server
content-type: application/javascript
client-ip: 38.132.118.75
cache-control: max-age=600
x-nws-log-uuid: 11688363000327968147
accept-ranges: bytes
content-length: 91578

GET
H2 200 script.js Show response
obamacareenrollment.org/js/ 13 KB
4 KB 106ms
96ms Script
application/javascript 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://obamacareenrollment.org/js/script.js

Requested by

Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

c67ea99d10e29adb2d8631f194b5a3e145d529a4e5850f17e640c80dcb7e3cae

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 05:46:46 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: br
x-sucuri-cache: MISS
content-length: 3988
x-xss-protection: 1; mode=block
last-modified: Fri, 28 Jul 2023 14:24:04 GMT
server: nginx
etag: "1222507-334c-6018cd52fe900-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 17017
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 myscript.js Show response
obamacareenrollment.org/js/ 189 KB
56 KB 118ms
108ms Script
application/javascript 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://obamacareenrollment.org/js/myscript.js

Requested by

Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

396fed6b2949d930d7006fe9cb16189e37434529e610b7ecc101f801f0b7d234

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 05:46:46 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: br
x-sucuri-cache: MISS
content-length: 56788
x-xss-protection: 1; mode=block
last-modified: Fri, 28 Jul 2023 14:12:38 GMT
server: nginx
etag: "1222506-2f257-6018cac4c6180-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 17017
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 56ms
49ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 05:46:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 635930
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lo5co%2BgD5bPTCDiDdEOhlYtmR6IFOCGDBFIl2NAZNThtt%2FD6IOoE5M3mIWUPNsruoq%2By%2B0d7UbkUMMEmAFkzQAKtW%2FzvfYBNO3QA387k0pW%2FUZ5ea%2BISXIS3FazB8kKLqEWD7vWo"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8728ad99397f220f-MIA
expires: Tue, 01 Apr 2025 05:46:46 GMT

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/ 26 KB
6 KB 56ms
50ms Stylesheet
text/css 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css

Requested by

Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 05:46:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 3555312
cdn-cachedat: 09/18/2022 09:38:56
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"0831cba6a670e405168b84aa20798347"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 4eaa1711cec7a8ca364e106c01e7176b
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8728ad993a84dab1-MIA
cdn-requestpullsuccess: True

GET
H2 403 whitelist Show response
aegis.qq.com/collect/ 13 B
138 B 1088ms
267ms XHR
text/plain 240e:97c:2f:1::6e
CT-GUANGZHOU-IDC ...

General

Check archive.org

Show headers Download Go to

Full URL: https://aegis.qq.com/collect/whitelist?id=xEyy0TQ9LxaDmGDWQg&uin=uv_046123862290262841666404955068&version=1.43.6&aid=696652d6-2a0c-449d-a292-8b3bc65fb323&env=production&platform=3&netType=4&vp=1600%20*%201200&sr=800%20*%20600&sessionId=session-1712814406555&from=https%3A%2F%2Fobamacareenrollment.org%2F&referer=
Requested by: Host: cdn-go.cn
URL: https://cdn-go.cn/aegis/aegis-sdk/latest/aegis.min.js?_bid=3977
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 240e:97c:2f:1::6e , China, ASN58466 (CT-GUANGZHOU-IDC CHINANET Guangdong province network, CN),
Reverse DNS
Software: openresty / Express
Resource Hash: 0f9acc04dbac5096b11f6f3b16188ffd8e9ec18a1f6408015285454581080cf9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Thu, 11 Apr 2024 05:46:47 GMT
server: openresty
x-powered-by: Express
content-length: 13
content-type: text/plain

GET
H2 204 pv Show response
aegis.qq.com/collect/ 0
275 B 1055ms
265ms XHR
text/plain 240e:97c:2f:1::6e
CT-GUANGZHOU-IDC ...

General

Check archive.org

Show headers Download Go to

Full URL: https://aegis.qq.com/collect/pv?id=xEyy0TQ9LxaDmGDWQg&uin=uv_046123862290262841666404955068&version=1.43.6&aid=696652d6-2a0c-449d-a292-8b3bc65fb323&env=production&platform=3&netType=4&vp=1600%20*%201200&sr=800%20*%20600&sessionId=session-1712814406555&from=https%3A%2F%2Fobamacareenrollment.org%2F&referer=
Requested by: Host: cdn-go.cn
URL: https://cdn-go.cn/aegis/aegis-sdk/latest/aegis.min.js?_bid=3977
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 240e:97c:2f:1::6e , China, ASN58466 (CT-GUANGZHOU-IDC CHINANET Guangdong province network, CN),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Thu, 11 Apr 2024 05:46:47 GMT
cross-origin-resource-policy: cross-origin
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS

GET log_data.fcg
report1.midasbuy.com/cgi-bin/ 0
0

GET
DATA 200
OK truncated
/ 342 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d6a74b0664ee793a272b7e4e29f5449b758711b4c4e1362e73a451dd130ae2bb

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 seasontoken.png
obamacareenrollment.org/img/ 29 KB
30 KB 64ms
63ms Image
image/png 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://obamacareenrollment.org/img/seasontoken.png

Requested by

Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

7fb8131422bba9cda088005359870721b090dcd043d3cea030367be68c6328a6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 05:46:46 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Fri, 28 Jul 2023 14:12:36 GMT
server: nginx
etag: "1222501-74f6-6018cac2ddd00"
x-frame-options: SAMEORIGIN
content-type: image/png
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 17017
accept-ranges: bytes
content-length: 29942
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK tencent-kepler.js Show response
kepler.captcha.qcloud.com/ 147 KB
56 KB 1604ms
269ms Script
text/javascript 124.156.190.80
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://kepler.captcha.qcloud.com/tencent-kepler.js?appId=9865970
Requested by: Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 124.156.190.80 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: tencent http server /
Resource Hash: 2bc44ec886542faf19965c1aad8d5b273f052d76585cc5fd934ce59f1d24ebe2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 11 Apr 2024 05:46:48 GMT
Content-Encoding: gzip
Server: tencent http server
P3P: CP=CAO PSA OUR
Content-Type: text/javascript
Cache-Control: max-age=600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 56621

GET api.global.js
cdn.midasbuy.com/apps/activity/js/api/ 0
0

GET
H2 200 api.global.js Show response
cdn.midasbuy.com/apps/activity/js/api/ 26 KB
8 KB 74ms
54ms Script
application/javascript 43.152.138.87
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.midasbuy.com/apps/activity/js/api/api.global.js
Requested by: Host: cdn.midasbuy.com
URL: https://cdn.midasbuy.com/oversea_web/static/js/buypage.21333a60.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.152.138.87 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: cd8f66a69dc6e4d5ec3ba61159755a32de7a9772ec5a2350d47420477612cdf0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-serverip: 43.152.138.87
date: Thu, 11 Apr 2024 05:46:47 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Wed, 10 Jan 2024 09:33:34 GMT
server: Lego Server
etag: "bc2e84e0af0f315b087feb4572e3b7ffca8603e9"
content-type: application/javascript
client-ip: 38.132.118.75
x-nws-log-uuid: 9581842880934305972
accept-ranges: bytes
content-length: 8291

GET
H2 404 ot Show response
obamacareenrollment.org/apps/login/home/ Frame 4BC0 315 B
536 B 96ms
86ms Document
text/html 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://obamacareenrollment.org/apps/login/home/ot?hidePop=1

Requested by

Host: cdn.midasbuy.com
URL: https://cdn.midasbuy.com/oversea_web/static/js/loginSdk2.0.1.42f19978.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://obamacareenrollment.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-length: 315
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=iso-8859-1
date: Thu, 11 Apr 2024 05:46:47 GMT
server: nginx
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-sucuri-cache: BYPASS
x-sucuri-id: 17017
x-xss-protection: 1; mode=block

GET
H2 404 receivemsg Show response
obamacareenrollment.org/ Frame A172 315 B
534 B 845ms
802ms Document
text/html 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://obamacareenrollment.org/receivemsg?buy_type_key=CURRENT_BUY_ITEM_SAVE_page_020303566589533517

Requested by

Host: cdn.midasbuy.com
URL: https://cdn.midasbuy.com/oversea_web/static/js/buypage.21333a60.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://obamacareenrollment.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-length: 315
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=iso-8859-1
date: Thu, 11 Apr 2024 05:46:47 GMT
server: nginx
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-sucuri-cache: MISS
x-sucuri-id: 17017
x-xss-protection: 1; mode=block

GET
H2 200 nav_language.svg
www.pubgmobile.com/en/images/ 1 KB
816 B 1837ms
1058ms Image
image/svg+xml 2600:141b:1c00:8::1728:b32e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pubgmobile.com/en/images/nav_language.svg
Requested by: Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:8::1728:b32e Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: a441182568ad88fa9c54384de94a77f64148d3d54df66ea1beff4a11100967c6

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 05:46:49 GMT
content-encoding: gzip
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
server: nginx
etag: "62387c82-45b"
vary: Accept-Encoding
content-type: image/svg+xml
accept-ranges: bytes
content-length: 675

GET
H2 200 new-user-icon723b1902.png
cdn.midasbuy.com/images/ 2 KB
2 KB 105ms
64ms Image
image/png 43.152.138.87
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.midasbuy.com/images/new-user-icon723b1902.png
Requested by: Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.152.138.87 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: dfd2e7c94a93c8549c8a5e670d9cd5b4c7f3251c3a1e9ac32f119df54edd4fd0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-serverip: 43.152.138.87
date: Thu, 11 Apr 2024 05:46:47 GMT
x-cache-lookup: Cache Hit
last-modified: Tue, 19 Jan 2021 03:11:03 GMT
server: Lego Server
content-type: image/png
client-ip: 38.132.118.75
cache-control: max-age=600
x-nws-log-uuid: 9754182920390059021
accept-ranges: bytes
content-length: 1871

GET
H2 200 pc-logo.png
cdn.midasbuy.com/oversea_web/static/images/ 5 KB
5 KB 99ms
58ms Image
image/png 43.152.138.87
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.midasbuy.com/oversea_web/static/images/pc-logo.png
Requested by: Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.152.138.87 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 607b00f0fd839eb7f8250d7c4d0c0b4a31a08b32b2b8b5cbdd9fe3125b2eb985

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-serverip: 43.152.138.87
date: Thu, 11 Apr 2024 05:46:47 GMT
x-cache-lookup: Cache Hit
last-modified: Fri, 15 Mar 2024 08:26:55 GMT
server: Lego Server
content-type: image/png
client-ip: 38.132.118.75
cache-control: max-age=600
x-nws-log-uuid: 7724383921294638097
accept-ranges: bytes
content-length: 5403

GET
H2 200 big-new-close-icon.png
cdn.midasbuy.com/oversea_web/static/images/ 373 B
503 B 101ms
60ms Image
image/png 43.152.138.87
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.midasbuy.com/oversea_web/static/images/big-new-close-icon.png
Requested by: Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.152.138.87 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: fea99403dd834e7b61ee51fd481e0d4fcbca047aadd57c15d405513e0b7e8a99

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-serverip: 43.152.138.87
date: Thu, 11 Apr 2024 05:46:47 GMT
x-cache-lookup: Cache Hit
last-modified: Fri, 15 Mar 2024 08:26:17 GMT
server: Lego Server
content-type: image/png
client-ip: 38.132.118.75
cache-control: max-age=600
x-nws-log-uuid: 4896537180534336422
accept-ranges: bytes
content-length: 373

GET
H2 200 token.png
obamacareenrollment.org/img/ 51 KB
52 KB 65ms
24ms Image
image/png 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://obamacareenrollment.org/img/token.png

Requested by

Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

b09eec0b7a58154c2e496c44c88e134f16f36bb3521fb3dff37e182a3df6132b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 05:46:47 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Fri, 28 Jul 2023 14:12:36 GMT
server: nginx
etag: "1222502-cdc3-6018cac2ddd00"
x-frame-options: SAMEORIGIN
content-type: image/png
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 17017
accept-ranges: bytes
content-length: 52675
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1.jpg
obamacareenrollment.org/img/ 106 KB
106 KB 62ms
27ms Image
image/jpeg 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://obamacareenrollment.org/img/1.jpg

Requested by

Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

8dc0edfbacc44b01492bec0695e55c0230b1bb41b8a72c4c771ee896e9ad6513

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 05:46:47 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Fri, 28 Jul 2023 14:12:36 GMT
server: nginx
etag: "12224f1-1a7ad-6018cac2ddd00"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 17017
accept-ranges: bytes
content-length: 108461
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2.jpg
obamacareenrollment.org/img/ 109 KB
109 KB 63ms
28ms Image
image/jpeg 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://obamacareenrollment.org/img/2.jpg

Requested by

Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

112e5098ca24fd16143838f8cab6da606970821bf8b7ecbff8c0008532074253

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 05:46:47 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Fri, 28 Jul 2023 14:12:36 GMT
server: nginx
etag: "12224f5-1b323-6018cac2ddd00"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 17017
accept-ranges: bytes
content-length: 111395
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 3.jpg
obamacareenrollment.org/img/ 74 KB
74 KB 65ms
29ms Image
image/jpeg 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://obamacareenrollment.org/img/3.jpg

Requested by

Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

e94b49b2efb38c8468a0b854bc60fa4f350256c014a0628e632c4ee5f100f796

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 05:46:47 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Fri, 28 Jul 2023 14:12:36 GMT
server: nginx
etag: "12224f6-1284a-6018cac2ddd00"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 17017
accept-ranges: bytes
content-length: 75850
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 4.jpg
obamacareenrollment.org/img/ 74 KB
74 KB 65ms
31ms Image
image/jpeg 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://obamacareenrollment.org/img/4.jpg

Requested by

Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

8bf1eaeb00b9b214126dfaf2830232d2b58fd87c3d6521f88330fec2d4abb7b5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 05:46:47 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Fri, 28 Jul 2023 14:12:36 GMT
server: nginx
etag: "12224f7-127f0-6018cac2ddd00"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 17017
accept-ranges: bytes
content-length: 75760
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 5.jpg
obamacareenrollment.org/img/ 74 KB
74 KB 98ms
64ms Image
image/jpeg 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://obamacareenrollment.org/img/5.jpg

Requested by

Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

a32f2fefa6eaffcb3d8b5fb93bc848efccf697c57eabcfbd32566b4bade0a5a5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 05:46:47 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Fri, 28 Jul 2023 14:12:36 GMT
server: nginx
etag: "12224f8-127eb-6018cac2ddd00"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 17017
accept-ranges: bytes
content-length: 75755
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 6.jpg
obamacareenrollment.org/img/ 66 KB
67 KB 115ms
81ms Image
image/jpeg 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://obamacareenrollment.org/img/6.jpg

Requested by

Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

2ce04bfd832a13541cc5c7e7bc3a3a8772a2b0a789a488769c3ff2d29c6e4f60

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 05:46:47 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Fri, 28 Jul 2023 14:12:36 GMT
server: nginx
etag: "12224f9-109f2-6018cac2ddd00"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 17017
accept-ranges: bytes
content-length: 68082
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 7.jpg
obamacareenrollment.org/img/ 72 KB
72 KB 130ms
97ms Image
image/jpeg 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://obamacareenrollment.org/img/7.jpg

Requested by

Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

d5d98b309cc9233c7e514bef13869c25c9d5112a00a8fe55720de8eea292393b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 05:46:47 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Fri, 28 Jul 2023 14:12:36 GMT
server: nginx
etag: "12224fa-11f75-6018cac2ddd00"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 17017
accept-ranges: bytes
content-length: 73589
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 8.jpg
obamacareenrollment.org/img/ 73 KB
74 KB 145ms
112ms Image
image/jpeg 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://obamacareenrollment.org/img/8.jpg

Requested by

Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

eb1335f199225b9a13084d6c56d95b4d41b6cd1734a09ef2a999690345607207

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 05:46:47 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Fri, 28 Jul 2023 14:12:36 GMT
server: nginx
etag: "12224fb-1257c-6018cac2ddd00"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 17017
accept-ranges: bytes
content-length: 75132
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 9.jpg
obamacareenrollment.org/img/ 80 KB
80 KB 178ms
145ms Image
image/jpeg 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://obamacareenrollment.org/img/9.jpg

Requested by

Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

58d2846d87ba6f454c8e4764b0a734de95267406de7ab3a3fb5df88e32ecad3f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 05:46:47 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Fri, 28 Jul 2023 14:12:36 GMT
server: nginx
etag: "12224fc-13f64-6018cac2ddd00"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 17017
accept-ranges: bytes
content-length: 81764
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 10.jpg
obamacareenrollment.org/img/ 80 KB
81 KB 764ms
734ms Image
image/jpeg 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://obamacareenrollment.org/img/10.jpg

Requested by

Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

721306c5fca6a4af7b071955fca0d6f6e481136230131cfdebff83dd0448e8e7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 05:46:47 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Fri, 28 Jul 2023 14:12:36 GMT
server: nginx
etag: "12224f2-1418e-6018cac2ddd00"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 17017
accept-ranges: bytes
content-length: 82318
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 11.jpg
obamacareenrollment.org/img/ 79 KB
80 KB 797ms
768ms Image
image/jpeg 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://obamacareenrollment.org/img/11.jpg

Requested by

Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

7985065bdb394e36c249ff65da1d3a621f1a2758641861153b634a9afdb40465

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 05:46:47 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Fri, 28 Jul 2023 14:12:36 GMT
server: nginx
etag: "12224f3-13d6e-6018cac2ddd00"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 17017
accept-ranges: bytes
content-length: 81262
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 12.jpg
obamacareenrollment.org/img/ 79 KB
80 KB 805ms
775ms Image
image/jpeg 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://obamacareenrollment.org/img/12.jpg

Requested by

Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

4d11f7d47e44a8af2aafbadf5ada4594741585e93b01d4fe96fc43ca7722b933

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 05:46:47 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Fri, 28 Jul 2023 14:12:36 GMT
server: nginx
etag: "12224f4-13d12-6018cac2ddd00"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 17017
accept-ranges: bytes
content-length: 81170
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 footer-fb-new.png
cdn.midasbuy.com/oversea_web/static/images/footer/ 3 KB
3 KB 88ms
59ms Image
image/png 43.152.138.87
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.midasbuy.com/oversea_web/static/images/footer/footer-fb-new.png
Requested by: Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.152.138.87 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: cc8830f258c471b9cb15d69cda554d5181bd680996dd0041e3b9986b3b0769bf

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-serverip: 43.152.138.87
date: Thu, 11 Apr 2024 05:46:47 GMT
x-cache-lookup: Cache Hit
last-modified: Tue, 13 Jul 2021 11:45:46 GMT
server: Lego Server
content-type: image/png
client-ip: 38.132.118.75
cache-control: max-age=600
x-nws-log-uuid: 6733439620812556966
accept-ranges: bytes
content-length: 2899

GET
H2 200 footer-ins-new.png
cdn.midasbuy.com/oversea_web/static/images/footer/ 7 KB
8 KB 88ms
59ms Image
image/png 43.152.138.87
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.midasbuy.com/oversea_web/static/images/footer/footer-ins-new.png
Requested by: Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.152.138.87 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: f2ad27dbb5397878470e88c31ca3c398f490f9e720ba0ca649ec6bf137f4d6bc

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-serverip: 43.152.138.87
date: Thu, 11 Apr 2024 05:46:47 GMT
x-cache-lookup: Cache Hit
last-modified: Tue, 13 Jul 2021 11:45:46 GMT
server: Lego Server
content-type: image/png
client-ip: 38.132.118.75
cache-control: max-age=600
x-nws-log-uuid: 7369256759512081483
accept-ranges: bytes
content-length: 7625

GET
H2 200 footer-twitter-new.png
cdn.midasbuy.com/oversea_web/static/images/footer/ 5 KB
5 KB 91ms
63ms Image
image/png 43.152.138.87
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.midasbuy.com/oversea_web/static/images/footer/footer-twitter-new.png
Requested by: Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.152.138.87 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: d6a605020cfb1091630b300b918363d2b61333c9f68c498eb6a73f323b35e1a7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-serverip: 43.152.138.87
date: Thu, 11 Apr 2024 05:46:47 GMT
x-cache-lookup: Cache Hit
last-modified: Tue, 13 Jul 2021 11:45:46 GMT
server: Lego Server
content-type: image/png
client-ip: 38.132.118.75
cache-control: max-age=600
x-nws-log-uuid: 8244590041956417611
accept-ranges: bytes
content-length: 5151

GET
H2 200 footer-youtube-new.png
cdn.midasbuy.com/oversea_web/static/images/footer/ 4 KB
4 KB 88ms
60ms Image
image/png 43.152.138.87
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.midasbuy.com/oversea_web/static/images/footer/footer-youtube-new.png
Requested by: Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.152.138.87 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 0e888a266c4ad5136be1cf650faf222ed0d644c54d83068f0dfabc0fae53e90c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-serverip: 43.152.138.87
date: Thu, 11 Apr 2024 05:46:47 GMT
x-cache-lookup: Cache Hit
last-modified: Tue, 13 Jul 2021 11:45:46 GMT
server: Lego Server
content-type: image/png
client-ip: 38.132.118.75
cache-control: max-age=600
x-nws-log-uuid: 12429919992799673988
accept-ranges: bytes
content-length: 3955

GET
H2 200 Discord.8277bca0.png
cdn.midasbuy.com/images/ 5 KB
5 KB 104ms
77ms Image
image/png 43.152.138.87
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.midasbuy.com/images/Discord.8277bca0.png
Requested by: Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.152.138.87 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 25157739816315d396c664fd1f45336d8ab8bf9d768aa911e93cbebc95614a58

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-serverip: 43.152.138.87
date: Thu, 11 Apr 2024 05:46:47 GMT
x-cache-lookup: Cache Hit
last-modified: Fri, 22 Apr 2022 08:25:18 GMT
server: Lego Server
content-type: image/png
client-ip: 38.132.118.75
cache-control: max-age=600
x-nws-log-uuid: 11104270406252011422
accept-ranges: bytes
content-length: 5224

GET
H2 200 footer-email-subscribe.png
cdn.midasbuy.com/oversea_web/static/images/footer/ 3 KB
3 KB 120ms
92ms Image
image/png 43.152.138.87
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.midasbuy.com/oversea_web/static/images/footer/footer-email-subscribe.png
Requested by: Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.152.138.87 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: b9ca6c3a516ec9dfbe4f33e318d560f265836d51627cb9fa3d881062a2fd98e2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-serverip: 43.152.138.87
date: Thu, 11 Apr 2024 05:46:47 GMT
x-cache-lookup: Cache Hit
last-modified: Fri, 15 Mar 2024 08:26:39 GMT
server: Lego Server
content-type: image/png
client-ip: 38.132.118.75
cache-control: max-age=600
x-nws-log-uuid: 4182173302863508653
accept-ranges: bytes
content-length: 3349

GET
H2 200 footer-tiktok-white.7743a9ae.png
cdn.midasbuy.com/images/ 2 KB
2 KB 89ms
62ms Image
image/png 43.152.138.87
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.midasbuy.com/images/footer-tiktok-white.7743a9ae.png
Requested by: Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.152.138.87 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: f10cdb32b8d7212970310db9166bb421eaea8128f1767604c22001fac1d5aa97

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-serverip: 43.152.138.87
date: Thu, 11 Apr 2024 05:46:47 GMT
x-cache-lookup: Cache Hit
last-modified: Mon, 26 Sep 2022 03:12:26 GMT
server: Lego Server
content-type: image/png
client-ip: 38.132.118.75
cache-control: max-age=600
x-nws-log-uuid: 7763161093341907599
accept-ranges: bytes
content-length: 2135

GET
H2 200 footer-reddit.d66cdc0d.png
cdn.midasbuy.com/images/ 5 KB
5 KB 143ms
117ms Image
image/png 43.152.138.87
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.midasbuy.com/images/footer-reddit.d66cdc0d.png
Requested by: Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.152.138.87 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 642703b53950fc841394918d79cbabec6060242e45c8ded41d324e7d6dce8924

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-serverip: 43.152.138.87
date: Thu, 11 Apr 2024 05:46:47 GMT
x-cache-lookup: Cache Hit
last-modified: Mon, 26 Sep 2022 03:12:26 GMT
server: Lego Server
content-type: image/png
client-ip: 38.132.118.75
cache-control: max-age=600
x-nws-log-uuid: 12390215957904151981
accept-ranges: bytes
content-length: 5043

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62b922b23ef41e6d06d143790d4d3f006952b92cbe04965277158957bcfcc521

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 190 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f4d147558a3355f9e76577d39df376c8e39a3e726e20dadfb671c9b3c3fa89ca

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 286 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b4e01dbe632b2bb066f8223e3e2c4002adff2f874e75d7e95f0b6466f178a92b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 549 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6d8ef4a7102f9452e2a3e0a6b18d772c3374a82f4c1b07d5c826d3562a4bd887

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 659 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a813001ddd375383df573a9949879726a9b90f834ab2e1881c1c7174ab46001c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 1920_240.27785871.jpg
cdn.midasbuy.com/images/ 127 KB
127 KB 145ms
119ms Image
image/jpeg 43.152.138.87
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.midasbuy.com/images/1920_240.27785871.jpg
Requested by: Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.152.138.87 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: a04e62520b1ef9c4ec1ec2237df0b29a5d07d312bc14f08694a8386525a74e37

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-serverip: 43.152.138.87
date: Thu, 11 Apr 2024 05:46:47 GMT
x-cache-lookup: Cache Hit
last-modified: Mon, 17 Jul 2023 10:09:00 GMT
server: Lego Server
content-type: image/jpeg
client-ip: 38.132.118.75
cache-control: max-age=600
x-nws-log-uuid: 17622853088998770380
accept-ranges: bytes
content-length: 129766

GET
H2 200 1920_240.29bc6ac0.jpg
cdn.midasbuy.com/images/ 264 KB
264 KB 146ms
120ms Image
image/jpeg 43.152.138.87
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.midasbuy.com/images/1920_240.29bc6ac0.jpg
Requested by: Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.152.138.87 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: a262dc7f60f901be0f519d348039f77cdfba7dccd0d20f9c4fadd9436b168447

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-serverip: 43.152.138.87
date: Thu, 11 Apr 2024 05:46:47 GMT
x-cache-lookup: Cache Hit
last-modified: Tue, 18 Jul 2023 08:41:35 GMT
server: Lego Server
etag: "57bb8ff43852cc357c5512a23cba41d263c1b26f"
content-type: image/jpeg
client-ip: 38.132.118.75
x-nws-log-uuid: 8320769059897061365
accept-ranges: bytes
content-length: 270222

GET
H2 200 1920x240.7c808b6c.jpg
cdn.midasbuy.com/images/ 189 KB
189 KB 370ms
345ms Image
image/jpeg 43.152.138.87
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.midasbuy.com/images/1920x240.7c808b6c.jpg
Requested by: Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.152.138.87 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 43ba6fe926cd68300dcdc8829c6bf73aeb24768ad2d5f46177041d9a3b08f3d6

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-serverip: 43.152.138.87
date: Thu, 11 Apr 2024 05:46:47 GMT
x-cache-lookup: Cache Hit
last-modified: Fri, 10 Jun 2022 08:11:25 GMT
server: Lego Server
content-type: image/jpeg
client-ip: 38.132.118.75
cache-control: max-age=600
x-nws-log-uuid: 1768568869141902484
accept-ranges: bytes
content-length: 193591

GET
H2 200 1920x240.dbf12c4a.jpg
cdn.midasbuy.com/images/ 213 KB
214 KB 466ms
441ms Image
image/jpeg 43.152.138.87
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.midasbuy.com/images/1920x240.dbf12c4a.jpg
Requested by: Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.152.138.87 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: b962b25d728f30dc950f67560e8a26a57ebfaf2e6da255b75398c1d197ba3711

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-serverip: 43.152.138.87
date: Thu, 11 Apr 2024 05:46:47 GMT
x-cache-lookup: Cache Hit
last-modified: Fri, 10 Jun 2022 08:07:52 GMT
server: Lego Server
content-type: image/jpeg
client-ip: 38.132.118.75
cache-control: max-age=600
x-nws-log-uuid: 5405854710081620692
accept-ranges: bytes
content-length: 218481

GET
H2 200 1920x240.c14b9297.jpg
cdn.midasbuy.com/images/ 197 KB
197 KB 182ms
157ms Image
image/jpeg 43.152.138.87
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.midasbuy.com/images/1920x240.c14b9297.jpg
Requested by: Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.152.138.87 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: a1f612eccc1972fe3716595659a228ebc8578b36ebb2aa92d4b092bf4a862f0a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-serverip: 43.152.138.87
date: Thu, 11 Apr 2024 05:46:47 GMT
x-cache-lookup: Cache Hit
last-modified: Fri, 10 Jun 2022 08:06:02 GMT
server: Lego Server
content-type: image/jpeg
client-ip: 38.132.118.75
cache-control: max-age=600
x-nws-log-uuid: 7579295227522269214
accept-ranges: bytes
content-length: 201387

GET
H2 200 906-1920x240-EN.71b79b20.jpg
cdn.midasbuy.com/images/ 215 KB
215 KB 144ms
119ms Image
image/jpeg 43.152.138.87
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.midasbuy.com/images/906-1920x240-EN.71b79b20.jpg
Requested by: Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.152.138.87 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 3225b6ea8b6f95f767b985b43fcaa64147e1205f8cc9e01d914351b79be9e625

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-serverip: 43.152.138.87
date: Thu, 11 Apr 2024 05:46:47 GMT
x-cache-lookup: Cache Hit
last-modified: Thu, 16 Feb 2023 13:24:57 GMT
server: Lego Server
content-type: image/jpeg
client-ip: 38.132.118.75
cache-control: max-age=600
x-nws-log-uuid: 10435593358223265589
accept-ranges: bytes
content-length: 220248

GET
H2 200 1920_240-en.06068094.png
cdn.midasbuy.com/images/ 592 KB
593 KB 144ms
119ms Image
image/png 43.152.138.87
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.midasbuy.com/images/1920_240-en.06068094.png
Requested by: Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.152.138.87 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: e13f0fcc2cf837f46b8ea1ac029da575ba9a5a7b69db876a4af59c4475457b73

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-serverip: 43.152.138.87
date: Thu, 11 Apr 2024 05:46:47 GMT
x-cache-lookup: Cache Hit
last-modified: Fri, 12 May 2023 06:42:16 GMT
server: Lego Server
content-type: image/png
client-ip: 38.132.118.75
cache-control: max-age=600
x-nws-log-uuid: 3910757824554868230
accept-ranges: bytes
content-length: 606568

GET
H2 200 1920-240.321b317e.png
cdn.midasbuy.com/images/ 703 KB
704 KB 361ms
336ms Image
image/png 43.152.138.87
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.midasbuy.com/images/1920-240.321b317e.png
Requested by: Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.152.138.87 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 6e5c589a1159ea679bcb283e5214cf99b128a6647f8f8bae5b04b58c57a87bc7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-serverip: 43.152.138.87
date: Thu, 11 Apr 2024 05:46:47 GMT
x-cache-lookup: Cache Hit
last-modified: Thu, 03 Nov 2022 03:13:24 GMT
server: Lego Server
content-type: image/png
client-ip: 38.132.118.75
cache-control: max-age=600
x-nws-log-uuid: 9203708925576951241
accept-ranges: bytes
content-length: 720107

GET
DATA 200
OK truncated
/ 592 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67286f6dce1093a39cbb8e8f28274a21cc39b33100c2967ddcdf4e3feb433a0f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 551 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b0ada946fb49a4c286cc794c28468a60d9c743166777c6c1fd60e3a07997d858

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8e8a6069e58685713f860d72bff14b404c6f959d9103b67a5ded7d23dff3bf47

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 313 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 35b81dd0f9a00d389f7d6e4d90c0d14482bcb8cd023b022868585ef4e6afe024

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 183 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: faabcfd1ca3ae5f4034064875b834645b02b4201649705f238a0a2adbfbd3893

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 coupon-1.8b1c293d.png
cdn.midasbuy.com/oversea_web/static/images/ 6 KB
6 KB 180ms
155ms Image
image/png 43.152.138.87
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.midasbuy.com/oversea_web/static/images/coupon-1.8b1c293d.png
Requested by: Host: cdn.midasbuy.com
URL: https://cdn.midasbuy.com/oversea_web/static/css/mallpage.1a79afe3.css?max_age=864000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.152.138.87 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: c267650422551425486e1621a6bcdec1138c302dbfc4f0e814a8b215a7eaf1f8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cdn.midasbuy.com/oversea_web/static/css/mallpage.1a79afe3.css?max_age=864000
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-serverip: 43.152.138.87
date: Thu, 11 Apr 2024 05:46:47 GMT
x-cache-lookup: Cache Hit
last-modified: Fri, 15 Mar 2024 08:26:27 GMT
server: Lego Server
content-type: image/png
client-ip: 38.132.118.75
access-control-allow-origin: https://cdn.midasbuy.com
cache-control: max-age=600
x-nws-log-uuid: 14975401518557173609
accept-ranges: bytes
timing-allow-origin: https://cdn.midasbuy.com
content-length: 6137

GET
DATA 200
OK truncated
/ 284 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6adaa90ebe57e3cb2a3b89680d0e7b20b14d7605dac086c0787b788f5c96f5a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b9e484573b840fac6e4bfe516e323d7ad54e517ce9f4bd734f635e2685b2204c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 DINMITTELSCHRIFTSTD.woff
obamacareenrollment.org/font/ 24 KB
25 KB 810ms
798ms Font
font/woff 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://obamacareenrollment.org/font/DINMITTELSCHRIFTSTD.woff

Requested by

Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

c2293fa86d99d0f1f06b2ac7f85ae0517e4a3bacfd9946de7b012f04aa2d831c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
Origin: https://obamacareenrollment.org
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 05:46:47 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: br
x-sucuri-cache: HIT
content-length: 24881
x-xss-protection: 1; mode=block
last-modified: Fri, 28 Jul 2023 14:12:36 GMT
server: nginx
etag: "1200b4c-61a4-6018cac2ddd00-br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff
cache-control: max-age=315360000
x-sucuri-id: 17017
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 404 getLoginInfoV2 Show response
obamacareenrollment.org/interface/ 315 B
534 B 594ms
577ms XHR
text/html 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://obamacareenrollment.org/interface/getLoginInfoV2?encrypt_msg=JsOZJsOBwpkIwoDCgAzDoMOzw6nChcKqwp7ChgIdw6jDqcOEwqTDuMKwwrM1c8OMw6XCtMOGNg%3D%3D&ctoken_ver=1.0.1&ctoken=d356f0bae5ca9abd01785bf204c57fbcd775c5620d0e24f80fdf59ab34b681638959674f474b5999ba66516ca547b0c7&_r=0.49527732348960174

Requested by

Host: cdn-go.cn
URL: https://cdn-go.cn/aegis/aegis-sdk/latest/aegis.min.js?_bid=3977

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 05:46:47 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/html; charset=iso-8859-1
x-sucuri-cache: MISS
x-sucuri-id: 17017
content-length: 315
x-xss-protection: 1; mode=block

GET log_data.fcg
report1.midasbuy.com/cgi-bin/ 0
0

GET
H2 404 many-valid-events Show response
obamacareenrollment.org/apps/activity/api/activity-initialize/ 315 B
546 B 367ms
366ms XHR
text/html 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://obamacareenrollment.org/apps/activity/api/activity-initialize/many-valid-events?appid=1450015065&country=ot&supportEmbed=1

Requested by

Host: cdn-go.cn
URL: https://cdn-go.cn/aegis/aegis-sdk/latest/aegis.min.js?_bid=3977

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 05:46:47 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/html; charset=iso-8859-1
x-sucuri-cache: EXPIRED
x-sucuri-id: 17017
content-length: 315
x-xss-protection: 1; mode=block

GET log_data.fcg
report1.midasbuy.com/cgi-bin/ 0
0

POST
H/1.1 200
OK getwt Show response
kepler.captcha.qcloud.com/ 358 B
606 B 774ms
257ms XHR
text/json 124.156.190.80
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://kepler.captcha.qcloud.com/getwt
Requested by: Host: cdn-go.cn
URL: https://cdn-go.cn/aegis/aegis-sdk/latest/aegis.min.js?_bid=3977
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 124.156.190.80 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: tencent http server /
Resource Hash: adc39aedd05c173b973eea2b6f92907a174ec08a43c9e2b27a0710f6a368303c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: No-cache
Date: Thu, 11 Apr 2024 05:46:50 GMT
Server: tencent http server
Content-Type: text/json
Access-Control-Allow-Origin: *
P3P: CP=CAO PSA OUR
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 358

GET
H2 200 benchmark.enc.js Show response
cdn.midasbuy.com/js/ 362 B
345 B 222ms
222ms Script
application/javascript 43.152.138.87
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.midasbuy.com/js/benchmark.enc.js?v=2
Requested by: Host: obamacareenrollment.org
URL: https://obamacareenrollment.org/js/myscript.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.152.138.87 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: d29915df2f9a5a5f10009cb53fd18a2e678b90519e4087dbf1186f103e3808ad

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-serverip: 43.152.138.87
date: Thu, 11 Apr 2024 05:46:49 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Tue, 14 Jun 2022 02:29:46 GMT
server: Lego Server
content-type: application/javascript
client-ip: 38.132.118.75
cache-control: max-age=600
x-nws-log-uuid: 18173156357127219557
accept-ranges: bytes
content-length: 205

GET log_data.fcg
report1.midasbuy.com/cgi-bin/ 0
0

GET
H2 200 favicon.ico
obamacareenrollment.org/ 3 B
309 B 38ms
38ms Other
text/html 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://obamacareenrollment.org/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 05:46:49 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: br
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 17017
content-length: 7
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET log_data.fcg
report1.midasbuy.com/cgi-bin/ 0
0

POST
H/1.1 200
OK getwt Show response
kepler.captcha.qcloud.com/ 358 B
606 B 256ms
255ms XHR
text/json 124.156.190.80
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://kepler.captcha.qcloud.com/getwt
Requested by: Host: cdn-go.cn
URL: https://cdn-go.cn/aegis/aegis-sdk/latest/aegis.min.js?_bid=3977
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 124.156.190.80 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: tencent http server /
Resource Hash: 6c104c023862fd5c473f739170928d46b591af62eb96c8fc972a8436ec218637

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://obamacareenrollment.org/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: No-cache
Date: Thu, 11 Apr 2024 05:46:52 GMT
Server: tencent http server
Content-Type: text/json
Access-Control-Allow-Origin: *
P3P: CP=CAO PSA OUR
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 358

GET log_data.fcg
report1.midasbuy.com/cgi-bin/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: report1.midasbuy.com
URL: https://report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midas.api.call.init.ok|25=https%3A%2F%2Fobamacareenrollment.org%2F|36=|50=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F123.0.0.0%20Safari%2F537.36|51=&r=0.2060462414357067

Domain: cdn.midasbuy.com
URL: https://cdn.midasbuy.com/apps/activity/js/api/api.global.js

Domain: report1.midasbuy.com
URL: https://report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.req.getFingerPrint.start|8=test_id%3D%26bucket_id%3D%26order_refer%3D|4=uv_046123862290262841666404955068|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2Fobamacareenrollment.org%2F|26=pc|3=|36=|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F123.0.0.0%2520Safari%252F537.36|38=0348384880898043871649691398854|6=1712814407165|29=046123862290262841666404955068&rr=0.8449649091619038

Domain: report1.midasbuy.com
URL: https://report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.custom.xmidas.init|8=test_id%3D%26bucket_id%3D%26order_refer%3D%26times%3D27|4=uv_046123862290262841666404955068|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2Fobamacareenrollment.org%2F|26=pc|3=|36=|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F123.0.0.0%2520Safari%252F537.36|38=0348384880898043871649691398854|6=1712814407192|29=046123862290262841666404955068&rr=0.6279965508329735

Domain: report1.midasbuy.com
URL: https://report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.custom.xmidas.init.result|8=test_id%3D%26bucket_id%3D%26order_refer%3D%26result%3Dv0.1.12%252C211|4=uv_046123862290262841666404955068|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2Fobamacareenrollment.org%2F|26=pc|3=|36=|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F123.0.0.0%2520Safari%252F537.36|38=0348384880898043871649691398854|6=1712814407192|29=046123862290262841666404955068&rr=0.6772183220990959

Domain: report1.midasbuy.com
URL: https://report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.custom.xmidas.init|8=test_id%3D%26bucket_id%3D%26order_refer%3D%26times%3D0|4=uv_046123862290262841666404955068|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2Fobamacareenrollment.org%2F|26=pc|3=|36=|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F123.0.0.0%2520Safari%252F537.36|38=0348384880898043871649691398854|6=1712814407196|29=046123862290262841666404955068&rr=0.6992681914006502

Domain: report1.midasbuy.com
URL: https://report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.custom.xmidas.init.result|8=test_id%3D%26bucket_id%3D%26order_refer%3D%26result%3Dv0.1.12%252C211|4=uv_046123862290262841666404955068|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2Fobamacareenrollment.org%2F|26=pc|3=|36=|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F123.0.0.0%2520Safari%252F537.36|38=0348384880898043871649691398854|6=1712814407197|29=046123862290262841666404955068&rr=0.15434458566275633

Domain: report1.midasbuy.com
URL: https://report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.req.getFingerPrint.start|8=test_id%3D%26bucket_id%3D%26order_refer%3D|4=uv_046123862290262841666404955068|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2Fobamacareenrollment.org%2F|26=pc|3=|36=|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F123.0.0.0%2520Safari%252F537.36|38=0348384880898043871649691398854|6=1712814407204|29=046123862290262841666404955068&rr=0.9396502245449307

Domain: report1.midasbuy.com
URL: https://report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.custom.xmidas.init|8=test_id%3D%26bucket_id%3D%26order_refer%3D%26times%3D0|4=uv_046123862290262841666404955068|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2Fobamacareenrollment.org%2F|26=pc|3=|36=|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F123.0.0.0%2520Safari%252F537.36|38=0348384880898043871649691398854|6=1712814407204|29=046123862290262841666404955068&rr=0.8997487478567894

Domain: report1.midasbuy.com
URL: https://report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.custom.xmidas.init.result|8=test_id%3D%26bucket_id%3D%26order_refer%3D%26result%3Dv0.1.12%252C211|4=uv_046123862290262841666404955068|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2Fobamacareenrollment.org%2F|26=pc|3=|36=|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F123.0.0.0%2520Safari%252F537.36|38=0348384880898043871649691398854|6=1712814407204|29=046123862290262841666404955068&rr=0.7356761624201571

Domain: report1.midasbuy.com
URL: https://report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.req.getFingerPrint.start|8=test_id%3D%26bucket_id%3D%26order_refer%3D|4=uv_046123862290262841666404955068|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2Fobamacareenrollment.org%2F|26=pc|3=|36=|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F123.0.0.0%2520Safari%252F537.36|38=0348384880898043871649691398854|6=1712814407224|29=046123862290262841666404955068&rr=0.524045333656477

Domain: report1.midasbuy.com
URL: https://report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.custom.xmidas.init|8=test_id%3D%26bucket_id%3D%26order_refer%3D%26times%3D0|4=uv_046123862290262841666404955068|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2Fobamacareenrollment.org%2F|26=pc|3=|36=|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F123.0.0.0%2520Safari%252F537.36|38=0348384880898043871649691398854|6=1712814407224|29=046123862290262841666404955068&rr=0.1081071231441666

Domain: report1.midasbuy.com
URL: https://report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.custom.xmidas.init.result|8=test_id%3D%26bucket_id%3D%26order_refer%3D%26result%3Dv0.1.12%252C211|4=uv_046123862290262841666404955068|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2Fobamacareenrollment.org%2F|26=pc|3=|36=|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F123.0.0.0%2520Safari%252F537.36|38=0348384880898043871649691398854|6=1712814407224|29=046123862290262841666404955068&rr=0.39875399862613725

Domain: report1.midasbuy.com
URL: https://report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.custom.xmidas.init|8=test_id%3D%26bucket_id%3D%26order_refer%3D%26times%3D0|4=uv_046123862290262841666404955068|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2Fobamacareenrollment.org%2F|26=pc|3=|36=|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F123.0.0.0%2520Safari%252F537.36|38=0348384880898043871649691398854|6=1712814407309|29=046123862290262841666404955068&rr=0.7974001996226494

Domain: report1.midasbuy.com
URL: https://report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.custom.xmidas.init.result|8=test_id%3D%26bucket_id%3D%26order_refer%3D%26result%3Dv0.1.12%252C211|4=uv_046123862290262841666404955068|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2Fobamacareenrollment.org%2F|26=pc|3=|36=|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F123.0.0.0%2520Safari%252F537.36|38=0348384880898043871649691398854|6=1712814407309|29=046123862290262841666404955068&rr=0.09475990499172471

Domain: report1.midasbuy.com
URL: https://report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.custom.xmidas.init|8=test_id%3D%26bucket_id%3D%26order_refer%3D%26times%3D0|4=uv_046123862290262841666404955068|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2Fobamacareenrollment.org%2F|26=pc|3=|36=|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F123.0.0.0%2520Safari%252F537.36|38=0348384880898043871649691398854|6=1712814407332|29=046123862290262841666404955068&rr=0.008755426093369989

Domain: report1.midasbuy.com
URL: https://report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.custom.xmidas.init.result|8=test_id%3D%26bucket_id%3D%26order_refer%3D%26result%3Dv0.1.12%252C211|4=uv_046123862290262841666404955068|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2Fobamacareenrollment.org%2F|26=pc|3=|36=|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F123.0.0.0%2520Safari%252F537.36|38=0348384880898043871649691398854|6=1712814407332|29=046123862290262841666404955068&rr=0.11289811441575615

Domain: report1.midasbuy.com
URL: https://report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.pageview.cookie_preference|13=1|8=test_id%3D%26bucket_id%3D%26order_refer%3D|4=uv_046123862290262841666404955068|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2Fobamacareenrollment.org%2F|26=pc|3=|36=|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F123.0.0.0%2520Safari%252F537.36|38=0348384880898043871649691398854|6=1712814407343|29=046123862290262841666404955068&rr=0.422434264327465

Domain: report1.midasbuy.com
URL: https://report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.custom.xmidas.init|8=test_id%3D%26bucket_id%3D%26order_refer%3D%26times%3D1|4=uv_046123862290262841666404955068|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2Fobamacareenrollment.org%2F|26=pc|3=|36=|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F123.0.0.0%2520Safari%252F537.36|38=0348384880898043871649691398854|6=1712814407569|29=046123862290262841666404955068&rr=0.8854637827893987

Domain: report1.midasbuy.com
URL: https://report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.custom.xmidas.init.result|8=test_id%3D%26bucket_id%3D%26order_refer%3D%26result%3Dv0.1.12%252C211|4=uv_046123862290262841666404955068|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2Fobamacareenrollment.org%2F|26=pc|3=|36=|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F123.0.0.0%2520Safari%252F537.36|38=0348384880898043871649691398854|6=1712814407574|29=046123862290262841666404955068&rr=0.6772352623928197

Domain: report1.midasbuy.com
URL: https://report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.custom.xmidas.encrypt|8=test_id%3D%26bucket_id%3D%26order_refer%3D%26times%3D16|4=uv_046123862290262841666404955068|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2Fobamacareenrollment.org%2F|26=pc|3=|36=|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F123.0.0.0%2520Safari%252F537.36|38=0348384880898043871649691398854|6=1712814407602|29=046123862290262841666404955068&rr=0.4079738769394139

Domain: report1.midasbuy.com
URL: https://report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.req.getFingerPrint.start|8=test_id%3D%26bucket_id%3D%26order_refer%3D|4=uv_046123862290262841666404955068|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2Fobamacareenrollment.org%2F|26=pc|3=|36=|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F123.0.0.0%2520Safari%252F537.36|38=0348384880898043871649691398854|6=1712814407720|29=046123862290262841666404955068&rr=0.8871219473000549

Domain: report1.midasbuy.com
URL: https://report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.custom.xmidas.init|8=test_id%3D%26bucket_id%3D%26order_refer%3D%26times%3D0|4=uv_046123862290262841666404955068|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2Fobamacareenrollment.org%2F|26=pc|3=|36=|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F123.0.0.0%2520Safari%252F537.36|38=0348384880898043871649691398854|6=1712814407721|29=046123862290262841666404955068&rr=0.8371711487928857

Domain: report1.midasbuy.com
URL: https://report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.custom.xmidas.init.result|8=test_id%3D%26bucket_id%3D%26order_refer%3D%26result%3Dv0.1.12%252C211|4=uv_046123862290262841666404955068|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2Fobamacareenrollment.org%2F|26=pc|3=|36=|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F123.0.0.0%2520Safari%252F537.36|38=0348384880898043871649691398854|6=1712814407722|29=046123862290262841666404955068&rr=0.9582297504023574

Domain: report1.midasbuy.com
URL: https://report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.pageview.topupv2|13=2|8=test_id%3D%26bucket_id%3D%26order_refer%3D|4=uv_046123862290262841666404955068|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2Fobamacareenrollment.org%2F|26=pc|3=|36=|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F123.0.0.0%2520Safari%252F537.36|38=0348384880898043871649691398854|6=1712814407796|29=046123862290262841666404955068&rr=0.00754342863983859

Domain: report1.midasbuy.com
URL: https://report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.custom.vue_component_error_captured|8=test_id%3D%26bucket_id%3D%26order_refer%3D%26msg%3D%255Bobject%2520Object%255D%2520at%2520created%2520hook%2520(Promise%252Fasync)%26level%3Dglobal_error_handler|4=uv_046123862290262841666404955068|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2Fobamacareenrollment.org%2F|26=pc|3=|36=|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F123.0.0.0%2520Safari%252F537.36|38=0348384880898043871649691398854|6=1712814408207|29=046123862290262841666404955068&rr=0.6249204621784898

Domain: report1.midasbuy.com
URL: https://report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.timer.page.topupv2|8=test_id%3D%26bucket_id%3D%26order_refer%3D%26times%3D2940.7999992370605%26html%3D103.10000038146973%26dns%3D0%26tcp%3D71.60000038146973%26res%3D2749.5|4=uv_046123862290262841666404955068|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2Fobamacareenrollment.org%2F|26=pc|3=|36=|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F123.0.0.0%2520Safari%252F537.36|38=0348384880898043871649691398854|6=1712814409710|29=046123862290262841666404955068&rr=0.9274197272095779

Domain: report1.midasbuy.com
URL: https://report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.custom.benchmark.pv|8=test_id%3D%26bucket_id%3D%26order_refer%3D|4=uv_046123862290262841666404955068|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2Fobamacareenrollment.org%2F|26=pc|3=|36=|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F123.0.0.0%2520Safari%252F537.36|38=0348384880898043871649691398854|6=1712814410746|29=046123862290262841666404955068&rr=0.13704155654047612

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Gaming (Entertainment)

154 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
obamacareenrollment.org/	1970-01-21 05:22:54	Name: tKeplerToken Value: tid01JLqrMS0SP4X591ZXGWoUAIRuYw_ogJULFu8K-OUXhw*
obamacareenrollment.org/	1970-01-21 05:22:54	Name: kepler_fp Value: kfp1Y_aGPGzUoh1PAzrY40KESgTonvWbszdeoVg9VL4jg0bXsPqtf4YVqg**
obamacareenrollment.org/	1970-01-21 05:22:54	Name: kepler_ticket Value: wt2R-fAYVlu_TwbxxaGfqfdO-b6kp66qk-jV-tLj9uvzasXGeLP_7DHbnkAINSqCEIWbzpb76epjOnoOb_FuNiN1IuQaL9f-wsnvHnst51I2BpA-lPVqOUt3vfjIEC7TfPFvBPPy48GJ8z66YMqZi4Z8CeJmkjJ-kPi

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	Message: A bad HTTP response code (404) was received when fetching the script.
network	error	URL: https://obamacareenrollment.org/apps/login/home/ot?hidePop=1#login Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://obamacareenrollment.org/(Line 5354) Message: Access to script at 'https://cdn.midasbuy.com/apps/activity/js/api/api.global.js' from origin 'https://obamacareenrollment.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://cdn.midasbuy.com/apps/activity/js/api/api.global.js Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://aegis.qq.com/collect/whitelist?id=xEyy0TQ9LxaDmGDWQg&uin=uv_046123862290262841666404955068&version=1.43.6&aid=696652d6-2a0c-449d-a292-8b3bc65fb323&env=production&platform=3&netType=4&vp=1600%20%201200&sr=800%20%20600&sessionId=session-1712814406555&from=https%3A%2F%2Fobamacareenrollment.org%2F&referer= Message: Failed to load resource: the server responded with a status of 403 ()
recommendation	warning	URL: https://obamacareenrollment.org/ Message: [DOM] Found 3 elements with non-unique id #playid: (More info: https://goo.gl/9p2vKq) %o %o %o
network	error	URL: https://obamacareenrollment.org/interface/getLoginInfoV2?encrypt_msg=JsOZJsOBwpkIwoDCgAzDoMOzw6nChcKqwp7ChgIdw6jDqcOEwqTDuMKwwrM1c8OMw6XCtMOGNg%3D%3D&ctoken_ver=1.0.1&ctoken=d356f0bae5ca9abd01785bf204c57fbcd775c5620d0e24f80fdf59ab34b681638959674f474b5999ba66516ca547b0c7&_r=0.49527732348960174 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://obamacareenrollment.org/apps/activity/api/activity-initialize/many-valid-events?appid=1450015065&country=ot&supportEmbed=1 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://obamacareenrollment.org/receivemsg?buy_type_key=CURRENT_BUY_ITEM_SAVE_page_020303566589533517 Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://kepler.captcha.qcloud.com/tencent-kepler.js?appId=9865970 Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other	warning	URL: https://kepler.captcha.qcloud.com/tencent-kepler.js?appId=9865970 Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other	warning	URL: https://kepler.captcha.qcloud.com/tencent-kepler.js?appId=9865970 Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aegis.qq.com
cdn-go.cn
cdn.midasbuy.com
cdnjs.cloudflare.com
fonts.googleapis.com
i.ibb.co
i.postimg.cc
kepler.captcha.qcloud.com
maxcdn.bootstrapcdn.com
obamacareenrollment.org
report1.midasbuy.com
site-assets.fontawesome.com
stackpath.bootstrapcdn.com
www.pubgmobile.com
cdn.midasbuy.com
report1.midasbuy.com
104.17.25.14
104.18.10.207
104.18.11.207
124.156.190.80
162.249.168.129
169.197.85.95
192.124.249.117
211.152.148.32
240e:97c:2f:1::6e
2600:141b:1c00:8::1728:b32e
2606:4700:4400::6812:2844
2607:f8b0:4006:807::200a
43.152.138.87
05d11f7958b571ee1637d67da1ea766f5e9863ba735ba0619c7085fbba1d420b
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
0942c920040ab16d83928b465baf237aef0aadcf197fe4250c8bfc07a85c13cb
0e888a266c4ad5136be1cf650faf222ed0d644c54d83068f0dfabc0fae53e90c
0f9acc04dbac5096b11f6f3b16188ffd8e9ec18a1f6408015285454581080cf9
0fa244d4efd45a45b32d1319ec495e307381445f62dceb071892f47e431daa81
112e5098ca24fd16143838f8cab6da606970821bf8b7ecbff8c0008532074253
1be5d05ce6faad469f7f9c5a5879f2d9f8d267b60eb394e92c19217268bcea8f
25157739816315d396c664fd1f45336d8ab8bf9d768aa911e93cbebc95614a58
2ab08d983fd6007359e6d1ab6c80dc87b34c0d1bccf702dea67e6d20b824a872
2bc44ec886542faf19965c1aad8d5b273f052d76585cc5fd934ce59f1d24ebe2
2ce04bfd832a13541cc5c7e7bc3a3a8772a2b0a789a488769c3ff2d29c6e4f60
3225b6ea8b6f95f767b985b43fcaa64147e1205f8cc9e01d914351b79be9e625
35b81dd0f9a00d389f7d6e4d90c0d14482bcb8cd023b022868585ef4e6afe024
38989b13cbdb33fb5cd2b273423f122312f37d5996f2da4722cbeefe21a258b4
396fed6b2949d930d7006fe9cb16189e37434529e610b7ecc101f801f0b7d234
43ba6fe926cd68300dcdc8829c6bf73aeb24768ad2d5f46177041d9a3b08f3d6
49c8d7d9c05c2d50f76fa8ef8d050fad3ee1d1c1a820aa03cf3ed85808a7c27c
4c81b4d626f6951c9cf9d81c113407a391cca1cb13fc8237637174b07205e2ee
4d11f7d47e44a8af2aafbadf5ada4594741585e93b01d4fe96fc43ca7722b933
58d2846d87ba6f454c8e4764b0a734de95267406de7ab3a3fb5df88e32ecad3f
607b00f0fd839eb7f8250d7c4d0c0b4a31a08b32b2b8b5cbdd9fe3125b2eb985
62b922b23ef41e6d06d143790d4d3f006952b92cbe04965277158957bcfcc521
642703b53950fc841394918d79cbabec6060242e45c8ded41d324e7d6dce8924
67286f6dce1093a39cbb8e8f28274a21cc39b33100c2967ddcdf4e3feb433a0f
6b82611fa96f118128b0db9692dd982ca0fe79b1b4d8048946880600cc4f97c8
6c104c023862fd5c473f739170928d46b591af62eb96c8fc972a8436ec218637
6d8ef4a7102f9452e2a3e0a6b18d772c3374a82f4c1b07d5c826d3562a4bd887
6e5c589a1159ea679bcb283e5214cf99b128a6647f8f8bae5b04b58c57a87bc7
721306c5fca6a4af7b071955fca0d6f6e481136230131cfdebff83dd0448e8e7
78414e4b4cd2e42924268ca0a17631c493d3b1ed55c5c246216c7dd7d8fe78db
792f51b7df80cf64ce739ea2f858628def16033f1c632fb7bb3deee7e47717b7
7985065bdb394e36c249ff65da1d3a621f1a2758641861153b634a9afdb40465
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7fb8131422bba9cda088005359870721b090dcd043d3cea030367be68c6328a6
8bf1eaeb00b9b214126dfaf2830232d2b58fd87c3d6521f88330fec2d4abb7b5
8dc0edfbacc44b01492bec0695e55c0230b1bb41b8a72c4c771ee896e9ad6513
8e8a6069e58685713f860d72bff14b404c6f959d9103b67a5ded7d23dff3bf47
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
98e0b03a88ae73940b4280ae996f4ce027c1a6b715d495b14873bafd0ba83a79
9fe6db302410bbf6ed854a6bda9db89f0b7951719fe1a4d6d819467459ac4f72
a04e62520b1ef9c4ec1ec2237df0b29a5d07d312bc14f08694a8386525a74e37
a1f612eccc1972fe3716595659a228ebc8578b36ebb2aa92d4b092bf4a862f0a
a262dc7f60f901be0f519d348039f77cdfba7dccd0d20f9c4fadd9436b168447
a32f2fefa6eaffcb3d8b5fb93bc848efccf697c57eabcfbd32566b4bade0a5a5
a35f901d01118e5649091bd03ac5784a7db52e111fb3806524c412f3d1dcfc5d
a441182568ad88fa9c54384de94a77f64148d3d54df66ea1beff4a11100967c6
a7ca0cd38fc1898212f5bd5884c7f308fcdf918bb45e7b2c715604fc7ee97d53
a813001ddd375383df573a9949879726a9b90f834ab2e1881c1c7174ab46001c
adc39aedd05c173b973eea2b6f92907a174ec08a43c9e2b27a0710f6a368303c
b09eec0b7a58154c2e496c44c88e134f16f36bb3521fb3dff37e182a3df6132b
b0ada946fb49a4c286cc794c28468a60d9c743166777c6c1fd60e3a07997d858
b4e01dbe632b2bb066f8223e3e2c4002adff2f874e75d7e95f0b6466f178a92b
b962b25d728f30dc950f67560e8a26a57ebfaf2e6da255b75398c1d197ba3711
b9ca6c3a516ec9dfbe4f33e318d560f265836d51627cb9fa3d881062a2fd98e2
b9e484573b840fac6e4bfe516e323d7ad54e517ce9f4bd734f635e2685b2204c
bdbe1dbed51583afce30ccee067510d40597607966f458921d271082be633ee9
c2293fa86d99d0f1f06b2ac7f85ae0517e4a3bacfd9946de7b012f04aa2d831c
c267650422551425486e1621a6bcdec1138c302dbfc4f0e814a8b215a7eaf1f8
c67ea99d10e29adb2d8631f194b5a3e145d529a4e5850f17e640c80dcb7e3cae
cc8830f258c471b9cb15d69cda554d5181bd680996dd0041e3b9986b3b0769bf
cd8f66a69dc6e4d5ec3ba61159755a32de7a9772ec5a2350d47420477612cdf0
d29915df2f9a5a5f10009cb53fd18a2e678b90519e4087dbf1186f103e3808ad
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
d5d98b309cc9233c7e514bef13869c25c9d5112a00a8fe55720de8eea292393b
d6a605020cfb1091630b300b918363d2b61333c9f68c498eb6a73f323b35e1a7
d6a74b0664ee793a272b7e4e29f5449b758711b4c4e1362e73a451dd130ae2bb
d8dcb49319bd61ccd67610c592b1212bf50921fe2081f97be84d3fa3dff52dbf
dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56
dfd2e7c94a93c8549c8a5e670d9cd5b4c7f3251c3a1e9ac32f119df54edd4fd0
e13f0fcc2cf837f46b8ea1ac029da575ba9a5a7b69db876a4af59c4475457b73
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41a623a73d2b33ce30626d1ba9342ebf7b921d2f28ab368ac7cf7dc91efdbdc
e4cff1f68b85c3343554090b3479273a54e5eed2dbb3e56ceb9f86c4ebe8b0e7
e94b49b2efb38c8468a0b854bc60fa4f350256c014a0628e632c4ee5f100f796
eb1335f199225b9a13084d6c56d95b4d41b6cd1734a09ef2a999690345607207
f10cdb32b8d7212970310db9166bb421eaea8128f1767604c22001fac1d5aa97
f2ad27dbb5397878470e88c31ca3c398f490f9e720ba0ca649ec6bf137f4d6bc
f3f269f33fb9c1729d4d6ef2b56e7dc514454da87dbe4cd43a9225752a02598e
f4d147558a3355f9e76577d39df376c8e39a3e726e20dadfb671c9b3c3fa89ca
f6adaa90ebe57e3cb2a3b89680d0e7b20b14d7605dac086c0787b788f5c96f5a
f6e8f25939adc054f88f9bd13e23dd9fca56979f5981d2c1463c51e60b1dcfc4
f7292d60c8276727fb6716115be320891db1af5d07c8d981bc72808086137400
f859777194a60eecd42d41c1340d5b69d44b9982565581cc495ea11b32eeccd3
faabcfd1ca3ae5f4034064875b834645b02b4201649705f238a0a2adbfbd3893
fb3cf184434501306554d60085888ffd578238c0f46343c5136c6ec3bbd36195
fbbbb3e8e0858e0d878663667f565583c9682c3ee18f575d0b46d22b8c3200b9
fea99403dd834e7b61ee51fd481e0d4fcbca047aadd57c15d405513e0b7e8a99

obamacareenrollment.org Open in urlscan Pro 192.124.249.117 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

123 Requests

77 %HTTPS

31 %IPv6

12 Domains

14 Subdomains

14 IPs

5 Countries

5985 kBTransfer

9077 kBSize

3 Cookies

5 Outgoing links

Page URL History

Redirected requests

123 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 13 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

obamacareenrollment.org Open in urlscan Pro
192.124.249.117 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

123
Requests

77 %
HTTPS

31 %
IPv6

12
Domains

14
Subdomains

14
IPs

5
Countries

5985 kB
Transfer

9077 kB
Size

3
Cookies

123 HTTP transactions
13 data transactions