healthinsurance.net Open in urlscan Pro
35.171.253.12 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.variousmedicalproblems.com/bucking-spotlessly/f126AY2s395y8D6N17iLQ237tnB2eg4bb6v24khDvv8EvDiwI8f4rbw8wEGsi8aRDomSnK7NkvN1i...
Effective URL:
https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=eb0eae78d08559cc9171ab...
Submission: On October 22 via api (October 22nd 2019, 3:29:44 pm UTC) from US

Summary HTTP 89 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 35 IPs in 8 countries across 30 domains to perform 89 HTTP transactions. The main IP is 35.171.253.12, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is healthinsurance.net.
TLS certificate: Issued by Amazon on January 8th 2019. Valid for: a year.

This is the only time healthinsurance.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:30:... 2606:4700:30::6812:3589	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	23.95.199.211 23.95.199.211	36352 (AS-COLOCR...) (AS-COLOCROSSING - ColoCrossing)
1 1	54.229.131.31 54.229.131.31	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4	35.171.253.12 35.171.253.12	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:81e::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
15	143.204.101.113 143.204.101.113	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4	2606:4700::68... 2606:4700::6813:c497	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	13.224.196.43 13.224.196.43	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 3	2a00:1450:400... 2a00:1450:4001:820::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:815::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:824::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2600:9000:20e... 2600:9000:20eb:bc00:1:1faa:9040:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:814::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	143.204.101.44 143.204.101.44	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
2	2a00:1288:f03... 2a00:1288:f03d:1fa::2000	10310 (YAHOO-1) (YAHOO-1 - Oath Holdings Inc.)
2 5	52.46.130.13 52.46.130.13	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 4	151.101.112.175 151.101.112.175	54113 (FASTLY) (FASTLY - Fastly)
1	2620:1ec:bdf::10 2620:1ec:bdf::10	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1	2606:4700:10:... 2606:4700:10::6814:4b82	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
7	50.97.168.187 50.97.168.187	36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.)
1 1	2a00:1450:400... 2a00:1450:400c:c04::9a	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:821::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	52.85.183.7 52.85.183.7	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4	199.68.195.197 199.68.195.197	19626 (EVC-AS) (EVC-AS - QuoVadis Services Limited)
1	13.224.196.122 13.224.196.122	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1 2	2a00:1450:400... 2a00:1450:4001:81a::2013	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	52.28.175.104 52.28.175.104	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
7	34.196.64.206 34.196.64.206	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	151.101.12.175 151.101.12.175	54113 (FASTLY) (FASTLY - Fastly)
1	51.105.108.194 51.105.108.194	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
1	13.224.197.12 13.224.197.12	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	216.58.210.2 216.58.210.2	15169 (GOOGLE) (GOOGLE - Google LLC)
1	52.17.139.14 52.17.139.14	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
89	35

1 2606:4700:30::6812:3589 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.variousmedicalproblems.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.95.199.211 (Buffalo, United States)

ASN36352 (AS-COLOCROSSING - ColoCrossing, US)
PTR: 23-95-199-211-host.colocrossing.com

crossmelody.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.229.131.31 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-229-131-31.eu-west-1.compute.amazonaws.com

tracking.healthinsurance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.171.253.12 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-35-171-253-12.compute-1.amazonaws.com

healthinsurance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 143.204.101.113 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-113.fra50.r.cloudfront.net

cdn.assurance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:c497 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.196.43 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-224-196-43.fra2.r.cloudfront.net

js.honeybadger.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:820::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:824::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:20eb:bc00:1:1faa:9040:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

d2ysjycjrua9tt.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:814::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.101.44 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-44.fra50.r.cloudfront.net

d31qbv1cthcecs.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:f03d:1fa::2000 (United Kingdom)

ASN10310 (YAHOO-1 - Oath Holdings Inc., US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.46.130.13 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.112.175 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY - Fastly, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
apiservices.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:bdf::10 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

na5.cdn.thunderhead.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Switzerland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:4b82 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

create.lidstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 50.97.168.187 (Dallas, United States)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: bb.a8.6132.ip4.static.sl-reverse.com

api.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9a (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.183.7 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-85-183-7.fra50.r.cloudfront.net

cdn.pbbl.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 199.68.195.197 (Hamilton, Bermuda)

ASN19626 (EVC-AS - QuoVadis Services Limited, BM)

c1.ox-bio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.196.122 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-224-196-122.fra2.r.cloudfront.net

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::2013 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

px0.pbbl.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.175.104 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-28-175-104.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.196.64.206 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-196-64-206.compute-1.amazonaws.com

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.175 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.105.108.194 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

na5.thunderhead.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.197.12 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-224-197-12.fra2.r.cloudfront.net

d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.210.2 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.139.14 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-17-139-14.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	assurance.com cdn.assurance.com	340 KB
7	leadid.com create.leadid.com	6 KB
7	trustedform.com api.trustedform.com	24 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	139 KB
6	krxd.net 2 redirects cdn.krxd.net apiservices.krxd.net consumer.krxd.net beacon.krxd.net	88 KB
5	amazon-adsystem.com 2 redirects s.amazon-adsystem.com	3 KB
5	cloudfront.net d2ysjycjrua9tt.cloudfront.net d31qbv1cthcecs.cloudfront.net d2m2wsoho8qq12.cloudfront.net	51 KB
5	healthinsurance.net 1 redirects tracking.healthinsurance.net healthinsurance.net	140 KB
4	ox-bio.com c1.ox-bio.com	21 KB
4	cloudflare.com cdnjs.cloudflare.com	83 KB
3	pbbl.co 1 redirects cdn.pbbl.co px0.pbbl.co	4 KB
3	bing.com bat.bing.com	8 KB
3	google.com 1 redirects www.google.com	851 B
2	facebook.com www.facebook.com	456 B
2	google.de www.google.de	321 B
2	thunderhead.com na5.cdn.thunderhead.com na5.thunderhead.com	27 KB
2	yimg.com s.yimg.com	6 KB
2	facebook.net connect.facebook.net	33 KB
2	google-analytics.com www.google-analytics.com	18 KB
2	crossmelody.com crossmelody.com	5 KB
1	googleadservices.com www.googleadservices.com	208 B
1	agkn.com 1 redirects aa.agkn.com	380 B
1	alexametrics.com certify.alexametrics.com	551 B
1	doubleclick.net 1 redirects stats.g.doubleclick.net	163 B
1	lidstatic.com create.lidstatic.com	39 KB
1	yahoo.com sp.analytics.yahoo.com	448 B
1	googletagmanager.com www.googletagmanager.com	31 KB
1	honeybadger.io js.honeybadger.io	4 KB
1	googleapis.com fonts.googleapis.com	794 B
1	variousmedicalproblems.com www.variousmedicalproblems.com	580 B
89	30

	Domain	Requested by
15	cdn.assurance.com	healthinsurance.net
7	create.leadid.com	create.lidstatic.com
7	api.trustedform.com	cdn.assurance.com api.trustedform.com
5	s.amazon-adsystem.com	2 redirects www.variousmedicalproblems.com healthinsurance.net api.trustedform.com
4	c1.ox-bio.com	www.googletagmanager.com healthinsurance.net
4	fonts.gstatic.com	cdn.assurance.com
4	cdnjs.cloudflare.com	healthinsurance.net
4	healthinsurance.net	crossmelody.com healthinsurance.net cdn.assurance.com
3	bat.bing.com	www.variousmedicalproblems.com healthinsurance.net
3	d2ysjycjrua9tt.cloudfront.net	healthinsurance.net
3	www.gstatic.com	www.google.com cdn.assurance.com www.gstatic.com
3	www.google.com	1 redirects healthinsurance.net www.gstatic.com
2	apiservices.krxd.net	2 redirects
2	px0.pbbl.co	1 redirects healthinsurance.net
2	www.facebook.com	healthinsurance.net
2	www.google.de	healthinsurance.net www.gstatic.com
2	cdn.krxd.net	www.variousmedicalproblems.com cdn.krxd.net
2	s.yimg.com	www.variousmedicalproblems.com s.yimg.com
2	connect.facebook.net	www.variousmedicalproblems.com connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com healthinsurance.net
2	crossmelody.com	crossmelody.com
1	beacon.krxd.net	cdn.krxd.net
1	www.googleadservices.com	www.gstatic.com
1	d2m2wsoho8qq12.cloudfront.net	create.lidstatic.com
1	na5.thunderhead.com	na5.cdn.thunderhead.com
1	consumer.krxd.net	cdn.krxd.net
1	aa.agkn.com	1 redirects
1	certify.alexametrics.com	healthinsurance.net
1	cdn.pbbl.co	www.variousmedicalproblems.com
1	stats.g.doubleclick.net	1 redirects
1	create.lidstatic.com	cdn.assurance.com
1	sp.analytics.yahoo.com	healthinsurance.net
1	na5.cdn.thunderhead.com	www.variousmedicalproblems.com
1	d31qbv1cthcecs.cloudfront.net	www.variousmedicalproblems.com
1	www.googletagmanager.com	cdn.assurance.com
1	js.honeybadger.io	healthinsurance.net
1	fonts.googleapis.com	healthinsurance.net
1	tracking.healthinsurance.net	1 redirects
1	www.variousmedicalproblems.com
89	39

This site contains links to these domains. Also see Links.

Domain
policies.google.com

Subject Issuer	Validity	Valid
*.healthinsurance.net Amazon	`2019-01-08` - `2020-02-08`	a year	crt.sh
*.googleapis.com GTS CA 1O1	`2019-10-03` - `2019-12-26`	3 months	crt.sh
*.assurance.com Amazon	`2019-01-08` - `2020-02-08`	a year	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-08-10` - `2020-02-16`	6 months	crt.sh
*.honeybadger.io COMODO RSA Domain Validation Secure Server CA	`2017-06-07` - `2020-07-14`	3 years	crt.sh
www.google.com GTS CA 1O1	`2019-10-10` - `2020-01-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-10-03` - `2019-12-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2019-10-03` - `2019-12-26`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-09-22` - `2019-12-20`	3 months	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2019-10-14` - `2019-11-28`	a month	crt.sh
s.amazon-adsystem.com Amazon	`2018-12-12` - `2019-12-12`	a year	crt.sh
*.c.ssl.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-08-23` - `2020-08-23`	a year	crt.sh
*.cdn.thunderhead.com DigiCert SHA2 High Assurance Server CA	`2019-08-08` - `2021-10-27`	2 years	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2019-05-09` - `2019-11-05`	6 months	crt.sh
lidstatic.com CloudFlare Inc ECC CA-2	`2019-07-02` - `2020-07-01`	a year	crt.sh
*.trustedform.com Go Daddy Secure Certificate Authority - G2	`2019-01-04` - `2020-03-05`	a year	crt.sh
www.google.de GTS CA 1O1	`2019-10-10` - `2020-01-02`	3 months	crt.sh
*.pbbl.co Amazon	`2019-01-31` - `2020-02-29`	a year	crt.sh
ox-bio.com QuoVadis Global SSL ICA G2	`2017-08-01` - `2020-08-01`	3 years	crt.sh
certify.alexametrics.com Amazon	`2019-07-26` - `2020-08-26`	a year	crt.sh
px0.pbbl.co COMODO RSA Domain Validation Secure Server CA	`2016-11-23` - `2019-11-23`	3 years	crt.sh
create.leadid.com Amazon	`2019-01-16` - `2020-02-16`	a year	crt.sh
*.thunderhead.com DigiCert SHA2 High Assurance Server CA	`2019-08-14` - `2021-11-16`	2 years	crt.sh
www.googleadservices.com GTS CA 1O1	`2019-10-03` - `2019-12-26`	3 months	crt.sh
*.krxd.net DigiCert SHA2 Secure Server CA	`2019-04-11` - `2020-04-11`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=eb0eae78d08559cc9171abce007d46af&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=eb0eae78d08559cc9171abce007d46af&aff_sub4=&utm_kxconfid=t4kwo0a21
Frame ID: 7D361E428A0D0D6FCE374728997CBA67
Requests: 86 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D574a79c7-dd25-c41a-f3cd-9713f309b8eb%26type%3D43%26m%3D1&ex-fch=416613&ex-src=https://www.healthinsurance.net/&ex-hargs=v%3D1.0%3Bc%3D4565912920301%3Bp%3D574A79C7-DD25-C41A-F3CD-9713F309B8EB&cb=741798480844632000&dcc=t
Frame ID: 561E2CA86F783B10B9E748C5D3CD90A0
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcQnacUAAAAAPLgJfUTwV3S6-izNvVWMwXVutm-&co=aHR0cHM6Ly9oZWFsdGhpbnN1cmFuY2UubmV0OjQ0Mw..&hl=en&v=5fbZx3NV5xhaMoMLrZV3TkN4&size=invisible&cb=dzm58ifa1zi3
Frame ID: E7B045183238523BA5F26644658AB32E
Requests: 1 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=22EC1493-E9B8-23EC-238B-F4DEBCB9B88C&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.5.2&lck=CF934278-B099-EB50-BF86-105A165FCB4E&lac=8AA3F211-CA81-3833-51B1-095D2985DA90
Frame ID: C574CB6B5D6DBD201C8B3DA11F4B994D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.variousmedicalproblems.com/bucking-spotlessly/f126AY2s395y8D6N17iLQ237tnB2eg4bb6v24khDvv8EvDiwI8f4rbw8w... Page URL
http://crossmelody.com/clicks?cid=22384&pub=201465&sid1=&sid2=&sid3=&sid4= Page URL
https://tracking.healthinsurance.net/aff_c?offer_id=79&aff_id=1265&aff_sub=201465&aff_sub2=eb0eae78d08559cc9171ab... HTTP 302
https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=eb... Page URL

Detected technologies

Ruby (Programming Languages) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

script /\/recaptcha\/api\.js/i

Page Statistics

89
Requests

97 %
HTTPS

47 %
IPv6

30
Domains

39
Subdomains

35
IPs

8
Countries

1069 kB
Transfer

2425 kB
Size

13
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://policies.google.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.variousmedicalproblems.com/bucking-spotlessly/f126AY2s395y8D6N17iLQ237tnB2eg4bb6v24khDvv8EvDiwI8f4rbw8wEGsi8aRDomSnK7NkvN1i06jkNOih Page URL
http://crossmelody.com/clicks?cid=22384&pub=201465&sid1=&sid2=&sid3=&sid4= Page URL
https://tracking.healthinsurance.net/aff_c?offer_id=79&aff_id=1265&aff_sub=201465&aff_sub2=eb0eae78d08559cc9171abce007d46af&aff_sub3=22384&aff_sub4=&aff_sub5= HTTP 302
https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=eb0eae78d08559cc9171abce007d46af&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=eb0eae78d08559cc9171abce007d46af&aff_sub4=&utm_kxconfid=t4kwo0a21 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D574a79c7-dd25-c41a-f3cd-9713f309b8eb%26type%3D43%26m%3D1&ex-fch=416613&ex-src=https://www.healthinsurance.net/&ex-hargs=v%3D1.0%3Bc%3D4565912920301%3Bp%3D574A79C7-DD25-C41A-F3CD-9713F309B8EB&cb=741798480844632000 HTTP 302
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D574a79c7-dd25-c41a-f3cd-9713f309b8eb%26type%3D43%26m%3D1&ex-fch=416613&ex-src=https://www.healthinsurance.net/&ex-hargs=v%3D1.0%3Bc%3D4565912920301%3Bp%3D574A79C7-DD25-C41A-F3CD-9713F309B8EB&cb=741798480844632000&dcc=t

Request Chain 42

https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3D7dcb44b5-b96b-40e5-10da-dbe017b7d6dc%26type%3D14%26m%3D1&ex-fch=416613&ex-src=https://www.healthinsurance.net/&ex-hargs=v%3D1.0%3Bc%3D7715990030901%3Bp%3D7DCB44B5-B96B-40E5-10DA-DBE017B7D6DC HTTP 302
https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3D7dcb44b5-b96b-40e5-10da-dbe017b7d6dc%26type%3D14%26m%3D1&ex-fch=416613&ex-src=https://www.healthinsurance.net/&ex-hargs=v%3D1.0%3Bc%3D7715990030901%3Bp%3D7DCB44B5-B96B-40E5-10DA-DBE017B7D6DC&dcc=t

Request Chain 49

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-73253617-1&cid=211340466.1571758171&jid=1508959435&gjid=1298014858&_gid=1641874700.1571758171&_u=YGBAgEAB~&z=116173092 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-73253617-1&cid=211340466.1571758171&jid=1508959435&_v=j79&z=116173092 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-73253617-1&cid=211340466.1571758171&jid=1508959435&_v=j79&z=116173092&slf_rd=1&random=2660816900

Request Chain 59

https://px0.pbbl.co/ns/__p2.gif?brid=1618&brcid=126415499&email=&orderId=null&orderValue=&productId=&offerCode=&label=&pageUrl=https%3A%2F%2Fhealthinsurance.net%2Fhi_wizard%2F%3Futm_source%3Dwex4%26utm_medium%3Dcpl%26utm_campaign%3D201465%26utm_content%3Deb0eae78d08559cc9171abce007d46af%26utm_term%3D22384%26offer_id%3D79%26transaction_id%3D102b001f90348ca89c3adff09078e4%26aff_sub%3D201465%26aff_sub5%3D%26aff_sub3%3D22384%26aff_sub2%3Deb0eae78d08559cc9171abce007d46af%26aff_sub4%3D%26utm_kxconfid%3Dt4kwo0a21%23health%2FUrgency&referrerUrl=http%3A%2F%2Fcrossmelody.com%2Fclicks%3Fcid%3D22384%26pub%3D201465%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&targetUrl=https%3A%2F%2Fhealthinsurance.net%2Fhi_wizard%2F%3Futm_source%3Dwex4%26utm_medium%3Dcpl%26utm_campaign%3D201465%26utm_content%3Deb0eae78d08559cc9171abce007d46af%26utm_term%3D22384%26offer_id%3D79%26transaction_id%3D102b001f90348ca89c3adff09078e4%26aff_sub%3D201465%26aff_sub5%3D%26aff_sub3%3D22384%26aff_sub2%3Deb0eae78d08559cc9171abce007d46af%26aff_sub4%3D%26utm_kxconfid%3Dt4kwo0a21%23health%2FUrgency&sessionId=&markerType=seg&rand=G1AWZb63OZ6j3bT9&jsVer=3.0&markerId=341566 HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9212282598&_ppid=b369f083-40c1-483b-a4ca-13d3d1e2bf37&_segid=99&iid=31ac2511-9fd3-4f3a-815b-5396c6e14f47 HTTP 302
https://px0.pbbl.co/adadvisor.gif?segment=000&_ppid=b369f083-40c1-483b-a4ca-13d3d1e2bf37&_segid=99&_zip=&hk=&iid=31ac2511-9fd3-4f3a-815b-5396c6e14f47&mt=&bd=

Request Chain 62

https://apiservices.krxd.net/click_tracker/track?kxconfid=t2unfouy2&kxcampaignid=wex4&kxplacementid=healthinsurance.net&kxsiteid=22384&clk=https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=eb0eae78d08559cc9171abce007d46af&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=eb0eae78d08559cc9171abce007d46af&aff_sub4=&utm_kxconfid=t4kwo0a21 HTTP 302
https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=eb0eae78d08559cc9171abce007d46af&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=eb0eae78d08559cc9171abce007d46af&aff_sub4=&utm_kxconfid=t4kwo0a21

Request Chain 75

https://apiservices.krxd.net/click_tracker/track?kxconfid=t2unfouy2&kxcampaignid=wex4&kxplacementid=healthinsurance.net&kxsiteid=22384&clk=https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=eb0eae78d08559cc9171abce007d46af&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=eb0eae78d08559cc9171abce007d46af&aff_sub4=&utm_kxconfid=t4kwo0a21 HTTP 302
https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=eb0eae78d08559cc9171abce007d46af&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=eb0eae78d08559cc9171abce007d46af&aff_sub4=&utm_kxconfid=t4kwo0a21

89 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set f126AY2s395y8D6N17iLQ237tnB2eg4bb6v24khDvv8EvDiwI8f4rbw8wEGsi8aRDomSnK7NkvN1i06jkNOih Show response
www.variousmedicalproblems.com/bucking-spotlessly/ 124 B
580 B 577ms
564ms Document
text/html 2606:4700:30::6812:3589
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://www.variousmedicalproblems.com/bucking-spotlessly/f126AY2s395y8D6N17iLQ237tnB2eg4bb6v24khDvv8EvDiwI8f4rbw8wEGsi8aRDomSnK7NkvN1i06jkNOih
Protocol: HTTP/1.1
Server: 2606:4700:30::6812:3589 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.3.3
Resource Hash: ae54cf1b3625f10b88e3c48fadc128db1c48b6c25d2e04de1528cf778e3decbe

Request headers

Host: www.variousmedicalproblems.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 22 Oct 2019 15:29:29 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=dd88ac47b72796bf96fde298910d535791571758168; expires=Wed, 21-Oct-20 15:29:28 GMT; path=/; domain=.variousmedicalproblems.com; HttpOnly
X-Powered-By: PHP/5.3.3
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 529c81c9581a8caa-VIE
Content-Encoding: gzip

GET
H/1.1 200
OK clicks Show response
crossmelody.com/ 4 KB
5 KB 268ms
126ms Document
text/html 23.95.199.211
ColoCrossing

General

Check archive.org

Show headers Download Go to

Full URL: http://crossmelody.com/clicks?cid=22384&pub=201465&sid1=&sid2=&sid3=&sid4=
Protocol: HTTP/1.1
Server: 23.95.199.211 Buffalo, United States, ASN36352 (AS-COLOCROSSING - ColoCrossing, US),
Reverse DNS: 23-95-199-211-host.colocrossing.com
Software: nginx/1.16.1 / PHP/5.4.16
Resource Hash: 43edb1b8c528cad45d89b9159707736e95e18f00a3db547c64f039e5abeda203

Request headers

Host: crossmelody.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://www.variousmedicalproblems.com/bucking-spotlessly/f126AY2s395y8D6N17iLQ237tnB2eg4bb6v24khDvv8EvDiwI8f4rbw8wEGsi8aRDomSnK7NkvN1i06jkNOih
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.variousmedicalproblems.com/bucking-spotlessly/f126AY2s395y8D6N17iLQ237tnB2eg4bb6v24khDvv8EvDiwI8f4rbw8wEGsi8aRDomSnK7NkvN1i06jkNOih

Response headers

Server: nginx/1.16.1
Date: Tue, 22 Oct 2019 15:29:29 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.16

POST
H/1.1 200
OK index.php
crossmelody.com/ 234 B
426 B 524ms
524ms XHR
text/html 23.95.199.211
ColoCrossing

General

Check archive.org

Show headers Download Go to

Full URL: http://crossmelody.com/index.php
Requested by: Host: crossmelody.com
URL: http://crossmelody.com/clicks?cid=22384&pub=201465&sid1=&sid2=&sid3=&sid4=
Protocol: HTTP/1.1
Server: 23.95.199.211 Buffalo, United States, ASN36352 (AS-COLOCROSSING - ColoCrossing, US),
Reverse DNS: 23-95-199-211-host.colocrossing.com
Software: nginx/1.16.1 / PHP/5.4.16
Resource Hash

Request headers

Referer: http://crossmelody.com/clicks?cid=22384&pub=201465&sid1=&sid2=&sid3=&sid4=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Tue, 22 Oct 2019 15:29:29 GMT
Server: nginx/1.16.1
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Transfer-Encoding: chunked
Content-Type: text/html

GET
H2

200

Primary Request / Show response
healthinsurance.net/hi_wizard/
Redirect Chain

https://tracking.healthinsurance.net/aff_c?offer_id=79&aff_id=1265&aff_sub=201465&aff_sub2=eb0eae78d08559cc9171abce007d46af&aff_sub3=22384&aff_sub4=&aff_sub5=
https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=eb0eae78d08559cc9171abce007d46af&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3a...

50 KB
10 KB

475ms
275ms

Document
text/html

35.171.253.12
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=eb0eae78d08559cc9171abce007d46af&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=eb0eae78d08559cc9171abce007d46af&aff_sub4=&utm_kxconfid=t4kwo0a21

Requested by

Host: crossmelody.com
URL: http://crossmelody.com/clicks?cid=22384&pub=201465&sid1=&sid2=&sid3=&sid4=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.171.253.12 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-35-171-253-12.compute-1.amazonaws.com

Software

Resource Hash

160c7e4d078b73b5cbbd15b4beaaaeb5c0f9ce71e812ade40a8c23c7f088bcbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: healthinsurance.net
:scheme: https
:path: /hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=eb0eae78d08559cc9171abce007d46af&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=eb0eae78d08559cc9171abce007d46af&aff_sub4=&utm_kxconfid=t4kwo0a21
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://crossmelody.com/clicks?cid=22384&pub=201465&sid1=&sid2=&sid3=&sid4=
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: http://crossmelody.com/clicks?cid=22384&pub=201465&sid1=&sid2=&sid3=&sid4=

Response headers

status: 200
date: Tue, 22 Oct 2019 15:29:30 GMT
content-type: text/html; charset=utf-8
x-frame-options: ALLOWALL
assur-appversion: 1.0.1010
etag: W/"160c7e4d078b73b5cbbd15b4beaaaeb5"
cache-control: max-age=0, private, must-revalidate
set-cookie: test_split_health_ds_quotes=show; path=/ test_split_remove_exit_blocker=control; path=/ test_split_recaptcha-badge=show; path=/ test_split_health_recommendation_tests=control; path=/ test_split_health_stm_tests=control; path=/ _insurance_session=4ea0ed368f831df8648152d0674b691a; path=/; secure; HttpOnly
x-request-id: ac79aff5-8f89-4648-b6d2-73edbdb0691c
x-runtime: 0.182358
vary: Origin
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: same-origin
content-encoding: gzip

Redirect headers

status: 302
date: Tue, 22 Oct 2019 15:29:30 GMT
content-type: text/html; charset=iso-8859-1
content-length: 554
location: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=eb0eae78d08559cc9171abce007d46af&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=eb0eae78d08559cc9171abce007d46af&aff_sub4=&utm_kxconfid=t4kwo0a21
server: nginx/1.13.12
expires: Sat, 26 Jul 1997 05:00:00 GMT
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
x-robots-tag: noindex, nofollow
tracking_id: 102b001f90348ca89c3adff09078e4
set-cookie: enc_aff_session_79=ENC03b2a270abb7025458c4f18ec18f1a2a635c197d235812388c7518c1e6a3406b3eec1a174ad3d9ffaefbac8860d32544eff1ca922d05bf26d9156e3540443848a60eb0f98f38c0fd695770ee87b44821b8b64b84c902e839a079d57c642223e9337d00a73470852649f694921502609b263eb2efa9f36a8de08591071e76697954b6b0661d6b8929e6f65c43206aff254ab2f295f8aef8199ae757cd5530d641ce4759472d62199ad4c15bcd27a87608f3c16df8f4c4dae49cab55b26e37de6620b9c9cdf298bf07300527d1465ee2fdc723232d79e1e4d78dd8882cd2a5f9f22b06648c47; expires=Tue, 29 Oct 2019 15:29:30 GMT; path=/; ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI3NC4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS83NC4wLjM3MjkuMTY5IFNhZmFyaS81MzcuMzYiLCJjb25uZWN0aW9uX3NwZWVkIjoiYnJvYWRiYW5kIn0=; expires=Fri, 16 Sep 2022 02:09:30 GMT; path=/;
p3p: CP="NOI CUR OUR NOR INT"
access-control-allow-origin: *

GET
H2 200 css
fonts.googleapis.com/ 9 KB
794 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:81e::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700

Requested by

Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=eb0eae78d08559cc9171abce007d46af&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=eb0eae78d08559cc9171abce007d46af&aff_sub4=&utm_kxconfid=t4kwo0a21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

373a0505368dab061278aa0b7243dc58fc165a25f8b0286d57f8835d06ab6e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 22 Oct 2019 15:29:30 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Tue, 22 Oct 2019 15:29:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Tue, 22 Oct 2019 15:29:30 GMT

GET
H/1.1 200
OK gtm-c6ad34199939ca4211eea0d25cdee444b7e6664af475ef70a9d741fba834f0f7.js Show response
cdn.assurance.com/insurance/public/assets/install/healthinsurance/ 324 B
927 B 50ms
7ms Script
application/x-javascript 143.204.101.113
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.assurance.com/insurance/public/assets/install/healthinsurance/gtm-c6ad34199939ca4211eea0d25cdee444b7e6664af475ef70a9d741fba834f0f7.js
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=eb0eae78d08559cc9171abce007d46af&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=eb0eae78d08559cc9171abce007d46af&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.113 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-113.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6ad34199939ca4211eea0d25cdee444b7e6664af475ef70a9d741fba834f0f7

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 22 Oct 2019 11:03:11 GMT
Via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
Last-Modified: Tue, 22 Oct 2019 10:06:49 GMT
Server: AmazonS3
Age: 15980
ETag: "b0d5fe155e9171b754084f4c639278fe"
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:231904212587:build/insurance:fc274bef-41ef-4c0d-88d3-1881886d3a70
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 324
X-Amz-Cf-Id: 4iJ_2SoKYOuES8FcfSy6J52r-aZqNNbHq04CKMiSY3JvBIi5p6WIcg==

GET
H/1.1 200
OK customer-241855f27afc6d187bb60e7b9e170f3d3e4e4909015b2ed8500f86cca4db9309.css
cdn.assurance.com/insurance/public/assets/ 218 KB
34 KB 51ms
9ms Stylesheet
text/css 143.204.101.113
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.assurance.com/insurance/public/assets/customer-241855f27afc6d187bb60e7b9e170f3d3e4e4909015b2ed8500f86cca4db9309.css
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=eb0eae78d08559cc9171abce007d46af&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=eb0eae78d08559cc9171abce007d46af&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.113 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-113.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1198497bc336def8414ca4ec9f429fbb3c38afbacbb4e7b2a3f939941bbc4f58

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 20 Oct 2019 13:45:05 GMT
Content-Encoding: gzip
Last-Modified: Sat, 19 Oct 2019 23:25:19 GMT
Server: AmazonS3
Age: 80894
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:231904212587:build/insurance:27a8010c-b37d-4a51-9e4e-44cbb34a7b88
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: 5WKLRJFhK94jhh8-oTlLZ_b0PpWkfQanqNgWauc1xxh-1qeaIu8kpQ==

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
7 KB 50ms
23ms Stylesheet
text/css 2606:4700::6813:c497
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c497 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 22 Oct 2019 15:29:30 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 16392111
status: 200
alt-svc: h3-23=":443"; ma=86400
served-in-seconds: 0.001
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:19:12 GMT
server: cloudflare
etag: W/"5afd4910-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 529c81d64dfa59fa-VIE
expires: Sun, 11 Oct 2020 15:29:30 GMT

GET
H/1.1 200
OK utility-c3c0f5a1e3c2f4e7471c3cf34ce7b3f10540750c3b05fdb5b1576d5be1f9170b.js Show response
cdn.assurance.com/insurance/public/assets/customer/ 5 KB
3 KB 53ms
8ms Script
application/x-javascript 143.204.101.113
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.assurance.com/insurance/public/assets/customer/utility-c3c0f5a1e3c2f4e7471c3cf34ce7b3f10540750c3b05fdb5b1576d5be1f9170b.js
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=eb0eae78d08559cc9171abce007d46af&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=eb0eae78d08559cc9171abce007d46af&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.113 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-113.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c3c0f5a1e3c2f4e7471c3cf34ce7b3f10540750c3b05fdb5b1576d5be1f9170b

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 21 Oct 2019 18:35:03 GMT
Content-Encoding: gzip
Last-Modified: Sat, 28 Sep 2019 11:20:24 GMT
Server: AmazonS3
Age: 75267
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:231904212587:build/insurance:a5b4cedb-70c8-4a49-a1f7-58b39ebd5f58
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: iVknvr6vYZd4ctHhj3SAAycsuawARnSu5LURXLh4bArQY3Hw30Gg5A==

GET
H/1.1 200
OK healthinsurance-d0c09059b130934708891c275fcbff50edeb7776fa1943b2ade4859d958c9960.css
cdn.assurance.com/insurance/public/assets/customer/ 2 KB
977 B 51ms
10ms Stylesheet
text/css 143.204.101.113
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.assurance.com/insurance/public/assets/customer/healthinsurance-d0c09059b130934708891c275fcbff50edeb7776fa1943b2ade4859d958c9960.css
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=eb0eae78d08559cc9171abce007d46af&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=eb0eae78d08559cc9171abce007d46af&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.113 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-113.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d0c09059b130934708891c275fcbff50edeb7776fa1943b2ade4859d958c9960

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 22 Oct 2019 11:03:11 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Oct 2019 10:07:36 GMT
Server: AmazonS3
Age: 15980
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:231904212587:build/insurance:fc274bef-41ef-4c0d-88d3-1881886d3a70
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: xzZaAQ-3swduBl2-rHZHJVsCCXP0faOG94n2bHLJvMJXG_90cdL9yQ==

GET
H/1.1 200
OK health-f060c3e136630ce60b5fa1088d68a7a1fd048b0d75c19a4ddae58e8723c0b1fe.css
cdn.assurance.com/insurance/public/assets/plates/ 237 B
823 B 51ms
9ms Stylesheet
text/css 143.204.101.113
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.assurance.com/insurance/public/assets/plates/health-f060c3e136630ce60b5fa1088d68a7a1fd048b0d75c19a4ddae58e8723c0b1fe.css
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=eb0eae78d08559cc9171abce007d46af&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=eb0eae78d08559cc9171abce007d46af&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.113 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-113.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f060c3e136630ce60b5fa1088d68a7a1fd048b0d75c19a4ddae58e8723c0b1fe

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 22 Oct 2019 13:47:13 GMT
Via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
Last-Modified: Tue, 22 Oct 2019 13:09:19 GMT
Server: AmazonS3
Age: 6138
ETag: "b72b6a3a477d4fa502dc0f857fd6e24a"
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:231904212587:build/insurance:a05b27ad-bfea-4d71-9340-ee7b3803ddae
X-Cache: Hit from cloudfront
Content-Type: text/css
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 237
X-Amz-Cf-Id: 8J4YqqdCZ6TAiWQMI6t0VOh0j_UqfYVi0WGP-yzbKEiS__tr-immOg==

GET
H/1.1 200
OK big_text-cbb649035cc0aab0434ac418212ee6ae2674f68670d0767b3231ce13049747a5.css
cdn.assurance.com/insurance/public/assets/plates/ 908 B
1 KB 48ms
7ms Stylesheet
text/css 143.204.101.113
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.assurance.com/insurance/public/assets/plates/big_text-cbb649035cc0aab0434ac418212ee6ae2674f68670d0767b3231ce13049747a5.css
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=eb0eae78d08559cc9171abce007d46af&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=eb0eae78d08559cc9171abce007d46af&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.113 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-113.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cbb649035cc0aab0434ac418212ee6ae2674f68670d0767b3231ce13049747a5

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 21 Oct 2019 21:13:12 GMT
Via: 1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
Last-Modified: Mon, 21 Oct 2019 21:13:08 GMT
Server: AmazonS3
Age: 65779
ETag: "401fbf9dcce08729eb8e5375de6bb2e4"
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:231904212587:build/insurance:220c540f-cc38-412d-bb49-56efcd2c9fe9
X-Cache: Hit from cloudfront
Content-Type: text/css
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 908
X-Amz-Cf-Id: XDi9PamN_Q8w9L0ddbfAXHClieYN3h2uNMgSf4aQT9mwAecXlE-2xQ==

GET
H/1.1 200
OK honeybadger.min.js Show response
js.honeybadger.io/v0.4/ 7 KB
4 KB 25ms
6ms Script
application/x-javascript 13.224.196.43
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://js.honeybadger.io/v0.4/honeybadger.min.js
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=eb0eae78d08559cc9171abce007d46af&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=eb0eae78d08559cc9171abce007d46af&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.196.43 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-196-43.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a5a03ffb74678bd02d15096bdb6d36f08338cde8f8f51d7fa8c2cc3df9e6f4e5

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: oVQfnkFyjGraPKHgRCAgdUvTx_OvZVYJ
Content-Encoding: gzip
Last-Modified: Wed, 19 Jul 2017 17:08:27 GMT
Server: AmazonS3
Age: 23877
Date: Tue, 22 Oct 2019 08:51:34 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA2-C1
X-Amz-Cf-Id: KGgeQNKZ68XAQva7e3_jVl41GKsal1JO6oGTJKTJvt_DfOcbp-NEGQ==

GET
H/1.1 200
OK honeybadger-62400bc84c0bbc6c3d92853f1dc29871b5f5b247b2cf4ca92bbe9cb496ba2c60.js Show response
cdn.assurance.com/insurance/public/assets/install/ 2 KB
1 KB 54ms
6ms Script
application/x-javascript 143.204.101.113
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.assurance.com/insurance/public/assets/install/honeybadger-62400bc84c0bbc6c3d92853f1dc29871b5f5b247b2cf4ca92bbe9cb496ba2c60.js
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=eb0eae78d08559cc9171abce007d46af&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=eb0eae78d08559cc9171abce007d46af&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.113 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-113.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 62400bc84c0bbc6c3d92853f1dc29871b5f5b247b2cf4ca92bbe9cb496ba2c60

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 21 Oct 2019 18:35:06 GMT
Content-Encoding: gzip
Last-Modified: Sat, 17 Aug 2019 06:57:24 GMT
Server: AmazonS3
Age: 75264
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:231904212587:build/insurance:c9825661-2734-49b5-949a-92f332ca60cd
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: Sucn5EpuIgn4FzcxnLhXmUyOrKtA_l1VJM3RS8oSnbPDRYgeUInUaA==

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 763 B
672 B 31ms
30ms Script
text/javascript 2a00:1450:4001:820::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LcQnacUAAAAAPLgJfUTwV3S6-izNvVWMwXVutm-

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

23451db084e5b7b10dc5b25145dd5703999acf5fd82f5f5cae58a4e6d43e6611

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 22 Oct 2019 15:29:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 498
x-xss-protection: 1; mode=block
expires: Tue, 22 Oct 2019 15:29:30 GMT

GET
H/1.1 200
OK ella-flip-080b58bfb270a0738da291bfc8693cbf683d222ee761597e682e29e21f6f76fc.png
cdn.assurance.com/insurance/public/assets/ 100 KB
100 KB 12ms
12ms Image
image/png 143.204.101.113
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.assurance.com/insurance/public/assets/ella-flip-080b58bfb270a0738da291bfc8693cbf683d222ee761597e682e29e21f6f76fc.png
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=eb0eae78d08559cc9171abce007d46af&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=eb0eae78d08559cc9171abce007d46af&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.113 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-113.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 080b58bfb270a0738da291bfc8693cbf683d222ee761597e682e29e21f6f76fc

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 22 Oct 2019 13:09:33 GMT
Via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
Last-Modified: Tue, 22 Oct 2019 13:09:09 GMT
Server: AmazonS3
Age: 8398
ETag: "db64300811ffdb901937748066c4718e"
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:231904212587:build/insurance:a05b27ad-bfea-4d71-9340-ee7b3803ddae
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 101895
X-Amz-Cf-Id: Gwm2SD-UPgG8bCNsacHrmBGdI1HRmgRKEy5Oenf37Vpwzt3j9yeW3Q==

GET
H/1.1 200
OK loading-ea1c3eaefeb1b4e7a6d3fa97f320b3397e4f5d112afcb758e62513852b573423.gif
cdn.assurance.com/insurance/public/assets/icons/ 34 KB
35 KB 8ms
8ms Image
image/gif 143.204.101.113
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.assurance.com/insurance/public/assets/icons/loading-ea1c3eaefeb1b4e7a6d3fa97f320b3397e4f5d112afcb758e62513852b573423.gif
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=eb0eae78d08559cc9171abce007d46af&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=eb0eae78d08559cc9171abce007d46af&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.113 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-113.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ea1c3eaefeb1b4e7a6d3fa97f320b3397e4f5d112afcb758e62513852b573423

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 22 Oct 2019 13:09:33 GMT
Via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
Last-Modified: Tue, 22 Oct 2019 13:09:23 GMT
Server: AmazonS3
Age: 8398
ETag: "d6b028d0fe0d17991948c0b5c94e0a2e"
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:231904212587:build/insurance:a05b27ad-bfea-4d71-9340-ee7b3803ddae
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 34936
X-Amz-Cf-Id: c_-Eq84VlKU3Qb82impZzS9y2taswXyxShsicv1LbZmZ79qSedAFpg==

GET
H/1.1 200
OK bbb-badge-white-simple-556dd6874d80f240e42525b0b3a6535dfac43ae3fbebbe0ebe44014847b2af4e.png
cdn.assurance.com/insurance/public/assets/logos/partners/ 10 KB
11 KB 7ms
7ms Image
image/png 143.204.101.113
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.assurance.com/insurance/public/assets/logos/partners/bbb-badge-white-simple-556dd6874d80f240e42525b0b3a6535dfac43ae3fbebbe0ebe44014847b2af4e.png
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=eb0eae78d08559cc9171abce007d46af&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=eb0eae78d08559cc9171abce007d46af&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.113 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-113.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 556dd6874d80f240e42525b0b3a6535dfac43ae3fbebbe0ebe44014847b2af4e

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 22 Oct 2019 14:13:34 GMT
Via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
Last-Modified: Tue, 22 Oct 2019 13:09:06 GMT
Server: AmazonS3
Age: 4557
ETag: "1f16fbafb717abe9e1d051844fb6c039"
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:231904212587:build/insurance:a05b27ad-bfea-4d71-9340-ee7b3803ddae
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 10185
X-Amz-Cf-Id: zLioCqeNjG9CJGOQ1pZ8Hq_w06_-k-qssQgvXsiIpl8iJFBadzVEuQ==

GET
H2 200 cssrelpreload.min.js Show response
cdnjs.cloudflare.com/ajax/libs/loadCSS/2.1.0/ 1 KB
580 B 17ms
16ms Script
application/javascript 2606:4700::6813:c497
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/loadCSS/2.1.0/cssrelpreload.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c497 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

19cfca88e33cb1f56e957f1a653d3acad97f7cc927d0b2e329a80ead264578d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 22 Oct 2019 15:29:30 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 6540870
status: 200
alt-svc: h3-23=":443"; ma=86400
served-in-seconds: 0.001
timing-allow-origin: *
last-modified: Mon, 03 Dec 2018 23:00:54 GMT
server: cloudflare
etag: W/"5c05b5a6-4a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 529c81d68e2a59fa-VIE
expires: Sun, 11 Oct 2020 15:29:30 GMT

GET
H2 200 onloadCSS.min.js Show response
cdnjs.cloudflare.com/ajax/libs/loadCSS/2.1.0/ 241 B
224 B 18ms
16ms Script
application/javascript 2606:4700::6813:c497
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/loadCSS/2.1.0/onloadCSS.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c497 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7973f6d4de8da495c0a4a870d6b50fff04cc246e1628364160f8486e7f3a1f3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 22 Oct 2019 15:29:30 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 6526600
status: 200
alt-svc: h3-23=":443"; ma=86400
served-in-seconds: 0.000
timing-allow-origin: *
last-modified: Mon, 03 Dec 2018 23:00:54 GMT
server: cloudflare
etag: W/"5c05b5a6-f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 529c81d68e2c59fa-VIE
expires: Sun, 11 Oct 2020 15:29:30 GMT

GET
H/1.1 200
OK customer-f59824bef9933206c1ebf4358f41097b123fcba75a060e6b030d5ce6ed160eb5.js Show response
cdn.assurance.com/insurance/public/assets/ 471 KB
149 KB 8ms
7ms Script
application/x-javascript 143.204.101.113
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.assurance.com/insurance/public/assets/customer-f59824bef9933206c1ebf4358f41097b123fcba75a060e6b030d5ce6ed160eb5.js
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=eb0eae78d08559cc9171abce007d46af&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=eb0eae78d08559cc9171abce007d46af&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.113 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-113.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f59824bef9933206c1ebf4358f41097b123fcba75a060e6b030d5ce6ed160eb5

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 21 Oct 2019 19:19:12 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Oct 2019 18:17:20 GMT
Server: AmazonS3
Age: 72619
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:231904212587:build/insurance:9d20335f-5b98-4ba2-9fc2-7fcdd29c5718
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: CJp24WuF1bSfr-I5GQ1amZYlw87r_jNp0mjYweVp6qYoEoBzI7YePg==

GET
H/1.1 200
OK recaptcha_v3-115e92ecc8cd17434bd87f305829287c2b633cc7c79fef3db40c812466c50189.js Show response
cdn.assurance.com/insurance/public/assets/ 357 B
960 B 7ms
6ms Script
application/x-javascript 143.204.101.113
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.assurance.com/insurance/public/assets/recaptcha_v3-115e92ecc8cd17434bd87f305829287c2b633cc7c79fef3db40c812466c50189.js
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=eb0eae78d08559cc9171abce007d46af&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=eb0eae78d08559cc9171abce007d46af&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.113 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-113.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 115e92ecc8cd17434bd87f305829287c2b633cc7c79fef3db40c812466c50189

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 22 Oct 2019 02:14:30 GMT
Via: 1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
Last-Modified: Sat, 28 Sep 2019 11:20:11 GMT
Server: AmazonS3
Age: 47701
ETag: "665684d370d08fd9ad44b6090eedbb5d"
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:231904212587:build/insurance:a5b4cedb-70c8-4a49-a1f7-58b39ebd5f58
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 357
X-Amz-Cf-Id: ZO8rCQSjNWejXVZt8ftneeVai3mamp9miXhDBD8Zep9AhH94vv2qtg==

GET
H/1.1 200
OK google_nums-4fa943c533adc193617c8826b5d07c87de1c952ef757fb2f4551e6e65cd1c49e.js Show response
cdn.assurance.com/insurance/public/assets/install/healthinsurance/ 413 B
1015 B 8ms
7ms Script
application/x-javascript 143.204.101.113
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.assurance.com/insurance/public/assets/install/healthinsurance/google_nums-4fa943c533adc193617c8826b5d07c87de1c952ef757fb2f4551e6e65cd1c49e.js
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=eb0eae78d08559cc9171abce007d46af&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=eb0eae78d08559cc9171abce007d46af&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.113 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-113.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4fa943c533adc193617c8826b5d07c87de1c952ef757fb2f4551e6e65cd1c49e

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 22 Oct 2019 14:13:34 GMT
Via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
Last-Modified: Tue, 22 Oct 2019 13:09:02 GMT
Server: AmazonS3
Age: 4557
ETag: "17cef9827b40af47807175cceb10f1d6"
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:231904212587:build/insurance:a05b27ad-bfea-4d71-9340-ee7b3803ddae
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 413
X-Amz-Cf-Id: 11ySGl4coQpmXzhNF-QvDZVFjJsZPF_s7JahCX2gVUzB1dj2FcrnBQ==

GET
H/1.1 200
OK leadid-fc8ec001faf2a4299e345bfe462404de9efca8ddca4b663821b8f65865f4dc9b.js Show response
cdn.assurance.com/insurance/public/assets/ 294 B
897 B 7ms
7ms Script
application/x-javascript 143.204.101.113
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.assurance.com/insurance/public/assets/leadid-fc8ec001faf2a4299e345bfe462404de9efca8ddca4b663821b8f65865f4dc9b.js
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=eb0eae78d08559cc9171abce007d46af&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=eb0eae78d08559cc9171abce007d46af&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.113 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-113.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fc8ec001faf2a4299e345bfe462404de9efca8ddca4b663821b8f65865f4dc9b

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 21 Oct 2019 18:35:13 GMT
Via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
Last-Modified: Mon, 07 Oct 2019 15:19:26 GMT
Server: AmazonS3
Age: 75258
ETag: "4eaa75c84ccb4b4dabef51d291650dcf"
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:231904212587:build/insurance:3e7bacff-8c51-4cc5-9b40-a94570fbbae0
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 294
X-Amz-Cf-Id: xsYKZSsrMP-kArdfheXALAZz-NKZqorepyQLNbP9rxYyMaBxhA1KBQ==

GET
H/1.1 200
OK trustedForm-351e617fe9eba5db39ecdff23a83d6dc680e286691aa48fad095225902d3238d.js Show response
cdn.assurance.com/insurance/public/assets/ 412 B
1015 B 8ms
7ms Script
application/x-javascript 143.204.101.113
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.assurance.com/insurance/public/assets/trustedForm-351e617fe9eba5db39ecdff23a83d6dc680e286691aa48fad095225902d3238d.js
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=eb0eae78d08559cc9171abce007d46af&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=eb0eae78d08559cc9171abce007d46af&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.113 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-113.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 351e617fe9eba5db39ecdff23a83d6dc680e286691aa48fad095225902d3238d

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 21 Oct 2019 09:44:24 GMT
Via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
Last-Modified: Mon, 21 Oct 2019 09:22:01 GMT
Server: AmazonS3
Age: 20291
ETag: "fc7eb0ec8d79420f602f398e9138e868"
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:231904212587:build/insurance:069fb1f3-41f4-4a19-82f5-3f420b513b22
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 412
X-Amz-Cf-Id: 62iEVtxt2zoloPpmOf153rwy5J6akFQkThWyEbsN9nCEuSYnY9d0yA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 99 KB
31 KB 18ms
18ms Script
application/javascript 2a00:1450:4001:815::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WQLF25

Requested by

Host: cdn.assurance.com
URL: https://cdn.assurance.com/insurance/public/assets/install/healthinsurance/gtm-c6ad34199939ca4211eea0d25cdee444b7e6664af475ef70a9d741fba834f0f7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

19a6fc420de5f5f42811e6fb6cb2855c8a42241d7257934b47ec3a7dc0549c29

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 22 Oct 2019 15:29:30 GMT
content-encoding: br
last-modified: Tue, 22 Oct 2019 15:00:00 GMT
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 31945
x-xss-protection: 0
expires: Tue, 22 Oct 2019 15:29:30 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/5fbZx3NV5xhaMoMLrZV3TkN4/ 253 KB
90 KB 19ms
5ms Script
text/javascript 2a00:1450:4001:824::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5fbZx3NV5xhaMoMLrZV3TkN4/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcQnacUAAAAAPLgJfUTwV3S6-izNvVWMwXVutm-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

bc5efe0814deaf9314fcd65d6c9d924ea008d2637945fae0acc3860c45deb1e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 17:12:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 21 Oct 2019 04:03:56 GMT
server: sffe
age: 80236
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 92268
x-xss-protection: 0
expires: Tue, 20 Oct 2020 17:12:14 GMT

GET
H2 200 healthinsurance.png
d2ysjycjrua9tt.cloudfront.net/img/logos/ 32 KB
32 KB 65ms
13ms Image
image/png 2600:9000:20eb:bc00:1:1faa:9040:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2ysjycjrua9tt.cloudfront.net/img/logos/healthinsurance.png
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=eb0eae78d08559cc9171abce007d46af&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=eb0eae78d08559cc9171abce007d46af&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:bc00:1:1faa:9040:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 26b6ded1f4da5ed4f61226c7a1f36be06d422b4b2ca54262103bc354ef732bc7

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 12:58:24 GMT
via: 1.1 69f13f852a135432abb1b7bfc5a8b421.cloudfront.net (CloudFront)
last-modified: Tue, 29 Jan 2019 04:10:36 GMT
server: AmazonS3
age: 6245
etag: "03fbef1b740f6d6cc39d5ab1d86edca8"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: 86400
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 32408
x-amz-cf-id: KX1Rkyr_oETm-gopG-WZO185WijvQjxaKRbLHTRsPsBYC_IkS01diw==

GET
H2 200 hero-1.jpg
d2ysjycjrua9tt.cloudfront.net/img/ 16 KB
17 KB 61ms
8ms Image
image/jpeg 2600:9000:20eb:bc00:1:1faa:9040:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2ysjycjrua9tt.cloudfront.net/img/hero-1.jpg
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=eb0eae78d08559cc9171abce007d46af&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=eb0eae78d08559cc9171abce007d46af&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:bc00:1:1faa:9040:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e15eb5040e99ce3f51d49580272bd18e4f2b5030b312315500916fd075e6a5e8

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 20 Oct 2019 19:38:13 GMT
via: 1.1 69f13f852a135432abb1b7bfc5a8b421.cloudfront.net (CloudFront)
last-modified: Tue, 21 May 2019 20:48:00 GMT
server: AmazonS3
age: 71372
etag: "2cfff2ffd8a2b57372c19a719844d014"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 16821
x-amz-cf-id: MDRsZpdi5jkZGz33F8gfvksmkE7QYQdK2URmkJYUdDLQR-jUJR8cAw==

GET
H2 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 45ms
19ms Font
application/octet-stream 2606:4700::6813:c497
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c497 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode: cors
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://healthinsurance.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 22 Oct 2019 15:29:30 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 16392111
status: 200
alt-svc: h3-23=":443"; ma=86400
content-length: 77160
served-in-seconds: 0.012
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:19:53 GMT
server: cloudflare
etag: "5afd4939-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 529c81d6bab9cbc0-VIE
expires: Sun, 11 Oct 2020 15:29:30 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Requested by

Host: cdn.assurance.com
URL: https://cdn.assurance.com/insurance/public/assets/customer-f59824bef9933206c1ebf4358f41097b123fcba75a060e6b030d5ce6ed160eb5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Origin: https://healthinsurance.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 11 Oct 2019 19:39:28 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:37 GMT
server: sffe
age: 935402
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9016
x-xss-protection: 0
expires: Sat, 10 Oct 2020 19:39:28 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: cdn.assurance.com
URL: https://cdn.assurance.com/insurance/public/assets/customer-f59824bef9933206c1ebf4358f41097b123fcba75a060e6b030d5ce6ed160eb5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Origin: https://healthinsurance.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 19 Oct 2019 01:14:30 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:31:11 GMT
server: sffe
age: 310500
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9080
x-xss-protection: 0
expires: Sun, 18 Oct 2020 01:14:30 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: cdn.assurance.com
URL: https://cdn.assurance.com/insurance/public/assets/customer-f59824bef9933206c1ebf4358f41097b123fcba75a060e6b030d5ce6ed160eb5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Origin: https://healthinsurance.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 08 Oct 2019 17:59:15 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 1200615
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9132
x-xss-protection: 0
expires: Wed, 07 Oct 2020 17:59:15 GMT

GET
H2 200 ic_close_black_24dp_2x.png
d2ysjycjrua9tt.cloudfront.net/img/icons/ 235 B
574 B 8ms
8ms Image
image/png 2600:9000:20eb:bc00:1:1faa:9040:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2ysjycjrua9tt.cloudfront.net/img/icons/ic_close_black_24dp_2x.png
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=eb0eae78d08559cc9171abce007d46af&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=eb0eae78d08559cc9171abce007d46af&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:bc00:1:1faa:9040:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1121422aa828fb8f2f421b88b5d2437c78e51cd43a338094ec62ada2012887b1

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 22 Oct 2019 13:11:35 GMT
via: 1.1 69f13f852a135432abb1b7bfc5a8b421.cloudfront.net (CloudFront)
last-modified: Tue, 29 Jan 2019 04:11:22 GMT
server: AmazonS3
age: 8276
etag: "637093407c90164fe23f9a0239638b56"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: 86400
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 235
x-amz-cf-id: bmGSYXX11qI6D5S2KgEM_3BGMs38idHgpz31hXF2NAn5Q1dG1uayiA==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:814::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQLF25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 5721
date: Tue, 22 Oct 2019 13:54:09 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Tue, 22 Oct 2019 15:54:09 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
22 KB 6ms
5ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.variousmedicalproblems.com
URL: http://www.variousmedicalproblems.com/bucking-spotlessly/f126AY2s395y8D6N17iLQ237tnB2eg4bb6v24khDvv8EvDiwI8f4rbw8wEGsi8aRDomSnK7NkvN1i06jkNOih

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

9404cee30e4489a7ed4d6de2dd92aa8e4386fd5ff1c81ebcea77f581952eac31

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-23=":443"; ma=3600
content-length: 22458
x-xss-protection: 0
pragma: public
x-fb-debug: 7mCLW19I8pZ6guMO7pYzSageUcu2ObVMQOrLTwWj/4GSoqeTN3QkblLeqqNa6qc0rLxpk5njZZ0zM+jBHPXmlw==
x-fb-trip-id: 1850256238
x-frame-options: DENY
date: Tue, 22 Oct 2019 15:29:30 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK atrk.js Show response
d31qbv1cthcecs.cloudfront.net/ 4 KB
2 KB 21ms
6ms Script
text/javascript 143.204.101.44
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by: Host: www.variousmedicalproblems.com
URL: http://www.variousmedicalproblems.com/bucking-spotlessly/f126AY2s395y8D6N17iLQ237tnB2eg4bb6v24khDvv8EvDiwI8f4rbw8wEGsi8aRDomSnK7NkvN1i06jkNOih
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.44 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-44.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 14 Jun 2019 00:49:06 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Sat, 16 Mar 2019 16:01:33 GMT
Server: AmazonS3
Age: 11284825
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: TMK7yzOVbFOZpycDvsQyd5r_bE82u-64wc64r2r943BoBw4qhjKbTA==

GET
H2 200 bat.js Show response
bat.bing.com/ 23 KB
7 KB 73ms
46ms Script
application/javascript 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.variousmedicalproblems.com
URL: http://www.variousmedicalproblems.com/bucking-spotlessly/f126AY2s395y8D6N17iLQ237tnB2eg4bb6v24khDvv8EvDiwI8f4rbw8wEGsi8aRDomSnK7NkvN1i06jkNOih
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 22 Oct 2019 15:29:30 GMT
content-encoding: gzip
last-modified: Tue, 10 Sep 2019 18:57:28 GMT
x-msedge-ref: Ref A: A8D129CCA25141749FDE8166163830BF Ref B: VIEEDGE1021 Ref C: 2019-10-22T15:29:30Z
status: 200
etag: "09c5197968d51:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 7155

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 19 KB
6 KB 53ms
17ms Script
application/javascript 2a00:1288:f03d:1fa::2000
Oath Holdings Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: www.variousmedicalproblems.com
URL: http://www.variousmedicalproblems.com/bucking-spotlessly/f126AY2s395y8D6N17iLQ237tnB2eg4bb6v24khDvv8EvDiwI8f4rbw8wEGsi8aRDomSnK7NkvN1i06jkNOih

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1 - Oath Holdings Inc., US),

Reverse DNS

Software

ATS /

Resource Hash

7edb2213c1f4f569617389783ba544f9997d11a1fc5e54406582b25967bfde66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 22 Oct 2019 15:05:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1435
x-amz-server-side-encryption: AES256
status: 200
vary: Origin, Accept-Encoding
x-amz-request-id: F92F816BF88D9428
x-amz-id-2: 6SyJqU+DtN6buKRiHXcIsEXE9evORXYqH5O0k+q6Xr572Ps8Ay/u9v/uAvBSImN7sing9Tw2ivw=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 12 Nov 2020 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 08 Oct 2019 10:16:59 GMT
server: ATS
etag: "254a43f994019deb4ca1830f04bd5d32-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-version-id: x4Y4HVRbF4l0Lw4GKvYmVr0DuE8bwWr0
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 5150
content-type: application/javascript

GET
H/1.1

200
OK

Cookie set iu3
s.amazon-adsystem.com/ Frame 561E
Redirect Chain

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D574a79c7-dd25-c41a-f3cd-9713f309b8eb%26type%3D43%26m%3D1&ex-fch=416613&ex-src=https://www.healthinsurance.net/&ex-hargs=v%3D1.0%3Bc%3D45...
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D574a79c7-dd25-c41a-f3cd-9713f309b8eb%26type%3D43%26m%3D1&ex-fch=416613&ex-src=https://www.healthinsurance.net/&ex-hargs=v%3D1.0%3Bc%3D45...

0
0

113ms
112ms

Document
text/html

52.46.130.13
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D574a79c7-dd25-c41a-f3cd-9713f309b8eb%26type%3D43%26m%3D1&ex-fch=416613&ex-src=https://www.healthinsurance.net/&ex-hargs=v%3D1.0%3Bc%3D4565912920301%3Bp%3D574A79C7-DD25-C41A-F3CD-9713F309B8EB&cb=741798480844632000&dcc=t
Requested by: Host: www.variousmedicalproblems.com
URL: http://www.variousmedicalproblems.com/bucking-spotlessly/f126AY2s395y8D6N17iLQ237tnB2eg4bb6v24khDvv8EvDiwI8f4rbw8wEGsi8aRDomSnK7NkvN1i06jkNOih
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.46.130.13 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Server /
Resource Hash

Request headers

Host: s.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Accept-Encoding: gzip, deflate, br
Cookie: ad-id=A74-rIHjTk35hqP8xkuKz2c|t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate

Response headers

Server: Server
Date: Tue, 22 Oct 2019 15:29:31 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 346
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie: ad-id=A74-rIHjTk35hqP8xkuKz2c; Domain=.amazon-adsystem.com; Expires=Wed, 01-Jul-2020 15:29:31 GMT; Path=/; HttpOnly ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Wed, 01-Jan-2025 15:29:31 GMT; Path=/; HttpOnly
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip

Redirect headers

Server: Server
Date: Tue, 22 Oct 2019 15:29:30 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D574a79c7-dd25-c41a-f3cd-9713f309b8eb%26type%3D43%26m%3D1&ex-fch=416613&ex-src=https://www.healthinsurance.net/&ex-hargs=v%3D1.0%3Bc%3D4565912920301%3Bp%3D574A79C7-DD25-C41A-F3CD-9713F309B8EB&cb=741798480844632000&dcc=t
Set-Cookie: ad-id=AzudVW6ywUK8k9Sf3Vc_FHM|t; Domain=.amazon-adsystem.com; Expires=Wed, 01-Jul-2020 15:29:30 GMT; Path=/; HttpOnly
Vary: User-Agent

GET
H/1.1 200
OK t2d2miw0x.js Show response
cdn.krxd.net/controltag/ 17 KB
6 KB 136ms
123ms Script
text/javascript 151.101.112.175
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/t2d2miw0x.js
Requested by: Host: www.variousmedicalproblems.com
URL: http://www.variousmedicalproblems.com/bucking-spotlessly/f126AY2s395y8D6N17iLQ237tnB2eg4bb6v24khDvv8EvDiwI8f4rbw8wEGsi8aRDomSnK7NkvN1i06jkNOih
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.175 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 30a08b8de480b1dfd34301b0b7e4ec5627d3cd5e2ab5b379cd661db9f8d38d9c

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-CDN-Backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
Date: Tue, 22 Oct 2019 15:29:30 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 153
X-Cache: MISS, HIT, HIT
X-App-Cache: HIT
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 5164
X-Served-By: config-service-a001-ash-prod.krxd.net, cache-iad2138-IAD, cache-hhn4022-HHN
X-Response-Time: 0
X-Do-Esi: esi
X-Timer: S1571758171.759013,VS0,VE118
ETag: "2eb9f2880190c43e172826519318073e3dcba66d"
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, max-age=1200
Accept-Ranges: bytes
X-Age: 0
X-Cache-Hits: 0, 1, 1

GET
H2 200 one-tag.js Show response
na5.cdn.thunderhead.com/one/rt/js/ 85 KB
27 KB 501ms
410ms Script
text/javascript 2620:1ec:bdf::10
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://na5.cdn.thunderhead.com/one/rt/js/one-tag.js?siteKey=ONE-QJJVTVNQNN-2522

Requested by

Host: www.variousmedicalproblems.com
URL: http://www.variousmedicalproblems.com/bucking-spotlessly/f126AY2s395y8D6N17iLQ237tnB2eg4bb6v24khDvv8EvDiwI8f4rbw8wEGsi8aRDomSnK7NkvN1i06jkNOih

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:bdf::10 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Resource Hash

6afe06ce88b927163790138f2746fdc4e268ec563ca5967f991f8da10e4479bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
content-encoding: gzip
x-azure-ref-originshield: 0WiCvXQAAAABcTWOn3j06QKfk6dqtVaNHQU1TRURHRTA0MTUAMzg5ZjM1OTMtMWU5ZC00NjBhLTljMGUtMWQwOTU5NDg4YTE2
x-one-req-metric: 1571758171003;1;2
etag: "ONE-QJJVTVNQNN-2522-null-437632802"
vary: Accept-Encoding
x-cache: TCP_MISS
content-type: text/javascript
status: 200
cache-control: no-transform, max-age=1200
date: Tue, 22 Oct 2019 15:29:30 GMT
x-azure-ref: 0WiCvXQAAAACj+mjXSXZqSr6F9b9TtnviVklFRURHRTAyMTkAMzg5ZjM1OTMtMWU5ZC00NjBhLTljMGUtMWQwOTU5NDg4YTE2
content-length: 26903

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ 43 B
448 B 135ms
44ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10001594778196&.yp=437880&gtmcb=206668811

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 , Switzerland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 22 Oct 2019 15:29:30 GMT
x-content-type-options: nosniff
age: 0
status: 200
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: ATS
x-frame-options: DENY
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
expires: Tue, 22 Oct 2019 15:29:30 GMT

GET
H/1.1

200
OK

iui3
s.amazon-adsystem.com/
Redirect Chain

https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3D7dcb44b5-b96b-40e5-10da-dbe017b7d6dc%26type%3D14%26m%3D1&ex-fch=416613&ex-src=https://www.healthinsurance.net/&ex-hargs=v%3D1.0%3B...
https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3D7dcb44b5-b96b-40e5-10da-dbe017b7d6dc%26type%3D14%26m%3D1&ex-fch=416613&ex-src=https://www.healthinsurance.net/&ex-hargs=v%3D1.0%3B...

43 B
674 B

109ms
109ms

Image
image/gif

52.46.130.13
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3D7dcb44b5-b96b-40e5-10da-dbe017b7d6dc%26type%3D14%26m%3D1&ex-fch=416613&ex-src=https://www.healthinsurance.net/&ex-hargs=v%3D1.0%3Bc%3D7715990030901%3Bp%3D7DCB44B5-B96B-40E5-10DA-DBE017B7D6DC&dcc=t
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=eb0eae78d08559cc9171abce007d46af&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=eb0eae78d08559cc9171abce007d46af&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.46.130.13 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Oct 2019 15:29:31 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 22 Oct 2019 15:29:30 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3D7dcb44b5-b96b-40e5-10da-dbe017b7d6dc%26type%3D14%26m%3D1&ex-fch=416613&ex-src=https://www.healthinsurance.net/&ex-hargs=v%3D1.0%3Bc%3D7715990030901%3Bp%3D7DCB44B5-B96B-40E5-10DA-DBE017B7D6DC&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 loader.js Show response
www.gstatic.com/wcm/ 422 B
416 B 5ms
5ms Script
text/javascript 2a00:1450:4001:824::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/wcm/loader.js

Requested by

Host: cdn.assurance.com
URL: https://cdn.assurance.com/insurance/public/assets/install/healthinsurance/google_nums-4fa943c533adc193617c8826b5d07c87de1c952ef757fb2f4551e6e65cd1c49e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

cbb6560ed1e9e91e2ceb73f50c333bf5fd86d56839161bf5383a1dd44faf5bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 22 Oct 2019 14:43:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 02 Oct 2019 19:45:00 GMT
server: sffe
age: 2767
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 286
x-xss-protection: 0
expires: Tue, 22 Oct 2019 15:43:23 GMT

GET
H2 200 cf934278-b099-eb50-bf86-105a165fcb4e.js Show response
create.lidstatic.com/campaign/ 122 KB
39 KB 115ms
37ms Script
text/javascript 2606:4700:10::6814:4b82
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://create.lidstatic.com/campaign/cf934278-b099-eb50-bf86-105a165fcb4e.js?snippet_version=2
Requested by: Host: cdn.assurance.com
URL: https://cdn.assurance.com/insurance/public/assets/leadid-fc8ec001faf2a4299e345bfe462404de9efca8ddca4b663821b8f65865f4dc9b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4b82 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d3af696c2533f25ef034358c8d15cc791fa1539c40058c6bfcef813cbaeda20

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 22 Oct 2019 15:29:30 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1012
status: 200
x-amz-replication-status: COMPLETED
x-amz-request-id: B60E3E21F0B441A9
x-amz-id-2: d3e0UcjW0z/TLLwJ1xMSxdqGY2aT5TEG2yzss7Sy1/GFKVaLrtmDzhUJIarmtC7B0Yr69X4N44c=
last-modified: Wed, 25 Apr 2018 20:36:01 GMT
server: cloudflare
etag: W/"3ea0b096baa971b909a35c48d07c8594"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=1800
x-amz-version-id: 9wVYTyhMD0sMyMEprga7nOjqwgqVYS0P
cf-ray: 529c81d7bf585982-VIE
expires: Tue, 22 Oct 2019 15:59:30 GMT

GET
H2 200 trustedform.js Show response
api.trustedform.com/ 3 KB
1 KB 447ms
130ms Script
application/javascript 50.97.168.187
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=15717581707560.7081303671253913&invert_field_sensitivity=false

Requested by

Host: cdn.assurance.com
URL: https://cdn.assurance.com/insurance/public/assets/trustedForm-351e617fe9eba5db39ecdff23a83d6dc680e286691aa48fad095225902d3238d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.97.168.187 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

bb.a8.6132.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

39977e2adaac74b95db35ecc0811389da8c948fc8de1f9eb86290b83ed7ef646

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Tue, 22 Oct 2019 15:29:31 GMT
cache-control: max-age=0, private, must-revalidate
server: nginx
content-encoding: gzip
strict-transport-security: max-age=15768000
content-type: application/javascript; charset=utf-8

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Host: cdn.assurance.com
URL: https://cdn.assurance.com/insurance/public/assets/customer-f59824bef9933206c1ebf4358f41097b123fcba75a060e6b030d5ce6ed160eb5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Origin: https://healthinsurance.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 11 Oct 2019 14:51:43 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:44 GMT
server: sffe
age: 952667
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9180
x-xss-protection: 0
expires: Sat, 10 Oct 2020 14:51:43 GMT

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame E7B0 0
0 51ms
51ms Document
text/html 2a00:1450:4001:820::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcQnacUAAAAAPLgJfUTwV3S6-izNvVWMwXVutm-&co=aHR0cHM6Ly9oZWFsdGhpbnN1cmFuY2UubmV0OjQ0Mw..&hl=en&v=5fbZx3NV5xhaMoMLrZV3TkN4&size=invisible&cb=dzm58ifa1zi3

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5fbZx3NV5xhaMoMLrZV3TkN4/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jlhYFyQvqqAFjuAR3p8Ohg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LcQnacUAAAAAPLgJfUTwV3S6-izNvVWMwXVutm-&co=aHR0cHM6Ly9oZWFsdGhpbnN1cmFuY2UubmV0OjQ0Mw..&hl=en&v=5fbZx3NV5xhaMoMLrZV3TkN4&size=invisible&cb=dzm58ifa1zi3
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 22 Oct 2019 15:29:30 GMT
content-security-policy: script-src 'report-sample' 'nonce-jlhYFyQvqqAFjuAR3p8Ohg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 9026
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 collect
www.google-analytics.com/ 35 B
122 B 6ms
6ms Image
image/gif 2a00:1450:4001:814::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=1371497337&t=pageview&_s=1&dl=https%3A%2F%2Fhealthinsurance.net%2Fhi_wizard%2F%3Futm_source%3Dwex4%26utm_medium%3Dcpl%26utm_campaign%3D201465%26utm_content%3Deb0eae78d08559cc9171abce007d46af%26utm_term%3D22384%26offer_id%3D79%26transaction_id%3D102b001f90348ca89c3adff09078e4%26aff_sub%3D201465%26aff_sub5%3D%26aff_sub3%3D22384%26aff_sub2%3Deb0eae78d08559cc9171abce007d46af%26aff_sub4%3D%26utm_kxconfid%3Dt4kwo0a21&dr=http%3A%2F%2Fcrossmelody.com%2Fclicks%3Fcid%3D22384%26pub%3D201465%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&dp=%2Fhi_wizard%2F%3Futm_source%3Dwex4%26utm_medium%3Dcpl%26utm_campaign%3D201465%26utm_content%3Deb0eae78d08559cc9171abce007d46af%26utm_term%3D22384%26offer_id%3D79%26transaction_id%3D102b001f90348ca89c3adff09078e4%26aff_sub%3D201465%26aff_sub5%3D%26aff_sub3%3D22384%26aff_sub2%3Deb0eae78d08559cc9171abce007d46af%26aff_sub4%3D%26utm_kxconfid%3Dt4kwo0a21&ul=en-us&de=UTF-8&dt=HealthInsurance.net%20%7C%20Get%20a%20Quote&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YGBAgEAB~&jid=1508959435&gjid=1298014858&cid=211340466.1571758171&tid=UA-73253617-1&_gid=1641874700.1571758171&gtm=2wgaa0WQLF25&z=1559984501

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Oct 2019 17:11:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 944298
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-73253617-1&cid=211340466.1571758171&jid=1508959435&gjid=1298014858&_gid=1641874700.1571758171&_u=YGBAgEAB~&z=116173092
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-73253617-1&cid=211340466.1571758171&jid=1508959435&_v=j79&z=116173092
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-73253617-1&cid=211340466.1571758171&jid=1508959435&_v=j79&z=116173092&slf_rd=1&random=2660816900

42 B
109 B

28ms
28ms

Image
image/gif

2a00:1450:4001:821::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-73253617-1&cid=211340466.1571758171&jid=1508959435&_v=j79&z=116173092&slf_rd=1&random=2660816900

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Oct 2019 15:29:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 22 Oct 2019 15:29:30 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-73253617-1&cid=211340466.1571758171&jid=1508959435&_v=j79&z=116173092&slf_rd=1&random=2660816900
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1559003231076682 Show response
connect.facebook.net/signals/config/ 50 KB
10 KB 36ms
36ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1559003231076682?v=2.9.5&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

f97384a88b6c49998d45661bc19397381d8d8f8a4c88ae7860f53ae066951615

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-23=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: qjQod5ApY6lRVtNdjnr1tym4tJpZJYHjUSLnRBXg/JBD6ku43LNfhSG90iegsEUvlq0GTy+2pGJg5IChTBxjVg==
x-fb-trip-id: 1850256238
x-frame-options: DENY
date: Tue, 22 Oct 2019 15:29:30 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 1618.js Show response
cdn.pbbl.co/r/ 8 KB
3 KB 59ms
8ms Script
application/javascript 52.85.183.7
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.pbbl.co/r/1618.js

Requested by

Host: www.variousmedicalproblems.com
URL: http://www.variousmedicalproblems.com/bucking-spotlessly/f126AY2s395y8D6N17iLQ237tnB2eg4bb6v24khDvv8EvDiwI8f4rbw8wEGsi8aRDomSnK7NkvN1i06jkNOih

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.85.183.7 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-52-85-183-7.fra50.r.cloudfront.net

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

a74701a99f1ba9af05c5282eedfaa76cb1ad2d7d0f9e22dead4d70b189a6f4dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 18:34:34 GMT
content-encoding: gzip
last-modified: Tue, 15 Oct 2019 01:37:22 GMT
server: nginx/1.10.3 (Ubuntu)
x-amz-cf-pop: FRA50
status: 200
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 74f98ee8547ec50a6b9a4c3d010e1e0d.cloudfront.net (CloudFront)
cache-control: max-age=1800, public
strict-transport-security: max-age=31536000
x-amz-cf-id: hT12Sg71h7Hx1xka5dXASl86QfvNlUK40swDhEr-O3p601T0c6RyhQ==
x-xss-protection: 1
expires: Mon, 21 Oct 2019 19:04:34 GMT

GET
H2 200 t0 Show response
c1.ox-bio.com/ 21 KB
21 KB 411ms
101ms Script
application/javascript 199.68.195.197
QuoVadis Services...

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.ox-bio.com/t0?oxtrk=141&oxhrt=fb47614a-b32a-ac49-f027-0b0a982cd7df&oxuid=ASS0001&cid1=wex4&cid2=201465&cid3=126415499
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQLF25
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 199.68.195.197 Hamilton, Bermuda, ASN19626 (EVC-AS - QuoVadis Services Limited, BM),
Reverse DNS
Software: /
Resource Hash: 006be37b08922c49fdbaf8122e5507d2a2808adf961a2e81306826ba0d73153a

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Tue, 22 Oct 2019 15:29:31 GMT
cache-control: no-cache, must-revalidate
expires: Tue, 25 Dec 2018 14:00:00 GMT
content-type: application/javascript

GET
H2 200 impl-1_32.js Show response
www.gstatic.com/wcm/ 30 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:824::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/wcm/impl-1_32.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

9cc17f2a29825643f4ab4b92f34c6fe5e9b12f1dd87068a07c4933488fd880f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 17 Oct 2019 13:45:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 05 Aug 2019 17:45:00 GMT
server: sffe
age: 438220
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 12298
x-xss-protection: 0
expires: Fri, 16 Oct 2020 13:45:50 GMT

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
551 B 24ms
8ms Image
image/gif 13.224.196.122
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=HealthInsurance.net%20%7C%20Get%20a%20Quote&time=1571758170857&time_zone_offset=-120&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=http%3A%2F%2Fcrossmelody.com%2Fclicks%3Fcid%3D22384%26pub%3D201465%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&host_url=https%3A%2F%2Fhealthinsurance.net%2Fhi_wizard%2F%3Futm_source%3Dwex4%26utm_medium%3Dcpl%26utm_campaign%3D201465%26utm_content%3Deb0eae78d08559cc9171abce007d46af%26utm_term%3D22384%26offer_id%3D79%26transaction_id%3D102b001f90348ca89c3adff09078e4%26aff_sub%3D201465%26aff_sub5%3D%26aff_sub3%3D22384%26aff_sub2%3Deb0eae78d08559cc9171abce007d46af%26aff_sub4%3D%26utm_kxconfid%3Dt4kwo0a21%23health%2FUrgency&random_number=5235174057&sess_cookie=eea8705c16df41662e8412ba874&sess_cookie_flag=1&user_cookie=eea8705c16df41662e8412ba874&user_cookie_flag=1&dynamic=true&domain=healthinsurance.net&account=jC7Om1aMp4Z3fn&jsv=20130128&user_lang=en-US
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=eb0eae78d08559cc9171abce007d46af&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=eb0eae78d08559cc9171abce007d46af&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.196.122 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-196-122.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 21 Oct 2019 20:25:44 GMT
Via: 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 70328
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: FRA2-C1
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: MicoBq_9faM9pQDjSznUtGeM-OE4Ma1-GBPKGDTqQC6o_pfcYeCK5w==

GET
H2 200 10061771.json Show response
s.yimg.com/wi/config/ 2 B
481 B 151ms
126ms XHR
application/json 2a00:1288:f03d:1fa::2000
Oath Holdings Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10061771.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1 - Oath Holdings Inc., US),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 22 Oct 2019 15:29:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2
status: 200
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: DE6E53D10813DDF8
x-amz-id-2: XgJE1BLF+jXGYbQ66eq2FQF58C+ufGS5CDBdMaA7OUiukyYHE3iHd144QfgcJtnBnXitNvxw/Es=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600

GET
H2 200 /
www.facebook.com/tr/ 44 B
205 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1559003231076682&ev=PageView&dl=https%3A%2F%2Fhealthinsurance.net%2Fhi_wizard%2F%3Futm_source%3Dwex4%26utm_medium%3Dcpl%26utm_campaign%3D201465%26utm_content%3Deb0eae78d08559cc9171abce007d46af%26utm_term%3D22384%26offer_id%3D79%26transaction_id%3D102b001f90348ca89c3adff09078e4%26aff_sub%3D201465%26aff_sub5%3D%26aff_sub3%3D22384%26aff_sub2%3Deb0eae78d08559cc9171abce007d46af%26aff_sub4%3D%26utm_kxconfid%3Dt4kwo0a21%23health%2FUrgency&rl=http%3A%2F%2Fcrossmelody.com%2Fclicks%3Fcid%3D22384%26pub%3D201465%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&if=false&ts=1571758170865&sw=1600&sh=1200&v=2.9.5&r=stable&ec=0&o=28&fbp=fb.1.1571758170864.1049838571&it=1571758170800&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 22 Oct 2019 15:29:30 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-23=":443"; ma=3600
content-length: 44
expires: Tue, 22 Oct 2019 15:29:30 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
251 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1559003231076682&ev=Fragment&dl=https%3A%2F%2Fhealthinsurance.net%2Fhi_wizard%2F%3Futm_source%3Dwex4%26utm_medium%3Dcpl%26utm_campaign%3D201465%26utm_content%3Deb0eae78d08559cc9171abce007d46af%26utm_term%3D22384%26offer_id%3D79%26transaction_id%3D102b001f90348ca89c3adff09078e4%26aff_sub%3D201465%26aff_sub5%3D%26aff_sub3%3D22384%26aff_sub2%3Deb0eae78d08559cc9171abce007d46af%26aff_sub4%3D%26utm_kxconfid%3Dt4kwo0a21%23health%2FUrgency&rl=http%3A%2F%2Fcrossmelody.com%2Fclicks%3Fcid%3D22384%26pub%3D201465%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&if=false&ts=1571758170865&cd[page]=%2Fhi_wizard%2F%3Futm_source%3Dwex4%26utm_medium%3Dcpl%26utm_campaign%3D201465%26utm_content%3Deb0eae78d08559cc9171abce007d46af%26utm_term%3D22384%26offer_id%3D79%26transaction_id%3D102b001f90348ca89c3adff09078e4%26aff_sub%3D201465%26aff_sub5%3D%26aff_sub3%3D22384%26aff_sub2%3Deb0eae78d08559cc9171abce007d46af%26aff_sub4%3D%26utm_kxconfid%3Dt4kwo0a21&sw=1600&sh=1200&v=2.9.5&r=stable&ec=1&o=28&fbp=fb.1.1571758170864.1049838571&it=1571758170800&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 22 Oct 2019 15:29:30 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-23=":443"; ma=3600
content-length: 44
expires: Tue, 22 Oct 2019 15:29:30 GMT

GET
H2 204 0
bat.bing.com/action/ 0
148 B 46ms
46ms Image
text/plain 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5223060&Ver=2&mid=ff27c101-7496-5bd9-c07f-8f1e8efa4853&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=HealthInsurance.net%20%7C%20Get%20a%20Quote&p=https%3A%2F%2Fhealthinsurance.net%2Fhi_wizard%2F%3Futm_source%3Dwex4%26utm_medium%3Dcpl%26utm_campaign%3D201465%26utm_content%3Deb0eae78d08559cc9171abce007d46af%26utm_term%3D22384%26offer_id%3D79%26transaction_id%3D102b001f90348ca89c3adff09078e4%26aff_sub%3D201465%26aff_sub5%3D%26aff_sub3%3D22384%26aff_sub2%3Deb0eae78d08559cc9171abce007d46af%26aff_sub4%3D%26utm_kxconfid%3Dt4kwo0a21%23health%2FUrgency&r=http%3A%2F%2Fcrossmelody.com%2Fclicks%3Fcid%3D22384%26pub%3D201465%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&lt=867&evt=pageLoad&msclkid=N&rn=173181
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=eb0eae78d08559cc9171abce007d46af&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=eb0eae78d08559cc9171abce007d46af&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Tue, 22 Oct 2019 15:29:30 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 48FC2924B7FA47B1AAD7D5A6CE1EAD91 Ref B: VIEEDGE1021 Ref C: 2019-10-22T15:29:30Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

adadvisor.gif
px0.pbbl.co/
Redirect Chain

https://px0.pbbl.co/ns/__p2.gif?brid=1618&brcid=126415499&email=&orderId=null&orderValue=&productId=&offerCode=&label=&pageUrl=https%3A%2F%2Fhealthinsurance.net%2Fhi_wizard%2F%3Futm_source%3Dwex4%2...
https://aa.agkn.com/adscores/g.pixel?sid=9212282598&_ppid=b369f083-40c1-483b-a4ca-13d3d1e2bf37&_segid=99&iid=31ac2511-9fd3-4f3a-815b-5396c6e14f47
https://px0.pbbl.co/adadvisor.gif?segment=000&_ppid=b369f083-40c1-483b-a4ca-13d3d1e2bf37&_segid=99&_zip=&hk=&iid=31ac2511-9fd3-4f3a-815b-5396c6e14f47&mt=&bd=

42 B
153 B

197ms
197ms

Image
image/gif

2a00:1450:4001:81a::2013
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://px0.pbbl.co/adadvisor.gif?segment=000&_ppid=b369f083-40c1-483b-a4ca-13d3d1e2bf37&_segid=99&_zip=&hk=&iid=31ac2511-9fd3-4f3a-815b-5396c6e14f47&mt=&bd=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Oct 2019 15:29:31 GMT
x-content-type-options: nosniff
server: Google Frontend
content-type: image/gif; charset=utf-8
status: 200
x-cloud-trace-context: bccb821be77effdfda955b7205a7af59
cache-control: must-revalidate, no-cache, no-store
content-length: 42
x-xss-protection: 1
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 22 Oct 2019 15:29:31 GMT
server: AAWebServer
status: 302
p3p: policyref="http://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://px0.pbbl.co/adadvisor.gif?segment=000&_ppid=b369f083-40c1-483b-a4ca-13d3d1e2bf37&_segid=99&_zip=&hk=&iid=31ac2511-9fd3-4f3a-815b-5396c6e14f47&mt=&bd=
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H/1.1 200
OK controltag.js.05f9d0dad02f8a1b0b028b868bc3a3e2 Show response
cdn.krxd.net/ctjs/ 248 KB
80 KB 6ms
5ms Script
application/javascript 151.101.112.175
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.05f9d0dad02f8a1b0b028b868bc3a3e2
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/t2d2miw0x.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.175 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 7daa8dfc1349542ca90836b9becde99fa9bdf0b0599db5513c55ecbe556009a4

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-CDN-Backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
Date: Tue, 22 Oct 2019 15:29:30 GMT
Content-Encoding: gzip
Age: 8388261
X-Cache: HIT
X-Cache-Hits: 928688
Connection: keep-alive
Content-Length: 81058
X-Served-By: cache-hhn4022-HHN
Last-Modified: Tue, 16 Jul 2019 17:45:11 GMT
X-Timer: S1571758171.884663,VS0,VE0
ETag: "05f9d0dad02f8a1b0b028b868bc3a3e2"
Content-Type: application/javascript
Via: 1.1 varnish
Cache-Control: public, max-age=315360000
Accept-Ranges: bytes
Expires: Fri, 13 Jul 2029 17:45:10 GMT

POST
H/1.1 200
OK GenerateToken Show response
create.leadid.com/2.5.2/ 36 B
847 B 401ms
131ms XHR
text/plain 34.196.64.206
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.5.2/GenerateToken?msn=1&pid=eb8a5091-88d1-477b-9f61-de3a8a636b6b&_=181729029
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/cf934278-b099-eb50-bf86-105a165fcb4e.js?snippet_version=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.64.206 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-196-64-206.compute-1.amazonaws.com
Software: nginx/1.10.1 / PHP/7.1.30
Resource Hash: 9d21d531e5fee026a9a92b4a4227fe963b31f7792b6f2d67bcbba9764e574be3

Request headers

Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Tue, 22 Oct 2019 15:29:31 GMT
Content-Encoding: gzip
Server: nginx/1.10.1
X-Powered-By: PHP/7.1.30
Access-Control-Max-Age: 1728000
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 53
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

/
healthinsurance.net/hi_wizard/
Redirect Chain

https://apiservices.krxd.net/click_tracker/track?kxconfid=t2unfouy2&kxcampaignid=wex4&kxplacementid=healthinsurance.net&kxsiteid=22384&clk=https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm...
https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=eb0eae78d08559cc9171abce007d46af&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3a...

64 KB
64 KB

273ms
273ms

Image
text/html

35.171.253.12
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.171.253.12 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-35-171-253-12.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-runtime: 0.178992
date: Tue, 22 Oct 2019 15:29:31 GMT
content-encoding: gzip
referrer-policy: same-origin
x-frame-options: ALLOWALL
etag: W/"fdd502a720f2255ca69387f4aefd173f"
vary: Origin
content-type: text/html; charset=utf-8
status: 200
cache-control: max-age=0, private, must-revalidate
assur-appversion: 1.0.1010
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-request-id: c8d88ce9-f97b-470a-ba85-0ca1d5936532

Redirect headers

Date: Tue, 22 Oct 2019 15:29:31 GMT
Via: 1.1 varnish (Varnish/5.2), 1.1 varnish
Age: 0, 0, 0
X-Served-By: click-tracker-main006.krxd.net, cache-hhn4078-HHN
X-Cache: MISS, MISS
Location: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=eb0eae78d08559cc9171abce007d46af&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=eb0eae78d08559cc9171abce007d46af&aff_sub4=&utm_kxconfid=t4kwo0a21
Connection: keep-alive
Accept-Ranges: bytes, bytes
X-Timer: S1571758171.997148,VS0,VE97
Content-Length: 0
X-Cache-Hits: 0, 0

GET
H/1.1 200
OK ca0023cf-396a-4831-8c8e-b18b28057cb6 Show response
consumer.krxd.net/consent/get/ 239 B
620 B 48ms
31ms Script
text/javascript 151.101.12.175
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/ca0023cf-396a-4831-8c8e-b18b28057cb6?idt=device&dt=kxcookie&callback=Krux.ns.assuranceiq.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.05f9d0dad02f8a1b0b028b868bc3a3e2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.175 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: c2806369a98dd5cb31f806a64d79a70b301bcdc29c6e3dcf35929c3204f8cc65

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 22 Oct 2019 15:29:31 GMT
Via: 1.1 varnish
Age: 0
Accept-Ranges: bytes
X-Served-By: consumer-a015-dub-prod.krxd.net, cache-fra19147-FRA
Vary: Accept-Encoding
X-Cache: MISS, MISS
Content-Type: text/javascript; charset=UTF-8
Content-Encoding: gzip
Cache-Control: max-age=1800
Connection: keep-alive
X-Age: 0
X-Timer: S1571758171.106179,VS0,VE25
Content-Length: 194
X-Cache-Hits: 0, 0

POST
H2 200 verify_token Show response
healthinsurance.net/ 14 B
517 B 316ms
312ms XHR
application/json 35.171.253.12
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://healthinsurance.net/verify_token

Requested by

Host: cdn.assurance.com
URL: https://cdn.assurance.com/insurance/public/assets/customer-f59824bef9933206c1ebf4358f41097b123fcba75a060e6b030d5ce6ed160eb5.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.171.253.12 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-35-171-253-12.compute-1.amazonaws.com

Software

Resource Hash

7cd85494eb375cc958155aca095fd0bae01e24f777c4ce4059e2edb82324618c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=eb0eae78d08559cc9171abce007d46af&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=eb0eae78d08559cc9171abce007d46af&aff_sub4=&utm_kxconfid=t4kwo0a21
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 22 Oct 2019 15:29:31 GMT
x-content-type-options: nosniff
status: 200
assur-appversion: 1.0.1010
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
x-xss-protection: 1; mode=block
x-request-id: 4ea31274-0fbe-4a75-a2c0-bb6277d054ad
x-runtime: 0.207848
referrer-policy: same-origin
x-frame-options: ALLOWALL
etag: W/"7cd85494eb375cc958155aca095fd0ba"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate

GET
H2 200 / Show response
na5.thunderhead.com/one/rt/web/onetag/ONE-QJJVTVNQNN-2522/ 477 B
535 B 301ms
172ms Script
application/javascript 51.105.108.194
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://na5.thunderhead.com/one/rt/web/onetag/ONE-QJJVTVNQNN-2522/?pv=&tid=&flash=true&uri=https%3A%2F%2Fhealthinsurance.net%2Fhi_wizard%2F%3Futm_source%3Dwex4%26utm_medium%3Dcpl%26utm_campaign%3D201465%26utm_content%3Deb0eae78d08559cc9171abce007d46af%26utm_term%3D22384%26offer_id%3D79%26transaction_id%3D102b001f90348ca89c3adff09078e4%26aff_sub%3D201465%26aff_sub3%3D22384%26aff_sub2%3Deb0eae78d08559cc9171abce007d46af%26utm_kxconfid%3Dt4kwo0a21&_1571758171257&callback=THX_1571758171257_91

Requested by

Host: na5.cdn.thunderhead.com
URL: https://na5.cdn.thunderhead.com/one/rt/js/one-tag.js?siteKey=ONE-QJJVTVNQNN-2522

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.105.108.194 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Resource Hash

6e658f20c1f52e47fc856bb3ac1feba6c36aadf2ffced52dd4e2df4da5e4f071

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 22 Oct 2019 15:29:11 GMT
content-encoding: gzip
x-one-req-metric: 1571758171472;12;2
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: no-store
strict-transport-security: max-age=15768000

GET
H/1.1 200
OK iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame C574 0
0 52ms
6ms Document
text/html 13.224.197.12
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=22EC1493-E9B8-23EC-238B-F4DEBCB9B88C&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.5.2&lck=CF934278-B099-EB50-BF86-105A165FCB4E&lac=8AA3F211-CA81-3833-51B1-095D2985DA90
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/cf934278-b099-eb50-bf86-105a165fcb4e.js?snippet_version=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.197.12 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-197-12.fra2.r.cloudfront.net
Software: nginx/1.10.1 /
Resource Hash

Request headers

Host: d2m2wsoho8qq12.cloudfront.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate

Response headers

Content-Type: text/html
Content-Length: 1440
Connection: keep-alive
Content-Encoding: gzip
Date: Tue, 22 Oct 2019 01:58:18 GMT
ETag: W/"5dada451-da5"
Last-Modified: Mon, 21 Oct 2019 12:28:01 GMT
P3P: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
Server: nginx/1.10.1
X-Cache: Hit from cloudfront
Via: 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C1
X-Amz-Cf-Id: YqVj4YEuxHqza27BUDBPgcbGULiu4WfYcJ8HTRY7ftnfE7RTsHjnDg==
Age: 48641

POST
H/1.1 200
OK SaveDom Show response
create.leadid.com/2.5.2/ 0
814 B 94ms
94ms XHR
text/plain 34.196.64.206
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.5.2/SaveDom?msn=2&pid=eb8a5091-88d1-477b-9f61-de3a8a636b6b&token=22EC1493-E9B8-23EC-238B-F4DEBCB9B88C&_=181729030
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/cf934278-b099-eb50-bf86-105a165fcb4e.js?snippet_version=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.64.206 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-196-64-206.compute-1.amazonaws.com
Software: nginx/1.10.1 / PHP/7.1.30
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Tue, 22 Oct 2019 15:29:31 GMT
Content-Encoding: gzip
Server: nginx/1.10.1
X-Powered-By: PHP/7.1.30
Access-Control-Max-Age: 1728000
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK InitFormData Show response
create.leadid.com/2.5.2/ 0
814 B 190ms
97ms XHR
text/plain 34.196.64.206
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.5.2/InitFormData?msn=3&pid=eb8a5091-88d1-477b-9f61-de3a8a636b6b&token=22EC1493-E9B8-23EC-238B-F4DEBCB9B88C&_=181729031
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/cf934278-b099-eb50-bf86-105a165fcb4e.js?snippet_version=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.64.206 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-196-64-206.compute-1.amazonaws.com
Software: nginx/1.10.1 / PHP/7.1.30
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Tue, 22 Oct 2019 15:29:31 GMT
Content-Encoding: gzip
Server: nginx/1.10.1
X-Powered-By: PHP/7.1.30
Access-Control-Max-Age: 1728000
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 t.js Show response
api.trustedform.com/360ecd14a6ebcaeb7aea5c4298c32b7bc37e4d8f/ 57 KB
21 KB 133ms
133ms Script
application/javascript 50.97.168.187
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.trustedform.com/360ecd14a6ebcaeb7aea5c4298c32b7bc37e4d8f/t.js?lo=https%3A%2F%2Fhealthinsurance.net%2Fhi_wizard%2F%3Futm_source%3Dwex4%26utm_medium%3Dcpl%26utm_campaign%3D201465%26utm_content%3Deb0eae78d08559cc9171abce007d46af%26utm_term%3D22384%26offer_id%3D79%26transaction_id%3D102b001f90348ca89c3adff09078e4%26aff_sub%3D201465%26aff_sub5%3D%26aff_sub3%3D22384%26aff_sub2%3Deb0eae78d08559cc9171abce007d46af%26aff_sub4%3D%26utm_kxconfid%3Dt4kwo0a21%23health%2FUrgency&l=15717581707560.7081303671253913&f=false&n=5ba5ee334c8b383b1fdccd2f4be041aca8849f79&cs=g3QAAAACZAABdGJdryBbZAABdnQAAAAEbQAAAAVmaWVsZG0AAAAUeHhUcnVzdGVkRm9ybUNlcnRVcmxtAAAAGGludmVydF9maWVsZF9zZW5zaXRpdml0eWQABWZhbHNlbQAAAAFsbQAAAB8xNTcxNzU4MTcwNzU2MC43MDgxMzAzNjcxMjUzOTEzbQAAABBwcm92aWRlX3JlZmVycmVyZAAFZmFsc2U%3D&csh=fU4pHaCTGkKNcjmYTooJN11ZU20tQ1FIZWXmnrzkR2E%3D

Requested by

Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=15717581707560.7081303671253913&invert_field_sensitivity=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.97.168.187 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

bb.a8.6132.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

cd9c670c4ed93473a63df39a7b4f76de1e1f165f945ab20f23d60d42b3addea0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Tue, 22 Oct 2019 15:29:31 GMT
cache-control: max-age=0, private, must-revalidate
server: nginx
content-encoding: gzip
strict-transport-security: max-age=15768000
content-type: application/javascript; charset=utf-8

GET
H2 200 /
c1.ox-bio.com/t04/ 43 B
76 B 103ms
102ms Image
image/gif 199.68.195.197
QuoVadis Services...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c1.ox-bio.com/t04/?v=201941369204010180&oxtrk=141&zk=be27cba5-f4e0-11e9-9fca-005056acfea9&zl=1105&ts0=1571758171325&zm=0
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=eb0eae78d08559cc9171abce007d46af&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=eb0eae78d08559cc9171abce007d46af&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 199.68.195.197 Hamilton, Bermuda, ASN19626 (EVC-AS - QuoVadis Services Limited, BM),
Reverse DNS
Software: /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Tue, 22 Oct 2019 15:29:31 GMT
content-length: 43
content-type: image/gif

POST
H2 200 h Show response
api.trustedform.com/360ecd14a6ebcaeb7aea5c4298c32b7bc37e4d8f/ 0
262 B 519ms
260ms XHR
text/html 50.97.168.187
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.trustedform.com/360ecd14a6ebcaeb7aea5c4298c32b7bc37e4d8f/h?n=388d9f7302e1855900fd77cfff5f14d155b33ae6&l=15717581707560.7081303671253913&a=1&ce=z&t=cors

Requested by

Host: api.trustedform.com
URL: https://api.trustedform.com/360ecd14a6ebcaeb7aea5c4298c32b7bc37e4d8f/t.js?lo=https%3A%2F%2Fhealthinsurance.net%2Fhi_wizard%2F%3Futm_source%3Dwex4%26utm_medium%3Dcpl%26utm_campaign%3D201465%26utm_content%3Deb0eae78d08559cc9171abce007d46af%26utm_term%3D22384%26offer_id%3D79%26transaction_id%3D102b001f90348ca89c3adff09078e4%26aff_sub%3D201465%26aff_sub5%3D%26aff_sub3%3D22384%26aff_sub2%3Deb0eae78d08559cc9171abce007d46af%26aff_sub4%3D%26utm_kxconfid%3Dt4kwo0a21%23health%2FUrgency&l=15717581707560.7081303671253913&f=false&n=5ba5ee334c8b383b1fdccd2f4be041aca8849f79&cs=g3QAAAACZAABdGJdryBbZAABdnQAAAAEbQAAAAVmaWVsZG0AAAAUeHhUcnVzdGVkRm9ybUNlcnRVcmxtAAAAGGludmVydF9maWVsZF9zZW5zaXRpdml0eWQABWZhbHNlbQAAAAFsbQAAAB8xNTcxNzU4MTcwNzU2MC43MDgxMzAzNjcxMjUzOTEzbQAAABBwcm92aWRlX3JlZmVycmVyZAAFZmFsc2U%3D&csh=fU4pHaCTGkKNcjmYTooJN11ZU20tQ1FIZWXmnrzkR2E%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.97.168.187 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

bb.a8.6132.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 22 Oct 2019 15:29:32 GMT
server: nginx
status: 200
access-control-max-age: 1728000
access-control-allow-methods: POST
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=15768000
access-control-allow-headers: Content-Type,Content-Length,X-Requested-With
content-length: 0

GET
H/1.1 200
OK iui3
s.amazon-adsystem.com/ 43 B
674 B 92ms
92ms Image
image/gif 52.46.130.13
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3D7dcb44b5-b96b-40e5-10da-dbe017b7d6dc%26type%3D14%26m%3D1&ex-fch=416613&ex-src=https://www.healthinsurance.net/&ex-hargs=v%3D1.0%3Bc%3D7715990030901%3Bp%3D7DCB44B5-B96B-40E5-10DA-DBE017B7D6DC
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/360ecd14a6ebcaeb7aea5c4298c32b7bc37e4d8f/t.js?lo=https%3A%2F%2Fhealthinsurance.net%2Fhi_wizard%2F%3Futm_source%3Dwex4%26utm_medium%3Dcpl%26utm_campaign%3D201465%26utm_content%3Deb0eae78d08559cc9171abce007d46af%26utm_term%3D22384%26offer_id%3D79%26transaction_id%3D102b001f90348ca89c3adff09078e4%26aff_sub%3D201465%26aff_sub5%3D%26aff_sub3%3D22384%26aff_sub2%3Deb0eae78d08559cc9171abce007d46af%26aff_sub4%3D%26utm_kxconfid%3Dt4kwo0a21%23health%2FUrgency&l=15717581707560.7081303671253913&f=false&n=5ba5ee334c8b383b1fdccd2f4be041aca8849f79&cs=g3QAAAACZAABdGJdryBbZAABdnQAAAAEbQAAAAVmaWVsZG0AAAAUeHhUcnVzdGVkRm9ybUNlcnRVcmxtAAAAGGludmVydF9maWVsZF9zZW5zaXRpdml0eWQABWZhbHNlbQAAAAFsbQAAAB8xNTcxNzU4MTcwNzU2MC43MDgxMzAzNjcxMjUzOTEzbQAAABBwcm92aWRlX3JlZmVycmVyZAAFZmFsc2U%3D&csh=fU4pHaCTGkKNcjmYTooJN11ZU20tQ1FIZWXmnrzkR2E%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.46.130.13 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Oct 2019 15:29:31 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 f Show response
api.trustedform.com/360ecd14a6ebcaeb7aea5c4298c32b7bc37e4d8f/ 0
263 B 387ms
130ms XHR
text/html 50.97.168.187
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.trustedform.com/360ecd14a6ebcaeb7aea5c4298c32b7bc37e4d8f/f?l=15717581707560.7081303671253913&n=89c2c65da902e9dff5df030817b106f7ca4a4fde&rn=0&a=1&t=cors

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.97.168.187 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

bb.a8.6132.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 22 Oct 2019 15:29:31 GMT
server: nginx
status: 200
access-control-max-age: 1728000
access-control-allow-methods: POST
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=15768000
access-control-allow-headers: Content-Type,Content-Length,X-Requested-With
content-length: 0

POST
H2 200 md Show response
api.trustedform.com/360ecd14a6ebcaeb7aea5c4298c32b7bc37e4d8f/ 0
262 B 370ms
131ms XHR
text/html 50.97.168.187
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.trustedform.com/360ecd14a6ebcaeb7aea5c4298c32b7bc37e4d8f/md?a=1&t=cors

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.97.168.187 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

bb.a8.6132.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 22 Oct 2019 15:29:31 GMT
server: nginx
status: 200
access-control-max-age: 1728000
access-control-allow-methods: POST
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=15768000
access-control-allow-headers: Content-Type,Content-Length,X-Requested-With
content-length: 0

GET
H2

200

/
healthinsurance.net/hi_wizard/
Redirect Chain

https://apiservices.krxd.net/click_tracker/track?kxconfid=t2unfouy2&kxcampaignid=wex4&kxplacementid=healthinsurance.net&kxsiteid=22384&clk=https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm...
https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=eb0eae78d08559cc9171abce007d46af&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3a...

64 KB
64 KB

191ms
190ms

Image
text/html

35.171.253.12
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.171.253.12 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-35-171-253-12.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-runtime: 0.098122
date: Tue, 22 Oct 2019 15:29:31 GMT
content-encoding: gzip
referrer-policy: same-origin
x-frame-options: ALLOWALL
etag: W/"fc9c4a8e4102cd0e12e55b3b849a76c6"
vary: Origin
content-type: text/html; charset=utf-8
status: 200
cache-control: max-age=0, private, must-revalidate
assur-appversion: 1.0.1010
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-request-id: 62760445-f90e-4b87-a500-f1ae59579c03

Redirect headers

Date: Tue, 22 Oct 2019 15:29:31 GMT
Via: 1.1 varnish (Varnish/5.2), 1.1 varnish
Age: 0
X-Served-By: click-tracker-main006.krxd.net, cache-hhn4078-HHN
X-Cache: MISS, MISS
Location: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=eb0eae78d08559cc9171abce007d46af&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=eb0eae78d08559cc9171abce007d46af&aff_sub4=&utm_kxconfid=t4kwo0a21
Connection: keep-alive
Accept-Ranges: bytes
X-Timer: S1571758172.681521,VS0,VE92
Content-Length: 0
X-Cache-Hits: 0, 0

GET
H2 204 0
bat.bing.com/action/ 0
196 B 47ms
46ms Image
text/plain 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5223060&Ver=2&mid=ff27c101-7496-5bd9-c07f-8f1e8efa4853&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=HealthInsurance.net%20%7C%20Get%20a%20Quote&p=https%3A%2F%2Fhealthinsurance.net%2Fhi_wizard%2F%3Futm_source%3Dwex4%26utm_medium%3Dcpl%26utm_campaign%3D201465%26utm_content%3Deb0eae78d08559cc9171abce007d46af%26utm_term%3D22384%26offer_id%3D79%26transaction_id%3D102b001f90348ca89c3adff09078e4%26aff_sub%3D201465%26aff_sub5%3D%26aff_sub3%3D22384%26aff_sub2%3Deb0eae78d08559cc9171abce007d46af%26aff_sub4%3D%26utm_kxconfid%3Dt4kwo0a21%23health%2FUrgency&r=http%3A%2F%2Fcrossmelody.com%2Fclicks%3Fcid%3D22384%26pub%3D201465%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&lt=867&evt=pageLoad&msclkid=N&rn=173181
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=eb0eae78d08559cc9171abce007d46af&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=eb0eae78d08559cc9171abce007d46af&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Tue, 22 Oct 2019 15:29:31 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 7B05102B19FF49B1BD63332B35F068F9 Ref B: VIEEDGE1021 Ref C: 2019-10-22T15:29:31Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK Snap Show response
create.leadid.com/2.5.2/ 0
814 B 355ms
268ms XHR
text/plain 34.196.64.206
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.5.2/Snap?msn=4&pid=eb8a5091-88d1-477b-9f61-de3a8a636b6b&token=22EC1493-E9B8-23EC-238B-F4DEBCB9B88C&_=181729032
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/cf934278-b099-eb50-bf86-105a165fcb4e.js?snippet_version=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.64.206 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-196-64-206.compute-1.amazonaws.com
Software: nginx/1.10.1 / PHP/7.1.30
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Tue, 22 Oct 2019 15:29:32 GMT
Content-Encoding: gzip
Server: nginx/1.10.1
X-Powered-By: PHP/7.1.30
Access-Control-Max-Age: 1728000
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK InitFormData Show response
create.leadid.com/2.5.2/ 0
814 B 94ms
94ms XHR
text/plain 34.196.64.206
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.5.2/InitFormData?msn=5&pid=eb8a5091-88d1-477b-9f61-de3a8a636b6b&token=22EC1493-E9B8-23EC-238B-F4DEBCB9B88C&_=181729033
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/cf934278-b099-eb50-bf86-105a165fcb4e.js?snippet_version=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.64.206 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-196-64-206.compute-1.amazonaws.com
Software: nginx/1.10.1 / PHP/7.1.30
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Tue, 22 Oct 2019 15:29:31 GMT
Content-Encoding: gzip
Server: nginx/1.10.1
X-Powered-By: PHP/7.1.30
Access-Control-Max-Age: 1728000
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 wcm Show response
www.googleadservices.com/pagead/conversion/935576559/ 39 B
208 B 15ms
15ms XHR
application/json 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/935576559/wcm?cl=7HnFCP6uk20Q74ePvgM&fb=8445054450&callback=corscb

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/impl-1_32.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

333377b61fb0f9ab69caa42a5d3969e1443e97831a9a993b1ad27dd8cbd17f56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 22 Oct 2019 15:29:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://healthinsurance.net
cache-control: private
access-control-allow-credentials: true
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 59
x-xss-protection: 0

GET
H2 200 optout_check Show response
beacon.krxd.net/ 84 B
243 B 28ms
28ms Script
text/javascript 52.17.139.14
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.assuranceiq.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.05f9d0dad02f8a1b0b028b868bc3a3e2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.139.14 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-17-139-14.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6cece559e90142945361d0da571eac402d8b74ce8aa7953a76b09c68c8e6086c

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Tue, 22 Oct 2019 15:29:32 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=23 t=1571758172
content-type: text/javascript
x-served-by: beacon-n001-dub-prod.krxd.net

GET
H2 200 /
c1.ox-bio.com/k2/ 43 B
88 B 103ms
102ms Image
image/gif 199.68.195.197
QuoVadis Services...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c1.ox-bio.com/k2/?v=53184128348782.164&oxtrk=141&oxuid=ASS0001&zk=be27cba5-f4e0-11e9-9fca-005056acfea9&zl=1105&zt=0&ts1=59&ts2=3&ts3=60&ts4=762&zm=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 199.68.195.197 Hamilton, Bermuda, ASN19626 (EVC-AS - QuoVadis Services Limited, BM),
Reverse DNS
Software: /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Tue, 22 Oct 2019 15:29:32 GMT
content-length: 43
content-type: image/gif

GET
H2 200 /
c1.ox-bio.com/t02/ 43 B
65 B 103ms
103ms Image
image/gif 199.68.195.197
QuoVadis Services...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c1.ox-bio.com/t02/?v=53184128348782.164&oxtrk=141&oxuid=ASS0001&zk=be27cba5-f4e0-11e9-9fca-005056acfea9&zl=1105&pq=%5Bwl%5Dhttps%3A%2F%2Fhealthinsurance.net%2Fhi_wizard%2F%3Futm_source%3Dwex4%26utm_medium%3Dcpl%26utm_campaign%3D201465%26utm_content%3Deb0eae78d08559cc9171abce007d46af%26utm_term%3D22384%26offer_id%3D79%26transaction_id%3D102b001f90348ca89c3adff09078e4%26aff_sub%3D201465%26aff_sub5%3D%26aff_sub3%3D22384%26aff_sub2%3Deb0eae78d08559cc9171abce007d46af%26aff_sub4%3D%26utm_kxconfid%3Dt4kwo0a21%23health%2FUrgency|%5Bwpl%5Dsac|%5Bdr%5Dhttp%3A%2F%2Fcrossmelody.com%2Fclicks%3Fcid%3D22384%26pub%3D201465%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D|%5Bdl%5Dsaw|%5Bdlh%5Dsaw|&qr0=13&qr1=4139002591&qr2=895785942&qr3=3307132076&qr4=3556468209&qr5=&qr6=1213749909&qr7=546963351&qr8=862810276&qr9=0&qrA=0&qrB=0&qrC=0&qrD=0&qrE=0&qrF=0&qrG=&qrH=312387816079384&qrI=3&qrJ=12&qrK=0&qrL=315308-25-251793-50-332785-75-327533-100&qrM=undefined&qrN=en-US&qrO=4139002591&qrP=1656739337&qrQ=CHh59Dd38FFFFFDd1Hh1Dd1Hh1Dd1Hh1Dd1Dd1IHh1Dd1Dd1Dd1Dd1GFHh1Jj1FHh2I3Dd1FEd1Ed4I1Hh1c.72994&qrT=0&qrS=30302356-1983831476-3620111094-0-1968627222-0-2154035776-2022792331-3034716695-2565859640-2896749692-1165954045-2154035776-2826480794-601887476-970309156-385866172-0-0-0-0-0-2565859640-2896749692-0-0-&ts5=903&zm=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 199.68.195.197 Hamilton, Bermuda, ASN19626 (EVC-AS - QuoVadis Services Limited, BM),
Reverse DNS
Software: /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Tue, 22 Oct 2019 15:29:32 GMT
content-length: 43
content-type: image/gif

GET
H2 200 wcm Show response
www.google.de/pagead/attribution/ 17 B
212 B 16ms
15ms XHR
application/json 2a00:1450:4001:821::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.de/pagead/attribution/wcm?cl=7HnFCP6uk20Q74ePvgM&fb=8445054450&use_ssct=1&callback=corscb&ref=http%3A//crossmelody.com/clicks%3Fcid%3D22384%26pub%3D201465%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/impl-1_32.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

298f43e50bca9522b9df850442cb53fb51580aa277a3feb754aed322ea644159

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 22 Oct 2019 15:29:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://healthinsurance.net
cache-control: private
access-control-allow-credentials: true
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37
x-xss-protection: 0

POST
H/1.1 200
OK Snap Show response
create.leadid.com/2.5.2/ 0
814 B 96ms
96ms XHR
text/plain 34.196.64.206
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.5.2/Snap?msn=6&pid=eb8a5091-88d1-477b-9f61-de3a8a636b6b&token=22EC1493-E9B8-23EC-238B-F4DEBCB9B88C&_=181729034
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/cf934278-b099-eb50-bf86-105a165fcb4e.js?snippet_version=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.64.206 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-196-64-206.compute-1.amazonaws.com
Software: nginx/1.10.1 / PHP/7.1.30
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Tue, 22 Oct 2019 15:29:32 GMT
Content-Encoding: gzip
Server: nginx/1.10.1
X-Powered-By: PHP/7.1.30
Access-Control-Max-Age: 1728000
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK Snap Show response
create.leadid.com/2.5.2/ 0
814 B 96ms
95ms XHR
text/plain 34.196.64.206
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.5.2/Snap?msn=7&pid=eb8a5091-88d1-477b-9f61-de3a8a636b6b&token=22EC1493-E9B8-23EC-238B-F4DEBCB9B88C&_=181729035
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/cf934278-b099-eb50-bf86-105a165fcb4e.js?snippet_version=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.64.206 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-196-64-206.compute-1.amazonaws.com
Software: nginx/1.10.1 / PHP/7.1.30
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Tue, 22 Oct 2019 15:29:32 GMT
Content-Encoding: gzip
Server: nginx/1.10.1
X-Powered-By: PHP/7.1.30
Access-Control-Max-Age: 1728000
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 e Show response
api.trustedform.com/360ecd14a6ebcaeb7aea5c4298c32b7bc37e4d8f/ 0
262 B 130ms
130ms XHR
text/html 50.97.168.187
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.trustedform.com/360ecd14a6ebcaeb7aea5c4298c32b7bc37e4d8f/e?cs=g2JdryBb&csh=DGyFnwY4ZVKdyzokBcvD4ke1hC3Mpqdpqz%252FR%252Fnw4Tec%253D&a=1&t=cors

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.97.168.187 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

bb.a8.6132.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 22 Oct 2019 15:29:32 GMT
server: nginx
status: 200
access-control-max-age: 1728000
access-control-allow-methods: POST
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=15768000
access-control-allow-headers: Content-Type,Content-Length,X-Requested-With
content-length: 0

POST
H2 200 e Show response
api.trustedform.com/360ecd14a6ebcaeb7aea5c4298c32b7bc37e4d8f/ 0
263 B 445ms
129ms XHR
text/html 50.97.168.187
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.trustedform.com/360ecd14a6ebcaeb7aea5c4298c32b7bc37e4d8f/e?cs=g2JdryBb&csh=DGyFnwY4ZVKdyzokBcvD4ke1hC3Mpqdpqz%252FR%252Fnw4Tec%253D&a=1&t=cors

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.97.168.187 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

bb.a8.6132.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 22 Oct 2019 15:29:39 GMT
server: nginx
status: 200
access-control-max-age: 1728000
access-control-allow-methods: POST
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=15768000
access-control-allow-headers: Content-Type,Content-Length,X-Requested-With
content-length: 0

Verdicts & Comments Add Verdict or Comment

231 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.openx.net/	1970-01-19 13:21:34	Name: i Value: a47ca3db-3b4b-0272-083b-bee48aba9acc\|1571758171
.openx.net/	1970-01-19 04:57:34	Name: pd Value: v2\|1571758171\|mOkimWiygu
.amazon-adsystem.com/	1970-01-21 02:09:05	Name: ad-privacy Value: 0
.amazon-adsystem.com/	1970-01-19 10:40:17	Name: ad-id Value: A74-rIHjTk35hqP8xkuKz2c
healthinsurance.net/	1969-12-31 23:59:59	Name: test_split_health_stm_tests Value: show
.deviceid.trueleadid.com/	1970-01-25 20:28:19	Name: uuid Value: 49c5a78b70b94a64a9760c14ef6f4bbc
healthinsurance.net/	1969-12-31 23:59:59	Name: leadid_token-8AA3F211-CA81-3833-51B1-095D2985DA90-CF934278-B099-EB50-BF86-105A165FCB4E Value: 22EC1493-E9B8-23EC-238B-F4DEBCB9B88C
healthinsurance.net/	1969-12-31 23:59:59	Name: test_split_remove_exit_blocker Value: control
healthinsurance.net/	1969-12-31 23:59:59	Name: test_split_recaptcha-badge Value: show
healthinsurance.net/	1969-12-31 23:59:59	Name: _insurance_session Value: ee4b6a5aa5a3ca3be982ee5f33284415
healthinsurance.net/	1969-12-31 23:59:59	Name: test_split_health_recommendation_tests Value: control
.google.com/	1970-01-19 08:59:29	Name: NID Value: 189=a-afh0efw4Vyf_yysuxLk9ePo5aRafXXTY4Wvj6hJzPLXvkWrPUW97p9ruwO59ZO2gTjEZfI7dRwQZLwPEtV3aToVT6vHIRVjqSeoTFd0aOrQullAstt6gtXIlSjXZzyCXQ8Wn6WN_c68pobCGhl5KYq5izf30p_X1_pAqBKvbs
healthinsurance.net/	1969-12-31 23:59:59	Name: test_split_health_ds_quotes Value: show

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	(Line 1) Message: utm_source: wex4
console-api	log	(Line 1) Message: utm_term: 22384
console-api	log	(Line 2) Message: DMP pixel rendered, check 'track?kxconfid' with 302 status for proper fire
console-api	warning	URL: https://na5.cdn.thunderhead.com/one/rt/js/one-tag.js?siteKey=ONE-QJJVTVNQNN-2522(Line 1) Message: ONE - TID not found: undefined undefined
console-api	warning	URL: https://na5.cdn.thunderhead.com/one/rt/js/one-tag.js?siteKey=ONE-QJJVTVNQNN-2522(Line 1) Message: No points of type [Optimization Point] to inject.
console-api	warning	URL: https://na5.cdn.thunderhead.com/one/rt/js/one-tag.js?siteKey=ONE-QJJVTVNQNN-2522(Line 1) Message: No points of type [Capture Point] to inject.
console-api	warning	URL: https://na5.cdn.thunderhead.com/one/rt/js/one-tag.js?siteKey=ONE-QJJVTVNQNN-2522(Line 1) Message: No points of type [Tracking Point] to inject.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
api.trustedform.com
apiservices.krxd.net
bat.bing.com
beacon.krxd.net
c1.ox-bio.com
cdn.assurance.com
cdn.krxd.net
cdn.pbbl.co
cdnjs.cloudflare.com
certify.alexametrics.com
connect.facebook.net
consumer.krxd.net
create.leadid.com
create.lidstatic.com
crossmelody.com
d2m2wsoho8qq12.cloudfront.net
d2ysjycjrua9tt.cloudfront.net
d31qbv1cthcecs.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
healthinsurance.net
js.honeybadger.io
na5.cdn.thunderhead.com
na5.thunderhead.com
px0.pbbl.co
s.amazon-adsystem.com
s.yimg.com
sp.analytics.yahoo.com
stats.g.doubleclick.net
tracking.healthinsurance.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.variousmedicalproblems.com
13.224.196.122
13.224.196.43
13.224.197.12
143.204.101.113
143.204.101.44
151.101.112.175
151.101.12.175
199.68.195.197
212.82.100.181
216.58.210.2
23.95.199.211
2600:9000:20eb:bc00:1:1faa:9040:93a1
2606:4700:10::6814:4b82
2606:4700:30::6812:3589
2606:4700::6813:c497
2620:1ec:bdf::10
2620:1ec:c11::200
2a00:1288:f03d:1fa::2000
2a00:1450:4001:80b::2003
2a00:1450:4001:814::200e
2a00:1450:4001:815::2008
2a00:1450:4001:81a::2013
2a00:1450:4001:81e::200a
2a00:1450:4001:820::2004
2a00:1450:4001:821::2003
2a00:1450:4001:824::2003
2a00:1450:400c:c04::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.196.64.206
35.171.253.12
50.97.168.187
51.105.108.194
52.17.139.14
52.28.175.104
52.46.130.13
52.85.183.7
54.229.131.31
006be37b08922c49fdbaf8122e5507d2a2808adf961a2e81306826ba0d73153a
080b58bfb270a0738da291bfc8693cbf683d222ee761597e682e29e21f6f76fc
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1121422aa828fb8f2f421b88b5d2437c78e51cd43a338094ec62ada2012887b1
115e92ecc8cd17434bd87f305829287c2b633cc7c79fef3db40c812466c50189
1198497bc336def8414ca4ec9f429fbb3c38afbacbb4e7b2a3f939941bbc4f58
160c7e4d078b73b5cbbd15b4beaaaeb5c0f9ce71e812ade40a8c23c7f088bcbe
19a6fc420de5f5f42811e6fb6cb2855c8a42241d7257934b47ec3a7dc0549c29
19cfca88e33cb1f56e957f1a653d3acad97f7cc927d0b2e329a80ead264578d3
23451db084e5b7b10dc5b25145dd5703999acf5fd82f5f5cae58a4e6d43e6611
26b6ded1f4da5ed4f61226c7a1f36be06d422b4b2ca54262103bc354ef732bc7
298f43e50bca9522b9df850442cb53fb51580aa277a3feb754aed322ea644159
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
30a08b8de480b1dfd34301b0b7e4ec5627d3cd5e2ab5b379cd661db9f8d38d9c
333377b61fb0f9ab69caa42a5d3969e1443e97831a9a993b1ad27dd8cbd17f56
351e617fe9eba5db39ecdff23a83d6dc680e286691aa48fad095225902d3238d
373a0505368dab061278aa0b7243dc58fc165a25f8b0286d57f8835d06ab6e27
39977e2adaac74b95db35ecc0811389da8c948fc8de1f9eb86290b83ed7ef646
43edb1b8c528cad45d89b9159707736e95e18f00a3db547c64f039e5abeda203
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4fa943c533adc193617c8826b5d07c87de1c952ef757fb2f4551e6e65cd1c49e
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
556dd6874d80f240e42525b0b3a6535dfac43ae3fbebbe0ebe44014847b2af4e
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
62400bc84c0bbc6c3d92853f1dc29871b5f5b247b2cf4ca92bbe9cb496ba2c60
6afe06ce88b927163790138f2746fdc4e268ec563ca5967f991f8da10e4479bf
6cece559e90142945361d0da571eac402d8b74ce8aa7953a76b09c68c8e6086c
6e658f20c1f52e47fc856bb3ac1feba6c36aadf2ffced52dd4e2df4da5e4f071
7973f6d4de8da495c0a4a870d6b50fff04cc246e1628364160f8486e7f3a1f3e
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7cd85494eb375cc958155aca095fd0bae01e24f777c4ce4059e2edb82324618c
7daa8dfc1349542ca90836b9becde99fa9bdf0b0599db5513c55ecbe556009a4
7edb2213c1f4f569617389783ba544f9997d11a1fc5e54406582b25967bfde66
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7
9404cee30e4489a7ed4d6de2dd92aa8e4386fd5ff1c81ebcea77f581952eac31
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9cc17f2a29825643f4ab4b92f34c6fe5e9b12f1dd87068a07c4933488fd880f7
9d21d531e5fee026a9a92b4a4227fe963b31f7792b6f2d67bcbba9764e574be3
9d3af696c2533f25ef034358c8d15cc791fa1539c40058c6bfcef813cbaeda20
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a5a03ffb74678bd02d15096bdb6d36f08338cde8f8f51d7fa8c2cc3df9e6f4e5
a74701a99f1ba9af05c5282eedfaa76cb1ad2d7d0f9e22dead4d70b189a6f4dd
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ae54cf1b3625f10b88e3c48fadc128db1c48b6c25d2e04de1528cf778e3decbe
b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
bc5efe0814deaf9314fcd65d6c9d924ea008d2637945fae0acc3860c45deb1e3
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2806369a98dd5cb31f806a64d79a70b301bcdc29c6e3dcf35929c3204f8cc65
c3c0f5a1e3c2f4e7471c3cf34ce7b3f10540750c3b05fdb5b1576d5be1f9170b
c6ad34199939ca4211eea0d25cdee444b7e6664af475ef70a9d741fba834f0f7
cbb649035cc0aab0434ac418212ee6ae2674f68670d0767b3231ce13049747a5
cbb6560ed1e9e91e2ceb73f50c333bf5fd86d56839161bf5383a1dd44faf5bc2
cd9c670c4ed93473a63df39a7b4f76de1e1f165f945ab20f23d60d42b3addea0
d0c09059b130934708891c275fcbff50edeb7776fa1943b2ade4859d958c9960
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e15eb5040e99ce3f51d49580272bd18e4f2b5030b312315500916fd075e6a5e8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea1c3eaefeb1b4e7a6d3fa97f320b3397e4f5d112afcb758e62513852b573423
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f060c3e136630ce60b5fa1088d68a7a1fd048b0d75c19a4ddae58e8723c0b1fe
f59824bef9933206c1ebf4358f41097b123fcba75a060e6b030d5ce6ed160eb5
f97384a88b6c49998d45661bc19397381d8d8f8a4c88ae7860f53ae066951615
fc8ec001faf2a4299e345bfe462404de9efca8ddca4b663821b8f65865f4dc9b

healthinsurance.net Open in urlscan Pro 35.171.253.12 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

89 Requests

97 %HTTPS

47 %IPv6

30 Domains

39 Subdomains

35 IPs

8 Countries

1069 kBTransfer

2425 kBSize

13 Cookies

2 Outgoing links

Page URL History

Redirected requests

89 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

healthinsurance.net Open in urlscan Pro
35.171.253.12 Public Scan

Screenshot
Live screenshot

Full Image

89
Requests

97 %
HTTPS

47 %
IPv6

30
Domains

39
Subdomains

35
IPs

8
Countries

1069 kB
Transfer

2425 kB
Size

13
Cookies

89 HTTP transactions
0 data transactions