healthinsurance.net Open in urlscan Pro
52.203.139.140 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.tecnotreina.com/mechanism-aurally/be84q2395X8T6C17e23N21Gfpkph4afeV20d8DhIiDrfvbGIxIgErIx8qRxomQnQ7N1AY0KU6aW02ih
Effective URL:
https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=12fbc2ff7b8c32303ecc38...
Submission: On October 09 via manual (October 9th 2019, 10:20:07 am UTC) from AU

Summary HTTP 76 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 33 IPs in 7 countries across 29 domains to perform 76 HTTP transactions. The main IP is 52.203.139.140, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is healthinsurance.net.
TLS certificate: Issued by Amazon on January 8th 2019. Valid for: a year.

This is the only time healthinsurance.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:30:... 2606:4700:30::681c:4b5	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	23.95.199.211 23.95.199.211	36352 (AS-COLOCR...) (AS-COLOCROSSING - ColoCrossing)
1 1	52.31.242.98 52.31.242.98	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	52.203.139.140 52.203.139.140	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:818::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
14	143.204.101.112 143.204.101.112	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4	2606:4700::68... 2606:4700::6813:c697	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	13.32.99.191 13.32.99.191	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 3	2a00:1450:400... 2a00:1450:4001:81d::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:814::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2600:9000:20a... 2600:9000:20ac:9400:1:1faa:9040:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4	2a00:1450:400... 2a00:1450:4001:816::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	13.224.196.80 13.224.196.80	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
2	2a00:1288:f03... 2a00:1288:f03d:1fa::2000	10310 (YAHOO-1) (YAHOO-1 - Oath Holdings Inc.)
2 4	72.21.206.140 72.21.206.140	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	151.101.112.175 151.101.112.175	54113 (FASTLY) (FASTLY - Fastly)
1	2620:1ec:bdf::10 2620:1ec:bdf::10	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
1	188.125.66.33 188.125.66.33	34010 (YAHOO-IRD) (YAHOO-IRD)
1	2606:4700:10:... 2606:4700:10::6814:4b82	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	13.32.99.13 13.32.99.13	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4	199.68.195.197 199.68.195.197	19626 (EVC-AS) (EVC-AS - QuoVadis Services Limited)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:821::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	13.225.78.115 13.225.78.115	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	51.105.108.194 51.105.108.194	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
1 1	151.101.12.175 151.101.12.175	54113 (FASTLY) (FASTLY - Fastly)
1 2	2a00:1450:400... 2a00:1450:4001:809::2013	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	52.28.175.104 52.28.175.104	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
5	34.236.206.109 34.236.206.109	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	13.35.175.105 13.35.175.105	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	216.58.210.2 216.58.210.2	15169 (GOOGLE) (GOOGLE - Google LLC)
1	54.154.68.131 54.154.68.131	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
76	33

1 2606:4700:30::681c:4b5 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.tecnotreina.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.95.199.211 (Buffalo, United States)

ASN36352 (AS-COLOCROSSING - ColoCrossing, US)
PTR: 23-95-199-211-host.colocrossing.com

crossmelody.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.242.98 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-31-242-98.eu-west-1.compute.amazonaws.com

tracking.healthinsurance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.203.139.140 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-203-139-140.compute-1.amazonaws.com

healthinsurance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 143.204.101.112 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-112.fra50.r.cloudfront.net

cdn.assurance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:c697 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.191 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-99-191.prg50.r.cloudfront.net

js.honeybadger.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81d::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:20ac:9400:1:1faa:9040:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

d2ysjycjrua9tt.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.196.80 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-224-196-80.fra2.r.cloudfront.net

d31qbv1cthcecs.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:f03d:1fa::2000 (United Kingdom)

ASN10310 (YAHOO-1 - Oath Holdings Inc., US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 72.21.206.140 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: 206-140.amazon.com

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.112.175 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:bdf::10 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

na5.cdn.thunderhead.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.125.66.33 (Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:4b82 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

create.lidstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.13 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-99-13.prg50.r.cloudfront.net

cdn.pbbl.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 199.68.195.197 (Hamilton, Bermuda)

ASN19626 (EVC-AS - QuoVadis Services Limited, BM)

c1.ox-bio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.115 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-225-78-115.fra2.r.cloudfront.net

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.105.108.194 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

na5.thunderhead.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.175 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY - Fastly, US)

apiservices.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2013 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

px0.pbbl.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.175.104 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-28-175-104.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.236.206.109 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-236-206-109.compute-1.amazonaws.com

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.175.105 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-175-105.fjr50.r.cloudfront.net

d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.210.2 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.154.68.131 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-154-68-131.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	assurance.com cdn.assurance.com	339 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	139 KB
5	leadid.com create.leadid.com	4 KB
5	krxd.net 1 redirects cdn.krxd.net apiservices.krxd.net consumer.krxd.net beacon.krxd.net	87 KB
5	cloudfront.net d2ysjycjrua9tt.cloudfront.net d31qbv1cthcecs.cloudfront.net d2m2wsoho8qq12.cloudfront.net	51 KB
4	ox-bio.com c1.ox-bio.com	21 KB
4	amazon-adsystem.com 2 redirects s.amazon-adsystem.com	2 KB
4	cloudflare.com cdnjs.cloudflare.com	83 KB
4	healthinsurance.net 1 redirects tracking.healthinsurance.net healthinsurance.net	63 KB
3	pbbl.co 1 redirects cdn.pbbl.co px0.pbbl.co	4 KB
3	google.com 1 redirects www.google.com	991 B
2	facebook.com www.facebook.com	455 B
2	google.de www.google.de	288 B
2	thunderhead.com na5.cdn.thunderhead.com na5.thunderhead.com	27 KB
2	yimg.com s.yimg.com	6 KB
2	bing.com bat.bing.com	8 KB
2	facebook.net connect.facebook.net	49 KB
2	google-analytics.com www.google-analytics.com	18 KB
2	crossmelody.com crossmelody.com	5 KB
1	googleadservices.com www.googleadservices.com	208 B
1	agkn.com 1 redirects aa.agkn.com	381 B
1	alexametrics.com certify.alexametrics.com	551 B
1	doubleclick.net 1 redirects stats.g.doubleclick.net	161 B
1	lidstatic.com create.lidstatic.com	39 KB
1	yahoo.com sp.analytics.yahoo.com	448 B
1	googletagmanager.com www.googletagmanager.com	30 KB
1	honeybadger.io js.honeybadger.io	4 KB
1	googleapis.com fonts.googleapis.com	804 B
1	tecnotreina.com www.tecnotreina.com	569 B
76	29

	Domain	Requested by
14	cdn.assurance.com	healthinsurance.net
5	create.leadid.com	create.lidstatic.com
4	c1.ox-bio.com	www.googletagmanager.com healthinsurance.net
4	s.amazon-adsystem.com	2 redirects www.tecnotreina.com healthinsurance.net
4	fonts.gstatic.com	cdn.assurance.com
4	cdnjs.cloudflare.com	healthinsurance.net
3	d2ysjycjrua9tt.cloudfront.net	healthinsurance.net
3	www.gstatic.com	www.google.com cdn.assurance.com www.gstatic.com
3	www.google.com	1 redirects healthinsurance.net www.gstatic.com
3	healthinsurance.net	crossmelody.com healthinsurance.net cdn.assurance.com
2	www.facebook.com	healthinsurance.net
2	px0.pbbl.co	1 redirects healthinsurance.net
2	www.google.de	healthinsurance.net www.gstatic.com
2	cdn.krxd.net	www.tecnotreina.com cdn.krxd.net
2	s.yimg.com	www.tecnotreina.com s.yimg.com
2	bat.bing.com	www.tecnotreina.com healthinsurance.net
2	connect.facebook.net	www.tecnotreina.com connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com healthinsurance.net
2	crossmelody.com	crossmelody.com
1	beacon.krxd.net	cdn.krxd.net
1	www.googleadservices.com	www.gstatic.com
1	d2m2wsoho8qq12.cloudfront.net	create.lidstatic.com
1	consumer.krxd.net	cdn.krxd.net
1	aa.agkn.com	1 redirects
1	apiservices.krxd.net	1 redirects
1	na5.thunderhead.com	na5.cdn.thunderhead.com
1	certify.alexametrics.com	healthinsurance.net
1	stats.g.doubleclick.net	1 redirects
1	cdn.pbbl.co	www.tecnotreina.com
1	create.lidstatic.com	cdn.assurance.com
1	sp.analytics.yahoo.com	healthinsurance.net
1	na5.cdn.thunderhead.com	www.tecnotreina.com
1	d31qbv1cthcecs.cloudfront.net	www.tecnotreina.com
1	www.googletagmanager.com	cdn.assurance.com
1	js.honeybadger.io	healthinsurance.net
1	fonts.googleapis.com	healthinsurance.net
1	tracking.healthinsurance.net	1 redirects
1	www.tecnotreina.com
76	38

This site contains links to these domains. Also see Links.

Domain
policies.google.com

Subject Issuer	Validity	Valid
*.healthinsurance.net Amazon	`2019-01-08` - `2020-02-08`	a year	crt.sh
*.googleapis.com GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
*.assurance.com Amazon	`2019-01-08` - `2020-02-08`	a year	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-08-10` - `2020-02-16`	6 months	crt.sh
*.honeybadger.io COMODO RSA Domain Validation Secure Server CA	`2017-06-07` - `2020-07-14`	3 years	crt.sh
www.google.com GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
*.google.com GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-09-22` - `2019-12-20`	3 months	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2019-09-17` - `2019-11-01`	a month	crt.sh
s.amazon-adsystem.com Amazon	`2018-12-12` - `2019-12-12`	a year	crt.sh
*.c.ssl.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-08-23` - `2020-08-23`	a year	crt.sh
*.cdn.thunderhead.com DigiCert SHA2 High Assurance Server CA	`2019-08-08` - `2021-10-27`	2 years	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2019-05-09` - `2019-11-05`	6 months	crt.sh
lidstatic.com CloudFlare Inc ECC CA-2	`2019-07-02` - `2020-07-01`	a year	crt.sh
*.pbbl.co Amazon	`2019-01-31` - `2020-02-29`	a year	crt.sh
ox-bio.com QuoVadis Global SSL ICA G2	`2017-08-01` - `2020-08-01`	3 years	crt.sh
www.google.de GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
certify.alexametrics.com Amazon	`2019-07-26` - `2020-08-26`	a year	crt.sh
*.thunderhead.com DigiCert SHA2 High Assurance Server CA	`2019-08-14` - `2021-11-16`	2 years	crt.sh
px0.pbbl.co COMODO RSA Domain Validation Secure Server CA	`2016-11-23` - `2019-11-23`	3 years	crt.sh
create.leadid.com Amazon	`2019-01-16` - `2020-02-16`	a year	crt.sh
www.googleadservices.com GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
*.krxd.net DigiCert SHA2 Secure Server CA	`2019-04-11` - `2020-04-11`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=12fbc2ff7b8c32303ecc386904394229&utm_term=22384&offer_id=79&transaction_id=1027afcd86b4c2d2d83322b53237ab&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=12fbc2ff7b8c32303ecc386904394229&aff_sub4=&utm_kxconfid=t4kwo0a21
Frame ID: E422B1F78C5CF42791515E74C8DC5820
Requests: 73 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D574a79c7-dd25-c41a-f3cd-9713f309b8eb%26type%3D43%26m%3D1&ex-fch=416613&ex-src=https://www.healthinsurance.net/&ex-hargs=v%3D1.0%3Bc%3D4565912920301%3Bp%3D574A79C7-DD25-C41A-F3CD-9713F309B8EB&cb=266797399967442020&dcc=t
Frame ID: D4361D980F29F3A1DD5C1021E45A4AB8
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcQnacUAAAAAPLgJfUTwV3S6-izNvVWMwXVutm-&co=aHR0cHM6Ly9oZWFsdGhpbnN1cmFuY2UubmV0OjQ0Mw..&hl=en&v=xw1jR43fRSpRG88iDviKn3qM&size=invisible&cb=sr4x1sf24cgu
Frame ID: 468222B40B5955133AA103104D01BFD1
Requests: 1 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=7445207F-651E-BE68-A29E-94D9DF44C336&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.5.2&lck=CF934278-B099-EB50-BF86-105A165FCB4E&lac=8AA3F211-CA81-3833-51B1-095D2985DA90
Frame ID: A35192B41F463FE4DB8ED99AB2598B3E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.tecnotreina.com/mechanism-aurally/be84q2395X8T6C17e23N21Gfpkph4afeV20d8DhIiDrfvbGIxIgErIx8qR... Page URL
http://crossmelody.com/clicks?cid=22384&pub=201465&sid1=&sid2=&sid3=&sid4= Page URL
https://tracking.healthinsurance.net/aff_c?offer_id=79&aff_id=1265&aff_sub=201465&aff_sub2=12fbc2ff7b8c32303ecc38... HTTP 302
https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=12... Page URL

Detected technologies

Ruby (Programming Languages) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

76
Requests

96 %
HTTPS

49 %
IPv6

29
Domains

38
Subdomains

33
IPs

7
Countries

980 kB
Transfer

2320 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://policies.google.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.tecnotreina.com/mechanism-aurally/be84q2395X8T6C17e23N21Gfpkph4afeV20d8DhIiDrfvbGIxIgErIx8qRxomQnQ7N1AY0KU6aW02ih Page URL
http://crossmelody.com/clicks?cid=22384&pub=201465&sid1=&sid2=&sid3=&sid4= Page URL
https://tracking.healthinsurance.net/aff_c?offer_id=79&aff_id=1265&aff_sub=201465&aff_sub2=12fbc2ff7b8c32303ecc386904394229&aff_sub3=22384&aff_sub4=&aff_sub5= HTTP 302
https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=12fbc2ff7b8c32303ecc386904394229&utm_term=22384&offer_id=79&transaction_id=1027afcd86b4c2d2d83322b53237ab&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=12fbc2ff7b8c32303ecc386904394229&aff_sub4=&utm_kxconfid=t4kwo0a21 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D574a79c7-dd25-c41a-f3cd-9713f309b8eb%26type%3D43%26m%3D1&ex-fch=416613&ex-src=https://www.healthinsurance.net/&ex-hargs=v%3D1.0%3Bc%3D4565912920301%3Bp%3D574A79C7-DD25-C41A-F3CD-9713F309B8EB&cb=266797399967442020 HTTP 302
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D574a79c7-dd25-c41a-f3cd-9713f309b8eb%26type%3D43%26m%3D1&ex-fch=416613&ex-src=https://www.healthinsurance.net/&ex-hargs=v%3D1.0%3Bc%3D4565912920301%3Bp%3D574A79C7-DD25-C41A-F3CD-9713F309B8EB&cb=266797399967442020&dcc=t

Request Chain 41

https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3D7dcb44b5-b96b-40e5-10da-dbe017b7d6dc%26type%3D14%26m%3D1&ex-fch=416613&ex-src=https://www.healthinsurance.net/&ex-hargs=v%3D1.0%3Bc%3D7715990030901%3Bp%3D7DCB44B5-B96B-40E5-10DA-DBE017B7D6DC HTTP 302
https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3D7dcb44b5-b96b-40e5-10da-dbe017b7d6dc%26type%3D14%26m%3D1&ex-fch=416613&ex-src=https://www.healthinsurance.net/&ex-hargs=v%3D1.0%3Bc%3D7715990030901%3Bp%3D7DCB44B5-B96B-40E5-10DA-DBE017B7D6DC&dcc=t

Request Chain 49

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-73253617-1&cid=1126023351.1570616394&jid=1370782878&gjid=1660312181&_gid=476053845.1570616394&_u=YGBAgEAB~&z=1325360635 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-73253617-1&cid=1126023351.1570616394&jid=1370782878&_v=j79&z=1325360635 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-73253617-1&cid=1126023351.1570616394&jid=1370782878&_v=j79&z=1325360635&slf_rd=1&random=2516222883

Request Chain 57

https://apiservices.krxd.net/click_tracker/track?kxconfid=t2unfouy2&kxcampaignid=wex4&kxplacementid=healthinsurance.net&kxsiteid=22384&clk=https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=12fbc2ff7b8c32303ecc386904394229&utm_term=22384&offer_id=79&transaction_id=1027afcd86b4c2d2d83322b53237ab&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=12fbc2ff7b8c32303ecc386904394229&aff_sub4=&utm_kxconfid=t4kwo0a21 HTTP 302
https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=12fbc2ff7b8c32303ecc386904394229&utm_term=22384&offer_id=79&transaction_id=1027afcd86b4c2d2d83322b53237ab&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=12fbc2ff7b8c32303ecc386904394229&aff_sub4=&utm_kxconfid=t4kwo0a21

Request Chain 58

https://px0.pbbl.co/ns/__p2.gif?brid=1618&brcid=122191864&email=&orderId=null&orderValue=&productId=&offerCode=&label=&pageUrl=https%3A%2F%2Fhealthinsurance.net%2Fhi_wizard%2F%3Futm_source%3Dwex4%26utm_medium%3Dcpl%26utm_campaign%3D201465%26utm_content%3D12fbc2ff7b8c32303ecc386904394229%26utm_term%3D22384%26offer_id%3D79%26transaction_id%3D1027afcd86b4c2d2d83322b53237ab%26aff_sub%3D201465%26aff_sub5%3D%26aff_sub3%3D22384%26aff_sub2%3D12fbc2ff7b8c32303ecc386904394229%26aff_sub4%3D%26utm_kxconfid%3Dt4kwo0a21%23health%2FUrgency&referrerUrl=http%3A%2F%2Fcrossmelody.com%2Fclicks%3Fcid%3D22384%26pub%3D201465%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&targetUrl=https%3A%2F%2Fhealthinsurance.net%2Fhi_wizard%2F%3Futm_source%3Dwex4%26utm_medium%3Dcpl%26utm_campaign%3D201465%26utm_content%3D12fbc2ff7b8c32303ecc386904394229%26utm_term%3D22384%26offer_id%3D79%26transaction_id%3D1027afcd86b4c2d2d83322b53237ab%26aff_sub%3D201465%26aff_sub5%3D%26aff_sub3%3D22384%26aff_sub2%3D12fbc2ff7b8c32303ecc386904394229%26aff_sub4%3D%26utm_kxconfid%3Dt4kwo0a21%23health%2FUrgency&sessionId=&markerType=seg&rand=C38GlrVPSIH7cQCk&jsVer=2.7&markerId=341566 HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9212282598&_ppid=bc4a74b9-9dd9-4a55-9e23-dffdde5f309a&_segid=99&iid=4e0e8542-d338-48f3-add5-a729b33b580d HTTP 302
https://px0.pbbl.co/adadvisor.gif?segment=000&_ppid=bc4a74b9-9dd9-4a55-9e23-dffdde5f309a&_segid=99&_zip=&hk=&iid=4e0e8542-d338-48f3-add5-a729b33b580d&mt=&bd=

76 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set be84q2395X8T6C17e23N21Gfpkph4afeV20d8DhIiDrfvbGIxIgErIx8qRxomQnQ7N1AY0KU6aW02ih Show response
www.tecnotreina.com/mechanism-aurally/ 124 B
569 B 577ms
552ms Document
text/html 2606:4700:30::681c:4b5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://www.tecnotreina.com/mechanism-aurally/be84q2395X8T6C17e23N21Gfpkph4afeV20d8DhIiDrfvbGIxIgErIx8qRxomQnQ7N1AY0KU6aW02ih
Protocol: HTTP/1.1
Server: 2606:4700:30::681c:4b5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.3.3
Resource Hash: ae54cf1b3625f10b88e3c48fadc128db1c48b6c25d2e04de1528cf778e3decbe

Request headers

Host: www.tecnotreina.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 09 Oct 2019 10:19:51 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d591209791d2be3effc5000d14e1a4e771570616391; expires=Thu, 08-Oct-20 10:19:51 GMT; path=/; domain=.tecnotreina.com; HttpOnly
X-Powered-By: PHP/5.3.3
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 522f9e5e3df45a18-VIE
Content-Encoding: gzip

GET
H/1.1 200
OK clicks Show response
crossmelody.com/ 4 KB
5 KB 255ms
121ms Document
text/html 23.95.199.211
ColoCrossing

General

Check archive.org

Show headers Download Go to

Full URL: http://crossmelody.com/clicks?cid=22384&pub=201465&sid1=&sid2=&sid3=&sid4=
Protocol: HTTP/1.1
Server: 23.95.199.211 Buffalo, United States, ASN36352 (AS-COLOCROSSING - ColoCrossing, US),
Reverse DNS: 23-95-199-211-host.colocrossing.com
Software: nginx/1.12.2 / PHP/5.4.16
Resource Hash: 1763cff093122750f614e2c684f82b783e72be280849bcffdf6bb247d86185cf

Request headers

Host: crossmelody.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://www.tecnotreina.com/mechanism-aurally/be84q2395X8T6C17e23N21Gfpkph4afeV20d8DhIiDrfvbGIxIgErIx8qRxomQnQ7N1AY0KU6aW02ih
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.tecnotreina.com/mechanism-aurally/be84q2395X8T6C17e23N21Gfpkph4afeV20d8DhIiDrfvbGIxIgErIx8qRxomQnQ7N1AY0KU6aW02ih

Response headers

Server: nginx/1.12.2
Date: Wed, 09 Oct 2019 10:19:52 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.16

POST
H/1.1 200
OK index.php
crossmelody.com/ 234 B
426 B 472ms
472ms XHR
text/html 23.95.199.211
ColoCrossing

General

Check archive.org

Show headers Download Go to

Full URL: http://crossmelody.com/index.php
Requested by: Host: crossmelody.com
URL: http://crossmelody.com/clicks?cid=22384&pub=201465&sid1=&sid2=&sid3=&sid4=
Protocol: HTTP/1.1
Server: 23.95.199.211 Buffalo, United States, ASN36352 (AS-COLOCROSSING - ColoCrossing, US),
Reverse DNS: 23-95-199-211-host.colocrossing.com
Software: nginx/1.12.2 / PHP/5.4.16
Resource Hash

Request headers

Referer: http://crossmelody.com/clicks?cid=22384&pub=201465&sid1=&sid2=&sid3=&sid4=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Wed, 09 Oct 2019 10:19:52 GMT
Server: nginx/1.12.2
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Transfer-Encoding: chunked
Content-Type: text/html

GET
H2

200

Primary Request / Show response
healthinsurance.net/hi_wizard/
Redirect Chain

https://tracking.healthinsurance.net/aff_c?offer_id=79&aff_id=1265&aff_sub=201465&aff_sub2=12fbc2ff7b8c32303ecc386904394229&aff_sub3=22384&aff_sub4=&aff_sub5=
https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=12fbc2ff7b8c32303ecc386904394229&utm_term=22384&offer_id=79&transaction_id=1027afcd86b4c2d2d833...

51 KB
11 KB

479ms
272ms

Document
text/html

52.203.139.140
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=12fbc2ff7b8c32303ecc386904394229&utm_term=22384&offer_id=79&transaction_id=1027afcd86b4c2d2d83322b53237ab&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=12fbc2ff7b8c32303ecc386904394229&aff_sub4=&utm_kxconfid=t4kwo0a21

Requested by

Host: crossmelody.com
URL: http://crossmelody.com/clicks?cid=22384&pub=201465&sid1=&sid2=&sid3=&sid4=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.203.139.140 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-203-139-140.compute-1.amazonaws.com

Software

Resource Hash

952cbc40be5a5e672a04194f0f24106081baca3dd7fed7c25928841efff9d653

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: healthinsurance.net
:scheme: https
:path: /hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=12fbc2ff7b8c32303ecc386904394229&utm_term=22384&offer_id=79&transaction_id=1027afcd86b4c2d2d83322b53237ab&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=12fbc2ff7b8c32303ecc386904394229&aff_sub4=&utm_kxconfid=t4kwo0a21
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://crossmelody.com/clicks?cid=22384&pub=201465&sid1=&sid2=&sid3=&sid4=
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: http://crossmelody.com/clicks?cid=22384&pub=201465&sid1=&sid2=&sid3=&sid4=

Response headers

status: 200
date: Wed, 09 Oct 2019 10:19:53 GMT
content-type: text/html; charset=utf-8
x-frame-options: ALLOWALL
assur-appversion: 1.0.1005
etag: W/"952cbc40be5a5e672a04194f0f241060"
cache-control: max-age=0, private, must-revalidate
set-cookie: test_split_neighbors_message=control; path=/ test_split_mobile_phone_message=control; path=/ test_split_coverage_goals=control; path=/ test_split_health_ds_quotes=show; path=/ test_split_remove_exit_blocker=control; path=/ test_split_recaptcha-badge=show; path=/ test_split_grid_birthday=control; path=/ test_split_health_recommendation_tests=control; path=/ test_split_health_stm_tests=show; path=/ _insurance_session=7bc0e058260d3cece7fa578eaf39f74e; path=/; secure; HttpOnly
x-request-id: b7ad4da3-4076-4299-bbe8-781dd832c999
x-runtime: 0.174740
vary: Origin
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: same-origin
content-encoding: gzip

Redirect headers

status: 302
date: Wed, 09 Oct 2019 10:19:52 GMT
content-type: text/html; charset=iso-8859-1
content-length: 554
location: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=12fbc2ff7b8c32303ecc386904394229&utm_term=22384&offer_id=79&transaction_id=1027afcd86b4c2d2d83322b53237ab&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=12fbc2ff7b8c32303ecc386904394229&aff_sub4=&utm_kxconfid=t4kwo0a21
server: nginx/1.13.12
expires: Sat, 26 Jul 1997 05:00:00 GMT
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
x-robots-tag: noindex, nofollow
tracking_id: 1027afcd86b4c2d2d83322b53237ab
set-cookie: enc_aff_session_79=ENC03e571bf172d10d516695252c840159721668fa10d20a7436845fda7e7a3a03aa9e7a1ffdfafe45486d0f1bf79512d17e7373bffb56bdb0ea8005d9245abb17d02c4fec90aa424f47b6e3b76c026573fe58779c6cbcda9b2692b27455ccdbbb495bbbfde60c60fbf4ea4dba64fb7c7b73a822a800620c5e714f3c50d76db61633df3441ee815db8b1a306952450a741c1dc40f456bfdfc3500af337735baedbc5ff24a0b96a5ae8309c85256de5ec654b163d222afdec18ea6fdc170964a787c7400cb0fb334926f4dcb0d4c758bc248d511e986db0ca4bd668d1f8a403a6a0bfc36c571aa; expires=Wed, 16 Oct 2019 10:19:52 GMT; path=/; ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI3NC4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS83NC4wLjM3MjkuMTY5IFNhZmFyaS81MzcuMzYiLCJjb25uZWN0aW9uX3NwZWVkIjoiYnJvYWRiYW5kIn0=; expires=Fri, 02 Sep 2022 20:59:52 GMT; path=/;
p3p: CP="NOI CUR OUR NOR INT"
access-control-allow-origin: *

GET
H2 200 css
fonts.googleapis.com/ 9 KB
804 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:818::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700

Requested by

Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=12fbc2ff7b8c32303ecc386904394229&utm_term=22384&offer_id=79&transaction_id=1027afcd86b4c2d2d83322b53237ab&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=12fbc2ff7b8c32303ecc386904394229&aff_sub4=&utm_kxconfid=t4kwo0a21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

373a0505368dab061278aa0b7243dc58fc165a25f8b0286d57f8835d06ab6e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Wed, 09 Oct 2019 10:19:53 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Wed, 09 Oct 2019 10:19:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Wed, 09 Oct 2019 10:19:53 GMT

GET
H/1.1 200
OK gtm-c6ad34199939ca4211eea0d25cdee444b7e6664af475ef70a9d741fba834f0f7.js Show response
cdn.assurance.com/insurance/public/assets/install/healthinsurance/ 324 B
927 B 50ms
6ms Script
application/x-javascript 143.204.101.112
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.assurance.com/insurance/public/assets/install/healthinsurance/gtm-c6ad34199939ca4211eea0d25cdee444b7e6664af475ef70a9d741fba834f0f7.js
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=12fbc2ff7b8c32303ecc386904394229&utm_term=22384&offer_id=79&transaction_id=1027afcd86b4c2d2d83322b53237ab&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=12fbc2ff7b8c32303ecc386904394229&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.112 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-112.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6ad34199939ca4211eea0d25cdee444b7e6664af475ef70a9d741fba834f0f7

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 08 Oct 2019 22:15:40 GMT
Via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
Last-Modified: Tue, 08 Oct 2019 21:39:11 GMT
Server: AmazonS3
Age: 43454
ETag: "b0d5fe155e9171b754084f4c639278fe"
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:231904212587:build/insurance:61bebab6-6d42-4369-a232-0204103af8a5
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 324
X-Amz-Cf-Id: -G1B7-5BPGd3-K0N_r495XNzMct5CQ5oGsf16mxFQaK1rymjglhjBg==

GET
H/1.1 200
OK customer-cabf6c01f9442231bfb10086a35d868a68ec0f2427a81257c6c66af98c4a7598.css
cdn.assurance.com/insurance/public/assets/ 217 KB
34 KB 49ms
6ms Stylesheet
text/css 143.204.101.112
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.assurance.com/insurance/public/assets/customer-cabf6c01f9442231bfb10086a35d868a68ec0f2427a81257c6c66af98c4a7598.css
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=12fbc2ff7b8c32303ecc386904394229&utm_term=22384&offer_id=79&transaction_id=1027afcd86b4c2d2d83322b53237ab&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=12fbc2ff7b8c32303ecc386904394229&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.112 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-112.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4dc9eef9f4093e9b5dfa10bf1af566e25f81297bc33e6a90f6557e0d88b7e83b

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 08 Oct 2019 23:39:11 GMT
Content-Encoding: gzip
Last-Modified: Tue, 08 Oct 2019 21:38:48 GMT
Server: AmazonS3
Age: 38442
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:231904212587:build/insurance:61bebab6-6d42-4369-a232-0204103af8a5
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: hZjd2DrPuvPsTjOafhDi1WcDL6tPyFa1jUtehAu6QAiW2wxdJ6Ux6Q==

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
7 KB 21ms
19ms Stylesheet
text/css 2606:4700::6813:c697
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c697 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:19:53 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 15250334
status: 200
served-in-seconds: 0.001
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:19:12 GMT
server: cloudflare
etag: W/"5afd4910-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 522f9e6a68ae59fa-VIE
expires: Mon, 28 Sep 2020 10:19:53 GMT

GET
H/1.1 200
OK utility-c3c0f5a1e3c2f4e7471c3cf34ce7b3f10540750c3b05fdb5b1576d5be1f9170b.js Show response
cdn.assurance.com/insurance/public/assets/customer/ 5 KB
3 KB 60ms
7ms Script
application/x-javascript 143.204.101.112
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.assurance.com/insurance/public/assets/customer/utility-c3c0f5a1e3c2f4e7471c3cf34ce7b3f10540750c3b05fdb5b1576d5be1f9170b.js
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=12fbc2ff7b8c32303ecc386904394229&utm_term=22384&offer_id=79&transaction_id=1027afcd86b4c2d2d83322b53237ab&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=12fbc2ff7b8c32303ecc386904394229&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.112 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-112.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c3c0f5a1e3c2f4e7471c3cf34ce7b3f10540750c3b05fdb5b1576d5be1f9170b

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 08 Oct 2019 16:57:14 GMT
Content-Encoding: gzip
Last-Modified: Sat, 28 Sep 2019 11:20:24 GMT
Server: AmazonS3
Age: 62560
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:231904212587:build/insurance:a5b4cedb-70c8-4a49-a1f7-58b39ebd5f58
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: kwaytrl1tTRBktbMgbHzfqEq72ptP3aZq-seNUOzchkJT3wwErZlPQ==

GET
H/1.1 200
OK healthinsurance-d0c09059b130934708891c275fcbff50edeb7776fa1943b2ade4859d958c9960.css
cdn.assurance.com/insurance/public/assets/customer/ 2 KB
982 B 50ms
7ms Stylesheet
text/css 143.204.101.112
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.assurance.com/insurance/public/assets/customer/healthinsurance-d0c09059b130934708891c275fcbff50edeb7776fa1943b2ade4859d958c9960.css
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=12fbc2ff7b8c32303ecc386904394229&utm_term=22384&offer_id=79&transaction_id=1027afcd86b4c2d2d83322b53237ab&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=12fbc2ff7b8c32303ecc386904394229&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.112 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-112.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d0c09059b130934708891c275fcbff50edeb7776fa1943b2ade4859d958c9960

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 09 Oct 2019 01:54:01 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Oct 2019 01:16:42 GMT
Server: AmazonS3
Age: 30353
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:231904212587:build/insurance:479b557e-9f65-49be-ab50-4ab44f02f4db
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: i9pXj_RKeEegGgev3lQPdQtZtZCFWI9tZgV5tTTiXdJXeOVgkCJncA==

GET
H/1.1 200
OK health-f060c3e136630ce60b5fa1088d68a7a1fd048b0d75c19a4ddae58e8723c0b1fe.css
cdn.assurance.com/insurance/public/assets/plates/ 237 B
824 B 50ms
7ms Stylesheet
text/css 143.204.101.112
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.assurance.com/insurance/public/assets/plates/health-f060c3e136630ce60b5fa1088d68a7a1fd048b0d75c19a4ddae58e8723c0b1fe.css
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=12fbc2ff7b8c32303ecc386904394229&utm_term=22384&offer_id=79&transaction_id=1027afcd86b4c2d2d83322b53237ab&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=12fbc2ff7b8c32303ecc386904394229&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.112 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-112.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f060c3e136630ce60b5fa1088d68a7a1fd048b0d75c19a4ddae58e8723c0b1fe

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 09 Oct 2019 01:54:01 GMT
Via: 1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
Last-Modified: Wed, 09 Oct 2019 01:16:40 GMT
Server: AmazonS3
Age: 30353
ETag: "b72b6a3a477d4fa502dc0f857fd6e24a"
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:231904212587:build/insurance:479b557e-9f65-49be-ab50-4ab44f02f4db
X-Cache: Hit from cloudfront
Content-Type: text/css
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 237
X-Amz-Cf-Id: 5owK1BdcuMh2CFWqfgjWt-aoQZyLVaWAJBucPXJ83kkbO1KxKEzu1Q==

GET
H/1.1 200
OK big_text-cbb649035cc0aab0434ac418212ee6ae2674f68670d0767b3231ce13049747a5.css
cdn.assurance.com/insurance/public/assets/plates/ 908 B
1 KB 50ms
7ms Stylesheet
text/css 143.204.101.112
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.assurance.com/insurance/public/assets/plates/big_text-cbb649035cc0aab0434ac418212ee6ae2674f68670d0767b3231ce13049747a5.css
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=12fbc2ff7b8c32303ecc386904394229&utm_term=22384&offer_id=79&transaction_id=1027afcd86b4c2d2d83322b53237ab&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=12fbc2ff7b8c32303ecc386904394229&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.112 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-112.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cbb649035cc0aab0434ac418212ee6ae2674f68670d0767b3231ce13049747a5

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 09 Oct 2019 01:54:01 GMT
Via: 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
Last-Modified: Tue, 08 Oct 2019 21:38:59 GMT
Server: AmazonS3
Age: 30353
ETag: "401fbf9dcce08729eb8e5375de6bb2e4"
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:231904212587:build/insurance:61bebab6-6d42-4369-a232-0204103af8a5
X-Cache: Hit from cloudfront
Content-Type: text/css
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 908
X-Amz-Cf-Id: sKwo44p5nc1bCp6FYJlGwD2_CVCuFJ6SoPfP5hGQeUnhE78aANbCDA==

GET
H/1.1 200
OK honeybadger.min.js Show response
js.honeybadger.io/v0.4/ 7 KB
4 KB 59ms
11ms Script
application/x-javascript 13.32.99.191
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://js.honeybadger.io/v0.4/honeybadger.min.js
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=12fbc2ff7b8c32303ecc386904394229&utm_term=22384&offer_id=79&transaction_id=1027afcd86b4c2d2d83322b53237ab&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=12fbc2ff7b8c32303ecc386904394229&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.32.99.191 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-32-99-191.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a5a03ffb74678bd02d15096bdb6d36f08338cde8f8f51d7fa8c2cc3df9e6f4e5

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: oVQfnkFyjGraPKHgRCAgdUvTx_OvZVYJ
Content-Encoding: gzip
Last-Modified: Wed, 19 Jul 2017 17:08:27 GMT
Server: AmazonS3
Age: 15161
Date: Wed, 09 Oct 2019 06:07:12 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 e0c589730c9a4b532776db9306e169c9.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: PRG50
X-Amz-Cf-Id: pbXbSvGZlOp8qQu2ymRaqGbJOJdhmDtLS2NXhmqrozHgH5bB5_u6NQ==

GET
H/1.1 200
OK honeybadger-62400bc84c0bbc6c3d92853f1dc29871b5f5b247b2cf4ca92bbe9cb496ba2c60.js Show response
cdn.assurance.com/insurance/public/assets/install/ 2 KB
1 KB 59ms
7ms Script
application/x-javascript 143.204.101.112
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.assurance.com/insurance/public/assets/install/honeybadger-62400bc84c0bbc6c3d92853f1dc29871b5f5b247b2cf4ca92bbe9cb496ba2c60.js
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=12fbc2ff7b8c32303ecc386904394229&utm_term=22384&offer_id=79&transaction_id=1027afcd86b4c2d2d83322b53237ab&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=12fbc2ff7b8c32303ecc386904394229&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.112 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-112.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 62400bc84c0bbc6c3d92853f1dc29871b5f5b247b2cf4ca92bbe9cb496ba2c60

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 08 Oct 2019 15:54:44 GMT
Content-Encoding: gzip
Last-Modified: Sat, 17 Aug 2019 06:57:24 GMT
Server: AmazonS3
Age: 66310
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:231904212587:build/insurance:c9825661-2734-49b5-949a-92f332ca60cd
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: lyxuvpsZjgxpDiIh2be0Klb5PwLwnfPVPimXXQaRfxcidPBEcT0Y2Q==

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 763 B
629 B 58ms
57ms Script
text/javascript 2a00:1450:4001:81d::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LcQnacUAAAAAPLgJfUTwV3S6-izNvVWMwXVutm-

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

24fd0695c2796e321bf66c3be12ef8c8027271d04a479b52380671772f0c36fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:19:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 499
x-xss-protection: 1; mode=block
expires: Wed, 09 Oct 2019 10:19:53 GMT

GET
H/1.1 200
OK ella-flip-080b58bfb270a0738da291bfc8693cbf683d222ee761597e682e29e21f6f76fc.png
cdn.assurance.com/insurance/public/assets/ 100 KB
100 KB 372ms
372ms Image
image/png 143.204.101.112
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.assurance.com/insurance/public/assets/ella-flip-080b58bfb270a0738da291bfc8693cbf683d222ee761597e682e29e21f6f76fc.png
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=12fbc2ff7b8c32303ecc386904394229&utm_term=22384&offer_id=79&transaction_id=1027afcd86b4c2d2d83322b53237ab&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=12fbc2ff7b8c32303ecc386904394229&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.112 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-112.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 080b58bfb270a0738da291bfc8693cbf683d222ee761597e682e29e21f6f76fc

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 09 Oct 2019 10:19:54 GMT
Via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
Last-Modified: Wed, 09 Oct 2019 04:10:20 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA50-C1
ETag: "db64300811ffdb901937748066c4718e"
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:231904212587:build/insurance:17c2cda8-64e8-4ef6-8694-fbfcb2d2cff8
X-Cache: Miss from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 101895
X-Amz-Cf-Id: Q4yRR1VSNTTU6oZbFyVU9LfRN3mN0vCYliR5Svu83BW-PebxRQg9Rw==

GET
H/1.1 200
OK loading-ea1c3eaefeb1b4e7a6d3fa97f320b3397e4f5d112afcb758e62513852b573423.gif
cdn.assurance.com/insurance/public/assets/icons/ 34 KB
35 KB 384ms
383ms Image
image/gif 143.204.101.112
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.assurance.com/insurance/public/assets/icons/loading-ea1c3eaefeb1b4e7a6d3fa97f320b3397e4f5d112afcb758e62513852b573423.gif
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=12fbc2ff7b8c32303ecc386904394229&utm_term=22384&offer_id=79&transaction_id=1027afcd86b4c2d2d83322b53237ab&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=12fbc2ff7b8c32303ecc386904394229&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.112 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-112.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ea1c3eaefeb1b4e7a6d3fa97f320b3397e4f5d112afcb758e62513852b573423

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 09 Oct 2019 10:19:54 GMT
Via: 1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
Last-Modified: Wed, 09 Oct 2019 04:10:01 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA50-C1
ETag: "d6b028d0fe0d17991948c0b5c94e0a2e"
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:231904212587:build/insurance:17c2cda8-64e8-4ef6-8694-fbfcb2d2cff8
X-Cache: Miss from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34936
X-Amz-Cf-Id: HLGsNucvFYYiuJA4Rbk9yk28nSDdGF0tRL7RebG25Y4RU9cu6yWNyg==

GET
H/1.1 200
OK bbb-badge-white-simple-556dd6874d80f240e42525b0b3a6535dfac43ae3fbebbe0ebe44014847b2af4e.png
cdn.assurance.com/insurance/public/assets/logos/partners/ 10 KB
11 KB 384ms
382ms Image
image/png 143.204.101.112
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.assurance.com/insurance/public/assets/logos/partners/bbb-badge-white-simple-556dd6874d80f240e42525b0b3a6535dfac43ae3fbebbe0ebe44014847b2af4e.png
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=12fbc2ff7b8c32303ecc386904394229&utm_term=22384&offer_id=79&transaction_id=1027afcd86b4c2d2d83322b53237ab&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=12fbc2ff7b8c32303ecc386904394229&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.112 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-112.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 556dd6874d80f240e42525b0b3a6535dfac43ae3fbebbe0ebe44014847b2af4e

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 09 Oct 2019 10:19:54 GMT
Via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
Last-Modified: Wed, 09 Oct 2019 04:10:07 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA50-C1
ETag: "1f16fbafb717abe9e1d051844fb6c039"
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:231904212587:build/insurance:17c2cda8-64e8-4ef6-8694-fbfcb2d2cff8
X-Cache: Miss from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10185
X-Amz-Cf-Id: 5-SifaYjJhFKYO4KgpxMYiVtWqPqVwqAygENZCIffIYny4eyGw-wEA==

GET
H2 200 cssrelpreload.min.js Show response
cdnjs.cloudflare.com/ajax/libs/loadCSS/2.1.0/ 1 KB
754 B 18ms
17ms Script
application/javascript 2606:4700::6813:c697
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/loadCSS/2.1.0/cssrelpreload.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c697 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

19cfca88e33cb1f56e957f1a653d3acad97f7cc927d0b2e329a80ead264578d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:19:53 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 5399093
status: 200
served-in-seconds: 0.001
timing-allow-origin: *
last-modified: Mon, 03 Dec 2018 23:00:54 GMT
server: cloudflare
etag: W/"5c05b5a6-4a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 522f9e6ac91d59fa-VIE
expires: Mon, 28 Sep 2020 10:19:53 GMT

GET
H2 200 onloadCSS.min.js Show response
cdnjs.cloudflare.com/ajax/libs/loadCSS/2.1.0/ 241 B
224 B 19ms
17ms Script
application/javascript 2606:4700::6813:c697
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/loadCSS/2.1.0/onloadCSS.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c697 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7973f6d4de8da495c0a4a870d6b50fff04cc246e1628364160f8486e7f3a1f3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:19:53 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 5384823
status: 200
served-in-seconds: 0.000
timing-allow-origin: *
last-modified: Mon, 03 Dec 2018 23:00:54 GMT
server: cloudflare
etag: W/"5c05b5a6-f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 522f9e6ac91e59fa-VIE
expires: Mon, 28 Sep 2020 10:19:53 GMT

GET
H/1.1 200
OK customer-bc11ad22a441df20256a341dc29adc1a13a594b11b5eaf1f5bb7861a7805d22e.js Show response
cdn.assurance.com/insurance/public/assets/ 471 KB
149 KB 11ms
9ms Script
application/x-javascript 143.204.101.112
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.assurance.com/insurance/public/assets/customer-bc11ad22a441df20256a341dc29adc1a13a594b11b5eaf1f5bb7861a7805d22e.js
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=12fbc2ff7b8c32303ecc386904394229&utm_term=22384&offer_id=79&transaction_id=1027afcd86b4c2d2d83322b53237ab&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=12fbc2ff7b8c32303ecc386904394229&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.112 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-112.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bc11ad22a441df20256a341dc29adc1a13a594b11b5eaf1f5bb7861a7805d22e

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 03 Oct 2019 06:32:54 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Oct 2019 05:34:08 GMT
Server: AmazonS3
Age: 5376
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:231904212587:build/insurance:0ebceddd-86f0-4344-95d4-17088c463434
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: kSZ2t6Kzy4mXCizGBMLiVa_ZfnXhsp4npbrQ7WnjLdValTWVL1rmhQ==

GET
H/1.1 200
OK recaptcha_v3-115e92ecc8cd17434bd87f305829287c2b633cc7c79fef3db40c812466c50189.js Show response
cdn.assurance.com/insurance/public/assets/ 357 B
960 B 8ms
7ms Script
application/x-javascript 143.204.101.112
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.assurance.com/insurance/public/assets/recaptcha_v3-115e92ecc8cd17434bd87f305829287c2b633cc7c79fef3db40c812466c50189.js
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=12fbc2ff7b8c32303ecc386904394229&utm_term=22384&offer_id=79&transaction_id=1027afcd86b4c2d2d83322b53237ab&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=12fbc2ff7b8c32303ecc386904394229&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.112 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-112.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 115e92ecc8cd17434bd87f305829287c2b633cc7c79fef3db40c812466c50189

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 28 Sep 2019 21:33:03 GMT
Via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
Last-Modified: Sat, 28 Sep 2019 11:20:11 GMT
Server: AmazonS3
Age: 34924
ETag: "665684d370d08fd9ad44b6090eedbb5d"
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:231904212587:build/insurance:a5b4cedb-70c8-4a49-a1f7-58b39ebd5f58
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 357
X-Amz-Cf-Id: _HFYdrL-d_PFr95QPFTMWiKHXdn0UAMMASCSWdww35Ns-5SHa9MsYg==

GET
H/1.1 200
OK google_nums-4fa943c533adc193617c8826b5d07c87de1c952ef757fb2f4551e6e65cd1c49e.js Show response
cdn.assurance.com/insurance/public/assets/install/healthinsurance/ 413 B
1016 B 7ms
6ms Script
application/x-javascript 143.204.101.112
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.assurance.com/insurance/public/assets/install/healthinsurance/google_nums-4fa943c533adc193617c8826b5d07c87de1c952ef757fb2f4551e6e65cd1c49e.js
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=12fbc2ff7b8c32303ecc386904394229&utm_term=22384&offer_id=79&transaction_id=1027afcd86b4c2d2d83322b53237ab&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=12fbc2ff7b8c32303ecc386904394229&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.112 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-112.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4fa943c533adc193617c8826b5d07c87de1c952ef757fb2f4551e6e65cd1c49e

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 09 Oct 2019 05:31:32 GMT
Via: 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
Last-Modified: Wed, 09 Oct 2019 04:10:19 GMT
Server: AmazonS3
Age: 17302
ETag: "17cef9827b40af47807175cceb10f1d6"
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:231904212587:build/insurance:17c2cda8-64e8-4ef6-8694-fbfcb2d2cff8
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 413
X-Amz-Cf-Id: HQ3aBNGHXG5u0IrIIAnU8630-nRzppgMqVUYpG4tLaSPgATsP42R2Q==

GET
H/1.1 200
OK leadid-fc8ec001faf2a4299e345bfe462404de9efca8ddca4b663821b8f65865f4dc9b.js Show response
cdn.assurance.com/insurance/public/assets/ 294 B
897 B 17ms
7ms Script
application/x-javascript 143.204.101.112
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.assurance.com/insurance/public/assets/leadid-fc8ec001faf2a4299e345bfe462404de9efca8ddca4b663821b8f65865f4dc9b.js
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=12fbc2ff7b8c32303ecc386904394229&utm_term=22384&offer_id=79&transaction_id=1027afcd86b4c2d2d83322b53237ab&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=12fbc2ff7b8c32303ecc386904394229&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.112 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-112.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fc8ec001faf2a4299e345bfe462404de9efca8ddca4b663821b8f65865f4dc9b

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 07 Oct 2019 15:19:37 GMT
Via: 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
Last-Modified: Mon, 07 Oct 2019 15:19:26 GMT
Server: AmazonS3
Age: 66125
ETag: "4eaa75c84ccb4b4dabef51d291650dcf"
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:231904212587:build/insurance:3e7bacff-8c51-4cc5-9b40-a94570fbbae0
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 294
X-Amz-Cf-Id: t0jWio4EbCfeTv2RhqP9Nstz4sPVdX86akjUjsY68eS-UYtCX2r4xw==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 95 KB
30 KB 19ms
17ms Script
application/javascript 2a00:1450:4001:814::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WQLF25

Requested by

Host: cdn.assurance.com
URL: https://cdn.assurance.com/insurance/public/assets/install/healthinsurance/gtm-c6ad34199939ca4211eea0d25cdee444b7e6664af475ef70a9d741fba834f0f7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

144d37e24f82aadc3f3e659d6cd98d4a8bd748c147f718b6dbcf31cf7727819d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:19:53 GMT
content-encoding: br
last-modified: Wed, 09 Oct 2019 09:00:00 GMT
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 30791
x-xss-protection: 0
expires: Wed, 09 Oct 2019 10:19:53 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/xw1jR43fRSpRG88iDviKn3qM/ 253 KB
90 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:81d::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/xw1jR43fRSpRG88iDviKn3qM/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcQnacUAAAAAPLgJfUTwV3S6-izNvVWMwXVutm-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

6f33adecfa8dacb04b161289c89b2930d80324d5d0baa1c0da86ed08b9c1ebda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 06:16:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Oct 2019 21:23:03 GMT
server: sffe
age: 14616
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 92207
x-xss-protection: 0
expires: Thu, 08 Oct 2020 06:16:17 GMT

GET
H2 200 healthinsurance.png
d2ysjycjrua9tt.cloudfront.net/img/logos/ 32 KB
32 KB 55ms
20ms Image
image/png 2600:9000:20ac:9400:1:1faa:9040:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2ysjycjrua9tt.cloudfront.net/img/logos/healthinsurance.png
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=12fbc2ff7b8c32303ecc386904394229&utm_term=22384&offer_id=79&transaction_id=1027afcd86b4c2d2d83322b53237ab&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=12fbc2ff7b8c32303ecc386904394229&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20ac:9400:1:1faa:9040:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 26b6ded1f4da5ed4f61226c7a1f36be06d422b4b2ca54262103bc354ef732bc7

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 08 Oct 2019 13:06:35 GMT
via: 1.1 6207b951a11da0467241aea4294b753b.cloudfront.net (CloudFront)
last-modified: Tue, 29 Jan 2019 04:10:36 GMT
server: AmazonS3
age: 69623
etag: "03fbef1b740f6d6cc39d5ab1d86edca8"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: 86400
x-amz-cf-pop: PRG50
accept-ranges: bytes
content-length: 32408
x-amz-cf-id: RVDgfGnlVvf1H7_lAlP-Y_AaY_0mXKpuSR82n_1Oci1c_g_xcnZobw==

GET
H2 200 hero-1.jpg
d2ysjycjrua9tt.cloudfront.net/img/ 16 KB
17 KB 47ms
14ms Image
image/jpeg 2600:9000:20ac:9400:1:1faa:9040:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2ysjycjrua9tt.cloudfront.net/img/hero-1.jpg
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=12fbc2ff7b8c32303ecc386904394229&utm_term=22384&offer_id=79&transaction_id=1027afcd86b4c2d2d83322b53237ab&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=12fbc2ff7b8c32303ecc386904394229&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20ac:9400:1:1faa:9040:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e15eb5040e99ce3f51d49580272bd18e4f2b5030b312315500916fd075e6a5e8

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 21 Sep 2019 11:21:46 GMT
via: 1.1 6207b951a11da0467241aea4294b753b.cloudfront.net (CloudFront)
last-modified: Tue, 21 May 2019 20:48:00 GMT
server: AmazonS3
age: 50605
etag: "2cfff2ffd8a2b57372c19a719844d014"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
x-amz-cf-pop: PRG50
accept-ranges: bytes
content-length: 16821
x-amz-cf-id: kc4Btu4AF8xrtOrNMkidD2uksOgJgNRtywCQ5uPvyaBu95zUseAJow==

GET
H2 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 20ms
20ms Font
application/octet-stream 2606:4700::6813:c697
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c697 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode: cors
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://healthinsurance.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:19:53 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 15250334
status: 200
content-length: 77160
served-in-seconds: 0.012
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:19:53 GMT
server: cloudflare
etag: "5afd4939-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 522f9e6ad943cb98-VIE
expires: Mon, 28 Sep 2020 10:19:53 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:816::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Requested by

Host: cdn.assurance.com
URL: https://cdn.assurance.com/insurance/public/assets/customer-bc11ad22a441df20256a341dc29adc1a13a594b11b5eaf1f5bb7861a7805d22e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Origin: https://healthinsurance.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 09:38:21 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:37 GMT
server: sffe
age: 2492
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9016
x-xss-protection: 0
expires: Thu, 08 Oct 2020 09:38:21 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:816::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: cdn.assurance.com
URL: https://cdn.assurance.com/insurance/public/assets/customer-bc11ad22a441df20256a341dc29adc1a13a594b11b5eaf1f5bb7861a7805d22e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Origin: https://healthinsurance.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 12:30:05 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:31:11 GMT
server: sffe
age: 3448188
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9080
x-xss-protection: 0
expires: Sat, 29 Aug 2020 12:30:05 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:816::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: cdn.assurance.com
URL: https://cdn.assurance.com/insurance/public/assets/customer-bc11ad22a441df20256a341dc29adc1a13a594b11b5eaf1f5bb7861a7805d22e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Origin: https://healthinsurance.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 09:58:45 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 1268
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9132
x-xss-protection: 0
expires: Thu, 08 Oct 2020 09:58:45 GMT

GET
H2 200 ic_close_black_24dp_2x.png
d2ysjycjrua9tt.cloudfront.net/img/icons/ 235 B
574 B 12ms
12ms Image
image/png 2600:9000:20ac:9400:1:1faa:9040:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2ysjycjrua9tt.cloudfront.net/img/icons/ic_close_black_24dp_2x.png
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=12fbc2ff7b8c32303ecc386904394229&utm_term=22384&offer_id=79&transaction_id=1027afcd86b4c2d2d83322b53237ab&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=12fbc2ff7b8c32303ecc386904394229&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20ac:9400:1:1faa:9040:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1121422aa828fb8f2f421b88b5d2437c78e51cd43a338094ec62ada2012887b1

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 22 Sep 2019 06:20:09 GMT
via: 1.1 6207b951a11da0467241aea4294b753b.cloudfront.net (CloudFront)
last-modified: Tue, 29 Jan 2019 04:11:22 GMT
server: AmazonS3
age: 37344
etag: "637093407c90164fe23f9a0239638b56"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: 86400
x-amz-cf-pop: PRG50
accept-ranges: bytes
content-length: 235
x-amz-cf-id: xNtOuL_cmfrxGZJlmK2CF20xFkUEPRP0qFLuK32oqxKKhlYzx6hrPg==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80b::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQLF25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 587
date: Wed, 09 Oct 2019 10:10:06 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Wed, 09 Oct 2019 12:10:06 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 122 KB
31 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.tecnotreina.com
URL: http://www.tecnotreina.com/mechanism-aurally/be84q2395X8T6C17e23N21Gfpkph4afeV20d8DhIiDrfvbGIxIgErIx8qRxomQnQ7N1AY0KU6aW02ih

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

8bcad0d5e62d5b147bbad7e008f6301fbbdd376ee551c87546a3158168d3df21

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-length: 31625
x-xss-protection: 0
pragma: public
x-fb-debug: JgFNH/dVFXoZcNgYIT3mkzvkGVgFjwwAh/uWklLzhvhH+C87vXi5WEZbDywoLdIdRWAPyNGoQ+NgGm9t6aCHvQ==
x-fb-trip-id: 344046301
x-frame-options: DENY
date: Wed, 09 Oct 2019 10:19:53 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK atrk.js Show response
d31qbv1cthcecs.cloudfront.net/ 4 KB
2 KB 22ms
6ms Script
text/javascript 13.224.196.80
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by: Host: www.tecnotreina.com
URL: http://www.tecnotreina.com/mechanism-aurally/be84q2395X8T6C17e23N21Gfpkph4afeV20d8DhIiDrfvbGIxIgErIx8qRxomQnQ7N1AY0KU6aW02ih
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.196.80 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-196-80.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 27 Jun 2019 19:57:25 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Sat, 16 Mar 2019 16:01:33 GMT
Server: AmazonS3
Age: 8950949
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA2-C1
X-Amz-Cf-Id: bgXSyCGUEWjiGTTBhj3p1XcTgyvd0XevWigLsoS0FpI78OjXFass0w==

GET
H2 200 bat.js Show response
bat.bing.com/ 23 KB
7 KB 73ms
46ms Script
application/javascript 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.tecnotreina.com
URL: http://www.tecnotreina.com/mechanism-aurally/be84q2395X8T6C17e23N21Gfpkph4afeV20d8DhIiDrfvbGIxIgErIx8qRxomQnQ7N1AY0KU6aW02ih
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:19:52 GMT
content-encoding: gzip
last-modified: Tue, 10 Sep 2019 18:57:28 GMT
x-msedge-ref: Ref A: 1A79AA45FFF546389E5E1F4875F8C369 Ref B: VIEEDGE1312 Ref C: 2019-10-09T10:19:53Z
status: 200
etag: "09c5197968d51:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 7148

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 19 KB
6 KB 40ms
13ms Script
application/javascript 2a00:1288:f03d:1fa::2000
Oath Holdings Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: www.tecnotreina.com
URL: http://www.tecnotreina.com/mechanism-aurally/be84q2395X8T6C17e23N21Gfpkph4afeV20d8DhIiDrfvbGIxIgErIx8qRxomQnQ7N1AY0KU6aW02ih

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1 - Oath Holdings Inc., US),

Reverse DNS

Software

ATS /

Resource Hash

7edb2213c1f4f569617389783ba544f9997d11a1fc5e54406582b25967bfde66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:18:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 108
x-amz-server-side-encryption: AES256
status: 200
vary: Origin, Accept-Encoding
x-amz-request-id: 8179F58BCFA0248B
x-amz-id-2: g79MJc6NlhHakq3bX6R2bF47yHCPsHqessrAlgKHkUZew18uPJH3SYmV/+r8Wa/0nkrQjdgEmeo=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 12 Nov 2020 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 08 Oct 2019 10:16:59 GMT
server: ATS
etag: "254a43f994019deb4ca1830f04bd5d32-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-version-id: x4Y4HVRbF4l0Lw4GKvYmVr0DuE8bwWr0
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 5150
content-type: application/javascript

GET
H/1.1

200
OK

Cookie set iu3
s.amazon-adsystem.com/ Frame D436
Redirect Chain

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D574a79c7-dd25-c41a-f3cd-9713f309b8eb%26type%3D43%26m%3D1&ex-fch=416613&ex-src=https://www.healthinsurance.net/&ex-hargs=v%3D1.0%3Bc%3D45...
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D574a79c7-dd25-c41a-f3cd-9713f309b8eb%26type%3D43%26m%3D1&ex-fch=416613&ex-src=https://www.healthinsurance.net/&ex-hargs=v%3D1.0%3Bc%3D45...

0
0

114ms
113ms

Document
text/html

72.21.206.140
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D574a79c7-dd25-c41a-f3cd-9713f309b8eb%26type%3D43%26m%3D1&ex-fch=416613&ex-src=https://www.healthinsurance.net/&ex-hargs=v%3D1.0%3Bc%3D4565912920301%3Bp%3D574A79C7-DD25-C41A-F3CD-9713F309B8EB&cb=266797399967442020&dcc=t
Requested by: Host: www.tecnotreina.com
URL: http://www.tecnotreina.com/mechanism-aurally/be84q2395X8T6C17e23N21Gfpkph4afeV20d8DhIiDrfvbGIxIgErIx8qRxomQnQ7N1AY0KU6aW02ih
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: 206-140.amazon.com
Software: Server /
Resource Hash

Request headers

Host: s.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Accept-Encoding: gzip, deflate, br
Cookie: ad-id=A4A-5xrrE0_Jq2kOixDnigI|t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate

Response headers

Server: Server
Date: Wed, 09 Oct 2019 10:19:53 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 343
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie: ad-id=A4A-5xrrE0_Jq2kOixDnigI; Domain=.amazon-adsystem.com; Expires=Wed, 01-Jul-2020 10:19:53 GMT; Path=/; HttpOnly ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Wed, 01-Jan-2025 10:19:53 GMT; Path=/; HttpOnly
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip

Redirect headers

Server: Server
Date: Wed, 09 Oct 2019 10:19:53 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D574a79c7-dd25-c41a-f3cd-9713f309b8eb%26type%3D43%26m%3D1&ex-fch=416613&ex-src=https://www.healthinsurance.net/&ex-hargs=v%3D1.0%3Bc%3D4565912920301%3Bp%3D574A79C7-DD25-C41A-F3CD-9713F309B8EB&cb=266797399967442020&dcc=t
Set-Cookie: ad-id=Az2pkXw_okLkoPegXtZmkR8|t; Domain=.amazon-adsystem.com; Expires=Wed, 01-Jul-2020 10:19:53 GMT; Path=/; HttpOnly
Vary: User-Agent

GET
H/1.1 200
OK t2d2miw0x.js Show response
cdn.krxd.net/controltag/ 17 KB
6 KB 22ms
7ms Script
text/javascript 151.101.112.175
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/t2d2miw0x.js
Requested by: Host: www.tecnotreina.com
URL: http://www.tecnotreina.com/mechanism-aurally/be84q2395X8T6C17e23N21Gfpkph4afeV20d8DhIiDrfvbGIxIgErIx8qRxomQnQ7N1AY0KU6aW02ih
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.175 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 69c0b66e072a6b1a2fee057dd76a318d16cf7e5005291b40e1d7ab6882a3960f

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-CDN-Backend: autodirector_Config_Service_V3
Date: Wed, 09 Oct 2019 10:19:53 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 253
X-Cache: MISS, HIT, HIT
X-App-Cache: HIT
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 5162
X-Served-By: config-service-a001-ash-prod.krxd.net, cache-iad2120-IAD, cache-hhn4073-HHN
X-Response-Time: 0
X-Do-Esi: esi
X-Timer: S1570616394.507355,VS0,VE0
ETag: "307d94a1af3a47f33ec267e3d8c4a6097688c329"
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, max-age=1200
Accept-Ranges: bytes
X-Age: 0
X-Cache-Hits: 0, 4, 1

GET
H2 200 one-tag.js Show response
na5.cdn.thunderhead.com/one/rt/js/ 85 KB
27 KB 57ms
17ms Script
text/javascript 2620:1ec:bdf::10
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://na5.cdn.thunderhead.com/one/rt/js/one-tag.js?siteKey=ONE-QJJVTVNQNN-2522

Requested by

Host: www.tecnotreina.com
URL: http://www.tecnotreina.com/mechanism-aurally/be84q2395X8T6C17e23N21Gfpkph4afeV20d8DhIiDrfvbGIxIgErIx8qRxomQnQ7N1AY0KU6aW02ih

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:bdf::10 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Resource Hash

6afe06ce88b927163790138f2746fdc4e268ec563ca5967f991f8da10e4479bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
content-encoding: gzip
x-azure-ref-originshield: 0q7OdXQAAAACA/fS43i4/Ta83Y4zVHjRFQU1TRURHRTA0MDkAMzg5ZjM1OTMtMWU5ZC00NjBhLTljMGUtMWQwOTU5NDg4YTE2
x-one-req-metric: 1570616236020;0;2
etag: "ONE-QJJVTVNQNN-2522-null-1801426308"
vary: Accept-Encoding
x-cache: TCP_HIT
content-type: text/javascript
status: 200
cache-control: no-transform, max-age=1200
date: Wed, 09 Oct 2019 10:19:53 GMT
x-azure-ref: 0SbSdXQAAAAB5IVUGA7bSRK/BMLngJTXWVklFRURHRTAyMTIAMzg5ZjM1OTMtMWU5ZC00NjBhLTljMGUtMWQwOTU5NDg4YTE2
content-length: 26903

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ 43 B
448 B 136ms
46ms Image
image/gif 188.125.66.33
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10001594778196&.yp=437880&gtmcb=2036972828

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.125.66.33 , Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:19:53 GMT
x-content-type-options: nosniff
age: 0
status: 200
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: ATS
x-frame-options: DENY
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
expires: Wed, 09 Oct 2019 10:19:53 GMT

GET
H/1.1

200
OK

iui3
s.amazon-adsystem.com/
Redirect Chain

https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3D7dcb44b5-b96b-40e5-10da-dbe017b7d6dc%26type%3D14%26m%3D1&ex-fch=416613&ex-src=https://www.healthinsurance.net/&ex-hargs=v%3D1.0%3B...
https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3D7dcb44b5-b96b-40e5-10da-dbe017b7d6dc%26type%3D14%26m%3D1&ex-fch=416613&ex-src=https://www.healthinsurance.net/&ex-hargs=v%3D1.0%3B...

43 B
674 B

113ms
113ms

Image
image/gif

72.21.206.140
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3D7dcb44b5-b96b-40e5-10da-dbe017b7d6dc%26type%3D14%26m%3D1&ex-fch=416613&ex-src=https://www.healthinsurance.net/&ex-hargs=v%3D1.0%3Bc%3D7715990030901%3Bp%3D7DCB44B5-B96B-40E5-10DA-DBE017B7D6DC&dcc=t
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=12fbc2ff7b8c32303ecc386904394229&utm_term=22384&offer_id=79&transaction_id=1027afcd86b4c2d2d83322b53237ab&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=12fbc2ff7b8c32303ecc386904394229&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: 206-140.amazon.com
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Oct 2019 10:19:53 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 09 Oct 2019 10:19:53 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3D7dcb44b5-b96b-40e5-10da-dbe017b7d6dc%26type%3D14%26m%3D1&ex-fch=416613&ex-src=https://www.healthinsurance.net/&ex-hargs=v%3D1.0%3Bc%3D7715990030901%3Bp%3D7DCB44B5-B96B-40E5-10DA-DBE017B7D6DC&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 loader.js Show response
www.gstatic.com/wcm/ 422 B
424 B 7ms
7ms Script
text/javascript 2a00:1450:4001:81d::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/wcm/loader.js

Requested by

Host: cdn.assurance.com
URL: https://cdn.assurance.com/insurance/public/assets/install/healthinsurance/google_nums-4fa943c533adc193617c8826b5d07c87de1c952ef757fb2f4551e6e65cd1c49e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

cbb6560ed1e9e91e2ceb73f50c333bf5fd86d56839161bf5383a1dd44faf5bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 09:44:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 02 Oct 2019 19:45:00 GMT
server: sffe
age: 2104
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 286
x-xss-protection: 0
expires: Wed, 09 Oct 2019 10:44:49 GMT

GET
H2 200 cf934278-b099-eb50-bf86-105a165fcb4e.js Show response
create.lidstatic.com/campaign/ 122 KB
39 KB 495ms
462ms Script
text/javascript 2606:4700:10::6814:4b82
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://create.lidstatic.com/campaign/cf934278-b099-eb50-bf86-105a165fcb4e.js?snippet_version=2
Requested by: Host: cdn.assurance.com
URL: https://cdn.assurance.com/insurance/public/assets/leadid-fc8ec001faf2a4299e345bfe462404de9efca8ddca4b663821b8f65865f4dc9b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4b82 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d3af696c2533f25ef034358c8d15cc791fa1539c40058c6bfcef813cbaeda20

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:19:53 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-amz-request-id: B60E3E21F0B441A9
cf-ray: 522f9e6bab32cb98-VIE
status: 200
x-amz-replication-status: COMPLETED
x-amz-id-2: d3e0UcjW0z/TLLwJ1xMSxdqGY2aT5TEG2yzss7Sy1/GFKVaLrtmDzhUJIarmtC7B0Yr69X4N44c=
last-modified: Wed, 25 Apr 2018 20:36:01 GMT
server: cloudflare
etag: W/"3ea0b096baa971b909a35c48d07c8594"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 9wVYTyhMD0sMyMEprga7nOjqwgqVYS0P
cache-control: public, max-age=1800
content-type: text/javascript
expires: Wed, 09 Oct 2019 10:49:53 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:816::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Host: cdn.assurance.com
URL: https://cdn.assurance.com/insurance/public/assets/customer-bc11ad22a441df20256a341dc29adc1a13a594b11b5eaf1f5bb7861a7805d22e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Origin: https://healthinsurance.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 07 Oct 2019 23:16:10 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:44 GMT
server: sffe
age: 126223
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9180
x-xss-protection: 0
expires: Tue, 06 Oct 2020 23:16:10 GMT

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame 4682 0
0 37ms
37ms Document
text/html 2a00:1450:4001:81d::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcQnacUAAAAAPLgJfUTwV3S6-izNvVWMwXVutm-&co=aHR0cHM6Ly9oZWFsdGhpbnN1cmFuY2UubmV0OjQ0Mw..&hl=en&v=xw1jR43fRSpRG88iDviKn3qM&size=invisible&cb=sr4x1sf24cgu

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/xw1jR43fRSpRG88iDviKn3qM/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BPI7krY0AmF6gSMNc9gULg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LcQnacUAAAAAPLgJfUTwV3S6-izNvVWMwXVutm-&co=aHR0cHM6Ly9oZWFsdGhpbnN1cmFuY2UubmV0OjQ0Mw..&hl=en&v=xw1jR43fRSpRG88iDviKn3qM&size=invisible&cb=sr4x1sf24cgu
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 09 Oct 2019 10:19:53 GMT
content-security-policy: script-src 'report-sample' 'nonce-BPI7krY0AmF6gSMNc9gULg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 9492
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 1618.js Show response
cdn.pbbl.co/r/ 8 KB
3 KB 103ms
29ms Script
application/javascript 13.32.99.13
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.pbbl.co/r/1618.js

Requested by

Host: www.tecnotreina.com
URL: http://www.tecnotreina.com/mechanism-aurally/be84q2395X8T6C17e23N21Gfpkph4afeV20d8DhIiDrfvbGIxIgErIx8qRxomQnQ7N1AY0KU6aW02ih

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.32.99.13 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-13-32-99-13.prg50.r.cloudfront.net

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

c2e16b63e480456fdded83f506849efcb4a562d9532353d5758315a6881e17c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 22 Aug 2019 03:39:12 GMT
server: nginx/1.10.3 (Ubuntu)
x-amz-cf-pop: PRG50
status: 200
date: Sat, 21 Sep 2019 18:58:03 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5dc3518f3ee8889e806ae9a0b31cf13c.cloudfront.net (CloudFront)
cache-control: max-age=1800, public
x-amz-cf-id: g3ffNwENZWw026AzBzuusahIV56UIVo-9ThirY76iYXdSFH-GnaJ4A==
x-xss-protection: 1
expires: Sat, 21 Sep 2019 19:28:03 GMT

GET
H2 200 t0 Show response
c1.ox-bio.com/ 21 KB
21 KB 422ms
100ms Script
application/javascript 199.68.195.197
QuoVadis Services...

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.ox-bio.com/t0?oxtrk=141&oxhrt=fb47614a-b32a-ac49-f027-0b0a982cd7df&oxuid=ASS0001&cid1=wex4&cid2=201465&cid3=122191864
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQLF25
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 199.68.195.197 Hamilton, Bermuda, ASN19626 (EVC-AS - QuoVadis Services Limited, BM),
Reverse DNS
Software: /
Resource Hash: ddc5de29409873657efddd3e9eaa87e23d3618f3b903af966defd1a27d7a594a

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Wed, 09 Oct 2019 10:19:53 GMT
cache-control: no-cache, must-revalidate
expires: Tue, 25 Dec 2018 14:00:00 GMT
content-type: application/javascript

GET
H2 200 collect
www.google-analytics.com/ 35 B
105 B 6ms
6ms Image
image/gif 2a00:1450:4001:80b::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=138621870&t=pageview&_s=1&dl=https%3A%2F%2Fhealthinsurance.net%2Fhi_wizard%2F%3Futm_source%3Dwex4%26utm_medium%3Dcpl%26utm_campaign%3D201465%26utm_content%3D12fbc2ff7b8c32303ecc386904394229%26utm_term%3D22384%26offer_id%3D79%26transaction_id%3D1027afcd86b4c2d2d83322b53237ab%26aff_sub%3D201465%26aff_sub5%3D%26aff_sub3%3D22384%26aff_sub2%3D12fbc2ff7b8c32303ecc386904394229%26aff_sub4%3D%26utm_kxconfid%3Dt4kwo0a21&dr=http%3A%2F%2Fcrossmelody.com%2Fclicks%3Fcid%3D22384%26pub%3D201465%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&dp=%2Fhi_wizard%2F%3Futm_source%3Dwex4%26utm_medium%3Dcpl%26utm_campaign%3D201465%26utm_content%3D12fbc2ff7b8c32303ecc386904394229%26utm_term%3D22384%26offer_id%3D79%26transaction_id%3D1027afcd86b4c2d2d83322b53237ab%26aff_sub%3D201465%26aff_sub5%3D%26aff_sub3%3D22384%26aff_sub2%3D12fbc2ff7b8c32303ecc386904394229%26aff_sub4%3D%26utm_kxconfid%3Dt4kwo0a21&ul=en-us&de=UTF-8&dt=HealthInsurance.net%20%7C%20Get%20a%20Quote&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=1370782878&gjid=1660312181&cid=1126023351.1570616394&tid=UA-73253617-1&_gid=476053845.1570616394&gtm=2wga20WQLF25&z=2022988399

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Oct 2019 06:32:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 532053
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-73253617-1&cid=1126023351.1570616394&jid=1370782878&gjid=1660312181&_gid=476053845.1570616394&_u=YGBAgEAB~&z=1325360635
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-73253617-1&cid=1126023351.1570616394&jid=1370782878&_v=j79&z=1325360635
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-73253617-1&cid=1126023351.1570616394&jid=1370782878&_v=j79&z=1325360635&slf_rd=1&random=2516222883

42 B
109 B

28ms
28ms

Image
image/gif

2a00:1450:4001:821::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-73253617-1&cid=1126023351.1570616394&jid=1370782878&_v=j79&z=1325360635&slf_rd=1&random=2516222883

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Oct 2019 10:19:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 09 Oct 2019 10:19:53 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-73253617-1&cid=1126023351.1570616394&jid=1370782878&_v=j79&z=1325360635&slf_rd=1&random=2516222883
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1559003231076682 Show response
connect.facebook.net/signals/config/ 68 KB
18 KB 132ms
132ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1559003231076682?v=2.9.4&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

86d489b89356b398f969f86dd218b13abd97ab2939525bffbfa8d3e91ed3a18e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fb-trip-id: 344046301
pragma: public
x-fb-debug: fdvX/o6hH75KZBmJJexnu0Zn7KI1+uWddE8YDSS+PDPWe2jnyq9NGYTfFjslemW94WFOWNG4EXLWvwNgrl6New==
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: DENY
date: Wed, 09 Oct 2019 10:19:53 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
status: 200
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary: Accept-Encoding
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
551 B 21ms
7ms Image
image/gif 13.225.78.115
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=HealthInsurance.net%20%7C%20Get%20a%20Quote&time=1570616393616&time_zone_offset=-120&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=http%3A%2F%2Fcrossmelody.com%2Fclicks%3Fcid%3D22384%26pub%3D201465%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&host_url=https%3A%2F%2Fhealthinsurance.net%2Fhi_wizard%2F%3Futm_source%3Dwex4%26utm_medium%3Dcpl%26utm_campaign%3D201465%26utm_content%3D12fbc2ff7b8c32303ecc386904394229%26utm_term%3D22384%26offer_id%3D79%26transaction_id%3D1027afcd86b4c2d2d83322b53237ab%26aff_sub%3D201465%26aff_sub5%3D%26aff_sub3%3D22384%26aff_sub2%3D12fbc2ff7b8c32303ecc386904394229%26aff_sub4%3D%26utm_kxconfid%3Dt4kwo0a21%23health%2FUrgency&random_number=6745826032&sess_cookie=904351f816db0083f8f2eb43c08&sess_cookie_flag=1&user_cookie=904351f816db0083f8f2eb43c08&user_cookie_flag=1&dynamic=true&domain=healthinsurance.net&account=jC7Om1aMp4Z3fn&jsv=20130128&user_lang=en-US
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=12fbc2ff7b8c32303ecc386904394229&utm_term=22384&offer_id=79&transaction_id=1027afcd86b4c2d2d83322b53237ab&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=12fbc2ff7b8c32303ecc386904394229&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.115 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-78-115.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 08 Oct 2019 20:30:17 GMT
Via: 1.1 03d509e8374e9f42668961b5e0201349.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 49777
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: FRA2-C2
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: wKB_1y899pEjayaF55c4Rr-2eUXrp8NP1z41GzOhckYylRqC530Uhw==

GET
H2 200 impl-1_32.js Show response
www.gstatic.com/wcm/ 30 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81d::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/wcm/impl-1_32.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

9cc17f2a29825643f4ab4b92f34c6fe5e9b12f1dd87068a07c4933488fd880f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 04 Oct 2019 11:50:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 05 Aug 2019 17:45:00 GMT
server: sffe
age: 426547
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 12298
x-xss-protection: 0
expires: Sat, 03 Oct 2020 11:50:46 GMT

GET
H/1.1 200
OK controltag.js.05f9d0dad02f8a1b0b028b868bc3a3e2 Show response
cdn.krxd.net/ctjs/ 248 KB
80 KB 18ms
5ms Script
application/javascript 151.101.112.175
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.05f9d0dad02f8a1b0b028b868bc3a3e2
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/t2d2miw0x.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.175 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 7daa8dfc1349542ca90836b9becde99fa9bdf0b0599db5513c55ecbe556009a4

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-CDN-Backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
Date: Wed, 09 Oct 2019 10:19:53 GMT
Content-Encoding: gzip
Age: 7246485
X-Cache: HIT
X-Cache-Hits: 6375546
Connection: keep-alive
Content-Length: 81058
X-Served-By: cache-hhn4038-HHN
Last-Modified: Tue, 16 Jul 2019 17:45:11 GMT
X-Timer: S1570616394.636667,VS0,VE0
ETag: "05f9d0dad02f8a1b0b028b868bc3a3e2"
Content-Type: application/javascript
Via: 1.1 varnish
Cache-Control: public, max-age=315360000
Accept-Ranges: bytes
Expires: Fri, 13 Jul 2029 17:45:10 GMT

GET
H2 200 10061771.json Show response
s.yimg.com/wi/config/ 2 B
480 B 154ms
127ms XHR
application/json 2a00:1288:f03d:1fa::2000
Oath Holdings Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10061771.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1 - Oath Holdings Inc., US),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:19:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
status: 200
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: F90EBA7CE0785646
x-amz-id-2: RVG4eDUE6yDi13YvkSPZ8ba21zWNtcDLo3KgHViZ/1UP6LRf8EpYLnVj8Jt9AUpFdToTB6/xAfQ=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600

GET
H2 200 / Show response
na5.thunderhead.com/one/rt/web/onetag/ONE-QJJVTVNQNN-2522/ 476 B
529 B 287ms
177ms Script
application/javascript 51.105.108.194
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://na5.thunderhead.com/one/rt/web/onetag/ONE-QJJVTVNQNN-2522/?pv=&tid=&flash=true&uri=https%3A%2F%2Fhealthinsurance.net%2Fhi_wizard%2F%3Futm_source%3Dwex4%26utm_medium%3Dcpl%26utm_campaign%3D201465%26utm_content%3D12fbc2ff7b8c32303ecc386904394229%26utm_term%3D22384%26offer_id%3D79%26transaction_id%3D1027afcd86b4c2d2d83322b53237ab%26aff_sub%3D201465%26aff_sub3%3D22384%26aff_sub2%3D12fbc2ff7b8c32303ecc386904394229%26utm_kxconfid%3Dt4kwo0a21&_1570616393643&callback=THX_1570616393643_5

Requested by

Host: na5.cdn.thunderhead.com
URL: https://na5.cdn.thunderhead.com/one/rt/js/one-tag.js?siteKey=ONE-QJJVTVNQNN-2522

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.105.108.194 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Resource Hash

e946e62348d93eba878e93ee31741322c0ef18b9b343457a0455a0ef15a03f25

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:19:47 GMT
content-encoding: gzip
x-one-req-metric: 1570616393836;12;2
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: no-store
strict-transport-security: max-age=15768000

GET
H2 204 0
bat.bing.com/action/ 0
148 B 48ms
47ms Image
text/plain 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5223060&Ver=2&mid=b4fe062c-c1fc-e91d-682e-e0e2dc4966ff&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=HealthInsurance.net%20%7C%20Get%20a%20Quote&p=https%3A%2F%2Fhealthinsurance.net%2Fhi_wizard%2F%3Futm_source%3Dwex4%26utm_medium%3Dcpl%26utm_campaign%3D201465%26utm_content%3D12fbc2ff7b8c32303ecc386904394229%26utm_term%3D22384%26offer_id%3D79%26transaction_id%3D1027afcd86b4c2d2d83322b53237ab%26aff_sub%3D201465%26aff_sub5%3D%26aff_sub3%3D22384%26aff_sub2%3D12fbc2ff7b8c32303ecc386904394229%26aff_sub4%3D%26utm_kxconfid%3Dt4kwo0a21%23health%2FUrgency&r=http%3A%2F%2Fcrossmelody.com%2Fclicks%3Fcid%3D22384%26pub%3D201465%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&lt=831&evt=pageLoad&msclkid=N&rn=92375
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=12fbc2ff7b8c32303ecc386904394229&utm_term=22384&offer_id=79&transaction_id=1027afcd86b4c2d2d83322b53237ab&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=12fbc2ff7b8c32303ecc386904394229&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Wed, 09 Oct 2019 10:19:52 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: F050FD3A53FD46D9AA412169332FB0A1 Ref B: VIEEDGE1312 Ref C: 2019-10-09T10:19:53Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
healthinsurance.net/hi_wizard/
Redirect Chain

https://apiservices.krxd.net/click_tracker/track?kxconfid=t2unfouy2&kxcampaignid=wex4&kxplacementid=healthinsurance.net&kxsiteid=22384&clk=https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm...
https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=12fbc2ff7b8c32303ecc386904394229&utm_term=22384&offer_id=79&transaction_id=1027afcd86b4c2d2d833...

51 KB
51 KB

481ms
480ms

Image
text/html

52.203.139.140
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.203.139.140 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-203-139-140.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-runtime: 0.265586
date: Wed, 09 Oct 2019 10:19:54 GMT
content-encoding: gzip
referrer-policy: same-origin
x-frame-options: ALLOWALL
etag: W/"14f29e98fc0d12e50760b59fb6f06fea"
vary: Origin
content-type: text/html; charset=utf-8
status: 200
cache-control: max-age=0, private, must-revalidate
assur-appversion: 1.0.1005
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-request-id: 1edef23e-28d8-4aae-a5e4-b6256af0966a

Redirect headers

Date: Wed, 09 Oct 2019 10:19:53 GMT
Via: 1.1 varnish (Varnish/5.2), 1.1 varnish
Age: 0, 0, 0
X-Served-By: click-tracker-main003.krxd.net, cache-fra19179-FRA
X-Cache: MISS, MISS
Location: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=12fbc2ff7b8c32303ecc386904394229&utm_term=22384&offer_id=79&transaction_id=1027afcd86b4c2d2d83322b53237ab&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=12fbc2ff7b8c32303ecc386904394229&aff_sub4=&utm_kxconfid=t4kwo0a21
Connection: keep-alive
Accept-Ranges: bytes, bytes
X-Timer: S1570616394.704990,VS0,VE93
Content-Length: 0
X-Cache-Hits: 0, 0

GET
H2

200

adadvisor.gif
px0.pbbl.co/
Redirect Chain

https://px0.pbbl.co/ns/__p2.gif?brid=1618&brcid=122191864&email=&orderId=null&orderValue=&productId=&offerCode=&label=&pageUrl=https%3A%2F%2Fhealthinsurance.net%2Fhi_wizard%2F%3Futm_source%3Dwex4%2...
https://aa.agkn.com/adscores/g.pixel?sid=9212282598&_ppid=bc4a74b9-9dd9-4a55-9e23-dffdde5f309a&_segid=99&iid=4e0e8542-d338-48f3-add5-a729b33b580d
https://px0.pbbl.co/adadvisor.gif?segment=000&_ppid=bc4a74b9-9dd9-4a55-9e23-dffdde5f309a&_segid=99&_zip=&hk=&iid=4e0e8542-d338-48f3-add5-a729b33b580d&mt=&bd=

42 B
152 B

133ms
133ms

Image
image/gif

2a00:1450:4001:809::2013
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://px0.pbbl.co/adadvisor.gif?segment=000&_ppid=bc4a74b9-9dd9-4a55-9e23-dffdde5f309a&_segid=99&_zip=&hk=&iid=4e0e8542-d338-48f3-add5-a729b33b580d&mt=&bd=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Oct 2019 10:19:54 GMT
x-content-type-options: nosniff
server: Google Frontend
content-type: image/gif; charset=utf-8
status: 200
x-cloud-trace-context: bc36106600cae7dc14a25ec7dbf240b3
cache-control: must-revalidate, no-cache, no-store
content-length: 42
x-xss-protection: 1
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 09 Oct 2019 10:19:53 GMT
server: AAWebServer
status: 302
p3p: policyref="http://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://px0.pbbl.co/adadvisor.gif?segment=000&_ppid=bc4a74b9-9dd9-4a55-9e23-dffdde5f309a&_segid=99&_zip=&hk=&iid=4e0e8542-d338-48f3-add5-a729b33b580d&mt=&bd=
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
204 B 7ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1559003231076682&ev=PageView&dl=https%3A%2F%2Fhealthinsurance.net%2Fhi_wizard%2F%3Futm_source%3Dwex4%26utm_medium%3Dcpl%26utm_campaign%3D201465%26utm_content%3D12fbc2ff7b8c32303ecc386904394229%26utm_term%3D22384%26offer_id%3D79%26transaction_id%3D1027afcd86b4c2d2d83322b53237ab%26aff_sub%3D201465%26aff_sub5%3D%26aff_sub3%3D22384%26aff_sub2%3D12fbc2ff7b8c32303ecc386904394229%26aff_sub4%3D%26utm_kxconfid%3Dt4kwo0a21%23health%2FUrgency&rl=http%3A%2F%2Fcrossmelody.com%2Fclicks%3Fcid%3D22384%26pub%3D201465%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&if=false&ts=1570616393755&sw=1600&sh=1200&v=2.9.4&r=stable&ec=0&o=28&fbp=fb.1.1570616393754.2039150252&it=1570616393607&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:19:53 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Wed, 09 Oct 2019 10:19:53 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
251 B 7ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1559003231076682&ev=Fragment&dl=https%3A%2F%2Fhealthinsurance.net%2Fhi_wizard%2F%3Futm_source%3Dwex4%26utm_medium%3Dcpl%26utm_campaign%3D201465%26utm_content%3D12fbc2ff7b8c32303ecc386904394229%26utm_term%3D22384%26offer_id%3D79%26transaction_id%3D1027afcd86b4c2d2d83322b53237ab%26aff_sub%3D201465%26aff_sub5%3D%26aff_sub3%3D22384%26aff_sub2%3D12fbc2ff7b8c32303ecc386904394229%26aff_sub4%3D%26utm_kxconfid%3Dt4kwo0a21%23health%2FUrgency&rl=http%3A%2F%2Fcrossmelody.com%2Fclicks%3Fcid%3D22384%26pub%3D201465%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&if=false&ts=1570616393756&cd[page]=%2Fhi_wizard%2F%3Futm_source%3Dwex4%26utm_medium%3Dcpl%26utm_campaign%3D201465%26utm_content%3D12fbc2ff7b8c32303ecc386904394229%26utm_term%3D22384%26offer_id%3D79%26transaction_id%3D1027afcd86b4c2d2d83322b53237ab%26aff_sub%3D201465%26aff_sub5%3D%26aff_sub3%3D22384%26aff_sub2%3D12fbc2ff7b8c32303ecc386904394229%26aff_sub4%3D%26utm_kxconfid%3Dt4kwo0a21&sw=1600&sh=1200&v=2.9.4&r=stable&ec=1&o=28&fbp=fb.1.1570616393754.2039150252&it=1570616393607&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:19:53 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Wed, 09 Oct 2019 10:19:53 GMT

GET
H/1.1 200
OK ca0023cf-396a-4831-8c8e-b18b28057cb6 Show response
consumer.krxd.net/consent/get/ 239 B
619 B 45ms
30ms Script
text/javascript 151.101.112.175
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/ca0023cf-396a-4831-8c8e-b18b28057cb6?idt=device&dt=kxcookie&callback=Krux.ns.assuranceiq.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.05f9d0dad02f8a1b0b028b868bc3a3e2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.175 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: c2806369a98dd5cb31f806a64d79a70b301bcdc29c6e3dcf35929c3204f8cc65

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 09 Oct 2019 10:19:53 GMT
Via: 1.1 varnish
Age: 0
Accept-Ranges: bytes
X-Served-By: consumer-a008-dub-prod.krxd.net, cache-hhn4078-HHN
Vary: Accept-Encoding
X-Cache: MISS, MISS
Content-Type: text/javascript; charset=UTF-8
Content-Encoding: gzip
Cache-Control: max-age=1800
Connection: keep-alive
X-Age: 0
X-Timer: S1570616394.841839,VS0,VE25
Content-Length: 194
X-Cache-Hits: 0, 0

POST
H2 200 verify_token Show response
healthinsurance.net/ 14 B
517 B 148ms
148ms XHR
application/json 52.203.139.140
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://healthinsurance.net/verify_token

Requested by

Host: cdn.assurance.com
URL: https://cdn.assurance.com/insurance/public/assets/customer-bc11ad22a441df20256a341dc29adc1a13a594b11b5eaf1f5bb7861a7805d22e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.203.139.140 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-203-139-140.compute-1.amazonaws.com

Software

Resource Hash

7cd85494eb375cc958155aca095fd0bae01e24f777c4ce4059e2edb82324618c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=12fbc2ff7b8c32303ecc386904394229&utm_term=22384&offer_id=79&transaction_id=1027afcd86b4c2d2d83322b53237ab&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=12fbc2ff7b8c32303ecc386904394229&aff_sub4=&utm_kxconfid=t4kwo0a21
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 09 Oct 2019 10:19:54 GMT
x-content-type-options: nosniff
status: 200
assur-appversion: 1.0.1005
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
x-xss-protection: 1; mode=block
x-request-id: 5eff33d1-d7eb-4f68-906d-89b12197db21
x-runtime: 0.051854
referrer-policy: same-origin
x-frame-options: ALLOWALL
etag: W/"7cd85494eb375cc958155aca095fd0ba"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate

POST
H/1.1 200
OK GenerateToken Show response
create.leadid.com/2.5.2/ 36 B
850 B 436ms
145ms XHR
text/plain 34.236.206.109
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.5.2/GenerateToken?msn=1&pid=4c567daf-e29a-41ec-b22f-61fa67dc6225&_=197174010
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/cf934278-b099-eb50-bf86-105a165fcb4e.js?snippet_version=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.236.206.109 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-236-206-109.compute-1.amazonaws.com
Software: nginx/1.10.1 / PHP/7.1.30
Resource Hash: 0bce337ee8173118a3b6cee092f26c93ccb92f974fcb12eb1ced834eef5d53e1

Request headers

Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Wed, 09 Oct 2019 10:19:54 GMT
Content-Encoding: gzip
Server: nginx/1.10.1
X-Powered-By: PHP/7.1.30
Access-Control-Max-Age: 1728000
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 56
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 /
c1.ox-bio.com/t04/ 43 B
99 B 101ms
100ms Image
image/gif 199.68.195.197
QuoVadis Services...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c1.ox-bio.com/t04/?v=187992388202022430&oxtrk=141&zk=55e1b2cd-ea7e-11e9-8443-005056acfea9&zl=4755&ts0=1570616394064&zm=0
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=12fbc2ff7b8c32303ecc386904394229&utm_term=22384&offer_id=79&transaction_id=1027afcd86b4c2d2d83322b53237ab&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=12fbc2ff7b8c32303ecc386904394229&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 199.68.195.197 Hamilton, Bermuda, ASN19626 (EVC-AS - QuoVadis Services Limited, BM),
Reverse DNS
Software: /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Wed, 09 Oct 2019 10:19:54 GMT
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame A351 0
0 432ms
141ms Document
text/html 13.35.175.105
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=7445207F-651E-BE68-A29E-94D9DF44C336&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.5.2&lck=CF934278-B099-EB50-BF86-105A165FCB4E&lac=8AA3F211-CA81-3833-51B1-095D2985DA90
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/cf934278-b099-eb50-bf86-105a165fcb4e.js?snippet_version=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.175.105 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-35-175-105.fjr50.r.cloudfront.net
Software: nginx/1.10.1 /
Resource Hash

Request headers

Host: d2m2wsoho8qq12.cloudfront.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate

Response headers

Content-Type: text/html
Content-Length: 1440
Connection: keep-alive
Content-Encoding: gzip
Date: Tue, 08 Oct 2019 21:24:25 GMT
ETag: W/"5d9ca8a4-da5"
Last-Modified: Tue, 08 Oct 2019 15:17:56 GMT
P3P: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
Server: nginx/1.10.1
X-Cache: Hit from cloudfront
Via: 1.1 b982523ea79697c4924166d0fe400f4f.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FJR50-C1
X-Amz-Cf-Id: 8s4coP8UXqzIGDmWKGoJ9RVx6TwqYLZC_V7Tet-PSUyWfMtalCe6-Q==
Age: 46520

POST
H/1.1 200
OK SaveDom Show response
create.leadid.com/2.5.2/ 0
814 B 286ms
100ms XHR
text/plain 34.236.206.109
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.5.2/SaveDom?msn=2&pid=4c567daf-e29a-41ec-b22f-61fa67dc6225&token=7445207F-651E-BE68-A29E-94D9DF44C336&_=197174011
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/cf934278-b099-eb50-bf86-105a165fcb4e.js?snippet_version=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.236.206.109 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-236-206-109.compute-1.amazonaws.com
Software: nginx/1.10.1 / PHP/7.1.30
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Wed, 09 Oct 2019 10:19:54 GMT
Content-Encoding: gzip
Server: nginx/1.10.1
X-Powered-By: PHP/7.1.30
Access-Control-Max-Age: 1728000
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK InitFormData Show response
create.leadid.com/2.5.2/ 0
814 B 288ms
100ms XHR
text/plain 34.236.206.109
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.5.2/InitFormData?msn=3&pid=4c567daf-e29a-41ec-b22f-61fa67dc6225&token=7445207F-651E-BE68-A29E-94D9DF44C336&_=197174012
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/cf934278-b099-eb50-bf86-105a165fcb4e.js?snippet_version=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.236.206.109 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-236-206-109.compute-1.amazonaws.com
Software: nginx/1.10.1 / PHP/7.1.30
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Wed, 09 Oct 2019 10:19:54 GMT
Content-Encoding: gzip
Server: nginx/1.10.1
X-Powered-By: PHP/7.1.30
Access-Control-Max-Age: 1728000
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK Snap Show response
create.leadid.com/2.5.2/ 0
814 B 385ms
291ms XHR
text/plain 34.236.206.109
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.5.2/Snap?msn=4&pid=4c567daf-e29a-41ec-b22f-61fa67dc6225&token=7445207F-651E-BE68-A29E-94D9DF44C336&_=197174013
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/cf934278-b099-eb50-bf86-105a165fcb4e.js?snippet_version=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.236.206.109 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-236-206-109.compute-1.amazonaws.com
Software: nginx/1.10.1 / PHP/7.1.30
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Wed, 09 Oct 2019 10:19:55 GMT
Content-Encoding: gzip
Server: nginx/1.10.1
X-Powered-By: PHP/7.1.30
Access-Control-Max-Age: 1728000
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 wcm Show response
www.googleadservices.com/pagead/conversion/935576559/ 39 B
208 B 15ms
14ms XHR
application/json 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/935576559/wcm?cl=7HnFCP6uk20Q74ePvgM&fb=8445054450&callback=corscb

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/impl-1_32.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

333377b61fb0f9ab69caa42a5d3969e1443e97831a9a993b1ad27dd8cbd17f56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:19:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://healthinsurance.net
cache-control: private
access-control-allow-credentials: true
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 59
x-xss-protection: 0

GET
H2 200 optout_check Show response
beacon.krxd.net/ 65 B
224 B 29ms
29ms Script
text/javascript 54.154.68.131
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.assuranceiq.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.05f9d0dad02f8a1b0b028b868bc3a3e2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.68.131 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-154-68-131.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 60fa689c06a13cd48edff9f93212ec6cb518664cb3c9ba704226750ed8e1e0f5

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Wed, 09 Oct 2019 10:19:55 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=31 t=1570616395
content-type: text/javascript
x-served-by: beacon-n019-dub-prod.krxd.net

GET
H2 200 /
c1.ox-bio.com/k2/ 43 B
88 B 115ms
114ms Image
image/gif 199.68.195.197
QuoVadis Services...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c1.ox-bio.com/k2/?v=6045388659059125&oxtrk=141&oxuid=ASS0001&zk=55e1b2cd-ea7e-11e9-8443-005056acfea9&zl=4755&zt=0&ts1=50&ts2=3&ts3=51&ts4=1623&zm=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 199.68.195.197 Hamilton, Bermuda, ASN19626 (EVC-AS - QuoVadis Services Limited, BM),
Reverse DNS
Software: /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Wed, 09 Oct 2019 10:19:55 GMT
content-length: 43
content-type: image/gif

GET
H2 200 /
c1.ox-bio.com/t02/ 43 B
65 B 115ms
114ms Image
image/gif 199.68.195.197
QuoVadis Services...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c1.ox-bio.com/t02/?v=6045388659059125&oxtrk=141&oxuid=ASS0001&zk=55e1b2cd-ea7e-11e9-8443-005056acfea9&zl=4755&pq=%5Bwl%5Dhttps%3A%2F%2Fhealthinsurance.net%2Fhi_wizard%2F%3Futm_source%3Dwex4%26utm_medium%3Dcpl%26utm_campaign%3D201465%26utm_content%3D12fbc2ff7b8c32303ecc386904394229%26utm_term%3D22384%26offer_id%3D79%26transaction_id%3D1027afcd86b4c2d2d83322b53237ab%26aff_sub%3D201465%26aff_sub5%3D%26aff_sub3%3D22384%26aff_sub2%3D12fbc2ff7b8c32303ecc386904394229%26aff_sub4%3D%26utm_kxconfid%3Dt4kwo0a21%23health%2FUrgency|%5Bwpl%5Dsac|%5Bdr%5Dhttp%3A%2F%2Fcrossmelody.com%2Fclicks%3Fcid%3D22384%26pub%3D201465%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D|%5Bdl%5Dsaw|%5Bdlh%5Dsaw|&qr0=13&qr1=4139002591&qr2=895785942&qr3=3307132076&qr4=3556468209&qr5=&qr6=1213749909&qr7=546963351&qr8=862810276&qr9=0&qrA=0&qrB=0&qrC=0&qrD=0&qrE=0&qrF=0&qrG=&qrH=312387816079384&qrI=4&qrJ=11&qrK=0&qrL=290429-25-240689-50-260835-75-275969-100&qrM=undefined&qrN=en-US&qrO=4139002591&qrP=1656739337&qrQ=CHh59Dd37FFFFDd1Hh1Dd1Hh1Dd1Hh1Dd1Dd1IHh1Dd1Dd1FDd1Dd1GFHh2I3Dd1FEd1Ed4Hh1I1c.73150&qrT=0&qrS=30302356-1983831476-3620111094-0-1968627222-0-2154035776-2022792331-3034716695-2565859640-2896749692-1165954045-2154035776-2826480794-601887476-970309156-385866172-0-0-0-0-0-2565859640-2896749692-0-0-&ts5=1770&zm=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 199.68.195.197 Hamilton, Bermuda, ASN19626 (EVC-AS - QuoVadis Services Limited, BM),
Reverse DNS
Software: /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Wed, 09 Oct 2019 10:19:55 GMT
content-length: 43
content-type: image/gif

GET
H2 200 wcm Show response
www.google.de/pagead/attribution/ 17 B
179 B 14ms
14ms XHR
application/json 2a00:1450:4001:821::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.de/pagead/attribution/wcm?cl=7HnFCP6uk20Q74ePvgM&fb=8445054450&use_ssct=1&callback=corscb&ref=http%3A//crossmelody.com/clicks%3Fcid%3D22384%26pub%3D201465%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/impl-1_32.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

298f43e50bca9522b9df850442cb53fb51580aa277a3feb754aed322ea644159

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:19:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://healthinsurance.net
cache-control: private
access-control-allow-credentials: true
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37
x-xss-protection: 0

POST
H/1.1 200
OK Snap Show response
create.leadid.com/2.5.2/ 0
814 B 564ms
286ms XHR
text/plain 34.236.206.109
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.5.2/Snap?msn=5&pid=4c567daf-e29a-41ec-b22f-61fa67dc6225&token=7445207F-651E-BE68-A29E-94D9DF44C336&_=197174014
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/cf934278-b099-eb50-bf86-105a165fcb4e.js?snippet_version=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.236.206.109 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-236-206-109.compute-1.amazonaws.com
Software: nginx/1.10.1 / PHP/7.1.30
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Wed, 09 Oct 2019 10:19:56 GMT
Content-Encoding: gzip
Server: nginx/1.10.1
X-Powered-By: PHP/7.1.30
Access-Control-Max-Age: 1728000
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

224 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.deviceid.trueleadid.com/	1970-01-25 20:28:19	Name: uuid Value: c89c0fda3eca488ba525775f3e60c108

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	(Line 1) Message: utm_source: wex4
console-api	log	(Line 1) Message: utm_term: 22384
console-api	log	(Line 2) Message: DMP pixel rendered, check 'track?kxconfid' with 302 status for proper fire
console-api	warning	URL: https://na5.cdn.thunderhead.com/one/rt/js/one-tag.js?siteKey=ONE-QJJVTVNQNN-2522(Line 1) Message: ONE - TID not found: undefined undefined
console-api	warning	URL: https://na5.cdn.thunderhead.com/one/rt/js/one-tag.js?siteKey=ONE-QJJVTVNQNN-2522(Line 1) Message: No points of type [Optimization Point] to inject.
console-api	warning	URL: https://na5.cdn.thunderhead.com/one/rt/js/one-tag.js?siteKey=ONE-QJJVTVNQNN-2522(Line 1) Message: No points of type [Capture Point] to inject.
console-api	warning	URL: https://na5.cdn.thunderhead.com/one/rt/js/one-tag.js?siteKey=ONE-QJJVTVNQNN-2522(Line 1) Message: No points of type [Tracking Point] to inject.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
apiservices.krxd.net
bat.bing.com
beacon.krxd.net
c1.ox-bio.com
cdn.assurance.com
cdn.krxd.net
cdn.pbbl.co
cdnjs.cloudflare.com
certify.alexametrics.com
connect.facebook.net
consumer.krxd.net
create.leadid.com
create.lidstatic.com
crossmelody.com
d2m2wsoho8qq12.cloudfront.net
d2ysjycjrua9tt.cloudfront.net
d31qbv1cthcecs.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
healthinsurance.net
js.honeybadger.io
na5.cdn.thunderhead.com
na5.thunderhead.com
px0.pbbl.co
s.amazon-adsystem.com
s.yimg.com
sp.analytics.yahoo.com
stats.g.doubleclick.net
tracking.healthinsurance.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.tecnotreina.com
13.224.196.80
13.225.78.115
13.32.99.13
13.32.99.191
13.35.175.105
143.204.101.112
151.101.112.175
151.101.12.175
188.125.66.33
199.68.195.197
216.58.210.2
23.95.199.211
2600:9000:20ac:9400:1:1faa:9040:93a1
2606:4700:10::6814:4b82
2606:4700:30::681c:4b5
2606:4700::6813:c697
2620:1ec:bdf::10
2620:1ec:c11::200
2a00:1288:f03d:1fa::2000
2a00:1450:4001:809::2013
2a00:1450:4001:80b::200e
2a00:1450:4001:814::2008
2a00:1450:4001:816::2003
2a00:1450:4001:818::200a
2a00:1450:4001:81d::2003
2a00:1450:4001:81d::2004
2a00:1450:4001:821::2003
2a00:1450:400c:c00::9c
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.236.206.109
51.105.108.194
52.203.139.140
52.28.175.104
52.31.242.98
54.154.68.131
72.21.206.140
080b58bfb270a0738da291bfc8693cbf683d222ee761597e682e29e21f6f76fc
0bce337ee8173118a3b6cee092f26c93ccb92f974fcb12eb1ced834eef5d53e1
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1121422aa828fb8f2f421b88b5d2437c78e51cd43a338094ec62ada2012887b1
115e92ecc8cd17434bd87f305829287c2b633cc7c79fef3db40c812466c50189
144d37e24f82aadc3f3e659d6cd98d4a8bd748c147f718b6dbcf31cf7727819d
1763cff093122750f614e2c684f82b783e72be280849bcffdf6bb247d86185cf
19cfca88e33cb1f56e957f1a653d3acad97f7cc927d0b2e329a80ead264578d3
24fd0695c2796e321bf66c3be12ef8c8027271d04a479b52380671772f0c36fd
26b6ded1f4da5ed4f61226c7a1f36be06d422b4b2ca54262103bc354ef732bc7
298f43e50bca9522b9df850442cb53fb51580aa277a3feb754aed322ea644159
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
333377b61fb0f9ab69caa42a5d3969e1443e97831a9a993b1ad27dd8cbd17f56
373a0505368dab061278aa0b7243dc58fc165a25f8b0286d57f8835d06ab6e27
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4dc9eef9f4093e9b5dfa10bf1af566e25f81297bc33e6a90f6557e0d88b7e83b
4fa943c533adc193617c8826b5d07c87de1c952ef757fb2f4551e6e65cd1c49e
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
556dd6874d80f240e42525b0b3a6535dfac43ae3fbebbe0ebe44014847b2af4e
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
60fa689c06a13cd48edff9f93212ec6cb518664cb3c9ba704226750ed8e1e0f5
62400bc84c0bbc6c3d92853f1dc29871b5f5b247b2cf4ca92bbe9cb496ba2c60
69c0b66e072a6b1a2fee057dd76a318d16cf7e5005291b40e1d7ab6882a3960f
6afe06ce88b927163790138f2746fdc4e268ec563ca5967f991f8da10e4479bf
6f33adecfa8dacb04b161289c89b2930d80324d5d0baa1c0da86ed08b9c1ebda
7973f6d4de8da495c0a4a870d6b50fff04cc246e1628364160f8486e7f3a1f3e
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7cd85494eb375cc958155aca095fd0bae01e24f777c4ce4059e2edb82324618c
7daa8dfc1349542ca90836b9becde99fa9bdf0b0599db5513c55ecbe556009a4
7edb2213c1f4f569617389783ba544f9997d11a1fc5e54406582b25967bfde66
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86d489b89356b398f969f86dd218b13abd97ab2939525bffbfa8d3e91ed3a18e
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8bcad0d5e62d5b147bbad7e008f6301fbbdd376ee551c87546a3158168d3df21
90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7
952cbc40be5a5e672a04194f0f24106081baca3dd7fed7c25928841efff9d653
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9cc17f2a29825643f4ab4b92f34c6fe5e9b12f1dd87068a07c4933488fd880f7
9d3af696c2533f25ef034358c8d15cc791fa1539c40058c6bfcef813cbaeda20
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a5a03ffb74678bd02d15096bdb6d36f08338cde8f8f51d7fa8c2cc3df9e6f4e5
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ae54cf1b3625f10b88e3c48fadc128db1c48b6c25d2e04de1528cf778e3decbe
b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
bc11ad22a441df20256a341dc29adc1a13a594b11b5eaf1f5bb7861a7805d22e
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2806369a98dd5cb31f806a64d79a70b301bcdc29c6e3dcf35929c3204f8cc65
c2e16b63e480456fdded83f506849efcb4a562d9532353d5758315a6881e17c7
c3c0f5a1e3c2f4e7471c3cf34ce7b3f10540750c3b05fdb5b1576d5be1f9170b
c6ad34199939ca4211eea0d25cdee444b7e6664af475ef70a9d741fba834f0f7
cbb649035cc0aab0434ac418212ee6ae2674f68670d0767b3231ce13049747a5
cbb6560ed1e9e91e2ceb73f50c333bf5fd86d56839161bf5383a1dd44faf5bc2
d0c09059b130934708891c275fcbff50edeb7776fa1943b2ade4859d958c9960
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
ddc5de29409873657efddd3e9eaa87e23d3618f3b903af966defd1a27d7a594a
e15eb5040e99ce3f51d49580272bd18e4f2b5030b312315500916fd075e6a5e8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e946e62348d93eba878e93ee31741322c0ef18b9b343457a0455a0ef15a03f25
ea1c3eaefeb1b4e7a6d3fa97f320b3397e4f5d112afcb758e62513852b573423
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f060c3e136630ce60b5fa1088d68a7a1fd048b0d75c19a4ddae58e8723c0b1fe
fc8ec001faf2a4299e345bfe462404de9efca8ddca4b663821b8f65865f4dc9b

healthinsurance.net Open in urlscan Pro 52.203.139.140 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

76 Requests

96 %HTTPS

49 %IPv6

29 Domains

38 Subdomains

33 IPs

7 Countries

980 kBTransfer

2320 kBSize

1 Cookies

2 Outgoing links

Page URL History

Redirected requests

76 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

healthinsurance.net Open in urlscan Pro
52.203.139.140 Public Scan

Screenshot
Live screenshot

Full Image

76
Requests

96 %
HTTPS

49 %
IPv6

29
Domains

38
Subdomains

33
IPs

7
Countries

980 kB
Transfer

2320 kB
Size

1
Cookies

76 HTTP transactions
0 data transactions