www.medicare-providers.net Open in urlscan Pro
69.20.112.197 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://str.art-of-groom.art/separatrici/IrTNiLm0DqFWM5DwibYqSybuj1qqQvCIjiTXjt0xqUQNc22VKAd50KknZodhlqrVG74xkAwVEZkLA-unwIAv...
Effective URL:
https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_me...
Submission: On October 21 via api (October 21st 2019, 3:20:49 pm UTC) from BE

Summary HTTP 50 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 17 IPs in 4 countries across 18 domains to perform 50 HTTP transactions. The main IP is 69.20.112.197, located in San Antonio, United States and belongs to RACKSPACE - Rackspace Hosting, US. The main domain is www.medicare-providers.net.
TLS certificate: Issued by Entrust Certification Authority - L1K on August 13th 2018. Valid for: 2 years.

This is the only time www.medicare-providers.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.159.7.9 104.159.7.9	22423 (ALTIMA-TE...) (ALTIMA-TELECOM - Altima Telecom)
1	103.83.36.136 103.83.36.136	136171 (MEDHAHOST...) (MEDHAHOSTING-AS-AP Medha Hosting)
20	69.20.112.197 69.20.112.197	27357 (RACKSPACE) (RACKSPACE - Rackspace Hosting)
6	2a00:1450:400... 2a00:1450:4001:81e::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	172.217.18.162 172.217.18.162	15169 (GOOGLE) (GOOGLE - Google LLC)
1	52.203.108.11 52.203.108.11	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	69.20.94.14 69.20.94.14	27357 (RACKSPACE) (RACKSPACE - Rackspace Hosting)
1 3	2a00:1450:400... 2a00:1450:4001:825::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	13.224.196.65 13.224.196.65	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2606:4700:10:... 2606:4700:10::6814:4b82	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 2	2a00:1450:400... 2a00:1450:4001:820::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:400c:c04::9c	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2606:4700::68... 2606:4700::6811:ce4a	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	35.170.237.56 35.170.237.56	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
4	3.222.216.63 3.222.216.63	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	13.224.197.128 13.224.197.128	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
50	17

1 104.159.7.9 (Canada) 1 redirects

ASN22423 (ALTIMA-TELECOM - Altima Telecom, CA)
PTR: 104-159-7-9.heliothropis.com

str.art-of-groom.art	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.83.36.136 (Asheville, United States)

ASN136171 (MEDHAHOSTING-AS-AP Medha Hosting, IN)
PTR: 3fak.btuk.stream

www.yilopeet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 69.20.112.197 (San Antonio, United States)

ASN27357 (RACKSPACE - Rackspace Hosting, US)
PTR: www.medicare-providers.net

www.medicare-providers.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.162 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s29-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.203.108.11 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-203-108-11.compute-1.amazonaws.com

js7.invoca.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.20.94.14 (San Antonio, United States)

ASN27357 (RACKSPACE - Rackspace Hosting, US)
PTR: secure.apolloi.com

secure.apolloi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:825::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.196.65 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-224-196-65.fra2.r.cloudfront.net

api.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:4b82 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

create.lidstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9c (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:ce4a (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

script.anura.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.170.237.56 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-35-170-237-56.compute-1.amazonaws.com

json7.ringrevenue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.222.216.63 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-222-216-63.compute-1.amazonaws.com

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.197.128 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-224-197-128.fra2.r.cloudfront.net

d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	medicare-providers.net www.medicare-providers.net	451 KB
6	googleapis.com fonts.googleapis.com	3 KB
4	leadid.com create.leadid.com	3 KB
3	anura.io script.anura.io	12 KB
3	gstatic.com fonts.gstatic.com	27 KB
3	google-analytics.com 1 redirects www.google-analytics.com	44 KB
2	google.de www.google.de	219 B
2	google.com 1 redirects www.google.com	290 B
2	doubleclick.net 1 redirects googleads.g.doubleclick.net stats.g.doubleclick.net	1 KB
1	cloudfront.net d2m2wsoho8qq12.cloudfront.net
1	ringrevenue.com json7.ringrevenue.com	1 KB
1	lidstatic.com create.lidstatic.com	39 KB
1	pushnami.com api.pushnami.com	9 KB
1	apolloi.com secure.apolloi.com
1	invoca.net js7.invoca.net	12 KB
1	googleadservices.com www.googleadservices.com	9 KB
1	yilopeet.com www.yilopeet.com	543 B
1	art-of-groom.art 1 redirects str.art-of-groom.art	368 B
50	18

	Domain	Requested by
20	www.medicare-providers.net	www.yilopeet.com www.medicare-providers.net
6	fonts.googleapis.com	www.medicare-providers.net
4	create.leadid.com	create.lidstatic.com
3	script.anura.io	www.medicare-providers.net script.anura.io
3	fonts.gstatic.com	www.medicare-providers.net
3	www.google-analytics.com	1 redirects www.medicare-providers.net www.google-analytics.com
2	www.google.de	www.medicare-providers.net
2	www.google.com	1 redirects www.medicare-providers.net
1	d2m2wsoho8qq12.cloudfront.net	create.lidstatic.com
1	json7.ringrevenue.com	js7.invoca.net
1	stats.g.doubleclick.net	1 redirects
1	create.lidstatic.com	www.medicare-providers.net
1	googleads.g.doubleclick.net	www.googleadservices.com
1	api.pushnami.com	www.medicare-providers.net
1	secure.apolloi.com	www.medicare-providers.net
1	js7.invoca.net	www.medicare-providers.net
1	www.googleadservices.com	www.medicare-providers.net
1	www.yilopeet.com
1	str.art-of-groom.art	1 redirects
50	19

This site contains links to these domains. Also see Links.

Domain
www.hhs.gov
www.medicare.gov
www.cms.gov

Subject Issuer	Validity	Valid
www.yilopeet.com Let's Encrypt Authority X3	`2019-08-20` - `2019-11-18`	3 months	crt.sh
www.medicare-providers.net Entrust Certification Authority - L1K	`2018-08-13` - `2020-08-13`	2 years	crt.sh
*.googleapis.com GTS CA 1O1	`2019-10-03` - `2019-12-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-10-10` - `2020-01-02`	3 months	crt.sh
*.invoca.net Go Daddy Secure Certificate Authority - G2	`2018-08-08` - `2020-10-30`	2 years	crt.sh
secure.apolloi.com RapidSSL RSA CA 2018	`2018-11-26` - `2021-01-04`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-10-03` - `2019-12-26`	3 months	crt.sh
*.pushnami.com Amazon	`2019-06-14` - `2020-07-14`	a year	crt.sh
*.google.com GTS CA 1O1	`2019-10-03` - `2019-12-26`	3 months	crt.sh
lidstatic.com CloudFlare Inc ECC CA-2	`2019-07-02` - `2020-07-01`	a year	crt.sh
www.google.com GTS CA 1O1	`2019-10-03` - `2019-12-26`	3 months	crt.sh
www.google.de GTS CA 1O1	`2019-10-03` - `2019-12-26`	3 months	crt.sh
ssl763732.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-06-28` - `2020-01-04`	6 months	crt.sh
*.ringrevenue.com Go Daddy Secure Certificate Authority - G2	`2019-02-09` - `2021-04-11`	2 years	crt.sh
create.leadid.com Amazon	`2019-01-16` - `2020-02-16`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
Frame ID: 8C49DBB648E087F3ECA253614F556BF8
Requests: 49 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=CA8CDCBC-8B9F-DC6C-684C-5A46B7CA7BE5&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.5.2&lck=81C0E214-F497-A92B-AD7F-7276E94695AB&lac=478B1969-F034-6785-243D-D2DE64FC7F68
Frame ID: 8F4774A0F954D49A165A603C785EE256
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://str.art-of-groom.art/separatrici/IrTNiLm0DqFWM5DwibYqSybuj1qqQvCIjiTXjt0xqUQNc22VKAd50KknZodhlqrV... HTTP 302
https://www.yilopeet.com/PLr7mAyqz657GKa_Yu1RHm4tYo8-R5F1V5fLwBwhXrs2gJ30tFpuaNpjvprK6fLsJIGdHs3ZxWZk... Page URL
https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&ut... Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

50
Requests

100 %
HTTPS

47 %
IPv6

18
Domains

19
Subdomains

17
IPs

4
Countries

613 kB
Transfer

1488 kB
Size

0
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.hhs.gov/sites/default/files/AmericanPatientsFirst.pdf
Title: here

Search URL Search Domain Scan URL

URL: http://www.medicare.gov/
Title: Medicare.gov

Search URL Search Domain Scan URL

URL: http://www.cms.gov/
Title: CMS.gov

Search URL Search Domain Scan URL

URL: http://www.cms.gov/medicare-coverage-database/
Title: MCD.gov

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://str.art-of-groom.art/separatrici/IrTNiLm0DqFWM5DwibYqSybuj1qqQvCIjiTXjt0xqUQNc22VKAd50KknZodhlqrVG74xkAwVEZkLA-unwIAvnWzGDdpr8jhBaP_Jboz3unQubCdNIA_RKzQXn-wzj1EAvl41dA9ARedyT4o_VxXGBKJjhPIwBL-9ztaFy9sMJ2lo66VSD3UcJnyJUzS7bNG HTTP 302
https://www.yilopeet.com/PLr7mAyqz657GKa_Yu1RHm4tYo8-R5F1V5fLwBwhXrs2gJ30tFpuaNpjvprK6fLsJIGdHs3ZxWZkEYVZgrsC8g~~/555560/ef3734d19b819cda92068bd0703af112/59817980/ Page URL
https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://str.art-of-groom.art/separatrici/IrTNiLm0DqFWM5DwibYqSybuj1qqQvCIjiTXjt0xqUQNc22VKAd50KknZodhlqrVG74xkAwVEZkLA-unwIAvnWzGDdpr8jhBaP_Jboz3unQubCdNIA_RKzQXn-wzj1EAvl41dA9ARedyT4o_VxXGBKJjhPIwBL-9ztaFy9sMJ2lo66VSD3UcJnyJUzS7bNG HTTP 302
https://www.yilopeet.com/PLr7mAyqz657GKa_Yu1RHm4tYo8-R5F1V5fLwBwhXrs2gJ30tFpuaNpjvprK6fLsJIGdHs3ZxWZkEYVZgrsC8g~~/555560/ef3734d19b819cda92068bd0703af112/59817980/

Request Chain 34

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1034138974&t=pageview&_s=1&dl=https%3A%2F%2Fwww.medicare-providers.net%2Fplans%2Ftrumpcaremedicare%2F%3FReferrer%3DMADE%26Subreferrer%3D160007%26Subid%3D512676405%26utm_source%3Dmade%26utm_medium%3Demail%26utm_content%3DTrumpmedicare%26utm_campaign%3D1&dr=https%3A%2F%2Fwww.yilopeet.com%2FPLr7mAyqz657GKa_Yu1RHm4tYo8-R5F1V5fLwBwhXrs2gJ30tFpuaNpjvprK6fLsJIGdHs3ZxWZkEYVZgrsC8g~~%2F555560%2Fef3734d19b819cda92068bd0703af112%2F59817980%2F&ul=en-us&de=UTF-8&dt=Find%20Plans%20%7C%20Medicare%20Providers&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=KGBAAEADQ~&jid=897102678&gjid=780497437&cid=1860238496.1571671231&tid=UA-12025801-1&_gid=2083418851.1571671231&_r=1&z=552167195 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-12025801-1&cid=1860238496.1571671231&jid=897102678&_gid=2083418851.1571671231&gjid=780497437&_v=j79&z=552167195 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12025801-1&cid=1860238496.1571671231&jid=897102678&_v=j79&z=552167195 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12025801-1&cid=1860238496.1571671231&jid=897102678&_v=j79&z=552167195&slf_rd=1&random=3972596735

50 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Cookie set / Show response
www.yilopeet.com/PLr7mAyqz657GKa_Yu1RHm4tYo8-R5F1V5fLwBwhXrs2gJ30tFpuaNpjvprK6fLsJIGdHs3ZxWZkEYVZgrsC8g~~/555560/ef3734d19b819cda92068bd0703af112/59817980/
Redirect Chain

http://str.art-of-groom.art/separatrici/IrTNiLm0DqFWM5DwibYqSybuj1qqQvCIjiTXjt0xqUQNc22VKAd50KknZodhlqrVG74xkAwVEZkLA-unwIAvnWzGDdpr8jhBaP_Jboz3unQubCdNIA_RKzQXn-wzj1EAvl41dA9ARedyT4o_VxXGBKJjhPIwB...
https://www.yilopeet.com/PLr7mAyqz657GKa_Yu1RHm4tYo8-R5F1V5fLwBwhXrs2gJ30tFpuaNpjvprK6fLsJIGdHs3ZxWZkEYVZgrsC8g~~/555560/ef3734d19b819cda92068bd0703af112/59817980/

245 B
543 B

549ms
225ms

Document
text/html

103.83.36.136
MEDHAHOSTING-AS-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yilopeet.com/PLr7mAyqz657GKa_Yu1RHm4tYo8-R5F1V5fLwBwhXrs2gJ30tFpuaNpjvprK6fLsJIGdHs3ZxWZkEYVZgrsC8g~~/555560/ef3734d19b819cda92068bd0703af112/59817980/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.83.36.136 Asheville, United States, ASN136171 (MEDHAHOSTING-AS-AP Medha Hosting, IN),
Reverse DNS: 3fak.btuk.stream
Software: Apache /
Resource Hash: 7b5961447a21e8bc6b11133fb687752d3374feaa37fcba530a42a7e37149b35b

Request headers

Host: www.yilopeet.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 21 Oct 2019 15:20:29 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 245
Server: Apache
Set-Cookie: uid3373=512676405-20191021112029-44d3def81b7f81f69bf8adb622ccebdf-; expires=Wed, 20-Nov-2019 15:20:29 GMT; Max-Age=2592000; path=/; domain=yilopeet.com

Redirect headers

Server: nginx
Date: Mon, 21 Oct 2019 15:20:29 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Access-Control-Allow-Origin: *
location: https://www.yilopeet.com/PLr7mAyqz657GKa_Yu1RHm4tYo8-R5F1V5fLwBwhXrs2gJ30tFpuaNpjvprK6fLsJIGdHs3ZxWZkEYVZgrsC8g~~/555560/ef3734d19b819cda92068bd0703af112/59817980/

GET
H/1.1 200
OK Primary Request Cookie set / Show response
www.medicare-providers.net/plans/trumpcaremedicare/ 22 KB
8 KB 844ms
507ms Document
text/html 69.20.112.197
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL

https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1

Requested by

Host: www.yilopeet.com
URL: https://www.yilopeet.com/PLr7mAyqz657GKa_Yu1RHm4tYo8-R5F1V5fLwBwhXrs2gJ30tFpuaNpjvprK6fLsJIGdHs3ZxWZkEYVZgrsC8g~~/555560/ef3734d19b819cda92068bd0703af112/59817980/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.20.112.197 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

5c2d7ec1597bed1546e93e1ee67d8bf9310db8018e8c4fafaca709aecfc9b89b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Host: www.medicare-providers.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://www.yilopeet.com/PLr7mAyqz657GKa_Yu1RHm4tYo8-R5F1V5fLwBwhXrs2gJ30tFpuaNpjvprK6fLsJIGdHs3ZxWZkEYVZgrsC8g~~/555560/ef3734d19b819cda92068bd0703af112/59817980/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: https://www.yilopeet.com/PLr7mAyqz657GKa_Yu1RHm4tYo8-R5F1V5fLwBwhXrs2gJ30tFpuaNpjvprK6fLsJIGdHs3ZxWZkEYVZgrsC8g~~/555560/ef3734d19b819cda92068bd0703af112/59817980/

Response headers

Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=8d71f187b721f7f8e253e38b69d2fea4; path=/ XSRF-TOKEN=eyJpdiI6IndmZTVpTnpOYnZ0WWExN0ErcWlFdlE9PSIsInZhbHVlIjoia3ZJelNjT2NtUlFiOUZBYkJjV21mUmxPZFRPSzRzQUlQZlBlQkxDUjFRSURyekIxMUdLNlJxMTNuN0ZDZG9ES1JwSGdMbmJsWTBYZlJ0Slk3MEtlSmc9PSIsIm1hYyI6IjhiMDg2NzVlMWM5NmZjMzdhZjM3NTMwYzMzOWU1MDliZjg1NWMzZmE5Njk0MDMzOTQyMTc4YzQwNTFkZjdlZTYifQ%3D%3D; expires=Mon, 21-Oct-2019 17:20:30 GMT; Max-Age=7200; path=/ laravel_session=eyJpdiI6IjQrMVRCM1VIaDFpQ1hKcExRU3htcFE9PSIsInZhbHVlIjoiWGlZQjJ6Q0Y2QVkxRzZLd1hpZ1JLY0VtTWpodFZiUUV3dmtKM2psZEgwYkZsQmw0dEZ4NlUxTndLUVcxeEhFVm1nVzFNRkszYStRYU1kbEdMckdsWnc9PSIsIm1hYyI6IjdkMzE1YzkwYzE0ZGUzYTY3NTE0NWU3OWU5OTIyMjI4NDcxOGJmNmFjODE5OTVkNGE4MTUxYmUzMzUyMzE5NDAifQ%3D%3D; expires=Mon, 21-Oct-2019 17:20:30 GMT; Max-Age=7200; path=/; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate no-cache
Pragma: no-cache
Date: Mon, 21 Oct 2019 15:20:30 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK fontawesome.min.css
www.medicare-providers.net/common_scripts/leadgen/fonts/fontawesome/ 34 KB
9 KB 89ms
89ms Stylesheet
text/css 69.20.112.197
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL

https://www.medicare-providers.net/common_scripts/leadgen/fonts/fontawesome/fontawesome.min.css

Requested by

Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.20.112.197 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

889e5b0e0831a15afbf0a7afe2916c25500b2fa6abb5f62727b0c245415a5f12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 21 Oct 2019 15:20:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 12 Apr 2019 17:59:33 GMT
Server: nginx
ETag: W/"5cb0d205-870a"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 css
fonts.googleapis.com/ 2 KB
535 B 20ms
18ms Stylesheet
text/css 2a00:1450:4001:81e::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

e5b09ae4f391ccd8e04977e2330f1e533a2a507d95c609a3fd437a7ffc7cddfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 21 Oct 2019 15:20:30 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Mon, 21 Oct 2019 15:20:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 21 Oct 2019 15:20:30 GMT

GET
H/1.1 200
OK mp.css
www.medicare-providers.net/common_scripts/leadgen/laravel/css/ 353 KB
68 KB 180ms
91ms Stylesheet
text/css 69.20.112.197
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL

https://www.medicare-providers.net/common_scripts/leadgen/laravel/css/mp.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.20.112.197 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

9c0a27facba9672b2035a9776dfeb5252fc07dd314c4853def3e12089cd6d7ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 21 Oct 2019 15:20:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 09 Oct 2019 23:24:35 GMT
Server: nginx
ETag: W/"5d9e6c33-58262"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK mp.js Show response
www.medicare-providers.net/common_scripts/leadgen/laravel/js/ 469 KB
158 KB 267ms
91ms Script
application/javascript 69.20.112.197
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL

https://www.medicare-providers.net/common_scripts/leadgen/laravel/js/mp.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.20.112.197 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

d0bb686236971e2f23dd56ccb538b420bfa043e4daa739b0c0b7d6549c7a771a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 21 Oct 2019 15:20:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 04 Oct 2019 21:43:28 GMT
Server: nginx
ETag: W/"5d97bd00-7542e"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK logo.png
www.medicare-providers.net/images/ 3 KB
3 KB 266ms
88ms Image
image/png 69.20.112.197
Rackspace Hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.medicare-providers.net/images/logo.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.20.112.197 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

2b2d857fc5c80a20d6e07a2d98b8e002c9753662955a8ebac6967e46518702ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 21 Oct 2019 15:20:30 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 31 Jul 2018 21:30:37 GMT
Server: nginx
ETag: "5b60d4fd-bdb"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3035

GET
H/1.1 200
OK btn-chevron.png
www.medicare-providers.net/images/medicarealert/ 19 KB
20 KB 267ms
89ms Image
image/png 69.20.112.197
Rackspace Hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.medicare-providers.net/images/medicarealert/btn-chevron.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.20.112.197 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

304d56b837c5d9bcdae32502bd0e3cf7716b3f706f08ed8dc51d6ba13cb33b00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 21 Oct 2019 15:20:31 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 28 Jul 2017 18:09:26 GMT
Server: nginx
ETag: "597b7dd6-4cef"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19695

GET
H/1.1 200
OK stock-1.jpg
www.medicare-providers.net/images/31421/ 27 KB
28 KB 88ms
88ms Image
image/jpeg 69.20.112.197
Rackspace Hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.medicare-providers.net/images/31421/stock-1.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.20.112.197 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

78549c0eb6095bbdc03a3ee91b61662e7efc30db63e4bf8bd411787685d36572

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 21 Oct 2019 15:20:31 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 20 Nov 2017 18:59:19 GMT
Server: nginx
ETag: "5a132607-6cda"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27866

GET
H/1.1 200
OK stock-2.jpg
www.medicare-providers.net/images/31421/ 30 KB
31 KB 89ms
88ms Image
image/jpeg 69.20.112.197
Rackspace Hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.medicare-providers.net/images/31421/stock-2.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.20.112.197 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

a1820c8c0119b36e17d2e52afd9b56f3638d335c0f0dafe7d2f5d0abba533625

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 21 Oct 2019 15:20:31 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 20 Nov 2017 18:59:19 GMT
Server: nginx
ETag: "5a132607-79cd"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31181

GET
H/1.1 200
OK stock-3.jpg
www.medicare-providers.net/images/31421/ 43 KB
43 KB 89ms
88ms Image
image/jpeg 69.20.112.197
Rackspace Hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.medicare-providers.net/images/31421/stock-3.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.20.112.197 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

df6e6c1253a4d12ec60534bf851d89a74c2feef171d1769bc20d66cf99c9b22d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 21 Oct 2019 15:20:31 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 20 Nov 2017 18:59:19 GMT
Server: nginx
ETag: "5a132607-aab2"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43698

GET
H/1.1 200
OK logo.png
www.medicare-providers.net/images/31421/ 3 KB
3 KB 89ms
88ms Image
image/png 69.20.112.197
Rackspace Hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.medicare-providers.net/images/31421/logo.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.20.112.197 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

bee9c302260c287106b2bfa7b08e94d40d785541153c1e0808ec01c372b4c319

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 21 Oct 2019 15:20:31 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 20 Nov 2017 18:59:19 GMT
Server: nginx
ETag: "5a132607-a21"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2593

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 24 KB
9 KB 15ms
14ms Script
text/javascript 172.217.18.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

78a79d5cefe3a91bfccc9d0e3522b756e142d8c2aeba35146f2bc399b71cf4ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 15:20:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9385
x-xss-protection: 0
server: cafe
etag: 14299522277420216331
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 21 Oct 2019 15:20:31 GMT

GET
H/1.1 200
OK integration.js Show response
js7.invoca.net/7/ 28 KB
12 KB 394ms
94ms Script
application/javascript 52.203.108.11
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://js7.invoca.net/7/integration.js
Requested by: Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.108.11 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-203-108-11.compute-1.amazonaws.com
Software: nginx/1.15.5 /
Resource Hash: 0f3b12dbcfa9c4be462b6176888f30d4aafd1baba153b6726854c54780fb6815

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 21 Oct 2019 15:20:31 GMT
Content-Encoding: gzip
Last-Modified: Fri, 18 Oct 2019 23:35:55 GMT
Server: nginx/1.15.5
Connection: keep-alive
Content-Length: 11645
Content-Type: application/javascript

GET
H/1.1 200
OK visit.php Show response
secure.apolloi.com/leadgen/pxl/ 0
0 384ms
93ms Script
text/html 69.20.94.14
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.apolloi.com/leadgen/pxl/visit.php?visit_id=116927447
Requested by: Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.20.94.14 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS: secure.apolloi.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 css
fonts.googleapis.com/ 2 KB
606 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:81e::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Slab

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

d3535722304c938a15fd3a0d4ad3cd961e8a8a27bb76f115054928d84024f136

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 21 Oct 2019 15:20:30 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Mon, 21 Oct 2019 15:20:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 21 Oct 2019 15:20:30 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
700 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:81e::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,900

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

0d9b67625f262e1eba2b5294ffbd97db236096233fb4fbb4b5cb01e8defffe1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 21 Oct 2019 15:20:30 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Mon, 21 Oct 2019 15:20:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 21 Oct 2019 15:20:30 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
463 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:81e::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:400,700,900

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

091098ba45445979ff4f441a8a9d55b48932aa328907318bc63c531396ef8fc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 21 Oct 2019 15:20:30 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Mon, 21 Oct 2019 15:20:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 21 Oct 2019 15:20:30 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
466 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:81e::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oxygen:300,400,700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

e1e415b221fcf1939c5a3893b1e8408285a5dbf4a26c0c46f6cb461d6ca87caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 21 Oct 2019 15:20:30 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Mon, 21 Oct 2019 15:20:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 21 Oct 2019 15:20:30 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
500 B 18ms
18ms Stylesheet
text/css 2a00:1450:4001:81e::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

3700c7c0f24f48f6b4b6e2402969286e19418aa84f14f134e436960439726926

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 21 Oct 2019 15:20:30 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Mon, 21 Oct 2019 15:20:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 21 Oct 2019 15:20:30 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:825::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 6356
date: Mon, 21 Oct 2019 13:34:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Mon, 21 Oct 2019 15:34:35 GMT

GET
H2 200 593ad82461c3a6d644c6428c Show response
api.pushnami.com/scripts/v1/pushnami-adv/ 33 KB
9 KB 1109ms
1093ms Script
application/javascript 13.224.196.65
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pushnami.com/scripts/v1/pushnami-adv/593ad82461c3a6d644c6428c
Requested by: Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.196.65 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-196-65.fra2.r.cloudfront.net
Software: /
Resource Hash: bd25c14a77fca727926a0e180d3047ca8d5a5aa301746775f28980b2d3b82e56

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 15:20:32 GMT
via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
status: 200
cache-control: no-cache
content-encoding: gzip
x-amz-cf-id: kK4rIWRZiAMyYM1P3eIJrPLQ9-Y8lxqmm8FywcTO6FS0o3iHAIq5IQ==

GET
H/1.1 200
OK bg-stripe.png
www.medicare-providers.net/images/31421/ 107 B
443 B 88ms
88ms Image
image/png 69.20.112.197
Rackspace Hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.medicare-providers.net/images/31421/bg-stripe.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.20.112.197 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

fce9a6f2f7ea34cf08c5bb2847357f438d9106922abeefa20ab7c344cd493372

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/common_scripts/leadgen/laravel/css/mp.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 21 Oct 2019 15:20:31 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 18 Sep 2017 19:15:06 GMT
Server: nginx
ETag: "59c01b3a-6b"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 107

GET
H/1.1 200
OK hero.jpg
www.medicare-providers.net/images/31421/ 74 KB
75 KB 171ms
88ms Image
image/jpeg 69.20.112.197
Rackspace Hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.medicare-providers.net/images/31421/hero.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.20.112.197 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

4745bfb123d90c3944b1af19732e3c7d74880f98379caa9ec776d603588659b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/common_scripts/leadgen/laravel/css/mp.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 21 Oct 2019 15:20:31 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 20 Nov 2017 18:59:19 GMT
Server: nginx
ETag: "5a132607-1291a"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 76058

GET
H/1.1 200
OK icon-phone.png
www.medicare-providers.net/images/31421/ 2 KB
2 KB 150ms
88ms Image
image/png 69.20.112.197
Rackspace Hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.medicare-providers.net/images/31421/icon-phone.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.20.112.197 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

fc7fab33a384c604e1e892730d4272f7c4ad6a82eaabb818da857e40eb56e071

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/common_scripts/leadgen/laravel/css/mp.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 21 Oct 2019 15:20:31 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 18 Sep 2017 20:04:23 GMT
Server: nginx
ETag: "59c026c7-85a"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2138

GET
H/1.1 200
OK icon-check.png
www.medicare-providers.net/images/31421/ 531 B
868 B 149ms
88ms Image
image/png 69.20.112.197
Rackspace Hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.medicare-providers.net/images/31421/icon-check.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.20.112.197 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

57991fd35887bc08a67879ec52d707c684c0e0288e7a323970b568802affc42f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/common_scripts/leadgen/laravel/css/mp.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 21 Oct 2019 15:20:31 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 18 Sep 2017 20:04:23 GMT
Server: nginx
ETag: "59c026c7-213"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 531

GET
H/1.1 200
OK bg-miniform-stripe.png
www.medicare-providers.net/images/31421/ 114 B
450 B 151ms
89ms Image
image/png 69.20.112.197
Rackspace Hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.medicare-providers.net/images/31421/bg-miniform-stripe.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.20.112.197 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

625421f442e81ee0d7e42a3eefb24a20ebba3d528cf97467cc2d600d6fe10da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/common_scripts/leadgen/laravel/css/mp.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 21 Oct 2019 15:20:31 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 20 Nov 2017 18:39:37 GMT
Server: nginx
ETag: "5a132169-72"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 114

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 5ms
5ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,900
Origin: https://www.medicare-providers.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 09:58:45 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 1056106
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9132
x-xss-protection: 0
expires: Thu, 08 Oct 2020 09:58:45 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 5ms
5ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,900
Origin: https://www.medicare-providers.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 12 Oct 2019 00:19:13 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:31:11 GMT
server: sffe
age: 831678
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9080
x-xss-protection: 0
expires: Sun, 11 Oct 2020 00:19:13 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 5ms
5ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,900
Origin: https://www.medicare-providers.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 14 Oct 2019 23:10:17 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:44 GMT
server: sffe
age: 576614
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9180
x-xss-protection: 0
expires: Tue, 13 Oct 2020 23:10:17 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/979637013/ 3 KB
1 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/979637013/?random=1571671231369&cv=9&fst=1571671231369&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.medicare-providers.net%2Fplans%2Ftrumpcaremedicare%2F%3FReferrer%3DMADE%26Subreferrer%3D160007%26Subid%3D512676405%26utm_source%3Dmade%26utm_medium%3Demail%26utm_content%3DTrumpmedicare%26utm_campaign%3D1&ref=https%3A%2F%2Fwww.yilopeet.com%2FPLr7mAyqz657GKa_Yu1RHm4tYo8-R5F1V5fLwBwhXrs2gJ30tFpuaNpjvprK6fLsJIGdHs3ZxWZkEYVZgrsC8g~~%2F555560%2Fef3734d19b819cda92068bd0703af112%2F59817980%2F&tiba=Find%20Plans%20%7C%20Medicare%20Providers&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

e019fe48241d1be806cf567aae1cc847e6e348e73b90bfb503c9567b2271fdf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Oct 2019 15:20:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1161
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 81c0e214-f497-a92b-ad7f-7276e94695ab.js Show response
create.lidstatic.com/campaign/ 122 KB
39 KB 502ms
443ms Script
text/javascript 2606:4700:10::6814:4b82
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://create.lidstatic.com/campaign/81c0e214-f497-a92b-ad7f-7276e94695ab.js?snippet_version=2
Requested by: Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4b82 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86c32d1aa404959e81af9f85ea823547191b8da202cdeded40fc09c5cb8f4c99

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 15:20:31 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-amz-request-id: CB726BDE378FC61A
cf-ray: 5294374c7ba9cbb8-VIE
status: 200
x-amz-replication-status: COMPLETED
x-amz-id-2: e9G2/6/KmBvRNczRsm59s7cLWxDsRPkcTCFyfy4py/o0gxcCrCEOnWy0vxZj3u0rv/uk/rjmW8g=
last-modified: Wed, 25 Apr 2018 15:17:41 GMT
server: cloudflare
etag: W/"b8eb69bdb63beb9eb2cf977d2bdd7eec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: S57bF43tI_0uCcP8hYaxQCLBgmXwU.29
cache-control: public, max-age=1800
content-type: text/javascript
expires: Mon, 21 Oct 2019 15:50:31 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 75 KB
27 KB 33ms
32ms Script
application/javascript 2a00:1450:4001:825::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-KFT29QZ&cid=1860238496.1571671231

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5892295df962b1cf55470d06df6e71d214936f4e74f5231ddc7374b59619b947

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 15:20:31 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27200
x-xss-protection: 0
expires: Mon, 21 Oct 2019 15:20:31 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/979637013/ 42 B
110 B 21ms
21ms Image
image/gif 2a00:1450:4001:820::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/979637013/?random=1571671231369&cv=9&fst=1571670000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.medicare-providers.net%2Fplans%2Ftrumpcaremedicare%2F%3FReferrer%3DMADE%26Subreferrer%3D160007%26Subid%3D512676405%26utm_source%3Dmade%26utm_medium%3Demail%26utm_content%3DTrumpmedicare%26utm_campaign%3D1&ref=https%3A%2F%2Fwww.yilopeet.com%2FPLr7mAyqz657GKa_Yu1RHm4tYo8-R5F1V5fLwBwhXrs2gJ30tFpuaNpjvprK6fLsJIGdHs3ZxWZkEYVZgrsC8g~~%2F555560%2Fef3734d19b819cda92068bd0703af112%2F59817980%2F&tiba=Find%20Plans%20%7C%20Medicare%20Providers&fmt=3&is_vtc=1&random=3561291364&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Oct 2019 15:20:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/979637013/ 42 B
110 B 23ms
23ms Image
image/gif 2a00:1450:4001:819::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/979637013/?random=1571671231369&cv=9&fst=1571670000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.medicare-providers.net%2Fplans%2Ftrumpcaremedicare%2F%3FReferrer%3DMADE%26Subreferrer%3D160007%26Subid%3D512676405%26utm_source%3Dmade%26utm_medium%3Demail%26utm_content%3DTrumpmedicare%26utm_campaign%3D1&ref=https%3A%2F%2Fwww.yilopeet.com%2FPLr7mAyqz657GKa_Yu1RHm4tYo8-R5F1V5fLwBwhXrs2gJ30tFpuaNpjvprK6fLsJIGdHs3ZxWZkEYVZgrsC8g~~%2F555560%2Fef3734d19b819cda92068bd0703af112%2F59817980%2F&tiba=Find%20Plans%20%7C%20Medicare%20Providers&fmt=3&is_vtc=1&random=3561291364&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Oct 2019 15:20:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1034138974&t=pageview&_s=1&dl=https%3A%2F%2Fwww.medicare-providers.net%2Fplans%2Ftrumpcaremedicare%2F%3FReferrer%3DMADE%26Subreferrer%3D16000...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-12025801-1&cid=1860238496.1571671231&jid=897102678&_gid=2083418851.1571671231&gjid=780497437&_v=j79&z=552167195
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12025801-1&cid=1860238496.1571671231&jid=897102678&_v=j79&z=552167195
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12025801-1&cid=1860238496.1571671231&jid=897102678&_v=j79&z=552167195&slf_rd=1&random=3972596735

42 B
109 B

29ms
29ms

Image
image/gif

2a00:1450:4001:819::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12025801-1&cid=1860238496.1571671231&jid=897102678&_v=j79&z=552167195&slf_rd=1&random=3972596735

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Oct 2019 15:20:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 21 Oct 2019 15:20:31 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12025801-1&cid=1860238496.1571671231&jid=897102678&_v=j79&z=552167195&slf_rd=1&random=3972596735
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 request.js Show response
script.anura.io/ 34 KB
11 KB 246ms
184ms Script
application/javascript 2606:4700::6811:ce4a
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/request.js?instance=2761973509&source=MADE&campaign=160007-MP&variable=AnuraResponse&565381843261

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:ce4a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

45a75b8363b8951e5338587dffe4f4d6ac595c857c21e51c262fefa87e5428b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Oct 2019 15:20:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=utf-8
status: 200
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 5294374d8be3cb9c-VIE
expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H/1.1 200
OK map_number Show response
json7.ringrevenue.com/7/ 183 B
1 KB 426ms
134ms Script
text/javascript 35.170.237.56
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://json7.ringrevenue.com/7/map_number?av_id=30279&referer=https%3A%2F%2Fwww.yilopeet.com%2FPLr7mAyqz657GKa_Yu1RHm4tYo8-R5F1V5fLwBwhXrs2gJ30tFpuaNpjvprK6fLsJIGdHs3ZxWZkEYVZgrsC8g~~%2F555560%2Fef3734d19b819cda92068bd0703af112%2F59817980%2F&cookies_for_url=%7B%7D&url_without_pool_params=https%3A%2F%2Fwww.medicare-providers.net%2Fplans%2Ftrumpcaremedicare%2F%3FReferrer%3DMADE%26Subreferrer%3D160007%26Subid%3D512676405%26utm_source%3Dmade%26utm_medium%3Demail%26utm_content%3DTrumpmedicare%26utm_campaign%3D1&request_cookies=true&jsoncallback=json_rr1&url=https%3A%2F%2Fwww.medicare-providers.net%2Fplans%2Ftrumpcaremedicare%2F%3FReferrer%3DMADE%26Subreferrer%3D160007%26Subid%3D512676405%26utm_source%3Dmade%26utm_medium%3Demail%26utm_content%3DTrumpmedicare%26utm_campaign%3D1

Requested by

Host: js7.invoca.net
URL: https://js7.invoca.net/7/integration.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.170.237.56 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-35-170-237-56.compute-1.amazonaws.com

Software

nginx/1.15.5 /

Resource Hash

b17e45610e48e2c90576302c4e42d757cf1f1b20c5fdb22572eadf540f1ded8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime: 0.040230
Date: Mon, 21 Oct 2019 15:20:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx/1.15.5
X-Frame-Options: SAMEORIGIN
P3P: CP="CAO DSP CURa ADMa DEVa OUR NOR DEM STA" policyref="/w3c/p3p.xml"
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Content-Length: 162
X-XSS-Protection: 1; mode=block
X-Request-Id: 6ac5a7a59ce16e5276db35fda5437ed1

POST
H2 200 response.json Show response
script.anura.io/ 44 B
500 B 436ms
404ms XHR
application/json 2606:4700::6811:ce4a
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/response.json

Requested by

Host: script.anura.io
URL: https://script.anura.io/request.js?instance=2761973509&source=MADE&campaign=160007-MP&variable=AnuraResponse&565381843261

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:ce4a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

afc1e8b8d0e48be6739cf5842b921cec28af130653a20e7a600339b73614c3ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 21 Oct 2019 15:20:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
access-control-allow-methods: POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 5294374f3bf959d0-VIE
expires: Sun, 28 Dec 1980 18:57:00 EST

POST
H/1.1 200
OK GenerateToken Show response
create.leadid.com/2.5.2/ 36 B
848 B 402ms
140ms XHR
text/plain 3.222.216.63
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.5.2/GenerateToken?msn=1&pid=20226710-9da1-4219-8f99-2081e015f668&_=780073352
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/81c0e214-f497-a92b-ad7f-7276e94695ab.js?snippet_version=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.222.216.63 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-3-222-216-63.compute-1.amazonaws.com
Software: nginx/1.10.1 / PHP/7.1.30
Resource Hash: f08e249007a8449d1fb7df7db4808073784ff6757290351aa218b1b472bb008d

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Mon, 21 Oct 2019 15:20:32 GMT
Content-Encoding: gzip
Server: nginx/1.10.1
X-Powered-By: PHP/7.1.30
Access-Control-Max-Age: 1728000
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 54
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 result.json Show response
script.anura.io/ 27 B
201 B 174ms
174ms XHR
application/json 2606:4700::6811:ce4a
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/result.json

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:ce4a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

59855fb273cce24eaff91d16cdb093b5b26a2bdca96f6a5ec4d95d81d657e929

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 21 Oct 2019 15:20:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 52943751de4159d0-VIE
expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H/1.1 200
OK iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame 8F47 0
0 50ms
8ms Document
text/html 13.224.197.128
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=CA8CDCBC-8B9F-DC6C-684C-5A46B7CA7BE5&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.5.2&lck=81C0E214-F497-A92B-AD7F-7276E94695AB&lac=478B1969-F034-6785-243D-D2DE64FC7F68
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/81c0e214-f497-a92b-ad7f-7276e94695ab.js?snippet_version=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.197.128 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-197-128.fra2.r.cloudfront.net
Software: nginx/1.10.1 /
Resource Hash

Request headers

Host: d2m2wsoho8qq12.cloudfront.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1

Response headers

Content-Type: text/html
Content-Length: 1440
Connection: keep-alive
Content-Encoding: gzip
Date: Mon, 21 Oct 2019 01:58:08 GMT
ETag: W/"5daaf411-da5"
Last-Modified: Sat, 19 Oct 2019 11:31:29 GMT
P3P: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
Server: nginx/1.10.1
X-Cache: Hit from cloudfront
Via: 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C1
X-Amz-Cf-Id: hi_FotfyJOtVXbDyzTciGVOiap6wdkP_tuABbWBvSPOyGxCXG7pZPg==
Age: 48101

POST
H/1.1 200
OK SaveDom Show response
create.leadid.com/2.5.2/ 0
814 B 95ms
94ms XHR
text/plain 3.222.216.63
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.5.2/SaveDom?msn=2&pid=20226710-9da1-4219-8f99-2081e015f668&token=CA8CDCBC-8B9F-DC6C-684C-5A46B7CA7BE5&_=780073353
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/81c0e214-f497-a92b-ad7f-7276e94695ab.js?snippet_version=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.222.216.63 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-3-222-216-63.compute-1.amazonaws.com
Software: nginx/1.10.1 / PHP/7.1.30
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Mon, 21 Oct 2019 15:20:32 GMT
Content-Encoding: gzip
Server: nginx/1.10.1
X-Powered-By: PHP/7.1.30
Access-Control-Max-Age: 1728000
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK InitFormData Show response
create.leadid.com/2.5.2/ 0
814 B 184ms
94ms XHR
text/plain 3.222.216.63
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.5.2/InitFormData?msn=3&pid=20226710-9da1-4219-8f99-2081e015f668&token=CA8CDCBC-8B9F-DC6C-684C-5A46B7CA7BE5&_=780073354
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/81c0e214-f497-a92b-ad7f-7276e94695ab.js?snippet_version=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.222.216.63 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-3-222-216-63.compute-1.amazonaws.com
Software: nginx/1.10.1 / PHP/7.1.30
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Mon, 21 Oct 2019 15:20:32 GMT
Content-Encoding: gzip
Server: nginx/1.10.1
X-Powered-By: PHP/7.1.30
Access-Control-Max-Age: 1728000
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fraud_status.php Show response
www.medicare-providers.net/common_scripts/omg/ 0
573 B 194ms
194ms XHR
text/html 69.20.112.197
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL

https://www.medicare-providers.net/common_scripts/omg/fraud_status.php?source=anura&response=

Requested by

Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/common_scripts/leadgen/laravel/js/mp.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.20.112.197 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Pragma: no-cache
Date: Mon, 21 Oct 2019 15:20:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK fraud_status.php Show response
www.medicare-providers.net/common_scripts/omg/ 0
573 B 224ms
224ms XHR
text/html 69.20.112.197
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL

https://www.medicare-providers.net/common_scripts/omg/fraud_status.php?source=anura&response={%22result%22:%22bad%22,%22mobile%22:0}

Requested by

Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/common_scripts/leadgen/laravel/js/mp.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.20.112.197 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Pragma: no-cache
Date: Mon, 21 Oct 2019 15:20:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK fraud_status.php Show response
www.medicare-providers.net/common_scripts/omg/ 0
573 B 236ms
236ms XHR
text/html 69.20.112.197
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL

https://www.medicare-providers.net/common_scripts/omg/fraud_status.php?source=anura&response={%22result%22:%22bad%22,%22mobile%22:0}

Requested by

Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/common_scripts/leadgen/laravel/js/mp.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.20.112.197 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Pragma: no-cache
Date: Mon, 21 Oct 2019 15:20:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H/1.1 200
OK check_web_user Show response
www.medicare-providers.net/api/ 0
546 B 155ms
155ms XHR
text/html 69.20.112.197
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL

https://www.medicare-providers.net/api/check_web_user

Requested by

Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/common_scripts/leadgen/laravel/js/mp.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.20.112.197 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Pragma: no-cache
Date: Mon, 21 Oct 2019 15:20:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, no-cache
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H/1.1 200
OK phone_imp.php Show response
www.medicare-providers.net/common_scripts/omg/pxl/ 0
457 B 136ms
135ms XHR
text/html 69.20.112.197
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL

https://www.medicare-providers.net/common_scripts/omg/pxl/phone_imp.php?pn=8444208565&url=www.medicare-providers.net%2Fplans%2Ftrumpcaremedicare%2F%3FReferrer%3DMADE%26Subreferrer%3D160007%26Subid%3D512676405%26utm_source%3Dmade%26utm_medium%3Demail%26utm_content%3DTrumpmedicare%26utm_campaign%3D1

Requested by

Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/common_scripts/leadgen/laravel/js/mp.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.20.112.197 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Pragma: no-cache
Date: Mon, 21 Oct 2019 15:20:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H/1.1 200
OK Snap Show response
create.leadid.com/2.5.2/ 0
814 B 352ms
266ms XHR
text/plain 3.222.216.63
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.5.2/Snap?msn=4&pid=20226710-9da1-4219-8f99-2081e015f668&token=CA8CDCBC-8B9F-DC6C-684C-5A46B7CA7BE5&_=780073355
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/81c0e214-f497-a92b-ad7f-7276e94695ab.js?snippet_version=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.222.216.63 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-3-222-216-63.compute-1.amazonaws.com
Software: nginx/1.10.1 / PHP/7.1.30
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Mon, 21 Oct 2019 15:20:33 GMT
Content-Encoding: gzip
Server: nginx/1.10.1
X-Powered-By: PHP/7.1.30
Access-Control-Max-Age: 1728000
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

21 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1(Line 319) Message: Created anura script
console-api	log	URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1(Line 334) Message: Passed object test
console-api	debug	URL: https://script.anura.io/request.js?instance=2761973509&source=MADE&campaign=160007-MP&variable=AnuraResponse&565381843261(Line 42) Message:
console-api	log	URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1(Line 334) Message: Passed object test
console-api	log	URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1(Line 334) Message: Passed object test
console-api	log	URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1(Line 334) Message: Passed object test
console-api	log	URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1(Line 334) Message: Passed object test
console-api	log	URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1(Line 334) Message: Passed object test
console-api	log	URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1(Line 334) Message: Passed object test
console-api	log	URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1(Line 334) Message: Passed object test
console-api	log	URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1(Line 334) Message: Passed object test
console-api	log	URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1(Line 334) Message: Passed object test
console-api	log	URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1(Line 334) Message: Passed object test
console-api	log	URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1(Line 339) Message: Got result: 002db94f546543bbed0df12f98c567205d2
console-api	log	URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1(Line 379) Message: gonna get it!
console-api	log	URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1(Line 384) Message: got it?
console-api	log	URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1(Line 379) Message: gonna get it!
console-api	log	URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1(Line 384) Message: got it?
console-api	log	URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1(Line 379) Message: gonna get it!
console-api	log	URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1(Line 384) Message: got it?
console-api	log	URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512676405&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1(Line 445) Message: Repeat user:

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.pushnami.com
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js7.invoca.net
json7.ringrevenue.com
script.anura.io
secure.apolloi.com
stats.g.doubleclick.net
str.art-of-groom.art
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.medicare-providers.net
www.yilopeet.com
103.83.36.136
104.159.7.9
13.224.196.65
13.224.197.128
172.217.18.162
2606:4700:10::6814:4b82
2606:4700::6811:ce4a
2a00:1450:4001:819::2003
2a00:1450:4001:81c::2002
2a00:1450:4001:81e::200a
2a00:1450:4001:820::2004
2a00:1450:4001:825::2003
2a00:1450:4001:825::200e
2a00:1450:400c:c04::9c
3.222.216.63
35.170.237.56
52.203.108.11
69.20.112.197
69.20.94.14
091098ba45445979ff4f441a8a9d55b48932aa328907318bc63c531396ef8fc5
0d9b67625f262e1eba2b5294ffbd97db236096233fb4fbb4b5cb01e8defffe1b
0f3b12dbcfa9c4be462b6176888f30d4aafd1baba153b6726854c54780fb6815
2b2d857fc5c80a20d6e07a2d98b8e002c9753662955a8ebac6967e46518702ea
304d56b837c5d9bcdae32502bd0e3cf7716b3f706f08ed8dc51d6ba13cb33b00
3700c7c0f24f48f6b4b6e2402969286e19418aa84f14f134e436960439726926
45a75b8363b8951e5338587dffe4f4d6ac595c857c21e51c262fefa87e5428b2
4745bfb123d90c3944b1af19732e3c7d74880f98379caa9ec776d603588659b3
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
57991fd35887bc08a67879ec52d707c684c0e0288e7a323970b568802affc42f
5892295df962b1cf55470d06df6e71d214936f4e74f5231ddc7374b59619b947
59855fb273cce24eaff91d16cdb093b5b26a2bdca96f6a5ec4d95d81d657e929
5c2d7ec1597bed1546e93e1ee67d8bf9310db8018e8c4fafaca709aecfc9b89b
625421f442e81ee0d7e42a3eefb24a20ebba3d528cf97467cc2d600d6fe10da8
78549c0eb6095bbdc03a3ee91b61662e7efc30db63e4bf8bd411787685d36572
78a79d5cefe3a91bfccc9d0e3522b756e142d8c2aeba35146f2bc399b71cf4ad
7b5961447a21e8bc6b11133fb687752d3374feaa37fcba530a42a7e37149b35b
86c32d1aa404959e81af9f85ea823547191b8da202cdeded40fc09c5cb8f4c99
889e5b0e0831a15afbf0a7afe2916c25500b2fa6abb5f62727b0c245415a5f12
9c0a27facba9672b2035a9776dfeb5252fc07dd314c4853def3e12089cd6d7ed
a1820c8c0119b36e17d2e52afd9b56f3638d335c0f0dafe7d2f5d0abba533625
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
afc1e8b8d0e48be6739cf5842b921cec28af130653a20e7a600339b73614c3ea
b17e45610e48e2c90576302c4e42d757cf1f1b20c5fdb22572eadf540f1ded8b
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
bd25c14a77fca727926a0e180d3047ca8d5a5aa301746775f28980b2d3b82e56
bee9c302260c287106b2bfa7b08e94d40d785541153c1e0808ec01c372b4c319
d0bb686236971e2f23dd56ccb538b420bfa043e4daa739b0c0b7d6549c7a771a
d3535722304c938a15fd3a0d4ad3cd961e8a8a27bb76f115054928d84024f136
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
df6e6c1253a4d12ec60534bf851d89a74c2feef171d1769bc20d66cf99c9b22d
e019fe48241d1be806cf567aae1cc847e6e348e73b90bfb503c9567b2271fdf6
e1e415b221fcf1939c5a3893b1e8408285a5dbf4a26c0c46f6cb461d6ca87caa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b09ae4f391ccd8e04977e2330f1e533a2a507d95c609a3fd437a7ffc7cddfa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f08e249007a8449d1fb7df7db4808073784ff6757290351aa218b1b472bb008d
fc7fab33a384c604e1e892730d4272f7c4ad6a82eaabb818da857e40eb56e071
fce9a6f2f7ea34cf08c5bb2847357f438d9106922abeefa20ab7c344cd493372

www.medicare-providers.net Open in urlscan Pro 69.20.112.197 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

50 Requests

100 %HTTPS

47 %IPv6

18 Domains

19 Subdomains

17 IPs

4 Countries

613 kBTransfer

1488 kBSize

0 Cookies

4 Outgoing links

Page URL History

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.medicare-providers.net Open in urlscan Pro
69.20.112.197 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

100 %
HTTPS

47 %
IPv6

18
Domains

19
Subdomains

17
IPs

4
Countries

613 kB
Transfer

1488 kB
Size

0
Cookies

50 HTTP transactions
0 data transactions