www.medicareinfo.org Open in urlscan Pro
69.20.100.159 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://lnsure.co/803med?elid=240B334J824C614D
Effective URL:
https://www.medicareinfo.org/findplans/1step?Referrer=Texthub&Subreferrer=sms&Subid=aged-All2022-Health-estcst-NonV-20240730&...
Submission Tags: @phish_report
Submission: On August 01 via api (August 1st 2024, 6:50:22 pm UTC) from FI — Scanned from FI

Summary HTTP 50 Redirects Behaviour Indicators

Summary

This website contacted 22 IPs in 4 countries across 21 domains to perform 50 HTTP transactions. The main IP is 69.20.100.159, located in United States and belongs to RACKSPACE, US. The main domain is www.medicareinfo.org.
TLS certificate: Issued by Sectigo ECC Organization Validation S... on May 7th 2024. Valid for: a year.

This is the only time www.medicareinfo.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	69.20.112.192 69.20.112.192	27357 (RACKSPACE) (RACKSPACE)
12	69.20.100.159 69.20.100.159	27357 (RACKSPACE) (RACKSPACE)
9	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:480... 2a02:26f0:480:f9d::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	66.235.152.221 66.235.152.221	16509 (AMAZON-02) (AMAZON-02)
1	18.155.129.90 18.155.129.90	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	34.196.88.25 34.196.88.25	14618 (AMAZON-AES) (AMAZON-AES)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::6816:1cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:25e... 2600:9000:25eb:8e00:1c:7f1a:6680:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:29e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.224.189.93 13.224.189.93	16509 (AMAZON-02) (AMAZON-02)
1	3.10.27.95 3.10.27.95	16509 (AMAZON-02) (AMAZON-02)
2	3.221.233.180 3.221.233.180	14618 (AMAZON-AES) (AMAZON-AES)
1	18.165.196.149 18.165.196.149	16509 (AMAZON-02) (AMAZON-02)
50	22

2 69.20.112.192 (United States) 2 redirects

ASN27357 (RACKSPACE, US)
PTR: www.lnsure.co

lnsure.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lnsure.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 69.20.100.159 (United States)

ASN27357 (RACKSPACE, US)
PTR: www.medicareinfo.org

www.medicareinfo.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:f9d::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.235.152.221 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-66-235-152-221.data.adobedc.net

apolloint.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.155.129.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-129-90.cdg52.r.cloudfront.net

api.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.196.88.25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-88-25.compute-1.amazonaws.com

trc.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:1cc (United States)

ASN13335 (CLOUDFLARENET, US)

acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:25eb:8e00:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:29e5 (United States)

ASN13335 (CLOUDFLARENET, US)

create.lidstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.189.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-93.fra2.r.cloudfront.net

solutions.invocacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.10.27.95 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-10-27-95.eu-west-2.compute.amazonaws.com

script.anura.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.221.233.180 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-233-180.compute-1.amazonaws.com

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.165.196.149 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-196-149.lhr50.r.cloudfront.net

d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	medicareinfo.org www.medicareinfo.org	439 KB
9	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	7 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 534	15 KB
3	pushnami.com api.pushnami.com — Cisco Umbrella Rank: 7428 trc.pushnami.com — Cisco Umbrella Rank: 7212	20 KB
2	leadid.com create.leadid.com — Cisco Umbrella Rank: 20067	1 KB
2	invocacdn.com solutions.invocacdn.com — Cisco Umbrella Rank: 11087	40 KB
2	acsbapp.com acsbapp.com — Cisco Umbrella Rank: 7038 cdn.acsbapp.com — Cisco Umbrella Rank: 7605	95 KB
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 252 googleads.g.doubleclick.net — Cisco Umbrella Rank: 77	310 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	180 KB
2	lnsure.co 2 redirects lnsure.co www.lnsure.co	750 B
1	cloudfront.net d2m2wsoho8qq12.cloudfront.net
1	anura.io script.anura.io — Cisco Umbrella Rank: 64799	24 KB
1	lidstatic.com create.lidstatic.com — Cisco Umbrella Rank: 32125	38 KB
1	trustedform.com cdn.trustedform.com — Cisco Umbrella Rank: 39044	6 KB
1	google.fi www.google.fi — Cisco Umbrella Rank: 20823	408 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3773
1	gstatic.com fonts.gstatic.com	48 KB
1	omtrdc.net apolloint.tt.omtrdc.net	505 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 176	21 KB
1	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 521	65 KB
0	invoca.net Failed pnapi.invoca.net Failed
50	21

	Domain	Requested by
12	www.medicareinfo.org	www.medicareinfo.org
9	fonts.googleapis.com	www.medicareinfo.org
3	bat.bing.com	www.medicareinfo.org bat.bing.com
2	create.leadid.com	create.lidstatic.com
2	solutions.invocacdn.com	www.medicareinfo.org solutions.invocacdn.com
2	trc.pushnami.com	api.pushnami.com
2	www.googletagmanager.com	www.medicareinfo.org
1	d2m2wsoho8qq12.cloudfront.net	create.lidstatic.com
1	cdn.acsbapp.com	acsbapp.com
1	script.anura.io	www.medicareinfo.org
1	create.lidstatic.com	www.medicareinfo.org
1	googleads.g.doubleclick.net	www.googleadservices.com
1	cdn.trustedform.com	www.medicareinfo.org
1	acsbapp.com	www.medicareinfo.org
1	www.google.fi	www.medicareinfo.org
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	api.pushnami.com	www.medicareinfo.org
1	apolloint.tt.omtrdc.net	assets.adobedtm.com
1	www.googleadservices.com	www.medicareinfo.org
1	assets.adobedtm.com	www.medicareinfo.org
1	www.lnsure.co	1 redirects
1	lnsure.co	1 redirects
0	pnapi.invoca.net Failed	solutions.invocacdn.com
50	25

This site contains no links.

Subject Issuer	Validity	Valid
www.medicareinfo.org Sectigo ECC Organization Validation Secure Server CA	`2024-05-07` - `2025-06-05`	a year	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-09` - `2025-08-09`	a year	crt.sh
*.googleadservices.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2023-08-22` - `2024-09-21`	a year	crt.sh
*.pushnami.com Amazon RSA 2048 M02	`2024-02-03` - `2025-03-03`	a year	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google.fi WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
acsbapp.com WE1	`2024-06-20` - `2024-09-18`	3 months	crt.sh
cdn.trustedform.com Amazon RSA 2048 M03	`2024-02-13` - `2025-03-13`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 04	`2024-06-19` - `2024-12-16`	6 months	crt.sh
lidstatic.com E6	`2024-07-23` - `2024-10-21`	3 months	crt.sh
invocacdn.com Amazon RSA 2048 M02	`2023-09-24` - `2024-10-21`	a year	crt.sh
script.anura.io Amazon RSA 2048 M02	`2023-10-16` - `2024-11-13`	a year	crt.sh
create.leadid.com Amazon RSA 2048 M03	`2024-07-20` - `2025-08-18`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.medicareinfo.org/findplans/1step?Referrer=Texthub&Subreferrer=sms&Subid=aged-All2022-Health-estcst-NonV-20240730&vertical=medicare&prepop=1&pid=rr_1653458576&invsrc=rr_244382&elid=240B334J824C614D
Frame ID: 1F962DAC1B4B5853FDF36441F38B438A
Requests: 48 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=865A26FD-33C9-3E64-8FC8-B574B652CC59&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.15.0&lck=BF80DAD6-C869-CF3B-1C34-B312F9002032&lac=478B1969-F034-6785-243D-D2DE64FC7F68
Frame ID: 203BA2291C048AECAFD8D49E29F22C26
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://lnsure.co/803med?elid=240B334J824C614D HTTP 307
https://lnsure.co/803med?elid=240B334J824C614D HTTP 301
https://www.lnsure.co/803med?elid=240B334J824C614D HTTP 302
https://www.medicareinfo.org/findplans/1step?Referrer=Texthub&Subreferrer=sms&Subid=aged-All2022-Health-e... Page URL

Page Statistics

50
Requests

94 %
HTTPS

50 %
IPv6

21
Domains

25
Subdomains

22
IPs

4
Countries

1000 kB
Transfer

3149 kB
Size

17
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://lnsure.co/803med?elid=240B334J824C614D HTTP 307
https://lnsure.co/803med?elid=240B334J824C614D HTTP 301
https://www.lnsure.co/803med?elid=240B334J824C614D HTTP 302
https://www.medicareinfo.org/findplans/1step?Referrer=Texthub&Subreferrer=sms&Subid=aged-All2022-Health-estcst-NonV-20240730&vertical=medicare&prepop=1&pid=rr_1653458576&invsrc=rr_244382&elid=240B334J824C614D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 1step Show response
www.medicareinfo.org/findplans/
Redirect Chain

http://lnsure.co/803med?elid=240B334J824C614D
https://lnsure.co/803med?elid=240B334J824C614D
https://www.lnsure.co/803med?elid=240B334J824C614D
https://www.medicareinfo.org/findplans/1step?Referrer=Texthub&Subreferrer=sms&Subid=aged-All2022-Health-estcst-NonV-20240730&vertical=medicare&prepop=1&pid=rr_1653458576&invsrc=rr_244382&elid=240B3...

115 KB
36 KB

1110ms
560ms

Document
text/html

69.20.100.159
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.medicareinfo.org/findplans/1step?Referrer=Texthub&Subreferrer=sms&Subid=aged-All2022-Health-estcst-NonV-20240730&vertical=medicare&prepop=1&pid=rr_1653458576&invsrc=rr_244382&elid=240B334J824C614D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.20.100.159 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.medicareinfo.org

Software

nginx /

Resource Hash

5f5e7f78a8f1571c4a2b837eb87e6cc85bffb36d41cc59368b5f5b427fcccd6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 01 Aug 2024 18:49:42 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 01 Aug 2024 18:49:40 GMT
location: https://www.medicareinfo.org/findplans/1step?Referrer=Texthub&Subreferrer=sms&Subid=aged-All2022-Health-estcst-NonV-20240730&vertical=medicare&prepop=1&pid=rr_1653458576&invsrc=rr_244382&elid=240B334J824C614D
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 fontawesome.min.css
www.medicareinfo.org/common_scripts/leadgen/fonts/fontawesome/ 34 KB
9 KB 699ms
693ms Stylesheet
text/css 69.20.100.159
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.medicareinfo.org/common_scripts/leadgen/fonts/fontawesome/fontawesome.min.css

Requested by

Host: www.medicareinfo.org
URL: https://www.medicareinfo.org/findplans/1step?Referrer=Texthub&Subreferrer=sms&Subid=aged-All2022-Health-estcst-NonV-20240730&vertical=medicare&prepop=1&pid=rr_1653458576&invsrc=rr_244382&elid=240B334J824C614D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.20.100.159 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.medicareinfo.org

Software

nginx /

Resource Hash

5dfec56f3beca43cfcceb633d1b2206754543332cd1770273d557d639244b6b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.medicareinfo.org/findplans/1step?Referrer=Texthub&Subreferrer=sms&Subid=aged-All2022-Health-estcst-NonV-20240730&vertical=medicare&prepop=1&pid=rr_1653458576&invsrc=rr_244382&elid=240B334J824C614D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 18:49:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Fri, 18 Aug 2023 16:06:29 GMT
server: nginx
content-encoding: gzip
etag: W/"64df9705-8732"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=900, public, no-cache, must-revalidate
expires: Thu, 01 Aug 2024 19:04:42 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1017 B 207ms
69ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

66c4b2c2680c2b3615a6e20a48dfce1fd60449b0f8029940fd7fb83cbaec3474

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.medicareinfo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 01 Aug 2024 18:49:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 17:41:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 01 Aug 2024 18:49:42 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
716 B 383ms
246ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Slab&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ba84a6de518728d15b12d153458a6a87f531a663d2a024f57f6cdf826e9c0983

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.medicareinfo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 01 Aug 2024 18:49:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 18:37:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 01 Aug 2024 18:49:42 GMT

GET
H2 200 css
fonts.googleapis.com/ 23 KB
2 KB 385ms
248ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,900&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6ca843c8152080da9858beb844feafe1264162fa3285d61286251ef9be1537e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.medicareinfo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 01 Aug 2024 18:49:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 18:49:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 01 Aug 2024 18:49:42 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
669 B 383ms
246ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:400,700,900&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4b29ebf68a191a96e6bd5923316fd7210c39c5c6929df630c71fbf75a38a21d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.medicareinfo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 01 Aug 2024 18:49:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 18:49:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 01 Aug 2024 18:49:42 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
723 B 208ms
72ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu:400,500,700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f51a47ba4e832c99ffc2cc8ddc042cf87bccfbf352e8f17863e1f76d5a73e362

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.medicareinfo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 01 Aug 2024 18:49:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 18:47:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 01 Aug 2024 18:49:42 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
518 B 382ms
246ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oxygen:300,400,700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

52156d233fe19698a9aec69a4af2ffba9b51289f2e213db1f09ebda59ff59c9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.medicareinfo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 01 Aug 2024 18:49:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 18:49:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 01 Aug 2024 18:49:42 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
641 B 207ms
71ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5bddb1d00c98a3623bd08ecdd521a4324328b4fd5d3700b6ddd1f0f66d6ebeb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.medicareinfo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 01 Aug 2024 18:49:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 17:44:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 01 Aug 2024 18:49:42 GMT

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
589 B 383ms
247ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Dosis:wght@300;400;500;600;700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d5d35e3eb6e92073edf5bee6ff43437d2053de23343133d00578db5ccaa93d71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.medicareinfo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 01 Aug 2024 18:49:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 18:49:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 01 Aug 2024 18:49:42 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
530 B 386ms
250ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2acd99e5f913a403cc1d99fedad728e0d4baac2ca60c6d0ebac87b51fffd3228

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.medicareinfo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 01 Aug 2024 18:49:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 17:39:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 01 Aug 2024 18:49:42 GMT

GET
H2 200 mi.css
www.medicareinfo.org/common_scripts/laravel/leadgen/8/css/ 797 KB
147 KB 1228ms
1227ms Stylesheet
text/css 69.20.100.159
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.medicareinfo.org/common_scripts/laravel/leadgen/8/css/mi.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.20.100.159 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.medicareinfo.org

Software

nginx /

Resource Hash

8b388f95e8972b35d03ced31f4c2af9066e110aebe87196a49dfbb629aff3b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.medicareinfo.org/findplans/1step?Referrer=Texthub&Subreferrer=sms&Subid=aged-All2022-Health-estcst-NonV-20240730&vertical=medicare&prepop=1&pid=rr_1653458576&invsrc=rr_244382&elid=240B334J824C614D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 18:49:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2024 16:21:08 GMT
server: nginx
content-encoding: gzip
etag: W/"669fd874-c73a6"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=900, public, no-cache, must-revalidate
expires: Thu, 01 Aug 2024 19:04:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 325 KB
105 KB 209ms
70ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-G33YFDDDLQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

45e2fbed49271949ffd9c52aebaa33f665549216d2f5f5ccdb882e5309d48e20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.medicareinfo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 18:49:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 107371
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Aug 2024 18:49:46 GMT

GET
H2 200 launch-b6de5a48ef35.min.js Show response
assets.adobedtm.com/fb718609ab46/6bf1d958e464/ 194 KB
65 KB 189ms
68ms Script
application/x-javascript 2a02:26f0:480:f9d::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/fb718609ab46/6bf1d958e464/launch-b6de5a48ef35.min.js
Requested by: Host: www.medicareinfo.org
URL: https://www.medicareinfo.org/findplans/1step?Referrer=Texthub&Subreferrer=sms&Subid=aged-All2022-Health-estcst-NonV-20240730&vertical=medicare&prepop=1&pid=rr_1653458576&invsrc=rr_244382&elid=240B334J824C614D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f9d::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 8c4578fae914ea3c9cc1d9f417a3e64048a35a7948f66c2361695f2ac98070a2

Request headers

Referer: https://www.medicareinfo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 18:49:42 GMT
content-encoding: gzip
last-modified: Fri, 29 Sep 2023 17:38:07 GMT
server: AkamaiNetStorage
etag: "13166203c41b3c9aaeda834480f83147:1696009087.420974"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.medicareinfo.org
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 65828
expires: Thu, 01 Aug 2024 19:49:42 GMT

GET
H2 200 logo_trustd_nongov.svg
www.medicareinfo.org/images/ 15 KB
16 KB 4430ms
4429ms Image
image/svg+xml 69.20.100.159
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.medicareinfo.org/images/logo_trustd_nongov.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.20.100.159 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.medicareinfo.org

Software

nginx /

Resource Hash

4b34ec36d9f001903bddc1b5ae4f0369ba3c7aaafaed9152676276fd7eb99f8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.medicareinfo.org/findplans/1step?Referrer=Texthub&Subreferrer=sms&Subid=aged-All2022-Health-estcst-NonV-20240730&vertical=medicare&prepop=1&pid=rr_1653458576&invsrc=rr_244382&elid=240B334J824C614D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 18:49:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Fri, 29 Mar 2024 16:17:04 GMT
server: nginx
etag: "6606e980-3d49"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=900, public, no-cache, must-revalidate
accept-ranges: bytes
content-length: 15689
expires: Thu, 01 Aug 2024 19:04:42 GMT

GET
H2 200 1step-edit-icon.png
www.medicareinfo.org/common_scripts/leadgen/laravel/images/ 19 KB
20 KB 4400ms
4399ms Image
image/png 69.20.100.159
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.medicareinfo.org/common_scripts/leadgen/laravel/images/1step-edit-icon.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.20.100.159 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.medicareinfo.org

Software

nginx /

Resource Hash

12df4264d13e00696eb916b7086be41e8e96500fb29dfd3e84aad48a666d2cfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.medicareinfo.org/findplans/1step?Referrer=Texthub&Subreferrer=sms&Subid=aged-All2022-Health-estcst-NonV-20240730&vertical=medicare&prepop=1&pid=rr_1653458576&invsrc=rr_244382&elid=240B334J824C614D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 18:49:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 11 Dec 2019 16:48:23 GMT
server: nginx
etag: "5df11dd7-4d82"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=900, public, no-cache, must-revalidate
accept-ranges: bytes
content-length: 19842
expires: Thu, 01 Aug 2024 19:04:42 GMT

GET
H2 200 simply.png
www.medicareinfo.org/common_scripts/laravel/leadgen/8/images/carrier-logos/anthem-geocode/ 24 KB
24 KB 1100ms
1097ms Image
image/png 69.20.100.159
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.medicareinfo.org/common_scripts/laravel/leadgen/8/images/carrier-logos/anthem-geocode/simply.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.20.100.159 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.medicareinfo.org

Software

nginx /

Resource Hash

34e3a7ec8774ce99b6ea58ce49489da38c2c932e92a26fe77a4f9ac7bae7c778

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.medicareinfo.org/findplans/1step?Referrer=Texthub&Subreferrer=sms&Subid=aged-All2022-Health-estcst-NonV-20240730&vertical=medicare&prepop=1&pid=rr_1653458576&invsrc=rr_244382&elid=240B334J824C614D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 18:49:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Fri, 08 Mar 2024 17:40:31 GMT
server: nginx
etag: "65eb4d8f-5eb0"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=900, public, no-cache, must-revalidate
accept-ranges: bytes
content-length: 24240
expires: Thu, 01 Aug 2024 19:04:46 GMT

GET
H2 200 mi-libs-1step.js Show response
www.medicareinfo.org/common_scripts/laravel/leadgen/8/js/ 346 KB
123 KB 1500ms
1497ms Script
application/javascript 69.20.100.159
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.medicareinfo.org/common_scripts/laravel/leadgen/8/js/mi-libs-1step.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.20.100.159 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.medicareinfo.org

Software

nginx /

Resource Hash

bcca79b8e76857f173086c6532b8c32e7d6d5192de727d92195ebaa55fb08bb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.medicareinfo.org/findplans/1step?Referrer=Texthub&Subreferrer=sms&Subid=aged-All2022-Health-estcst-NonV-20240730&vertical=medicare&prepop=1&pid=rr_1653458576&invsrc=rr_244382&elid=240B334J824C614D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 18:49:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 15 Feb 2024 18:43:05 GMT
server: nginx
content-encoding: gzip
etag: W/"65ce5b39-5698c"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=900, public, no-cache, must-revalidate
expires: Thu, 01 Aug 2024 19:04:46 GMT

GET
H2 200 mi-comps-1step.js Show response
www.medicareinfo.org/common_scripts/laravel/leadgen/8/js/ 81 KB
22 KB 6179ms
6177ms Script
application/javascript 69.20.100.159
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.medicareinfo.org/common_scripts/laravel/leadgen/8/js/mi-comps-1step.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.20.100.159 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.medicareinfo.org

Software

nginx /

Resource Hash

a9dd349811c2bb82af5ce7080ac3f4f38c62431ba89ea3013ffedc81ae759a01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.medicareinfo.org/findplans/1step?Referrer=Texthub&Subreferrer=sms&Subid=aged-All2022-Health-estcst-NonV-20240730&vertical=medicare&prepop=1&pid=rr_1653458576&invsrc=rr_244382&elid=240B334J824C614D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 18:49:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 17 Jul 2024 16:43:20 GMT
server: nginx
content-encoding: gzip
etag: W/"6697f4a8-14564"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=900, public, no-cache, must-revalidate
expires: Thu, 01 Aug 2024 19:04:46 GMT

GET
H3 200 conversion.js Show response
www.googleadservices.com/pagead/ 57 KB
21 KB 208ms
97ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

13c5d672a26ed35aa291a6aa89d87ceb703d430b9c6e918b5cd2749414539c4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.medicareinfo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 18:49:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21173
x-xss-protection: 0
server: cafe
etag: 4147160116119415605
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 01 Aug 2024 18:49:46 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 211 KB
75 KB 371ms
233ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5QGTLLV

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b5b11290efd43b20eae29b699b1a6e733cdf7dc3e3c6deefc6a47642da0ac2db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.medicareinfo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 18:49:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76604
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 01 Aug 2024 18:49:46 GMT

GET
H2 200 json Show response
apolloint.tt.omtrdc.net/m2/apolloint/mbox/ 96 B
505 B 241ms
83ms XHR
application/json 66.235.152.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://apolloint.tt.omtrdc.net/m2/apolloint/mbox/json?mbox=target-global-mbox&mboxSession=93426d6189204531a30d390d414792b3&mboxPC=&mboxPage=6bf357815dff42a49c9a747737cf8878&mboxRid=6286190e892a483eaee5e8f81f0e10e3&mboxVersion=1.8.3&mboxCount=1&mboxTime=1722548986789&mboxHost=www.medicareinfo.org&mboxURL=https%3A%2F%2Fwww.medicareinfo.org%2Ffindplans%2F1step%3FReferrer%3DTexthub%26Subreferrer%3Dsms%26Subid%3Daged-All2022-Health-estcst-NonV-20240730%26vertical%3Dmedicare%26prepop%3D1%26pid%3Drr_1653458576%26invsrc%3Drr_244382%26elid%3D240B334J824C614D&mboxReferrer=&browserHeight=1200&browserWidth=1600&browserTimeOffset=180&screenHeight=1200&screenWidth=1600&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&webGLRenderer=Intel%20Iris%20OpenGL%20Engine&Referrer=Texthub&Subreferrer=sms&Subid=aged-All2022-Health-estcst-NonV-20240730&vertical=medicare&prepop=1&pid=rr_1653458576&invsrc=rr_244382&elid=240B334J824C614D

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/fb718609ab46/6bf1d958e464/launch-b6de5a48ef35.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.235.152.221 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-66-235-152-221.data.adobedc.net

Software

jag /

Resource Hash

095a6fba786d02edd523400b43333ac59addc60836665d6d51a0dd36a23694f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.medicareinfo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Aug 2024 18:49:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: jag
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.medicareinfo.org
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 96
x-xss-protection: 1; mode=block
x-request-id: 6286190e892a483eaee5e8f81f0e10e3

GET
H2 200 59c2e2af5d3c565548c02fec Show response
api.pushnami.com/scripts/v1/pushnami-adv/ 94 KB
20 KB 285ms
72ms Script
application/javascript 18.155.129.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pushnami.com/scripts/v1/pushnami-adv/59c2e2af5d3c565548c02fec
Requested by: Host: www.medicareinfo.org
URL: https://www.medicareinfo.org/findplans/1step?Referrer=Texthub&Subreferrer=sms&Subid=aged-All2022-Health-estcst-NonV-20240730&vertical=medicare&prepop=1&pid=rr_1653458576&invsrc=rr_244382&elid=240B334J824C614D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.129.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-129-90.cdg52.r.cloudfront.net
Software: /
Resource Hash: 552c856549eadac93ef6992baa5de0cf71ab39a598c9a02f56b2a8f727d0a223

Request headers

Referer: https://www.medicareinfo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 18:49:30 GMT
content-encoding: gzip
via: 1.1 56d390c8b33724e3b76fca72a585f516.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P4
age: 17
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: no-cache
x-amz-cf-id: vX8y3sNsIgRduO2zh-TlUchpMHD0RNs1mYzwTt129_I77fstRXqhiw==

GET
H2 200 phone-icon.png
www.medicareinfo.org/common_scripts/leadgen/laravel/images/ 937 B
1 KB 6175ms
6175ms Image
image/png 69.20.100.159
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.medicareinfo.org/common_scripts/leadgen/laravel/images/phone-icon.png

Requested by

Host: www.medicareinfo.org
URL: https://www.medicareinfo.org/common_scripts/laravel/leadgen/8/css/mi.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.20.100.159 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.medicareinfo.org

Software

nginx /

Resource Hash

125095eccae0a4deffe181229850e1d19c4e026804d8670131cb5c1825e598ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.medicareinfo.org/common_scripts/laravel/leadgen/8/css/mi.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 18:49:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 11 Dec 2019 16:48:23 GMT
server: nginx
etag: "5df11dd7-3a9"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=900, public, no-cache, must-revalidate
accept-ranges: bytes
content-length: 937
expires: Thu, 01 Aug 2024 19:04:46 GMT

GET
H2 200 lock.png
www.medicareinfo.org/common_scripts/leadgen/laravel/images/ 619 B
925 B 6172ms
6171ms Image
image/png 69.20.100.159
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.medicareinfo.org/common_scripts/leadgen/laravel/images/lock.png

Requested by

Host: www.medicareinfo.org
URL: https://www.medicareinfo.org/common_scripts/laravel/leadgen/8/css/mi.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.20.100.159 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.medicareinfo.org

Software

nginx /

Resource Hash

9f3bb69f68dc589e677910acc1087b2e2c2592f4dcad88b67a03a4e3434b6790

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.medicareinfo.org/common_scripts/laravel/leadgen/8/css/mi.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 18:49:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 11 Dec 2019 16:48:23 GMT
server: nginx
etag: "5df11dd7-26b"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=900, public, no-cache, must-revalidate
accept-ranges: bytes
content-length: 619
expires: Thu, 01 Aug 2024 19:04:46 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 264ms
60ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.medicareinfo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 14:56:39 GMT
x-content-type-options: nosniff
age: 186788
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Jul 2025 14:56:39 GMT

POST
H2 200 track Show response
trc.pushnami.com/api/push/ 2 B
168 B 161ms
159ms Fetch
text/html 34.196.88.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/59c2e2af5d3c565548c02fec
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.88.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-88-25.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept: application/json, text/plain, */*
Referer: https://www.medicareinfo.org/
key: 59c2e2af5d3c565548c02fec
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Thu, 01 Aug 2024 18:49:47 GMT
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
content-length: 2
content-type: text/html; charset=utf-8

OPTIONS
H2 204 track
trc.pushnami.com/api/push/ Frame 0
0 412ms
135ms Preflight 34.196.88.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.88.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-88-25.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: key
Access-Control-Request-Method: POST
Origin: https://www.medicareinfo.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,key
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: WWW-Authenticate,Server-Authorization
access-control-max-age: 86400
cache-control: no-cache
date: Thu, 01 Aug 2024 18:49:47 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 111ms
37ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-G33YFDDDLQ&gtm=45je47v0v871179630za200&_p=1722538186724&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250752&cid=1032681333.1722538187&ul=fi-fi&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1722538187&sct=1&seg=0&dl=https%3A%2F%2Fwww.medicareinfo.org%2Ffindplans%2F1step%3FReferrer%3DTexthub%26Subreferrer%3Dsms%26Subid%3Daged-All2022-Health-estcst-NonV-20240730%26vertical%3Dmedicare%26prepop%3D1%26pid%3Drr_1653458576%26invsrc%3Drr_244382%26elid%3D240B334J824C614D&dt=Get%20Quotes%20%7C%20Medicare%20Info&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=7249
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G33YFDDDLQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.medicareinfo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Aug 2024 18:49:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.medicareinfo.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
249 B 214ms
70ms Ping
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-G33YFDDDLQ&cid=1032681333.1722538187&gtm=45je47v0v871179630za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0&tag_exp=95250752
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G33YFDDDLQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.medicareinfo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Aug 2024 18:49:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.medicareinfo.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.fi/ads/ 42 B
408 B 243ms
110ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fi/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-G33YFDDDLQ&cid=1032681333.1722538187&gtm=45je47v0v871179630za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0&tag_exp=95250752&tag_exp=95250752&z=153591891

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.medicareinfo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Aug 2024 18:49:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 app.js Show response
acsbapp.com/apps/app/dist/js/ 311 KB
95 KB 272ms
200ms Script
application/javascript 2606:4700:10::6816:1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://acsbapp.com/apps/app/dist/js/app.js
Requested by: Host: www.medicareinfo.org
URL: https://www.medicareinfo.org/findplans/1step?Referrer=Texthub&Subreferrer=sms&Subid=aged-All2022-Health-estcst-NonV-20240730&vertical=medicare&prepop=1&pid=rr_1653458576&invsrc=rr_244382&elid=240B334J824C614D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08b44a2029f9548c4b033330c9deff52b816224aa64d4c5232997d0016c3838e

Request headers

Referer: https://www.medicareinfo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 18:49:53 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-guploader-uploadid: AHxI1nOHaOF3haFc45Y2kqDwqLQf_BBt-9jzkWTlh5n8zB_UKCT6wopKRJreurzeZuZylloRQeM-h1Zn8g
x-goog-storage-class: STANDARD
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
last-modified: Wed, 31 Jul 2024 23:40:18 GMT
server: cloudflare
etag: W/"92404c07b8e4ff82f8554bd6af99476b"
vary: Accept-Encoding
x-goog-generation: 1722469218170647
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-goog-hash: crc32c=3LrwsA==, md5=kkBMB7jk/4L4VUvWr5lHaw==
access-control-expose-headers: *
cache-control: public, max-age=300, must-revalidate
x-goog-stored-content-length: 318611
cf-ray: 8ac802baecde4c86-HEL
expires: Fri, 01 Aug 2025 18:49:53 GMT

GET
H2 200 bootstrap.js Show response
cdn.trustedform.com/ 16 KB
6 KB 452ms
291ms Script
application/javascript 2600:9000:25eb:8e00:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17225381930140.4783401958918987
Requested by: Host: www.medicareinfo.org
URL: https://www.medicareinfo.org/findplans/1step?Referrer=Texthub&Subreferrer=sms&Subid=aged-All2022-Health-estcst-NonV-20240730&vertical=medicare&prepop=1&pid=rr_1653458576&invsrc=rr_244382&elid=240B334J824C614D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25eb:8e00:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 45976a621181ee7fd8bf20fa6df22ba74aa4dbee43439c40f5dce33d3adfe5dc

Request headers

Referer: https://www.medicareinfo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 18:49:54 GMT
x-amz-version-id: FT61aanmIsL6VBHUXACooZGktOoWXEnV
content-encoding: gzip
last-modified: Thu, 18 Jul 2024 20:05:44 GMT
server: AmazonS3
via: 1.1 2ed8b710d99a964ef414e41b544ffb2e.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP53-P3
etag: W/"72f931c43fa2e605365f0bfec09e3a5d"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: 7mP_Zs8oyNsir9KPgzGI5R3P_cVvlTzkEv0pJqsAX9kDigVPp8zYZw==

GET
H2 200 bat.js Show response
bat.bing.com/ 49 KB
14 KB 287ms
88ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.medicareinfo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 01 Aug 2024 18:49:52 GMT
last-modified: Sat, 13 Jul 2024 20:42:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9CFB5948C73F49919FFA58A1E325ADF1 Ref B: FRAEDGE1122 Ref C: 2024-08-01T18:49:53Z
etag: "044982565d5da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 14183

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/957976186/ 43 B
61 B 217ms
95ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/957976186/?random=1722538193017&cv=9&fst=1722538193017&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=180&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.medicareinfo.org%2Ffindplans%2F1step%3FReferrer%3DTexthub%26Subreferrer%3Dsms%26Subid%3Daged-All2022-Health-estcst-NonV-20240730%26vertical%3Dmedicare%26prepop%3D1%26pid%3Drr_1653458576%26invsrc%3Drr_244382%26elid%3D240B334J824C614D&tiba=Get%20Quotes%20%7C%20Medicare%20Info&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.medicareinfo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Aug 2024 18:49:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bf80dad6-c869-cf3b-1c34-b312f9002032.js Show response
create.lidstatic.com/campaign/ 118 KB
38 KB 120ms
47ms Script
text/javascript 2606:4700:10::ac43:29e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://create.lidstatic.com/campaign/bf80dad6-c869-cf3b-1c34-b312f9002032.js?snippet_version=2
Requested by: Host: www.medicareinfo.org
URL: https://www.medicareinfo.org/findplans/1step?Referrer=Texthub&Subreferrer=sms&Subid=aged-All2022-Health-estcst-NonV-20240730&vertical=medicare&prepop=1&pid=rr_1653458576&invsrc=rr_244382&elid=240B334J824C614D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:29e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39c5438deae33d724fd36c809445d930fb6e511052da93d0f5d75546eca3cbe8

Request headers

Referer: https://www.medicareinfo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 18:49:53 GMT
x-amz-version-id: kBDvtcGykLE2Q32vUPtApGrm7P0CY.Ti
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: TF2SGXJHA5VAQBH9
age: 18
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: SrBXHm7paBAe9QDWitWf+27Zw+slzHhrbmexhlCY6MSufXKIyFigt5iKKRzW/en3qFOFlwbesqmifl/FGzHEtYaG1xsD8mcC
last-modified: Wed, 17 Jul 2024 16:46:27 GMT
server: cloudflare
etag: W/"04e2f71b3fb02df25c54bc0b0de4c384"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=1800
cf-ray: 8ac802baf9fd8d6a-HEL

GET
H2 200 invoca-latest.min.js Show response
solutions.invocacdn.com/js/ 127 KB
38 KB 240ms
113ms Script
text/javascript 13.224.189.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://solutions.invocacdn.com/js/invoca-latest.min.js
Requested by: Host: www.medicareinfo.org
URL: https://www.medicareinfo.org/findplans/1step?Referrer=Texthub&Subreferrer=sms&Subid=aged-All2022-Health-estcst-NonV-20240730&vertical=medicare&prepop=1&pid=rr_1653458576&invsrc=rr_244382&elid=240B334J824C614D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-93.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d7a7864a86aee7aa7706105cd44e34028957f748578070b6be09920af6092960

Request headers

Referer: https://www.medicareinfo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: YlGu76mQOzetA5jijLoEnfYA1iGE.ru5
content-encoding: br
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
date: Thu, 01 Aug 2024 18:15:21 GMT
x-amz-cf-pop: FRA2-C1
age: 2073
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 25 Jun 2024 17:09:43 GMT
server: AmazonS3
etag: W/"a95e8c9e0384f3a07e6153c9eaa6cfc6"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
x-amz-cf-id: 1PARfF3ORCbrJRPr5SNqsZh4ZIU4pm9QEXAiRqsilrkdwApi1yCf0w==

GET
H2 200 request.js
script.anura.io/ 70 KB
24 KB 531ms
136ms Script
application/javascript 3.10.27.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/request.js?instance=2761973509&source=Texthub&campaign=sms-MI&variable=AnuraResponse&267849537127

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.10.27.95 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-10-27-95.eu-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.medicareinfo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Aug 2024 18:49:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

POST
H2 200 GenerateToken Show response
create.leadid.com/2.15.0/ 36 B
659 B 499ms
195ms XHR
text/plain 3.221.233.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.15.0/GenerateToken?msn=1&pid=0875ac8e-4680-4214-a0ae-13eab1a5b126&_=726461216

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/bf80dad6-c869-cf3b-1c34-b312f9002032.js?snippet_version=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.221.233.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-221-233-180.compute-1.amazonaws.com

Software

nginx /

Resource Hash

89d0f1c6a28a15c0ce9a371c5d40c8c019caa09cc8250c8cd58dd4228bab83a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.medicareinfo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 01 Aug 2024 18:49:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 tag-live.js Show response
solutions.invocacdn.com/js/networks/585/0419737375/ 6 KB
2 KB 59ms
59ms Script
text/javascript 13.224.189.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://solutions.invocacdn.com/js/networks/585/0419737375/tag-live.js
Requested by: Host: solutions.invocacdn.com
URL: https://solutions.invocacdn.com/js/invoca-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-93.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a592564b9b2d607aa653f3ca77adba6b405022dd91b1dfc9edf789a4eb02b953

Request headers

Referer: https://www.medicareinfo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: 0Qfdvo0f_YNgaplQS3YTle3ByArvqRkM
content-encoding: gzip
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
date: Thu, 01 Aug 2024 18:49:36 GMT
last-modified: Thu, 15 Jul 2021 19:25:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 18
etag: W/"7beabea2e2cfeadff0e6ab423c2ac7fa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=300
x-amz-replication-status: COMPLETED
x-amz-cf-id: gv8G_nY72qZhzxPCIjOV38jCALsGRsySPqoAXhvQz7I4wWwAfu6xDw==

GET
H2 200 5036486.js Show response
bat.bing.com/p/action/ 334 B
407 B 88ms
88ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5036486.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0ae71aef1c47c227727f0516f62f1b9a68866d80f9f9993df9f1004c773d534e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.medicareinfo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Thu, 01 Aug 2024 18:49:52 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DECCB257999B447DB767CBEB9EC6BF6B Ref B: FRAEDGE1122 Ref C: 2024-08-01T18:49:53Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=1800

GET
H2 200 config.json Show response
cdn.acsbapp.com/config/medicareinfo.org/ 164 B
706 B 118ms
47ms Fetch
application/json 2606:4700:10::6816:1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.acsbapp.com/config/medicareinfo.org/config.json
Requested by: Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 182f6c98d86cac1dc13d18d99469e292ebb57d82d117d4362f867ad5ecf4c963

Request headers

Referer: https://www.medicareinfo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 18:49:53 GMT
content-encoding: br
cf-cache-status: HIT
age: 18
x-guploader-uploadid: AHxI1nMknl8IvAqDc0IKI4ny3U-yTtGz21y1vXV5ZuY2liXfeUjRmmsGhpB9cnmO04ajjr4ESW4JNCAKdg
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Wed, 08 Feb 2023 13:54:32 GMT
server: cloudflare
etag: W/"e35759c8f183b55bf02245e66eeb7319"
vary: Accept-Encoding
x-goog-generation: 1675864472476382
content-type: application/json
access-control-allow-origin: *
x-goog-hash: crc32c=PH+XOg==, md5=41dZyPGDtVvwIkXmbutzGQ==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=300, must-revalidate
x-goog-stored-content-length: 164
cf-ray: 8ac802be396d8d51-HEL
expires: Fri, 01 Aug 2025 18:49:35 GMT

GET
H2 200 fa-solid-900.woff2
www.medicareinfo.org/common_scripts/leadgen/fonts/fontawesome/ 39 KB
40 KB 269ms
268ms Font
application/font-woff2 69.20.100.159
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.medicareinfo.org/common_scripts/leadgen/fonts/fontawesome/fa-solid-900.woff2

Requested by

Host: www.medicareinfo.org
URL: https://www.medicareinfo.org/common_scripts/leadgen/fonts/fontawesome/fontawesome.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.20.100.159 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.medicareinfo.org

Software

nginx /

Resource Hash

434466b59545a8a1cac6ddb38197cdc6b35995a98c3f3812fb88d61b1c300dd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.medicareinfo.org/common_scripts/leadgen/fonts/fontawesome/fontawesome.min.css
Origin: https://www.medicareinfo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 18:49:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 11 Dec 2019 16:48:23 GMT
server: nginx
etag: "5df11dd7-9cd4"
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
cache-control: max-age=900, public, no-cache, must-revalidate
accept-ranges: bytes
content-length: 40148
expires: Thu, 01 Aug 2024 19:04:53 GMT

GET
H2 204 0
bat.bing.com/action/ 0
286 B 115ms
114ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5036486&Ver=2&mid=272edc83-e7c7-4820-9373-d1bfc6b24433&sid=d6e7ed80503611efb3f3334aea110e97&vid=d6e812c0503611ef874bed493e35720d&vids=1&msclkid=N&pi=918639831&lg=fi-FI&sw=1600&sh=1200&sc=24&tl=Get%20Quotes%20%7C%20Medicare%20Info&kw=Find%20%26%20Compare,%20Health%20Insurance,%20Quotes,%20Medicare%20Insurance,%20Plans,%20medicareinfo.org&p=https%3A%2F%2Fwww.medicareinfo.org%2Ffindplans%2F1step%3FReferrer%3DTexthub%26Subreferrer%3Dsms%26Subid%3Daged-All2022-Health-estcst-NonV-20240730%26vertical%3Dmedicare%26prepop%3D1%26pid%3Drr_1653458576%26invsrc%3Drr_244382%26elid%3D240B334J824C614D&r=&lt=12915&evt=pageLoad&sv=1&cdb=AQAQ&rn=133453

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.medicareinfo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 01 Aug 2024 18:49:52 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A0128F35B84C4D7385F017BD44B5773A Ref B: FRAEDGE1122 Ref C: 2024-08-01T18:49:53Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET na.jsonp
pnapi.invoca.net/585/ 0
0

GET map_number.jsonp
pnapi.invoca.net/9/api/2014-09-01/ 0
0

GET
H/1.1 200
OK iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame 203B 0
0 214ms
63ms Document
text/html 18.165.196.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=865A26FD-33C9-3E64-8FC8-B574B652CC59&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.15.0&lck=BF80DAD6-C869-CF3B-1C34-B312F9002032&lac=478B1969-F034-6785-243D-D2DE64FC7F68

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/bf80dad6-c869-cf3b-1c34-b312f9002032.js?snippet_version=2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.165.196.149 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-165-196-149.lhr50.r.cloudfront.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.medicareinfo.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Age: 67236
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Thu, 01 Aug 2024 00:09:17 GMT
Etag: W/"668f4bcd-dbb"
Last-Modified: Thu, 11 Jul 2024 03:04:45 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Via: 1.1 3ffc494014d1d1ba7644f6707a2cf696.cloudfront.net (CloudFront)
X-Amz-Cf-Id: 77ERH06zsrYAFql42dUqIJAGGfgsHrM_thYunOYubZswRTdmaYgN1g==
X-Amz-Cf-Pop: LHR50-P3
X-Cache: Hit from cloudfront

POST
H2 200 SaveDom Show response
create.leadid.com/2.15.0/ 0
623 B 145ms
143ms XHR
text/plain 3.221.233.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.15.0/SaveDom?msn=2&pid=0875ac8e-4680-4214-a0ae-13eab1a5b126&token=865A26FD-33C9-3E64-8FC8-B574B652CC59&_=726461217

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/bf80dad6-c869-cf3b-1c34-b312f9002032.js?snippet_version=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.221.233.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-221-233-180.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.medicareinfo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 01 Aug 2024 18:49:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST InitFormData
create.leadid.com/2.15.0/ 0
0

POST
H2 200 set_visit_ulid Show response
www.medicareinfo.org/api/ 7 B
400 B 155ms
153ms XHR
text/html 69.20.100.159
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.medicareinfo.org/api/set_visit_ulid

Requested by

Host: www.medicareinfo.org
URL: https://www.medicareinfo.org/common_scripts/laravel/leadgen/8/js/mi-libs-1step.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.20.100.159 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.medicareinfo.org

Software

nginx /

Resource Hash

c88a0b907419a70c27ab7c1f8e5fb54441a4d9c3567e4c928fa7b2091194aecf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.medicareinfo.org/findplans/1step?Referrer=Texthub&Subreferrer=sms&Subid=aged-All2022-Health-estcst-NonV-20240730&vertical=medicare&prepop=1&pid=rr_1653458576&invsrc=rr_244382&elid=240B334J824C614D
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 01 Aug 2024 18:49:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx
x-ratelimit-remaining: 599
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, no-cache, private
x-ratelimit-limit: 600
x-frame-options: SAMEORIGIN
expires: Thu, 19 Nov 1981 08:52:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pnapi.invoca.net
URL: https://pnapi.invoca.net/585/na.jsonp?network_id=585&js_version=4.31.1&tag_id=585%2F0419737375&request_data_shared_params=%7B%22buyer%22%3Anull%2C%22calling_page%22%3A%22https%3A%2F%2Fwww.medicareinfo.org%2Ffindplans%2F1step%3FReferrer%3DTexthub%26Subreferrer%3Dsms%26Subid%3Daged-All2022-Health-estcst-NonV-20240730%26vertical%3Dmedicare%26prepop%3D1%26pid%3Drr_1653458576%26invsrc%3Drr_244382%26elid%3D240B334J824C614D%22%2C%22calling_page_longtext%22%3A%22https%3A%2F%2Fwww.medicareinfo.org%2Ffindplans%2F1step%3FReferrer%3DTexthub%26Subreferrer%3Dsms%26Subid%3Daged-All2022-Health-estcst-NonV-20240730%26vertical%3Dmedicare%26prepop%3D1%26pid%3Drr_1653458576%26invsrc%3Drr_244382%26elid%3D240B334J824C614D%22%2C%22campaign%22%3Anull%2C%22client%22%3Anull%2C%22client_name%22%3Anull%2C%22EngagementId%22%3Anull%2C%22Eref%22%3Anull%2C%22gclid%22%3Anull%2C%22insurance_type%22%3Anull%2C%22invsrc%22%3A%22rr_244382%22%2C%22keyword%22%3Anull%2C%22matchtype%22%3Anull%2C%22msclkid%22%3Anull%2C%22pid%22%3A%22rr_1653458576%22%2C%22placeholder%22%3Anull%2C%22placeholder2%22%3Anull%2C%22ppc_click_id%22%3Anull%2C%22ppc_creative%22%3Anull%2C%22real_time_response%22%3Anull%2C%22Referrer%22%3A%22Texthub%22%2C%22signal_type%22%3Anull%2C%22Subid%22%3A%22aged-All2022-Health-estcst-NonV-20240730%22%2C%22Subreferrer%22%3A%22sms%22%2C%22transfer%22%3Anull%2C%22utm_campaign%22%3Anull%2C%22utm_medium%22%3A%22direct%22%2C%22utm_source%22%3A%22direct%22%2C%22vertical%22%3A%22medicare%22%2C%22referrer%22%3A%22Texthub%22%2C%22subreferrer%22%3A%22sms%22%2C%22subid%22%3A%22aged-All2022-Health-estcst-NonV-20240730%22%2C%22prepop%22%3A%221%22%2C%22elid%22%3A%22240B334J824C614D%22%2C%22invoca_id%22%3A%22i-367d9d38-1cb2-4f25-bb6c-122e66b560e9%22%7D&request_data=%5B%7B%22request_id%22%3A%22rr_244382%22%2C%22advertiser_campaign_id_from_network%22%3A%22rr_244382%22%7D%5D&client_info=%7B%22url%22%3A%22https%3A%2F%2Fwww.medicareinfo.org%2Ffindplans%2F1step%3FReferrer%3DTexthub%26Subreferrer%3Dsms%26Subid%3Daged-All2022-Health-estcst-NonV-20240730%26vertical%3Dmedicare%26prepop%3D1%26pid%3Drr_1653458576%26invsrc%3Drr_244382%26elid%3D240B334J824C614D%22%2C%22referrer%22%3A%22%22%7D&canary=true&acg=%7B%22request_data_shared_params%22%3A%22%7B%5C%22pid%5C%22%3A%5C%22rr_1653458576%5C%22%2C%5C%22invoca_id%5C%22%3A%5C%22i-367d9d38-1cb2-4f25-bb6c-122e66b560e9%5C%22%2C%5C%22utm_medium%5C%22%3A%5C%22direct%5C%22%2C%5C%22utm_source%5C%22%3A%5C%22direct%5C%22%2C%5C%22buyer%5C%22%3Anull%2C%5C%22calling_page%5C%22%3A%5C%22https%3A%2F%2Fwww.medicareinfo.org%2Ffindplans%2F1step%3FReferrer%3DTexthub%26Subreferrer%3Dsms%26Subid%3Daged-All2022-Health-estcst-NonV-20240730%26vertical%3Dmedicare%26prepop%3D1%26pid%3Drr_1653458576%26invsrc%3Drr_244382%26elid%3D240B334J824C614D%5C%22%2C%5C%22calling_page_longtext%5C%22%3A%5C%22https%3A%2F%2Fwww.medicareinfo.org%2Ffindplans%2F1step%3FReferrer%3DTexthub%26Subreferrer%3Dsms%26Subid%3Daged-All2022-Health-estcst-NonV-20240730%26vertical%3Dmedicare%26prepop%3D1%26pid%3Drr_1653458576%26invsrc%3Drr_244382%26elid%3D240B334J824C614D%5C%22%2C%5C%22campaign%5C%22%3Anull%2C%5C%22client%5C%22%3Anull%2C%5C%22client_name%5C%22%3Anull%2C%5C%22EngagementId%5C%22%3Anull%2C%5C%22Eref%5C%22%3Anull%2C%5C%22gclid%5C%22%3Anull%2C%5C%22insurance_type%5C%22%3Anull%2C%5C%22invsrc%5C%22%3A%5C%22rr_244382%5C%22%2C%5C%22keyword%5C%22%3Anull%2C%5C%22matchtype%5C%22%3Anull%2C%5C%22msclkid%5C%22%3Anull%2C%5C%22placeholder%5C%22%3Anull%2C%5C%22placeholder2%5C%22%3Anull%2C%5C%22ppc_click_id%5C%22%3Anull%2C%5C%22ppc_creative%5C%22%3Anull%2C%5C%22real_time_response%5C%22%3Anull%2C%5C%22Referrer%5C%22%3A%5C%22Texthub%5C%22%2C%5C%22signal_type%5C%22%3Anull%2C%5C%22Subid%5C%22%3A%5C%22aged-All2022-Health-estcst-NonV-20240730%5C%22%2C%5C%22Subreferrer%5C%22%3A%5C%22sms%5C%22%2C%5C%22transfer%5C%22%3Anull%2C%5C%22utm_campaign%5C%22%3Anull%2C%5C%22vertical%5C%22%3A%5C%22medicare%5C%22%7D%22%2C%22request_data%22%3A%22%5B%7B%5C%22request_id%5C%22%3A%5C%22rr_244382%5C%22%2C%5C%22advertiser_campaign_id_from_network%5C%22%3A%5C%22rr_244382%5C%22%7D%5D%22%7D&jsoncallback=json_rr1&

Domain: pnapi.invoca.net
URL: https://pnapi.invoca.net/9/api/2014-09-01/map_number.jsonp?network_id=585&js_version=4.31.1&tag_id=585%2F0419737375&request_data_shared_params=%7B%22pid%22%3A%22rr_1653458576%22%2C%22invoca_id%22%3A%22i-367d9d38-1cb2-4f25-bb6c-122e66b560e9%22%2C%22utm_medium%22%3A%22direct%22%2C%22utm_source%22%3A%22direct%22%2C%22buyer%22%3Anull%2C%22calling_page%22%3A%22https%3A%2F%2Fwww.medicareinfo.org%2Ffindplans%2F1step%3FReferrer%3DTexthub%26Subreferrer%3Dsms%26Subid%3Daged-All2022-Health-estcst-NonV-20240730%26vertical%3Dmedicare%26prepop%3D1%26pid%3Drr_1653458576%26invsrc%3Drr_244382%26elid%3D240B334J824C614D%22%2C%22calling_page_longtext%22%3A%22https%3A%2F%2Fwww.medicareinfo.org%2Ffindplans%2F1step%3FReferrer%3DTexthub%26Subreferrer%3Dsms%26Subid%3Daged-All2022-Health-estcst-NonV-20240730%26vertical%3Dmedicare%26prepop%3D1%26pid%3Drr_1653458576%26invsrc%3Drr_244382%26elid%3D240B334J824C614D%22%2C%22campaign%22%3Anull%2C%22client%22%3Anull%2C%22client_name%22%3Anull%2C%22EngagementId%22%3Anull%2C%22Eref%22%3Anull%2C%22gclid%22%3Anull%2C%22insurance_type%22%3Anull%2C%22invsrc%22%3A%22rr_244382%22%2C%22keyword%22%3Anull%2C%22matchtype%22%3Anull%2C%22msclkid%22%3Anull%2C%22placeholder%22%3Anull%2C%22placeholder2%22%3Anull%2C%22ppc_click_id%22%3Anull%2C%22ppc_creative%22%3Anull%2C%22real_time_response%22%3Anull%2C%22Referrer%22%3A%22Texthub%22%2C%22signal_type%22%3Anull%2C%22Subid%22%3A%22aged-All2022-Health-estcst-NonV-20240730%22%2C%22Subreferrer%22%3A%22sms%22%2C%22transfer%22%3Anull%2C%22utm_campaign%22%3Anull%2C%22vertical%22%3A%22medicare%22%7D&client_messages=%7B%7D&client_info=%7B%22url%22%3A%22https%3A%2F%2Fwww.medicareinfo.org%2Ffindplans%2F1step%3FReferrer%3DTexthub%26Subreferrer%3Dsms%26Subid%3Daged-All2022-Health-estcst-NonV-20240730%26vertical%3Dmedicare%26prepop%3D1%26pid%3Drr_1653458576%26invsrc%3Drr_244382%26elid%3D240B334J824C614D%22%2C%22referrer%22%3A%22%22%2C%22cores%22%3A12%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22screenWidth%22%3A1600%2C%22screenHeight%22%3A1200%2C%22language%22%3A%22fi-FI%22%7D&request_data=%5B%7B%22request_id%22%3A%22rr_244382%22%2C%22advertiser_campaign_id_from_network%22%3A%22rr_244382%22%7D%5D&destination_settings=%7B%22paramName%22%3Anull%7D&metrics=%5B%5B%22beaconSupported%22%2C%22counter%22%5D%5D&jsoncallback=json_rr2&

Domain: create.leadid.com
URL: https://create.leadid.com/2.15.0/InitFormData?msn=3&pid=0875ac8e-4680-4214-a0ae-13eab1a5b126&token=865A26FD-33C9-3E64-8FC8-B574B652CC59&_=726461218

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.medicareinfo.org/	1969-12-31 23:59:59	Name: PHPSESSID Value: 47c84c83dbdecc8fe6c268b8fe9d949e
.www.medicareinfo.org/	1970-01-20 22:30:24	Name: mobile_detection Value: a%3A0%3A%7B%7D
www.medicareinfo.org/	1970-01-20 22:29:05	Name: laravel_session Value: eyJpdiI6IkFoR0hXVDhsQ0tkSFhnNEFOSkc3QVE9PSIsInZhbHVlIjoiR3NEcHpJZk9iV0twZWVwZXZqK0Nqc0VGbW5NajZHS0NmNXlOZTNnaytRUkQwSWJJNkhBNzVTMUhLMnZCdEhHc1k1YVRLeG5FcTNkK2FQdWtBTkdwaHdGeVpSM0ExNDlJSElRdkc0dTFXZWVML1c3SzdZMEpCM2FKU1g3am12THEiLCJtYWMiOiI4NmNmOWRhMDcxMzJkYTlkMzY0ODBmOTNhMjI0YWRmZGNjM2U1ZDlkMDljMWUwOTQ2YzM4OTI0ZDFmNDZkMTBiIiwidGFnIjoiIn0%3D
.medicareinfo.org/	1969-12-31 23:59:59	Name: at_check Value: true
.medicareinfo.org/	1970-01-21 08:04:58	Name: mbox Value: session#93426d6189204531a30d390d414792b3#1722540048\|PC#93426d6189204531a30d390d414792b3.37_0#1785782988
.medicareinfo.org/	1970-01-21 08:04:58	Name: _ga_G33YFDDDLQ Value: GS1.1.1722538187.1.0.1722538187.60.0.0
.medicareinfo.org/	1970-01-21 08:04:58	Name: _ga Value: GA1.1.1032681333.1722538187
.doubleclick.net/	1970-01-20 22:28:59	Name: test_cookie Value: CheckForPermission
.medicareinfo.org/	1970-01-20 22:30:24	Name: _uetsid Value: d6e7ed80503611efb3f3334aea110e97
.medicareinfo.org/	1970-01-21 07:50:34	Name: _uetvid Value: d6e812c0503611ef874bed493e35720d
.medicareinfo.org/	1970-01-21 08:04:58	Name: invoca_session Value: %7B%22ttl%22%3A%222024-08-31T18%3A49%3A53.586Z%22%2C%22session%22%3A%7B%22pid%22%3A%22rr_1653458576%22%2C%22invoca_id%22%3A%22i-367d9d38-1cb2-4f25-bb6c-122e66b560e9%22%7D%2C%22config%22%3A%7B%22ce%22%3Atrue%2C%22fv%22%3Afalse%2C%22rn%22%3Afalse%2C%22ciop%22%3A%22invsrc%22%2C%22ciov%22%3A%22rr_244382%22%7D%7D
www.medicareinfo.org/	1969-12-31 23:59:59	Name: leadid_token-478B1969-F034-6785-243D-D2DE64FC7F68-BF80DAD6-C869-CF3B-1C34-B312F9002032 Value: 865A26FD-33C9-3E64-8FC8-B574B652CC59
.bing.com/	1970-01-21 07:50:34	Name: MUID Value: 2B23DC38CEA463D906A1C8F6CFCF62D7
.trueleadid.com/	1969-12-31 23:59:59	Name: nlbi_3051494 Value: 8yX5IgQCw0tHV92IC30iGwAAAAAwVK2zhabDm2DqeJrfiAHk
.trueleadid.com/	1970-01-21 07:13:25	Name: visid_incap_3051494 Value: jHPxf/bSQimujlOTfVWjXtHYq2YAAAAAQUIPAAAAAABTNxJahOlgvu8Kv6t+U6Ir
.trueleadid.com/	1969-12-31 23:59:59	Name: incap_ses_7236_3051494 Value: dNf6EQFOLX7JKKLHuW9rZNHYq2YAAAAAL2U5zItDrqBprCjkW/kWmw==
.deviceid.trueleadid.com/	1970-01-21 08:04:58	Name: uuid Value: 94010985f4114aa88bd6eb382f086fd5

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://www.medicareinfo.org/findplans/1step?Referrer=Texthub&Subreferrer=sms&Subid=aged-All2022-Health-estcst-NonV-20240730&vertical=medicare&prepop=1&pid=rr_1653458576&invsrc=rr_244382&elid=240B334J824C614D Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acsbapp.com
api.pushnami.com
apolloint.tt.omtrdc.net
assets.adobedtm.com
bat.bing.com
cdn.acsbapp.com
cdn.trustedform.com
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
lnsure.co
pnapi.invoca.net
region1.analytics.google.com
script.anura.io
solutions.invocacdn.com
stats.g.doubleclick.net
trc.pushnami.com
www.google.fi
www.googleadservices.com
www.googletagmanager.com
www.lnsure.co
www.medicareinfo.org
create.leadid.com
pnapi.invoca.net
13.224.189.93
142.250.184.226
142.250.185.98
18.155.129.90
18.165.196.149
2001:4860:4802:34::36
2600:9000:25eb:8e00:1c:7f1a:6680:93a1
2606:4700:10::6816:1cc
2606:4700:10::ac43:29e5
2620:1ec:c11::237
2a00:1450:4001:800::200a
2a00:1450:4001:81c::2008
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2003
2a00:1450:400c:c0c::9d
2a02:26f0:480:f9d::1e80
3.10.27.95
3.221.233.180
34.196.88.25
66.235.152.221
69.20.100.159
69.20.112.192
08b44a2029f9548c4b033330c9deff52b816224aa64d4c5232997d0016c3838e
095a6fba786d02edd523400b43333ac59addc60836665d6d51a0dd36a23694f6
0ae71aef1c47c227727f0516f62f1b9a68866d80f9f9993df9f1004c773d534e
125095eccae0a4deffe181229850e1d19c4e026804d8670131cb5c1825e598ad
12df4264d13e00696eb916b7086be41e8e96500fb29dfd3e84aad48a666d2cfa
13c5d672a26ed35aa291a6aa89d87ceb703d430b9c6e918b5cd2749414539c4d
182f6c98d86cac1dc13d18d99469e292ebb57d82d117d4362f867ad5ecf4c963
2acd99e5f913a403cc1d99fedad728e0d4baac2ca60c6d0ebac87b51fffd3228
34e3a7ec8774ce99b6ea58ce49489da38c2c932e92a26fe77a4f9ac7bae7c778
39c5438deae33d724fd36c809445d930fb6e511052da93d0f5d75546eca3cbe8
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
434466b59545a8a1cac6ddb38197cdc6b35995a98c3f3812fb88d61b1c300dd3
45976a621181ee7fd8bf20fa6df22ba74aa4dbee43439c40f5dce33d3adfe5dc
45e2fbed49271949ffd9c52aebaa33f665549216d2f5f5ccdb882e5309d48e20
4b29ebf68a191a96e6bd5923316fd7210c39c5c6929df630c71fbf75a38a21d1
4b34ec36d9f001903bddc1b5ae4f0369ba3c7aaafaed9152676276fd7eb99f8f
52156d233fe19698a9aec69a4af2ffba9b51289f2e213db1f09ebda59ff59c9a
552c856549eadac93ef6992baa5de0cf71ab39a598c9a02f56b2a8f727d0a223
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5bddb1d00c98a3623bd08ecdd521a4324328b4fd5d3700b6ddd1f0f66d6ebeb4
5dfec56f3beca43cfcceb633d1b2206754543332cd1770273d557d639244b6b0
5f5e7f78a8f1571c4a2b837eb87e6cc85bffb36d41cc59368b5f5b427fcccd6a
66c4b2c2680c2b3615a6e20a48dfce1fd60449b0f8029940fd7fb83cbaec3474
6ca843c8152080da9858beb844feafe1264162fa3285d61286251ef9be1537e6
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
89d0f1c6a28a15c0ce9a371c5d40c8c019caa09cc8250c8cd58dd4228bab83a5
8b388f95e8972b35d03ced31f4c2af9066e110aebe87196a49dfbb629aff3b7a
8c4578fae914ea3c9cc1d9f417a3e64048a35a7948f66c2361695f2ac98070a2
9f3bb69f68dc589e677910acc1087b2e2c2592f4dcad88b67a03a4e3434b6790
a592564b9b2d607aa653f3ca77adba6b405022dd91b1dfc9edf789a4eb02b953
a9dd349811c2bb82af5ce7080ac3f4f38c62431ba89ea3013ffedc81ae759a01
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
b5b11290efd43b20eae29b699b1a6e733cdf7dc3e3c6deefc6a47642da0ac2db
ba84a6de518728d15b12d153458a6a87f531a663d2a024f57f6cdf826e9c0983
bcca79b8e76857f173086c6532b8c32e7d6d5192de727d92195ebaa55fb08bb1
c88a0b907419a70c27ab7c1f8e5fb54441a4d9c3567e4c928fa7b2091194aecf
d5d35e3eb6e92073edf5bee6ff43437d2053de23343133d00578db5ccaa93d71
d7a7864a86aee7aa7706105cd44e34028957f748578070b6be09920af6092960
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f51a47ba4e832c99ffc2cc8ddc042cf87bccfbf352e8f17863e1f76d5a73e362

www.medicareinfo.org Open in urlscan Pro 69.20.100.159 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

50 Requests

94 %HTTPS

50 %IPv6

21 Domains

25 Subdomains

22 IPs

4 Countries

1000 kBTransfer

3149 kBSize

17 Cookies

0 Outgoing links

Page URL History

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.medicareinfo.org Open in urlscan Pro
69.20.100.159 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

94 %
HTTPS

50 %
IPv6

21
Domains

25
Subdomains

22
IPs

4
Countries

1000 kB
Transfer

3149 kB
Size

17
Cookies

50 HTTP transactions
0 data transactions