healthinsurance.net Open in urlscan Pro
52.203.139.140 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.variousmedicalproblems.com/9cb4S2395gO8h613Fz2372em4bb6W28qcsrDxaDrEwiDF8fxI7DwFDvEGsi8DR2omSnK6vV10mP5rNPih/enacting-comme...
Effective URL:
https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=fdde516ccdb36be1e455cc...
Submission: On October 22 via manual (October 22nd 2019, 2:13:47 pm UTC) from US

Summary HTTP 86 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 35 IPs in 8 countries across 30 domains to perform 86 HTTP transactions. The main IP is 52.203.139.140, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is healthinsurance.net.
TLS certificate: Issued by Amazon on January 8th 2019. Valid for: a year.

This is the only time healthinsurance.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:30:... 2606:4700:30::6812:3489	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	23.95.199.211 23.95.199.211	36352 (AS-COLOCR...) (AS-COLOCROSSING - ColoCrossing)
1 1	52.210.172.194 52.210.172.194	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	52.203.139.140 52.203.139.140	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:821::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
15	143.204.101.112 143.204.101.112	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4	2606:4700::68... 2606:4700::6813:c597	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	143.204.101.5 143.204.101.5	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 3	2a00:1450:400... 2a00:1450:4001:820::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81a::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2600:9000:20e... 2600:9000:20eb:1200:1:1faa:9040:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	13.224.196.101 13.224.196.101	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
2	2a00:1288:f03... 2a00:1288:f03d:1fa::2000	10310 (YAHOO-1) (YAHOO-1 - Oath Holdings Inc.)
2 5	54.239.17.112 54.239.17.112	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	151.101.12.175 151.101.12.175	54113 (FASTLY) (FASTLY - Fastly)
1	2620:1ec:bdf::10 2620:1ec:bdf::10	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	2a00:1450:400... 2a00:1450:400c:c04::9d	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	143.204.101.19 143.204.101.19	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	51.105.108.194 51.105.108.194	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
1 2	151.101.112.175 151.101.112.175	54113 (FASTLY) (FASTLY - Fastly)
1	2606:4700:10:... 2606:4700:10::6814:4b82	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
7	50.97.168.187 50.97.168.187	36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.)
1	143.204.101.121 143.204.101.121	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4	199.68.195.199 199.68.195.199	19626 (EVC-AS) (EVC-AS - QuoVadis Services Limited)
1 2	2a00:1450:400... 2a00:1450:4001:809::2013	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	35.177.239.109 35.177.239.109	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4	34.238.10.193 34.238.10.193	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE - Google LLC)
1	52.212.115.156 52.212.115.156	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	143.204.98.150 143.204.98.150	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
86	35

1 2606:4700:30::6812:3489 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.variousmedicalproblems.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.95.199.211 (Buffalo, United States)

ASN36352 (AS-COLOCROSSING - ColoCrossing, US)
PTR: 23-95-199-211-host.colocrossing.com

crossmelody.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.172.194 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-210-172-194.eu-west-1.compute.amazonaws.com

tracking.healthinsurance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.203.139.140 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-203-139-140.compute-1.amazonaws.com

healthinsurance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 143.204.101.112 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-112.fra50.r.cloudfront.net

cdn.assurance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:c597 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.101.5 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-5.fra50.r.cloudfront.net

js.honeybadger.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:820::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:20eb:1200:1:1faa:9040:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

d2ysjycjrua9tt.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.196.101 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-224-196-101.fra2.r.cloudfront.net

d31qbv1cthcecs.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:f03d:1fa::2000 (United Kingdom)

ASN10310 (YAHOO-1 - Oath Holdings Inc., US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.239.17.112 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.12.175 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:bdf::10 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

na5.cdn.thunderhead.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Switzerland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9d (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.101.19 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-19.fra50.r.cloudfront.net

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.105.108.194 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

na5.thunderhead.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.112.175 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY - Fastly, US)

consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
apiservices.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:4b82 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

create.lidstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 50.97.168.187 (Dallas, United States)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: bb.a8.6132.ip4.static.sl-reverse.com

api.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.101.121 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-121.fra50.r.cloudfront.net

cdn.pbbl.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 199.68.195.199 (Hamilton, Bermuda)

ASN19626 (EVC-AS - QuoVadis Services Limited, BM)

c1.ox-bio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2013 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

px0.pbbl.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.177.239.109 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-177-239-109.eu-west-2.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.238.10.193 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-238-10-193.compute-1.amazonaws.com

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s46-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.115.156 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-212-115-156.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.150 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-98-150.fra50.r.cloudfront.net

d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	assurance.com cdn.assurance.com	340 KB
7	trustedform.com api.trustedform.com	24 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	139 KB
5	krxd.net 1 redirects cdn.krxd.net consumer.krxd.net apiservices.krxd.net beacon.krxd.net	87 KB
5	amazon-adsystem.com 2 redirects s.amazon-adsystem.com	3 KB
5	cloudfront.net d2ysjycjrua9tt.cloudfront.net d31qbv1cthcecs.cloudfront.net d2m2wsoho8qq12.cloudfront.net	51 KB
4	leadid.com create.leadid.com	3 KB
4	ox-bio.com c1.ox-bio.com	21 KB
4	cloudflare.com cdnjs.cloudflare.com	83 KB
4	healthinsurance.net 1 redirects tracking.healthinsurance.net healthinsurance.net	62 KB
3	pbbl.co 1 redirects cdn.pbbl.co px0.pbbl.co	4 KB
3	facebook.com www.facebook.com	707 B
3	bing.com bat.bing.com	8 KB
3	google.com 1 redirects www.google.com	827 B
2	google.de www.google.de	321 B
2	thunderhead.com na5.cdn.thunderhead.com na5.thunderhead.com	27 KB
2	yimg.com s.yimg.com	6 KB
2	facebook.net connect.facebook.net	33 KB
2	google-analytics.com www.google-analytics.com	18 KB
2	crossmelody.com crossmelody.com	5 KB
1	googleadservices.com www.googleadservices.com	208 B
1	agkn.com 1 redirects aa.agkn.com	380 B
1	lidstatic.com create.lidstatic.com	39 KB
1	alexametrics.com certify.alexametrics.com	552 B
1	doubleclick.net 1 redirects stats.g.doubleclick.net	160 B
1	yahoo.com sp.analytics.yahoo.com	448 B
1	googletagmanager.com www.googletagmanager.com	31 KB
1	honeybadger.io js.honeybadger.io	4 KB
1	googleapis.com fonts.googleapis.com	794 B
1	variousmedicalproblems.com www.variousmedicalproblems.com	580 B
86	30

	Domain	Requested by
15	cdn.assurance.com	healthinsurance.net
7	api.trustedform.com	cdn.assurance.com api.trustedform.com
5	s.amazon-adsystem.com	2 redirects www.variousmedicalproblems.com healthinsurance.net api.trustedform.com
4	create.leadid.com	create.lidstatic.com
4	c1.ox-bio.com	www.googletagmanager.com healthinsurance.net
4	fonts.gstatic.com	healthinsurance.net cdn.assurance.com
4	cdnjs.cloudflare.com	healthinsurance.net
3	www.facebook.com	healthinsurance.net
3	bat.bing.com	www.variousmedicalproblems.com healthinsurance.net
3	d2ysjycjrua9tt.cloudfront.net	healthinsurance.net
3	www.gstatic.com	www.google.com cdn.assurance.com www.gstatic.com
3	www.google.com	1 redirects healthinsurance.net www.gstatic.com
3	healthinsurance.net	crossmelody.com healthinsurance.net cdn.assurance.com
2	px0.pbbl.co	1 redirects healthinsurance.net
2	www.google.de	healthinsurance.net www.gstatic.com
2	cdn.krxd.net	www.variousmedicalproblems.com cdn.krxd.net
2	s.yimg.com	www.variousmedicalproblems.com s.yimg.com
2	connect.facebook.net	www.variousmedicalproblems.com connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com healthinsurance.net
2	crossmelody.com	crossmelody.com
1	d2m2wsoho8qq12.cloudfront.net	create.lidstatic.com
1	beacon.krxd.net	cdn.krxd.net
1	www.googleadservices.com	www.gstatic.com
1	aa.agkn.com	1 redirects
1	apiservices.krxd.net	1 redirects
1	cdn.pbbl.co	www.variousmedicalproblems.com
1	create.lidstatic.com	cdn.assurance.com
1	consumer.krxd.net	cdn.krxd.net
1	na5.thunderhead.com	na5.cdn.thunderhead.com
1	certify.alexametrics.com	healthinsurance.net
1	stats.g.doubleclick.net	1 redirects
1	sp.analytics.yahoo.com	healthinsurance.net
1	na5.cdn.thunderhead.com	www.variousmedicalproblems.com
1	d31qbv1cthcecs.cloudfront.net	www.variousmedicalproblems.com
1	www.googletagmanager.com	cdn.assurance.com
1	js.honeybadger.io	healthinsurance.net
1	fonts.googleapis.com	healthinsurance.net
1	tracking.healthinsurance.net	1 redirects
1	www.variousmedicalproblems.com
86	39

This site contains links to these domains. Also see Links.

Domain
policies.google.com

Subject Issuer	Validity	Valid
*.healthinsurance.net Amazon	`2019-01-08` - `2020-02-08`	a year	crt.sh
*.googleapis.com GTS CA 1O1	`2019-10-03` - `2019-12-26`	3 months	crt.sh
*.assurance.com Amazon	`2019-01-08` - `2020-02-08`	a year	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-08-10` - `2020-02-16`	6 months	crt.sh
*.honeybadger.io COMODO RSA Domain Validation Secure Server CA	`2017-06-07` - `2020-07-14`	3 years	crt.sh
www.google.com GTS CA 1O1	`2019-10-03` - `2019-12-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-10-03` - `2019-12-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2019-10-03` - `2019-12-26`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-09-22` - `2019-12-20`	3 months	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2019-10-14` - `2019-11-28`	a month	crt.sh
s.amazon-adsystem.com Amazon	`2018-12-12` - `2019-12-12`	a year	crt.sh
*.c.ssl.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-08-23` - `2020-08-23`	a year	crt.sh
*.cdn.thunderhead.com DigiCert SHA2 High Assurance Server CA	`2019-08-08` - `2021-10-27`	2 years	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2019-05-09` - `2019-11-05`	6 months	crt.sh
www.google.de GTS CA 1O1	`2019-10-03` - `2019-12-26`	3 months	crt.sh
certify.alexametrics.com Amazon	`2019-07-26` - `2020-08-26`	a year	crt.sh
*.thunderhead.com DigiCert SHA2 High Assurance Server CA	`2019-08-14` - `2021-11-16`	2 years	crt.sh
lidstatic.com CloudFlare Inc ECC CA-2	`2019-07-02` - `2020-07-01`	a year	crt.sh
*.trustedform.com Go Daddy Secure Certificate Authority - G2	`2019-01-04` - `2020-03-05`	a year	crt.sh
*.pbbl.co Amazon	`2019-01-31` - `2020-02-29`	a year	crt.sh
ox-bio.com QuoVadis Global SSL ICA G2	`2017-08-01` - `2020-08-01`	3 years	crt.sh
px0.pbbl.co COMODO RSA Domain Validation Secure Server CA	`2016-11-23` - `2019-11-23`	3 years	crt.sh
create.leadid.com Amazon	`2019-01-16` - `2020-02-16`	a year	crt.sh
www.googleadservices.com GTS CA 1O1	`2019-10-03` - `2019-12-26`	3 months	crt.sh
*.krxd.net DigiCert SHA2 Secure Server CA	`2019-04-11` - `2020-04-11`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=fdde516ccdb36be1e455cc0fcff765db&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=fdde516ccdb36be1e455cc0fcff765db&aff_sub4=&utm_kxconfid=t4kwo0a21
Frame ID: 1271D5C2AA92CF225D12D4A24F18BECC
Requests: 83 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D574a79c7-dd25-c41a-f3cd-9713f309b8eb%26type%3D43%26m%3D1&ex-fch=416613&ex-src=https://www.healthinsurance.net/&ex-hargs=v%3D1.0%3Bc%3D4565912920301%3Bp%3D574A79C7-DD25-C41A-F3CD-9713F309B8EB&cb=482320774528795840&dcc=t
Frame ID: BD16D2437E186B86EB84C2D5B826BF84
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcQnacUAAAAAPLgJfUTwV3S6-izNvVWMwXVutm-&co=aHR0cHM6Ly9oZWFsdGhpbnN1cmFuY2UubmV0OjQ0Mw..&hl=en&v=5fbZx3NV5xhaMoMLrZV3TkN4&size=invisible&cb=hvr4cw5zb3k9
Frame ID: F35189AD405C6328D2C14ABF1FBEDE07
Requests: 1 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=20A87B99-193A-7431-AD44-6CC6D6ADFF60&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.5.2&lck=CF934278-B099-EB50-BF86-105A165FCB4E&lac=8AA3F211-CA81-3833-51B1-095D2985DA90
Frame ID: 3EE371CFEC64EEF92A8A964834FC4ECD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.variousmedicalproblems.com/9cb4S2395gO8h613Fz2372em4bb6W28qcsrDxaDrEwiDF8fxI7DwFDvEGsi8DR2omSnK6vV10mP5... Page URL
http://crossmelody.com/clicks?cid=22384&pub=201465&sid1=&sid2=&sid3=&sid4= Page URL
https://tracking.healthinsurance.net/aff_c?offer_id=79&aff_id=1265&aff_sub=201465&aff_sub2=fdde516ccdb36be1e455cc... HTTP 302
https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=fd... Page URL

Detected technologies

Ruby (Programming Languages) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

script /\/recaptcha\/api\.js/i

Page Statistics

86
Requests

97 %
HTTPS

47 %
IPv6

30
Domains

39
Subdomains

35
IPs

8
Countries

989 kB
Transfer

2347 kB
Size

13
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://policies.google.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.variousmedicalproblems.com/9cb4S2395gO8h613Fz2372em4bb6W28qcsrDxaDrEwiDF8fxI7DwFDvEGsi8DR2omSnK6vV10mP5rNPih/enacting-commercial Page URL
http://crossmelody.com/clicks?cid=22384&pub=201465&sid1=&sid2=&sid3=&sid4= Page URL
https://tracking.healthinsurance.net/aff_c?offer_id=79&aff_id=1265&aff_sub=201465&aff_sub2=fdde516ccdb36be1e455cc0fcff765db&aff_sub3=22384&aff_sub4=&aff_sub5= HTTP 302
https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=fdde516ccdb36be1e455cc0fcff765db&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=fdde516ccdb36be1e455cc0fcff765db&aff_sub4=&utm_kxconfid=t4kwo0a21 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D574a79c7-dd25-c41a-f3cd-9713f309b8eb%26type%3D43%26m%3D1&ex-fch=416613&ex-src=https://www.healthinsurance.net/&ex-hargs=v%3D1.0%3Bc%3D4565912920301%3Bp%3D574A79C7-DD25-C41A-F3CD-9713F309B8EB&cb=482320774528795840 HTTP 302
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D574a79c7-dd25-c41a-f3cd-9713f309b8eb%26type%3D43%26m%3D1&ex-fch=416613&ex-src=https://www.healthinsurance.net/&ex-hargs=v%3D1.0%3Bc%3D4565912920301%3Bp%3D574A79C7-DD25-C41A-F3CD-9713F309B8EB&cb=482320774528795840&dcc=t

Request Chain 42

https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3D7dcb44b5-b96b-40e5-10da-dbe017b7d6dc%26type%3D14%26m%3D1&ex-fch=416613&ex-src=https://www.healthinsurance.net/&ex-hargs=v%3D1.0%3Bc%3D7715990030901%3Bp%3D7DCB44B5-B96B-40E5-10DA-DBE017B7D6DC HTTP 302
https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3D7dcb44b5-b96b-40e5-10da-dbe017b7d6dc%26type%3D14%26m%3D1&ex-fch=416613&ex-src=https://www.healthinsurance.net/&ex-hargs=v%3D1.0%3Bc%3D7715990030901%3Bp%3D7DCB44B5-B96B-40E5-10DA-DBE017B7D6DC&dcc=t

Request Chain 45

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-73253617-1&cid=1364224076.1571753613&jid=1761594172&gjid=1796824521&_gid=482595857.1571753613&_u=YGBAgEAB~&z=602968896 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-73253617-1&cid=1364224076.1571753613&jid=1761594172&_v=j79&z=602968896 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-73253617-1&cid=1364224076.1571753613&jid=1761594172&_v=j79&z=602968896&slf_rd=1&random=4150125898

Request Chain 61

https://apiservices.krxd.net/click_tracker/track?kxconfid=t2unfouy2&kxcampaignid=wex4&kxplacementid=healthinsurance.net&kxsiteid=22384&clk=https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=fdde516ccdb36be1e455cc0fcff765db&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=fdde516ccdb36be1e455cc0fcff765db&aff_sub4=&utm_kxconfid=t4kwo0a21 HTTP 302
https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=fdde516ccdb36be1e455cc0fcff765db&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=fdde516ccdb36be1e455cc0fcff765db&aff_sub4=&utm_kxconfid=t4kwo0a21

Request Chain 63

https://px0.pbbl.co/ns/__p2.gif?brid=1618&brcid=126381187&email=&orderId=null&orderValue=&productId=&offerCode=&label=&pageUrl=https%3A%2F%2Fhealthinsurance.net%2Fhi_wizard%2F%3Futm_source%3Dwex4%26utm_medium%3Dcpl%26utm_campaign%3D201465%26utm_content%3Dfdde516ccdb36be1e455cc0fcff765db%26utm_term%3D22384%26offer_id%3D79%26transaction_id%3D102b001f90348ca89c3adff09078e4%26aff_sub%3D201465%26aff_sub5%3D%26aff_sub3%3D22384%26aff_sub2%3Dfdde516ccdb36be1e455cc0fcff765db%26aff_sub4%3D%26utm_kxconfid%3Dt4kwo0a21%23health%2FUrgency&referrerUrl=http%3A%2F%2Fcrossmelody.com%2Fclicks%3Fcid%3D22384%26pub%3D201465%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&targetUrl=https%3A%2F%2Fhealthinsurance.net%2Fhi_wizard%2F%3Futm_source%3Dwex4%26utm_medium%3Dcpl%26utm_campaign%3D201465%26utm_content%3Dfdde516ccdb36be1e455cc0fcff765db%26utm_term%3D22384%26offer_id%3D79%26transaction_id%3D102b001f90348ca89c3adff09078e4%26aff_sub%3D201465%26aff_sub5%3D%26aff_sub3%3D22384%26aff_sub2%3Dfdde516ccdb36be1e455cc0fcff765db%26aff_sub4%3D%26utm_kxconfid%3Dt4kwo0a21%23health%2FUrgency&sessionId=&markerType=seg&rand=zNIjDe1njvhCCrc4&jsVer=3.0&markerId=341566 HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9212282598&_ppid=21ab73c3-abde-4b79-85d9-f0a92dfbc2b1&_segid=99&iid=feb16a8f-735c-4cc2-9ac0-7eb9bd96778f HTTP 302
https://px0.pbbl.co/adadvisor.gif?segment=000&_ppid=21ab73c3-abde-4b79-85d9-f0a92dfbc2b1&_segid=99&_zip=&hk=&iid=feb16a8f-735c-4cc2-9ac0-7eb9bd96778f&mt=&bd=

86 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set enacting-commercial Show response
www.variousmedicalproblems.com/9cb4S2395gO8h613Fz2372em4bb6W28qcsrDxaDrEwiDF8fxI7DwFDvEGsi8DR2omSnK6vV10mP5rNPih/ 124 B
580 B 2243ms
2217ms Document
text/html 2606:4700:30::6812:3489
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://www.variousmedicalproblems.com/9cb4S2395gO8h613Fz2372em4bb6W28qcsrDxaDrEwiDF8fxI7DwFDvEGsi8DR2omSnK6vV10mP5rNPih/enacting-commercial
Protocol: HTTP/1.1
Server: 2606:4700:30::6812:3489 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.3.3
Resource Hash: ae54cf1b3625f10b88e3c48fadc128db1c48b6c25d2e04de1528cf778e3decbe

Request headers

Host: www.variousmedicalproblems.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 22 Oct 2019 14:13:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=dd12859c0c772e5c280240d971c2b4e5d1571753609; expires=Wed, 21-Oct-20 14:13:29 GMT; path=/; domain=.variousmedicalproblems.com; HttpOnly
X-Powered-By: PHP/5.3.3
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 529c127a5ed35952-VIE
Content-Encoding: gzip

GET
H/1.1 200
OK clicks Show response
crossmelody.com/ 4 KB
5 KB 271ms
137ms Document
text/html 23.95.199.211
ColoCrossing

General

Check archive.org

Show headers Download Go to

Full URL: http://crossmelody.com/clicks?cid=22384&pub=201465&sid1=&sid2=&sid3=&sid4=
Protocol: HTTP/1.1
Server: 23.95.199.211 Buffalo, United States, ASN36352 (AS-COLOCROSSING - ColoCrossing, US),
Reverse DNS: 23-95-199-211-host.colocrossing.com
Software: nginx/1.16.1 / PHP/5.4.16
Resource Hash: 825f20883489230d873c75b55a9d20d6b5fd0860bb9757121f75e71d31a931d9

Request headers

Host: crossmelody.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://www.variousmedicalproblems.com/9cb4S2395gO8h613Fz2372em4bb6W28qcsrDxaDrEwiDF8fxI7DwFDvEGsi8DR2omSnK6vV10mP5rNPih/enacting-commercial
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.variousmedicalproblems.com/9cb4S2395gO8h613Fz2372em4bb6W28qcsrDxaDrEwiDF8fxI7DwFDvEGsi8DR2omSnK6vV10mP5rNPih/enacting-commercial

Response headers

Server: nginx/1.16.1
Date: Tue, 22 Oct 2019 14:13:31 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.16

POST
H/1.1 200
OK index.php
crossmelody.com/ 234 B
426 B 524ms
523ms XHR
text/html 23.95.199.211
ColoCrossing

General

Check archive.org

Show headers Download Go to

Full URL: http://crossmelody.com/index.php
Requested by: Host: crossmelody.com
URL: http://crossmelody.com/clicks?cid=22384&pub=201465&sid1=&sid2=&sid3=&sid4=
Protocol: HTTP/1.1
Server: 23.95.199.211 Buffalo, United States, ASN36352 (AS-COLOCROSSING - ColoCrossing, US),
Reverse DNS: 23-95-199-211-host.colocrossing.com
Software: nginx/1.16.1 / PHP/5.4.16
Resource Hash

Request headers

Referer: http://crossmelody.com/clicks?cid=22384&pub=201465&sid1=&sid2=&sid3=&sid4=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Tue, 22 Oct 2019 14:13:32 GMT
Server: nginx/1.16.1
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Transfer-Encoding: chunked
Content-Type: text/html

GET
H2

200

Primary Request / Show response
healthinsurance.net/hi_wizard/
Redirect Chain

https://tracking.healthinsurance.net/aff_c?offer_id=79&aff_id=1265&aff_sub=201465&aff_sub2=fdde516ccdb36be1e455cc0fcff765db&aff_sub3=22384&aff_sub4=&aff_sub5=
https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=fdde516ccdb36be1e455cc0fcff765db&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3a...

50 KB
10 KB

436ms
254ms

Document
text/html

52.203.139.140
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=fdde516ccdb36be1e455cc0fcff765db&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=fdde516ccdb36be1e455cc0fcff765db&aff_sub4=&utm_kxconfid=t4kwo0a21

Requested by

Host: crossmelody.com
URL: http://crossmelody.com/clicks?cid=22384&pub=201465&sid1=&sid2=&sid3=&sid4=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.203.139.140 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-203-139-140.compute-1.amazonaws.com

Software

Resource Hash

59c7eb8b83564e8ddac932ce4bd1e065f2fccc86f77a97fbd979f3227e4a8763

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: healthinsurance.net
:scheme: https
:path: /hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=fdde516ccdb36be1e455cc0fcff765db&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=fdde516ccdb36be1e455cc0fcff765db&aff_sub4=&utm_kxconfid=t4kwo0a21
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://crossmelody.com/clicks?cid=22384&pub=201465&sid1=&sid2=&sid3=&sid4=
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: http://crossmelody.com/clicks?cid=22384&pub=201465&sid1=&sid2=&sid3=&sid4=

Response headers

status: 200
date: Tue, 22 Oct 2019 14:13:32 GMT
content-type: text/html; charset=utf-8
x-frame-options: ALLOWALL
assur-appversion: 1.0.1010
etag: W/"59c7eb8b83564e8ddac932ce4bd1e065"
cache-control: max-age=0, private, must-revalidate
set-cookie: test_split_health_ds_quotes=show; path=/ test_split_remove_exit_blocker=control; path=/ test_split_recaptcha-badge=show; path=/ test_split_health_recommendation_tests=control; path=/ test_split_health_stm_tests=control; path=/ _insurance_session=0d0d3686b4304af3784aa671d1865667; path=/; secure; HttpOnly
x-request-id: 73e92ed4-98d6-4cea-a29e-6a7bd2f8a1f8
x-runtime: 0.164379
vary: Origin
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: same-origin
content-encoding: gzip

Redirect headers

status: 302
date: Tue, 22 Oct 2019 14:13:32 GMT
content-type: text/html; charset=iso-8859-1
content-length: 554
location: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=fdde516ccdb36be1e455cc0fcff765db&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=fdde516ccdb36be1e455cc0fcff765db&aff_sub4=&utm_kxconfid=t4kwo0a21
server: nginx/1.13.12
expires: Sat, 26 Jul 1997 05:00:00 GMT
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
x-robots-tag: noindex, nofollow
tracking_id: 102b001f90348ca89c3adff09078e4
set-cookie: enc_aff_session_79=ENC03bc440b3124a16576a874629e217f0783fb7465350c59f895f831a7fa821d4b65b16fff323333553ed4bd6ce1b7ac2172ddd50cb795e9678da6a2d5bf9a2d200f51706871aa56273281a1f56d55e9706bc25671f5128f8b0f2956354a640151ed5e68357bc5de38d299a4e1fe39928e4536c913b343853c41b1986a40b733f55823754ea90ebe49e7876e598b1567f56fd3f1defb6d3476c8469d0ce41ece15a42c3ae4c05566fe542937ac3078372c5ef2c8eef28005e03f693b1617cfcb539c1211e7c27d300d02de8ac0f8159b957c6f2bc0d1496ec84f6968e1a2a90f41b530270831; expires=Tue, 29 Oct 2019 14:13:32 GMT; path=/; ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI3NC4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS83NC4wLjM3MjkuMTY5IFNhZmFyaS81MzcuMzYiLCJjb25uZWN0aW9uX3NwZWVkIjoiYnJvYWRiYW5kIn0=; expires=Fri, 16 Sep 2022 00:53:32 GMT; path=/;
p3p: CP="NOI CUR OUR NOR INT"
access-control-allow-origin: *

GET
H2 200 css
fonts.googleapis.com/ 9 KB
794 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:821::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700

Requested by

Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=fdde516ccdb36be1e455cc0fcff765db&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=fdde516ccdb36be1e455cc0fcff765db&aff_sub4=&utm_kxconfid=t4kwo0a21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

373a0505368dab061278aa0b7243dc58fc165a25f8b0286d57f8835d06ab6e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 22 Oct 2019 14:13:33 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Tue, 22 Oct 2019 14:13:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Tue, 22 Oct 2019 14:13:33 GMT

GET
H/1.1 200
OK gtm-c6ad34199939ca4211eea0d25cdee444b7e6664af475ef70a9d741fba834f0f7.js Show response
cdn.assurance.com/insurance/public/assets/install/healthinsurance/ 324 B
927 B 57ms
7ms Script
application/x-javascript 143.204.101.112
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.assurance.com/insurance/public/assets/install/healthinsurance/gtm-c6ad34199939ca4211eea0d25cdee444b7e6664af475ef70a9d741fba834f0f7.js
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=fdde516ccdb36be1e455cc0fcff765db&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=fdde516ccdb36be1e455cc0fcff765db&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.112 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-112.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6ad34199939ca4211eea0d25cdee444b7e6664af475ef70a9d741fba834f0f7

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 22 Oct 2019 11:03:11 GMT
Via: 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
Last-Modified: Tue, 22 Oct 2019 10:06:49 GMT
Server: AmazonS3
Age: 11423
ETag: "b0d5fe155e9171b754084f4c639278fe"
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:231904212587:build/insurance:fc274bef-41ef-4c0d-88d3-1881886d3a70
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 324
X-Amz-Cf-Id: rMXqRy-X3qAG-w9iQ1j2HPJ1EgDGwyhg8iv7Pd6vKjAxE6QF7tqfVg==

GET
H/1.1 200
OK customer-241855f27afc6d187bb60e7b9e170f3d3e4e4909015b2ed8500f86cca4db9309.css
cdn.assurance.com/insurance/public/assets/ 218 KB
34 KB 58ms
8ms Stylesheet
text/css 143.204.101.112
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.assurance.com/insurance/public/assets/customer-241855f27afc6d187bb60e7b9e170f3d3e4e4909015b2ed8500f86cca4db9309.css
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=fdde516ccdb36be1e455cc0fcff765db&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=fdde516ccdb36be1e455cc0fcff765db&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.112 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-112.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1198497bc336def8414ca4ec9f429fbb3c38afbacbb4e7b2a3f939941bbc4f58

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 20 Oct 2019 13:45:05 GMT
Content-Encoding: gzip
Last-Modified: Sat, 19 Oct 2019 23:25:19 GMT
Server: AmazonS3
Age: 76337
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:231904212587:build/insurance:27a8010c-b37d-4a51-9e4e-44cbb34a7b88
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: LldxKpUZ3SZqU2hJNU85Uc7VTe3cVsM6Y0qPAzMpchdCykLxkbQ13w==

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
7 KB 20ms
18ms Stylesheet
text/css 2606:4700::6813:c597
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c597 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 22 Oct 2019 14:13:33 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 16387554
status: 200
alt-svc: h3-23=":443"; ma=86400
served-in-seconds: 0.001
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:19:12 GMT
server: cloudflare
etag: W/"5afd4910-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 529c12927844cb98-VIE
expires: Sun, 11 Oct 2020 14:13:33 GMT

GET
H/1.1 200
OK utility-c3c0f5a1e3c2f4e7471c3cf34ce7b3f10540750c3b05fdb5b1576d5be1f9170b.js Show response
cdn.assurance.com/insurance/public/assets/customer/ 5 KB
3 KB 58ms
8ms Script
application/x-javascript 143.204.101.112
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.assurance.com/insurance/public/assets/customer/utility-c3c0f5a1e3c2f4e7471c3cf34ce7b3f10540750c3b05fdb5b1576d5be1f9170b.js
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=fdde516ccdb36be1e455cc0fcff765db&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=fdde516ccdb36be1e455cc0fcff765db&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.112 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-112.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c3c0f5a1e3c2f4e7471c3cf34ce7b3f10540750c3b05fdb5b1576d5be1f9170b

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 21 Oct 2019 18:35:03 GMT
Content-Encoding: gzip
Last-Modified: Sat, 28 Sep 2019 11:20:24 GMT
Server: AmazonS3
Age: 70710
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:231904212587:build/insurance:a5b4cedb-70c8-4a49-a1f7-58b39ebd5f58
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: eB9eW6p1g4Pym6ITRlK5bXtoSfoVBnEPaOFPBlh6kyQiSt3xqhJSBQ==

GET
H/1.1 200
OK healthinsurance-d0c09059b130934708891c275fcbff50edeb7776fa1943b2ade4859d958c9960.css
cdn.assurance.com/insurance/public/assets/customer/ 2 KB
977 B 55ms
6ms Stylesheet
text/css 143.204.101.112
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.assurance.com/insurance/public/assets/customer/healthinsurance-d0c09059b130934708891c275fcbff50edeb7776fa1943b2ade4859d958c9960.css
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=fdde516ccdb36be1e455cc0fcff765db&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=fdde516ccdb36be1e455cc0fcff765db&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.112 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-112.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d0c09059b130934708891c275fcbff50edeb7776fa1943b2ade4859d958c9960

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 22 Oct 2019 11:03:11 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Oct 2019 10:07:36 GMT
Server: AmazonS3
Age: 11423
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:231904212587:build/insurance:fc274bef-41ef-4c0d-88d3-1881886d3a70
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: 9i9AmAJ3YMO2BO6R0V1FDFHNdsojzoTzEOhkSE-Ad6kMVQ958kCJ9g==

GET
H/1.1 200
OK health-f060c3e136630ce60b5fa1088d68a7a1fd048b0d75c19a4ddae58e8723c0b1fe.css
cdn.assurance.com/insurance/public/assets/plates/ 237 B
823 B 57ms
8ms Stylesheet
text/css 143.204.101.112
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.assurance.com/insurance/public/assets/plates/health-f060c3e136630ce60b5fa1088d68a7a1fd048b0d75c19a4ddae58e8723c0b1fe.css
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=fdde516ccdb36be1e455cc0fcff765db&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=fdde516ccdb36be1e455cc0fcff765db&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.112 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-112.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f060c3e136630ce60b5fa1088d68a7a1fd048b0d75c19a4ddae58e8723c0b1fe

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 22 Oct 2019 13:47:13 GMT
Via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
Last-Modified: Tue, 22 Oct 2019 13:09:19 GMT
Server: AmazonS3
Age: 1581
ETag: "b72b6a3a477d4fa502dc0f857fd6e24a"
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:231904212587:build/insurance:a05b27ad-bfea-4d71-9340-ee7b3803ddae
X-Cache: Hit from cloudfront
Content-Type: text/css
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 237
X-Amz-Cf-Id: 00U0Loox92OojHDCVfCa--qN_I8o359mmDHRnkpvM894eJP-DK1cjg==

GET
H/1.1 200
OK big_text-cbb649035cc0aab0434ac418212ee6ae2674f68670d0767b3231ce13049747a5.css
cdn.assurance.com/insurance/public/assets/plates/ 908 B
1 KB 56ms
7ms Stylesheet
text/css 143.204.101.112
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.assurance.com/insurance/public/assets/plates/big_text-cbb649035cc0aab0434ac418212ee6ae2674f68670d0767b3231ce13049747a5.css
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=fdde516ccdb36be1e455cc0fcff765db&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=fdde516ccdb36be1e455cc0fcff765db&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.112 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-112.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cbb649035cc0aab0434ac418212ee6ae2674f68670d0767b3231ce13049747a5

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 21 Oct 2019 21:13:12 GMT
Via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
Last-Modified: Mon, 21 Oct 2019 21:13:08 GMT
Server: AmazonS3
Age: 61222
ETag: "401fbf9dcce08729eb8e5375de6bb2e4"
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:231904212587:build/insurance:220c540f-cc38-412d-bb49-56efcd2c9fe9
X-Cache: Hit from cloudfront
Content-Type: text/css
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 908
X-Amz-Cf-Id: jkOCYxRmqLOIOddlbmIAj9-fus9aZ0GoSswgP0aDi1Z-PP2EpoHEeQ==

GET
H/1.1 200
OK honeybadger.min.js Show response
js.honeybadger.io/v0.4/ 7 KB
4 KB 46ms
13ms Script
application/x-javascript 143.204.101.5
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://js.honeybadger.io/v0.4/honeybadger.min.js
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=fdde516ccdb36be1e455cc0fcff765db&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=fdde516ccdb36be1e455cc0fcff765db&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.5 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-5.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a5a03ffb74678bd02d15096bdb6d36f08338cde8f8f51d7fa8c2cc3df9e6f4e5

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: oVQfnkFyjGraPKHgRCAgdUvTx_OvZVYJ
Content-Encoding: gzip
Last-Modified: Wed, 19 Jul 2017 17:08:27 GMT
Server: AmazonS3
Age: 53280
Date: Mon, 21 Oct 2019 23:25:34 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: BKnI17G9l3cW7tgZkXtX19iDSN_Ixi9bkFHOzW8CSUL0sBZ3aL6BkA==

GET
H/1.1 200
OK honeybadger-62400bc84c0bbc6c3d92853f1dc29871b5f5b247b2cf4ca92bbe9cb496ba2c60.js Show response
cdn.assurance.com/insurance/public/assets/install/ 2 KB
1 KB 63ms
7ms Script
application/x-javascript 143.204.101.112
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.assurance.com/insurance/public/assets/install/honeybadger-62400bc84c0bbc6c3d92853f1dc29871b5f5b247b2cf4ca92bbe9cb496ba2c60.js
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=fdde516ccdb36be1e455cc0fcff765db&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=fdde516ccdb36be1e455cc0fcff765db&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.112 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-112.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 62400bc84c0bbc6c3d92853f1dc29871b5f5b247b2cf4ca92bbe9cb496ba2c60

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 21 Oct 2019 18:35:06 GMT
Content-Encoding: gzip
Last-Modified: Sat, 17 Aug 2019 06:57:24 GMT
Server: AmazonS3
Age: 70707
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:231904212587:build/insurance:c9825661-2734-49b5-949a-92f332ca60cd
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: qYQYgv6kHxPOKye6AdGFse5yYw_PgRztI2JFAuGTRza9gAIMMD2_lg==

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 763 B
646 B 27ms
27ms Script
text/javascript 2a00:1450:4001:820::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LcQnacUAAAAAPLgJfUTwV3S6-izNvVWMwXVutm-

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

23451db084e5b7b10dc5b25145dd5703999acf5fd82f5f5cae58a4e6d43e6611

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 22 Oct 2019 14:13:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 498
x-xss-protection: 1; mode=block
expires: Tue, 22 Oct 2019 14:13:33 GMT

GET
H/1.1 200
OK ella-flip-080b58bfb270a0738da291bfc8693cbf683d222ee761597e682e29e21f6f76fc.png
cdn.assurance.com/insurance/public/assets/ 100 KB
100 KB 20ms
19ms Image
image/png 143.204.101.112
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.assurance.com/insurance/public/assets/ella-flip-080b58bfb270a0738da291bfc8693cbf683d222ee761597e682e29e21f6f76fc.png
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=fdde516ccdb36be1e455cc0fcff765db&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=fdde516ccdb36be1e455cc0fcff765db&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.112 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-112.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 080b58bfb270a0738da291bfc8693cbf683d222ee761597e682e29e21f6f76fc

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 22 Oct 2019 13:09:33 GMT
Via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
Last-Modified: Tue, 22 Oct 2019 13:09:09 GMT
Server: AmazonS3
Age: 3841
ETag: "db64300811ffdb901937748066c4718e"
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:231904212587:build/insurance:a05b27ad-bfea-4d71-9340-ee7b3803ddae
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 101895
X-Amz-Cf-Id: V5zv95vH9WJvfg6VD8W6zvdSZ_xZorgdvlT76Lryycq1Vsg7rID24g==

GET
H/1.1 200
OK loading-ea1c3eaefeb1b4e7a6d3fa97f320b3397e4f5d112afcb758e62513852b573423.gif
cdn.assurance.com/insurance/public/assets/icons/ 34 KB
35 KB 19ms
18ms Image
image/gif 143.204.101.112
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.assurance.com/insurance/public/assets/icons/loading-ea1c3eaefeb1b4e7a6d3fa97f320b3397e4f5d112afcb758e62513852b573423.gif
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=fdde516ccdb36be1e455cc0fcff765db&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=fdde516ccdb36be1e455cc0fcff765db&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.112 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-112.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ea1c3eaefeb1b4e7a6d3fa97f320b3397e4f5d112afcb758e62513852b573423

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 22 Oct 2019 13:09:33 GMT
Via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
Last-Modified: Tue, 22 Oct 2019 13:09:23 GMT
Server: AmazonS3
Age: 3841
ETag: "d6b028d0fe0d17991948c0b5c94e0a2e"
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:231904212587:build/insurance:a05b27ad-bfea-4d71-9340-ee7b3803ddae
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 34936
X-Amz-Cf-Id: ARqSNvHE7FI3T-8RaCdtU4e_SIUpkNX0LKyZVxRBJ7Dh0pl2v8Hamw==

GET
H/1.1 200
OK bbb-badge-white-simple-556dd6874d80f240e42525b0b3a6535dfac43ae3fbebbe0ebe44014847b2af4e.png
cdn.assurance.com/insurance/public/assets/logos/partners/ 10 KB
11 KB 400ms
399ms Image
image/png 143.204.101.112
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.assurance.com/insurance/public/assets/logos/partners/bbb-badge-white-simple-556dd6874d80f240e42525b0b3a6535dfac43ae3fbebbe0ebe44014847b2af4e.png
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=fdde516ccdb36be1e455cc0fcff765db&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=fdde516ccdb36be1e455cc0fcff765db&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.112 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-112.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 556dd6874d80f240e42525b0b3a6535dfac43ae3fbebbe0ebe44014847b2af4e

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 22 Oct 2019 14:13:34 GMT
Via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
Last-Modified: Tue, 22 Oct 2019 13:09:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA50-C1
ETag: "1f16fbafb717abe9e1d051844fb6c039"
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:231904212587:build/insurance:a05b27ad-bfea-4d71-9340-ee7b3803ddae
X-Cache: Miss from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10185
X-Amz-Cf-Id: HM866cHlCt4BIh4gTDqPGiFWAnAmYd4gHIfGWJ5sEI6QCdMVFMUVTQ==

GET
H2 200 cssrelpreload.min.js Show response
cdnjs.cloudflare.com/ajax/libs/loadCSS/2.1.0/ 1 KB
554 B 18ms
17ms Script
application/javascript 2606:4700::6813:c597
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/loadCSS/2.1.0/cssrelpreload.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c597 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

19cfca88e33cb1f56e957f1a653d3acad97f7cc927d0b2e329a80ead264578d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 22 Oct 2019 14:13:33 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 6536313
status: 200
alt-svc: h3-23=":443"; ma=86400
served-in-seconds: 0.001
timing-allow-origin: *
last-modified: Mon, 03 Dec 2018 23:00:54 GMT
server: cloudflare
etag: W/"5c05b5a6-4a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 529c1293097ccb98-VIE
expires: Sun, 11 Oct 2020 14:13:33 GMT

GET
H2 200 onloadCSS.min.js Show response
cdnjs.cloudflare.com/ajax/libs/loadCSS/2.1.0/ 241 B
224 B 17ms
17ms Script
application/javascript 2606:4700::6813:c597
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/loadCSS/2.1.0/onloadCSS.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c597 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7973f6d4de8da495c0a4a870d6b50fff04cc246e1628364160f8486e7f3a1f3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 22 Oct 2019 14:13:33 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 6522043
status: 200
alt-svc: h3-23=":443"; ma=86400
served-in-seconds: 0.000
timing-allow-origin: *
last-modified: Mon, 03 Dec 2018 23:00:54 GMT
server: cloudflare
etag: W/"5c05b5a6-f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 529c1293097dcb98-VIE
expires: Sun, 11 Oct 2020 14:13:33 GMT

GET
H/1.1 200
OK customer-f59824bef9933206c1ebf4358f41097b123fcba75a060e6b030d5ce6ed160eb5.js Show response
cdn.assurance.com/insurance/public/assets/ 471 KB
149 KB 7ms
7ms Script
application/x-javascript 143.204.101.112
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.assurance.com/insurance/public/assets/customer-f59824bef9933206c1ebf4358f41097b123fcba75a060e6b030d5ce6ed160eb5.js
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=fdde516ccdb36be1e455cc0fcff765db&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=fdde516ccdb36be1e455cc0fcff765db&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.112 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-112.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f59824bef9933206c1ebf4358f41097b123fcba75a060e6b030d5ce6ed160eb5

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 21 Oct 2019 19:19:12 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Oct 2019 18:17:20 GMT
Server: AmazonS3
Age: 68062
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:231904212587:build/insurance:9d20335f-5b98-4ba2-9fc2-7fcdd29c5718
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: wlolKMMvrsSmPZvaY3gSlGmhDjp7MKglNf71wZ9ORQduZtHsZ_Bv9A==

GET
H/1.1 200
OK recaptcha_v3-115e92ecc8cd17434bd87f305829287c2b633cc7c79fef3db40c812466c50189.js Show response
cdn.assurance.com/insurance/public/assets/ 357 B
960 B 8ms
8ms Script
application/x-javascript 143.204.101.112
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.assurance.com/insurance/public/assets/recaptcha_v3-115e92ecc8cd17434bd87f305829287c2b633cc7c79fef3db40c812466c50189.js
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=fdde516ccdb36be1e455cc0fcff765db&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=fdde516ccdb36be1e455cc0fcff765db&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.112 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-112.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 115e92ecc8cd17434bd87f305829287c2b633cc7c79fef3db40c812466c50189

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 22 Oct 2019 02:14:30 GMT
Via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
Last-Modified: Sat, 28 Sep 2019 11:20:11 GMT
Server: AmazonS3
Age: 43144
ETag: "665684d370d08fd9ad44b6090eedbb5d"
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:231904212587:build/insurance:a5b4cedb-70c8-4a49-a1f7-58b39ebd5f58
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 357
X-Amz-Cf-Id: Kf_dIE7HGyZwMHpy0sbVdszYI9MvpleRLF2PK62yfMLlhU7KM8miag==

GET
H/1.1 200
OK google_nums-4fa943c533adc193617c8826b5d07c87de1c952ef757fb2f4551e6e65cd1c49e.js Show response
cdn.assurance.com/insurance/public/assets/install/healthinsurance/ 413 B
1005 B 410ms
409ms Script
application/x-javascript 143.204.101.112
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.assurance.com/insurance/public/assets/install/healthinsurance/google_nums-4fa943c533adc193617c8826b5d07c87de1c952ef757fb2f4551e6e65cd1c49e.js
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=fdde516ccdb36be1e455cc0fcff765db&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=fdde516ccdb36be1e455cc0fcff765db&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.112 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-112.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4fa943c533adc193617c8826b5d07c87de1c952ef757fb2f4551e6e65cd1c49e

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 22 Oct 2019 14:13:34 GMT
Via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
Last-Modified: Tue, 22 Oct 2019 13:09:02 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA50-C1
ETag: "17cef9827b40af47807175cceb10f1d6"
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:231904212587:build/insurance:a05b27ad-bfea-4d71-9340-ee7b3803ddae
X-Cache: Miss from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 413
X-Amz-Cf-Id: TPe-BcGU8dJ9eDrSslYu3ZE_aPUAxFg37YcJI183HV2o7VwvjdV_ug==

GET
H/1.1 200
OK leadid-fc8ec001faf2a4299e345bfe462404de9efca8ddca4b663821b8f65865f4dc9b.js Show response
cdn.assurance.com/insurance/public/assets/ 294 B
897 B 8ms
6ms Script
application/x-javascript 143.204.101.112
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.assurance.com/insurance/public/assets/leadid-fc8ec001faf2a4299e345bfe462404de9efca8ddca4b663821b8f65865f4dc9b.js
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=fdde516ccdb36be1e455cc0fcff765db&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=fdde516ccdb36be1e455cc0fcff765db&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.112 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-112.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fc8ec001faf2a4299e345bfe462404de9efca8ddca4b663821b8f65865f4dc9b

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 21 Oct 2019 18:35:13 GMT
Via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
Last-Modified: Mon, 07 Oct 2019 15:19:26 GMT
Server: AmazonS3
Age: 70701
ETag: "4eaa75c84ccb4b4dabef51d291650dcf"
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:231904212587:build/insurance:3e7bacff-8c51-4cc5-9b40-a94570fbbae0
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 294
X-Amz-Cf-Id: O8ItCVWtnsV2FZlKxIjmzWZXU9zETTRry4LTUqIGcv32g_8XdrANqw==

GET
H/1.1 200
OK trustedForm-351e617fe9eba5db39ecdff23a83d6dc680e286691aa48fad095225902d3238d.js Show response
cdn.assurance.com/insurance/public/assets/ 412 B
1015 B 8ms
7ms Script
application/x-javascript 143.204.101.112
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.assurance.com/insurance/public/assets/trustedForm-351e617fe9eba5db39ecdff23a83d6dc680e286691aa48fad095225902d3238d.js
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=fdde516ccdb36be1e455cc0fcff765db&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=fdde516ccdb36be1e455cc0fcff765db&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.112 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-112.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 351e617fe9eba5db39ecdff23a83d6dc680e286691aa48fad095225902d3238d

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 21 Oct 2019 09:44:24 GMT
Via: 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
Last-Modified: Mon, 21 Oct 2019 09:22:01 GMT
Server: AmazonS3
Age: 15734
ETag: "fc7eb0ec8d79420f602f398e9138e868"
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:231904212587:build/insurance:069fb1f3-41f4-4a19-82f5-3f420b513b22
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 412
X-Amz-Cf-Id: Fg76E_URkbIHscdzpFbtimLZzoOcvAW0vPoGIUVXbWYGk8dr3OGZLg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 99 KB
31 KB 30ms
29ms Script
application/javascript 2a00:1450:4001:81a::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WQLF25

Requested by

Host: cdn.assurance.com
URL: https://cdn.assurance.com/insurance/public/assets/install/healthinsurance/gtm-c6ad34199939ca4211eea0d25cdee444b7e6664af475ef70a9d741fba834f0f7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

19a6fc420de5f5f42811e6fb6cb2855c8a42241d7257934b47ec3a7dc0549c29

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 22 Oct 2019 14:13:33 GMT
content-encoding: br
last-modified: Tue, 22 Oct 2019 12:00:00 GMT
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 31945
x-xss-protection: 0
expires: Tue, 22 Oct 2019 14:13:33 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/5fbZx3NV5xhaMoMLrZV3TkN4/ 253 KB
90 KB 23ms
6ms Script
text/javascript 2a00:1450:4001:809::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5fbZx3NV5xhaMoMLrZV3TkN4/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcQnacUAAAAAPLgJfUTwV3S6-izNvVWMwXVutm-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

bc5efe0814deaf9314fcd65d6c9d924ea008d2637945fae0acc3860c45deb1e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 17:12:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 21 Oct 2019 04:03:56 GMT
server: sffe
age: 75679
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 92268
x-xss-protection: 0
expires: Tue, 20 Oct 2020 17:12:14 GMT

GET
H2 200 healthinsurance.png
d2ysjycjrua9tt.cloudfront.net/img/logos/ 32 KB
32 KB 71ms
9ms Image
image/png 2600:9000:20eb:1200:1:1faa:9040:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2ysjycjrua9tt.cloudfront.net/img/logos/healthinsurance.png
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=fdde516ccdb36be1e455cc0fcff765db&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=fdde516ccdb36be1e455cc0fcff765db&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:1200:1:1faa:9040:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 26b6ded1f4da5ed4f61226c7a1f36be06d422b4b2ca54262103bc354ef732bc7

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 12:58:24 GMT
via: 1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
last-modified: Tue, 29 Jan 2019 04:10:36 GMT
server: AmazonS3
age: 1688
etag: "03fbef1b740f6d6cc39d5ab1d86edca8"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: 86400
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 32408
x-amz-cf-id: xUp9LNciefxXaK3TwCqlpRQrNY4rrY7-nfgS9deZj63KdyNeS39BqQ==

GET
H2 200 hero-1.jpg
d2ysjycjrua9tt.cloudfront.net/img/ 16 KB
17 KB 92ms
30ms Image
image/jpeg 2600:9000:20eb:1200:1:1faa:9040:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2ysjycjrua9tt.cloudfront.net/img/hero-1.jpg
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=fdde516ccdb36be1e455cc0fcff765db&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=fdde516ccdb36be1e455cc0fcff765db&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:1200:1:1faa:9040:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e15eb5040e99ce3f51d49580272bd18e4f2b5030b312315500916fd075e6a5e8

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 20 Oct 2019 19:38:13 GMT
via: 1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
last-modified: Tue, 21 May 2019 20:48:00 GMT
server: AmazonS3
age: 66815
etag: "2cfff2ffd8a2b57372c19a719844d014"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 16821
x-amz-cf-id: nlo8qzieqSmvslxbF8SE0w8JlMQD8YVQMgLQ4iyyNifHRZTs9blVgw==

GET
H2 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 44ms
17ms Font
application/octet-stream 2606:4700::6813:c597
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c597 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode: cors
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://healthinsurance.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 22 Oct 2019 14:13:33 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 16387554
status: 200
alt-svc: h3-23=":443"; ma=86400
content-length: 77160
served-in-seconds: 0.012
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:19:53 GMT
server: cloudflare
etag: "5afd4939-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 529c12933c288c74-VIE
expires: Sun, 11 Oct 2020 14:13:33 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:806::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Origin: https://healthinsurance.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 11 Oct 2019 19:39:28 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:37 GMT
server: sffe
age: 930845
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9016
x-xss-protection: 0
expires: Sat, 10 Oct 2020 19:39:28 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:806::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Origin: https://healthinsurance.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 19 Oct 2019 01:14:30 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:31:11 GMT
server: sffe
age: 305943
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9080
x-xss-protection: 0
expires: Sun, 18 Oct 2020 01:14:30 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:806::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Origin: https://healthinsurance.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 08 Oct 2019 17:59:15 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 1196058
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9132
x-xss-protection: 0
expires: Wed, 07 Oct 2020 17:59:15 GMT

GET
H2 200 ic_close_black_24dp_2x.png
d2ysjycjrua9tt.cloudfront.net/img/icons/ 235 B
576 B 9ms
9ms Image
image/png 2600:9000:20eb:1200:1:1faa:9040:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2ysjycjrua9tt.cloudfront.net/img/icons/ic_close_black_24dp_2x.png
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=fdde516ccdb36be1e455cc0fcff765db&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=fdde516ccdb36be1e455cc0fcff765db&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:1200:1:1faa:9040:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1121422aa828fb8f2f421b88b5d2437c78e51cd43a338094ec62ada2012887b1

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 22 Oct 2019 13:11:35 GMT
via: 1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
last-modified: Tue, 29 Jan 2019 04:11:22 GMT
server: AmazonS3
age: 3719
etag: "637093407c90164fe23f9a0239638b56"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: 86400
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 235
x-amz-cf-id: ZTC9CaBhYYAyrmgo6SbWzB3rzJuy-ulbK1GaMRqDWgFLIZdEXCSfXA==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80b::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQLF25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 1164
date: Tue, 22 Oct 2019 13:54:09 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Tue, 22 Oct 2019 15:54:09 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
22 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.variousmedicalproblems.com
URL: http://www.variousmedicalproblems.com/9cb4S2395gO8h613Fz2372em4bb6W28qcsrDxaDrEwiDF8fxI7DwFDvEGsi8DR2omSnK6vV10mP5rNPih/enacting-commercial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

9404cee30e4489a7ed4d6de2dd92aa8e4386fd5ff1c81ebcea77f581952eac31

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-23=":443"; ma=3600
content-length: 22458
x-xss-protection: 0
pragma: public
x-fb-debug: A8H4sYW3Ouwv1CW7AUEwXtNG54nSXk56mNRfewGRo67w6jDqc02SDhO0P63a78GhZdHLyJIdmrhskGdxCU4b7Q==
x-fb-trip-id: 2114237953
x-frame-options: DENY
date: Tue, 22 Oct 2019 14:13:33 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK atrk.js Show response
d31qbv1cthcecs.cloudfront.net/ 4 KB
2 KB 28ms
7ms Script
text/javascript 13.224.196.101
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by: Host: www.variousmedicalproblems.com
URL: http://www.variousmedicalproblems.com/9cb4S2395gO8h613Fz2372em4bb6W28qcsrDxaDrEwiDF8fxI7DwFDvEGsi8DR2omSnK6vV10mP5rNPih/enacting-commercial
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.196.101 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-196-101.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 27 Jun 2019 19:57:25 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Sat, 16 Mar 2019 16:01:33 GMT
Server: AmazonS3
Age: 10088169
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 9e62923882d737ac8cd27f0d1b1c24cf.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA2-C1
X-Amz-Cf-Id: ibp3pqV9QquF5GkxTEo0hRaXgVM-2Jx72kfo-mTNx994js92WtYhhA==

GET
H2 200 bat.js Show response
bat.bing.com/ 23 KB
7 KB 102ms
52ms Script
application/javascript 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.variousmedicalproblems.com
URL: http://www.variousmedicalproblems.com/9cb4S2395gO8h613Fz2372em4bb6W28qcsrDxaDrEwiDF8fxI7DwFDvEGsi8DR2omSnK6vV10mP5rNPih/enacting-commercial
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 22 Oct 2019 14:13:32 GMT
content-encoding: gzip
last-modified: Tue, 10 Sep 2019 18:57:28 GMT
x-msedge-ref: Ref A: EF865CA8976848F48AE5D0E361091C97 Ref B: VIEEDGE0721 Ref C: 2019-10-22T14:13:33Z
status: 200
etag: "09c5197968d51:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 7148

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 19 KB
6 KB 63ms
13ms Script
application/javascript 2a00:1288:f03d:1fa::2000
Oath Holdings Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: www.variousmedicalproblems.com
URL: http://www.variousmedicalproblems.com/9cb4S2395gO8h613Fz2372em4bb6W28qcsrDxaDrEwiDF8fxI7DwFDvEGsi8DR2omSnK6vV10mP5rNPih/enacting-commercial

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1 - Oath Holdings Inc., US),

Reverse DNS

Software

ATS /

Resource Hash

7edb2213c1f4f569617389783ba544f9997d11a1fc5e54406582b25967bfde66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Tue, 22 Oct 2019 13:13:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3575
x-amz-server-side-encryption: AES256
status: 200
vary: Origin, Accept-Encoding
content-length: 5150
x-amz-id-2: UmfoxUIS4L5dIKboh+YSY8tBdkp4hlQ4AM3WPO+ysmDS/hDWL6yIO0Hbphr7cZzcsc4j2HnmKsU=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 12 Nov 2020 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 08 Oct 2019 10:16:59 GMT
server: ATS
etag: "254a43f994019deb4ca1830f04bd5d32-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: 9B1BD0EB37F5EE35
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
x-amz-version-id: x4Y4HVRbF4l0Lw4GKvYmVr0DuE8bwWr0
accept-ranges: bytes
content-type: application/javascript

GET
H/1.1

200
OK

Cookie set iu3
s.amazon-adsystem.com/ Frame BD16
Redirect Chain

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D574a79c7-dd25-c41a-f3cd-9713f309b8eb%26type%3D43%26m%3D1&ex-fch=416613&ex-src=https://www.healthinsurance.net/&ex-hargs=v%3D1.0%3Bc%3D45...
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D574a79c7-dd25-c41a-f3cd-9713f309b8eb%26type%3D43%26m%3D1&ex-fch=416613&ex-src=https://www.healthinsurance.net/&ex-hargs=v%3D1.0%3Bc%3D45...

0
0

115ms
114ms

Document
text/html

54.239.17.112
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D574a79c7-dd25-c41a-f3cd-9713f309b8eb%26type%3D43%26m%3D1&ex-fch=416613&ex-src=https://www.healthinsurance.net/&ex-hargs=v%3D1.0%3Bc%3D4565912920301%3Bp%3D574A79C7-DD25-C41A-F3CD-9713F309B8EB&cb=482320774528795840&dcc=t
Requested by: Host: www.variousmedicalproblems.com
URL: http://www.variousmedicalproblems.com/9cb4S2395gO8h613Fz2372em4bb6W28qcsrDxaDrEwiDF8fxI7DwFDvEGsi8DR2omSnK6vV10mP5rNPih/enacting-commercial
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Server /
Resource Hash

Request headers

Host: s.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Accept-Encoding: gzip, deflate, br
Cookie: ad-id=A-FnGmuSVkVbibHk4oHBtDU|t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate

Response headers

Server: Server
Date: Tue, 22 Oct 2019 14:13:33 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 345
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie: ad-id=A-FnGmuSVkVbibHk4oHBtDU; Domain=.amazon-adsystem.com; Expires=Wed, 01-Jul-2020 14:13:33 GMT; Path=/; HttpOnly ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Wed, 01-Jan-2025 14:13:33 GMT; Path=/; HttpOnly
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip

Redirect headers

Server: Server
Date: Tue, 22 Oct 2019 14:13:33 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D574a79c7-dd25-c41a-f3cd-9713f309b8eb%26type%3D43%26m%3D1&ex-fch=416613&ex-src=https://www.healthinsurance.net/&ex-hargs=v%3D1.0%3Bc%3D4565912920301%3Bp%3D574A79C7-DD25-C41A-F3CD-9713F309B8EB&cb=482320774528795840&dcc=t
Set-Cookie: ad-id=A-FnGmuSVkVbibHk4oHBtDU|t; Domain=.amazon-adsystem.com; Expires=Wed, 01-Jul-2020 14:13:33 GMT; Path=/; HttpOnly
Vary: User-Agent

GET
H/1.1 200
OK t2d2miw0x.js Show response
cdn.krxd.net/controltag/ 17 KB
6 KB 51ms
6ms Script
text/javascript 151.101.12.175
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/t2d2miw0x.js
Requested by: Host: www.variousmedicalproblems.com
URL: http://www.variousmedicalproblems.com/9cb4S2395gO8h613Fz2372em4bb6W28qcsrDxaDrEwiDF8fxI7DwFDvEGsi8DR2omSnK6vV10mP5rNPih/enacting-commercial
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.175 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 30a08b8de480b1dfd34301b0b7e4ec5627d3cd5e2ab5b379cd661db9f8d38d9c

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-CDN-Backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
Date: Tue, 22 Oct 2019 14:13:33 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 398
X-Cache: MISS, HIT, HIT
X-App-Cache: HIT
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 5164
X-Served-By: config-service-a001-ash-prod.krxd.net, cache-iad2123-IAD, cache-fra19157-FRA
X-Response-Time: 0
X-Do-Esi: esi
X-Timer: S1571753613.475335,VS0,VE0
ETag: "2eb9f2880190c43e172826519318073e3dcba66d"
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, max-age=1200
Accept-Ranges: bytes
X-Age: 0
X-Cache-Hits: 0, 3, 1

GET
H2 200 one-tag.js Show response
na5.cdn.thunderhead.com/one/rt/js/ 85 KB
27 KB 146ms
40ms Script
text/javascript 2620:1ec:bdf::10
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://na5.cdn.thunderhead.com/one/rt/js/one-tag.js?siteKey=ONE-QJJVTVNQNN-2522

Requested by

Host: www.variousmedicalproblems.com
URL: http://www.variousmedicalproblems.com/9cb4S2395gO8h613Fz2372em4bb6W28qcsrDxaDrEwiDF8fxI7DwFDvEGsi8DR2omSnK6vV10mP5rNPih/enacting-commercial

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:bdf::10 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Resource Hash

6afe06ce88b927163790138f2746fdc4e268ec563ca5967f991f8da10e4479bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
content-encoding: gzip
x-azure-ref-originshield: 0jQ6vXQAAAACq0Q1leAqaT5soq8mfMncuQU1TRURHRTA1MTQAMzg5ZjM1OTMtMWU5ZC00NjBhLTljMGUtMWQwOTU5NDg4YTE2
x-one-req-metric: 1571752659615;0;2
etag: "ONE-QJJVTVNQNN-2522-null-1681278634"
vary: Accept-Encoding
x-cache: TCP_REMOTE_HIT
content-type: text/javascript
status: 200
cache-control: no-transform, max-age=1200
date: Tue, 22 Oct 2019 14:13:33 GMT
x-azure-ref: 0jQ6vXQAAAAD91rZF/cI8QaPGy6Aga9EmVklFRURHRTAyMDgAMzg5ZjM1OTMtMWU5ZC00NjBhLTljMGUtMWQwOTU5NDg4YTE2
content-length: 26903

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ 43 B
448 B 141ms
43ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10001594778196&.yp=437880&gtmcb=1943532873

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 , Switzerland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 22 Oct 2019 14:13:33 GMT
x-content-type-options: nosniff
age: 0
status: 200
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: ATS
x-frame-options: DENY
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
expires: Tue, 22 Oct 2019 14:13:33 GMT

GET
H/1.1

200
OK

iui3
s.amazon-adsystem.com/
Redirect Chain

https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3D7dcb44b5-b96b-40e5-10da-dbe017b7d6dc%26type%3D14%26m%3D1&ex-fch=416613&ex-src=https://www.healthinsurance.net/&ex-hargs=v%3D1.0%3B...
https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3D7dcb44b5-b96b-40e5-10da-dbe017b7d6dc%26type%3D14%26m%3D1&ex-fch=416613&ex-src=https://www.healthinsurance.net/&ex-hargs=v%3D1.0%3B...

43 B
674 B

94ms
94ms

Image
image/gif

54.239.17.112
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3D7dcb44b5-b96b-40e5-10da-dbe017b7d6dc%26type%3D14%26m%3D1&ex-fch=416613&ex-src=https://www.healthinsurance.net/&ex-hargs=v%3D1.0%3Bc%3D7715990030901%3Bp%3D7DCB44B5-B96B-40E5-10DA-DBE017B7D6DC&dcc=t
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=fdde516ccdb36be1e455cc0fcff765db&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=fdde516ccdb36be1e455cc0fcff765db&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Oct 2019 14:13:33 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 22 Oct 2019 14:13:33 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3D7dcb44b5-b96b-40e5-10da-dbe017b7d6dc%26type%3D14%26m%3D1&ex-fch=416613&ex-src=https://www.healthinsurance.net/&ex-hargs=v%3D1.0%3Bc%3D7715990030901%3Bp%3D7DCB44B5-B96B-40E5-10DA-DBE017B7D6DC&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 1559003231076682 Show response
connect.facebook.net/signals/config/ 50 KB
10 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1559003231076682?v=2.9.5&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

f97384a88b6c49998d45661bc19397381d8d8f8a4c88ae7860f53ae066951615

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-23=":443"; ma=3600
content-length: 10592
x-xss-protection: 0
pragma: public
x-fb-debug: /X9aU7lQZhnYaaFvP0D/h9z2y2UTCDErItV+VtJ21DZY9clPy8PoGtaH45Vnm8r7s6/WZqMXoM63gS0/gNT5XQ==
x-fb-trip-id: 2114237953
x-frame-options: DENY
date: Tue, 22 Oct 2019 14:13:33 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
99 B 7ms
5ms Image
image/gif 2a00:1450:4001:80b::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=1726182486&t=pageview&_s=1&dl=https%3A%2F%2Fhealthinsurance.net%2Fhi_wizard%2F%3Futm_source%3Dwex4%26utm_medium%3Dcpl%26utm_campaign%3D201465%26utm_content%3Dfdde516ccdb36be1e455cc0fcff765db%26utm_term%3D22384%26offer_id%3D79%26transaction_id%3D102b001f90348ca89c3adff09078e4%26aff_sub%3D201465%26aff_sub5%3D%26aff_sub3%3D22384%26aff_sub2%3Dfdde516ccdb36be1e455cc0fcff765db%26aff_sub4%3D%26utm_kxconfid%3Dt4kwo0a21&dr=http%3A%2F%2Fcrossmelody.com%2Fclicks%3Fcid%3D22384%26pub%3D201465%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&dp=%2Fhi_wizard%2F%3Futm_source%3Dwex4%26utm_medium%3Dcpl%26utm_campaign%3D201465%26utm_content%3Dfdde516ccdb36be1e455cc0fcff765db%26utm_term%3D22384%26offer_id%3D79%26transaction_id%3D102b001f90348ca89c3adff09078e4%26aff_sub%3D201465%26aff_sub5%3D%26aff_sub3%3D22384%26aff_sub2%3Dfdde516ccdb36be1e455cc0fcff765db%26aff_sub4%3D%26utm_kxconfid%3Dt4kwo0a21&ul=en-us&de=UTF-8&dt=HealthInsurance.net%20%7C%20Get%20a%20Quote&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=1761594172&gjid=1796824521&cid=1364224076.1571753613&tid=UA-73253617-1&_gid=482595857.1571753613&gtm=2wgaa0WQLF25&z=1472696088

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Oct 2019 15:10:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 947001
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-73253617-1&cid=1364224076.1571753613&jid=1761594172&gjid=1796824521&_gid=482595857.1571753613&_u=YGBAgEAB~&z=602968896
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-73253617-1&cid=1364224076.1571753613&jid=1761594172&_v=j79&z=602968896
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-73253617-1&cid=1364224076.1571753613&jid=1761594172&_v=j79&z=602968896&slf_rd=1&random=4150125898

42 B
109 B

29ms
29ms

Image
image/gif

2a00:1450:4001:81d::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-73253617-1&cid=1364224076.1571753613&jid=1761594172&_v=j79&z=602968896&slf_rd=1&random=4150125898

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Oct 2019 14:13:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 22 Oct 2019 14:13:33 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-73253617-1&cid=1364224076.1571753613&jid=1761594172&_v=j79&z=602968896&slf_rd=1&random=4150125898
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
251 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1559003231076682&ev=PageView&dl=https%3A%2F%2Fhealthinsurance.net%2Fhi_wizard%2F%3Futm_source%3Dwex4%26utm_medium%3Dcpl%26utm_campaign%3D201465%26utm_content%3Dfdde516ccdb36be1e455cc0fcff765db%26utm_term%3D22384%26offer_id%3D79%26transaction_id%3D102b001f90348ca89c3adff09078e4%26aff_sub%3D201465%26aff_sub5%3D%26aff_sub3%3D22384%26aff_sub2%3Dfdde516ccdb36be1e455cc0fcff765db%26aff_sub4%3D%26utm_kxconfid%3Dt4kwo0a21&rl=http%3A%2F%2Fcrossmelody.com%2Fclicks%3Fcid%3D22384%26pub%3D201465%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&if=false&ts=1571753613527&sw=1600&sh=1200&v=2.9.5&r=stable&ec=0&o=28&fbp=fb.1.1571753613526.935199998&it=1571753613441&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 22 Oct 2019 14:13:33 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-23=":443"; ma=3600
content-length: 44
expires: Tue, 22 Oct 2019 14:13:33 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
205 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1559003231076682&ev=Fragment&dl=https%3A%2F%2Fhealthinsurance.net%2Fhi_wizard%2F%3Futm_source%3Dwex4%26utm_medium%3Dcpl%26utm_campaign%3D201465%26utm_content%3Dfdde516ccdb36be1e455cc0fcff765db%26utm_term%3D22384%26offer_id%3D79%26transaction_id%3D102b001f90348ca89c3adff09078e4%26aff_sub%3D201465%26aff_sub5%3D%26aff_sub3%3D22384%26aff_sub2%3Dfdde516ccdb36be1e455cc0fcff765db%26aff_sub4%3D%26utm_kxconfid%3Dt4kwo0a21&rl=http%3A%2F%2Fcrossmelody.com%2Fclicks%3Fcid%3D22384%26pub%3D201465%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&if=false&ts=1571753613529&cd[page]=%2Fhi_wizard%2F%3Futm_source%3Dwex4%26utm_medium%3Dcpl%26utm_campaign%3D201465%26utm_content%3Dfdde516ccdb36be1e455cc0fcff765db%26utm_term%3D22384%26offer_id%3D79%26transaction_id%3D102b001f90348ca89c3adff09078e4%26aff_sub%3D201465%26aff_sub5%3D%26aff_sub3%3D22384%26aff_sub2%3Dfdde516ccdb36be1e455cc0fcff765db%26aff_sub4%3D%26utm_kxconfid%3Dt4kwo0a21&sw=1600&sh=1200&v=2.9.5&r=stable&ec=1&o=28&fbp=fb.1.1571753613526.935199998&it=1571753613441&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 22 Oct 2019 14:13:33 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-23=":443"; ma=3600
content-length: 44
expires: Tue, 22 Oct 2019 14:13:33 GMT

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
552 B 23ms
7ms Image
image/gif 143.204.101.19
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=HealthInsurance.net%20%7C%20Get%20a%20Quote&time=1571753613531&time_zone_offset=-120&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=http%3A%2F%2Fcrossmelody.com%2Fclicks%3Fcid%3D22384%26pub%3D201465%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&host_url=https%3A%2F%2Fhealthinsurance.net%2Fhi_wizard%2F%3Futm_source%3Dwex4%26utm_medium%3Dcpl%26utm_campaign%3D201465%26utm_content%3Dfdde516ccdb36be1e455cc0fcff765db%26utm_term%3D22384%26offer_id%3D79%26transaction_id%3D102b001f90348ca89c3adff09078e4%26aff_sub%3D201465%26aff_sub5%3D%26aff_sub3%3D22384%26aff_sub2%3Dfdde516ccdb36be1e455cc0fcff765db%26aff_sub4%3D%26utm_kxconfid%3Dt4kwo0a21&random_number=19616158645&sess_cookie=0b5faac516df3d0d8dbbcfdb53d&sess_cookie_flag=1&user_cookie=0b5faac516df3d0d8dbbcfdb53d&user_cookie_flag=1&dynamic=true&domain=healthinsurance.net&account=jC7Om1aMp4Z3fn&jsv=20130128&user_lang=en-US
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=fdde516ccdb36be1e455cc0fcff765db&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=fdde516ccdb36be1e455cc0fcff765db&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.19 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-19.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 21 Oct 2019 19:22:55 GMT
Via: 1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 87207
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: FRA50-C1
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: IfBID6MwHqQpfvnJnFW8A2VbFYKPyUXwbCul4qSOsWHRX9bvmt9g-g==

GET
H/1.1 200
OK controltag.js.05f9d0dad02f8a1b0b028b868bc3a3e2 Show response
cdn.krxd.net/ctjs/ 248 KB
80 KB 6ms
5ms Script
application/javascript 151.101.12.175
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.05f9d0dad02f8a1b0b028b868bc3a3e2
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/t2d2miw0x.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.175 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 7daa8dfc1349542ca90836b9becde99fa9bdf0b0599db5513c55ecbe556009a4

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-CDN-Backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
Date: Tue, 22 Oct 2019 14:13:33 GMT
Content-Encoding: gzip
Age: 8383705
X-Cache: HIT
X-Cache-Hits: 1661028
Connection: keep-alive
Content-Length: 81058
X-Served-By: cache-fra19157-FRA
Last-Modified: Tue, 16 Jul 2019 17:45:11 GMT
X-Timer: S1571753614.536913,VS0,VE0
ETag: "05f9d0dad02f8a1b0b028b868bc3a3e2"
Content-Type: application/javascript
Via: 1.1 varnish
Cache-Control: public, max-age=315360000
Accept-Ranges: bytes
Expires: Fri, 13 Jul 2029 17:45:10 GMT

GET
H2 200 10061771.json Show response
s.yimg.com/wi/config/ 2 B
480 B 216ms
179ms XHR
application/json 2a00:1288:f03d:1fa::2000
Oath Holdings Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10061771.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1 - Oath Holdings Inc., US),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 22 Oct 2019 14:13:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1
status: 200
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: 9581AC599B636D87
x-amz-id-2: A2STakdhLJAQB/8Un2CNvDoxmZ9OZ82jBPFI8Do0hIq350n1NUX9T6YMUR0JuT0jxB73KDf6g8Q=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600

GET
H2 204 0
bat.bing.com/action/ 0
149 B 49ms
48ms Image
text/plain 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5223060&Ver=2&mid=e8a8af88-01d5-d1a8-34b6-19ad3e831f37&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=HealthInsurance.net%20%7C%20Get%20a%20Quote&p=https%3A%2F%2Fhealthinsurance.net%2Fhi_wizard%2F%3Futm_source%3Dwex4%26utm_medium%3Dcpl%26utm_campaign%3D201465%26utm_content%3Dfdde516ccdb36be1e455cc0fcff765db%26utm_term%3D22384%26offer_id%3D79%26transaction_id%3D102b001f90348ca89c3adff09078e4%26aff_sub%3D201465%26aff_sub5%3D%26aff_sub3%3D22384%26aff_sub2%3Dfdde516ccdb36be1e455cc0fcff765db%26aff_sub4%3D%26utm_kxconfid%3Dt4kwo0a21&r=http%3A%2F%2Fcrossmelody.com%2Fclicks%3Fcid%3D22384%26pub%3D201465%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&evt=pageLoad&msclkid=N&rn=59507
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=fdde516ccdb36be1e455cc0fcff765db&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=fdde516ccdb36be1e455cc0fcff765db&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Tue, 22 Oct 2019 14:13:32 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 6CCA67D3E7AF46C1AC2FFFB3692294AC Ref B: VIEEDGE0721 Ref C: 2019-10-22T14:13:33Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
na5.thunderhead.com/one/rt/web/onetag/ONE-QJJVTVNQNN-2522/ 477 B
533 B 278ms
183ms Script
application/javascript 51.105.108.194
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://na5.thunderhead.com/one/rt/web/onetag/ONE-QJJVTVNQNN-2522/?pv=&tid=&flash=true&uri=https%3A%2F%2Fhealthinsurance.net%2Fhi_wizard%2F%3Futm_source%3Dwex4%26utm_medium%3Dcpl%26utm_campaign%3D201465%26utm_content%3Dfdde516ccdb36be1e455cc0fcff765db%26utm_term%3D22384%26offer_id%3D79%26transaction_id%3D102b001f90348ca89c3adff09078e4%26aff_sub%3D201465%26aff_sub3%3D22384%26aff_sub2%3Dfdde516ccdb36be1e455cc0fcff765db%26utm_kxconfid%3Dt4kwo0a21&_1571753613619&callback=THX_1571753613619_89

Requested by

Host: na5.cdn.thunderhead.com
URL: https://na5.cdn.thunderhead.com/one/rt/js/one-tag.js?siteKey=ONE-QJJVTVNQNN-2522

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.105.108.194 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Resource Hash

c5e33a2916868aaddcdb59df8fe5e53095cadfdcd16dc424f12e43df9c97252c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 22 Oct 2019 14:12:27 GMT
content-encoding: gzip
x-one-req-metric: 1571753613797;11;2
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: no-store
strict-transport-security: max-age=15768000

GET
H/1.1 200
OK ca0023cf-396a-4831-8c8e-b18b28057cb6 Show response
consumer.krxd.net/consent/get/ 239 B
619 B 57ms
30ms Script
text/javascript 151.101.112.175
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/ca0023cf-396a-4831-8c8e-b18b28057cb6?idt=device&dt=kxcookie&callback=Krux.ns.assuranceiq.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.05f9d0dad02f8a1b0b028b868bc3a3e2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.175 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: c2806369a98dd5cb31f806a64d79a70b301bcdc29c6e3dcf35929c3204f8cc65

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 22 Oct 2019 14:13:33 GMT
Via: 1.1 varnish
Age: 0
Accept-Ranges: bytes
X-Served-By: consumer-a008-dub-prod.krxd.net, cache-hhn4065-HHN
Vary: Accept-Encoding
X-Cache: MISS, MISS
Content-Type: text/javascript; charset=UTF-8
Content-Encoding: gzip
Cache-Control: max-age=1800
Connection: keep-alive
X-Age: 0
X-Timer: S1571753614.711183,VS0,VE25
Content-Length: 194
X-Cache-Hits: 0, 0

GET
H2 200 loader.js Show response
www.gstatic.com/wcm/ 422 B
416 B 6ms
5ms Script
text/javascript 2a00:1450:4001:809::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/wcm/loader.js

Requested by

Host: cdn.assurance.com
URL: https://cdn.assurance.com/insurance/public/assets/install/healthinsurance/google_nums-4fa943c533adc193617c8826b5d07c87de1c952ef757fb2f4551e6e65cd1c49e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

cbb6560ed1e9e91e2ceb73f50c333bf5fd86d56839161bf5383a1dd44faf5bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 22 Oct 2019 13:42:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 02 Oct 2019 19:45:00 GMT
server: sffe
age: 1836
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 286
x-xss-protection: 0
expires: Tue, 22 Oct 2019 14:42:57 GMT

GET
H2 200 cf934278-b099-eb50-bf86-105a165fcb4e.js Show response
create.lidstatic.com/campaign/ 122 KB
39 KB 1588ms
1493ms Script
text/javascript 2606:4700:10::6814:4b82
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://create.lidstatic.com/campaign/cf934278-b099-eb50-bf86-105a165fcb4e.js?snippet_version=2
Requested by: Host: cdn.assurance.com
URL: https://cdn.assurance.com/insurance/public/assets/leadid-fc8ec001faf2a4299e345bfe462404de9efca8ddca4b663821b8f65865f4dc9b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4b82 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d3af696c2533f25ef034358c8d15cc791fa1539c40058c6bfcef813cbaeda20

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 22 Oct 2019 14:13:35 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1263
status: 200
x-amz-replication-status: COMPLETED
x-amz-request-id: B60E3E21F0B441A9
x-amz-id-2: d3e0UcjW0z/TLLwJ1xMSxdqGY2aT5TEG2yzss7Sy1/GFKVaLrtmDzhUJIarmtC7B0Yr69X4N44c=
last-modified: Wed, 25 Apr 2018 20:36:01 GMT
server: cloudflare
etag: W/"3ea0b096baa971b909a35c48d07c8594"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=1800
x-amz-version-id: 9wVYTyhMD0sMyMEprga7nOjqwgqVYS0P
cf-ray: 529c1296389b5982-VIE
expires: Tue, 22 Oct 2019 14:43:35 GMT

GET
H2 200 trustedform.js Show response
api.trustedform.com/ 3 KB
1 KB 442ms
127ms Script
application/javascript 50.97.168.187
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=15717536136930.10581589327467023&invert_field_sensitivity=false

Requested by

Host: cdn.assurance.com
URL: https://cdn.assurance.com/insurance/public/assets/trustedForm-351e617fe9eba5db39ecdff23a83d6dc680e286691aa48fad095225902d3238d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.97.168.187 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

bb.a8.6132.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

615905029045627135eefcdb28edd152a38a6de4f5b24bf44e670a94fa76370e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Tue, 22 Oct 2019 14:13:34 GMT
cache-control: max-age=0, private, must-revalidate
server: nginx
content-encoding: gzip
strict-transport-security: max-age=15768000
content-type: application/javascript; charset=utf-8

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:806::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Host: cdn.assurance.com
URL: https://cdn.assurance.com/insurance/public/assets/customer-f59824bef9933206c1ebf4358f41097b123fcba75a060e6b030d5ce6ed160eb5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Origin: https://healthinsurance.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 11 Oct 2019 14:51:43 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:44 GMT
server: sffe
age: 948110
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9180
x-xss-protection: 0
expires: Sat, 10 Oct 2020 14:51:43 GMT

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame F351 0
0 33ms
32ms Document
text/html 2a00:1450:4001:820::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcQnacUAAAAAPLgJfUTwV3S6-izNvVWMwXVutm-&co=aHR0cHM6Ly9oZWFsdGhpbnN1cmFuY2UubmV0OjQ0Mw..&hl=en&v=5fbZx3NV5xhaMoMLrZV3TkN4&size=invisible&cb=hvr4cw5zb3k9

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5fbZx3NV5xhaMoMLrZV3TkN4/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Cs316f0DiY/jsIb8LdRVPw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LcQnacUAAAAAPLgJfUTwV3S6-izNvVWMwXVutm-&co=aHR0cHM6Ly9oZWFsdGhpbnN1cmFuY2UubmV0OjQ0Mw..&hl=en&v=5fbZx3NV5xhaMoMLrZV3TkN4&size=invisible&cb=hvr4cw5zb3k9
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 22 Oct 2019 14:13:33 GMT
content-security-policy: script-src 'report-sample' 'nonce-Cs316f0DiY/jsIb8LdRVPw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 8983
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 1618.js Show response
cdn.pbbl.co/r/ 8 KB
3 KB 90ms
7ms Script
application/javascript 143.204.101.121
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.pbbl.co/r/1618.js

Requested by

Host: www.variousmedicalproblems.com
URL: http://www.variousmedicalproblems.com/9cb4S2395gO8h613Fz2372em4bb6W28qcsrDxaDrEwiDF8fxI7DwFDvEGsi8DR2omSnK6vV10mP5rNPih/enacting-commercial

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.101.121 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-143-204-101-121.fra50.r.cloudfront.net

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

a74701a99f1ba9af05c5282eedfaa76cb1ad2d7d0f9e22dead4d70b189a6f4dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 18:34:34 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 627
x-cache: Hit from cloudfront
status: 200
x-xss-protection: 1
last-modified: Tue, 15 Oct 2019 01:37:22 GMT
server: nginx/1.10.3 (Ubuntu)
strict-transport-security: max-age=31536000
content-type: application/javascript
via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
cache-control: max-age=1800, public
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: LDWOb4Z3fKW4gYH5-Y2rlQLv_qbrbCIJMfTMM3wDqqT66zgVn5P1tg==
expires: Mon, 21 Oct 2019 19:04:34 GMT

GET
H2 200 t0 Show response
c1.ox-bio.com/ 21 KB
21 KB 439ms
103ms Script
application/javascript 199.68.195.199
QuoVadis Services...

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.ox-bio.com/t0?oxtrk=141&oxhrt=fb47614a-b32a-ac49-f027-0b0a982cd7df&oxuid=ASS0001&cid1=wex4&cid2=201465&cid3=126381187
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQLF25
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 199.68.195.199 Hamilton, Bermuda, ASN19626 (EVC-AS - QuoVadis Services Limited, BM),
Reverse DNS
Software: /
Resource Hash: 97cb1045fe56ae4340d2bacbb76d57d0362ef844efcebe3fee3ce8759e10c8ee

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Tue, 22 Oct 2019 14:13:34 GMT
cache-control: no-cache, must-revalidate
expires: Tue, 25 Dec 2018 14:00:00 GMT
content-type: application/javascript

GET
H2

200

/
healthinsurance.net/hi_wizard/
Redirect Chain

https://apiservices.krxd.net/click_tracker/track?kxconfid=t2unfouy2&kxcampaignid=wex4&kxplacementid=healthinsurance.net&kxsiteid=22384&clk=https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm...
https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=fdde516ccdb36be1e455cc0fcff765db&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3a...

50 KB
50 KB

266ms
266ms

Image
text/html

52.203.139.140
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.203.139.140 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-203-139-140.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-runtime: 0.174593
date: Tue, 22 Oct 2019 14:13:34 GMT
content-encoding: gzip
referrer-policy: same-origin
x-frame-options: ALLOWALL
etag: W/"166f924180f23bc1b57b8ca0c8572984"
vary: Origin
content-type: text/html; charset=utf-8
status: 200
cache-control: max-age=0, private, must-revalidate
assur-appversion: 1.0.1010
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-request-id: 64337caf-cab8-4e73-8ab1-fef2076d07d7

Redirect headers

Date: Tue, 22 Oct 2019 14:13:34 GMT
Via: 1.1 varnish (Varnish/5.2), 1.1 varnish
Age: 0, 0, 0
X-Served-By: click-tracker-main004.krxd.net, cache-hhn4033-HHN
X-Cache: MISS, MISS
Location: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=fdde516ccdb36be1e455cc0fcff765db&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=fdde516ccdb36be1e455cc0fcff765db&aff_sub4=&utm_kxconfid=t4kwo0a21
Connection: keep-alive
Accept-Ranges: bytes, bytes
X-Timer: S1571753614.875201,VS0,VE357
Content-Length: 0
X-Cache-Hits: 0, 0

GET
H2 200 impl-1_32.js Show response
www.gstatic.com/wcm/ 30 KB
12 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/wcm/impl-1_32.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

9cc17f2a29825643f4ab4b92f34c6fe5e9b12f1dd87068a07c4933488fd880f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 17 Oct 2019 13:45:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 05 Aug 2019 17:45:00 GMT
server: sffe
age: 433663
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 12298
x-xss-protection: 0
expires: Fri, 16 Oct 2020 13:45:50 GMT

GET
H2

200

adadvisor.gif
px0.pbbl.co/
Redirect Chain

https://px0.pbbl.co/ns/__p2.gif?brid=1618&brcid=126381187&email=&orderId=null&orderValue=&productId=&offerCode=&label=&pageUrl=https%3A%2F%2Fhealthinsurance.net%2Fhi_wizard%2F%3Futm_source%3Dwex4%2...
https://aa.agkn.com/adscores/g.pixel?sid=9212282598&_ppid=21ab73c3-abde-4b79-85d9-f0a92dfbc2b1&_segid=99&iid=feb16a8f-735c-4cc2-9ac0-7eb9bd96778f
https://px0.pbbl.co/adadvisor.gif?segment=000&_ppid=21ab73c3-abde-4b79-85d9-f0a92dfbc2b1&_segid=99&_zip=&hk=&iid=feb16a8f-735c-4cc2-9ac0-7eb9bd96778f&mt=&bd=

42 B
153 B

136ms
136ms

Image
image/gif

2a00:1450:4001:809::2013
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://px0.pbbl.co/adadvisor.gif?segment=000&_ppid=21ab73c3-abde-4b79-85d9-f0a92dfbc2b1&_segid=99&_zip=&hk=&iid=feb16a8f-735c-4cc2-9ac0-7eb9bd96778f&mt=&bd=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Oct 2019 14:13:34 GMT
x-content-type-options: nosniff
server: Google Frontend
content-type: image/gif; charset=utf-8
status: 200
x-cloud-trace-context: 6714dae7984c36ccacf0186a20dd7ac5
cache-control: must-revalidate, no-cache, no-store
content-length: 42
x-xss-protection: 1
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 22 Oct 2019 14:13:34 GMT
server: AAWebServer
status: 302
p3p: policyref="http://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://px0.pbbl.co/adadvisor.gif?segment=000&_ppid=21ab73c3-abde-4b79-85d9-f0a92dfbc2b1&_segid=99&_zip=&hk=&iid=feb16a8f-735c-4cc2-9ac0-7eb9bd96778f&mt=&bd=
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2 200 t.js Show response
api.trustedform.com/657d5bb6ac2efee29d5227a211a3899d8999704a/ 57 KB
21 KB 131ms
131ms Script
application/javascript 50.97.168.187
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.trustedform.com/657d5bb6ac2efee29d5227a211a3899d8999704a/t.js?lo=https%3A%2F%2Fhealthinsurance.net%2Fhi_wizard%2F%3Futm_source%3Dwex4%26utm_medium%3Dcpl%26utm_campaign%3D201465%26utm_content%3Dfdde516ccdb36be1e455cc0fcff765db%26utm_term%3D22384%26offer_id%3D79%26transaction_id%3D102b001f90348ca89c3adff09078e4%26aff_sub%3D201465%26aff_sub5%3D%26aff_sub3%3D22384%26aff_sub2%3Dfdde516ccdb36be1e455cc0fcff765db%26aff_sub4%3D%26utm_kxconfid%3Dt4kwo0a21%23health%2FUrgency&l=15717536136930.10581589327467023&f=false&n=8925f3bd09b5f36ecff41a9d433524f139573767&cs=g3QAAAACZAABdGJdrw6OZAABdnQAAAAEbQAAAAVmaWVsZG0AAAAUeHhUcnVzdGVkRm9ybUNlcnRVcmxtAAAAGGludmVydF9maWVsZF9zZW5zaXRpdml0eWQABWZhbHNlbQAAAAFsbQAAACAxNTcxNzUzNjEzNjkzMC4xMDU4MTU4OTMyNzQ2NzAyM20AAAAQcHJvdmlkZV9yZWZlcnJlcmQABWZhbHNl&csh=RezpfiegJ%2FqwalGmS4Ae%2B2oUUVhtaWgwpc9qBiWfvbQ%3D

Requested by

Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=15717536136930.10581589327467023&invert_field_sensitivity=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.97.168.187 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

bb.a8.6132.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

ce4115e0af6849785c4cefb6267383c829e3ee054ca5a68fc3b1be08cdea7fa3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Tue, 22 Oct 2019 14:13:34 GMT
cache-control: max-age=0, private, must-revalidate
server: nginx
content-encoding: gzip
strict-transport-security: max-age=15768000
content-type: application/javascript; charset=utf-8

GET
H2 200 /
c1.ox-bio.com/t04/ 43 B
76 B 107ms
106ms Image
image/gif 199.68.195.199
QuoVadis Services...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c1.ox-bio.com/t04/?v=61982866556092000&oxtrk=141&zk=21f44083-f4d6-11e9-9a12-005056ac3fef&zl=553&ts0=1571753614291&zm=0
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=fdde516ccdb36be1e455cc0fcff765db&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=fdde516ccdb36be1e455cc0fcff765db&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 199.68.195.199 Hamilton, Bermuda, ASN19626 (EVC-AS - QuoVadis Services Limited, BM),
Reverse DNS
Software: /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Tue, 22 Oct 2019 14:13:34 GMT
content-length: 43
content-type: image/gif

POST
H2 200 verify_token Show response
healthinsurance.net/ 14 B
517 B 151ms
151ms XHR
application/json 52.203.139.140
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://healthinsurance.net/verify_token

Requested by

Host: cdn.assurance.com
URL: https://cdn.assurance.com/insurance/public/assets/customer-f59824bef9933206c1ebf4358f41097b123fcba75a060e6b030d5ce6ed160eb5.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.203.139.140 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-203-139-140.compute-1.amazonaws.com

Software

Resource Hash

7cd85494eb375cc958155aca095fd0bae01e24f777c4ce4059e2edb82324618c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=fdde516ccdb36be1e455cc0fcff765db&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=fdde516ccdb36be1e455cc0fcff765db&aff_sub4=&utm_kxconfid=t4kwo0a21
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 22 Oct 2019 14:13:34 GMT
x-content-type-options: nosniff
status: 200
assur-appversion: 1.0.1010
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
x-xss-protection: 1; mode=block
x-request-id: 14a097db-b74a-4748-bcdb-7170e0a17d34
x-runtime: 0.061102
referrer-policy: same-origin
x-frame-options: ALLOWALL
etag: W/"7cd85494eb375cc958155aca095fd0ba"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate

POST
H2 200 h Show response
api.trustedform.com/657d5bb6ac2efee29d5227a211a3899d8999704a/ 0
262 B 518ms
256ms XHR
text/html 50.97.168.187
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.trustedform.com/657d5bb6ac2efee29d5227a211a3899d8999704a/h?n=3f8d8128d2a08ed52df81f1b6e3203145a8f3db9&l=15717536136930.10581589327467023&a=1&ce=z&t=cors

Requested by

Host: api.trustedform.com
URL: https://api.trustedform.com/657d5bb6ac2efee29d5227a211a3899d8999704a/t.js?lo=https%3A%2F%2Fhealthinsurance.net%2Fhi_wizard%2F%3Futm_source%3Dwex4%26utm_medium%3Dcpl%26utm_campaign%3D201465%26utm_content%3Dfdde516ccdb36be1e455cc0fcff765db%26utm_term%3D22384%26offer_id%3D79%26transaction_id%3D102b001f90348ca89c3adff09078e4%26aff_sub%3D201465%26aff_sub5%3D%26aff_sub3%3D22384%26aff_sub2%3Dfdde516ccdb36be1e455cc0fcff765db%26aff_sub4%3D%26utm_kxconfid%3Dt4kwo0a21%23health%2FUrgency&l=15717536136930.10581589327467023&f=false&n=8925f3bd09b5f36ecff41a9d433524f139573767&cs=g3QAAAACZAABdGJdrw6OZAABdnQAAAAEbQAAAAVmaWVsZG0AAAAUeHhUcnVzdGVkRm9ybUNlcnRVcmxtAAAAGGludmVydF9maWVsZF9zZW5zaXRpdml0eWQABWZhbHNlbQAAAAFsbQAAACAxNTcxNzUzNjEzNjkzMC4xMDU4MTU4OTMyNzQ2NzAyM20AAAAQcHJvdmlkZV9yZWZlcnJlcmQABWZhbHNl&csh=RezpfiegJ%2FqwalGmS4Ae%2B2oUUVhtaWgwpc9qBiWfvbQ%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.97.168.187 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

bb.a8.6132.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 22 Oct 2019 14:13:34 GMT
server: nginx
status: 200
access-control-max-age: 1728000
access-control-allow-methods: POST
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=15768000
access-control-allow-headers: Content-Type,Content-Length,X-Requested-With
content-length: 0

GET
H/1.1 200
OK iui3
s.amazon-adsystem.com/ 43 B
674 B 93ms
92ms Image
image/gif 54.239.17.112
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3D7dcb44b5-b96b-40e5-10da-dbe017b7d6dc%26type%3D14%26m%3D1&ex-fch=416613&ex-src=https://www.healthinsurance.net/&ex-hargs=v%3D1.0%3Bc%3D7715990030901%3Bp%3D7DCB44B5-B96B-40E5-10DA-DBE017B7D6DC
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/657d5bb6ac2efee29d5227a211a3899d8999704a/t.js?lo=https%3A%2F%2Fhealthinsurance.net%2Fhi_wizard%2F%3Futm_source%3Dwex4%26utm_medium%3Dcpl%26utm_campaign%3D201465%26utm_content%3Dfdde516ccdb36be1e455cc0fcff765db%26utm_term%3D22384%26offer_id%3D79%26transaction_id%3D102b001f90348ca89c3adff09078e4%26aff_sub%3D201465%26aff_sub5%3D%26aff_sub3%3D22384%26aff_sub2%3Dfdde516ccdb36be1e455cc0fcff765db%26aff_sub4%3D%26utm_kxconfid%3Dt4kwo0a21%23health%2FUrgency&l=15717536136930.10581589327467023&f=false&n=8925f3bd09b5f36ecff41a9d433524f139573767&cs=g3QAAAACZAABdGJdrw6OZAABdnQAAAAEbQAAAAVmaWVsZG0AAAAUeHhUcnVzdGVkRm9ybUNlcnRVcmxtAAAAGGludmVydF9maWVsZF9zZW5zaXRpdml0eWQABWZhbHNlbQAAAAFsbQAAACAxNTcxNzUzNjEzNjkzMC4xMDU4MTU4OTMyNzQ2NzAyM20AAAAQcHJvdmlkZV9yZWZlcnJlcmQABWZhbHNl&csh=RezpfiegJ%2FqwalGmS4Ae%2B2oUUVhtaWgwpc9qBiWfvbQ%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Oct 2019 14:13:34 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 f Show response
api.trustedform.com/657d5bb6ac2efee29d5227a211a3899d8999704a/ 0
262 B 389ms
130ms XHR
text/html 50.97.168.187
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.trustedform.com/657d5bb6ac2efee29d5227a211a3899d8999704a/f?l=15717536136930.10581589327467023&n=a3b0b7fc1d3b8e7acd5bd2b01812a04651b7866f&rn=0&a=1&t=cors

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.97.168.187 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

bb.a8.6132.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 22 Oct 2019 14:13:34 GMT
server: nginx
status: 200
access-control-max-age: 1728000
access-control-allow-methods: POST
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=15768000
access-control-allow-headers: Content-Type,Content-Length,X-Requested-With
content-length: 0

POST
H2 200 md Show response
api.trustedform.com/657d5bb6ac2efee29d5227a211a3899d8999704a/ 0
263 B 369ms
129ms XHR
text/html 50.97.168.187
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.trustedform.com/657d5bb6ac2efee29d5227a211a3899d8999704a/md?a=1&t=cors

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.97.168.187 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

bb.a8.6132.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 22 Oct 2019 14:13:34 GMT
server: nginx
status: 200
access-control-max-age: 1728000
access-control-allow-methods: POST
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=15768000
access-control-allow-headers: Content-Type,Content-Length,X-Requested-With
content-length: 0

GET
H2 204 0
bat.bing.com/action/ 0
196 B 47ms
47ms Image
text/plain 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5223060&Ver=2&mid=e8a8af88-01d5-d1a8-34b6-19ad3e831f37&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=HealthInsurance.net%20%7C%20Get%20a%20Quote&p=https%3A%2F%2Fhealthinsurance.net%2Fhi_wizard%2F%3Futm_source%3Dwex4%26utm_medium%3Dcpl%26utm_campaign%3D201465%26utm_content%3Dfdde516ccdb36be1e455cc0fcff765db%26utm_term%3D22384%26offer_id%3D79%26transaction_id%3D102b001f90348ca89c3adff09078e4%26aff_sub%3D201465%26aff_sub5%3D%26aff_sub3%3D22384%26aff_sub2%3Dfdde516ccdb36be1e455cc0fcff765db%26aff_sub4%3D%26utm_kxconfid%3Dt4kwo0a21&r=http%3A%2F%2Fcrossmelody.com%2Fclicks%3Fcid%3D22384%26pub%3D201465%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&evt=pageLoad&msclkid=N&rn=59507
Requested by: Host: healthinsurance.net
URL: https://healthinsurance.net/hi_wizard/?utm_source=wex4&utm_medium=cpl&utm_campaign=201465&utm_content=fdde516ccdb36be1e455cc0fcff765db&utm_term=22384&offer_id=79&transaction_id=102b001f90348ca89c3adff09078e4&aff_sub=201465&aff_sub5=&aff_sub3=22384&aff_sub2=fdde516ccdb36be1e455cc0fcff765db&aff_sub4=&utm_kxconfid=t4kwo0a21
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Tue, 22 Oct 2019 14:13:33 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 385D92E155404E24A85EFFC6C280D40E Ref B: VIEEDGE0721 Ref C: 2019-10-22T14:13:34Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 e Show response
api.trustedform.com/657d5bb6ac2efee29d5227a211a3899d8999704a/ 0
262 B 129ms
129ms XHR
text/html 50.97.168.187
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.trustedform.com/657d5bb6ac2efee29d5227a211a3899d8999704a/e?cs=g2Jdrw6O&csh=lt1d7SFH%252FbsPr1DhQL5oTkOREQA8%252FkZZQeyMhlRfso8%253D&a=1&t=cors

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.97.168.187 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

bb.a8.6132.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 22 Oct 2019 14:13:35 GMT
server: nginx
status: 200
access-control-max-age: 1728000
access-control-allow-methods: POST
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=15768000
access-control-allow-headers: Content-Type,Content-Length,X-Requested-With
content-length: 0

POST
H/1.1 200
OK GenerateToken Show response
create.leadid.com/2.5.2/ 36 B
850 B 422ms
141ms XHR
text/plain 34.238.10.193
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.5.2/GenerateToken?msn=1&pid=f1691ba2-5164-4b83-ac93-e1f7f0d4da0c&_=33159182
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/cf934278-b099-eb50-bf86-105a165fcb4e.js?snippet_version=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.10.193 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-238-10-193.compute-1.amazonaws.com
Software: nginx/1.10.1 / PHP/7.1.30
Resource Hash: c26a95d0687ce4800e2b70837e92d1de82cc9fe3cf29265b8daafd63fef2812e

Request headers

Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Tue, 22 Oct 2019 14:13:35 GMT
Content-Encoding: gzip
Server: nginx/1.10.1
X-Powered-By: PHP/7.1.30
Access-Control-Max-Age: 1728000
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 56
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 wcm Show response
www.googleadservices.com/pagead/conversion/935576559/ 39 B
208 B 15ms
15ms XHR
application/json 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/935576559/wcm?cl=7HnFCP6uk20Q74ePvgM&fb=8445054450&callback=corscb

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/impl-1_32.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

333377b61fb0f9ab69caa42a5d3969e1443e97831a9a993b1ad27dd8cbd17f56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 22 Oct 2019 14:13:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://healthinsurance.net
cache-control: private
access-control-allow-credentials: true
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 59
x-xss-protection: 0

GET
H2 200 optout_check Show response
beacon.krxd.net/ 84 B
243 B 29ms
29ms Script
text/javascript 52.212.115.156
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.assuranceiq.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.05f9d0dad02f8a1b0b028b868bc3a3e2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.115.156 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-212-115-156.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 25e7d68cc1939681f060cc08c90c4c7d6bca6ac1bc982370e9a4177fd9317105

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Tue, 22 Oct 2019 14:13:35 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=30 t=1571753615
content-type: text/javascript
x-served-by: beacon-n005-dub-prod.krxd.net

GET
H2 200 /
c1.ox-bio.com/k2/ 43 B
88 B 102ms
102ms Image
image/gif 199.68.195.199
QuoVadis Services...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c1.ox-bio.com/k2/?v=80359607962699650&oxtrk=141&oxuid=ASS0001&zk=21f44083-f4d6-11e9-9a12-005056ac3fef&zl=553&zt=0&ts1=91&ts2=4&ts3=92&ts4=1023&zm=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 199.68.195.199 Hamilton, Bermuda, ASN19626 (EVC-AS - QuoVadis Services Limited, BM),
Reverse DNS
Software: /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Tue, 22 Oct 2019 14:13:35 GMT
content-length: 43
content-type: image/gif

GET
H2 200 /
c1.ox-bio.com/t02/ 43 B
65 B 103ms
103ms Image
image/gif 199.68.195.199
QuoVadis Services...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c1.ox-bio.com/t02/?v=80359607962699650&oxtrk=141&oxuid=ASS0001&zk=21f44083-f4d6-11e9-9a12-005056ac3fef&zl=553&pq=%5Bwl%5Dhttps%3A%2F%2Fhealthinsurance.net%2Fhi_wizard%2F%3Futm_source%3Dwex4%26utm_medium%3Dcpl%26utm_campaign%3D201465%26utm_content%3Dfdde516ccdb36be1e455cc0fcff765db%26utm_term%3D22384%26offer_id%3D79%26transaction_id%3D102b001f90348ca89c3adff09078e4%26aff_sub%3D201465%26aff_sub5%3D%26aff_sub3%3D22384%26aff_sub2%3Dfdde516ccdb36be1e455cc0fcff765db%26aff_sub4%3D%26utm_kxconfid%3Dt4kwo0a21%23health%2FUrgency|%5Bwpl%5Dsac|%5Bdr%5Dhttp%3A%2F%2Fcrossmelody.com%2Fclicks%3Fcid%3D22384%26pub%3D201465%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D|%5Bdl%5Dsaw|%5Bdlh%5Dsaw|&qr0=13&qr1=4139002591&qr2=895785942&qr3=3307132076&qr4=3556468209&qr5=&qr6=1213749909&qr7=546963351&qr8=862810276&qr9=0&qrA=0&qrB=0&qrC=0&qrD=0&qrE=0&qrF=0&qrG=&qrH=312387816079384&qrI=3&qrJ=10&qrK=0&qrL=297435-25-226359-55-200987-75-280728-100&qrM=undefined&qrN=en-US&qrO=4139002591&qrP=1656739337&qrQ=CHh59Dd38FFFFFDd1Hh1Dd1Hh1Dd1Hh1Dd1Dd1IHh1Dd1Dd2Dd1Dd1GFHh1Jj1FHh2I3Dd1FEd1Ed3Hh1c.72213&qrT=0&qrS=30302356-1983831476-3620111094-0-1968627222-0-2154035776-2022792331-3034716695-2565859640-2896749692-1165954045-2154035776-2826480794-601887476-970309156-385866172-0-0-0-0-0-2565859640-2896749692-0-0-&ts5=1172&zm=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 199.68.195.199 Hamilton, Bermuda, ASN19626 (EVC-AS - QuoVadis Services Limited, BM),
Reverse DNS
Software: /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Tue, 22 Oct 2019 14:13:35 GMT
content-length: 43
content-type: image/gif

GET
H2 200 /
www.facebook.com/tr/ 44 B
251 B 8ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1559003231076682&ev=PageView&dl=https%3A%2F%2Fhealthinsurance.net%2Fhi_wizard%2F%3Futm_source%3Dwex4%26utm_medium%3Dcpl%26utm_campaign%3D201465%26utm_content%3Dfdde516ccdb36be1e455cc0fcff765db%26utm_term%3D22384%26offer_id%3D79%26transaction_id%3D102b001f90348ca89c3adff09078e4%26aff_sub%3D201465%26aff_sub5%3D%26aff_sub3%3D22384%26aff_sub2%3Dfdde516ccdb36be1e455cc0fcff765db%26aff_sub4%3D%26utm_kxconfid%3Dt4kwo0a21%23health%2FUrgency&rl=http%3A%2F%2Fcrossmelody.com%2Fclicks%3Fcid%3D22384%26pub%3D201465%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&if=false&ts=1571753615466&sw=1600&sh=1200&v=2.9.5&r=stable&ec=2&o=28&fbp=fb.1.1571753615465.1156113583&it=1571753613441&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 22 Oct 2019 14:13:35 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-23=":443"; ma=3600
content-length: 44
expires: Tue, 22 Oct 2019 14:13:35 GMT

GET
H2 200 wcm Show response
www.google.de/pagead/attribution/ 17 B
212 B 18ms
15ms XHR
application/json 2a00:1450:4001:81d::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.de/pagead/attribution/wcm?cl=7HnFCP6uk20Q74ePvgM&fb=8445054450&use_ssct=1&callback=corscb&ref=http%3A//crossmelody.com/clicks%3Fcid%3D22384%26pub%3D201465%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/impl-1_32.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

298f43e50bca9522b9df850442cb53fb51580aa277a3feb754aed322ea644159

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 22 Oct 2019 14:13:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://healthinsurance.net
cache-control: private
access-control-allow-credentials: true
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37
x-xss-protection: 0

GET
H/1.1 200
OK iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame 3EE3 0
0 41ms
6ms Document
text/html 143.204.98.150
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=20A87B99-193A-7431-AD44-6CC6D6ADFF60&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.5.2&lck=CF934278-B099-EB50-BF86-105A165FCB4E&lac=8AA3F211-CA81-3833-51B1-095D2985DA90
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/cf934278-b099-eb50-bf86-105a165fcb4e.js?snippet_version=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.98.150 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-98-150.fra50.r.cloudfront.net
Software: nginx/1.10.1 /
Resource Hash

Request headers

Host: d2m2wsoho8qq12.cloudfront.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate

Response headers

Content-Type: text/html
Content-Length: 1440
Connection: keep-alive
Content-Encoding: gzip
Date: Tue, 22 Oct 2019 01:58:18 GMT
ETag: W/"5dada451-da5"
Last-Modified: Mon, 21 Oct 2019 12:28:01 GMT
P3P: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
Server: nginx/1.10.1
X-Cache: Hit from cloudfront
Via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: CgygwMQfN29G02SZ5WgoCn3FwKPmBOwhAPwEley0-MCx0TD7Pts19w==
Age: 44097

POST
H/1.1 200
OK SaveDom Show response
create.leadid.com/2.5.2/ 0
814 B 93ms
93ms XHR
text/plain 34.238.10.193
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.5.2/SaveDom?msn=2&pid=f1691ba2-5164-4b83-ac93-e1f7f0d4da0c&token=20A87B99-193A-7431-AD44-6CC6D6ADFF60&_=33159183
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/cf934278-b099-eb50-bf86-105a165fcb4e.js?snippet_version=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.10.193 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-238-10-193.compute-1.amazonaws.com
Software: nginx/1.10.1 / PHP/7.1.30
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Tue, 22 Oct 2019 14:13:35 GMT
Content-Encoding: gzip
Server: nginx/1.10.1
X-Powered-By: PHP/7.1.30
Access-Control-Max-Age: 1728000
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK InitFormData Show response
create.leadid.com/2.5.2/ 0
814 B 186ms
95ms XHR
text/plain 34.238.10.193
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.5.2/InitFormData?msn=3&pid=f1691ba2-5164-4b83-ac93-e1f7f0d4da0c&token=20A87B99-193A-7431-AD44-6CC6D6ADFF60&_=33159184
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/cf934278-b099-eb50-bf86-105a165fcb4e.js?snippet_version=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.10.193 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-238-10-193.compute-1.amazonaws.com
Software: nginx/1.10.1 / PHP/7.1.30
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Tue, 22 Oct 2019 14:13:35 GMT
Content-Encoding: gzip
Server: nginx/1.10.1
X-Powered-By: PHP/7.1.30
Access-Control-Max-Age: 1728000
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK Snap Show response
create.leadid.com/2.5.2/ 0
814 B 354ms
267ms XHR
text/plain 34.238.10.193
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.5.2/Snap?msn=4&pid=f1691ba2-5164-4b83-ac93-e1f7f0d4da0c&token=20A87B99-193A-7431-AD44-6CC6D6ADFF60&_=33159185
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/cf934278-b099-eb50-bf86-105a165fcb4e.js?snippet_version=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.10.193 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-238-10-193.compute-1.amazonaws.com
Software: nginx/1.10.1 / PHP/7.1.30
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Tue, 22 Oct 2019 14:13:36 GMT
Content-Encoding: gzip
Server: nginx/1.10.1
X-Powered-By: PHP/7.1.30
Access-Control-Max-Age: 1728000
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 e Show response
api.trustedform.com/657d5bb6ac2efee29d5227a211a3899d8999704a/ 0
262 B 129ms
129ms XHR
text/html 50.97.168.187
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.trustedform.com/657d5bb6ac2efee29d5227a211a3899d8999704a/e?cs=g2Jdrw6O&csh=lt1d7SFH%252FbsPr1DhQL5oTkOREQA8%252FkZZQeyMhlRfso8%253D&a=1&t=cors

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.97.168.187 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

bb.a8.6132.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 22 Oct 2019 14:13:36 GMT
server: nginx
status: 200
access-control-max-age: 1728000
access-control-allow-methods: POST
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=15768000
access-control-allow-headers: Content-Type,Content-Length,X-Requested-With
content-length: 0

Verdicts & Comments Add Verdict or Comment

231 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.openx.net/	1970-01-19 13:21:29	Name: i Value: 9af81164-0853-07f9-3661-64705d5a8d0f\|1571753614
.openx.net/	1970-01-19 04:57:29	Name: pd Value: v2\|1571753614\|mOkimWiygu
.amazon-adsystem.com/	1970-01-21 02:09:00	Name: ad-privacy Value: 0
.amazon-adsystem.com/	1970-01-19 10:40:12	Name: ad-id Value: A-FnGmuSVkVbibHk4oHBtDU
healthinsurance.net/	1969-12-31 23:59:59	Name: test_split_health_stm_tests Value: control
healthinsurance.net/	1969-12-31 23:59:59	Name: test_split_remove_exit_blocker Value: control
healthinsurance.net/	1969-12-31 23:59:59	Name: test_split_health_recommendation_tests Value: control
.healthinsurance.net/	1970-01-19 06:45:29	Name: _fbp Value: fb.1.1571753615465.1156113583
healthinsurance.net/	1969-12-31 23:59:59	Name: _insurance_session Value: fd6965ef348f29fc1c6b01121eb3db21
healthinsurance.net/	1969-12-31 23:59:59	Name: test_split_recaptcha-badge Value: show
.google.com/	1970-01-19 08:59:24	Name: NID Value: 189=WTQK4rs8zwWKbRUp8cuTQf_vlnKqdovQfGh_OXkP5wNmcE_gPyTQ9GDaKVTyRgKvIneH5uuU6X3GhexlfF79Yw9XDAA7XrnFyu6_QgGFHpKc8GFGaNdpWC7vysGGXqn8ot8rSaQMG_NSt1Wzk51XEu0UEuAZuHaN2EKyue5pWUM
healthinsurance.net/	1969-12-31 23:59:59	Name: test_split_health_ds_quotes Value: show
healthinsurance.net/	1970-01-19 08:55:05	Name: kxassuranceiq_whistle Value: 0

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	(Line 1) Message: utm_source: wex4
console-api	log	(Line 1) Message: utm_term: 22384
console-api	log	(Line 2) Message: DMP pixel rendered, check 'track?kxconfid' with 302 status for proper fire
console-api	warning	URL: https://na5.cdn.thunderhead.com/one/rt/js/one-tag.js?siteKey=ONE-QJJVTVNQNN-2522(Line 1) Message: ONE - TID not found: undefined undefined
console-api	warning	URL: https://na5.cdn.thunderhead.com/one/rt/js/one-tag.js?siteKey=ONE-QJJVTVNQNN-2522(Line 1) Message: No points of type [Optimization Point] to inject.
console-api	warning	URL: https://na5.cdn.thunderhead.com/one/rt/js/one-tag.js?siteKey=ONE-QJJVTVNQNN-2522(Line 1) Message: No points of type [Capture Point] to inject.
console-api	warning	URL: https://na5.cdn.thunderhead.com/one/rt/js/one-tag.js?siteKey=ONE-QJJVTVNQNN-2522(Line 1) Message: No points of type [Tracking Point] to inject.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
api.trustedform.com
apiservices.krxd.net
bat.bing.com
beacon.krxd.net
c1.ox-bio.com
cdn.assurance.com
cdn.krxd.net
cdn.pbbl.co
cdnjs.cloudflare.com
certify.alexametrics.com
connect.facebook.net
consumer.krxd.net
create.leadid.com
create.lidstatic.com
crossmelody.com
d2m2wsoho8qq12.cloudfront.net
d2ysjycjrua9tt.cloudfront.net
d31qbv1cthcecs.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
healthinsurance.net
js.honeybadger.io
na5.cdn.thunderhead.com
na5.thunderhead.com
px0.pbbl.co
s.amazon-adsystem.com
s.yimg.com
sp.analytics.yahoo.com
stats.g.doubleclick.net
tracking.healthinsurance.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.variousmedicalproblems.com
13.224.196.101
143.204.101.112
143.204.101.121
143.204.101.19
143.204.101.5
143.204.98.150
151.101.112.175
151.101.12.175
172.217.16.130
199.68.195.199
212.82.100.181
23.95.199.211
2600:9000:20eb:1200:1:1faa:9040:93a1
2606:4700:10::6814:4b82
2606:4700:30::6812:3489
2606:4700::6813:c597
2620:1ec:bdf::10
2620:1ec:c11::200
2a00:1288:f03d:1fa::2000
2a00:1450:4001:806::2003
2a00:1450:4001:809::2003
2a00:1450:4001:809::2013
2a00:1450:4001:80b::200e
2a00:1450:4001:81a::2008
2a00:1450:4001:81d::2003
2a00:1450:4001:820::2004
2a00:1450:4001:821::200a
2a00:1450:400c:c04::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.238.10.193
35.177.239.109
50.97.168.187
51.105.108.194
52.203.139.140
52.210.172.194
52.212.115.156
54.239.17.112
080b58bfb270a0738da291bfc8693cbf683d222ee761597e682e29e21f6f76fc
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1121422aa828fb8f2f421b88b5d2437c78e51cd43a338094ec62ada2012887b1
115e92ecc8cd17434bd87f305829287c2b633cc7c79fef3db40c812466c50189
1198497bc336def8414ca4ec9f429fbb3c38afbacbb4e7b2a3f939941bbc4f58
19a6fc420de5f5f42811e6fb6cb2855c8a42241d7257934b47ec3a7dc0549c29
19cfca88e33cb1f56e957f1a653d3acad97f7cc927d0b2e329a80ead264578d3
23451db084e5b7b10dc5b25145dd5703999acf5fd82f5f5cae58a4e6d43e6611
25e7d68cc1939681f060cc08c90c4c7d6bca6ac1bc982370e9a4177fd9317105
26b6ded1f4da5ed4f61226c7a1f36be06d422b4b2ca54262103bc354ef732bc7
298f43e50bca9522b9df850442cb53fb51580aa277a3feb754aed322ea644159
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
30a08b8de480b1dfd34301b0b7e4ec5627d3cd5e2ab5b379cd661db9f8d38d9c
333377b61fb0f9ab69caa42a5d3969e1443e97831a9a993b1ad27dd8cbd17f56
351e617fe9eba5db39ecdff23a83d6dc680e286691aa48fad095225902d3238d
373a0505368dab061278aa0b7243dc58fc165a25f8b0286d57f8835d06ab6e27
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4fa943c533adc193617c8826b5d07c87de1c952ef757fb2f4551e6e65cd1c49e
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
556dd6874d80f240e42525b0b3a6535dfac43ae3fbebbe0ebe44014847b2af4e
59c7eb8b83564e8ddac932ce4bd1e065f2fccc86f77a97fbd979f3227e4a8763
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
615905029045627135eefcdb28edd152a38a6de4f5b24bf44e670a94fa76370e
62400bc84c0bbc6c3d92853f1dc29871b5f5b247b2cf4ca92bbe9cb496ba2c60
6afe06ce88b927163790138f2746fdc4e268ec563ca5967f991f8da10e4479bf
7973f6d4de8da495c0a4a870d6b50fff04cc246e1628364160f8486e7f3a1f3e
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7cd85494eb375cc958155aca095fd0bae01e24f777c4ce4059e2edb82324618c
7daa8dfc1349542ca90836b9becde99fa9bdf0b0599db5513c55ecbe556009a4
7edb2213c1f4f569617389783ba544f9997d11a1fc5e54406582b25967bfde66
825f20883489230d873c75b55a9d20d6b5fd0860bb9757121f75e71d31a931d9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7
9404cee30e4489a7ed4d6de2dd92aa8e4386fd5ff1c81ebcea77f581952eac31
97cb1045fe56ae4340d2bacbb76d57d0362ef844efcebe3fee3ce8759e10c8ee
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9cc17f2a29825643f4ab4b92f34c6fe5e9b12f1dd87068a07c4933488fd880f7
9d3af696c2533f25ef034358c8d15cc791fa1539c40058c6bfcef813cbaeda20
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a5a03ffb74678bd02d15096bdb6d36f08338cde8f8f51d7fa8c2cc3df9e6f4e5
a74701a99f1ba9af05c5282eedfaa76cb1ad2d7d0f9e22dead4d70b189a6f4dd
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ae54cf1b3625f10b88e3c48fadc128db1c48b6c25d2e04de1528cf778e3decbe
b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
bc5efe0814deaf9314fcd65d6c9d924ea008d2637945fae0acc3860c45deb1e3
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c26a95d0687ce4800e2b70837e92d1de82cc9fe3cf29265b8daafd63fef2812e
c2806369a98dd5cb31f806a64d79a70b301bcdc29c6e3dcf35929c3204f8cc65
c3c0f5a1e3c2f4e7471c3cf34ce7b3f10540750c3b05fdb5b1576d5be1f9170b
c5e33a2916868aaddcdb59df8fe5e53095cadfdcd16dc424f12e43df9c97252c
c6ad34199939ca4211eea0d25cdee444b7e6664af475ef70a9d741fba834f0f7
cbb649035cc0aab0434ac418212ee6ae2674f68670d0767b3231ce13049747a5
cbb6560ed1e9e91e2ceb73f50c333bf5fd86d56839161bf5383a1dd44faf5bc2
ce4115e0af6849785c4cefb6267383c829e3ee054ca5a68fc3b1be08cdea7fa3
d0c09059b130934708891c275fcbff50edeb7776fa1943b2ade4859d958c9960
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e15eb5040e99ce3f51d49580272bd18e4f2b5030b312315500916fd075e6a5e8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea1c3eaefeb1b4e7a6d3fa97f320b3397e4f5d112afcb758e62513852b573423
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f060c3e136630ce60b5fa1088d68a7a1fd048b0d75c19a4ddae58e8723c0b1fe
f59824bef9933206c1ebf4358f41097b123fcba75a060e6b030d5ce6ed160eb5
f97384a88b6c49998d45661bc19397381d8d8f8a4c88ae7860f53ae066951615
fc8ec001faf2a4299e345bfe462404de9efca8ddca4b663821b8f65865f4dc9b

healthinsurance.net Open in urlscan Pro 52.203.139.140 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

86 Requests

97 %HTTPS

47 %IPv6

30 Domains

39 Subdomains

35 IPs

8 Countries

989 kBTransfer

2347 kBSize

13 Cookies

2 Outgoing links

Page URL History

Redirected requests

86 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

healthinsurance.net Open in urlscan Pro
52.203.139.140 Public Scan

Screenshot
Live screenshot

Full Image

86
Requests

97 %
HTTPS

47 %
IPv6

30
Domains

39
Subdomains

35
IPs

8
Countries

989 kB
Transfer

2347 kB
Size

13
Cookies

86 HTTP transactions
0 data transactions