updatedmedicareoffers.com Open in urlscan Pro
35.209.166.14  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://updatedmedicareoffers.com/ Page URL
2. https://updatedmedicareoffers.com/a/ Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response updatedmedicareoffers.com/	267 B 355 B	1108ms 210ms	Document text/html	35.209.166.14 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://updatedmedicareoffers.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.209.166.14 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 14.166.209.35.bc.googleusercontent.com Software nginx / Resource Hash f721b3a4b0ee5a4bf6259ea113b0360fff44ffcfcab17ba0fbe18401ca9ee7a8 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers content-encoding br content-type text/html date Wed, 05 Oct 2022 05:02:42 GMT etag W/"10b-5d787d4536cc2" host-header 8441280b0c35cbc1147f8ba998a563a7 last-modified Tue, 08 Feb 2022 20:47:46 GMT server nginx vary Accept-Encoding x-httpd-modphp 1 x-proxy-cache HIT
GET H2	200	Primary Request / Show response updatedmedicareoffers.com/a/	9 KB 3 KB	217ms 217ms	Document text/html	35.209.166.14 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://updatedmedicareoffers.com/a/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.209.166.14 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 14.166.209.35.bc.googleusercontent.com Software nginx / Resource Hash 54ae3426de2f08b0e1d0c938ead18435e0dbd30100dc01ad6b39c1d8a7d25b53 Request headers Referer https://updatedmedicareoffers.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers content-encoding br content-type text/html date Wed, 05 Oct 2022 05:02:42 GMT etag W/"25df-5df1f588ec3f8" host-header 6b7412fb82ca5edfd0917e3957f05d89 last-modified Mon, 16 May 2022 11:30:06 GMT server nginx vary Accept-Encoding x-httpd-modphp 1 x-proxy-cache EXPIRED x-proxy-cache-info 0 NC:000000 UP:
GET H2	200	styles.css updatedmedicareoffers.com/a/assets/	180 KB 25 KB	414ms 412ms	Stylesheet text/css	35.209.166.14 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://updatedmedicareoffers.com/a/assets/styles.css Requested by Host: updatedmedicareoffers.com URL: https://updatedmedicareoffers.com/a/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.209.166.14 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 14.166.209.35.bc.googleusercontent.com Software nginx / Resource Hash 6ef547e77c5655c7a60d719b51400aa67a352321d60ce26d5d754edb6f512d87 Request headers accept-language jp-JP,jp;q=0.9 Referer https://updatedmedicareoffers.com/a/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Wed, 05 Oct 2022 05:02:42 GMT content-encoding br last-modified Wed, 08 Dec 2021 17:40:38 GMT server nginx etag W/"61b0ee16-2cf00" vary Accept-Encoding x-proxy-cache-info DT:1 content-type text/css cache-control max-age=31536000 host-header 8441280b0c35cbc1147f8ba998a563a7 expires Thu, 05 Oct 2023 05:02:42 GMT
GET H2	200	font-awesome.min.css updatedmedicareoffers.com/a/assets/	30 KB 7 KB	415ms 414ms	Stylesheet text/css	35.209.166.14 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://updatedmedicareoffers.com/a/assets/font-awesome.min.css Requested by Host: updatedmedicareoffers.com URL: https://updatedmedicareoffers.com/a/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.209.166.14 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 14.166.209.35.bc.googleusercontent.com Software nginx / Resource Hash b139f243c33a32098b98fe104d2070f65662d47c93cbdee9b80ac9ea4e060830 Request headers accept-language jp-JP,jp;q=0.9 Referer https://updatedmedicareoffers.com/a/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Wed, 05 Oct 2022 05:02:42 GMT content-encoding br last-modified Wed, 08 Dec 2021 17:40:38 GMT server nginx etag W/"61b0ee16-791a" vary Accept-Encoding x-proxy-cache-info DT:1 content-type text/css cache-control max-age=31536000 host-header 8441280b0c35cbc1147f8ba998a563a7 expires Thu, 05 Oct 2023 05:02:42 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	106 KB 42 KB	89ms 47ms	Script application/javascript	2404:6800:4004:80c::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-221797203-11 Requested by Host: updatedmedicareoffers.com URL: https://updatedmedicareoffers.com/a/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:80c::2008 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash a90640b50ca53d1561a9dd040383d7a6054f5b8e6f2202a937a55efacc1aafbc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://updatedmedicareoffers.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Wed, 05 Oct 2022 05:02:43 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42420 x-xss-protection 0 last-modified Wed, 05 Oct 2022 03:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 05 Oct 2022 05:02:43 GMT
GET H2	200	logo.png updatedmedicareoffers.com/a/assets/	5 KB 5 KB	208ms 208ms	Image image/png	35.209.166.14 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://updatedmedicareoffers.com/a/assets/logo.png Requested by Host: updatedmedicareoffers.com URL: https://updatedmedicareoffers.com/a/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.209.166.14 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 14.166.209.35.bc.googleusercontent.com Software nginx / Resource Hash 705e09004cd4d3e639b362a939a06f170c880a64cb902658068c2e106ea78e02 Request headers accept-language jp-JP,jp;q=0.9 Referer https://updatedmedicareoffers.com/a/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Wed, 05 Oct 2022 05:02:43 GMT last-modified Wed, 08 Dec 2021 17:40:38 GMT server nginx etag "61b0ee16-1465" x-proxy-cache-info DT:1 content-type image/png cache-control max-age=31536000 host-header 8441280b0c35cbc1147f8ba998a563a7 accept-ranges bytes content-length 5221 expires Thu, 05 Oct 2023 05:02:43 GMT
GET H/1.1	200 OK	tt-code.js Show response dj4yakrh0mk4q.cloudfront.net/	4 KB 5 KB	120ms 36ms	Script application/javascript	18.65.190.194 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dj4yakrh0mk4q.cloudfront.net/tt-code.js Requested by Host: updatedmedicareoffers.com URL: https://updatedmedicareoffers.com/a/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.65.190.194 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-190-194.nrt57.r.cloudfront.net Software AmazonS3 / Resource Hash 521f1aaba1d635c693b507b96697239a2e2ebdc49d08b43067693cda96492676 Request headers accept-language jp-JP,jp;q=0.9 Referer https://updatedmedicareoffers.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers x-amz-version-id reZZ.2RJpt9clTThdNtC4.3l4pWao9nU Date Wed, 05 Oct 2022 00:20:29 GMT Via 1.1 ce476228a749107bee7cc7f6dbd69bec.cloudfront.net (CloudFront) Last-Modified Mon, 19 Oct 2020 11:55:56 GMT Server AmazonS3 X-Amz-Cf-Pop NRT57-P2 Age 16935 ETag "c16ca157222c2e9b345d2b6994a9c3b4" X-Cache Hit from cloudfront Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 4488 X-Amz-Cf-Id roQpaFhBBokcubaZm-FCoRJqX9eR4TPppwqDOBXG2QmfarN5WVDbUg==
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	101 KB 27 KB	14ms 4ms	Script application/x-javascript	2a03:2880:f00f:8:face:b00c:0:1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: updatedmedicareoffers.com URL: https://updatedmedicareoffers.com/a/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://updatedmedicareoffers.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Wed, 05 Oct 2022 05:02:43 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 26840 x-fb-rlafr 0 x-xss-protection 0 pragma public x-fb-debug hCkyuJMHLyd+ucTQJiiQQUM/2rh+LjemquqNDf7BcBY9UPK3FMc+8sezAFC6NuVudeE+LxRgYZor6btFh/4WjA== x-fb-trip-id 382461245 cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	232984321654157 Show response connect.facebook.net/signals/config/	293 KB 84 KB	173ms 172ms	Script application/x-javascript	2a03:2880:f00f:8:face:b00c:0:1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/232984321654157?v=2.9.84&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash ade5c4baa69a50b075eb101a133f0ebb95aaa312bbd958da8be653479dc43e59 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://updatedmedicareoffers.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Wed, 05 Oct 2022 05:02:43 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 x-fb-rlafr 0 x-xss-protection 0 pragma public x-fb-debug qi/UWqTzxMlJuuXSsRTD6GBazGEbOIXk1QckiBIM05G4zjAcq7D4QxkrCWkaaC3W0osSbr3jwRhX8Dv/9cMOnw== x-fb-trip-id 382461245 cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	46ms 2ms	Script text/javascript	2404:6800:4004:821::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-221797203-11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language jp-JP,jp;q=0.9 Referer https://updatedmedicareoffers.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Wed, 05 Oct 2022 03:38:56 GMT last-modified Tue, 27 Sep 2022 22:01:05 GMT server Golfe2 age 5027 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20039 expires Wed, 05 Oct 2022 05:38:56 GMT
GET H2	200	landing Show response pcomclick.com/	70 B 2 KB	2886ms 2478ms	XHR text/plain	15.165.128.107 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pcomclick.com/landing?trvid=10001&trvrf=https%3A%2F%2Fupdatedmedicareoffers.com%2F&lpid=1001&parallel=0 Requested by Host: dj4yakrh0mk4q.cloudfront.net URL: https://dj4yakrh0mk4q.cloudfront.net/tt-code.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 15.165.128.107 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US), Reverse DNS ec2-15-165-128-107.ap-northeast-2.compute.amazonaws.com Software nginx / Resource Hash fde34b56f0bf5954127351accbf0db2f919cbe2c81a4e356fe6a2bd4aedf9cf9 Request headers accept-language jp-JP,jp;q=0.9 Referer https://updatedmedicareoffers.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers pragma no-cache date Wed, 05 Oct 2022 05:02:46 GMT server nginx content-type text/plain; charset=utf-8 access-control-allow-origin * cache-control no-cache, no-store, no-transform, must-revalidate, private, max-age=0 content-length 70 expires Thu, 01 Jan 1970 00:00:00 UTC
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	76ms 37ms	XHR text/plain	2404:6800:4004:821::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1901860983&t=pageview&_s=1&dl=https%3A%2F%2Fupdatedmedicareoffers.com%2Fa%2F&ul=en-us&de=UTF-8&dt=New%20Medicare%20Savings%20%7C%20Medicare%20Recipients%20Save%20Thousands%20With%20New%20Medicare%20Plan%20-%20New%20Medicare%20Savings&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=471663279&gjid=1818575617&cid=1947166584.1664946163&tid=UA-221797203-11&_gid=1052259682.1664946163&_r=1&gtm=2oua30&z=1154405505 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://updatedmedicareoffers.com/ accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 05 Oct 2022 05:02:43 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://updatedmedicareoffers.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	7 B 451 B	119ms 36ms	XHR text/plain	2404:6800:4008:c01::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-221797203-11&cid=1947166584.1664946163&jid=471663279&gjid=1818575617&_gid=1052259682.1664946163&_u=YEBAAUAAAAAAACAAI~&z=383230925 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4008:c01::9b Taipei, Taiwan, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://updatedmedicareoffers.com/ accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Wed, 05 Oct 2022 05:02:43 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://updatedmedicareoffers.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 204 B	15ms 4ms	Image text/plain	2a03:2880:f10f:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=232984321654157&ev=PageView&dl=https%3A%2F%2Fupdatedmedicareoffers.com%2Fa%2F&rl=https%3A%2F%2Fupdatedmedicareoffers.com%2F&if=false&ts=1664946163616&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1664946163614.777461127&it=1664946163275&coo=false&rqm=GET Requested by Host: updatedmedicareoffers.com URL: https://updatedmedicareoffers.com/a/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language jp-JP,jp;q=0.9 Referer https://updatedmedicareoffers.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Wed, 05 Oct 2022 05:02:43 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0
GET H2	200	ga-audiences www.google.com/ads/	42 B 501 B	85ms 44ms	Image image/gif	2404:6800:4004:827::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-221797203-11&cid=1947166584.1664946163&jid=471663279&_u=YEBAAUAAAAAAACAAI~&z=1796651042 Requested by Host: updatedmedicareoffers.com URL: https://updatedmedicareoffers.com/a/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:827::2004 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://updatedmedicareoffers.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers pragma no-cache date Wed, 05 Oct 2022 05:02:43 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.co.jp/ads/	42 B 501 B	81ms 40ms	Image image/gif	2404:6800:4004:81e::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.co.jp/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-221797203-11&cid=1947166584.1664946163&jid=471663279&_u=YEBAAUAAAAAAACAAI~&z=1796651042 Requested by Host: updatedmedicareoffers.com URL: https://updatedmedicareoffers.com/a/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:81e::2003 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://updatedmedicareoffers.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers pragma no-cache date Wed, 05 Oct 2022 05:02:43 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.facebook.com/tr/	0 18 B	12ms 3ms	Image text/plain	2a03:2880:f10f:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=232984321654157&ev=Microdata&dl=https%3A%2F%2Fupdatedmedicareoffers.com%2Fa%2F&rl=https%3A%2F%2Fupdatedmedicareoffers.com%2F&if=false&ts=1664946165124&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22New%20Medicare%20Savings%20%7C%20Medicare%20Recipients%20Save%20Thousands%20With%20New%20Medicare%20Plan%20-%20New%20Medicare%20Savings%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.84&r=stable&ec=1&o=30&fbp=fb.1.1664946163614.777461127&it=1664946163275&coo=false&es=automatic&tm=3&rqm=GET Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language jp-JP,jp;q=0.9 Referer https://updatedmedicareoffers.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Wed, 05 Oct 2022 05:02:45 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0 priority u=3,i

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| fbq function| _fbq function| gtag object| dataLayer object| d object| months number| date string| month number| year object| $yesterday object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| ttLanding object| gaplugins object| gaGlobal object| gaData

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.updatedmedicareoffers.com/	1970-01-20 16:05:06	Name: _ga Value: GA1.2.1947166584.1664946163
			.updatedmedicareoffers.com/	1970-01-20 06:30:32	Name: _gid Value: GA1.2.1052259682.1664946163
			.updatedmedicareoffers.com/	1970-01-20 06:29:06	Name: _gat_gtag_UA_221797203_11 Value: 1
			.updatedmedicareoffers.com/	1970-01-20 08:38:42	Name: _fbp Value: fb.1.1664946163614.777461127

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
dj4yakrh0mk4q.cloudfront.net
pcomclick.com
stats.g.doubleclick.net
updatedmedicareoffers.com
www.facebook.com
www.google-analytics.com
www.google.co.jp
www.google.com
www.googletagmanager.com
15.165.128.107
18.65.190.194
2404:6800:4004:80c::2008
2404:6800:4004:81e::2003
2404:6800:4004:821::200e
2404:6800:4004:827::2004
2404:6800:4008:c01::9b
2a03:2880:f00f:8:face:b00c:0:1
2a03:2880:f10f:83:face:b00c:0:25de
35.209.166.14
00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674
2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133
521f1aaba1d635c693b507b96697239a2e2ebdc49d08b43067693cda96492676
54ae3426de2f08b0e1d0c938ead18435e0dbd30100dc01ad6b39c1d8a7d25b53
6ef547e77c5655c7a60d719b51400aa67a352321d60ce26d5d754edb6f512d87
705e09004cd4d3e639b362a939a06f170c880a64cb902658068c2e106ea78e02
a90640b50ca53d1561a9dd040383d7a6054f5b8e6f2202a937a55efacc1aafbc
ade5c4baa69a50b075eb101a133f0ebb95aaa312bbd958da8be653479dc43e59
b139f243c33a32098b98fe104d2070f65662d47c93cbdee9b80ac9ea4e060830
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f721b3a4b0ee5a4bf6259ea113b0360fff44ffcfcab17ba0fbe18401ca9ee7a8
fde34b56f0bf5954127351accbf0db2f919cbe2c81a4e356fe6a2bd4aedf9cf9