healthplansforamericans.com Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://trustedsubsidynow.com/ Page URL
2. https://healthplansforamericans.com/ Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response trustedsubsidynow.com/	33 KB 7 KB	7569ms 467ms	Document text/html	2606:4700:3032::6815:5e92 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://trustedsubsidynow.com/ Protocol HTTP/1.1 Server 2606:4700:3032::6815:5e92 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash faf62aeab078fcc94632266780b07a58f2dd22d66047abb2d4f9a668cf4dfb2d Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Access-Control-Allow-Origin * CF-Cache-Status MISS CF-RAY 849406f418b804a3-FRA Cache-Control max-age=2678400 Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=utf-8 Date Mon, 22 Jan 2024 01:29:39 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P0ks%2BhxTUtISRVn79qMAF6gWbTGUf9d6IBVM%2FUoCJXrrA%2F%2FLUKR5Pn5Mb5naMDrSWJhrxoOCQW%2F7Xn8hYr3TUKnWzL8GlX9lHJNIRuLLrMxUMHrhgPAiaGZ5eF5mTLkC8oHZmDbGlOGaTy7DMWYSvIBv81Y%3D"}],"group":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Vary Accept-Encoding X-Powered-By Express alt-svc h3=":443"; ma=86400
GET H/1.1	200 OK	style.css trustedsubsidynow.com/css/	15 KB 5 KB	365ms 365ms	Stylesheet text/css	2606:4700:3032::6815:5e92 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://trustedsubsidynow.com/css/style.css Requested by Host: trustedsubsidynow.com URL: http://trustedsubsidynow.com/ Protocol HTTP/1.1 Server 2606:4700:3032::6815:5e92 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 1f61485459388667aa67b730453d0609c34816d64c5bbed1dafe058b645c4ecd Request headers accept-language de-DE,de;q=0.9 Referer http://trustedsubsidynow.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Date Mon, 22 Jan 2024 01:29:40 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} X-Powered-By Express Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400 Server cloudflare ETag W/"3d0e-Sje+ZDMHKG5AEiXzJa/0Iu3cT9A" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DFkkZIAQLL1UYuhSf6KfsTibMmtZTu%2FkDcCN6gF%2BXN7GcrMkUcwtEtBNZDlewUIyM221Uhzz2rKkWA7UKCrQUcLa9Z6NOKsXmdYQBO%2BvZNloEXDf8vgXcXZpvsgRYbmN4vnzKf1FUs2duvDUkCJgJ8IHKzU%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/css; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=2678400 CF-RAY 849406f7aa6a04a3-FRA
GET H/1.1	200 OK	staff.jpg trustedsubsidynow.com/images/	22 KB 22 KB	383ms 382ms	Image image/jpeg	2606:4700:3032::6815:5e92 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://trustedsubsidynow.com/images/staff.jpg Requested by Host: trustedsubsidynow.com URL: http://trustedsubsidynow.com/ Protocol HTTP/1.1 Server 2606:4700:3032::6815:5e92 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 9109818aa3e59aa5fd052a2e55ec5c824e1af22f07aacee86c9561b2f33f935d Request headers accept-language de-DE,de;q=0.9 Referer http://trustedsubsidynow.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Date Mon, 22 Jan 2024 01:29:40 GMT CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} X-Powered-By Express Connection keep-alive alt-svc h3=":443"; ma=86400 Content-Length 22081 Server cloudflare ETag W/"5641-rCTHx6YvHccfxDdjK1qerIWRgmo" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lskIt7iLQ2n4idHTqUDDotKHtvDn8pUCWWWFsNXaTfzajdMJCIiGDrts%2FICicsYZBu3WCw%2F61Dj7458EGH1NwZnzgaFT22FdP4%2FKdcsj8nmDjJLGwM%2FJYlNBn3Xrxoq5pbQevXCv%2FmgOpCVDrds1cSZiAh8%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control max-age=2678400 Accept-Ranges bytes CF-RAY 849406f7af683aa0-FRA
GET H/1.1	200 OK	profile.png trustedsubsidynow.com/images/	19 KB 20 KB	372ms 365ms	Image image/png	2606:4700:3032::6815:5e92 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://trustedsubsidynow.com/images/profile.png Requested by Host: trustedsubsidynow.com URL: http://trustedsubsidynow.com/ Protocol HTTP/1.1 Server 2606:4700:3032::6815:5e92 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 028bf096de9208f1199b5f3c61b17f34cfe6284fd58018a1c9765d5f82d0fc36 Request headers accept-language de-DE,de;q=0.9 Referer http://trustedsubsidynow.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Date Mon, 22 Jan 2024 01:29:40 GMT CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} X-Powered-By Express Connection keep-alive alt-svc h3=":443"; ma=86400 Content-Length 19293 Server cloudflare ETag W/"4b5d-ubf+cR7rvAk2B68XiXycHMgv7ik" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OtCyKRGrfQJgx%2BdZqfDJCiy4W5Z3Mxe13lBbUGN4ih84PC9PK494dUcSew%2F8EIVTRqcdlCeabjbD9YiLajxrX71IpPLPENDtukoO3Sp7kXyuaIguxueW9apL8KqS8aIXJa3CJQRtmLBntqqzgoFtW9s%2Ffwk%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/png Access-Control-Allow-Origin * Cache-Control max-age=2678400 Accept-Ranges bytes CF-RAY 849406f7bdcc4d32-FRA
GET H/1.1	200 OK	rocket-loader.min.js Show response trustedsubsidynow.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/	12 KB 5 KB	204ms 108ms	Script application/javascript	2606:4700:3032::6815:5e92 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://trustedsubsidynow.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Requested by Host: trustedsubsidynow.com URL: http://trustedsubsidynow.com/ Protocol HTTP/1.1 Server 2606:4700:3032::6815:5e92 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer http://trustedsubsidynow.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Date Mon, 22 Jan 2024 01:29:39 GMT Content-Encoding gzip X-Content-Type-Options nosniff NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Transfer-Encoding chunked Connection keep-alive Last-Modified Fri, 05 Jan 2024 17:29:47 GMT Server cloudflare ETag W/"65983c8b-302c" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3YmtsdSmYtb0wtUsMR7JQ5X9Pb%2BqEJli40KyH31zWqlH%2F4W2QqLOIATm9RYczV6XaWrhi%2BjaHKkrZf3822K%2BRyaN2mXe5kVHhXbrCqSrtuGSXIK%2BelVxLTRdJts6odUW3E1XM1yCICvoVMG8LnuJaF5YZFs%3D"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript X-Frame-Options DENY Cache-Control max-age=172800, public CF-RAY 849406f89ab45b58-IAD Expires Wed, 24 Jan 2024 01:29:39 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.6.0/	87 KB 31 KB	30ms 8ms	Script text/javascript	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js Requested by Host: trustedsubsidynow.com URL: http://trustedsubsidynow.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://trustedsubsidynow.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Tue, 16 Jan 2024 14:44:55 GMT content-encoding gzip x-content-type-options nosniff age 470685 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31017 x-xss-protection 0 last-modified Wed, 10 Mar 2021 14:28:09 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Wed, 15 Jan 2025 14:44:55 GMT
GET H/1.1	200 OK	absf_v1.0_references.js trustedsubsidynow.com/js/	2 KB 1 KB	248ms 248ms	Script application/javascript	2606:4700:3032::6815:5e92 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://trustedsubsidynow.com/js/absf_v1.0_references.js Requested by Host: trustedsubsidynow.com URL: http://trustedsubsidynow.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol HTTP/1.1 Server 2606:4700:3032::6815:5e92 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer http://trustedsubsidynow.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Date Mon, 22 Jan 2024 01:29:40 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} X-Powered-By Express Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400 Server cloudflare ETag W/"776-FxEveINLYVrOAyX6UTtUnYlEOtM" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QjtKRCLQvfve6V9a2HdTYZIiTHcqtnt6SEYkdo%2FZkPRkP388%2FnxKkcVzGws38cAmjls5%2FFrC%2Bz9jtN6NllXsqNgG67OkztE1cVF6AlZ%2Bj5CRv4cHY22V3vGjTl%2B6ccjbKaKyDvd9zA3R8Bmi1OySKN6x%2BcA%3D"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=2678400 CF-RAY 849406f9fb7c04a3-FRA
GET H2	200	Primary Request / Show response healthplansforamericans.com/	20 KB 5 KB	345ms 307ms	Document text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://healthplansforamericans.com/ Requested by Host: trustedsubsidynow.com URL: http://trustedsubsidynow.com/js/absf_v1.0_references.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 9c51cddeb086ffab755dc13c0bac91fcb3dcb97031d3e41d74ae2474a8f6ed32 Request headers Referer http://trustedsubsidynow.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-origin * alt-svc h3=":443"; ma=86400 cache-control max-age=2678400 cf-cache-status MISS cf-ray 849406fbddcc3c93-CDG content-encoding br content-type text/html; charset=utf-8 date Mon, 22 Jan 2024 01:29:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oTnxppD5%2B%2Bt%2F%2FGhm7gPuisqvWwm2%2FQcr6P7bj%2BMwxYFzJLQ84Ln%2BXq3SUytfZDkWmR17UbN9AnrQoHuRVvsug1UzptHhnt%2FRQ33tdQ%2B98FBpwcYivAfa90Tb%2FRvG%2BKFA0Hzfw61hvszVgnXPZJTic1AV8KMDblVHFlA%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by Express
GET H2	200	fbevents.js connect.facebook.net/en_US/	213 KB 57 KB	31ms 7ms	Script application/x-javascript	2a03:2880:f083:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: trustedsubsidynow.com URL: http://trustedsubsidynow.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://trustedsubsidynow.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=() content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Mon, 22 Jan 2024 01:29:40 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 57023 x-xss-protection 0 reporting-endpoints pragma public x-fb-debug MFe7ES+9ojL7Rf5UCKpFCBWQlxtOV002hA3eJOoyOhhSLLcM6GwhxtJ1ny0HBjIo7bT8rbccpgC3BKKl7pIO9Q== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET		a57816b4-6c59-f397-7853-7e14e45d3e1b.js create.lidstatic.com/campaign/	0 0
GET H2	200	982169116227192 connect.facebook.net/signals/config/	134 KB 35 KB	66ms 65ms	Script application/x-javascript	2a03:2880:f083:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/982169116227192?v=2.9.141&r=stable&domain=trustedsubsidynow.com Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://trustedsubsidynow.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=() content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Mon, 22 Jan 2024 01:29:40 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints pragma public x-fb-debug 8jvCaCSE+3oKbwFXWdDnEHzjEoA1chgDP9fdJlKjhdSCQcz2wKYQZeM450i+2mfEkTkAZACjVUcBc3SqyFQ6zw== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	200	254961090299261 connect.facebook.net/signals/config/	134 KB 35 KB	66ms 66ms	Script application/x-javascript	2a03:2880:f083:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/254961090299261?v=2.9.141&r=stable&domain=trustedsubsidynow.com Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://trustedsubsidynow.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=() content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Mon, 22 Jan 2024 01:29:40 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints pragma public x-fb-debug tuPP4tKDPgIwkTGnSXdOQ//0OX9ePY3mKirxSRc9gABmlB68Jz81PimDr6qfjtFDyaTwiLNCIZNlhoZ5nzUaBA== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	bootstrap.min.css healthplansforamericans.com/css/	158 KB 25 KB	476ms 475ms	Stylesheet text/css	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://healthplansforamericans.com/css/bootstrap.min.css Requested by Host: healthplansforamericans.com URL: https://healthplansforamericans.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash f886516f3d41e9e7bd994c7f7a39a89cafae9483f90396cb0ddeafe8d1ea5e72 Request headers Referer https://healthplansforamericans.com/ Origin https://healthplansforamericans.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Mon, 22 Jan 2024 01:29:41 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"279d8-G+N7YjBsjAxndbtMk8XkxOE9l3U" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VATWbxoBn4TrjcZ2vz5XWzKM7zOf3P26%2FrOEd%2BuuEGoWRf3IT98jpkY3%2Flh1bWP9u55ovJU4tAe9EysplWugjlaKFpgueHZZARCtsJlJ99Es45gGjr%2BiZ4f27qDexQEk9CWhg5c7NSkZnjhEHZ0BDL74VqPWMuuRZMY%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control max-age=2678400 cf-ray 849406fdcefe3c93-CDG alt-svc h3=":443"; ma=86400
GET H2	200	css fonts.googleapis.com/	9 KB 1 KB	40ms 17ms	Stylesheet text/css	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:400,700|Roboto+Slab:400,700&display=swap Requested by Host: healthplansforamericans.com URL: https://healthplansforamericans.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash ac8bc924f3f8e41e2babc5338c71f942d91d34022a2fa9f52be2d005d9e71a79 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://healthplansforamericans.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 22 Jan 2024 01:29:40 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 22 Jan 2024 01:29:40 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 22 Jan 2024 01:29:40 GMT
GET H2	200	css2 fonts.googleapis.com/	23 KB 2 KB	76ms 53ms	Stylesheet text/css	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,400;0,500;0,600;1,400&display=swap Requested by Host: healthplansforamericans.com URL: https://healthplansforamericans.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 8a99ee4f93312dac6ab696f053bd65b1513c541bfeb3cdf2cb8862df13c0c721 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://healthplansforamericans.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 22 Jan 2024 01:29:40 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 22 Jan 2024 01:29:40 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 22 Jan 2024 01:29:40 GMT
GET H2	200	logo.png healthplansforamericans.com/images/	114 KB 114 KB	415ms 414ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://healthplansforamericans.com/images/logo.png Requested by Host: healthplansforamericans.com URL: https://healthplansforamericans.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash d1854f2659dc32e24936df4a715d520ba3b2d3da5b03a3fe84d5904446bbb20a Request headers accept-language de-DE,de;q=0.9 Referer https://healthplansforamericans.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Mon, 22 Jan 2024 01:29:41 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"1c760-KNQWKKlfM4e9HIFYB5aik573NbA" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MVyyseZd4FJ5XgX8rgUTmIkxI6LTn10arpEbKANBr2rFwHIhTFaJX6ydWyhk4gV9mbUntmT0vpEOzk1lSOpw9GjCDCRP1KbacJ1t3FvrwiIvrFvJt%2Fwm7wN0cqo7K%2Bh6kGvSub9TSpSq%2BxW88kSDJMaojAASfX83xP8%3D"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control max-age=2678400 accept-ranges bytes cf-ray 849406fdceff3c93-CDG alt-svc h3=":443"; ma=86400 content-length 116576
GET H2	200	image.jpg healthplansforamericans.com/images/	31 KB 31 KB	330ms 330ms	Image image/jpeg	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://healthplansforamericans.com/images/image.jpg Requested by Host: healthplansforamericans.com URL: https://healthplansforamericans.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash f70a1c4355672de33b4f6af28f01121e969e9ac38365905c7ba6b4701a054792 Request headers accept-language de-DE,de;q=0.9 Referer https://healthplansforamericans.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Mon, 22 Jan 2024 01:29:41 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"7a46-zYQ/YRN1YIvI9yrQhgtF7UwkqkI" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0P1D5NtJBfQM2GJCnXU%2B0grwMC16voehSwER%2BSS7PXaYbRPeCpHzOoW2Cf6rGkQyXMEOid6uGGvJ35D%2BXC0zdJ3A8v44FYlZJeW3RpN3lwj%2FmB46adGm3hCQ%2BpSahqO1kfMu6ciptt6qfeBahK0FzxUlE7Vnx4%2B30Ec%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * cache-control max-age=2678400 accept-ranges bytes cf-ray 849406fdcf003c93-CDG alt-svc h3=":443"; ma=86400 content-length 31302
GET H2	200	rocket-loader.min.js Show response healthplansforamericans.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/	12 KB 4 KB	18ms 18ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://healthplansforamericans.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Requested by Host: healthplansforamericans.com URL: https://healthplansforamericans.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://healthplansforamericans.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Mon, 22 Jan 2024 01:29:40 GMT content-encoding gzip x-content-type-options nosniff last-modified Fri, 05 Jan 2024 17:29:47 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"65983c8b-302c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9z0fKl6H1qAgInfpWr1tQNN2BMVgnzAmiUgVHYtE3DRh2ADIWLOYElUdzUe%2Fcj7PKUqnPnaC4yrX7Te6hpeqgiC1epj%2FCUqFxVvxmzIEtbQdzb5l1MqNGN7Oh7BdzUovH%2FdTW61mFJ4aUF5lgsUWP7j0oF0bmCFMU5M%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-frame-options DENY cache-control max-age=172800, public cf-ray 849406fdef0a3c93-CDG expires Wed, 24 Jan 2024 01:29:40 GMT
GET H3	200	bootstrap.bundle.min.js Show response healthplansforamericans.com/js/	79 KB 24 KB	469ms 469ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://healthplansforamericans.com/js/bootstrap.bundle.min.js Requested by Host: healthplansforamericans.com URL: https://healthplansforamericans.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 9520018fa5d81f4e4dc9d06afb576f90cbbaba209cfcc6cb60e1464647f7890b Request headers Referer https://healthplansforamericans.com/ Origin https://healthplansforamericans.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Mon, 22 Jan 2024 01:29:41 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"13a24-kNFQNu9I/LM2oTW66BK0VmnxkEQ" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tJYbxJI71s0dokmR09xhARwO6dyS9CvP5IPgap8qEvWHRIYeY7%2FKMemHvJE4uguCFS%2FTGyvwruKblG2OT1xuzQ8t4ryLPwOOqP9%2F0DUXXLf%2FDaSKjkAxJ9YTvRNUYJPyrUSDV%2Bpq37kPEs5lor8xQKKrwJ4bZNA6ro4%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=2678400 cf-ray 84940700df07b70d-AMS alt-svc h3=":443"; ma=86400
GET H2	200	CA3efe1122f0fc479bb67e286818ec6966 Show response b-js.ringba.com/	13 KB 13 KB	49ms 9ms	Script text/html	2600:9000:2490:fc00:4:1957:6500:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://b-js.ringba.com/CA3efe1122f0fc479bb67e286818ec6966 Requested by Host: healthplansforamericans.com URL: https://healthplansforamericans.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2490:fc00:4:1957:6500:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash fa5c959317c14a9a13cde4e8d0766334da1c2c34f24701af99f0959d193ae87a Request headers accept-language de-DE,de;q=0.9 Referer https://healthplansforamericans.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Mon, 22 Jan 2024 01:28:33 GMT via 1.1 bb5a1c03f2335d92378a3e68542733da.cloudfront.net (CloudFront) x-aspnet-version 4.0.30319 x-amz-cf-pop FRA56-P6 age 67 x-powered-by ASP.NET x-cache Hit from cloudfront content-length 13212 x-runtime 0.0000 server Microsoft-IIS/10.0 access-control-max-age 300 content-type text/html; charset=utf-8 access-control-allow-origin * cache-control public x-amz-cf-id LsOsRJ4HZC6sBnfw3ytaRv8x3hpKCR_uXad7-jykZb5dlqDXnWp8WQ== expires Mon, 22 Jan 2024 01:33:34 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v40/	47 KB 47 KB	38ms 14ms	Font font/woff2	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,400;0,500;0,600;1,400&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://healthplansforamericans.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 17 Jan 2024 11:02:10 GMT x-content-type-options nosniff age 397651 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48236 x-xss-protection 0 last-modified Thu, 14 Dec 2023 02:08:40 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 16 Jan 2025 11:02:10 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	31ms 7ms	Font font/woff2	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:400,700|Roboto+Slab:400,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://healthplansforamericans.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 17 Jan 2024 02:13:53 GMT x-content-type-options nosniff age 429348 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 16 Jan 2025 02:13:53 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	34ms 10ms	Font font/woff2	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:400,700|Roboto+Slab:400,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://healthplansforamericans.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 17 Jan 2024 14:18:08 GMT x-content-type-options nosniff age 385893 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 16 Jan 2025 14:18:08 GMT
POST H/1.1	200 OK	gnbulk Show response display.ringba.com/v2/nis/	398 B 796 B	386ms 94ms	XHR application/json	54.157.163.131 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://display.ringba.com/v2/nis/gnbulk Requested by Host: b-js.ringba.com URL: https://b-js.ringba.com/CA3efe1122f0fc479bb67e286818ec6966 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.157.163.131 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-157-163-131.compute-1.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash cb7c056dde2681fd39c43c9380bb89288b64f783c65e2e7497a2802c376fe26b Request headers Referer https://healthplansforamericans.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Content-type text/plain Response headers Pragma no-cache Date Mon, 22 Jan 2024 01:29:41 GMT X-Runtime 0.0020 Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Access-Control-Max-Age 300 Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://healthplansforamericans.com Cache-Control no-cache Connection keep-alive Content-Length 398 Expires -1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

create.lidstatic.com

URL

http://create.lidstatic.com/campaign/a57816b4-6c59-f397-7853-7e14e45d3e1b.js?snippet_version=2&callback=addToQueryString

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __cfQR object| ringba_known_numbers object| _rgba object| ringba object| _rgba_tags number| uidEvent object| bootstrap function| survey1 function| survey2 function| survey3 function| result boolean| __cfRLUnblockHandlers

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.trustedsubsidynow.com/	1970-01-20 20:01:02	Name: _fbp Value: fb.1.1705886980640.2136799323

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
b-js.ringba.com
connect.facebook.net
create.lidstatic.com
display.ringba.com
fonts.googleapis.com
fonts.gstatic.com
healthplansforamericans.com
trustedsubsidynow.com
create.lidstatic.com
2600:9000:2490:fc00:4:1957:6500:93a1
2606:4700:3032::6815:5e92
2a00:1450:4001:827::200a
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2003
2a03:2880:f083:100:face:b00c:0:3
2a06:98c1:3120::3
54.157.163.131
028bf096de9208f1199b5f3c61b17f34cfe6284fd58018a1c9765d5f82d0fc36
1f61485459388667aa67b730453d0609c34816d64c5bbed1dafe058b645c4ecd
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
8a99ee4f93312dac6ab696f053bd65b1513c541bfeb3cdf2cb8862df13c0c721
9109818aa3e59aa5fd052a2e55ec5c824e1af22f07aacee86c9561b2f33f935d
9520018fa5d81f4e4dc9d06afb576f90cbbaba209cfcc6cb60e1464647f7890b
9c51cddeb086ffab755dc13c0bac91fcb3dcb97031d3e41d74ae2474a8f6ed32
ac8bc924f3f8e41e2babc5338c71f942d91d34022a2fa9f52be2d005d9e71a79
cb7c056dde2681fd39c43c9380bb89288b64f783c65e2e7497a2802c376fe26b
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d1854f2659dc32e24936df4a715d520ba3b2d3da5b03a3fe84d5904446bbb20a
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f70a1c4355672de33b4f6af28f01121e969e9ac38365905c7ba6b4701a054792
f886516f3d41e9e7bd994c7f7a39a89cafae9483f90396cb0ddeafe8d1ea5e72
fa5c959317c14a9a13cde4e8d0766334da1c2c34f24701af99f0959d193ae87a
faf62aeab078fcc94632266780b07a58f2dd22d66047abb2d4f9a668cf4dfb2d
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e