www.medicare-providers.net Open in urlscan Pro
69.20.112.197 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://str.art-of-groom.art/reductivenesses/kgpCpZBDtouZGg91uoWVbbBIhIr7zACwqD9BU0OJGzIN8rmXUP3_GECTpCWpnWNSnLXPjjm4R8dbux-D...
Effective URL:
https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_me...
Submission: On October 22 via api (October 22nd 2019, 2:25:44 am UTC) from BE

Summary HTTP 48 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 18 domains to perform 48 HTTP transactions. The main IP is 69.20.112.197, located in San Antonio, United States and belongs to RACKSPACE - Rackspace Hosting, US. The main domain is www.medicare-providers.net.
TLS certificate: Issued by Entrust Certification Authority - L1K on August 13th 2018. Valid for: 2 years.

This is the only time www.medicare-providers.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.159.7.9 104.159.7.9	22423 (ALTIMA-TE...) (ALTIMA-TELECOM - Altima Telecom)
1	103.83.36.136 103.83.36.136	136171 (MEDHAHOST...) (MEDHAHOSTING-AS-AP Medha Hosting)
18	69.20.112.197 69.20.112.197	27357 (RACKSPACE) (RACKSPACE - Rackspace Hosting)
6	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE - Google LLC)
1	52.203.108.11 52.203.108.11	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	69.20.94.14 69.20.94.14	27357 (RACKSPACE) (RACKSPACE - Rackspace Hosting)
1 3	2a00:1450:400... 2a00:1450:4001:825::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	54.230.95.234 54.230.95.234	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	2a00:1450:400... 2a00:1450:4001:81a::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2606:4700:10:... 2606:4700:10::6814:4a82	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 2	2a00:1450:400... 2a00:1450:4001:81c::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:821::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2606:4700::68... 2606:4700::6811:704f	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	52.203.143.252 52.203.143.252	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
3	34.236.206.109 34.236.206.109	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	143.204.98.150 143.204.98.150	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	3.222.216.63 3.222.216.63	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
48	19

1 104.159.7.9 (Canada) 1 redirects

ASN22423 (ALTIMA-TELECOM - Altima Telecom, CA)
PTR: 104-159-7-9.heliothropis.com

str.art-of-groom.art	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.83.36.136 (Asheville, United States)

ASN136171 (MEDHAHOSTING-AS-AP Medha Hosting, IN)
PTR: 3fak.btuk.stream

www.yilopeet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 69.20.112.197 (San Antonio, United States)

ASN27357 (RACKSPACE - Rackspace Hosting, US)
PTR: www.medicare-providers.net

www.medicare-providers.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.98 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: zrh04s05-in-f98.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.203.108.11 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-203-108-11.compute-1.amazonaws.com

js7.invoca.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.20.94.14 (San Antonio, United States)

ASN27357 (RACKSPACE - Rackspace Hosting, US)
PTR: secure.apolloi.com

secure.apolloi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:825::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.95.234 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-95-234.fra2.r.cloudfront.net

api.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:4a82 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

create.lidstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:704f (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

script.anura.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.203.143.252 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-203-143-252.compute-1.amazonaws.com

json7.ringrevenue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.236.206.109 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-236-206-109.compute-1.amazonaws.com

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.150 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-98-150.fra50.r.cloudfront.net

d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.222.216.63 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-222-216-63.compute-1.amazonaws.com

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	medicare-providers.net www.medicare-providers.net	450 KB
6	googleapis.com fonts.googleapis.com	3 KB
4	leadid.com create.leadid.com	3 KB
3	gstatic.com fonts.gstatic.com	27 KB
3	google-analytics.com 1 redirects www.google-analytics.com	44 KB
2	anura.io script.anura.io	12 KB
2	google.de www.google.de	590 B
2	google.com 1 redirects www.google.com	514 B
2	doubleclick.net 1 redirects googleads.g.doubleclick.net stats.g.doubleclick.net	2 KB
1	cloudfront.net d2m2wsoho8qq12.cloudfront.net
1	ringrevenue.com json7.ringrevenue.com	1 KB
1	lidstatic.com create.lidstatic.com	39 KB
1	pushnami.com api.pushnami.com	9 KB
1	apolloi.com secure.apolloi.com
1	invoca.net js7.invoca.net	12 KB
1	googleadservices.com www.googleadservices.com	10 KB
1	yilopeet.com www.yilopeet.com	543 B
1	art-of-groom.art 1 redirects str.art-of-groom.art	368 B
48	18

	Domain	Requested by
18	www.medicare-providers.net	www.yilopeet.com www.medicare-providers.net
6	fonts.googleapis.com	www.medicare-providers.net
4	create.leadid.com	create.lidstatic.com
3	fonts.gstatic.com	www.medicare-providers.net
3	www.google-analytics.com	1 redirects www.medicare-providers.net www.google-analytics.com
2	script.anura.io	www.medicare-providers.net script.anura.io
2	www.google.de	www.medicare-providers.net
2	www.google.com	1 redirects www.medicare-providers.net
1	d2m2wsoho8qq12.cloudfront.net	create.lidstatic.com
1	json7.ringrevenue.com	js7.invoca.net
1	stats.g.doubleclick.net	1 redirects
1	create.lidstatic.com	www.medicare-providers.net
1	googleads.g.doubleclick.net	www.googleadservices.com
1	api.pushnami.com	www.medicare-providers.net
1	secure.apolloi.com	www.medicare-providers.net
1	js7.invoca.net	www.medicare-providers.net
1	www.googleadservices.com	www.medicare-providers.net
1	www.yilopeet.com
1	str.art-of-groom.art	1 redirects
48	19

This site contains links to these domains. Also see Links.

Domain
www.hhs.gov
www.medicare.gov
www.cms.gov

Subject Issuer	Validity	Valid
www.yilopeet.com Let's Encrypt Authority X3	`2019-08-20` - `2019-11-18`	3 months	crt.sh
www.medicare-providers.net Entrust Certification Authority - L1K	`2018-08-13` - `2020-08-13`	2 years	crt.sh
*.googleapis.com GTS CA 1O1	`2019-10-03` - `2019-12-26`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2019-10-03` - `2019-12-26`	3 months	crt.sh
*.invoca.net Go Daddy Secure Certificate Authority - G2	`2018-08-08` - `2020-10-30`	2 years	crt.sh
secure.apolloi.com RapidSSL RSA CA 2018	`2018-11-26` - `2021-01-04`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-10-03` - `2019-12-26`	3 months	crt.sh
*.pushnami.com Amazon	`2019-06-14` - `2020-07-14`	a year	crt.sh
*.google.com GTS CA 1O1	`2019-10-03` - `2019-12-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-10-03` - `2019-12-26`	3 months	crt.sh
lidstatic.com CloudFlare Inc ECC CA-2	`2019-07-02` - `2020-07-01`	a year	crt.sh
www.google.com GTS CA 1O1	`2019-10-03` - `2019-12-26`	3 months	crt.sh
www.google.de GTS CA 1O1	`2019-10-03` - `2019-12-26`	3 months	crt.sh
ssl763732.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-06-28` - `2020-01-04`	6 months	crt.sh
*.ringrevenue.com Go Daddy Secure Certificate Authority - G2	`2019-02-09` - `2021-04-11`	2 years	crt.sh
create.leadid.com Amazon	`2019-01-16` - `2020-02-16`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
Frame ID: E8925EC89E81B4DD1E093676EF3C931C
Requests: 47 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=7A533215-F628-EE16-A4E6-F9B91BFC69F1&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.5.2&lck=81C0E214-F497-A92B-AD7F-7276E94695AB&lac=478B1969-F034-6785-243D-D2DE64FC7F68
Frame ID: BA1B1139F9E0D1895BCF724FFE84B661
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://str.art-of-groom.art/reductivenesses/kgpCpZBDtouZGg91uoWVbbBIhIr7zACwqD9BU0OJGzIN8rmXUP3_GECTpCWp... HTTP 302
https://www.yilopeet.com/PLr7mAyqz657GKa_Yu1RHm4tYo8-R5F1V5fLwBwhXrs2gJ30tFpuaNpjvprK6fLsJIGdHs3ZxWZk... Page URL
https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&ut... Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

48
Requests

98 %
HTTPS

45 %
IPv6

18
Domains

19
Subdomains

19
IPs

4
Countries

613 kB
Transfer

1486 kB
Size

4
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.hhs.gov/sites/default/files/AmericanPatientsFirst.pdf
Title: here

Search URL Search Domain Scan URL

URL: http://www.medicare.gov/
Title: Medicare.gov

Search URL Search Domain Scan URL

URL: http://www.cms.gov/
Title: CMS.gov

Search URL Search Domain Scan URL

URL: http://www.cms.gov/medicare-coverage-database/
Title: MCD.gov

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://str.art-of-groom.art/reductivenesses/kgpCpZBDtouZGg91uoWVbbBIhIr7zACwqD9BU0OJGzIN8rmXUP3_GECTpCWpnWNSnLXPjjm4R8dbux-Dyj5ukt9gvzzz03mfPu66hV_FaMZR1N4A-5r9mVNSH5oE7ipDNaDKuDpJ4dKr7K3oU-2Ho6GKsOm_xpSTBFMKnz5SKR52Ej-Y4QjcLUSwApkD HTTP 302
https://www.yilopeet.com/PLr7mAyqz657GKa_Yu1RHm4tYo8-R5F1V5fLwBwhXrs2gJ30tFpuaNpjvprK6fLsJIGdHs3ZxWZkEYVZgrsC8g~~/555560/508179dc4fe096caf5531bbd857c3432/59886504/ Page URL
https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://str.art-of-groom.art/reductivenesses/kgpCpZBDtouZGg91uoWVbbBIhIr7zACwqD9BU0OJGzIN8rmXUP3_GECTpCWpnWNSnLXPjjm4R8dbux-Dyj5ukt9gvzzz03mfPu66hV_FaMZR1N4A-5r9mVNSH5oE7ipDNaDKuDpJ4dKr7K3oU-2Ho6GKsOm_xpSTBFMKnz5SKR52Ej-Y4QjcLUSwApkD HTTP 302
https://www.yilopeet.com/PLr7mAyqz657GKa_Yu1RHm4tYo8-R5F1V5fLwBwhXrs2gJ30tFpuaNpjvprK6fLsJIGdHs3ZxWZkEYVZgrsC8g~~/555560/508179dc4fe096caf5531bbd857c3432/59886504/

Request Chain 34

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=209895425&t=pageview&_s=1&dl=https%3A%2F%2Fwww.medicare-providers.net%2Fplans%2Ftrumpcaremedicare%2F%3FReferrer%3DMADE%26Subreferrer%3D160007%26Subid%3D512747219%26utm_source%3Dmade%26utm_medium%3Demail%26utm_content%3DTrumpmedicare%26utm_campaign%3D1&dr=https%3A%2F%2Fwww.yilopeet.com%2FPLr7mAyqz657GKa_Yu1RHm4tYo8-R5F1V5fLwBwhXrs2gJ30tFpuaNpjvprK6fLsJIGdHs3ZxWZkEYVZgrsC8g~~%2F555560%2F508179dc4fe096caf5531bbd857c3432%2F59886504%2F&ul=en-us&de=UTF-8&dt=Find%20Plans%20%7C%20Medicare%20Providers&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=KGBAAEADQ~&jid=1951928966&gjid=342535187&cid=1287921810.1571711126&tid=UA-12025801-1&_gid=1087901967.1571711126&_r=1&z=2142982541 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-12025801-1&cid=1287921810.1571711126&jid=1951928966&_gid=1087901967.1571711126&gjid=342535187&_v=j79&z=2142982541 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12025801-1&cid=1287921810.1571711126&jid=1951928966&_v=j79&z=2142982541 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12025801-1&cid=1287921810.1571711126&jid=1951928966&_v=j79&z=2142982541&slf_rd=1&random=2537277884

48 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Cookie set / Show response
www.yilopeet.com/PLr7mAyqz657GKa_Yu1RHm4tYo8-R5F1V5fLwBwhXrs2gJ30tFpuaNpjvprK6fLsJIGdHs3ZxWZkEYVZgrsC8g~~/555560/508179dc4fe096caf5531bbd857c3432/59886504/
Redirect Chain

http://str.art-of-groom.art/reductivenesses/kgpCpZBDtouZGg91uoWVbbBIhIr7zACwqD9BU0OJGzIN8rmXUP3_GECTpCWpnWNSnLXPjjm4R8dbux-Dyj5ukt9gvzzz03mfPu66hV_FaMZR1N4A-5r9mVNSH5oE7ipDNaDKuDpJ4dKr7K3oU-2Ho6GKs...
https://www.yilopeet.com/PLr7mAyqz657GKa_Yu1RHm4tYo8-R5F1V5fLwBwhXrs2gJ30tFpuaNpjvprK6fLsJIGdHs3ZxWZkEYVZgrsC8g~~/555560/508179dc4fe096caf5531bbd857c3432/59886504/

245 B
543 B

575ms
224ms

Document
text/html

103.83.36.136
MEDHAHOSTING-AS-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yilopeet.com/PLr7mAyqz657GKa_Yu1RHm4tYo8-R5F1V5fLwBwhXrs2gJ30tFpuaNpjvprK6fLsJIGdHs3ZxWZkEYVZgrsC8g~~/555560/508179dc4fe096caf5531bbd857c3432/59886504/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.83.36.136 Asheville, United States, ASN136171 (MEDHAHOSTING-AS-AP Medha Hosting, IN),
Reverse DNS: 3fak.btuk.stream
Software: Apache /
Resource Hash: eb46f5a2602e4aa531ed3cbc824b9a87055befe12b093e7da9bbf0e64e78271f

Request headers

Host: www.yilopeet.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 22 Oct 2019 02:25:24 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 245
Server: Apache
Set-Cookie: uid3373=512747219-20191021222524-44d3def81b7f81f69bf8adb622ccebdf-; expires=Thu, 21-Nov-2019 02:25:24 GMT; Max-Age=2592000; path=/; domain=yilopeet.com

Redirect headers

Server: nginx
Date: Tue, 22 Oct 2019 02:25:24 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Access-Control-Allow-Origin: *
location: https://www.yilopeet.com/PLr7mAyqz657GKa_Yu1RHm4tYo8-R5F1V5fLwBwhXrs2gJ30tFpuaNpjvprK6fLsJIGdHs3ZxWZkEYVZgrsC8g~~/555560/508179dc4fe096caf5531bbd857c3432/59886504/

GET
H/1.1 200
OK Primary Request Cookie set / Show response
www.medicare-providers.net/plans/trumpcaremedicare/ 22 KB
8 KB 521ms
336ms Document
text/html 69.20.112.197
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL

https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1

Requested by

Host: www.yilopeet.com
URL: https://www.yilopeet.com/PLr7mAyqz657GKa_Yu1RHm4tYo8-R5F1V5fLwBwhXrs2gJ30tFpuaNpjvprK6fLsJIGdHs3ZxWZkEYVZgrsC8g~~/555560/508179dc4fe096caf5531bbd857c3432/59886504/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.20.112.197 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

62544aad29001a77a47203b92ab8eee1c2459a748b43752aca63e5326d245cc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Host: www.medicare-providers.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://www.yilopeet.com/PLr7mAyqz657GKa_Yu1RHm4tYo8-R5F1V5fLwBwhXrs2gJ30tFpuaNpjvprK6fLsJIGdHs3ZxWZkEYVZgrsC8g~~/555560/508179dc4fe096caf5531bbd857c3432/59886504/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: https://www.yilopeet.com/PLr7mAyqz657GKa_Yu1RHm4tYo8-R5F1V5fLwBwhXrs2gJ30tFpuaNpjvprK6fLsJIGdHs3ZxWZkEYVZgrsC8g~~/555560/508179dc4fe096caf5531bbd857c3432/59886504/

Response headers

Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=60a7ab2182778bb88d7a4ea0829e2d15; path=/ XSRF-TOKEN=eyJpdiI6IngzQ0RLdXk2M0pCNkVtZkRXeCswQnc9PSIsInZhbHVlIjoiV3h3RFN5bVI0U2ZGNDBPcG5wZWdIbnNKVjY3SlwvaG12RzBaN1VXcWNJdFdJTTFNS1JHTmNKbjE3dENWZDcxN0xjUTlqRVBVT1c2Tm1cL1hha2ZvcVhQUT09IiwibWFjIjoiOTE1ZGI1NDdjZmFiNGUxNGVlMDg4ZDBlODYyZTNhMzVjMWNkMzdlZGVlM2UwMGQzY2M5MGFmZTE0ODI2ZmFkZCJ9; expires=Tue, 22-Oct-2019 04:25:25 GMT; Max-Age=7200; path=/ laravel_session=eyJpdiI6IkROeXR2VlNzbjh3UkZMTmFGSlwvanF3PT0iLCJ2YWx1ZSI6Iit5V2hQVDJZVXJ4R3pYQzVzZDVKNmdOVlpFWnNLdHlUM2RMNmtSWVV0b1N6SGcxeG9qOEw1aUxEM0pmNUxKR0ZwV0JnQjdheVdwQ3VrRnhSbFdtaExBPT0iLCJtYWMiOiJhNzc2ZjIwYTNkMzgwMDQ3NWM2YTNlMjNkMWVjOTgxMDE5MzJmZGNmM2U4NWY2MDk1ZmNkNzE1NmI0ZTU4NjNmIn0%3D; expires=Tue, 22-Oct-2019 04:25:25 GMT; Max-Age=7200; path=/; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate no-cache
Pragma: no-cache
Date: Tue, 22 Oct 2019 02:25:25 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK fontawesome.min.css
www.medicare-providers.net/common_scripts/leadgen/fonts/fontawesome/ 34 KB
9 KB 91ms
91ms Stylesheet
text/css 69.20.112.197
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL

https://www.medicare-providers.net/common_scripts/leadgen/fonts/fontawesome/fontawesome.min.css

Requested by

Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.20.112.197 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

889e5b0e0831a15afbf0a7afe2916c25500b2fa6abb5f62727b0c245415a5f12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 22 Oct 2019 02:25:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 12 Apr 2019 17:59:33 GMT
Server: nginx
ETag: W/"5cb0d205-870a"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 css
fonts.googleapis.com/ 2 KB
857 B 27ms
15ms Stylesheet
text/css 2a00:1450:4001:809::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

e5b09ae4f391ccd8e04977e2330f1e533a2a507d95c609a3fd437a7ffc7cddfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 22 Oct 2019 02:25:25 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Tue, 22 Oct 2019 02:25:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Tue, 22 Oct 2019 02:25:25 GMT

GET
H/1.1 200
OK mp.css
www.medicare-providers.net/common_scripts/leadgen/laravel/css/ 353 KB
68 KB 184ms
93ms Stylesheet
text/css 69.20.112.197
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL

https://www.medicare-providers.net/common_scripts/leadgen/laravel/css/mp.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.20.112.197 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

9c0a27facba9672b2035a9776dfeb5252fc07dd314c4853def3e12089cd6d7ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 22 Oct 2019 02:25:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 09 Oct 2019 23:24:35 GMT
Server: nginx
ETag: W/"5d9e6c33-58262"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK mp.js Show response
www.medicare-providers.net/common_scripts/leadgen/laravel/js/ 469 KB
158 KB 275ms
92ms Script
application/javascript 69.20.112.197
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL

https://www.medicare-providers.net/common_scripts/leadgen/laravel/js/mp.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.20.112.197 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

d0bb686236971e2f23dd56ccb538b420bfa043e4daa739b0c0b7d6549c7a771a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 22 Oct 2019 02:25:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 04 Oct 2019 21:43:28 GMT
Server: nginx
ETag: W/"5d97bd00-7542e"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK logo.png
www.medicare-providers.net/images/ 3 KB
3 KB 273ms
90ms Image
image/png 69.20.112.197
Rackspace Hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.medicare-providers.net/images/logo.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.20.112.197 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

2b2d857fc5c80a20d6e07a2d98b8e002c9753662955a8ebac6967e46518702ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 22 Oct 2019 02:25:25 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 31 Jul 2018 21:30:37 GMT
Server: nginx
ETag: "5b60d4fd-bdb"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3035

GET
H/1.1 200
OK btn-chevron.png
www.medicare-providers.net/images/medicarealert/ 19 KB
20 KB 273ms
90ms Image
image/png 69.20.112.197
Rackspace Hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.medicare-providers.net/images/medicarealert/btn-chevron.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.20.112.197 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

304d56b837c5d9bcdae32502bd0e3cf7716b3f706f08ed8dc51d6ba13cb33b00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 22 Oct 2019 02:25:25 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 28 Jul 2017 18:09:26 GMT
Server: nginx
ETag: "597b7dd6-4cef"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19695

GET
H/1.1 200
OK stock-1.jpg
www.medicare-providers.net/images/31421/ 27 KB
28 KB 90ms
90ms Image
image/jpeg 69.20.112.197
Rackspace Hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.medicare-providers.net/images/31421/stock-1.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.20.112.197 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

78549c0eb6095bbdc03a3ee91b61662e7efc30db63e4bf8bd411787685d36572

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 22 Oct 2019 02:25:26 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 20 Nov 2017 18:59:19 GMT
Server: nginx
ETag: "5a132607-6cda"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27866

GET
H/1.1 200
OK stock-2.jpg
www.medicare-providers.net/images/31421/ 30 KB
31 KB 91ms
90ms Image
image/jpeg 69.20.112.197
Rackspace Hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.medicare-providers.net/images/31421/stock-2.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.20.112.197 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

a1820c8c0119b36e17d2e52afd9b56f3638d335c0f0dafe7d2f5d0abba533625

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 22 Oct 2019 02:25:25 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 20 Nov 2017 18:59:19 GMT
Server: nginx
ETag: "5a132607-79cd"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31181

GET
H/1.1 200
OK stock-3.jpg
www.medicare-providers.net/images/31421/ 43 KB
43 KB 91ms
90ms Image
image/jpeg 69.20.112.197
Rackspace Hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.medicare-providers.net/images/31421/stock-3.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.20.112.197 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

df6e6c1253a4d12ec60534bf851d89a74c2feef171d1769bc20d66cf99c9b22d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 22 Oct 2019 02:25:26 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 20 Nov 2017 18:59:19 GMT
Server: nginx
ETag: "5a132607-aab2"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43698

GET
H/1.1 200
OK logo.png
www.medicare-providers.net/images/31421/ 3 KB
3 KB 91ms
91ms Image
image/png 69.20.112.197
Rackspace Hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.medicare-providers.net/images/31421/logo.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.20.112.197 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

bee9c302260c287106b2bfa7b08e94d40d785541153c1e0808ec01c372b4c319

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 22 Oct 2019 02:25:26 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 20 Nov 2017 18:59:19 GMT
Server: nginx
ETag: "5a132607-a21"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2593

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 24 KB
10 KB 28ms
16ms Script
text/javascript 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

78a79d5cefe3a91bfccc9d0e3522b756e142d8c2aeba35146f2bc399b71cf4ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 22 Oct 2019 02:25:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9385
x-xss-protection: 0
server: cafe
etag: 14299522277420216331
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 22 Oct 2019 02:25:25 GMT

GET
H/1.1 200
OK integration.js Show response
js7.invoca.net/7/ 28 KB
12 KB 401ms
92ms Script
application/javascript 52.203.108.11
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://js7.invoca.net/7/integration.js
Requested by: Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.108.11 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-203-108-11.compute-1.amazonaws.com
Software: nginx/1.15.5 /
Resource Hash: 0f3b12dbcfa9c4be462b6176888f30d4aafd1baba153b6726854c54780fb6815

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 22 Oct 2019 02:25:26 GMT
Content-Encoding: gzip
Last-Modified: Fri, 18 Oct 2019 23:38:58 GMT
Server: nginx/1.15.5
Connection: keep-alive
Content-Length: 11645
Content-Type: application/javascript

GET
H/1.1 200
OK visit.php Show response
secure.apolloi.com/leadgen/pxl/ 0
0 376ms
97ms Script
text/html 69.20.94.14
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.apolloi.com/leadgen/pxl/visit.php?visit_id=116995448
Requested by: Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.20.94.14 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS: secure.apolloi.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 css
fonts.googleapis.com/ 2 KB
560 B 27ms
16ms Stylesheet
text/css 2a00:1450:4001:809::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Slab

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

d3535722304c938a15fd3a0d4ad3cd961e8a8a27bb76f115054928d84024f136

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 22 Oct 2019 02:25:25 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Tue, 22 Oct 2019 02:25:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Tue, 22 Oct 2019 02:25:25 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
700 B 71ms
61ms Stylesheet
text/css 2a00:1450:4001:809::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,900

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

0d9b67625f262e1eba2b5294ffbd97db236096233fb4fbb4b5cb01e8defffe1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 22 Oct 2019 02:25:25 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Tue, 22 Oct 2019 02:25:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Tue, 22 Oct 2019 02:25:25 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
463 B 28ms
17ms Stylesheet
text/css 2a00:1450:4001:809::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:400,700,900

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

091098ba45445979ff4f441a8a9d55b48932aa328907318bc63c531396ef8fc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 22 Oct 2019 02:25:25 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Tue, 22 Oct 2019 02:25:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Tue, 22 Oct 2019 02:25:25 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
466 B 27ms
17ms Stylesheet
text/css 2a00:1450:4001:809::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oxygen:300,400,700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

e1e415b221fcf1939c5a3893b1e8408285a5dbf4a26c0c46f6cb461d6ca87caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 22 Oct 2019 02:25:25 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Tue, 22 Oct 2019 02:25:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Tue, 22 Oct 2019 02:25:25 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
500 B 26ms
16ms Stylesheet
text/css 2a00:1450:4001:809::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

3700c7c0f24f48f6b4b6e2402969286e19418aa84f14f134e436960439726926

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 22 Oct 2019 02:25:25 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Tue, 22 Oct 2019 02:25:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Tue, 22 Oct 2019 02:25:25 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
18 KB 19ms
6ms Script
text/javascript 2a00:1450:4001:825::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 3052
date: Tue, 22 Oct 2019 01:34:34 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Tue, 22 Oct 2019 03:34:34 GMT

GET
H2 200 593ad82461c3a6d644c6428c Show response
api.pushnami.com/scripts/v1/pushnami-adv/ 33 KB
9 KB 386ms
370ms Script
application/javascript 54.230.95.234
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pushnami.com/scripts/v1/pushnami-adv/593ad82461c3a6d644c6428c
Requested by: Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.230.95.234 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-230-95-234.fra2.r.cloudfront.net
Software: /
Resource Hash: bd25c14a77fca727926a0e180d3047ca8d5a5aa301746775f28980b2d3b82e56

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 22 Oct 2019 02:25:26 GMT
via: 1.1 42eda27a8f21acb511ddb91858ee5d5b.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
status: 200
cache-control: no-cache
content-encoding: gzip
x-amz-cf-id: 4oYO5tCOh3nAU2JCXvib6ByYw_Y-MuWc4o5gelBcmNSJHHCslK2NJg==

GET
H/1.1 200
OK bg-stripe.png
www.medicare-providers.net/images/31421/ 107 B
443 B 90ms
90ms Image
image/png 69.20.112.197
Rackspace Hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.medicare-providers.net/images/31421/bg-stripe.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.20.112.197 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

fce9a6f2f7ea34cf08c5bb2847357f438d9106922abeefa20ab7c344cd493372

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/common_scripts/leadgen/laravel/css/mp.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 22 Oct 2019 02:25:25 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 18 Sep 2017 19:15:06 GMT
Server: nginx
ETag: "59c01b3a-6b"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 107

GET
H/1.1 200
OK hero.jpg
www.medicare-providers.net/images/31421/ 74 KB
75 KB 177ms
90ms Image
image/jpeg 69.20.112.197
Rackspace Hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.medicare-providers.net/images/31421/hero.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.20.112.197 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

4745bfb123d90c3944b1af19732e3c7d74880f98379caa9ec776d603588659b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/common_scripts/leadgen/laravel/css/mp.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 22 Oct 2019 02:25:26 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 20 Nov 2017 18:59:19 GMT
Server: nginx
ETag: "5a132607-1291a"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 76058

GET
H/1.1 200
OK icon-phone.png
www.medicare-providers.net/images/31421/ 2 KB
2 KB 161ms
90ms Image
image/png 69.20.112.197
Rackspace Hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.medicare-providers.net/images/31421/icon-phone.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.20.112.197 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

fc7fab33a384c604e1e892730d4272f7c4ad6a82eaabb818da857e40eb56e071

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/common_scripts/leadgen/laravel/css/mp.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 22 Oct 2019 02:25:26 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 18 Sep 2017 20:04:23 GMT
Server: nginx
ETag: "59c026c7-85a"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2138

GET
H/1.1 200
OK icon-check.png
www.medicare-providers.net/images/31421/ 531 B
868 B 161ms
90ms Image
image/png 69.20.112.197
Rackspace Hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.medicare-providers.net/images/31421/icon-check.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.20.112.197 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

57991fd35887bc08a67879ec52d707c684c0e0288e7a323970b568802affc42f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/common_scripts/leadgen/laravel/css/mp.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 22 Oct 2019 02:25:26 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 18 Sep 2017 20:04:23 GMT
Server: nginx
ETag: "59c026c7-213"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 531

GET
H/1.1 200
OK bg-miniform-stripe.png
www.medicare-providers.net/images/31421/ 114 B
450 B 161ms
90ms Image
image/png 69.20.112.197
Rackspace Hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.medicare-providers.net/images/31421/bg-miniform-stripe.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.20.112.197 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

625421f442e81ee0d7e42a3eefb24a20ebba3d528cf97467cc2d600d6fe10da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/common_scripts/leadgen/laravel/css/mp.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 22 Oct 2019 02:25:26 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 20 Nov 2017 18:39:37 GMT
Server: nginx
ETag: "5a132169-72"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 114

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 19ms
7ms Font
font/woff2 2a00:1450:4001:81a::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,900
Origin: https://www.medicare-providers.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 09:58:45 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 1096001
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9132
x-xss-protection: 0
expires: Thu, 08 Oct 2020 09:58:45 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 16ms
6ms Font
font/woff2 2a00:1450:4001:81a::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,900
Origin: https://www.medicare-providers.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 23:13:34 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:31:11 GMT
server: sffe
age: 11512
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9080
x-xss-protection: 0
expires: Tue, 20 Oct 2020 23:13:34 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 16ms
7ms Font
font/woff2 2a00:1450:4001:81a::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,900
Origin: https://www.medicare-providers.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 22 Oct 2019 00:31:49 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:44 GMT
server: sffe
age: 6817
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9180
x-xss-protection: 0
expires: Wed, 21 Oct 2020 00:31:49 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/979637013/ 3 KB
2 KB 31ms
18ms Script
text/javascript 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/979637013/?random=1571711126058&cv=9&fst=1571711126058&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.medicare-providers.net%2Fplans%2Ftrumpcaremedicare%2F%3FReferrer%3DMADE%26Subreferrer%3D160007%26Subid%3D512747219%26utm_source%3Dmade%26utm_medium%3Demail%26utm_content%3DTrumpmedicare%26utm_campaign%3D1&ref=https%3A%2F%2Fwww.yilopeet.com%2FPLr7mAyqz657GKa_Yu1RHm4tYo8-R5F1V5fLwBwhXrs2gJ30tFpuaNpjvprK6fLsJIGdHs3ZxWZkEYVZgrsC8g~~%2F555560%2F508179dc4fe096caf5531bbd857c3432%2F59886504%2F&tiba=Find%20Plans%20%7C%20Medicare%20Providers&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

b64c9b7a8fc9dd0ff5b75e95d7ba00a1f094ef9ff8641911184c50a7bdca1ab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Oct 2019 02:25:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1165
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 81c0e214-f497-a92b-ad7f-7276e94695ab.js Show response
create.lidstatic.com/campaign/ 122 KB
39 KB 616ms
570ms Script
text/javascript 2606:4700:10::6814:4a82
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://create.lidstatic.com/campaign/81c0e214-f497-a92b-ad7f-7276e94695ab.js?snippet_version=2
Requested by: Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4a82 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86c32d1aa404959e81af9f85ea823547191b8da202cdeded40fc09c5cb8f4c99

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 22 Oct 2019 02:25:26 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-amz-request-id: CB726BDE378FC61A
cf-ray: 5298054a3c08cb98-VIE
status: 200
x-amz-replication-status: COMPLETED
x-amz-id-2: e9G2/6/KmBvRNczRsm59s7cLWxDsRPkcTCFyfy4py/o0gxcCrCEOnWy0vxZj3u0rv/uk/rjmW8g=
last-modified: Wed, 25 Apr 2018 15:17:41 GMT
server: cloudflare
etag: W/"b8eb69bdb63beb9eb2cf977d2bdd7eec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: S57bF43tI_0uCcP8hYaxQCLBgmXwU.29
cache-control: public, max-age=1800
content-type: text/javascript
expires: Tue, 22 Oct 2019 02:55:26 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 73 KB
26 KB 27ms
27ms Script
application/javascript 2a00:1450:4001:825::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-KFT29QZ&cid=1287921810.1571711126

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

17ddca92b5c8b435507f8637266acf5faeb9d57ab5c653b7283ad2b1fe04c9d6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 22 Oct 2019 02:25:26 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 26417
x-xss-protection: 0
expires: Tue, 22 Oct 2019 02:25:26 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/979637013/ 42 B
313 B 23ms
22ms Image
image/gif 2a00:1450:4001:81c::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/979637013/?random=1571711126058&cv=9&fst=1571709600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.medicare-providers.net%2Fplans%2Ftrumpcaremedicare%2F%3FReferrer%3DMADE%26Subreferrer%3D160007%26Subid%3D512747219%26utm_source%3Dmade%26utm_medium%3Demail%26utm_content%3DTrumpmedicare%26utm_campaign%3D1&ref=https%3A%2F%2Fwww.yilopeet.com%2FPLr7mAyqz657GKa_Yu1RHm4tYo8-R5F1V5fLwBwhXrs2gJ30tFpuaNpjvprK6fLsJIGdHs3ZxWZkEYVZgrsC8g~~%2F555560%2F508179dc4fe096caf5531bbd857c3432%2F59886504%2F&tiba=Find%20Plans%20%7C%20Medicare%20Providers&fmt=3&is_vtc=1&random=1490888029&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Oct 2019 02:25:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/979637013/ 42 B
481 B 33ms
21ms Image
image/gif 2a00:1450:4001:821::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/979637013/?random=1571711126058&cv=9&fst=1571709600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.medicare-providers.net%2Fplans%2Ftrumpcaremedicare%2F%3FReferrer%3DMADE%26Subreferrer%3D160007%26Subid%3D512747219%26utm_source%3Dmade%26utm_medium%3Demail%26utm_content%3DTrumpmedicare%26utm_campaign%3D1&ref=https%3A%2F%2Fwww.yilopeet.com%2FPLr7mAyqz657GKa_Yu1RHm4tYo8-R5F1V5fLwBwhXrs2gJ30tFpuaNpjvprK6fLsJIGdHs3ZxWZkEYVZgrsC8g~~%2F555560%2F508179dc4fe096caf5531bbd857c3432%2F59886504%2F&tiba=Find%20Plans%20%7C%20Medicare%20Providers&fmt=3&is_vtc=1&random=1490888029&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Oct 2019 02:25:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=209895425&t=pageview&_s=1&dl=https%3A%2F%2Fwww.medicare-providers.net%2Fplans%2Ftrumpcaremedicare%2F%3FReferrer%3DMADE%26Subreferrer%3D160007...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-12025801-1&cid=1287921810.1571711126&jid=1951928966&_gid=1087901967.1571711126&gjid=342535187&_v=j79&z=2142982541
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12025801-1&cid=1287921810.1571711126&jid=1951928966&_v=j79&z=2142982541
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12025801-1&cid=1287921810.1571711126&jid=1951928966&_v=j79&z=2142982541&slf_rd=1&random=2537277884

42 B
109 B

17ms
17ms

Image
image/gif

2a00:1450:4001:821::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12025801-1&cid=1287921810.1571711126&jid=1951928966&_v=j79&z=2142982541&slf_rd=1&random=2537277884

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Oct 2019 02:25:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 22 Oct 2019 02:25:26 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12025801-1&cid=1287921810.1571711126&jid=1951928966&_v=j79&z=2142982541&slf_rd=1&random=2537277884
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 request.js Show response
script.anura.io/ 34 KB
12 KB 264ms
199ms Script
application/javascript 2606:4700::6811:704f
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/request.js?instance=2761973509&source=MADE&campaign=160007-MP&variable=AnuraResponse&390758114136

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:704f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0044ce084733e8dc6b59f3a6f68cc99e9421c8d3cedfca5a9588bb1d16c4da50

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Oct 2019 02:25:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=utf-8
status: 200
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 5298054b7f5559ee-VIE
expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H/1.1 200
OK map_number Show response
json7.ringrevenue.com/7/ 183 B
1 KB 873ms
557ms Script
text/javascript 52.203.143.252
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://json7.ringrevenue.com/7/map_number?av_id=30279&referer=https%3A%2F%2Fwww.yilopeet.com%2FPLr7mAyqz657GKa_Yu1RHm4tYo8-R5F1V5fLwBwhXrs2gJ30tFpuaNpjvprK6fLsJIGdHs3ZxWZkEYVZgrsC8g~~%2F555560%2F508179dc4fe096caf5531bbd857c3432%2F59886504%2F&cookies_for_url=%7B%7D&url_without_pool_params=https%3A%2F%2Fwww.medicare-providers.net%2Fplans%2Ftrumpcaremedicare%2F%3FReferrer%3DMADE%26Subreferrer%3D160007%26Subid%3D512747219%26utm_source%3Dmade%26utm_medium%3Demail%26utm_content%3DTrumpmedicare%26utm_campaign%3D1&request_cookies=true&jsoncallback=json_rr1&url=https%3A%2F%2Fwww.medicare-providers.net%2Fplans%2Ftrumpcaremedicare%2F%3FReferrer%3DMADE%26Subreferrer%3D160007%26Subid%3D512747219%26utm_source%3Dmade%26utm_medium%3Demail%26utm_content%3DTrumpmedicare%26utm_campaign%3D1

Requested by

Host: js7.invoca.net
URL: https://js7.invoca.net/7/integration.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.203.143.252 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-203-143-252.compute-1.amazonaws.com

Software

nginx/1.15.5 /

Resource Hash

b17e45610e48e2c90576302c4e42d757cf1f1b20c5fdb22572eadf540f1ded8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime: 0.038659
Date: Tue, 22 Oct 2019 02:25:27 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx/1.15.5
X-Frame-Options: SAMEORIGIN
P3P: CP="CAO DSP CURa ADMa DEVa OUR NOR DEM STA" policyref="/w3c/p3p.xml"
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Content-Length: 162
X-XSS-Protection: 1; mode=block
X-Request-Id: f07714c04562250ad82e96f10ce56405

POST
H2 200 response.json Show response
script.anura.io/ 44 B
498 B 424ms
387ms XHR
application/json 2606:4700::6811:704f
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/response.json

Requested by

Host: script.anura.io
URL: https://script.anura.io/request.js?instance=2761973509&source=MADE&campaign=160007-MP&variable=AnuraResponse&390758114136

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:704f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e571caeca6047849e5131ae9e1f07fdb2455f6c2ccebb695552897943dccebc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 22 Oct 2019 02:25:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
access-control-allow-methods: POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 5298054d6d8059a6-VIE
expires: Sun, 28 Dec 1980 18:57:00 EST

POST
H/1.1 200
OK GenerateToken Show response
create.leadid.com/2.5.2/ 36 B
850 B 395ms
132ms XHR
text/plain 34.236.206.109
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.5.2/GenerateToken?msn=1&pid=34a100dc-1bbd-4e48-9741-4d7fd0a45c5f&_=103733794
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/81c0e214-f497-a92b-ad7f-7276e94695ab.js?snippet_version=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.236.206.109 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-236-206-109.compute-1.amazonaws.com
Software: nginx/1.10.1 / PHP/7.1.30
Resource Hash: 73dffbee960fde2a919994fce1356f2b52edcee0875f1b02adfb1b7aa7faeb81

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Tue, 22 Oct 2019 02:25:27 GMT
Content-Encoding: gzip
Server: nginx/1.10.1
X-Powered-By: PHP/7.1.30
Access-Control-Max-Age: 1728000
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 56
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST result.json
script.anura.io/ 0
0

GET
H/1.1 200
OK iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame BA1B 0
0 38ms
6ms Document
text/html 143.204.98.150
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=7A533215-F628-EE16-A4E6-F9B91BFC69F1&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.5.2&lck=81C0E214-F497-A92B-AD7F-7276E94695AB&lac=478B1969-F034-6785-243D-D2DE64FC7F68
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/81c0e214-f497-a92b-ad7f-7276e94695ab.js?snippet_version=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.98.150 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-98-150.fra50.r.cloudfront.net
Software: nginx/1.10.1 /
Resource Hash

Request headers

Host: d2m2wsoho8qq12.cloudfront.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1

Response headers

Content-Type: text/html
Content-Length: 1440
Connection: keep-alive
Content-Encoding: gzip
Date: Tue, 22 Oct 2019 01:58:18 GMT
ETag: W/"5dada451-da5"
Last-Modified: Mon, 21 Oct 2019 12:28:01 GMT
P3P: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
Server: nginx/1.10.1
X-Cache: Hit from cloudfront
Via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: tQxmRYswUWh2-ORsqAHtpn7IBzAE-a3GyecGd-Tb7Gbt_NX5tLBglQ==
Age: 1609

POST
H/1.1 200
OK SaveDom Show response
create.leadid.com/2.5.2/ 0
814 B 93ms
93ms XHR
text/plain 34.236.206.109
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.5.2/SaveDom?msn=2&pid=34a100dc-1bbd-4e48-9741-4d7fd0a45c5f&token=7A533215-F628-EE16-A4E6-F9B91BFC69F1&_=103733795
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/81c0e214-f497-a92b-ad7f-7276e94695ab.js?snippet_version=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.236.206.109 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-236-206-109.compute-1.amazonaws.com
Software: nginx/1.10.1 / PHP/7.1.30
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Tue, 22 Oct 2019 02:25:27 GMT
Content-Encoding: gzip
Server: nginx/1.10.1
X-Powered-By: PHP/7.1.30
Access-Control-Max-Age: 1728000
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK InitFormData Show response
create.leadid.com/2.5.2/ 0
814 B 178ms
91ms XHR
text/plain 34.236.206.109
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.5.2/InitFormData?msn=3&pid=34a100dc-1bbd-4e48-9741-4d7fd0a45c5f&token=7A533215-F628-EE16-A4E6-F9B91BFC69F1&_=103733796
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/81c0e214-f497-a92b-ad7f-7276e94695ab.js?snippet_version=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.236.206.109 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-236-206-109.compute-1.amazonaws.com
Software: nginx/1.10.1 / PHP/7.1.30
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Tue, 22 Oct 2019 02:25:27 GMT
Content-Encoding: gzip
Server: nginx/1.10.1
X-Powered-By: PHP/7.1.30
Access-Control-Max-Age: 1728000
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK check_web_user Show response
www.medicare-providers.net/api/ 0
546 B 159ms
159ms XHR
text/html 69.20.112.197
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL

https://www.medicare-providers.net/api/check_web_user

Requested by

Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/common_scripts/leadgen/laravel/js/mp.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.20.112.197 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Pragma: no-cache
Date: Tue, 22 Oct 2019 02:25:27 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, no-cache
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H/1.1 200
OK phone_imp.php Show response
www.medicare-providers.net/common_scripts/omg/pxl/ 0
509 B 363ms
179ms XHR
text/html 69.20.112.197
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL

https://www.medicare-providers.net/common_scripts/omg/pxl/phone_imp.php?pn=8444208565&url=www.medicare-providers.net%2Fplans%2Ftrumpcaremedicare%2F%3FReferrer%3DMADE%26Subreferrer%3D160007%26Subid%3D512747219%26utm_source%3Dmade%26utm_medium%3Demail%26utm_content%3DTrumpmedicare%26utm_campaign%3D1

Requested by

Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/common_scripts/leadgen/laravel/js/mp.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.20.112.197 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Pragma: no-cache
Date: Tue, 22 Oct 2019 02:25:27 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK fraud_status.php Show response
www.medicare-providers.net/common_scripts/omg/ 0
457 B 136ms
136ms XHR
text/html 69.20.112.197
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL

https://www.medicare-providers.net/common_scripts/omg/fraud_status.php?source=anura&response=

Requested by

Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/common_scripts/leadgen/laravel/js/mp.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.20.112.197 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Pragma: no-cache
Date: Tue, 22 Oct 2019 02:25:27 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H/1.1 200
OK Snap Show response
create.leadid.com/2.5.2/ 0
814 B 610ms
263ms XHR
text/plain 3.222.216.63
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.5.2/Snap?msn=4&pid=34a100dc-1bbd-4e48-9741-4d7fd0a45c5f&token=7A533215-F628-EE16-A4E6-F9B91BFC69F1&_=103733797
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/81c0e214-f497-a92b-ad7f-7276e94695ab.js?snippet_version=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.222.216.63 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-3-222-216-63.compute-1.amazonaws.com
Software: nginx/1.10.1 / PHP/7.1.30
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Tue, 22 Oct 2019 02:25:28 GMT
Content-Encoding: gzip
Server: nginx/1.10.1
X-Powered-By: PHP/7.1.30
Access-Control-Max-Age: 1728000
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: script.anura.io
URL: https://script.anura.io/result.json

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.medicare-providers.net/	1969-12-31 23:59:59	Name: omg_visit_id Value: 5dae6897a41ad7168
www.medicare-providers.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: 04904b2d20d9aa8b8bb08fabd7c74bc4
.medicare-providers.net/	1970-01-19 05:18:23	Name: rrCookie_affiliateInfo Value: %7B%22status%22%3A%22invalid%22%2C%22mobile%22%3Afalse%2C%22number_to_replace%22%3A%22999-999-9999%22%2C%22last_validated_at%22%3A1571711127126%7D
www.medicare-providers.net/	1969-12-31 23:59:59	Name: leadid_token-478B1969-F034-6785-243D-D2DE64FC7F68-81C0E214-F497-A92B-AD7F-7276E94695AB Value: 7A533215-F628-EE16-A4E6-F9B91BFC69F1

17 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1(Line 319) Message: Created anura script
console-api	log	URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1(Line 334) Message: Passed object test
console-api	debug	URL: https://script.anura.io/request.js?instance=2761973509&source=MADE&campaign=160007-MP&variable=AnuraResponse&390758114136(Line 42) Message:
console-api	log	URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1(Line 334) Message: Passed object test
console-api	log	URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1(Line 334) Message: Passed object test
console-api	log	URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1(Line 334) Message: Passed object test
console-api	log	URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1(Line 334) Message: Passed object test
console-api	log	URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1(Line 334) Message: Passed object test
console-api	log	URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1(Line 334) Message: Passed object test
console-api	log	URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1(Line 334) Message: Passed object test
console-api	log	URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1(Line 334) Message: Passed object test
console-api	log	URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1(Line 334) Message: Passed object test
console-api	log	URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1(Line 334) Message: Passed object test
console-api	log	URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1(Line 339) Message: Got result: 003686fdf9322b373782d31501ff5b97d5b
console-api	log	URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1(Line 445) Message: Repeat user:
console-api	log	URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1(Line 379) Message: gonna get it!
console-api	log	URL: https://www.medicare-providers.net/plans/trumpcaremedicare/?Referrer=MADE&Subreferrer=160007&Subid=512747219&utm_source=made&utm_medium=email&utm_content=Trumpmedicare&utm_campaign=1(Line 384) Message: got it?

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.pushnami.com
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js7.invoca.net
json7.ringrevenue.com
script.anura.io
secure.apolloi.com
stats.g.doubleclick.net
str.art-of-groom.art
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.medicare-providers.net
www.yilopeet.com
script.anura.io
103.83.36.136
104.159.7.9
143.204.98.150
172.217.18.98
2606:4700:10::6814:4a82
2606:4700::6811:704f
2a00:1450:4001:809::200a
2a00:1450:4001:819::2002
2a00:1450:4001:81a::2003
2a00:1450:4001:81c::2004
2a00:1450:4001:821::2003
2a00:1450:4001:825::200e
2a00:1450:400c:c00::9b
3.222.216.63
34.236.206.109
52.203.108.11
52.203.143.252
54.230.95.234
69.20.112.197
69.20.94.14
0044ce084733e8dc6b59f3a6f68cc99e9421c8d3cedfca5a9588bb1d16c4da50
091098ba45445979ff4f441a8a9d55b48932aa328907318bc63c531396ef8fc5
0d9b67625f262e1eba2b5294ffbd97db236096233fb4fbb4b5cb01e8defffe1b
0f3b12dbcfa9c4be462b6176888f30d4aafd1baba153b6726854c54780fb6815
17ddca92b5c8b435507f8637266acf5faeb9d57ab5c653b7283ad2b1fe04c9d6
2b2d857fc5c80a20d6e07a2d98b8e002c9753662955a8ebac6967e46518702ea
304d56b837c5d9bcdae32502bd0e3cf7716b3f706f08ed8dc51d6ba13cb33b00
3700c7c0f24f48f6b4b6e2402969286e19418aa84f14f134e436960439726926
4745bfb123d90c3944b1af19732e3c7d74880f98379caa9ec776d603588659b3
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
57991fd35887bc08a67879ec52d707c684c0e0288e7a323970b568802affc42f
625421f442e81ee0d7e42a3eefb24a20ebba3d528cf97467cc2d600d6fe10da8
62544aad29001a77a47203b92ab8eee1c2459a748b43752aca63e5326d245cc8
73dffbee960fde2a919994fce1356f2b52edcee0875f1b02adfb1b7aa7faeb81
78549c0eb6095bbdc03a3ee91b61662e7efc30db63e4bf8bd411787685d36572
78a79d5cefe3a91bfccc9d0e3522b756e142d8c2aeba35146f2bc399b71cf4ad
86c32d1aa404959e81af9f85ea823547191b8da202cdeded40fc09c5cb8f4c99
889e5b0e0831a15afbf0a7afe2916c25500b2fa6abb5f62727b0c245415a5f12
9c0a27facba9672b2035a9776dfeb5252fc07dd314c4853def3e12089cd6d7ed
a1820c8c0119b36e17d2e52afd9b56f3638d335c0f0dafe7d2f5d0abba533625
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
b17e45610e48e2c90576302c4e42d757cf1f1b20c5fdb22572eadf540f1ded8b
b64c9b7a8fc9dd0ff5b75e95d7ba00a1f094ef9ff8641911184c50a7bdca1ab2
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
bd25c14a77fca727926a0e180d3047ca8d5a5aa301746775f28980b2d3b82e56
bee9c302260c287106b2bfa7b08e94d40d785541153c1e0808ec01c372b4c319
d0bb686236971e2f23dd56ccb538b420bfa043e4daa739b0c0b7d6549c7a771a
d3535722304c938a15fd3a0d4ad3cd961e8a8a27bb76f115054928d84024f136
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
df6e6c1253a4d12ec60534bf851d89a74c2feef171d1769bc20d66cf99c9b22d
e1e415b221fcf1939c5a3893b1e8408285a5dbf4a26c0c46f6cb461d6ca87caa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e571caeca6047849e5131ae9e1f07fdb2455f6c2ccebb695552897943dccebc5
e5b09ae4f391ccd8e04977e2330f1e533a2a507d95c609a3fd437a7ffc7cddfa
eb46f5a2602e4aa531ed3cbc824b9a87055befe12b093e7da9bbf0e64e78271f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fc7fab33a384c604e1e892730d4272f7c4ad6a82eaabb818da857e40eb56e071
fce9a6f2f7ea34cf08c5bb2847357f438d9106922abeefa20ab7c344cd493372

www.medicare-providers.net Open in urlscan Pro 69.20.112.197 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

48 Requests

98 %HTTPS

45 %IPv6

18 Domains

19 Subdomains

19 IPs

4 Countries

613 kBTransfer

1486 kBSize

4 Cookies

4 Outgoing links

Page URL History

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.medicare-providers.net Open in urlscan Pro
69.20.112.197 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

98 %
HTTPS

45 %
IPv6

18
Domains

19
Subdomains

19
IPs

4
Countries

613 kB
Transfer

1486 kB
Size

4
Cookies

48 HTTP transactions
0 data transactions