www.healthplansamerica.org Open in urlscan Pro
69.20.75.133 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://str.intern-inovate.eu/Rugosas/Cw_ZGg5v2pFcNJpCAQnE0NVjz6n9DrDCgR2KWNfGThv8Nh4RRU0fJ3lPWO-GVtEc4If2MlhLgIvZRjElmo7jsp6B...
Effective URL:
https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=em...
Submission: On July 13 via api (July 13th 2020, 7:56:29 pm UTC) from BE

Summary HTTP 41 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 16 domains to perform 41 HTTP transactions. The main IP is 69.20.75.133, located in Oviedo, United States and belongs to RACKSPACE, US. The main domain is www.healthplansamerica.org.
TLS certificate: Issued by Entrust Certification Authority - L1K on March 19th 2020. Valid for: a year.

This is the only time www.healthplansamerica.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	86.106.95.127 86.106.95.127	201117 (EBONE-NET-AS) (EBONE-NET-AS)
1	103.83.36.136 103.83.36.136	136171 (MEDHAHOST...) (MEDHAHOSTING-AS-AP Medha Hosting)
1 15	69.20.75.133 69.20.75.133	27357 (RACKSPACE) (RACKSPACE)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1	13.225.78.122 13.225.78.122	16509 (AMAZON-02) (AMAZON-02)
2	54.156.233.221 54.156.233.221	14618 (AMAZON-AES) (AMAZON-AES)
1	69.20.94.14 69.20.94.14	27357 (RACKSPACE) (RACKSPACE)
3	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
2	143.204.89.40 143.204.89.40	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:815::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:29e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	52.11.39.87 52.11.39.87	16509 (AMAZON-02) (AMAZON-02)
5	34.227.130.110 34.227.130.110	14618 (AMAZON-AES) (AMAZON-AES)
3	13.225.78.37 13.225.78.37	16509 (AMAZON-02) (AMAZON-02)
1	23.20.203.72 23.20.203.72	14618 (AMAZON-AES) (AMAZON-AES)
1	13.225.84.207 13.225.84.207	16509 (AMAZON-02) (AMAZON-02)
1	54.85.133.159 54.85.133.159	14618 (AMAZON-AES) (AMAZON-AES)
41	17

1 86.106.95.127 (United Kingdom) 1 redirects

ASN201117 (EBONE-NET-AS, GB)

str.intern-inovate.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.83.36.136 (Asheville, United States)

ASN136171 (MEDHAHOSTING-AS-AP Medha Hosting, IN)
PTR: 3fak.btuk.stream

www.yilopeet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 69.20.75.133 (Oviedo, United States) 1 redirects

ASN27357 (RACKSPACE, US)

healthplansamerica.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.healthplansamerica.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.122 (Seattle, United States)

ASN16509 (AMAZON-02, US)

js.alocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.156.233.221 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

js7.invoca.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
json7.ringrevenue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.20.94.14 (San Antonio, United States)

ASN27357 (RACKSPACE, US)

secure.apolloi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.89.40 (Seattle, United States)

ASN16509 (AMAZON-02, US)

api.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:815::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:29e5 (United States)

ASN13335 (CLOUDFLARENET, US)

create.lidstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.11.39.87 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)

p.alocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.227.130.110 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.78.37 (Seattle, United States)

ASN16509 (AMAZON-02, US)

script.anura.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.20.203.72 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

trc.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.84.207 (Seattle, United States)

ASN16509 (AMAZON-02, US)

d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.85.133.159 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

psp.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	healthplansamerica.org 1 redirects healthplansamerica.org www.healthplansamerica.org	389 KB
5	leadid.com create.leadid.com	1 KB
4	pushnami.com api.pushnami.com trc.pushnami.com psp.pushnami.com	61 KB
3	anura.io script.anura.io	42 KB
3	google-analytics.com www.google-analytics.com	46 KB
3	alocdn.com 1 redirects js.alocdn.com p.alocdn.com	2 KB
2	gstatic.com fonts.gstatic.com	20 KB
1	cloudfront.net d2m2wsoho8qq12.cloudfront.net
1	ringrevenue.com json7.ringrevenue.com	868 B
1	lidstatic.com create.lidstatic.com	39 KB
1	googletagmanager.com www.googletagmanager.com	25 KB
1	apolloi.com secure.apolloi.com
1	invoca.net js7.invoca.net	11 KB
1	googleapis.com fonts.googleapis.com	576 B
1	yilopeet.com www.yilopeet.com	526 B
1	intern-inovate.eu 1 redirects str.intern-inovate.eu	368 B
41	16

	Domain	Requested by
14	www.healthplansamerica.org	www.yilopeet.com www.healthplansamerica.org
5	create.leadid.com	create.lidstatic.com
3	script.anura.io	www.healthplansamerica.org script.anura.io
3	www.google-analytics.com	www.healthplansamerica.org www.google-analytics.com
2	p.alocdn.com	1 redirects www.healthplansamerica.org
2	fonts.gstatic.com	www.healthplansamerica.org
2	api.pushnami.com	www.healthplansamerica.org api.pushnami.com
1	psp.pushnami.com	api.pushnami.com
1	d2m2wsoho8qq12.cloudfront.net	create.lidstatic.com
1	trc.pushnami.com	api.pushnami.com
1	json7.ringrevenue.com	js7.invoca.net
1	create.lidstatic.com	www.healthplansamerica.org
1	www.googletagmanager.com	www.healthplansamerica.org
1	secure.apolloi.com	www.healthplansamerica.org
1	js7.invoca.net	www.healthplansamerica.org
1	js.alocdn.com	www.healthplansamerica.org
1	fonts.googleapis.com	www.healthplansamerica.org
1	healthplansamerica.org	1 redirects
1	www.yilopeet.com
1	str.intern-inovate.eu	1 redirects
41	20

This site contains links to these domains. Also see Links.

Domain
www.hhs.gov

Subject Issuer	Validity	Valid
www.yilopeet.com Let's Encrypt Authority X3	`2020-07-05` - `2020-10-03`	3 months	crt.sh
www.healthplansamerica.org Entrust Certification Authority - L1K	`2020-03-19` - `2021-04-18`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
*.alocdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-03-11` - `2021-03-11`	a year	crt.sh
*.invoca.net Go Daddy Secure Certificate Authority - G2	`2018-08-08` - `2020-10-30`	2 years	crt.sh
secure.apolloi.com RapidSSL RSA CA 2018	`2018-11-26` - `2021-01-04`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-06-30` - `2020-09-22`	3 months	crt.sh
*.pushnami.com Amazon	`2020-05-16` - `2021-06-16`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
lidstatic.com Cloudflare Inc ECC CA-3	`2020-05-31` - `2021-05-31`	a year	crt.sh
create.leadid.com Amazon	`2020-05-22` - `2021-06-22`	a year	crt.sh
script.anura.io Amazon	`2020-04-10` - `2021-05-10`	a year	crt.sh
*.ringrevenue.com Go Daddy Secure Certificate Authority - G2	`2019-02-09` - `2021-04-11`	2 years	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17
Frame ID: C9D0C69ABBA25BA31CF823E84210152E
Requests: 39 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=921C212C-4F05-C89B-B72C-9AD890B9D04F&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.7.0&lck=C03EF9DE-4523-077B-661E-F0BBDAA0049B&lac=478B1969-F034-6785-243D-D2DE64FC7F68
Frame ID: 81A6C953A5109C7E01DA64D0842CCB54
Requests: 1 HTTP requests in this frame

Frame: https://api.pushnami.com/scripts/v1/hub
Frame ID: 87E1E545973EAD98BB372E87C14A5348
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://str.intern-inovate.eu/Rugosas/Cw_ZGg5v2pFcNJpCAQnE0NVjz6n9DrDCgR2KWNfGThv8Nh4RRU0fJ3lPWO-GVtEc4If2... HTTP 302
https://www.yilopeet.com/vdbqhGeaTBlnd6TWFN6SO45JPdssqOcN9dxaRnKQ4Ho2gJ30tFpuaNpjvprK6fLsJIGdHs3ZxWZk... Page URL
https://healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_sourc... HTTP 301
https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_sourc... Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

41
Requests

100 %
HTTPS

28 %
IPv6

16
Domains

20
Subdomains

17
IPs

3
Countries

638 kB
Transfer

1677 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.hhs.gov/sites/default/files/AmericanPatientsFirst.pdf
Title: here

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://str.intern-inovate.eu/Rugosas/Cw_ZGg5v2pFcNJpCAQnE0NVjz6n9DrDCgR2KWNfGThv8Nh4RRU0fJ3lPWO-GVtEc4If2MlhLgIvZRjElmo7jsp6BaX9iQBdy4QMEdln3CvWipXFjnYbl30VAUFdlPgcVqY4WEzMEWitNnOD4rBsEK7iXKHTYcjSxqdEJPcqTeOuFB5Zw3Q7P-P7rZMAfZF HTTP 302
https://www.yilopeet.com/vdbqhGeaTBlnd6TWFN6SO45JPdssqOcN9dxaRnKQ4Ho2gJ30tFpuaNpjvprK6fLsJIGdHs3ZxWZkEYVZgrsC8g~~/656300/508179dc4fe096caf5531bbd857c3432/90240664/ Page URL
https://healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17 HTTP 301
https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://str.intern-inovate.eu/Rugosas/Cw_ZGg5v2pFcNJpCAQnE0NVjz6n9DrDCgR2KWNfGThv8Nh4RRU0fJ3lPWO-GVtEc4If2MlhLgIvZRjElmo7jsp6BaX9iQBdy4QMEdln3CvWipXFjnYbl30VAUFdlPgcVqY4WEzMEWitNnOD4rBsEK7iXKHTYcjSxqdEJPcqTeOuFB5Zw3Q7P-P7rZMAfZF HTTP 302
https://www.yilopeet.com/vdbqhGeaTBlnd6TWFN6SO45JPdssqOcN9dxaRnKQ4Ho2gJ30tFpuaNpjvprK6fLsJIGdHs3ZxWZkEYVZgrsC8g~~/656300/508179dc4fe096caf5531bbd857c3432/90240664/

Request Chain 20

https://p.alocdn.com/c/27y94bd1/a/etarget/p.gif?label=144142966&title=Trump%20Health%20Care%20%7C%20Free%20Online%20Health%20Quotes%20%7C%20Health%20Plans%20of%20America&url=https%3A%2F%2Fwww.healthplansamerica.org%2Fquotes%2Ftrumpcare%2F%3FReferrer%3DMADE%26Subreferrer%3D160007%26Subid%3D556518366%26utm_source%3Dmade%26utm_medium%3Demail%26utm_content%3D%26utm_campaign%3D17&referrer=https%3A%2F%2Fwww.yilopeet.com%2FvdbqhGeaTBlnd6TWFN6SO45JPdssqOcN9dxaRnKQ4Ho2gJ30tFpuaNpjvprK6fLsJIGdHs3ZxWZkEYVZgrsC8g~~%2F656300%2F508179dc4fe096caf5531bbd857c3432%2F90240664%2F HTTP 302
https://p.alocdn.com/c/27y94bd1/a/etarget/p.gif?label=144142966&title=Trump%20Health%20Care%20%7C%20Free%20Online%20Health%20Quotes%20%7C%20Health%20Plans%20of%20America&url=https%3A%2F%2Fwww.healthplansamerica.org%2Fquotes%2Ftrumpcare%2F%3FReferrer%3DMADE%26Subreferrer%3D160007%26Subid%3D556518366%26utm_source%3Dmade%26utm_medium%3Demail%26utm_content%3D%26utm_campaign%3D17&referrer=https%3A%2F%2Fwww.yilopeet.com%2FvdbqhGeaTBlnd6TWFN6SO45JPdssqOcN9dxaRnKQ4Ho2gJ30tFpuaNpjvprK6fLsJIGdHs3ZxWZkEYVZgrsC8g%7E%7E%2F656300%2F508179dc4fe096caf5531bbd857c3432%2F90240664%2F&tdc=1

41 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Cookie set / Show response
www.yilopeet.com/vdbqhGeaTBlnd6TWFN6SO45JPdssqOcN9dxaRnKQ4Ho2gJ30tFpuaNpjvprK6fLsJIGdHs3ZxWZkEYVZgrsC8g~~/656300/508179dc4fe096caf5531bbd857c3432/90240664/
Redirect Chain

http://str.intern-inovate.eu/Rugosas/Cw_ZGg5v2pFcNJpCAQnE0NVjz6n9DrDCgR2KWNfGThv8Nh4RRU0fJ3lPWO-GVtEc4If2MlhLgIvZRjElmo7jsp6BaX9iQBdy4QMEdln3CvWipXFjnYbl30VAUFdlPgcVqY4WEzMEWitNnOD4rBsEK7iXKHTYcjSx...
https://www.yilopeet.com/vdbqhGeaTBlnd6TWFN6SO45JPdssqOcN9dxaRnKQ4Ho2gJ30tFpuaNpjvprK6fLsJIGdHs3ZxWZkEYVZgrsC8g~~/656300/508179dc4fe096caf5531bbd857c3432/90240664/

222 B
526 B

654ms
297ms

Document
text/html

103.83.36.136
MEDHAHOSTING-AS-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yilopeet.com/vdbqhGeaTBlnd6TWFN6SO45JPdssqOcN9dxaRnKQ4Ho2gJ30tFpuaNpjvprK6fLsJIGdHs3ZxWZkEYVZgrsC8g~~/656300/508179dc4fe096caf5531bbd857c3432/90240664/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.83.36.136 Asheville, United States, ASN136171 (MEDHAHOSTING-AS-AP Medha Hosting, IN),
Reverse DNS: 3fak.btuk.stream
Software: Apache /
Resource Hash: 6b23346bd2f16dad230d9863bff11b028c9db547aeec79e7c022e0c85c9d6e60

Request headers

Host: www.yilopeet.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 13 Jul 2020 19:56:09 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 222
Server: Apache
Set-Cookie: uid4870=556518366-20200713155609-44d3def81b7f81f69bf8adb622ccebdf-; domain=yilopeet.com; expires=Wed, 12-Aug-2020 19:56:09 GMT; path=/; SameSite=None; Secure

Redirect headers

Server: nginx
Date: Mon, 13 Jul 2020 19:56:09 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Access-Control-Allow-Origin: *
location: https://www.yilopeet.com/vdbqhGeaTBlnd6TWFN6SO45JPdssqOcN9dxaRnKQ4Ho2gJ30tFpuaNpjvprK6fLsJIGdHs3ZxWZkEYVZgrsC8g~~/656300/508179dc4fe096caf5531bbd857c3432/90240664/

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
www.healthplansamerica.org/quotes/trumpcare/
Redirect Chain

https://healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17
https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17

19 KB
8 KB

1166ms
932ms

Document
text/html

69.20.75.133
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17

Requested by

Host: www.yilopeet.com
URL: https://www.yilopeet.com/vdbqhGeaTBlnd6TWFN6SO45JPdssqOcN9dxaRnKQ4Ho2gJ30tFpuaNpjvprK6fLsJIGdHs3ZxWZkEYVZgrsC8g~~/656300/508179dc4fe096caf5531bbd857c3432/90240664/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.75.133 Oviedo, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

nginx /

Resource Hash

5307b89984142f0bf94b5ef82afc00e95dd14287b9c9f1f90c1dcad1f0a4eae6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Host: www.healthplansamerica.org
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://www.yilopeet.com/vdbqhGeaTBlnd6TWFN6SO45JPdssqOcN9dxaRnKQ4Ho2gJ30tFpuaNpjvprK6fLsJIGdHs3ZxWZkEYVZgrsC8g~~/656300/508179dc4fe096caf5531bbd857c3432/90240664/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.yilopeet.com/vdbqhGeaTBlnd6TWFN6SO45JPdssqOcN9dxaRnKQ4Ho2gJ30tFpuaNpjvprK6fLsJIGdHs3ZxWZkEYVZgrsC8g~~/656300/508179dc4fe096caf5531bbd857c3432/90240664/

Response headers

Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=a4a90301f4b9efeb39274b4659e24717; path=/; HttpOnly XSRF-TOKEN=eyJpdiI6InppQ3pJdzk0QzFtemx3RUduM0xzT0E9PSIsInZhbHVlIjoiZU9hdWRQSXlCUVd3ZUtKRTdqWFpueGM1VVUrN1J6V001bGozVXY5R2lPQ2pkR25KSTRwVGNhd1FvaTB3aGJZcmZqVGZtY2FUZlJzRmFkcXpKdTJUZUE9PSIsIm1hYyI6IjgyZmI0ODI0OTg2MjA5YWVkNGUzM2UwZjQwMTMxMWMyZTBjYzEzMTZjZDVjOWFhMWIwYzJhY2U2ZDI1ZGNkYjkifQ%3D%3D; expires=Mon, 13-Jul-2020 21:56:11 GMT; Max-Age=7200; path=/ laravel_session=eyJpdiI6IjBmTlZUSUlEaUNlczlSR0MzQlFUTWc9PSIsInZhbHVlIjoiRlhLbHR5a1dGU2Ezd09pYXRUMGVCSUllNjJNYXM0eXowWDZJVktaQmxFWUJZRlhDYm5jOXpSNGhyeHFXU21hQ290OEdLTGkyV3B3dm1razNPeUI2T2c9PSIsIm1hYyI6IjczZDVlMjE3Mjg3MzIyMjIxODc1YjdlMDVjZTlhYTYzNmUzY2RjNjcxODBlMGM4MjU5NTBkN2Q5NmVkZjlhMTYifQ%3D%3D; expires=Mon, 13-Jul-2020 21:56:11 GMT; Max-Age=7200; path=/; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate no-cache
Pragma: no-cache
Date: Mon, 13 Jul 2020 19:56:11 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN

Redirect headers

Server: nginx
Date: Mon, 13 Jul 2020 19:56:10 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK fontawesome.min.css
www.healthplansamerica.org/common_scripts/leadgen/fonts/fontawesome/ 34 KB
9 KB 101ms
99ms Stylesheet
text/css 69.20.75.133
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthplansamerica.org/common_scripts/leadgen/fonts/fontawesome/fontawesome.min.css

Requested by

Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.75.133 Oviedo, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

nginx /

Resource Hash

889e5b0e0831a15afbf0a7afe2916c25500b2fa6abb5f62727b0c245415a5f12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 13 Jul 2020 19:56:11 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 11 Dec 2019 16:48:23 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"5df11dd7-870a"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 css
fonts.googleapis.com/ 2 KB
576 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oxygen:300,400,700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e1e415b221fcf1939c5a3893b1e8408285a5dbf4a26c0c46f6cb461d6ca87caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 13 Jul 2020 19:54:38 GMT
server: ESF
date: Mon, 13 Jul 2020 19:56:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Jul 2020 19:56:11 GMT

GET
H/1.1 200
OK hpa.css
www.healthplansamerica.org/common_scripts/leadgen/laravel/css/ 369 KB
74 KB 210ms
109ms Stylesheet
text/css 69.20.75.133
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthplansamerica.org/common_scripts/leadgen/laravel/css/hpa.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.75.133 Oviedo, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

nginx /

Resource Hash

ee5579ea00d29fd341c7ecf14e9f21f83af8e24641089fd45b267e9d8b3fd1d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 13 Jul 2020 19:56:11 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 13 Jul 2020 19:35:40 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"5f0cb78c-5c4e3"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK hpa.js Show response
www.healthplansamerica.org/common_scripts/leadgen/laravel/js/ 490 KB
162 KB 291ms
102ms Script
application/javascript 69.20.75.133
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthplansamerica.org/common_scripts/leadgen/laravel/js/hpa.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.75.133 Oviedo, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

nginx /

Resource Hash

2a96c7a234350cda5a8995454ee5ca3b943a302dec8e05b06ebeb39496d3929d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 13 Jul 2020 19:56:11 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 13 Jul 2020 19:35:40 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"5f0cb78c-7a671"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK trumpcare-ahca-logo.png
www.healthplansamerica.org/images/trumpcare-ahca/ 31 KB
32 KB 98ms
96ms Image
image/png 69.20.75.133
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.healthplansamerica.org/images/trumpcare-ahca/trumpcare-ahca-logo.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.75.133 Oviedo, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

nginx /

Resource Hash

8d053e5b8e02621e42f2b8ee967b5a991caed7f16b1d5afd236fdde048d8a3d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 13 Jul 2020 19:56:11 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 13 Mar 2020 17:34:55 GMT
Server: nginx
ETag: "5e6bc43f-7d54"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 32084

GET
H2 200 27y94bd1.js Show response
js.alocdn.com/c/ 1 KB
1 KB 53ms
12ms Script
application/javascript 13.225.78.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.alocdn.com/c/27y94bd1.js
Requested by: Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.122 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 4d0bf31f0d363f4c71f4579cc988cd7d2ac9d3cfed4c964955d408351bbca654

Request headers

Referer: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 13 Jul 2020 12:28:32 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052111.cloudfront.net (CloudFront)
server: nginx/1.16.1
age: 26859
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=28800
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: soHoyX7O0_qH7XI1Z0UaYeX9TUUeLozdpSGPz9G9iIxY8UlUHvG9ag==

GET
H2 200 integration.js Show response
js7.invoca.net/7/ 28 KB
11 KB 451ms
195ms Script
application/javascript 54.156.233.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://js7.invoca.net/7/integration.js
Requested by: Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.156.233.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.17.8 /
Resource Hash: 76682765765202442439cb73fefdfdaf34cf341dce9202375813faa29477d837

Request headers

Referer: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 13 Jul 2020 19:56:12 GMT
content-encoding: gzip
last-modified: Fri, 10 Jul 2020 20:59:29 GMT
server: nginx/1.17.8
content-type: application/javascript

GET
H/1.1 200
OK visit.php Show response
secure.apolloi.com/leadgen/pxl/ 0
0 295ms
100ms Script
text/html 69.20.94.14
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.apolloi.com/leadgen/pxl/visit.php?visit_id=144142966
Requested by: Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 69.20.94.14 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 6031
date: Mon, 13 Jul 2020 18:15:40 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Mon, 13 Jul 2020 20:15:40 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 64 KB
25 KB 21ms
20ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T8D2T6P

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6f27c5516b3eac92d60c70246d507d2cd9739caaeb821609ebbdedc43ff76244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 13 Jul 2020 19:56:11 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25629
x-xss-protection: 0
last-modified: Mon, 13 Jul 2020 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Jul 2020 19:56:11 GMT

GET
H2 200 58a34f3625ceb64f65edb3a4 Show response
api.pushnami.com/scripts/v1/pushnami-adv/ 240 KB
60 KB 227ms
204ms Script
application/javascript 143.204.89.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pushnami.com/scripts/v1/pushnami-adv/58a34f3625ceb64f65edb3a4
Requested by: Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.89.40 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 62243a846014c1bbfc56b61a2a3d0f13752049006379d6ad7fe697559498a8ae

Request headers

Referer: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 13 Jul 2020 19:56:12 GMT
via: 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
status: 200
cache-control: no-cache
content-encoding: gzip
x-amz-cf-id: RxGzOSIj6VsJ0orJor9VHURo-7yar04s8T7XK9OVZosfukuByv-rKQ==

GET
H/1.1 200
OK trumpbackground.jpg
www.healthplansamerica.org/images/trumpcare/ 1 KB
2 KB 99ms
98ms Image
image/jpeg 69.20.75.133
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.healthplansamerica.org/images/trumpcare/trumpbackground.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.75.133 Oviedo, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

nginx /

Resource Hash

8d8aa4c138b27af37bd61b6e0b139b71da31767b19d3f462c60ef95c77515468

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.healthplansamerica.org/common_scripts/leadgen/laravel/css/hpa.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 13 Jul 2020 19:56:11 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 01 Dec 2017 20:31:04 GMT
Server: nginx
ETag: "5a21bc08-4e4"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 1252

GET
H/1.1 200
OK hero.jpeg
www.healthplansamerica.org/images/trumpcare-ahca/ 59 KB
60 KB 104ms
103ms Image
image/jpeg 69.20.75.133
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.healthplansamerica.org/images/trumpcare-ahca/hero.jpeg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.75.133 Oviedo, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

nginx /

Resource Hash

8d9e4fc23f18e0c2a15d41ce46fddf9e8c1ba0096627a052e20e7b25bc96d5b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.healthplansamerica.org/common_scripts/leadgen/laravel/css/hpa.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 13 Jul 2020 19:56:11 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 01 Dec 2017 20:36:01 GMT
Server: nginx
ETag: "5a21bd31-ed5d"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 60765

GET
H/1.1 200
OK phone-icon.png
www.healthplansamerica.org/common_scripts/leadgen/laravel/images/ 937 B
1 KB 199ms
99ms Image
image/png 69.20.75.133
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.healthplansamerica.org/common_scripts/leadgen/laravel/images/phone-icon.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.75.133 Oviedo, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

nginx /

Resource Hash

125095eccae0a4deffe181229850e1d19c4e026804d8670131cb5c1825e598ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.healthplansamerica.org/common_scripts/leadgen/laravel/css/hpa.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 13 Jul 2020 19:56:11 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 11 Dec 2019 16:48:23 GMT
Server: nginx
ETag: "5df11dd7-3a9"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 937

GET
H2 200 2sDfZG1Wl4LcnbuKjk0mRUe0Aw.woff2
fonts.gstatic.com/s/oxygen/v9/ 10 KB
10 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oxygen/v9/2sDfZG1Wl4LcnbuKjk0mRUe0Aw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0f49049bbf8071312c4a4554e9332d420b7277fc310ab02fb2ef031e48128f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Oxygen:300,400,700
Origin: https://www.healthplansamerica.org

Response headers

date: Thu, 11 Jun 2020 02:25:12 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:20:18 GMT
server: sffe
age: 2827859
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10332
x-xss-protection: 0
expires: Fri, 11 Jun 2021 02:25:12 GMT

GET
H2 200 2sDcZG1Wl4LcnbuCNWgzaGW5Kb8VZA.woff2
fonts.gstatic.com/s/oxygen/v9/ 10 KB
10 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oxygen/v9/2sDcZG1Wl4LcnbuCNWgzaGW5Kb8VZA.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64f12bcd111be76f80de661978a9817e6701c7b62a84be48ca42f604c4a57a2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Oxygen:300,400,700
Origin: https://www.healthplansamerica.org

Response headers

date: Tue, 09 Jun 2020 03:08:20 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:27:29 GMT
server: sffe
age: 2998071
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10280
x-xss-protection: 0
expires: Wed, 09 Jun 2021 03:08:20 GMT

GET
H/1.1 200
OK fa-solid-900.woff2
www.healthplansamerica.org/common_scripts/leadgen/fonts/fontawesome/ 39 KB
40 KB 176ms
102ms Font
application/font-woff2 69.20.75.133
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthplansamerica.org/common_scripts/leadgen/fonts/fontawesome/fa-solid-900.woff2

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.75.133 Oviedo, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

nginx /

Resource Hash

434466b59545a8a1cac6ddb38197cdc6b35995a98c3f3812fb88d61b1c300dd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.healthplansamerica.org/common_scripts/leadgen/fonts/fontawesome/fontawesome.min.css
Origin: https://www.healthplansamerica.org

Response headers

Date: Mon, 13 Jul 2020 19:56:11 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 11 Dec 2019 16:48:23 GMT
Server: nginx
ETag: "5df11dd7-9cd4"
X-Frame-Options: SAMEORIGIN
Content-Type: application/font-woff2
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 40148

GET
H2 200 c03ef9de-4523-077b-661e-f0bbdaa0049b.js Show response
create.lidstatic.com/campaign/ 123 KB
39 KB 53ms
28ms Script
text/javascript 2606:4700:10::ac43:29e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://create.lidstatic.com/campaign/c03ef9de-4523-077b-661e-f0bbdaa0049b.js?snippet_version=2
Requested by: Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:29e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 425b00c00968109d7e706241e7af9f293767d149b97367700462d5d71ac0e59d

Request headers

Referer: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 13 Jul 2020 19:56:12 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1454
status: 200
x-amz-replication-status: COMPLETED
x-amz-request-id: 83297FA1D2D997EB
x-amz-id-2: yH2+UGsGtnszVs6HUpf/J3DteMAp6UrTxYGqlwFwR9mN/NtiFtWMJthDjwM0BC4Z2irqabANVjs=
last-modified: Tue, 21 Apr 2020 14:05:22 GMT
server: cloudflare
etag: W/"ea98cd66daf36d7c84f3e1055d947527"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1800
x-amz-version-id: vkCF2TpaFAJ68vVKe8IN1hnETg94VIL1
cf-request-id: 03eb58df64000005dcc535d200000001
cf-ray: 5b2590df0c7c05dc-FRA

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 70 KB
28 KB 20ms
19ms Script
application/javascript 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-NXJZNQR&cid=606864841.1594670172

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e009a6d44417e80611d72b1eddc2adaaba2c66799cefbb75f1fa0de9e39396ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 13 Jul 2020 19:56:12 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28226
x-xss-protection: 0
last-modified: Mon, 13 Jul 2020 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Jul 2020 19:56:12 GMT

GET
H2

200

p.gif
p.alocdn.com/c/27y94bd1/a/etarget/
Redirect Chain

https://p.alocdn.com/c/27y94bd1/a/etarget/p.gif?label=144142966&title=Trump%20Health%20Care%20%7C%20Free%20Online%20Health%20Quotes%20%7C%20Health%20Plans%20of%20America&url=https%3A%2F%2Fwww.healt...
https://p.alocdn.com/c/27y94bd1/a/etarget/p.gif?label=144142966&title=Trump%20Health%20Care%20%7C%20Free%20Online%20Health%20Quotes%20%7C%20Health%20Plans%20of%20America&url=https%3A%2F%2Fwww.healt...

42 B
351 B

171ms
170ms

Image
image/gif

52.11.39.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.alocdn.com/c/27y94bd1/a/etarget/p.gif?label=144142966&title=Trump%20Health%20Care%20%7C%20Free%20Online%20Health%20Quotes%20%7C%20Health%20Plans%20of%20America&url=https%3A%2F%2Fwww.healthplansamerica.org%2Fquotes%2Ftrumpcare%2F%3FReferrer%3DMADE%26Subreferrer%3D160007%26Subid%3D556518366%26utm_source%3Dmade%26utm_medium%3Demail%26utm_content%3D%26utm_campaign%3D17&referrer=https%3A%2F%2Fwww.yilopeet.com%2FvdbqhGeaTBlnd6TWFN6SO45JPdssqOcN9dxaRnKQ4Ho2gJ30tFpuaNpjvprK6fLsJIGdHs3ZxWZkEYVZgrsC8g%7E%7E%2F656300%2F508179dc4fe096caf5531bbd857c3432%2F90240664%2F&tdc=1
Requested by: Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.11.39.87 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 13 Jul 2020 19:56:12 GMT
server: nginx/1.16.1
content-type: image/GIF
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

status: 302
date: Mon, 13 Jul 2020 19:56:12 GMT
server: nginx/1.16.1
content-type: image/GIF
location: /c/27y94bd1/a/etarget/p.gif?label=144142966&title=Trump%20Health%20Care%20%7C%20Free%20Online%20Health%20Quotes%20%7C%20Health%20Plans%20of%20America&url=https%3A%2F%2Fwww.healthplansamerica.org%2Fquotes%2Ftrumpcare%2F%3FReferrer%3DMADE%26Subreferrer%3D160007%26Subid%3D556518366%26utm_source%3Dmade%26utm_medium%3Demail%26utm_content%3D%26utm_campaign%3D17&referrer=https%3A%2F%2Fwww.yilopeet.com%2FvdbqhGeaTBlnd6TWFN6SO45JPdssqOcN9dxaRnKQ4Ho2gJ30tFpuaNpjvprK6fLsJIGdHs3ZxWZkEYVZgrsC8g%7E%7E%2F656300%2F508179dc4fe096caf5531bbd857c3432%2F90240664%2F&tdc=1
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
108 B 15ms
14ms Image
image/gif 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1299098158&t=pageview&_s=1&dl=https%3A%2F%2Fwww.healthplansamerica.org%2Fquotes%2Ftrumpcare%2F%3FReferrer%3DMADE%26Subreferrer%3D160007%26Subid%3D556518366%26utm_source%3Dmade%26utm_medium%3Demail%26utm_content%3D%26utm_campaign%3D17&dr=https%3A%2F%2Fwww.yilopeet.com%2FvdbqhGeaTBlnd6TWFN6SO45JPdssqOcN9dxaRnKQ4Ho2gJ30tFpuaNpjvprK6fLsJIGdHs3ZxWZkEYVZgrsC8g~~%2F656300%2F508179dc4fe096caf5531bbd857c3432%2F90240664%2F&ul=en-us&de=UTF-8&dt=Trump%20Health%20Care%20%7C%20Free%20Online%20Health%20Quotes%20%7C%20Health%20Plans%20of%20America&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAAAADQ~&jid=1675512047&gjid=1255505840&cid=606864841.1594670172&tid=UA-23882117-1&_gid=2117785049.1594670172&_r=1&z=2099241792

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Jul 2020 19:56:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 GenerateToken Show response
create.leadid.com/2.7.0/ 36 B
332 B 351ms
145ms XHR
text/plain 34.227.130.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.7.0/GenerateToken?msn=1&pid=e65e9c12-a89f-4859-b99f-5cf66ee86698&_=622349972
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/c03ef9de-4523-077b-661e-f0bbdaa0049b.js?snippet_version=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.227.130.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: de9521230eb96f78660976ae529fdd364e7c8b9e63268bc13bdfe5f2b5ca3dd0

Request headers

Referer: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 13 Jul 2020 19:56:12 GMT
content-encoding: gzip
server: nginx/1.17.6
status: 200
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 request.js Show response
script.anura.io/ 40 KB
41 KB 159ms
113ms Script
application/javascript 13.225.78.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/request.js?instance=2761973509&source=MADE&campaign=160007-HPA&variable=AnuraResponse&172772286865

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.225.78.37 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ceff0fc85ea73df67677289a8b4865650594fb143e062f4b6c64125bd5735ab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Jul 2020 19:56:12 GMT
via: 1.1 90cf045072373c2c671297de3161846f.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: nginx
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
status: 200
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
x-amz-cf-id: WNxpMgfAmGbR43j7PWJ7MBG9Y2zrTrs53esV9BxHHQl_om139mQJ4Q==
expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H2 200 map_number Show response
json7.ringrevenue.com/7/ 183 B
868 B 944ms
644ms Script
text/javascript 54.156.233.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://json7.ringrevenue.com/7/map_number?av_id=30279&referer=https%3A%2F%2Fwww.yilopeet.com%2FvdbqhGeaTBlnd6TWFN6SO45JPdssqOcN9dxaRnKQ4Ho2gJ30tFpuaNpjvprK6fLsJIGdHs3ZxWZkEYVZgrsC8g~~%2F656300%2F508179dc4fe096caf5531bbd857c3432%2F90240664%2F&cookies_for_url=%7B%7D&url_without_pool_params=https%3A%2F%2Fwww.healthplansamerica.org%2Fquotes%2Ftrumpcare%2F%3FReferrer%3DMADE%26Subreferrer%3D160007%26Subid%3D556518366%26utm_source%3Dmade%26utm_medium%3Demail%26utm_content%3D%26utm_campaign%3D17&request_cookies=true&jsoncallback=json_rr1&url=https%3A%2F%2Fwww.healthplansamerica.org%2Fquotes%2Ftrumpcare%2F%3FReferrer%3DMADE%26Subreferrer%3D160007%26Subid%3D556518366%26utm_source%3Dmade%26utm_medium%3Demail%26utm_content%3D%26utm_campaign%3D17

Requested by

Host: js7.invoca.net
URL: https://js7.invoca.net/7/integration.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.156.233.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx/1.17.8 /

Resource Hash

4ef2dc2df817e9ee33d5f49908c33f575c2db91271cb41a069e354de3376ea24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-runtime: 0.072707
date: Mon, 13 Jul 2020 19:56:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.17.8
etag: W/"c50f099b4ca97338d8236e700ce6260a"
x-frame-options: SAMEORIGIN
p3p: CP="CAO DSP CURa ADMa DEVa OUR NOR DEM STA" policyref="/w3c/p3p.xml"
status: 200
cache-control: max-age=0, private, must-revalidate
content-type: text/javascript; charset=utf-8
x-xss-protection: 1; mode=block
x-request-id: 150753cad279df250a8ab4e6153e3763

POST
H2 200 track Show response
trc.pushnami.com/api/push/ 2 B
168 B 145ms
145ms Fetch
text/html 23.20.203.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/58a34f3625ceb64f65edb3a4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.20.203.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept: application/json, text/plain, */*
Referer: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
key: 58a34f3625ceb64f65edb3a4
content-type: application/x-www-form-urlencoded

Response headers

status: 200
date: Mon, 13 Jul 2020 19:56:12 GMT
cache-control: no-cache
access-control-allow-origin: *
content-type: text/html; charset=utf-8
content-length: 2
access-control-expose-headers: WWW-Authenticate,Server-Authorization

GET
H/1.1 200
OK iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame 81A6 0
0 39ms
8ms Document
text/html 13.225.84.207
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=921C212C-4F05-C89B-B72C-9AD890B9D04F&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.7.0&lck=C03EF9DE-4523-077B-661E-F0BBDAA0049B&lac=478B1969-F034-6785-243D-D2DE64FC7F68
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/c03ef9de-4523-077b-661e-f0bbdaa0049b.js?snippet_version=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.84.207 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Host: d2m2wsoho8qq12.cloudfront.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17

Response headers

Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 13 Jul 2020 08:12:55 GMT
Server: nginx/1.17.6
Last-Modified: Sun, 12 Jul 2020 11:18:09 GMT
ETag: W/"5f0af171-dbc"
P3P: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
Content-Encoding: gzip
X-Cache: Hit from cloudfront
Via: 1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C2
X-Amz-Cf-Id: JVIh-BicvHoR3__CD2kfx9NMfvQ3I9oVddaUb2eRnum-pPFzSCRdAQ==
Age: 42197

POST
H2 200 SaveDom Show response
create.leadid.com/2.7.0/ 0
298 B 104ms
104ms XHR
text/plain 34.227.130.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.7.0/SaveDom?msn=2&pid=e65e9c12-a89f-4859-b99f-5cf66ee86698&token=921C212C-4F05-C89B-B72C-9AD890B9D04F&_=622349973
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/c03ef9de-4523-077b-661e-f0bbdaa0049b.js?snippet_version=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.227.130.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 13 Jul 2020 19:56:12 GMT
content-encoding: gzip
server: nginx/1.17.6
status: 200
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 InitFormData Show response
create.leadid.com/2.7.0/ 0
298 B 105ms
104ms XHR
text/plain 34.227.130.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.7.0/InitFormData?msn=3&pid=e65e9c12-a89f-4859-b99f-5cf66ee86698&token=921C212C-4F05-C89B-B72C-9AD890B9D04F&_=622349974
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/c03ef9de-4523-077b-661e-f0bbdaa0049b.js?snippet_version=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.227.130.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 13 Jul 2020 19:56:12 GMT
content-encoding: gzip
server: nginx/1.17.6
status: 200
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 response.json Show response
script.anura.io/ 44 B
497 B 339ms
318ms XHR
application/json 13.225.78.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/response.json

Requested by

Host: script.anura.io
URL: https://script.anura.io/request.js?instance=2761973509&source=MADE&campaign=160007-HPA&variable=AnuraResponse&172772286865

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.225.78.37 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

868d73f8f23e45c6ec75e6d671196cdddb2d0d16ee27c803fc7afb92192a4b43

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 13 Jul 2020 19:56:13 GMT
via: 1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: nginx
x-amz-cf-pop: FRA2-C2
status: 200
access-control-allow-methods: POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
x-cache: Miss from cloudfront
x-amz-cf-id: deSm7PO59D25wRboWFJ6VM8SN8F8L_AwcsQMvRO7Jv5NGic8nKnmbQ==
expires: Sun, 28 Dec 1980 18:57:00 EST

POST
H2 200 Snap Show response
create.leadid.com/2.7.0/ 0
298 B 399ms
294ms XHR
text/plain 34.227.130.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.7.0/Snap?msn=4&pid=e65e9c12-a89f-4859-b99f-5cf66ee86698&token=921C212C-4F05-C89B-B72C-9AD890B9D04F&_=622349975
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/c03ef9de-4523-077b-661e-f0bbdaa0049b.js?snippet_version=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.227.130.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 13 Jul 2020 19:56:13 GMT
content-encoding: gzip
server: nginx/1.17.6
status: 200
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 hub
api.pushnami.com/scripts/v1/ Frame 87E1 0
0 16ms
16ms Document
text/html 143.204.89.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pushnami.com/scripts/v1/hub

Requested by

Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/58a34f3625ceb64f65edb3a4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.89.40 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' *
X-Content-Security-Policy	default-src 'unsafe-inline' *

Request headers

:method: GET
:authority: api.pushnami.com
:scheme: https
:path: /scripts/v1/hub
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17

Response headers

status: 200
content-type: text/html; charset=utf-8
date: Mon, 13 Jul 2020 19:38:33 GMT
access-control-allow-origin: *
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: X-Requested-With
content-security-policy: default-src 'unsafe-inline' *
x-content-security-policy: default-src 'unsafe-inline' *
x-webkit-csp: default-src 'unsafe-inline' *
cache-control: no-cache
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: t5R-26vKlwrn7_KydQ3bNYFq-xpAblCkGMz8Owv7EBzfJEX0rWN8Mw==
age: 1060

POST
H/1.1 200
OK check_web_user Show response
www.healthplansamerica.org/api/ 0
585 B 313ms
313ms XHR
text/html 69.20.75.133
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthplansamerica.org/api/check_web_user

Requested by

Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/common_scripts/leadgen/laravel/js/hpa.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.75.133 Oviedo, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Jul 2020 19:56:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, no-cache
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H/1.1 200
OK phone_imp.php Show response
www.healthplansamerica.org/common_scripts/omg/pxl/ 0
538 B 310ms
309ms XHR
text/html 69.20.75.133
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthplansamerica.org/common_scripts/omg/pxl/phone_imp.php?pn=8667200924&url=www.healthplansamerica.org%2Fquotes%2Ftrumpcare%2F%3FReferrer%3DMADE%26Subreferrer%3D160007%26Subid%3D556518366%26utm_source%3Dmade%26utm_medium%3Demail%26utm_content%3D%26utm_campaign%3D17

Requested by

Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/common_scripts/leadgen/laravel/js/hpa.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.75.133 Oviedo, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Jul 2020 19:56:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H2 200 result.json Show response
script.anura.io/ 28 B
486 B 191ms
191ms XHR
application/json 13.225.78.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/result.json

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.225.78.37 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

da24221333565ec88b855596f3fd1f589ea6e349dcfa6110adf84a45f1836f94

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 13 Jul 2020 19:56:14 GMT
via: 1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: nginx
x-amz-cf-pop: FRA2-C2
status: 200
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
x-cache: Miss from cloudfront
x-amz-cf-id: i8ur7XWNTTi_GjPBTiTxAsGIEfyMGKEl9pBq8j-FE2AnqUAgCvXgwQ==
expires: Sun, 28 Dec 1980 18:57:00 EST

POST
H2 200 psp Show response
psp.pushnami.com/api/ 2 B
231 B 104ms
104ms Fetch
text/html 54.85.133.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/58a34f3625ceb64f65edb3a4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.133.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept: application/json, text/plain, */*
Referer: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
key: 58a34f3625ceb64f65edb3a4
content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 13 Jul 2020 19:56:14 GMT
content-encoding: gzip
status: 200
vary: accept-encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.healthplansamerica.org
cache-control: no-cache
access-control-allow-credentials: true

GET
H/1.1 200
OK fraud_status.php Show response
www.healthplansamerica.org/common_scripts/omg/ 0
486 B 271ms
270ms XHR
text/html 69.20.75.133
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthplansamerica.org/common_scripts/omg/fraud_status.php?source=anura&response=

Requested by

Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/common_scripts/leadgen/laravel/js/hpa.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.75.133 Oviedo, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Jul 2020 19:56:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK fraud_status.php Show response
www.healthplansamerica.org/common_scripts/omg/ 0
486 B 188ms
187ms XHR
text/html 69.20.75.133
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthplansamerica.org/common_scripts/omg/fraud_status.php?source=anura&response={%22result%22:%22warn%22,%22mobile%22:0}

Requested by

Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/common_scripts/leadgen/laravel/js/hpa.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.75.133 Oviedo, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Jul 2020 19:56:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK fraud_status.php Show response
www.healthplansamerica.org/common_scripts/omg/ 0
486 B 599ms
599ms XHR
text/html 69.20.75.133
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthplansamerica.org/common_scripts/omg/fraud_status.php?source=anura&response={%22result%22:%22warn%22,%22mobile%22:0}

Requested by

Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/common_scripts/leadgen/laravel/js/hpa.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.75.133 Oviedo, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Jul 2020 19:56:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H2 200 Snap Show response
create.leadid.com/2.7.0/ 0
298 B 225ms
123ms XHR
text/plain 34.227.130.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.7.0/Snap?msn=5&pid=e65e9c12-a89f-4859-b99f-5cf66ee86698&token=921C212C-4F05-C89B-B72C-9AD890B9D04F&_=622349976
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/c03ef9de-4523-077b-661e-f0bbdaa0049b.js?snippet_version=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.227.130.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 13 Jul 2020 19:56:14 GMT
content-encoding: gzip
server: nginx/1.17.6
status: 200
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.deviceid.trueleadid.com/	1970-01-25 20:28:19	Name: uuid Value: d84ebd38cf554e3fa7551104f57f71f1
.healthplansamerica.org/	1970-01-19 11:41:02	Name: rrCookie_affiliateInfo Value: %7B%22status%22%3A%22invalid%22%2C%22mobile%22%3Afalse%2C%22number_to_replace%22%3A%22999-999-9999%22%2C%22last_validated_at%22%3A1594670173188%7D
www.healthplansamerica.org/	1969-12-31 23:59:59	Name: leadid_token-478B1969-F034-6785-243D-D2DE64FC7F68-C03EF9DE-4523-077B-661E-F0BBDAA0049B Value: 921C212C-4F05-C89B-B72C-9AD890B9D04F

34 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17(Line 83) Message: Now is after the close time, not displaying
console-api	log	URL: https://www.healthplansamerica.org/common_scripts/leadgen/laravel/js/hpa.js(Line 15) Message: JS: slickform.js loaded
console-api	log	URL: https://www.healthplansamerica.org/common_scripts/leadgen/laravel/js/hpa.js(Line 16) Message: JS: onestep.js loaded
console-api	log	URL: https://www.healthplansamerica.org/common_scripts/leadgen/laravel/js/hpa.js(Line 16) Message: JS: oetimer.js loaded
console-api	log	URL: https://www.healthplansamerica.org/common_scripts/leadgen/laravel/js/hpa.js(Line 16) Message: JS: clicklistings.js loaded
console-api	log	URL: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17(Line 281) Message: Created anura script
console-api	log	URL: https://api.pushnami.com/scripts/v1/pushnami-adv/58a34f3625ceb64f65edb3a4(Line 226) Message: {"event":"webpush-ssl-optin-shown","scope":"Website","scopeId":"58a34f3625ceb64f65edb3a5","pstag_android":"modern_Test_1_Desktop_Fallback"}
console-api	log	URL: https://api.pushnami.com/scripts/v1/pushnami-adv/58a34f3625ceb64f65edb3a4(Line 474) Message: {}
console-api	log	URL: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17(Line 296) Message: Passed object test
console-api	log	URL: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17(Line 296) Message: Passed object test
console-api	log	URL: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17(Line 296) Message: Passed object test
console-api	log	URL: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17(Line 296) Message: Passed object test
console-api	log	URL: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17(Line 296) Message: Passed object test
console-api	log	URL: https://api.pushnami.com/scripts/v1/pushnami-adv/58a34f3625ceb64f65edb3a4(Line 247) Message: Tracking OK [object Response]
console-api	log	URL: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17(Line 296) Message: Passed object test
console-api	log	URL: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17(Line 296) Message: Passed object test
console-api	debug	URL: https://script.anura.io/request.js?instance=2761973509&source=MADE&campaign=160007-HPA&variable=AnuraResponse&172772286865(Line 44) Message:
console-api	log	URL: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17(Line 296) Message: Passed object test
console-api	log	URL: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17(Line 296) Message: Passed object test
console-api	log	URL: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17(Line 296) Message: Passed object test
console-api	log	URL: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17(Line 296) Message: Passed object test
console-api	log	URL: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17(Line 296) Message: Passed object test
console-api	log	URL: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17(Line 296) Message: Passed object test
console-api	log	URL: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17(Line 296) Message: Passed object test
console-api	log	URL: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17(Line 296) Message: Passed object test
console-api	log	URL: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17(Line 390) Message: Repeat user:
console-api	log	URL: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17(Line 296) Message: Passed object test
console-api	log	URL: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17(Line 301) Message: Got result: 001a0b2de56ebf1aece7521729eed7c8cc9
console-api	log	URL: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17(Line 341) Message: gonna get it!
console-api	log	URL: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17(Line 346) Message: got it?
console-api	log	URL: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17(Line 341) Message: gonna get it!
console-api	log	URL: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17(Line 346) Message: got it?
console-api	log	URL: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17(Line 341) Message: gonna get it!
console-api	log	URL: https://www.healthplansamerica.org/quotes/trumpcare/?Referrer=MADE&Subreferrer=160007&Subid=556518366&utm_source=made&utm_medium=email&utm_content=&utm_campaign=17(Line 346) Message: got it?

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.pushnami.com
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
healthplansamerica.org
js.alocdn.com
js7.invoca.net
json7.ringrevenue.com
p.alocdn.com
psp.pushnami.com
script.anura.io
secure.apolloi.com
str.intern-inovate.eu
trc.pushnami.com
www.google-analytics.com
www.googletagmanager.com
www.healthplansamerica.org
www.yilopeet.com
103.83.36.136
13.225.78.122
13.225.78.37
13.225.84.207
143.204.89.40
23.20.203.72
2606:4700:10::ac43:29e5
2a00:1450:4001:801::200a
2a00:1450:4001:806::2008
2a00:1450:4001:815::2003
2a00:1450:4001:816::200e
34.227.130.110
52.11.39.87
54.156.233.221
54.85.133.159
69.20.75.133
69.20.94.14
86.106.95.127
125095eccae0a4deffe181229850e1d19c4e026804d8670131cb5c1825e598ad
2a96c7a234350cda5a8995454ee5ca3b943a302dec8e05b06ebeb39496d3929d
425b00c00968109d7e706241e7af9f293767d149b97367700462d5d71ac0e59d
434466b59545a8a1cac6ddb38197cdc6b35995a98c3f3812fb88d61b1c300dd3
4d0bf31f0d363f4c71f4579cc988cd7d2ac9d3cfed4c964955d408351bbca654
4ef2dc2df817e9ee33d5f49908c33f575c2db91271cb41a069e354de3376ea24
5307b89984142f0bf94b5ef82afc00e95dd14287b9c9f1f90c1dcad1f0a4eae6
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
62243a846014c1bbfc56b61a2a3d0f13752049006379d6ad7fe697559498a8ae
64f12bcd111be76f80de661978a9817e6701c7b62a84be48ca42f604c4a57a2e
6b23346bd2f16dad230d9863bff11b028c9db547aeec79e7c022e0c85c9d6e60
6f27c5516b3eac92d60c70246d507d2cd9739caaeb821609ebbdedc43ff76244
76682765765202442439cb73fefdfdaf34cf341dce9202375813faa29477d837
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
868d73f8f23e45c6ec75e6d671196cdddb2d0d16ee27c803fc7afb92192a4b43
889e5b0e0831a15afbf0a7afe2916c25500b2fa6abb5f62727b0c245415a5f12
8d053e5b8e02621e42f2b8ee967b5a991caed7f16b1d5afd236fdde048d8a3d0
8d8aa4c138b27af37bd61b6e0b139b71da31767b19d3f462c60ef95c77515468
8d9e4fc23f18e0c2a15d41ce46fddf9e8c1ba0096627a052e20e7b25bc96d5b5
ceff0fc85ea73df67677289a8b4865650594fb143e062f4b6c64125bd5735ab2
da24221333565ec88b855596f3fd1f589ea6e349dcfa6110adf84a45f1836f94
de9521230eb96f78660976ae529fdd364e7c8b9e63268bc13bdfe5f2b5ca3dd0
e009a6d44417e80611d72b1eddc2adaaba2c66799cefbb75f1fa0de9e39396ff
e0f49049bbf8071312c4a4554e9332d420b7277fc310ab02fb2ef031e48128f8
e1e415b221fcf1939c5a3893b1e8408285a5dbf4a26c0c46f6cb461d6ca87caa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee5579ea00d29fd341c7ecf14e9f21f83af8e24641089fd45b267e9d8b3fd1d5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

www.healthplansamerica.org Open in urlscan Pro 69.20.75.133 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

41 Requests

100 %HTTPS

28 %IPv6

16 Domains

20 Subdomains

17 IPs

3 Countries

638 kBTransfer

1677 kBSize

3 Cookies

1 Outgoing links

Page URL History

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.healthplansamerica.org Open in urlscan Pro
69.20.75.133 Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

100 %
HTTPS

28 %
IPv6

16
Domains

20
Subdomains

17
IPs

3
Countries

638 kB
Transfer

1677 kB
Size

3
Cookies

41 HTTP transactions
0 data transactions