www.healthplansamerica.org Open in urlscan Pro
69.20.75.133 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://storage.googleapis.com/linkzouakclik/lienskh.html#c39916vlFGL30283587rnlD8130JqZ19784QLAU4440
Effective URL:
https://www.healthplansamerica.org/quotes/bidencare?Referrer=CLFBCWK&Subreferrer=350655&Subid=614403914&utm_source=CLFBCWK&utm_medi...
Submission: On October 03 via api (October 3rd 2021, 4:01:30 pm UTC) from BE — Scanned from DE

Summary HTTP 64 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 23 IPs in 5 countries across 19 domains to perform 64 HTTP transactions. The main IP is 69.20.75.133, located in San Antonio, United States and belongs to RACKSPACE, US. The main domain is www.healthplansamerica.org.
TLS certificate: Issued by Entrust Certification Authority - L1K on March 30th 2021. Valid for: a year.

This is the only time www.healthplansamerica.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	142.250.181.240 142.250.181.240	15169 (GOOGLE) (GOOGLE)
1 2	188.246.230.30 188.246.230.30	49505 (SELECTEL) (SELECTEL)
1	107.172.12.219 107.172.12.219	36352 (AS-COLOCR...) (AS-COLOCROSSING)
16	69.20.75.133 69.20.75.133	27357 (RACKSPACE) (RACKSPACE)
2	172.217.16.138 172.217.16.138	15169 (GOOGLE) (GOOGLE)
1	69.20.94.14 69.20.94.14	27357 (RACKSPACE) (RACKSPACE)
3	142.250.186.142 142.250.186.142	15169 (GOOGLE) (GOOGLE)
1	172.217.16.136 172.217.16.136	15169 (GOOGLE) (GOOGLE)
5	13.32.99.63 13.32.99.63	16509 (AMAZON-02) (AMAZON-02)
3	142.250.184.227 142.250.184.227	15169 (GOOGLE) (GOOGLE)
1	208.68.39.149 208.68.39.149	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	13.107.21.200 13.107.21.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	31.13.92.14 31.13.92.14	32934 (FACEBOOK) (FACEBOOK)
1	104.22.39.182 104.22.39.182	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.66.97.87 18.66.97.87	16509 (AMAZON-02) (AMAZON-02)
2	31.13.92.36 31.13.92.36	32934 (FACEBOOK) (FACEBOOK)
3	18.133.97.68 18.133.97.68	16509 (AMAZON-02) (AMAZON-02)
8	52.200.243.50 52.200.243.50	14618 (AMAZON-AES) (AMAZON-AES)
1	52.222.206.97 52.222.206.97	16509 (AMAZON-02) (AMAZON-02)
1	52.2.22.185 52.2.22.185	14618 (AMAZON-AES) (AMAZON-AES)
2	206.189.187.108 206.189.187.108	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	54.159.124.237 54.159.124.237	14618 (AMAZON-AES) (AMAZON-AES)
64	23

1 142.250.181.240 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f16.1e100.net

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.246.230.30 (Russian Federation) 1 redirects

ASN49505 (SELECTEL, RU)

despacito.sa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.172.12.219 (United States)

ASN36352 (AS-COLOCROSSING, US)
PTR: 107-172-12-219-host.colocrossing.com

cuttingedgeteh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 69.20.75.133 (San Antonio, United States)

ASN27357 (RACKSPACE, US)
PTR: www.healthplansamerica.org

www.healthplansamerica.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.20.94.14 (San Antonio, United States)

ASN27357 (RACKSPACE, US)
PTR: secure.apolloi.com

secure.apolloi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.136 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f136.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.32.99.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-63.fra60.r.cloudfront.net

api.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.68.39.149 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: cdn100.acsbapp.com

acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.92.14 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-frt3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.39.182 (None, )

ASN13335 (CLOUDFLARENET, US)

create.lidstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.97.87 (United States)

ASN16509 (AMAZON-02, US)

solutions.invocacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.92.36 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-frt3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.133.97.68 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-133-97-68.eu-west-2.compute.amazonaws.com

script.anura.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.200.243.50 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-243-50.compute-1.amazonaws.com

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.206.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-206-97.fra56.r.cloudfront.net

d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.2.22.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-22-185.compute-1.amazonaws.com

deviceid.trueleadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 206.189.187.108 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: cdn103.acsbapp.com

cdn.acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.159.124.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-159-124-237.compute-1.amazonaws.com

psp.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	healthplansamerica.org www.healthplansamerica.org	627 KB
8	leadid.com create.leadid.com	2 KB
7	pushnami.com api.pushnami.com trc.pushnami.com Failed psp.pushnami.com	84 KB
3	anura.io script.anura.io	48 KB
3	bing.com bat.bing.com	10 KB
3	acsbapp.com acsbapp.com cdn.acsbapp.com	158 KB
3	gstatic.com fonts.gstatic.com	54 KB
3	google-analytics.com www.google-analytics.com	60 KB
3	googleapis.com storage.googleapis.com fonts.googleapis.com	3 KB
2	facebook.com www.facebook.com	404 B
2	invocacdn.com solutions.invocacdn.com	41 KB
2	facebook.net connect.facebook.net	170 KB
2	sa.com 1 redirects despacito.sa.com	586 B
1	trueleadid.com deviceid.trueleadid.com	2 KB
1	cloudfront.net d2m2wsoho8qq12.cloudfront.net	2 KB
1	lidstatic.com create.lidstatic.com	39 KB
1	googletagmanager.com www.googletagmanager.com	41 KB
1	apolloi.com secure.apolloi.com
1	cuttingedgeteh.com cuttingedgeteh.com	584 B
64	19

	Domain	Requested by
16	www.healthplansamerica.org	cuttingedgeteh.com www.healthplansamerica.org
8	create.leadid.com	create.lidstatic.com deviceid.trueleadid.com
5	api.pushnami.com	www.healthplansamerica.org api.pushnami.com
3	script.anura.io	www.healthplansamerica.org script.anura.io
3	bat.bing.com	www.healthplansamerica.org bat.bing.com
3	fonts.gstatic.com	fonts.googleapis.com
3	www.google-analytics.com	www.healthplansamerica.org www.google-analytics.com
2	psp.pushnami.com	api.pushnami.com
2	cdn.acsbapp.com	acsbapp.com
2	www.facebook.com	www.healthplansamerica.org
2	solutions.invocacdn.com	www.healthplansamerica.org solutions.invocacdn.com
2	connect.facebook.net	www.healthplansamerica.org connect.facebook.net
2	fonts.googleapis.com	www.healthplansamerica.org
2	despacito.sa.com	1 redirects storage.googleapis.com
1	deviceid.trueleadid.com	d2m2wsoho8qq12.cloudfront.net
1	d2m2wsoho8qq12.cloudfront.net	create.lidstatic.com
1	create.lidstatic.com	www.healthplansamerica.org
1	acsbapp.com	www.healthplansamerica.org
1	www.googletagmanager.com	www.healthplansamerica.org
1	secure.apolloi.com	www.healthplansamerica.org
1	cuttingedgeteh.com	despacito.sa.com
1	storage.googleapis.com
0	trc.pushnami.com Failed	api.pushnami.com
64	23

This site contains links to these domains. Also see Links.

Domain
accessibe.com

Subject Issuer	Validity	Valid
*.storage.googleapis.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
cuttingedgeteh.com R3	`2021-09-14` - `2021-12-13`	3 months	crt.sh
www.healthplansamerica.org Entrust Certification Authority - L1K	`2021-03-30` - `2022-04-18`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
secure.apolloi.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2020-12-14` - `2021-12-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.pushnami.com Amazon	`2021-04-18` - `2022-05-17`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.acsbapp.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-09-23` - `2022-10-05`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-09-30` - `2022-03-30`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-09` - `2021-12-08`	3 months	crt.sh
lidstatic.com Cloudflare Inc ECC CA-3	`2021-04-30` - `2022-04-29`	a year	crt.sh
invocacdn.com Amazon	`2020-12-24` - `2022-01-22`	a year	crt.sh
script.anura.io Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
create.leadid.com Amazon	`2021-04-24` - `2022-05-23`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
deviceid.trueleadid.com Amazon	`2021-02-06` - `2022-03-07`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.healthplansamerica.org/quotes/bidencare?Referrer=CLFBCWK&Subreferrer=350655&Subid=614403914&utm_source=CLFBCWK&utm_medium=email&utm_content=plans&utm_campaign=BC
Frame ID: 7712DDB1D57D174D6BDBFA579E20BDC2
Requests: 61 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=FD27B9DB-22BD-DE58-7698-4940E5315D8E&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.7&lck=C03EF9DE-4523-077B-661E-F0BBDAA0049B&lac=478B1969-F034-6785-243D-D2DE64FC7F68
Frame ID: 449FD6204389897CCF1A36B5AB2C4C93
Requests: 1 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=FD27B9DB-22BD-DE58-7698-4940E5315D8E&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.7&lck=C03EF9DE-4523-077B-661E-F0BBDAA0049B&lac=478B1969-F034-6785-243D-D2DE64FC7F68
Frame ID: 2CBD996C5A49F79B1D5BCE746C32ACDA
Requests: 2 HTTP requests in this frame

Frame: https://api.pushnami.com/scripts/v1/hub
Frame ID: 765C47D5D8F19EC85967516F2CBE243B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BidenCare | Health Plans of America

Page URL History Show full URLs

https://storage.googleapis.com/linkzouakclik/lienskh.html Page URL
http://despacito.sa.com/rd/c39916vlFGL30283587rnlD8130JqZ19784QLAU4440 Page URL
http://despacito.sa.com/track/c39916vlFGL30283587rnlD8130JqZ19784QLAU4440 HTTP 302
https://cuttingedgeteh.com/0/2/9240/314c58432157265f8e13bc6c51340929/14/4440-39916/30283587-8130-19784 Page URL
https://www.healthplansamerica.org/quotes/bidencare?Referrer=CLFBCWK&Subreferrer=350655&Subid=614403914&utm_sou... Page URL

Detected technologies

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Pushnami (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

api\.pushnami\.com

Page Statistics

64
Requests

95 %
HTTPS

0 %
IPv6

19
Domains

23
Subdomains

23
IPs

5
Countries

1342 kB
Transfer

3611 kB
Size

16
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://accessibe.com/?utm_medium=link&utm_source=widget
Title: Web Accessibility Solution By accessiBe

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://storage.googleapis.com/linkzouakclik/lienskh.html Page URL
http://despacito.sa.com/rd/c39916vlFGL30283587rnlD8130JqZ19784QLAU4440 Page URL
http://despacito.sa.com/track/c39916vlFGL30283587rnlD8130JqZ19784QLAU4440 HTTP 302
https://cuttingedgeteh.com/0/2/9240/314c58432157265f8e13bc6c51340929/14/4440-39916/30283587-8130-19784 Page URL
https://www.healthplansamerica.org/quotes/bidencare?Referrer=CLFBCWK&Subreferrer=350655&Subid=614403914&utm_source=CLFBCWK&utm_medium=email&utm_content=plans&utm_campaign=BC Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

http://despacito.sa.com/track/c39916vlFGL30283587rnlD8130JqZ19784QLAU4440 HTTP 302
https://cuttingedgeteh.com/0/2/9240/314c58432157265f8e13bc6c51340929/14/4440-39916/30283587-8130-19784

64 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 lienskh.html
storage.googleapis.com/linkzouakclik/ 251 B
847 B 31ms
7ms Document
text/html 142.250.181.240
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/linkzouakclik/lienskh.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.181.240 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f16.1e100.net
Software: UploadServer /
Resource Hash

Request headers

:method: GET
:authority: storage.googleapis.com
:scheme: https
:path: /linkzouakclik/lienskh.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

x-guploader-uploadid: ADPycdv5phMMKUFkG2PAOSizU1fCcULCCl8lF-2X8l6gliu1k9eJp-oOpdHF9orRBhzikJL05DcVGAQOUJOvoPBgAWE
expires: Sun, 03 Oct 2021 16:02:51 GMT
date: Sun, 03 Oct 2021 15:02:51 GMT
last-modified: Sun, 18 Jul 2021 12:54:09 GMT
etag: "7d093228920071553201589043d124a4"
x-goog-generation: 1626612849675998
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 251
content-type: text/html
x-goog-hash: crc32c=cIvPAw== md5=fQkyKJIAcVUyAViQQ9EkpA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 251
server: UploadServer
age: 3508
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK c39916vlFGL30283587rnlD8130JqZ19784QLAU4440
despacito.sa.com/rd/ 235 B
352 B 76ms
38ms Document
text/html 188.246.230.30
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: http://despacito.sa.com/rd/c39916vlFGL30283587rnlD8130JqZ19784QLAU4440
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/linkzouakclik/lienskh.html
Protocol: HTTP/1.1
Server: 188.246.230.30 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: /
Resource Hash

Request headers

Host: despacito.sa.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Content-Type: text/html; charset=utf-8
Date: Sun, 03 Oct 2021 16:01:20 GMT
Content-Length: 235

GET
H/1.1

200
OK

30283587-8130-19784
cuttingedgeteh.com/0/2/9240/314c58432157265f8e13bc6c51340929/14/4440-39916/
Redirect Chain

http://despacito.sa.com/track/c39916vlFGL30283587rnlD8130JqZ19784QLAU4440
https://cuttingedgeteh.com/0/2/9240/314c58432157265f8e13bc6c51340929/14/4440-39916/30283587-8130-19784

236 B
584 B

735ms
405ms

Document
text/html

107.172.12.219
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to

Full URL: https://cuttingedgeteh.com/0/2/9240/314c58432157265f8e13bc6c51340929/14/4440-39916/30283587-8130-19784
Requested by: Host: despacito.sa.com
URL: http://despacito.sa.com/rd/c39916vlFGL30283587rnlD8130JqZ19784QLAU4440
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.172.12.219 , United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS: 107-172-12-219-host.colocrossing.com
Software: Apache /
Resource Hash

Request headers

Host: cuttingedgeteh.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: http://despacito.sa.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://despacito.sa.com/rd/c39916vlFGL30283587rnlD8130JqZ19784QLAU4440

Response headers

date: Sun, 03 Oct 2021 16:01:20 GMT
content-type: text/html; charset=UTF-8
server: Apache
set-cookie: uid2349=614403914-20211003120120-a2527708b50f743ac0f7ed22ffc9d8d2-; domain=; expires=Wed, 03-Nov-2021 15:01:20 GMT; path=/; SameSite=None; Secure
content-encoding: gzip
transfer-encoding: chunked
vary: Accept-Encoding

Redirect headers

Content-Type: text/html; charset=utf-8
Location: https://cuttingedgeteh.com/0/2/9240/314c58432157265f8e13bc6c51340929/14/4440-39916/30283587-8130-19784
Date: Sun, 03 Oct 2021 16:01:20 GMT
Content-Length: 125

GET
H/1.1 200
OK Primary Request Cookie set bidencare Show response
www.healthplansamerica.org/quotes/ 47 KB
17 KB 1225ms
859ms Document
text/html 69.20.75.133
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthplansamerica.org/quotes/bidencare?Referrer=CLFBCWK&Subreferrer=350655&Subid=614403914&utm_source=CLFBCWK&utm_medium=email&utm_content=plans&utm_campaign=BC

Requested by

Host: cuttingedgeteh.com
URL: https://cuttingedgeteh.com/0/2/9240/314c58432157265f8e13bc6c51340929/14/4440-39916/30283587-8130-19784

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.75.133 San Antonio, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.healthplansamerica.org

Software

nginx /

Resource Hash

ca1a9f03bbdbe056384418390b9e6896e1159dee2c0a793dfa66344f303f2953

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Host: www.healthplansamerica.org
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://cuttingedgeteh.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cuttingedgeteh.com/

Response headers

Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=3465dbe93dd97d9558502bbc1c093364; path=/; HttpOnly mobile_detection=a%3A0%3A%7B%7D; expires=Mon, 04-Oct-2021 16:01:21 GMT; Max-Age=86400; path=/; domain=www.healthplansamerica.org XSRF-TOKEN=eyJpdiI6IktLQ2lab1BWRVJvbHNYWStJNEdjV2c9PSIsInZhbHVlIjoiOW1YamJSZTNUVjdZMGFlSnBpcFpmbU1idHlEQzFWRU1sc1dPWWZzRk9mRXNlN0c3QVJzdmFWSVhJNElQUUp3MWxoK08wT2NqTTBLT3d2THM1Ynh1c2c9PSIsIm1hYyI6ImViYmYxNTk3YWExYzBkOTliYzllZWE1MzYzN2I3MDRiNGZlMjIxZWU4ZThhZWFkYjUwNmI0M2FkMzgyNmM0OTYifQ%3D%3D; expires=Sun, 03-Oct-2021 18:01:21 GMT; Max-Age=7200; path=/ laravel_session=eyJpdiI6Ijd4c3NGQitENmJSRzR1VWM3eTFXVnc9PSIsInZhbHVlIjoiR2Z3NXZkR3ZQU2JPaldwZ1wvTHp0bE5YdkhLM05uVjNqaDIwM0p6cVBFV2VLcENiNDRoRkoxZ3VQTyttdzBXYWxBWllCSXFNNVNCVkZ4SkpTbFhpZmxnPT0iLCJtYWMiOiJiYzdhZmE2NTRkMmZjNTVjZjg3NmNhMDg0ZGQxYzRmZWYxMDgzZWY3YjAxZmI0NTg1YmVmMmM0NDljMDU3ZTdjIn0%3D; expires=Sun, 03-Oct-2021 18:01:21 GMT; Max-Age=7200; path=/; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate no-cache
Pragma: no-cache
Date: Sun, 03 Oct 2021 16:01:21 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK fontawesome.min.css
www.healthplansamerica.org/common_scripts/leadgen/fonts/fontawesome/ 34 KB
9 KB 93ms
93ms Stylesheet
text/css 69.20.75.133
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthplansamerica.org/common_scripts/leadgen/fonts/fontawesome/fontawesome.min.css

Requested by

Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/quotes/bidencare?Referrer=CLFBCWK&Subreferrer=350655&Subid=614403914&utm_source=CLFBCWK&utm_medium=email&utm_content=plans&utm_campaign=BC

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.75.133 San Antonio, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.healthplansamerica.org

Software

nginx /

Resource Hash

889e5b0e0831a15afbf0a7afe2916c25500b2fa6abb5f62727b0c245415a5f12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.healthplansamerica.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.healthplansamerica.org/quotes/bidencare?Referrer=CLFBCWK&Subreferrer=350655&Subid=614403914&utm_source=CLFBCWK&utm_medium=email&utm_content=plans&utm_campaign=BC
Cookie: PHPSESSID=3465dbe93dd97d9558502bbc1c093364; mobile_detection=a%3A0%3A%7B%7D; XSRF-TOKEN=eyJpdiI6IktLQ2lab1BWRVJvbHNYWStJNEdjV2c9PSIsInZhbHVlIjoiOW1YamJSZTNUVjdZMGFlSnBpcFpmbU1idHlEQzFWRU1sc1dPWWZzRk9mRXNlN0c3QVJzdmFWSVhJNElQUUp3MWxoK08wT2NqTTBLT3d2THM1Ynh1c2c9PSIsIm1hYyI6ImViYmYxNTk3YWExYzBkOTliYzllZWE1MzYzN2I3MDRiNGZlMjIxZWU4ZThhZWFkYjUwNmI0M2FkMzgyNmM0OTYifQ%3D%3D; laravel_session=eyJpdiI6Ijd4c3NGQitENmJSRzR1VWM3eTFXVnc9PSIsInZhbHVlIjoiR2Z3NXZkR3ZQU2JPaldwZ1wvTHp0bE5YdkhLM05uVjNqaDIwM0p6cVBFV2VLcENiNDRoRkoxZ3VQTyttdzBXYWxBWllCSXFNNVNCVkZ4SkpTbFhpZmxnPT0iLCJtYWMiOiJiYzdhZmE2NTRkMmZjNTVjZjg3NmNhMDg0ZGQxYzRmZWYxMDgzZWY3YjAxZmI0NTg1YmVmMmM0NDljMDU3ZTdjIn0%3D
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/quotes/bidencare?Referrer=CLFBCWK&Subreferrer=350655&Subid=614403914&utm_source=CLFBCWK&utm_medium=email&utm_content=plans&utm_campaign=BC
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 03 Oct 2021 16:01:22 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 11 Dec 2019 16:48:23 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"5df11dd7-870a"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Cache-Control: max-age=900 public, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sun, 03 Oct 2021 16:16:22 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
493 B 44ms
18ms Stylesheet
text/css 172.217.16.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oxygen:300,400,700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f10.1e100.net

Software

ESF /

Resource Hash

aaac1ee6b9c6440ad1693c509e910730abc89c7f19f171d87d8a96bdbef8819c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 03 Oct 2021 14:03:39 GMT
server: ESF
date: Sun, 03 Oct 2021 16:01:22 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Sun, 03 Oct 2021 16:01:22 GMT

GET
H/1.1 200
OK hpa.css
www.healthplansamerica.org/common_scripts/leadgen/laravel/css/ 536 KB
103 KB 280ms
279ms Stylesheet
text/css 69.20.75.133
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthplansamerica.org/common_scripts/leadgen/laravel/css/hpa.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.75.133 San Antonio, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.healthplansamerica.org

Software

nginx /

Resource Hash

e4ffbef72cac2936a5add276b7011e85dc1d9be6708cf11996584a7e7eb58f6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.healthplansamerica.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.healthplansamerica.org/quotes/bidencare?Referrer=CLFBCWK&Subreferrer=350655&Subid=614403914&utm_source=CLFBCWK&utm_medium=email&utm_content=plans&utm_campaign=BC
Cookie: PHPSESSID=3465dbe93dd97d9558502bbc1c093364; mobile_detection=a%3A0%3A%7B%7D; XSRF-TOKEN=eyJpdiI6IktLQ2lab1BWRVJvbHNYWStJNEdjV2c9PSIsInZhbHVlIjoiOW1YamJSZTNUVjdZMGFlSnBpcFpmbU1idHlEQzFWRU1sc1dPWWZzRk9mRXNlN0c3QVJzdmFWSVhJNElQUUp3MWxoK08wT2NqTTBLT3d2THM1Ynh1c2c9PSIsIm1hYyI6ImViYmYxNTk3YWExYzBkOTliYzllZWE1MzYzN2I3MDRiNGZlMjIxZWU4ZThhZWFkYjUwNmI0M2FkMzgyNmM0OTYifQ%3D%3D; laravel_session=eyJpdiI6Ijd4c3NGQitENmJSRzR1VWM3eTFXVnc9PSIsInZhbHVlIjoiR2Z3NXZkR3ZQU2JPaldwZ1wvTHp0bE5YdkhLM05uVjNqaDIwM0p6cVBFV2VLcENiNDRoRkoxZ3VQTyttdzBXYWxBWllCSXFNNVNCVkZ4SkpTbFhpZmxnPT0iLCJtYWMiOiJiYzdhZmE2NTRkMmZjNTVjZjg3NmNhMDg0ZGQxYzRmZWYxMDgzZWY3YjAxZmI0NTg1YmVmMmM0NDljMDU3ZTdjIn0%3D
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/quotes/bidencare?Referrer=CLFBCWK&Subreferrer=350655&Subid=614403914&utm_source=CLFBCWK&utm_medium=email&utm_content=plans&utm_campaign=BC
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 03 Oct 2021 16:01:22 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 23 Sep 2021 18:03:41 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"614cc17d-86008"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Cache-Control: max-age=900 public, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sun, 03 Oct 2021 16:16:22 GMT

GET
H/1.1 200
OK hpa.js Show response
www.healthplansamerica.org/common_scripts/leadgen/laravel/js/ 517 KB
169 KB 188ms
95ms Script
application/javascript 69.20.75.133
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthplansamerica.org/common_scripts/leadgen/laravel/js/hpa.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.75.133 San Antonio, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.healthplansamerica.org

Software

nginx /

Resource Hash

43c0ce389677e908927c7c204a60cac80af5eacb970ad2eed4aa86705ac49139

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.healthplansamerica.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.healthplansamerica.org/quotes/bidencare?Referrer=CLFBCWK&Subreferrer=350655&Subid=614403914&utm_source=CLFBCWK&utm_medium=email&utm_content=plans&utm_campaign=BC
Cookie: PHPSESSID=3465dbe93dd97d9558502bbc1c093364; mobile_detection=a%3A0%3A%7B%7D; XSRF-TOKEN=eyJpdiI6IktLQ2lab1BWRVJvbHNYWStJNEdjV2c9PSIsInZhbHVlIjoiOW1YamJSZTNUVjdZMGFlSnBpcFpmbU1idHlEQzFWRU1sc1dPWWZzRk9mRXNlN0c3QVJzdmFWSVhJNElQUUp3MWxoK08wT2NqTTBLT3d2THM1Ynh1c2c9PSIsIm1hYyI6ImViYmYxNTk3YWExYzBkOTliYzllZWE1MzYzN2I3MDRiNGZlMjIxZWU4ZThhZWFkYjUwNmI0M2FkMzgyNmM0OTYifQ%3D%3D; laravel_session=eyJpdiI6Ijd4c3NGQitENmJSRzR1VWM3eTFXVnc9PSIsInZhbHVlIjoiR2Z3NXZkR3ZQU2JPaldwZ1wvTHp0bE5YdkhLM05uVjNqaDIwM0p6cVBFV2VLcENiNDRoRkoxZ3VQTyttdzBXYWxBWllCSXFNNVNCVkZ4SkpTbFhpZmxnPT0iLCJtYWMiOiJiYzdhZmE2NTRkMmZjNTVjZjg3NmNhMDg0ZGQxYzRmZWYxMDgzZWY3YjAxZmI0NTg1YmVmMmM0NDljMDU3ZTdjIn0%3D
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/quotes/bidencare?Referrer=CLFBCWK&Subreferrer=350655&Subid=614403914&utm_source=CLFBCWK&utm_medium=email&utm_content=plans&utm_campaign=BC
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 03 Oct 2021 16:01:22 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 23 Sep 2021 18:03:41 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"614cc17d-813cb"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=900 public, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sun, 03 Oct 2021 16:16:22 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 42ms
17ms Stylesheet
text/css 172.217.16.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Merriweather&family=Nunito+Sans:wght@700;800&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f10.1e100.net

Software

ESF /

Resource Hash

f2ed87e538d30c68de1b937fbfcdf73773f8e8c21497efe24de65dbf21d1519f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 03 Oct 2021 16:01:22 GMT
server: ESF
date: Sun, 03 Oct 2021 16:01:22 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Sun, 03 Oct 2021 16:01:22 GMT

GET
H/1.1 200
OK biden-content.jpg
www.healthplansamerica.org/images/biden/ 40 KB
41 KB 93ms
93ms Image
image/jpeg 69.20.75.133
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.healthplansamerica.org/images/biden/biden-content.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.75.133 San Antonio, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.healthplansamerica.org

Software

nginx /

Resource Hash

078e7a60b04ee3e147dc98ff75aea55b9685f51292fec211e9bb9f4f567b627d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.healthplansamerica.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.healthplansamerica.org/quotes/bidencare?Referrer=CLFBCWK&Subreferrer=350655&Subid=614403914&utm_source=CLFBCWK&utm_medium=email&utm_content=plans&utm_campaign=BC
Cookie: PHPSESSID=3465dbe93dd97d9558502bbc1c093364; mobile_detection=a%3A0%3A%7B%7D; XSRF-TOKEN=eyJpdiI6IktLQ2lab1BWRVJvbHNYWStJNEdjV2c9PSIsInZhbHVlIjoiOW1YamJSZTNUVjdZMGFlSnBpcFpmbU1idHlEQzFWRU1sc1dPWWZzRk9mRXNlN0c3QVJzdmFWSVhJNElQUUp3MWxoK08wT2NqTTBLT3d2THM1Ynh1c2c9PSIsIm1hYyI6ImViYmYxNTk3YWExYzBkOTliYzllZWE1MzYzN2I3MDRiNGZlMjIxZWU4ZThhZWFkYjUwNmI0M2FkMzgyNmM0OTYifQ%3D%3D; laravel_session=eyJpdiI6Ijd4c3NGQitENmJSRzR1VWM3eTFXVnc9PSIsInZhbHVlIjoiR2Z3NXZkR3ZQU2JPaldwZ1wvTHp0bE5YdkhLM05uVjNqaDIwM0p6cVBFV2VLcENiNDRoRkoxZ3VQTyttdzBXYWxBWllCSXFNNVNCVkZ4SkpTbFhpZmxnPT0iLCJtYWMiOiJiYzdhZmE2NTRkMmZjNTVjZjg3NmNhMDg0ZGQxYzRmZWYxMDgzZWY3YjAxZmI0NTg1YmVmMmM0NDljMDU3ZTdjIn0%3D
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/quotes/bidencare?Referrer=CLFBCWK&Subreferrer=350655&Subid=614403914&utm_source=CLFBCWK&utm_medium=email&utm_content=plans&utm_campaign=BC
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 03 Oct 2021 16:01:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 07 Dec 2020 22:43:40 GMT
Server: nginx
ETag: "5fceb01c-a01f"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: image/jpeg
Cache-Control: max-age=900 public, no-cache, must-revalidate
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 40991
Expires: Sun, 03 Oct 2021 16:16:22 GMT

GET
H/1.1 200
OK visit.php Show response
secure.apolloi.com/leadgen/pxl/ 0
0 311ms
99ms Script
text/html 69.20.94.14
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.apolloi.com/leadgen/pxl/visit.php?visit_id=194926832
Requested by: Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/quotes/bidencare?Referrer=CLFBCWK&Subreferrer=350655&Subid=614403914&utm_source=CLFBCWK&utm_medium=email&utm_content=plans&utm_campaign=BC
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 69.20.94.14 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS: secure.apolloi.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 30ms
7ms Script
text/javascript 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 16
date: Sun, 03 Oct 2021 16:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Sun, 03 Oct 2021 18:01:06 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 104 KB
41 KB 53ms
31ms Script
application/javascript 172.217.16.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T8D2T6P

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f136.1e100.net

Software

Google Tag Manager /

Resource Hash

a222721aed04515c2ef6d2273ff15b27d20a743531f8fe607ae5cd534b01e996

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 03 Oct 2021 16:01:22 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41015
x-xss-protection: 0
last-modified: Sun, 03 Oct 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 03 Oct 2021 16:01:22 GMT

GET
H2 200 58a34f3625ceb64f65edb3a4 Show response
api.pushnami.com/scripts/v1/pushnami-adv/ 243 KB
61 KB 249ms
223ms Script
application/javascript 13.32.99.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pushnami.com/scripts/v1/pushnami-adv/58a34f3625ceb64f65edb3a4
Requested by: Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/quotes/bidencare?Referrer=CLFBCWK&Subreferrer=350655&Subid=614403914&utm_source=CLFBCWK&utm_medium=email&utm_content=plans&utm_campaign=BC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-63.fra60.r.cloudfront.net
Software: /
Resource Hash: 69121f74c87d0d76bd3071030cb983f8630fcd881af8eb9b061adf5b6984ce97

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 03 Oct 2021 16:01:22 GMT
via: 1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
x-edge-origin-shield-skipped: 0
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: no-cache
x-amz-cf-pop: FRA60-P3
content-encoding: gzip
x-amz-cf-id: -OAw1wsZ1Vqh7cTUPu4XPXOZKc55GZvCmtSZS4_2V_VM3y_UYc2qKw==

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dea92681f53237877d78e6b652197caa1f0010ebf9d177468d204423c74fac98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H/1.1 200
OK hero-bg-biden.jpg
www.healthplansamerica.org/images/biden/ 33 KB
33 KB 93ms
93ms Image
image/jpeg 69.20.75.133
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.healthplansamerica.org/images/biden/hero-bg-biden.jpg

Requested by

Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/common_scripts/leadgen/laravel/css/hpa.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.75.133 San Antonio, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.healthplansamerica.org

Software

nginx /

Resource Hash

c1a6dceca196282a843e1d6dcdff4257db81ffa1c11d3ad38f1f359f1751551a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.healthplansamerica.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.healthplansamerica.org/common_scripts/leadgen/laravel/css/hpa.css
Cookie: PHPSESSID=3465dbe93dd97d9558502bbc1c093364; mobile_detection=a%3A0%3A%7B%7D; XSRF-TOKEN=eyJpdiI6IktLQ2lab1BWRVJvbHNYWStJNEdjV2c9PSIsInZhbHVlIjoiOW1YamJSZTNUVjdZMGFlSnBpcFpmbU1idHlEQzFWRU1sc1dPWWZzRk9mRXNlN0c3QVJzdmFWSVhJNElQUUp3MWxoK08wT2NqTTBLT3d2THM1Ynh1c2c9PSIsIm1hYyI6ImViYmYxNTk3YWExYzBkOTliYzllZWE1MzYzN2I3MDRiNGZlMjIxZWU4ZThhZWFkYjUwNmI0M2FkMzgyNmM0OTYifQ%3D%3D; laravel_session=eyJpdiI6Ijd4c3NGQitENmJSRzR1VWM3eTFXVnc9PSIsInZhbHVlIjoiR2Z3NXZkR3ZQU2JPaldwZ1wvTHp0bE5YdkhLM05uVjNqaDIwM0p6cVBFV2VLcENiNDRoRkoxZ3VQTyttdzBXYWxBWllCSXFNNVNCVkZ4SkpTbFhpZmxnPT0iLCJtYWMiOiJiYzdhZmE2NTRkMmZjNTVjZjg3NmNhMDg0ZGQxYzRmZWYxMDgzZWY3YjAxZmI0NTg1YmVmMmM0NDljMDU3ZTdjIn0%3D
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/common_scripts/leadgen/laravel/css/hpa.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 03 Oct 2021 16:01:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 07 Dec 2020 22:43:40 GMT
Server: nginx
ETag: "5fceb01c-8352"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: image/jpeg
Cache-Control: max-age=900 public, no-cache, must-revalidate
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 33618
Expires: Sun, 03 Oct 2021 16:16:22 GMT

GET
H/1.1 200
OK hero-biden.png
www.healthplansamerica.org/images/biden/ 155 KB
155 KB 96ms
96ms Image
image/png 69.20.75.133
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.healthplansamerica.org/images/biden/hero-biden.png

Requested by

Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/common_scripts/leadgen/laravel/css/hpa.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.75.133 San Antonio, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.healthplansamerica.org

Software

nginx /

Resource Hash

ea9ecd90c56a640800680d99ad67544cff546780c8051c7710f699fca8c55eb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.healthplansamerica.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.healthplansamerica.org/common_scripts/leadgen/laravel/css/hpa.css
Cookie: PHPSESSID=3465dbe93dd97d9558502bbc1c093364; mobile_detection=a%3A0%3A%7B%7D; XSRF-TOKEN=eyJpdiI6IktLQ2lab1BWRVJvbHNYWStJNEdjV2c9PSIsInZhbHVlIjoiOW1YamJSZTNUVjdZMGFlSnBpcFpmbU1idHlEQzFWRU1sc1dPWWZzRk9mRXNlN0c3QVJzdmFWSVhJNElQUUp3MWxoK08wT2NqTTBLT3d2THM1Ynh1c2c9PSIsIm1hYyI6ImViYmYxNTk3YWExYzBkOTliYzllZWE1MzYzN2I3MDRiNGZlMjIxZWU4ZThhZWFkYjUwNmI0M2FkMzgyNmM0OTYifQ%3D%3D; laravel_session=eyJpdiI6Ijd4c3NGQitENmJSRzR1VWM3eTFXVnc9PSIsInZhbHVlIjoiR2Z3NXZkR3ZQU2JPaldwZ1wvTHp0bE5YdkhLM05uVjNqaDIwM0p6cVBFV2VLcENiNDRoRkoxZ3VQTyttdzBXYWxBWllCSXFNNVNCVkZ4SkpTbFhpZmxnPT0iLCJtYWMiOiJiYzdhZmE2NTRkMmZjNTVjZjg3NmNhMDg0ZGQxYzRmZWYxMDgzZWY3YjAxZmI0NTg1YmVmMmM0NDljMDU3ZTdjIn0%3D
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/common_scripts/leadgen/laravel/css/hpa.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 03 Oct 2021 16:01:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 07 Dec 2020 22:43:40 GMT
Server: nginx
ETag: "5fceb01c-26ac2"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: image/png
Cache-Control: max-age=900 public, no-cache, must-revalidate
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 158402
Expires: Sun, 03 Oct 2021 16:16:22 GMT

GET
DATA 200
OK truncated
/ 217 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa711cb743caa96b19557672470e7ded8e47d3d7902a60a86ec2f845fba252ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f5471385485dd010cece4e82b5eec41d05c38c3d3f93643fcb646ecde1f2abd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H/1.1 200
OK logo-biden.png
www.healthplansamerica.org/images/biden/ 26 KB
26 KB 250ms
93ms Image
image/png 69.20.75.133
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.healthplansamerica.org/images/biden/logo-biden.png

Requested by

Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/common_scripts/leadgen/laravel/css/hpa.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.75.133 San Antonio, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.healthplansamerica.org

Software

nginx /

Resource Hash

56337bcd64ec0c378ed96e2128f9ffb7b6eee73bfa6db3e2f12f519225f1feec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.healthplansamerica.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.healthplansamerica.org/common_scripts/leadgen/laravel/css/hpa.css
Cookie: PHPSESSID=3465dbe93dd97d9558502bbc1c093364; mobile_detection=a%3A0%3A%7B%7D; XSRF-TOKEN=eyJpdiI6IktLQ2lab1BWRVJvbHNYWStJNEdjV2c9PSIsInZhbHVlIjoiOW1YamJSZTNUVjdZMGFlSnBpcFpmbU1idHlEQzFWRU1sc1dPWWZzRk9mRXNlN0c3QVJzdmFWSVhJNElQUUp3MWxoK08wT2NqTTBLT3d2THM1Ynh1c2c9PSIsIm1hYyI6ImViYmYxNTk3YWExYzBkOTliYzllZWE1MzYzN2I3MDRiNGZlMjIxZWU4ZThhZWFkYjUwNmI0M2FkMzgyNmM0OTYifQ%3D%3D; laravel_session=eyJpdiI6Ijd4c3NGQitENmJSRzR1VWM3eTFXVnc9PSIsInZhbHVlIjoiR2Z3NXZkR3ZQU2JPaldwZ1wvTHp0bE5YdkhLM05uVjNqaDIwM0p6cVBFV2VLcENiNDRoRkoxZ3VQTyttdzBXYWxBWllCSXFNNVNCVkZ4SkpTbFhpZmxnPT0iLCJtYWMiOiJiYzdhZmE2NTRkMmZjNTVjZjg3NmNhMDg0ZGQxYzRmZWYxMDgzZWY3YjAxZmI0NTg1YmVmMmM0NDljMDU3ZTdjIn0%3D
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/common_scripts/leadgen/laravel/css/hpa.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 03 Oct 2021 16:01:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 07 Dec 2020 22:43:40 GMT
Server: nginx
ETag: "5fceb01c-6816"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: image/png
Cache-Control: max-age=900 public, no-cache, must-revalidate
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 26646
Expires: Sun, 03 Oct 2021 16:16:22 GMT

GET
H/1.1 200
OK italianno-regular-webfont.woff2
www.healthplansamerica.org/includes/fonts/ 30 KB
30 KB 156ms
93ms Font
application/font-woff2 69.20.75.133
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthplansamerica.org/includes/fonts/italianno-regular-webfont.woff2

Requested by

Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/common_scripts/leadgen/laravel/css/hpa.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.75.133 San Antonio, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.healthplansamerica.org

Software

nginx /

Resource Hash

fa4241715b942ec0257a7765c4a5517e94e32d43bf0f1016a794d37850d621de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.healthplansamerica.org
Accept-Encoding: gzip, deflate, br
Host: www.healthplansamerica.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.healthplansamerica.org/common_scripts/leadgen/laravel/css/hpa.css
Cookie: PHPSESSID=3465dbe93dd97d9558502bbc1c093364; mobile_detection=a%3A0%3A%7B%7D; XSRF-TOKEN=eyJpdiI6IktLQ2lab1BWRVJvbHNYWStJNEdjV2c9PSIsInZhbHVlIjoiOW1YamJSZTNUVjdZMGFlSnBpcFpmbU1idHlEQzFWRU1sc1dPWWZzRk9mRXNlN0c3QVJzdmFWSVhJNElQUUp3MWxoK08wT2NqTTBLT3d2THM1Ynh1c2c9PSIsIm1hYyI6ImViYmYxNTk3YWExYzBkOTliYzllZWE1MzYzN2I3MDRiNGZlMjIxZWU4ZThhZWFkYjUwNmI0M2FkMzgyNmM0OTYifQ%3D%3D; laravel_session=eyJpdiI6Ijd4c3NGQitENmJSRzR1VWM3eTFXVnc9PSIsInZhbHVlIjoiR2Z3NXZkR3ZQU2JPaldwZ1wvTHp0bE5YdkhLM05uVjNqaDIwM0p6cVBFV2VLcENiNDRoRkoxZ3VQTyttdzBXYWxBWllCSXFNNVNCVkZ4SkpTbFhpZmxnPT0iLCJtYWMiOiJiYzdhZmE2NTRkMmZjNTVjZjg3NmNhMDg0ZGQxYzRmZWYxMDgzZWY3YjAxZmI0NTg1YmVmMmM0NDljMDU3ZTdjIn0%3D
Connection: keep-alive
Referer: https://www.healthplansamerica.org/common_scripts/leadgen/laravel/css/hpa.css
Origin: https://www.healthplansamerica.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 03 Oct 2021 16:01:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 06 May 2021 23:51:38 GMT
Server: nginx
ETag: "6094810a-7704"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: application/font-woff2
Cache-Control: max-age=900 public, no-cache, must-revalidate
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 30468
Expires: Sun, 03 Oct 2021 16:16:22 GMT

GET
H2 200 pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2
fonts.gstatic.com/s/nunitosans/v8/ 17 KB
17 KB 29ms
7ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v8/pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather&family=Nunito+Sans:wght@700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

abf55d853f3bbe3a244ea8f3b8ed9b4127f028a096fefc942020a3605433d99a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.healthplansamerica.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 18:44:30 GMT
x-content-type-options: nosniff
age: 249412
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17108
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 18:12:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 30 Sep 2022 18:44:30 GMT

GET
H2 200 pe03MImSLYBIv1o4X1M8cc8aBc5tU1E.woff2
fonts.gstatic.com/s/nunitosans/v8/ 17 KB
17 KB 37ms
15ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v8/pe03MImSLYBIv1o4X1M8cc8aBc5tU1E.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather&family=Nunito+Sans:wght@700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

b913028cae336af75686538cf833779bac3d2e42701ac7800415dfe3d32a76d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.healthplansamerica.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 18:55:38 GMT
x-content-type-options: nosniff
age: 248744
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17228
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 18:12:51 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 30 Sep 2022 18:55:38 GMT

GET
H2 200 u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v25/ 20 KB
20 KB 34ms
13ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v25/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather&family=Nunito+Sans:wght@700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

c435a36c4117826fc7b7b8023aaf45d65e59bcb814c8f1b1e28bea7c49318c13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.healthplansamerica.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 20:15:50 GMT
x-content-type-options: nosniff
age: 503132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20016
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:21:51 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Sep 2022 20:15:50 GMT

GET
H/1.1 200
OK fa-solid-900.woff2
www.healthplansamerica.org/common_scripts/leadgen/fonts/fontawesome/ 39 KB
40 KB 182ms
93ms Font
application/font-woff2 69.20.75.133
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthplansamerica.org/common_scripts/leadgen/fonts/fontawesome/fa-solid-900.woff2

Requested by

Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/common_scripts/leadgen/fonts/fontawesome/fontawesome.min.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.75.133 San Antonio, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.healthplansamerica.org

Software

nginx /

Resource Hash

434466b59545a8a1cac6ddb38197cdc6b35995a98c3f3812fb88d61b1c300dd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.healthplansamerica.org
Accept-Encoding: gzip, deflate, br
Host: www.healthplansamerica.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.healthplansamerica.org/common_scripts/leadgen/fonts/fontawesome/fontawesome.min.css
Cookie: PHPSESSID=3465dbe93dd97d9558502bbc1c093364; mobile_detection=a%3A0%3A%7B%7D; XSRF-TOKEN=eyJpdiI6IktLQ2lab1BWRVJvbHNYWStJNEdjV2c9PSIsInZhbHVlIjoiOW1YamJSZTNUVjdZMGFlSnBpcFpmbU1idHlEQzFWRU1sc1dPWWZzRk9mRXNlN0c3QVJzdmFWSVhJNElQUUp3MWxoK08wT2NqTTBLT3d2THM1Ynh1c2c9PSIsIm1hYyI6ImViYmYxNTk3YWExYzBkOTliYzllZWE1MzYzN2I3MDRiNGZlMjIxZWU4ZThhZWFkYjUwNmI0M2FkMzgyNmM0OTYifQ%3D%3D; laravel_session=eyJpdiI6Ijd4c3NGQitENmJSRzR1VWM3eTFXVnc9PSIsInZhbHVlIjoiR2Z3NXZkR3ZQU2JPaldwZ1wvTHp0bE5YdkhLM05uVjNqaDIwM0p6cVBFV2VLcENiNDRoRkoxZ3VQTyttdzBXYWxBWllCSXFNNVNCVkZ4SkpTbFhpZmxnPT0iLCJtYWMiOiJiYzdhZmE2NTRkMmZjNTVjZjg3NmNhMDg0ZGQxYzRmZWYxMDgzZWY3YjAxZmI0NTg1YmVmMmM0NDljMDU3ZTdjIn0%3D
Connection: keep-alive
Referer: https://www.healthplansamerica.org/common_scripts/leadgen/fonts/fontawesome/fontawesome.min.css
Origin: https://www.healthplansamerica.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 03 Oct 2021 16:01:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 11 Dec 2019 16:48:23 GMT
Server: nginx
ETag: "5df11dd7-9cd4"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: application/font-woff2
Cache-Control: max-age=900 public, no-cache, must-revalidate
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 40148
Expires: Sun, 03 Oct 2021 16:16:22 GMT

GET
H2 200 app.js Show response
acsbapp.com/apps/app/dist/js/ 418 KB
138 KB 278ms
87ms Script
application/x-javascript 208.68.39.149
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://acsbapp.com/apps/app/dist/js/app.js
Requested by: Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/quotes/bidencare?Referrer=CLFBCWK&Subreferrer=350655&Subid=614403914&utm_source=CLFBCWK&utm_medium=email&utm_content=plans&utm_campaign=BC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 208.68.39.149 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: cdn100.acsbapp.com
Software: /
Resource Hash: 7a0b93a621d4d143fd76450db617ec155df624ee067129fbca604bd4bec33ec2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 03 Oct 2021 16:01:22 GMT
content-encoding: br
last-modified: Mon, 27 Sep 2021 06:09:36 GMT
etag: "686e4-61516020-a5b0e9f331338503;br"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=432000 public
accept-ranges: bytes
access-control-allow-headers: *
content-length: 140634
expires: Mon, 04 Oct 2021 16:01:22 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 34 KB
10 KB 90ms
46ms Script
application/javascript 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/quotes/bidencare?Referrer=CLFBCWK&Subreferrer=350655&Subid=614403914&utm_source=CLFBCWK&utm_medium=email&utm_content=plans&utm_campaign=BC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 25691b4cadbc6312d4968d44601681557ab0c8dc4cef73a82ff00171ba2bad31

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 03 Oct 2021 16:01:22 GMT
content-encoding: gzip
last-modified: Mon, 27 Sep 2021 19:22:40 GMT
x-msedge-ref: Ref A: E933114522714E1D936281A6E57ABF79 Ref B: PRG01EDGE1010 Ref C: 2021-10-03T16:01:22Z
etag: "080879d5b3d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 9985

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 21ms
7ms Script
application/x-javascript 31.13.92.14
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frt3.fbcdn.net

Software

Resource Hash

2bc2179dbcac09de834853fc91b815d3bea8112276b7b789f610078d399bcb47

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25967
x-xss-protection: 0
pragma: public
x-fb-debug: t9yMBVFr3d8nhPm4ryD2Yv2Sw7mm/u7KH+/GE3rkyH7cJMVeG04TSv7CGSgdB3yRiTAWcOyaXbRokEuxFH3yVw==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Sun, 03 Oct 2021 16:01:22 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 c03ef9de-4523-077b-661e-f0bbdaa0049b.js Show response
create.lidstatic.com/campaign/ 123 KB
39 KB 441ms
412ms Script
text/javascript 104.22.39.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://create.lidstatic.com/campaign/c03ef9de-4523-077b-661e-f0bbdaa0049b.js?snippet_version=2
Requested by: Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/quotes/bidencare?Referrer=CLFBCWK&Subreferrer=350655&Subid=614403914&utm_source=CLFBCWK&utm_medium=email&utm_content=plans&utm_campaign=BC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.39.182 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 355569aefdac8f58d387e7bfbe652c048aa3e1c892d2de60933896fb5e564dee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 03 Oct 2021 16:01:23 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Mon, 24 May 2021 14:43:27 GMT
server: cloudflare
x-amz-request-id: KA7J8B5FT7A55AKE
etag: W/"8d224115e1dcd050e2b2943d5af50106"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1800
x-amz-replication-status: COMPLETED
cf-ray: 69876385780568fd-FRA
x-amz-version-id: c46laZGBGbWYhAvAbQEkQCSsDi.MuxXA
x-amz-id-2: pqh3RUG5dfeVwUP12d4QQdM++HuU8408oJ+8LN9CU29Uj8c8yeFfrKOfi+PkzXe9Vs5rD75R4jg=

GET
H2 200 invoca-latest.min.js Show response
solutions.invocacdn.com/js/ 120 KB
39 KB 43ms
7ms Script
text/javascript 18.66.97.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://solutions.invocacdn.com/js/invoca-latest.min.js
Requested by: Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/quotes/bidencare?Referrer=CLFBCWK&Subreferrer=350655&Subid=614403914&utm_source=CLFBCWK&utm_medium=email&utm_content=plans&utm_campaign=BC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dbb06737202fe9475adff6ac222c76e2bdc65d8662a93e013ca530a9be2edee9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: a7RBrdVhbZyMT1ueocmNTZesp9TLCpB9
content-encoding: gzip
etag: W/"5b68afbbed0fb391eb715032a36813cf"
age: 2857
x-edge-origin-shield-skipped: 0
x-amz-replication-status: COMPLETED
x-cache: Hit from cloudfront
last-modified: Fri, 20 Aug 2021 16:52:03 GMT
server: AmazonS3
date: Sun, 03 Oct 2021 15:13:46 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: bMZvUY0cXoSOs5kSt5SKZ9baFrQBubh5wRTbPwtT8FVUvz_jd9Uq-A==

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 105 KB
40 KB 34ms
32ms Script
application/javascript 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-NXJZNQR&cid=1129920534.1633276883

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

Google Tag Manager /

Resource Hash

7d195da4a55ea70d7f75510fbd35de02d19c5441500edca7ec535a4b8f0ca72d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 03 Oct 2021 16:01:22 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41000
x-xss-protection: 0
expires: Sun, 03 Oct 2021 16:01:22 GMT

GET
H3 200 484161251792257 Show response
connect.facebook.net/signals/config/ 491 KB
144 KB 87ms
79ms Script
application/x-javascript 31.13.92.14
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/484161251792257?v=2.9.47&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frt3.fbcdn.net

Software

Resource Hash

812d23b39327da1d5f250356e1800060b80f8476bf990b2e890fc2bcc3edb2a1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: cDf+sV9uR/VzU9Q2nBJg9DmYiLV9L2KdNkUqA9HoNj2Ax6rxFIA1fltEb6NxPVFe++qqkSlFaDYl5EeMdkghuw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 03 Oct 2021 16:01:22 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tag-live.js Show response
solutions.invocacdn.com/js/networks/585/0419737375/ 6 KB
2 KB 400ms
399ms Script
text/javascript 18.66.97.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://solutions.invocacdn.com/js/networks/585/0419737375/tag-live.js
Requested by: Host: solutions.invocacdn.com
URL: https://solutions.invocacdn.com/js/invoca-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a592564b9b2d607aa653f3ca77adba6b405022dd91b1dfc9edf789a4eb02b953

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: 0Qfdvo0f_YNgaplQS3YTle3ByArvqRkM
content-encoding: gzip
last-modified: Thu, 15 Jul 2021 19:25:03 GMT
server: AmazonS3
x-edge-origin-shield-skipped: 0
etag: W/"7beabea2e2cfeadff0e6ab423c2ac7fa"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/javascript
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
cache-control: max-age=300
date: Sun, 03 Oct 2021 16:01:24 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: xiiE0D1yO04_wr1nNvUuRlZ6UcbXf4pI_dut0NLGnVNlIASfI5B6Hw==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
14ms XHR
text/plain 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=712658125&t=pageview&_s=1&dl=https%3A%2F%2Fwww.healthplansamerica.org%2Fquotes%2Fbidencare%3FReferrer%3DCLFBCWK%26Subreferrer%3D350655%26Subid%3D614403914%26utm_source%3DCLFBCWK%26utm_medium%3Demail%26utm_content%3Dplans%26utm_campaign%3DBC&dr=https%3A%2F%2Fcuttingedgeteh.com%2F&ul=en-us&de=UTF-8&dt=BidenCare%20%7C%20Health%20Plans%20of%20America&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAAAADQAAAAC~&jid=4826943&gjid=1221565218&cid=1129920534.1633276883&tid=UA-23882117-1&_gid=264946138.1633276883&_r=1&_slc=1&z=196450858

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.healthplansamerica.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 03 Oct 2021 16:01:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.healthplansamerica.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 4046953.js Show response
bat.bing.com/p/action/ 0
110 B 148ms
148ms Script
text/plain 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/4046953.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 03 Oct 2021 16:01:22 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: 45EFCE03DBDE4C94A94A33A6933155F3 Ref B: PRG01EDGE1010 Ref C: 2021-10-03T16:01:22Z
x-cache: CONFIG_NOCACHE

GET
H2 200 /
www.facebook.com/tr/ 44 B
313 B 23ms
7ms Image
image/gif 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=484161251792257&ev=PageView&dl=https%3A%2F%2Fwww.healthplansamerica.org%2Fquotes%2Fbidencare%3FReferrer%3D_removed_%26Subreferrer%3D350655%26Subid%3D614403914%26utm_source%3DCLFBCWK%26utm_medium%3Demail%26utm_content%3Dplans%26utm_campaign%3DBC%26_filteredParams%3D%257B%2522unwantedParams%2522%253A%255B%255D%252C%2522sensitiveParams%2522%253A%255B%25228e350c85ce0f162c5312e3b308ea09a7fc51616723ba4098f6957e87e2306519%2522%255D%257D&rl=https%3A%2F%2Fcuttingedgeteh.com%2F%3F_filteredParams%3D%257B%2522unwantedParams%2522%253A%255B%255D%252C%2522sensitiveParams%2522%253A%255B%255D%257D&if=false&ts=1633276882960&sw=1600&sh=1200&v=2.9.47&r=stable&ec=0&o=30&fbp=fb.1.1633276882951.425387593&it=1633276882803&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 03 Oct 2021 16:01:22 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sun, 03 Oct 2021 16:01:22 GMT

GET
H2 200 request.js Show response
script.anura.io/ 47 KB
47 KB 148ms
92ms Script
application/javascript 18.133.97.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/request.js?instance=2761973509&source=CLFBCWK&campaign=350655-HPA&variable=AnuraResponse&359712864121

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.133.97.68 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-133-97-68.eu-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

d6161588949f47302434f6823615e1931625964196861222e7b429807014edd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Oct 2021 16:01:23 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
x-content-type-options: nosniff
expires: Sun, 28 Dec 1980 18:57:00 EST
server: nginx
content-type: application/javascript; charset=utf-8

GET
H2 204 0
bat.bing.com/action/ 0
150 B 46ms
46ms Image
text/plain 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=4046953&Ver=2&mid=19a57d40-7f14-4d0e-8545-dba661ccc3e5&sid=27d3a8e0246311ecbc7937eb3e83a833&vid=27d3cc70246311ec8fd561139dfe52e6&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=BidenCare%20%7C%20Health%20Plans%20of%20America&kw=Find%20%26%20Compare,%20Health%20Insurance,%20Quotes,%20Medicare%20Insurance,%20Plans,%20healthplansamerica.org&p=https%3A%2F%2Fwww.healthplansamerica.org%2Fquotes%2Fbidencare%3FReferrer%3DCLFBCWK%26Subreferrer%3D350655%26Subid%3D614403914%26utm_source%3DCLFBCWK%26utm_medium%3Demail%26utm_content%3Dplans%26utm_campaign%3DBC&r=https%3A%2F%2Fcuttingedgeteh.com%2F&lt=2036&evt=pageLoad&msclkid=N&sv=1&rn=787677
Requested by: Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/quotes/bidencare?Referrer=CLFBCWK&Subreferrer=350655&Subid=614403914&utm_source=CLFBCWK&utm_medium=email&utm_content=plans&utm_campaign=BC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sun, 03 Oct 2021 16:01:22 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: B54291D8ABFA4DB88125823B35342C92 Ref B: PRG01EDGE1010 Ref C: 2021-10-03T16:01:23Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS track
trc.pushnami.com/api/push/ Frame 0
0

GET
H2 200 58a34f3625ceb64f65edb3a4
api.pushnami.com/scripts/v1/pushnami-two-step-styles/ 6 KB
2 KB 211ms
211ms Stylesheet
text/css 13.32.99.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pushnami.com/scripts/v1/pushnami-two-step-styles/58a34f3625ceb64f65edb3a4
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/58a34f3625ceb64f65edb3a4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-63.fra60.r.cloudfront.net
Software: /
Resource Hash: ec3cf9d49f5df3314ae6ac1702d1c96669a5aeb259e49412d966931b32a812d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 03 Oct 2021 16:01:23 GMT
via: 1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
x-edge-origin-shield-skipped: 0
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: text/css; charset=utf-8
cache-control: no-cache
x-amz-cf-pop: FRA60-P3
content-encoding: gzip
x-amz-cf-id: T9PzdhujkpGrhfbaBBqlGChxIK6i1T_DLQI1wGO-FIHrfiT17pKPKQ==

GET
H2 200 58a34f3625ceb64f65edb3a4 Show response
api.pushnami.com/scripts/v1/pushnami-two-step/ 17 KB
9 KB 296ms
295ms Script
application/javascript 13.32.99.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pushnami.com/scripts/v1/pushnami-two-step/58a34f3625ceb64f65edb3a4
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/58a34f3625ceb64f65edb3a4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-63.fra60.r.cloudfront.net
Software: /
Resource Hash: 95704bbd86118a73f19660d327c6ac000e7e5bd1aaa3c7be911c889079ceeb53

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 03 Oct 2021 16:01:23 GMT
via: 1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
x-edge-origin-shield-skipped: 0
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: no-cache
x-amz-cf-pop: FRA60-P3
content-encoding: gzip
x-amz-cf-id: d0J_LZGddx2T3w5rvEAzOucjDyGDeAmWX3xLmb_nyiK5XpIm2IBHHg==

POST track
trc.pushnami.com/api/push/ 0
0

POST
H2 200 GenerateToken Show response
create.leadid.com/2.11.7/ 36 B
335 B 345ms
144ms XHR
text/plain 52.200.243.50
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.11.7/GenerateToken?msn=1&pid=47967835-b2c5-434c-bf48-05f92282a1a4&_=625500551
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/c03ef9de-4523-077b-661e-f0bbdaa0049b.js?snippet_version=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.200.243.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-200-243-50.compute-1.amazonaws.com
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: f436e57203e5d60fe8ac1c1754faa9924d6de843fd376e9b71af8b5228e825da

Request headers

Referer: https://www.healthplansamerica.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 03 Oct 2021 16:01:23 GMT
content-encoding: gzip
server: nginx/1.17.6
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 icon
api.pushnami.com/api/mirage/ 11 KB
11 KB 161ms
161ms Image
image/png 13.32.99.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.pushnami.com/api/mirage/icon?websiteUrl=https%3A%2F%2Fwww.healthplansamerica.org
Requested by: Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/quotes/bidencare?Referrer=CLFBCWK&Subreferrer=350655&Subid=614403914&utm_source=CLFBCWK&utm_medium=email&utm_content=plans&utm_campaign=BC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-63.fra60.r.cloudfront.net
Software: /
Resource Hash: 9db486b793818767df46d728b5d8729af5a1bf5abc9d4e524ce30206f8fcf042

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 03 Oct 2021 16:01:23 GMT
via: 1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
x-edge-origin-shield-skipped: 0
x-cache: Miss from cloudfront
content-type: image/png
cache-control: no-cache
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-length: 10805
x-amz-cf-id: 2NvH5Hxla-1kO-bX2z_0nt4HFB68HNrNfh7w-GFe-tl6LwZaUTuY1w==

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 16ms
7ms Image
image/gif 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=484161251792257&ev=Microdata&dl=https%3A%2F%2Fwww.healthplansamerica.org%2Fquotes%2Fbidencare%3FReferrer%3DCLFBCWK%26Subreferrer%3D350655%26Subid%3D614403914%26utm_source%3DCLFBCWK%26utm_medium%3Demail%26utm_content%3Dplans%26utm_campaign%3DBC&rl=https%3A%2F%2Fcuttingedgeteh.com%2F&if=false&ts=1633276883463&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22BidenCare%20%7C%20Health%20Plans%20of%20America%20%22%2C%22meta%3Adescription%22%3A%22Learn%20more%20about%20health%20and%20medicare%20insurance%20coverage.%22%2C%22meta%3Akeywords%22%3A%22Find%20%26%20Compare%2C%20Health%20Insurance%2C%20Quotes%2C%20Medicare%20Insurance%2C%20Plans%2C%20healthplansamerica.org%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22BidenCare%20%7C%20Health%20Plans%20of%20America%22%2C%22og%3Adescription%22%3A%22Learn%20more%20about%20health%20and%20medicare%20insurance%20coverage.%22%2C%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Asite_name%22%3A%22Health%20Plans%20of%20America%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.healthplansamerica.org%2Fimages%2Farticle-img.jpg%22%2C%22og%3Aimage%3Aalt%22%3A%22healthplansamerica.org%22%2C%22og%3Aimage%3Awidth%22%3A%221020%22%2C%22og%3Aimage%3Aheight%22%3A%22512%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.healthplansamerica.org%2Fquotes%2Fbidencare%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.47&r=stable&ec=1&o=30&fbp=fb.1.1633276882951.425387593&it=1633276882803&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 03 Oct 2021 16:01:23 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Sun, 03 Oct 2021 16:01:23 GMT

POST
H2 200 response.json Show response
script.anura.io/ 52 B
404 B 112ms
68ms XHR
application/json 18.133.97.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/response.json

Requested by

Host: script.anura.io
URL: https://script.anura.io/request.js?instance=2761973509&source=CLFBCWK&campaign=350655-HPA&variable=AnuraResponse&359712864121

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.133.97.68 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-133-97-68.eu-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

39c09707ddc485a2b7497330fdef55c3a36e619172d3c49b8679bcb767928fbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.healthplansamerica.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 03 Oct 2021 16:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H/1.1 200
OK iframe.html Show response
d2m2wsoho8qq12.cloudfront.net/ Frame 449F 3 KB
2 KB 31ms
6ms Document
text/html 52.222.206.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=FD27B9DB-22BD-DE58-7698-4940E5315D8E&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.7&lck=C03EF9DE-4523-077B-661E-F0BBDAA0049B&lac=478B1969-F034-6785-243D-D2DE64FC7F68
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/c03ef9de-4523-077b-661e-f0bbdaa0049b.js?snippet_version=2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.206.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-206-97.fra56.r.cloudfront.net
Software: nginx/1.17.6 /
Resource Hash: 4e2d95df10e65f48daac2dcbad2cc0ef091610b5d5f77e4be8ad56a2e5aed241

Request headers

Host: d2m2wsoho8qq12.cloudfront.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.healthplansamerica.org/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/

Response headers

Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sun, 03 Oct 2021 14:10:28 GMT
Server: nginx/1.17.6
Last-Modified: Sun, 03 Oct 2021 14:00:02 GMT
ETag: W/"6159b762-da5"
P3P: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
Content-Encoding: gzip
X-Cache: Hit from cloudfront
Via: 1.1 d79861a030d3421826a919f9c2b00147.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P3
X-Amz-Cf-Id: -QaJu4BMKMiiy3U-xhF69ooTlpl16Qn_4Pf0To-ASPinESwSi0ILaA==
Age: 6655

POST
H2 200 SaveDom Show response
create.leadid.com/2.11.7/ 0
298 B 99ms
99ms XHR
text/plain 52.200.243.50
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.11.7/SaveDom?msn=2&pid=47967835-b2c5-434c-bf48-05f92282a1a4&token=FD27B9DB-22BD-DE58-7698-4940E5315D8E&_=625500552
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/c03ef9de-4523-077b-661e-f0bbdaa0049b.js?snippet_version=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.200.243.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-200-243-50.compute-1.amazonaws.com
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.healthplansamerica.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 03 Oct 2021 16:01:23 GMT
content-encoding: gzip
server: nginx/1.17.6
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 InitFormData Show response
create.leadid.com/2.11.7/ 0
298 B 100ms
100ms XHR
text/plain 52.200.243.50
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.11.7/InitFormData?msn=3&pid=47967835-b2c5-434c-bf48-05f92282a1a4&token=FD27B9DB-22BD-DE58-7698-4940E5315D8E&_=625500553
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/c03ef9de-4523-077b-661e-f0bbdaa0049b.js?snippet_version=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.200.243.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-200-243-50.compute-1.amazonaws.com
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.healthplansamerica.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 03 Oct 2021 16:01:23 GMT
content-encoding: gzip
server: nginx/1.17.6
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK set_visit_ulid Show response
www.healthplansamerica.org/api/ 0
511 B 107ms
107ms XHR
text/html 69.20.75.133
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthplansamerica.org/api/set_visit_ulid

Requested by

Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/common_scripts/leadgen/laravel/js/hpa.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.75.133 San Antonio, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.healthplansamerica.org

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: cors
Origin: https://www.healthplansamerica.org
Accept-Encoding: gzip, deflate, br
Accept-Language: de-DE,de;q=0.9
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Cookie: PHPSESSID=3465dbe93dd97d9558502bbc1c093364; mobile_detection=a%3A0%3A%7B%7D; XSRF-TOKEN=eyJpdiI6IktLQ2lab1BWRVJvbHNYWStJNEdjV2c9PSIsInZhbHVlIjoiOW1YamJSZTNUVjdZMGFlSnBpcFpmbU1idHlEQzFWRU1sc1dPWWZzRk9mRXNlN0c3QVJzdmFWSVhJNElQUUp3MWxoK08wT2NqTTBLT3d2THM1Ynh1c2c9PSIsIm1hYyI6ImViYmYxNTk3YWExYzBkOTliYzllZWE1MzYzN2I3MDRiNGZlMjIxZWU4ZThhZWFkYjUwNmI0M2FkMzgyNmM0OTYifQ%3D%3D; laravel_session=eyJpdiI6Ijd4c3NGQitENmJSRzR1VWM3eTFXVnc9PSIsInZhbHVlIjoiR2Z3NXZkR3ZQU2JPaldwZ1wvTHp0bE5YdkhLM05uVjNqaDIwM0p6cVBFV2VLcENiNDRoRkoxZ3VQTyttdzBXYWxBWllCSXFNNVNCVkZ4SkpTbFhpZmxnPT0iLCJtYWMiOiJiYzdhZmE2NTRkMmZjNTVjZjg3NmNhMDg0ZGQxYzRmZWYxMDgzZWY3YjAxZmI0NTg1YmVmMmM0NDljMDU3ZTdjIn0%3D; _ga=GA1.2.1129920534.1633276883; _gid=GA1.2.264946138.1633276883; _gat=1; _fbp=fb.1.1633276882951.425387593; _uetsid=27d3a8e0246311ecbc7937eb3e83a833; _uetvid=27d3cc70246311ec8fd561139dfe52e6; invoca_session=%7B%22ttl%22%3A%222021-11-02T16%3A01%3A23.250Z%22%2C%22session%22%3A%7B%7D%2C%22config%22%3A%7B%22ce%22%3Atrue%2C%22fv%22%3Atrue%7D%7D; leadid_token-478B1969-F034-6785-243D-D2DE64FC7F68-C03EF9DE-4523-077B-661E-F0BBDAA0049B=FD27B9DB-22BD-DE58-7698-4940E5315D8E
Connection: keep-alive
Content-Length: 73
Pragma: no-cache
Host: www.healthplansamerica.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: */*
Cache-Control: no-cache
Referer: https://www.healthplansamerica.org/quotes/bidencare?Referrer=CLFBCWK&Subreferrer=350655&Subid=614403914&utm_source=CLFBCWK&utm_medium=email&utm_content=plans&utm_campaign=BC
Sec-Fetch-Site: same-origin
Accept: */*
Referer: https://www.healthplansamerica.org/quotes/bidencare?Referrer=CLFBCWK&Subreferrer=350655&Subid=614403914&utm_source=CLFBCWK&utm_medium=email&utm_content=plans&utm_campaign=BC
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Sun, 03 Oct 2021 16:01:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate no-cache
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 iframe.html Show response
deviceid.trueleadid.com/ Frame 2CBD 4 KB
2 KB 309ms
97ms Document
text/html 52.2.22.185
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://deviceid.trueleadid.com/iframe.html?token=FD27B9DB-22BD-DE58-7698-4940E5315D8E&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.7&lck=C03EF9DE-4523-077B-661E-F0BBDAA0049B&lac=478B1969-F034-6785-243D-D2DE64FC7F68
Requested by: Host: d2m2wsoho8qq12.cloudfront.net
URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=FD27B9DB-22BD-DE58-7698-4940E5315D8E&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.7&lck=C03EF9DE-4523-077B-661E-F0BBDAA0049B&lac=478B1969-F034-6785-243D-D2DE64FC7F68
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.2.22.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-2-22-185.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a

Request headers

:method: GET
:authority: deviceid.trueleadid.com
:scheme: https
:path: /iframe.html?token=FD27B9DB-22BD-DE58-7698-4940E5315D8E&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.7&lck=C03EF9DE-4523-077B-661E-F0BBDAA0049B&lac=478B1969-F034-6785-243D-D2DE64FC7F68
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://d2m2wsoho8qq12.cloudfront.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d2m2wsoho8qq12.cloudfront.net/

Response headers

date: Sun, 03 Oct 2021 16:01:23 GMT
content-type: text/html
server: nginx
last-modified: Thu, 16 Sep 2021 02:33:38 GMT
etag: W/"6142ad02-1049"
expires: Mon, 04 Oct 2021 16:01:23 GMT
cache-control: max-age=86400 public
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
content-encoding: gzip

POST
H2 200 result.json Show response
script.anura.io/ 27 B
384 B 41ms
40ms XHR
application/json 18.133.97.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/result.json

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.133.97.68 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-133-97-68.eu-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

59855fb273cce24eaff91d16cdb093b5b26a2bdca96f6a5ec4d95d81d657e929

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.healthplansamerica.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 03 Oct 2021 16:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H/1.1 200
OK Cookie set fraud_status.php Show response
www.healthplansamerica.org/common_scripts/omg/ 0
538 B 171ms
170ms XHR
text/html 69.20.75.133
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthplansamerica.org/common_scripts/omg/fraud_status.php?source=anura&response=

Requested by

Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/common_scripts/leadgen/laravel/js/hpa.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.75.133 San Antonio, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.healthplansamerica.org

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.healthplansamerica.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Cookie: PHPSESSID=3465dbe93dd97d9558502bbc1c093364; mobile_detection=a%3A0%3A%7B%7D; XSRF-TOKEN=eyJpdiI6IktLQ2lab1BWRVJvbHNYWStJNEdjV2c9PSIsInZhbHVlIjoiOW1YamJSZTNUVjdZMGFlSnBpcFpmbU1idHlEQzFWRU1sc1dPWWZzRk9mRXNlN0c3QVJzdmFWSVhJNElQUUp3MWxoK08wT2NqTTBLT3d2THM1Ynh1c2c9PSIsIm1hYyI6ImViYmYxNTk3YWExYzBkOTliYzllZWE1MzYzN2I3MDRiNGZlMjIxZWU4ZThhZWFkYjUwNmI0M2FkMzgyNmM0OTYifQ%3D%3D; laravel_session=eyJpdiI6Ijd4c3NGQitENmJSRzR1VWM3eTFXVnc9PSIsInZhbHVlIjoiR2Z3NXZkR3ZQU2JPaldwZ1wvTHp0bE5YdkhLM05uVjNqaDIwM0p6cVBFV2VLcENiNDRoRkoxZ3VQTyttdzBXYWxBWllCSXFNNVNCVkZ4SkpTbFhpZmxnPT0iLCJtYWMiOiJiYzdhZmE2NTRkMmZjNTVjZjg3NmNhMDg0ZGQxYzRmZWYxMDgzZWY3YjAxZmI0NTg1YmVmMmM0NDljMDU3ZTdjIn0%3D; _ga=GA1.2.1129920534.1633276883; _gid=GA1.2.264946138.1633276883; _gat=1; _fbp=fb.1.1633276882951.425387593; _uetsid=27d3a8e0246311ecbc7937eb3e83a833; _uetvid=27d3cc70246311ec8fd561139dfe52e6; invoca_session=%7B%22ttl%22%3A%222021-11-02T16%3A01%3A23.250Z%22%2C%22session%22%3A%7B%7D%2C%22config%22%3A%7B%22ce%22%3Atrue%2C%22fv%22%3Atrue%7D%7D; leadid_token-478B1969-F034-6785-243D-D2DE64FC7F68-C03EF9DE-4523-077B-661E-F0BBDAA0049B=FD27B9DB-22BD-DE58-7698-4940E5315D8E
Connection: keep-alive
Referer: https://www.healthplansamerica.org/quotes/bidencare?Referrer=CLFBCWK&Subreferrer=350655&Subid=614403914&utm_source=CLFBCWK&utm_medium=email&utm_content=plans&utm_campaign=BC
Accept: */*
Referer: https://www.healthplansamerica.org/quotes/bidencare?Referrer=CLFBCWK&Subreferrer=350655&Subid=614403914&utm_source=CLFBCWK&utm_medium=email&utm_content=plans&utm_campaign=BC
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 03 Oct 2021 16:01:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Set-Cookie: omg_visit_id=6159d3d3e69ca5218; path=/
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK Cookie set fraud_status.php Show response
www.healthplansamerica.org/common_scripts/omg/ 0
538 B 167ms
166ms XHR
text/html 69.20.75.133
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthplansamerica.org/common_scripts/omg/fraud_status.php?source=anura&response={%22result%22:%22bad%22,%22mobile%22:0}

Requested by

Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/common_scripts/leadgen/laravel/js/hpa.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.75.133 San Antonio, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.healthplansamerica.org

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.healthplansamerica.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Cookie: PHPSESSID=3465dbe93dd97d9558502bbc1c093364; mobile_detection=a%3A0%3A%7B%7D; XSRF-TOKEN=eyJpdiI6IktLQ2lab1BWRVJvbHNYWStJNEdjV2c9PSIsInZhbHVlIjoiOW1YamJSZTNUVjdZMGFlSnBpcFpmbU1idHlEQzFWRU1sc1dPWWZzRk9mRXNlN0c3QVJzdmFWSVhJNElQUUp3MWxoK08wT2NqTTBLT3d2THM1Ynh1c2c9PSIsIm1hYyI6ImViYmYxNTk3YWExYzBkOTliYzllZWE1MzYzN2I3MDRiNGZlMjIxZWU4ZThhZWFkYjUwNmI0M2FkMzgyNmM0OTYifQ%3D%3D; laravel_session=eyJpdiI6Ijd4c3NGQitENmJSRzR1VWM3eTFXVnc9PSIsInZhbHVlIjoiR2Z3NXZkR3ZQU2JPaldwZ1wvTHp0bE5YdkhLM05uVjNqaDIwM0p6cVBFV2VLcENiNDRoRkoxZ3VQTyttdzBXYWxBWllCSXFNNVNCVkZ4SkpTbFhpZmxnPT0iLCJtYWMiOiJiYzdhZmE2NTRkMmZjNTVjZjg3NmNhMDg0ZGQxYzRmZWYxMDgzZWY3YjAxZmI0NTg1YmVmMmM0NDljMDU3ZTdjIn0%3D; _ga=GA1.2.1129920534.1633276883; _gid=GA1.2.264946138.1633276883; _gat=1; _fbp=fb.1.1633276882951.425387593; _uetsid=27d3a8e0246311ecbc7937eb3e83a833; _uetvid=27d3cc70246311ec8fd561139dfe52e6; invoca_session=%7B%22ttl%22%3A%222021-11-02T16%3A01%3A23.250Z%22%2C%22session%22%3A%7B%7D%2C%22config%22%3A%7B%22ce%22%3Atrue%2C%22fv%22%3Atrue%7D%7D; leadid_token-478B1969-F034-6785-243D-D2DE64FC7F68-C03EF9DE-4523-077B-661E-F0BBDAA0049B=FD27B9DB-22BD-DE58-7698-4940E5315D8E
Connection: keep-alive
Referer: https://www.healthplansamerica.org/quotes/bidencare?Referrer=CLFBCWK&Subreferrer=350655&Subid=614403914&utm_source=CLFBCWK&utm_medium=email&utm_content=plans&utm_campaign=BC
Accept: */*
Referer: https://www.healthplansamerica.org/quotes/bidencare?Referrer=CLFBCWK&Subreferrer=350655&Subid=614403914&utm_source=CLFBCWK&utm_medium=email&utm_content=plans&utm_campaign=BC
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 03 Oct 2021 16:01:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Set-Cookie: omg_visit_id=6159d3d3e6b575094; path=/
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK Cookie set fraud_status.php Show response
www.healthplansamerica.org/common_scripts/omg/ 0
538 B 167ms
166ms XHR
text/html 69.20.75.133
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthplansamerica.org/common_scripts/omg/fraud_status.php?source=anura&response={%22result%22:%22bad%22,%22mobile%22:0}

Requested by

Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/common_scripts/leadgen/laravel/js/hpa.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.75.133 San Antonio, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.healthplansamerica.org

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.healthplansamerica.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Cookie: PHPSESSID=3465dbe93dd97d9558502bbc1c093364; mobile_detection=a%3A0%3A%7B%7D; XSRF-TOKEN=eyJpdiI6IktLQ2lab1BWRVJvbHNYWStJNEdjV2c9PSIsInZhbHVlIjoiOW1YamJSZTNUVjdZMGFlSnBpcFpmbU1idHlEQzFWRU1sc1dPWWZzRk9mRXNlN0c3QVJzdmFWSVhJNElQUUp3MWxoK08wT2NqTTBLT3d2THM1Ynh1c2c9PSIsIm1hYyI6ImViYmYxNTk3YWExYzBkOTliYzllZWE1MzYzN2I3MDRiNGZlMjIxZWU4ZThhZWFkYjUwNmI0M2FkMzgyNmM0OTYifQ%3D%3D; laravel_session=eyJpdiI6Ijd4c3NGQitENmJSRzR1VWM3eTFXVnc9PSIsInZhbHVlIjoiR2Z3NXZkR3ZQU2JPaldwZ1wvTHp0bE5YdkhLM05uVjNqaDIwM0p6cVBFV2VLcENiNDRoRkoxZ3VQTyttdzBXYWxBWllCSXFNNVNCVkZ4SkpTbFhpZmxnPT0iLCJtYWMiOiJiYzdhZmE2NTRkMmZjNTVjZjg3NmNhMDg0ZGQxYzRmZWYxMDgzZWY3YjAxZmI0NTg1YmVmMmM0NDljMDU3ZTdjIn0%3D; _ga=GA1.2.1129920534.1633276883; _gid=GA1.2.264946138.1633276883; _gat=1; _fbp=fb.1.1633276882951.425387593; _uetsid=27d3a8e0246311ecbc7937eb3e83a833; _uetvid=27d3cc70246311ec8fd561139dfe52e6; invoca_session=%7B%22ttl%22%3A%222021-11-02T16%3A01%3A23.250Z%22%2C%22session%22%3A%7B%7D%2C%22config%22%3A%7B%22ce%22%3Atrue%2C%22fv%22%3Atrue%7D%7D; leadid_token-478B1969-F034-6785-243D-D2DE64FC7F68-C03EF9DE-4523-077B-661E-F0BBDAA0049B=FD27B9DB-22BD-DE58-7698-4940E5315D8E
Connection: keep-alive
Referer: https://www.healthplansamerica.org/quotes/bidencare?Referrer=CLFBCWK&Subreferrer=350655&Subid=614403914&utm_source=CLFBCWK&utm_medium=email&utm_content=plans&utm_campaign=BC
Accept: */*
Referer: https://www.healthplansamerica.org/quotes/bidencare?Referrer=CLFBCWK&Subreferrer=350655&Subid=614403914&utm_source=CLFBCWK&utm_medium=email&utm_content=plans&utm_campaign=BC
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 03 Oct 2021 16:01:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Set-Cookie: omg_visit_id=6159d3d3e6b605252; path=/
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 SaveDeviceId.js Show response
create.leadid.com/2.11.7/ Frame 2CBD 0
302 B 299ms
103ms Script
text/javascript 52.200.243.50
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.11.7/SaveDeviceId.js?lac=478B1969-F034-6785-243D-D2DE64FC7F68&lck=C03EF9DE-4523-077B-661E-F0BBDAA0049B&methods=48&token=FD27B9DB-22BD-DE58-7698-4940E5315D8E&uuid=0fd7521d92d8432a9a49f3f8b3ebccb7
Requested by: Host: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=FD27B9DB-22BD-DE58-7698-4940E5315D8E&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.7&lck=C03EF9DE-4523-077B-661E-F0BBDAA0049B&lac=478B1969-F034-6785-243D-D2DE64FC7F68
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.200.243.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-200-243-50.compute-1.amazonaws.com
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://deviceid.trueleadid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 03 Oct 2021 16:01:24 GMT
content-encoding: gzip
server: nginx/1.17.6
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK check_web_user Show response
www.healthplansamerica.org/api/ 0
511 B 99ms
99ms XHR
text/html 69.20.75.133
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthplansamerica.org/api/check_web_user

Requested by

Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/common_scripts/leadgen/laravel/js/hpa.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.75.133 San Antonio, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.healthplansamerica.org

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: cors
Origin: https://www.healthplansamerica.org
Accept-Encoding: gzip, deflate, br
Accept-Language: de-DE,de;q=0.9
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Cookie: PHPSESSID=3465dbe93dd97d9558502bbc1c093364; mobile_detection=a%3A0%3A%7B%7D; XSRF-TOKEN=eyJpdiI6IktLQ2lab1BWRVJvbHNYWStJNEdjV2c9PSIsInZhbHVlIjoiOW1YamJSZTNUVjdZMGFlSnBpcFpmbU1idHlEQzFWRU1sc1dPWWZzRk9mRXNlN0c3QVJzdmFWSVhJNElQUUp3MWxoK08wT2NqTTBLT3d2THM1Ynh1c2c9PSIsIm1hYyI6ImViYmYxNTk3YWExYzBkOTliYzllZWE1MzYzN2I3MDRiNGZlMjIxZWU4ZThhZWFkYjUwNmI0M2FkMzgyNmM0OTYifQ%3D%3D; laravel_session=eyJpdiI6Ijd4c3NGQitENmJSRzR1VWM3eTFXVnc9PSIsInZhbHVlIjoiR2Z3NXZkR3ZQU2JPaldwZ1wvTHp0bE5YdkhLM05uVjNqaDIwM0p6cVBFV2VLcENiNDRoRkoxZ3VQTyttdzBXYWxBWllCSXFNNVNCVkZ4SkpTbFhpZmxnPT0iLCJtYWMiOiJiYzdhZmE2NTRkMmZjNTVjZjg3NmNhMDg0ZGQxYzRmZWYxMDgzZWY3YjAxZmI0NTg1YmVmMmM0NDljMDU3ZTdjIn0%3D; _ga=GA1.2.1129920534.1633276883; _gid=GA1.2.264946138.1633276883; _gat=1; _fbp=fb.1.1633276882951.425387593; _uetsid=27d3a8e0246311ecbc7937eb3e83a833; _uetvid=27d3cc70246311ec8fd561139dfe52e6; invoca_session=%7B%22ttl%22%3A%222021-11-02T16%3A01%3A23.250Z%22%2C%22session%22%3A%7B%7D%2C%22config%22%3A%7B%22ce%22%3Atrue%2C%22fv%22%3Atrue%7D%7D; leadid_token-478B1969-F034-6785-243D-D2DE64FC7F68-C03EF9DE-4523-077B-661E-F0BBDAA0049B=FD27B9DB-22BD-DE58-7698-4940E5315D8E
Connection: keep-alive
Content-Length: 0
Pragma: no-cache
Host: www.healthplansamerica.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Cache-Control: no-cache
Referer: https://www.healthplansamerica.org/quotes/bidencare?Referrer=CLFBCWK&Subreferrer=350655&Subid=614403914&utm_source=CLFBCWK&utm_medium=email&utm_content=plans&utm_campaign=BC
Sec-Fetch-Site: same-origin
Accept: */*
Referer: https://www.healthplansamerica.org/quotes/bidencare?Referrer=CLFBCWK&Subreferrer=350655&Subid=614403914&utm_source=CLFBCWK&utm_medium=email&utm_content=plans&utm_campaign=BC
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 03 Oct 2021 16:01:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate no-cache
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H/1.1 200
OK phone_imp.php Show response
www.healthplansamerica.org/common_scripts/omg/pxl/ 0
486 B 162ms
162ms XHR
text/html 69.20.75.133
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthplansamerica.org/common_scripts/omg/pxl/phone_imp.php?pn=8552362040&url=www.healthplansamerica.org%2Fquotes%2Fbidencare%3FReferrer%3DCLFBCWK%26Subreferrer%3D350655%26Subid%3D614403914%26utm_source%3DCLFBCWK%26utm_medium%3Demail%26utm_content%3Dplans%26utm_campaign%3DBC

Requested by

Host: www.healthplansamerica.org
URL: https://www.healthplansamerica.org/common_scripts/leadgen/laravel/js/hpa.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

69.20.75.133 San Antonio, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.healthplansamerica.org

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: cors
Origin: https://www.healthplansamerica.org
Accept-Encoding: gzip, deflate, br
Accept-Language: de-DE,de;q=0.9
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Cookie: PHPSESSID=3465dbe93dd97d9558502bbc1c093364; mobile_detection=a%3A0%3A%7B%7D; XSRF-TOKEN=eyJpdiI6IktLQ2lab1BWRVJvbHNYWStJNEdjV2c9PSIsInZhbHVlIjoiOW1YamJSZTNUVjdZMGFlSnBpcFpmbU1idHlEQzFWRU1sc1dPWWZzRk9mRXNlN0c3QVJzdmFWSVhJNElQUUp3MWxoK08wT2NqTTBLT3d2THM1Ynh1c2c9PSIsIm1hYyI6ImViYmYxNTk3YWExYzBkOTliYzllZWE1MzYzN2I3MDRiNGZlMjIxZWU4ZThhZWFkYjUwNmI0M2FkMzgyNmM0OTYifQ%3D%3D; laravel_session=eyJpdiI6Ijd4c3NGQitENmJSRzR1VWM3eTFXVnc9PSIsInZhbHVlIjoiR2Z3NXZkR3ZQU2JPaldwZ1wvTHp0bE5YdkhLM05uVjNqaDIwM0p6cVBFV2VLcENiNDRoRkoxZ3VQTyttdzBXYWxBWllCSXFNNVNCVkZ4SkpTbFhpZmxnPT0iLCJtYWMiOiJiYzdhZmE2NTRkMmZjNTVjZjg3NmNhMDg0ZGQxYzRmZWYxMDgzZWY3YjAxZmI0NTg1YmVmMmM0NDljMDU3ZTdjIn0%3D; _ga=GA1.2.1129920534.1633276883; _gid=GA1.2.264946138.1633276883; _gat=1; _fbp=fb.1.1633276882951.425387593; _uetsid=27d3a8e0246311ecbc7937eb3e83a833; _uetvid=27d3cc70246311ec8fd561139dfe52e6; invoca_session=%7B%22ttl%22%3A%222021-11-02T16%3A01%3A23.250Z%22%2C%22session%22%3A%7B%7D%2C%22config%22%3A%7B%22ce%22%3Atrue%2C%22fv%22%3Atrue%7D%7D; leadid_token-478B1969-F034-6785-243D-D2DE64FC7F68-C03EF9DE-4523-077B-661E-F0BBDAA0049B=FD27B9DB-22BD-DE58-7698-4940E5315D8E; omg_visit_id=6159d3d3e69ca5218
Connection: keep-alive
Content-Length: 0
Pragma: no-cache
Host: www.healthplansamerica.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Cache-Control: no-cache
Referer: https://www.healthplansamerica.org/quotes/bidencare?Referrer=CLFBCWK&Subreferrer=350655&Subid=614403914&utm_source=CLFBCWK&utm_medium=email&utm_content=plans&utm_campaign=BC
Sec-Fetch-Site: same-origin
Accept: */*
Referer: https://www.healthplansamerica.org/quotes/bidencare?Referrer=CLFBCWK&Subreferrer=350655&Subid=614403914&utm_source=CLFBCWK&utm_medium=email&utm_content=plans&utm_campaign=BC
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 03 Oct 2021 16:01:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 hub Show response
api.pushnami.com/scripts/v1/ Frame 765C 2 KB
2 KB 7ms
7ms Document
text/html 13.32.99.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pushnami.com/scripts/v1/hub

Requested by

Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/58a34f3625ceb64f65edb3a4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-63.fra60.r.cloudfront.net

Software

Resource Hash

2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' *
X-Content-Security-Policy	default-src 'unsafe-inline' *

Request headers

:method: GET
:authority: api.pushnami.com
:scheme: https
:path: /scripts/v1/hub
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.healthplansamerica.org/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/

Response headers

content-type: text/html; charset=utf-8
date: Sun, 03 Oct 2021 15:32:34 GMT
access-control-allow-origin: *
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: X-Requested-With
content-security-policy: default-src 'unsafe-inline' *
x-content-security-policy: default-src 'unsafe-inline' *
x-webkit-csp: default-src 'unsafe-inline' *
cache-control: no-cache
content-encoding: gzip
x-edge-origin-shield-skipped: 0
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: XcbN2HD0p4zhdtjr4MlsdB70Bb1hFfayaRCYDysM4gO1lsskPJ6shw==
age: 1730

GET
H2 200 config.json Show response
cdn.acsbapp.com/cache/app/healthplansamerica.org/ 136 B
322 B 267ms
85ms Fetch
application/json 206.189.187.108
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.acsbapp.com/cache/app/healthplansamerica.org/config.json
Requested by: Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 206.189.187.108 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: cdn103.acsbapp.com
Software: /
Resource Hash: 9100bba724d9eac84491a0306f510197d86c66e15244356c2ea733b679beeda6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 03 Oct 2021 16:01:24 GMT
last-modified: Sun, 03 Oct 2021 03:51:32 GMT
etag: "88-615928c4-742ee99a1ec7388;;;"
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=432000 public
accept-ranges: bytes
access-control-allow-headers: *
content-length: 136
expires: Mon, 04 Oct 2021 16:01:24 GMT

POST
H2 200 psp Show response
psp.pushnami.com/api/ 2 B
231 B 116ms
116ms Fetch
text/html 54.159.124.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/58a34f3625ceb64f65edb3a4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.159.124.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-159-124-237.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept: application/json, text/plain, */*
Referer: https://www.healthplansamerica.org/
key: 58a34f3625ceb64f65edb3a4
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.healthplansamerica.org
date: Sun, 03 Oct 2021 16:01:24 GMT
cache-control: no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: accept-encoding
content-type: text/html; charset=utf-8

OPTIONS
H2 200 psp
psp.pushnami.com/api/ Frame 0
0 305ms
100ms Preflight
application/json 54.159.124.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Protocol: H2
Server: 54.159.124.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-159-124-237.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: key
Origin: https://www.healthplansamerica.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 03 Oct 2021 16:01:24 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.healthplansamerica.org
access-control-allow-credentials: true
access-control-expose-headers: content-type, content-length, etag
access-control-max-age: 600
access-control-allow-headers: key
access-control-allow-methods: POST
cache-control: no-cache
vary: accept-encoding
content-encoding: gzip

GET
H2 200 en.build.json Show response
cdn.acsbapp.com/cache/app/ 202 KB
20 KB 85ms
85ms Fetch
application/json 206.189.187.108
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.acsbapp.com/cache/app/en.build.json
Requested by: Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 206.189.187.108 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: cdn103.acsbapp.com
Software: /
Resource Hash: c4dc68c6524c58982db12c3aa67423f07d0db4bd2c5e61c2b57032593d29b7bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.healthplansamerica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 03 Oct 2021 16:01:24 GMT
content-encoding: br
last-modified: Mon, 27 Sep 2021 06:25:03 GMT
etag: "32729-615163bf-96d48e652bb7fd79;br"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=432000 public
accept-ranges: bytes
access-control-allow-headers: *
content-length: 20161
expires: Mon, 04 Oct 2021 16:01:24 GMT

POST
H2 200 Snap Show response
create.leadid.com/2.11.7/ 0
298 B 481ms
195ms XHR
text/plain 52.200.243.50
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.11.7/Snap?msn=4&pid=47967835-b2c5-434c-bf48-05f92282a1a4&token=FD27B9DB-22BD-DE58-7698-4940E5315D8E&_=625500554
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/c03ef9de-4523-077b-661e-f0bbdaa0049b.js?snippet_version=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.200.243.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-200-243-50.compute-1.amazonaws.com
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.healthplansamerica.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 03 Oct 2021 16:01:25 GMT
content-encoding: gzip
server: nginx/1.17.6
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 InitFormData Show response
create.leadid.com/2.11.7/ 0
298 B 111ms
110ms XHR
text/plain 52.200.243.50
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.11.7/InitFormData?msn=5&pid=47967835-b2c5-434c-bf48-05f92282a1a4&token=FD27B9DB-22BD-DE58-7698-4940E5315D8E&_=625500555
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/c03ef9de-4523-077b-661e-f0bbdaa0049b.js?snippet_version=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.200.243.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-200-243-50.compute-1.amazonaws.com
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.healthplansamerica.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 03 Oct 2021 16:01:25 GMT
content-encoding: gzip
server: nginx/1.17.6
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 Snap Show response
create.leadid.com/2.11.7/ 0
298 B 386ms
291ms XHR
text/plain 52.200.243.50
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.11.7/Snap?msn=6&pid=47967835-b2c5-434c-bf48-05f92282a1a4&token=FD27B9DB-22BD-DE58-7698-4940E5315D8E&_=625500556
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/c03ef9de-4523-077b-661e-f0bbdaa0049b.js?snippet_version=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.200.243.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-200-243-50.compute-1.amazonaws.com
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.healthplansamerica.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 03 Oct 2021 16:01:26 GMT
content-encoding: gzip
server: nginx/1.17.6
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 Snap Show response
create.leadid.com/2.11.7/ 0
298 B 427ms
195ms XHR
text/plain 52.200.243.50
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.11.7/Snap?msn=7&pid=47967835-b2c5-434c-bf48-05f92282a1a4&token=FD27B9DB-22BD-DE58-7698-4940E5315D8E&_=625500557
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/c03ef9de-4523-077b-661e-f0bbdaa0049b.js?snippet_version=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.200.243.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-200-243-50.compute-1.amazonaws.com
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.healthplansamerica.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 03 Oct 2021 16:01:26 GMT
content-encoding: gzip
server: nginx/1.17.6
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: trc.pushnami.com
URL: https://trc.pushnami.com/api/push/track

Domain: trc.pushnami.com
URL: https://trc.pushnami.com/api/push/track

Verdicts & Comments Add Verdict or Comment

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
cuttingedgeteh.com/	1970-01-19 22:25:51	Name: uid2349 Value: 614403914-20211003120120-a2527708b50f743ac0f7ed22ffc9d8d2-
www.healthplansamerica.org/	1969-12-31 23:59:59	Name: PHPSESSID Value: 3465dbe93dd97d9558502bbc1c093364
.www.healthplansamerica.org/	1970-01-19 21:42:43	Name: mobile_detection Value: a%3A0%3A%7B%7D
www.healthplansamerica.org/	1970-01-19 21:41:24	Name: XSRF-TOKEN Value: eyJpdiI6IktLQ2lab1BWRVJvbHNYWStJNEdjV2c9PSIsInZhbHVlIjoiOW1YamJSZTNUVjdZMGFlSnBpcFpmbU1idHlEQzFWRU1sc1dPWWZzRk9mRXNlN0c3QVJzdmFWSVhJNElQUUp3MWxoK08wT2NqTTBLT3d2THM1Ynh1c2c9PSIsIm1hYyI6ImViYmYxNTk3YWExYzBkOTliYzllZWE1MzYzN2I3MDRiNGZlMjIxZWU4ZThhZWFkYjUwNmI0M2FkMzgyNmM0OTYifQ%3D%3D
www.healthplansamerica.org/	1970-01-19 21:41:24	Name: laravel_session Value: eyJpdiI6Ijd4c3NGQitENmJSRzR1VWM3eTFXVnc9PSIsInZhbHVlIjoiR2Z3NXZkR3ZQU2JPaldwZ1wvTHp0bE5YdkhLM05uVjNqaDIwM0p6cVBFV2VLcENiNDRoRkoxZ3VQTyttdzBXYWxBWllCSXFNNVNCVkZ4SkpTbFhpZmxnPT0iLCJtYWMiOiJiYzdhZmE2NTRkMmZjNTVjZjg3NmNhMDg0ZGQxYzRmZWYxMDgzZWY3YjAxZmI0NTg1YmVmMmM0NDljMDU3ZTdjIn0%3D
.healthplansamerica.org/	1970-01-20 15:12:28	Name: _ga Value: GA1.2.1129920534.1633276883
.healthplansamerica.org/	1970-01-19 21:42:43	Name: _gid Value: GA1.2.264946138.1633276883
.healthplansamerica.org/	1970-01-19 21:41:16	Name: _gat Value: 1
.bing.com/	1970-01-20 07:02:52	Name: MUID Value: 24D42F9C25BB6073214F3F5924F9615C
.healthplansamerica.org/	1970-01-19 23:50:52	Name: _fbp Value: fb.1.1633276882951.425387593
.healthplansamerica.org/	1970-01-19 21:42:43	Name: _uetsid Value: 27d3a8e0246311ecbc7937eb3e83a833
.healthplansamerica.org/	1970-01-20 07:02:52	Name: _uetvid Value: 27d3cc70246311ec8fd561139dfe52e6
.healthplansamerica.org/	1970-02-25 09:41:16	Name: invoca_session Value: %7B%22ttl%22%3A%222021-11-02T16%3A01%3A23.250Z%22%2C%22session%22%3A%7B%7D%2C%22config%22%3A%7B%22ce%22%3Atrue%2C%22fv%22%3Atrue%7D%7D
www.healthplansamerica.org/	1970-01-19 21:41:17	Name: leadid_token-478B1969-F034-6785-243D-D2DE64FC7F68-C03EF9DE-4523-077B-661E-F0BBDAA0049B Value: FD27B9DB-22BD-DE58-7698-4940E5315D8E
.deviceid.trueleadid.com/	1970-01-25 20:28:19	Name: uuid Value: 0fd7521d92d8432a9a49f3f8b3ebccb7
www.healthplansamerica.org/	1969-12-31 23:59:59	Name: omg_visit_id Value: 6159d3d3e69ca5218

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	URL: https://script.anura.io/request.js?instance=2761973509&source=CLFBCWK&campaign=350655-HPA&variable=AnuraResponse&359712864121(Line 14) Message: 'window.webkitStorageInfo' is deprecated. Please use 'navigator.webkitTemporaryStorage' or 'navigator.webkitPersistentStorage' instead.
deprecation	warning	URL: https://www.healthplansamerica.org/common_scripts/leadgen/laravel/js/hpa.js(Line 2) Message: Synchronous XMLHttpRequest on the main thread is deprecated because of its detrimental effects to the end user's experience. For more help, check https://xhr.spec.whatwg.org/.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acsbapp.com
api.pushnami.com
bat.bing.com
cdn.acsbapp.com
connect.facebook.net
create.leadid.com
create.lidstatic.com
cuttingedgeteh.com
d2m2wsoho8qq12.cloudfront.net
despacito.sa.com
deviceid.trueleadid.com
fonts.googleapis.com
fonts.gstatic.com
psp.pushnami.com
script.anura.io
secure.apolloi.com
solutions.invocacdn.com
storage.googleapis.com
trc.pushnami.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.healthplansamerica.org
trc.pushnami.com
104.22.39.182
107.172.12.219
13.107.21.200
13.32.99.63
142.250.181.240
142.250.184.227
142.250.186.142
172.217.16.136
172.217.16.138
18.133.97.68
18.66.97.87
188.246.230.30
206.189.187.108
208.68.39.149
31.13.92.14
31.13.92.36
52.2.22.185
52.200.243.50
52.222.206.97
54.159.124.237
69.20.75.133
69.20.94.14
078e7a60b04ee3e147dc98ff75aea55b9685f51292fec211e9bb9f4f567b627d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
25691b4cadbc6312d4968d44601681557ab0c8dc4cef73a82ff00171ba2bad31
2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4
2bc2179dbcac09de834853fc91b815d3bea8112276b7b789f610078d399bcb47
355569aefdac8f58d387e7bfbe652c048aa3e1c892d2de60933896fb5e564dee
39c09707ddc485a2b7497330fdef55c3a36e619172d3c49b8679bcb767928fbe
434466b59545a8a1cac6ddb38197cdc6b35995a98c3f3812fb88d61b1c300dd3
43c0ce389677e908927c7c204a60cac80af5eacb970ad2eed4aa86705ac49139
4e2d95df10e65f48daac2dcbad2cc0ef091610b5d5f77e4be8ad56a2e5aed241
56337bcd64ec0c378ed96e2128f9ffb7b6eee73bfa6db3e2f12f519225f1feec
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
59855fb273cce24eaff91d16cdb093b5b26a2bdca96f6a5ec4d95d81d657e929
5f5471385485dd010cece4e82b5eec41d05c38c3d3f93643fcb646ecde1f2abd
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a
69121f74c87d0d76bd3071030cb983f8630fcd881af8eb9b061adf5b6984ce97
7a0b93a621d4d143fd76450db617ec155df624ee067129fbca604bd4bec33ec2
7d195da4a55ea70d7f75510fbd35de02d19c5441500edca7ec535a4b8f0ca72d
812d23b39327da1d5f250356e1800060b80f8476bf990b2e890fc2bcc3edb2a1
889e5b0e0831a15afbf0a7afe2916c25500b2fa6abb5f62727b0c245415a5f12
9100bba724d9eac84491a0306f510197d86c66e15244356c2ea733b679beeda6
95704bbd86118a73f19660d327c6ac000e7e5bd1aaa3c7be911c889079ceeb53
9db486b793818767df46d728b5d8729af5a1bf5abc9d4e524ce30206f8fcf042
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a222721aed04515c2ef6d2273ff15b27d20a743531f8fe607ae5cd534b01e996
a592564b9b2d607aa653f3ca77adba6b405022dd91b1dfc9edf789a4eb02b953
aa711cb743caa96b19557672470e7ded8e47d3d7902a60a86ec2f845fba252ca
aaac1ee6b9c6440ad1693c509e910730abc89c7f19f171d87d8a96bdbef8819c
abf55d853f3bbe3a244ea8f3b8ed9b4127f028a096fefc942020a3605433d99a
b913028cae336af75686538cf833779bac3d2e42701ac7800415dfe3d32a76d0
c1a6dceca196282a843e1d6dcdff4257db81ffa1c11d3ad38f1f359f1751551a
c435a36c4117826fc7b7b8023aaf45d65e59bcb814c8f1b1e28bea7c49318c13
c4dc68c6524c58982db12c3aa67423f07d0db4bd2c5e61c2b57032593d29b7bf
ca1a9f03bbdbe056384418390b9e6896e1159dee2c0a793dfa66344f303f2953
d6161588949f47302434f6823615e1931625964196861222e7b429807014edd1
dbb06737202fe9475adff6ac222c76e2bdc65d8662a93e013ca530a9be2edee9
dea92681f53237877d78e6b652197caa1f0010ebf9d177468d204423c74fac98
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4ffbef72cac2936a5add276b7011e85dc1d9be6708cf11996584a7e7eb58f6b
ea9ecd90c56a640800680d99ad67544cff546780c8051c7710f699fca8c55eb0
ec3cf9d49f5df3314ae6ac1702d1c96669a5aeb259e49412d966931b32a812d0
f2ed87e538d30c68de1b937fbfcdf73773f8e8c21497efe24de65dbf21d1519f
f436e57203e5d60fe8ac1c1754faa9924d6de843fd376e9b71af8b5228e825da
fa4241715b942ec0257a7765c4a5517e94e32d43bf0f1016a794d37850d621de
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

www.healthplansamerica.org Open in urlscan Pro 69.20.75.133 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

64 Requests

95 %HTTPS

0 %IPv6

19 Domains

23 Subdomains

23 IPs

5 Countries

1342 kBTransfer

3611 kBSize

16 Cookies

1 Outgoing links

Page URL History

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.healthplansamerica.org Open in urlscan Pro
69.20.75.133 Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

95 %
HTTPS

0 %
IPv6

19
Domains

23
Subdomains

23
IPs

5
Countries

1342 kB
Transfer

3611 kB
Size

16
Cookies

64 HTTP transactions
3 data transactions