healthsubsidy-gov.com Open in urlscan Pro
2a02:4780:33:a6d:8440:5b79:b743:63b4 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://6kof1.quest/
Effective URL:
https://healthsubsidy-gov.com/?utm_source=quest&utm_medium=wizz&utm_campaign=eml
Submission: On April 14 via api (April 14th 2024, 2:22:27 am UTC) from BE — Scanned from DE

Summary HTTP 21 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 7 IPs in 4 countries across 6 domains to perform 21 HTTP transactions. The main IP is 2a02:4780:33:a6d:8440:5b79:b743:63b4, located in Cyprus and belongs to AS-HOSTINGER, CY. The main domain is healthsubsidy-gov.com.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on April 13th 2024. Valid for: 3 months.

This is the only time healthsubsidy-gov.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	162.255.119.99 162.255.119.99	22612 (NAMECHEAP...) (NAMECHEAP-NET)
6	2a02:4780:33:... 2a02:4780:33:a6d:8440:5b79:b743:63b4	47583 (AS-HOSTINGER) (AS-HOSTINGER)
2	104.16.224.240 104.16.224.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
3	2600:9000:223... 2600:9000:223f:5800:f:e793:dc40:21	16509 (AMAZON-02) (AMAZON-02)
2	154.41.250.135 154.41.250.135	47583 (AS-HOSTINGER) (AS-HOSTINGER)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
21	7

1 162.255.119.99 (United States) 1 redirects

ASN22612 (NAMECHEAP-NET, US)

6kof1.quest	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:4780:33:a6d:8440:5b79:b743:63b4 (Cyprus)

ASN47583 (AS-HOSTINGER, CY)

healthsubsidy-gov.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.224.240 (None, )

ASN13335 (CLOUDFLARENET, US)

static.getclicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
in.getclicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:223f:5800:f:e793:dc40:21 (United States)

ASN16509 (AMAZON-02, US)

d3syewzhvzylbl.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 154.41.250.135 (Asheville, United States)

ASN47583 (AS-HOSTINGER, CY)

healthsubsidy-gov.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	healthsubsidy-gov.com healthsubsidy-gov.com	215 KB
3	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2548	366 B
3	cloudfront.net d3syewzhvzylbl.cloudfront.net	163 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	266 KB
2	getclicky.com static.getclicky.com — Cisco Umbrella Rank: 12126 in.getclicky.com — Cisco Umbrella Rank: 10860	6 KB
1	6kof1.quest 1 redirects 6kof1.quest	297 B
21	6

	Domain	Requested by
8	healthsubsidy-gov.com	healthsubsidy-gov.com
3	region1.google-analytics.com	www.googletagmanager.com
3	d3syewzhvzylbl.cloudfront.net	healthsubsidy-gov.com
3	www.googletagmanager.com	healthsubsidy-gov.com www.googletagmanager.com
1	in.getclicky.com	static.getclicky.com
1	static.getclicky.com	healthsubsidy-gov.com
1	6kof1.quest	1 redirects
21	7

This site contains links to these domains. Also see Links.

Domain
pcctrack.com

Subject Issuer	Validity	Valid
healthsubsidy-gov.com ZeroSSL RSA Domain Secure Site CA	`2024-04-13` - `2024-07-12`	3 months	crt.sh
*.getclicky.com E1	`2024-03-30` - `2024-06-28`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://healthsubsidy-gov.com/?utm_source=quest&utm_medium=wizz&utm_campaign=eml
Frame ID: 6F0A8B5B8259F87967E3AC4E3694A2B5
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Claim $6,400* Health Credit Allowance For Everyday Expenses At NO-COST!

Page URL History Show full URLs

http://6kof1.quest/ HTTP 307
https://6kof1.quest/ HTTP 307
http://6kof1.quest/ HTTP 302
https://healthsubsidy-gov.com/?utm_source=quest&utm_medium=wizz&utm_campaign=eml Page URL

Detected technologies

Clicky (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.getclicky\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

90 %
HTTPS

57 %
IPv6

6
Domains

7
Subdomains

7
IPs

4
Countries

650 kB
Transfer

1759 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://pcctrack.com/?offer=178&uid=13179cdc-7066-4139-aef6-9a06cc275e32&utm_source=healthsubsidy-medicad
Title: Check Your Eligibility Now

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://6kof1.quest/ HTTP 307
https://6kof1.quest/ HTTP 307
http://6kof1.quest/ HTTP 302
https://healthsubsidy-gov.com/?utm_source=quest&utm_medium=wizz&utm_campaign=eml Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
healthsubsidy-gov.com/
Redirect Chain

http://6kof1.quest/
https://6kof1.quest/
http://6kof1.quest/
https://healthsubsidy-gov.com/?utm_source=quest&utm_medium=wizz&utm_campaign=eml

24 KB
4 KB

585ms
466ms

Document
text/html

2a02:4780:33:a6d:8440:5b79:b743:63b4
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://healthsubsidy-gov.com/?utm_source=quest&utm_medium=wizz&utm_campaign=eml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:33:a6d:8440:5b79:b743:63b4 , Cyprus, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

5c2ad7a8424d0243b06fbe161ffe9bf1abe628cf659eff5ddd099f06cd630604

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-encoding: br
content-length: 3659
content-security-policy: upgrade-insecure-requests
content-type: text/html
date: Sun, 14 Apr 2024 02:22:20 GMT
etag: "5f5a-66191882-376817816eb028e0;br"
last-modified: Fri, 12 Apr 2024 11:18:26 GMT
platform: hostinger
server: hcdn
x-hcdn-cache-status: DYNAMIC
x-hcdn-request-id: 97e623a3eaa4faa2f6c04f42683d80c8-srv-edge4
x-hcdn-upstream-rt: 0.435

Redirect headers

Connection: keep-alive
Content-Length: 103
Content-Type: text/html; charset=utf-8
Date: Sun, 14 Apr 2024 02:22:19 GMT
Location: https://healthsubsidy-gov.com/?utm_source=quest&utm_medium=wizz&utm_campaign=eml
Server: namecheap-nginx
X-Served-By: Namecheap URL Forward

GET
H2 200 style.css
healthsubsidy-gov.com/css/ 56 KB
4 KB 475ms
474ms Stylesheet
text/css 2a02:4780:33:a6d:8440:5b79:b743:63b4
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://healthsubsidy-gov.com/css/style.css

Requested by

Host: healthsubsidy-gov.com
URL: https://healthsubsidy-gov.com/?utm_source=quest&utm_medium=wizz&utm_campaign=eml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:33:a6d:8440:5b79:b743:63b4 , Cyprus, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

a4be574e9a8e1d723e4ba1032f9783e47826fc07e4948449f50eccec521b3979

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://healthsubsidy-gov.com/?utm_source=quest&utm_medium=wizz&utm_campaign=eml
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 02:22:21 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
content-length: 3331
x-hcdn-cache-status: MISS
last-modified: Thu, 11 Apr 2024 12:14:53 GMT
server: hcdn
etag: "df70-6617d43d-c426484488cf7142;br"
x-hcdn-request-id: b7edf326cbe1a801ea1823a1f2b29cd4-srv-edge4
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
x-hcdn-upstream-rt: 0.443
accept-ranges: bytes
platform: hostinger
expires: Sun, 21 Apr 2024 02:22:20 GMT

GET
H2 200 all.min.css
healthsubsidy-gov.com/css/ 488 KB
78 KB 482ms
481ms Stylesheet
text/css 2a02:4780:33:a6d:8440:5b79:b743:63b4
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://healthsubsidy-gov.com/css/all.min.css

Requested by

Host: healthsubsidy-gov.com
URL: https://healthsubsidy-gov.com/?utm_source=quest&utm_medium=wizz&utm_campaign=eml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:33:a6d:8440:5b79:b743:63b4 , Cyprus, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

4ebfe9cddb1176ee4025f16e2b44c45e6cbe70b9b588df76b6806e6daf673538

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://healthsubsidy-gov.com/?utm_source=quest&utm_medium=wizz&utm_campaign=eml
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 02:22:21 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
content-length: 79422
x-hcdn-cache-status: MISS
last-modified: Thu, 11 Apr 2024 12:14:50 GMT
server: hcdn
etag: "79edc-6617d43a-72c4940dd5ade532;br"
x-hcdn-request-id: 3b5f5d300536ce2e00549528cc081b2b-srv-edge4
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
x-hcdn-upstream-rt: 0.444
accept-ranges: bytes
platform: hostinger
expires: Sun, 21 Apr 2024 02:22:20 GMT

GET
H2 200 jquery-3.6.0.min.js Show response
healthsubsidy-gov.com/js/ 87 KB
30 KB 492ms
492ms Script
application/x-javascript 2a02:4780:33:a6d:8440:5b79:b743:63b4
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://healthsubsidy-gov.com/js/jquery-3.6.0.min.js

Requested by

Host: healthsubsidy-gov.com
URL: https://healthsubsidy-gov.com/?utm_source=quest&utm_medium=wizz&utm_campaign=eml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:33:a6d:8440:5b79:b743:63b4 , Cyprus, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://healthsubsidy-gov.com/?utm_source=quest&utm_medium=wizz&utm_campaign=eml
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 02:22:21 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
content-length: 30021
x-hcdn-cache-status: MISS
last-modified: Thu, 11 Apr 2024 12:14:55 GMT
server: hcdn
etag: "15d9d-6617d43f-e46c4d9c7452a5df;br"
x-hcdn-request-id: 3ffc0a6fdd88b861c91dc54acf9e687b-srv-edge4
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
x-hcdn-upstream-rt: 0.459
accept-ranges: bytes
platform: hostinger
expires: Sun, 21 Apr 2024 02:22:20 GMT

GET
H2 200 step.css
healthsubsidy-gov.com/css/ 51 KB
7 KB 493ms
492ms Stylesheet
text/css 2a02:4780:33:a6d:8440:5b79:b743:63b4
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://healthsubsidy-gov.com/css/step.css

Requested by

Host: healthsubsidy-gov.com
URL: https://healthsubsidy-gov.com/?utm_source=quest&utm_medium=wizz&utm_campaign=eml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:33:a6d:8440:5b79:b743:63b4 , Cyprus, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

db5db2040307a3218dfc73aa323664d9f51fd0d29030ea465605f691cc31811d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://healthsubsidy-gov.com/?utm_source=quest&utm_medium=wizz&utm_campaign=eml
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 02:22:21 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
content-length: 6430
x-hcdn-cache-status: MISS
last-modified: Thu, 11 Apr 2024 12:14:49 GMT
server: hcdn
etag: "ca7b-6617d439-d42976e44eedee88;br"
x-hcdn-request-id: b2b5981a2afaa1f1eac86c5e4f61c31b-srv-edge4
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
x-hcdn-upstream-rt: 0.459
accept-ranges: bytes
platform: hostinger
expires: Sun, 21 Apr 2024 02:22:21 GMT

GET
H3 200 js Show response
static.getclicky.com/ 15 KB
6 KB 75ms
31ms Script
text/javascript 104.16.224.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.getclicky.com/js
Requested by: Host: healthsubsidy-gov.com
URL: https://healthsubsidy-gov.com/?utm_source=quest&utm_medium=wizz&utm_campaign=eml
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.224.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1ff344c29dfe132c4d5663981d939562a86bed8413984f812c02a6a3bae80a4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://healthsubsidy-gov.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 02:22:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 09 Apr 2024 00:56:13 GMT
server: cloudflare
age: 437166
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 87403a473e1ebb67-FRA
alt-svc: h3=":443"; ma=86400
x-proxy-cache: HIT

GET
H2 200 step.js Show response
healthsubsidy-gov.com/js/ 6 KB
1 KB 482ms
481ms Script
application/x-javascript 2a02:4780:33:a6d:8440:5b79:b743:63b4
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://healthsubsidy-gov.com/js/step.js

Requested by

Host: healthsubsidy-gov.com
URL: https://healthsubsidy-gov.com/?utm_source=quest&utm_medium=wizz&utm_campaign=eml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:33:a6d:8440:5b79:b743:63b4 , Cyprus, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

99ba0b1d64a1d027049e561351e638d6db534689757af1a47a322302bf322172

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://healthsubsidy-gov.com/?utm_source=quest&utm_medium=wizz&utm_campaign=eml
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 02:22:21 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
content-length: 1017
x-hcdn-cache-status: MISS
last-modified: Thu, 11 Apr 2024 12:14:55 GMT
server: hcdn
etag: "1715-6617d43f-3e96f8e254ef95ab;br"
x-hcdn-request-id: bef5478cb474e039c175e7406c261f9b-srv-edge4
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
x-hcdn-upstream-rt: 0.449
accept-ranges: bytes
platform: hostinger
expires: Sun, 21 Apr 2024 02:22:21 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 190 KB
68 KB 93ms
39ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TCVMJ2H6

Requested by

Host: healthsubsidy-gov.com
URL: https://healthsubsidy-gov.com/?utm_source=quest&utm_medium=wizz&utm_campaign=eml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

908907b6eed1c683654022e98f0c4ddbfe5743c26766b4598809df873ff3e186

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://healthsubsidy-gov.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 02:22:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69609
x-xss-protection: 0
last-modified: Sun, 14 Apr 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 14 Apr 2024 02:22:21 GMT

GET
H2 200 700.woff2
d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/montserrat/ 55 KB
55 KB 86ms
25ms Font
font/woff2 2600:9000:223f:5800:f:e793:dc40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/montserrat/700.woff2
Requested by: Host: healthsubsidy-gov.com
URL: https://healthsubsidy-gov.com/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5800:f:e793:dc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 83dd6ed4f17ef7cafa58a15d1ceb20256c208477b7b7dc44055cd43abe88c3d8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://healthsubsidy-gov.com/
Origin: https://healthsubsidy-gov.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 06:40:59 GMT
via: 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 70891
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 56168
last-modified: Fri, 14 Apr 2023 06:24:30 GMT
server: AmazonS3
etag: "dc7f9f814ed82f63e1e23faa04792513"
access-control-max-age: 31536000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: wEc5c9YMNR8V_Ak-WPM-YDy9HE0A3lQAB0Uwo-F3I_d3iQ8asdMyeg==

GET
H2 200 regular.woff2
d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/montserrat/ 54 KB
54 KB 113ms
52ms Font
font/woff2 2600:9000:223f:5800:f:e793:dc40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/montserrat/regular.woff2
Requested by: Host: healthsubsidy-gov.com
URL: https://healthsubsidy-gov.com/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5800:f:e793:dc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6c55359c2badcb06edc896bccd3618919ec54035299f1f5db5c6cafd5e8933cf

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://healthsubsidy-gov.com/
Origin: https://healthsubsidy-gov.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 04:30:58 GMT
via: 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 78689
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 55160
last-modified: Fri, 14 Apr 2023 06:24:30 GMT
server: AmazonS3
etag: "39cdece7149132b8bce63dc6e5d36c9a"
access-control-max-age: 31536000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: KBqSS7EjSOsGTsDxDupMoXvSQzBqDq46aNsb4Zr9y6nnmFXNHtE3Gw==

GET
H2 200 300.woff2
d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/montserrat/ 53 KB
54 KB 127ms
67ms Font
font/woff2 2600:9000:223f:5800:f:e793:dc40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/montserrat/300.woff2
Requested by: Host: healthsubsidy-gov.com
URL: https://healthsubsidy-gov.com/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5800:f:e793:dc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e691cd31ffe3c2afb0230f46cefd3689fee4237a598340cf71ceacac220d4c72

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://healthsubsidy-gov.com/
Origin: https://healthsubsidy-gov.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 07:45:43 GMT
via: 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 66999
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 54488
last-modified: Fri, 14 Apr 2023 06:24:29 GMT
server: AmazonS3
etag: "25fe9360e3163734f57cd4bf82fe7d41"
access-control-max-age: 31536000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: wDQUpIu_bl1p3hV3hbO930fKNdq26csK5iDD3JH377qzfk0CLUv2EQ==

GET
H3 200 65f1c829d4739_norton-secured-logo-png.png
healthsubsidy-gov.com/images/ 30 KB
30 KB 497ms
496ms Image
image/webp 154.41.250.135
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://healthsubsidy-gov.com/images/65f1c829d4739_norton-secured-logo-png.png
Requested by: Host: healthsubsidy-gov.com
URL: https://healthsubsidy-gov.com/?utm_source=quest&utm_medium=wizz&utm_campaign=eml
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 154.41.250.135 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: 9e94d6594c5ae959f4bd770456fbaa0636514fd3e5e96c372f6de06296306fe6

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://healthsubsidy-gov.com/?utm_source=quest&utm_medium=wizz&utm_campaign=eml
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 02:22:21 GMT
x-hcdn-cache-status: MISS
server: hcdn
x-hcdn-request-id: 98ac6abf6eb8ec0f147b8ab789dd920f-bos-edge2
content-type: image/webp
cache-control: public, max-age=604800
x-hcdn-image-optimizer: f:webp q:85 w:1600
x-hcdn-upstream-rt: 0.383
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 30436

GET 65f1c76825704_bigsavingfinder-logo.png
healthsubsidy-gov.com/images/ 0
0

GET
H3 200 65f1ca758c49b_satifaction.png
healthsubsidy-gov.com/images/ 61 KB
62 KB 511ms
511ms Image
image/webp 154.41.250.135
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://healthsubsidy-gov.com/images/65f1ca758c49b_satifaction.png
Requested by: Host: healthsubsidy-gov.com
URL: https://healthsubsidy-gov.com/?utm_source=quest&utm_medium=wizz&utm_campaign=eml
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 154.41.250.135 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: d9848de55a6ef57bff2eb63b06726d55bc0af53f891a2c1982492208a32027d4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://healthsubsidy-gov.com/?utm_source=quest&utm_medium=wizz&utm_campaign=eml
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 02:22:21 GMT
x-hcdn-cache-status: MISS
server: hcdn
x-hcdn-request-id: cf652d65d0130957a9e8a0633ec17d37-bos-edge2
content-type: image/webp
cache-control: public, max-age=604800
x-hcdn-image-optimizer: f:webp q:85 w:1600
x-hcdn-upstream-rt: 0.397
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 62792

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 295 KB
99 KB 40ms
39ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-3FR17J5ESD&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TCVMJ2H6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5d5ac7809712f757e67f0ef8393b687ebb4f10efa03cd363f128cb84cecef236

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://healthsubsidy-gov.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 02:22:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 100832
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 14 Apr 2024 02:22:21 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 295 KB
99 KB 45ms
45ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3FR17J5ESD&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TCVMJ2H6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9fbb0b570d8980af0a6d4778fe6d0f79800dad54d735ad2753206a99da6274b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://healthsubsidy-gov.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 02:22:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 100774
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 14 Apr 2024 02:22:21 GMT

GET
H3 200 in.php Show response
in.getclicky.com/ 131 B
339 B 199ms
191ms Script
text/javascript 104.16.224.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://in.getclicky.com/in.php?site_id=101449939&href=%2F%3Futm_source%3Dquest%26utm_medium%3Dwizz%26utm_campaign%3Deml&title=Claim%20%246%2C400*%20Health%20Credit%20Allowance%20For%20Everyday%20Expenses%20At%20NO-COST!&res=1600x1200&lang=de-DE&tz=Europe%2FBerlin&tc=&ck=1&x=6ruqun
Requested by: Host: static.getclicky.com
URL: https://static.getclicky.com/js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.224.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d6c2aa0a446364169fba9251e31da41e2f618a09e3cceae2fccd617508e372f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://healthsubsidy-gov.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 02:22:21 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate, no-cache, no-store, private
cf-ray: 87403a496f10bb67-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
258 B 84ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3FR17J5ESD&gtm=45je44a0v9177914313z89177910554za200&_p=1713061341421&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=480018142.1713061342&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1713061341&sct=1&seg=0&dl=https%3A%2F%2Fhealthsubsidy-gov.com%2F%3Futm_source%3Dquest%26utm_medium%3Dwizz%26utm_campaign%3Deml&dt=Claim%20%246%2C400*%20Health%20Credit%20Allowance%20For%20Everyday%20Expenses%20At%20NO-COST!&en=pageviews&_fv=1&_nsi=1&_ss=1&tfd=4807
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3FR17J5ESD&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://healthsubsidy-gov.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 14 Apr 2024 02:22:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://healthsubsidy-gov.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 76ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3FR17J5ESD&gtm=45je44a0v9177914313z89177910554za200&_p=1713061341421&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=480018142.1713061342&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=2&sid=1713061341&sct=1&seg=1&dl=https%3A%2F%2Fhealthsubsidy-gov.com%2F%3Futm_source%3Dquest%26utm_medium%3Dwizz%26utm_campaign%3Deml&dt=Claim%20%246%2C400*%20Health%20Credit%20Allowance%20For%20Everyday%20Expenses%20At%20NO-COST!&en=page_view&_et=1&tfd=4815
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3FR17J5ESD&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://healthsubsidy-gov.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 14 Apr 2024 02:22:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://healthsubsidy-gov.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET 660678b86f7c1_1.png
healthsubsidy-gov.com/images/ 0
0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 28ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3FR17J5ESD&gtm=45je44a0v9177914313za200&_p=1713061341421&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=480018142.1713061342&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AEA&_s=3&sid=1713061341&sct=1&seg=1&dl=https%3A%2F%2Fhealthsubsidy-gov.com%2F%3Futm_source%3Dquest%26utm_medium%3Dwizz%26utm_campaign%3Deml&dt=Claim%20%246%2C400*%20Health%20Credit%20Allowance%20For%20Everyday%20Expenses%20At%20NO-COST!&en=scroll&epn.percent_scrolled=90&_et=3&tfd=9816
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3FR17J5ESD&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://healthsubsidy-gov.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 14 Apr 2024 02:22:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://healthsubsidy-gov.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: healthsubsidy-gov.com
URL: https://healthsubsidy-gov.com/images/65f1c76825704_bigsavingfinder-logo.png

Domain: healthsubsidy-gov.com
URL: https://healthsubsidy-gov.com/images/660678b86f7c1_1.png

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.healthsubsidy-gov.com/	1970-01-21 05:27:01	Name: _ga Value: GA1.1.480018142.1713061342
			.healthsubsidy-gov.com/	1970-01-21 05:27:01	Name: _ga_3FR17J5ESD Value: GS1.1.1713061341.1.1.1713061341.0.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6kof1.quest
d3syewzhvzylbl.cloudfront.net
healthsubsidy-gov.com
in.getclicky.com
region1.google-analytics.com
static.getclicky.com
www.googletagmanager.com
healthsubsidy-gov.com
104.16.224.240
154.41.250.135
162.255.119.99
2001:4860:4802:32::36
2600:9000:223f:5800:f:e793:dc40:21
2a00:1450:4001:81d::2008
2a02:4780:33:a6d:8440:5b79:b743:63b4
0d6c2aa0a446364169fba9251e31da41e2f618a09e3cceae2fccd617508e372f
4ebfe9cddb1176ee4025f16e2b44c45e6cbe70b9b588df76b6806e6daf673538
5c2ad7a8424d0243b06fbe161ffe9bf1abe628cf659eff5ddd099f06cd630604
5d5ac7809712f757e67f0ef8393b687ebb4f10efa03cd363f128cb84cecef236
6c55359c2badcb06edc896bccd3618919ec54035299f1f5db5c6cafd5e8933cf
83dd6ed4f17ef7cafa58a15d1ceb20256c208477b7b7dc44055cd43abe88c3d8
908907b6eed1c683654022e98f0c4ddbfe5743c26766b4598809df873ff3e186
99ba0b1d64a1d027049e561351e638d6db534689757af1a47a322302bf322172
9e94d6594c5ae959f4bd770456fbaa0636514fd3e5e96c372f6de06296306fe6
9fbb0b570d8980af0a6d4778fe6d0f79800dad54d735ad2753206a99da6274b9
a4be574e9a8e1d723e4ba1032f9783e47826fc07e4948449f50eccec521b3979
b1ff344c29dfe132c4d5663981d939562a86bed8413984f812c02a6a3bae80a4
d9848de55a6ef57bff2eb63b06726d55bc0af53f891a2c1982492208a32027d4
db5db2040307a3218dfc73aa323664d9f51fd0d29030ea465605f691cc31811d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e691cd31ffe3c2afb0230f46cefd3689fee4237a598340cf71ceacac220d4c72
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

healthsubsidy-gov.com Open in urlscan Pro 2a02:4780:33:a6d:8440:5b79:b743:63b4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

90 %HTTPS

57 %IPv6

6 Domains

7 Subdomains

7 IPs

4 Countries

650 kBTransfer

1759 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

healthsubsidy-gov.com Open in urlscan Pro
2a02:4780:33:a6d:8440:5b79:b743:63b4 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

90 %
HTTPS

57 %
IPv6

6
Domains

7
Subdomains

7
IPs

4
Countries

650 kB
Transfer

1759 kB
Size

2
Cookies

21 HTTP transactions
0 data transactions