www.medicare-providers.net Open in urlscan Pro
69.20.112.197 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://service.excelluabcbs.com/
Effective URL:
https://www.medicare-providers.net/plans/advantage/?Eref=Q2QCN1ZD&Subreferrer=162106&Subid=3ff8e093b7e84f049db344f2092634bd
Submission: On February 18 via api (February 18th 2023, 11:03:29 am UTC) from US — Scanned from US

Summary HTTP 65 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 25 IPs in 2 countries across 22 domains to perform 65 HTTP transactions. The main IP is 69.20.112.197, located in United States and belongs to RACKSPACE, US. The main domain is www.medicare-providers.net.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on June 15th 2022. Valid for: a year.

This is the only time www.medicare-providers.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	103.224.182.244 103.224.182.244	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
1 5	103.224.182.206 103.224.182.206	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
1 1	108.62.123.181 108.62.123.181	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
1 1	2606:4700:303... 2606:4700:3033::ac43:d6f7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	69.20.112.197 69.20.112.197	27357 (RACKSPACE) (RACKSPACE)
1	2607:f8b0:400... 2607:f8b0:4006:80a::200a	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:80f::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21e... 2600:9000:21ec:e000:f:7ab9:d180:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.205.184.167 34.205.184.167	14618 (AMAZON-AES) (AMAZON-AES)
2	69.20.94.14 69.20.94.14	27357 (RACKSPACE) (RACKSPACE)
1	142.251.40.226 142.251.40.226	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:80c::200e	15169 (GOOGLE) (GOOGLE)
5	108.139.47.67 108.139.47.67	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:10:... 2606:4700:10::6816:1cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2607:f8b0:400... 2607:f8b0:4006:81d::2003	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80c::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:26b6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	3.95.140.41 3.95.140.41	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700:10:... 2606:4700:10::ac43:b9b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	54.145.195.26 54.145.195.26	14618 (AMAZON-AES) (AMAZON-AES)
5	34.203.172.198 34.203.172.198	14618 (AMAZON-AES) (AMAZON-AES)
2	2607:f8b0:400... 2607:f8b0:4006:820::2004	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c1b::9d	15169 (GOOGLE) (GOOGLE)
1	108.138.125.96 108.138.125.96	16509 (AMAZON-02) (AMAZON-02)
1	34.238.105.34 34.238.105.34	14618 (AMAZON-AES) (AMAZON-AES)
2	3.216.213.114 3.216.213.114	() ()
65	25

2 103.224.182.244 (Australia) 2 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-244.above.com

service.excelluabcbs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 103.224.182.206 (Australia) 1 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: bidr.trellian.com

1redird.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.62.123.181 (Manassas, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

track.imgtrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:d6f7 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.frebahlem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 69.20.112.197 (United States)

ASN27357 (RACKSPACE, US)
PTR: www.medicare-providers.net

www.medicare-providers.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80a::200a (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80f::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21ec:e000:f:7ab9:d180:93a1 (United States)

ASN16509 (AMAZON-02, US)

d29u10q7qlh006.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.205.184.167 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-184-167.compute-1.amazonaws.com

insurance.mediaalpha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.20.94.14 (United States)

ASN27357 (RACKSPACE, US)
PTR: secure.apolloi.com

secure.apolloi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.226 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80c::200e (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 108.139.47.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-67.jfk50.r.cloudfront.net

api.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:1cc (United States)

ASN13335 (CLOUDFLARENET, US)

acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81d::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80c::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:26b6 (United States)

ASN13335 (CLOUDFLARENET, US)

create.lidstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.95.140.41 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-95-140-41.compute-1.amazonaws.com

script.anura.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:b9b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.145.195.26 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-145-195-26.compute-1.amazonaws.com

trc.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.203.172.198 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-172-198.compute-1.amazonaws.com

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:820::2004 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1b::9d (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.125.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-125-96.jfk50.r.cloudfront.net

d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.238.105.34 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-105-34.compute-1.amazonaws.com

deviceid.trueleadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.216.213.114 (None, )

ASN- ()

psp.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	medicare-providers.net www.medicare-providers.net	489 KB
9	pushnami.com api.pushnami.com — Cisco Umbrella Rank: 4568 trc.pushnami.com — Cisco Umbrella Rank: 4783 psp.pushnami.com	83 KB
5	leadid.com create.leadid.com — Cisco Umbrella Rank: 14251	3 KB
5	1redird.com 1 redirects 1redird.com — Cisco Umbrella Rank: 412718	8 KB
4	acsbapp.com acsbapp.com — Cisco Umbrella Rank: 3353 cdn.acsbapp.com — Cisco Umbrella Rank: 3537	199 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	64 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	207 KB
3	anura.io script.anura.io — Cisco Umbrella Rank: 49459	21 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 368	12 KB
2	google.com www.google.com — Cisco Umbrella Rank: 2	562 B
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 stats.g.doubleclick.net — Cisco Umbrella Rank: 77	2 KB
2	apolloi.com secure.apolloi.com — Cisco Umbrella Rank: 858581
2	cloudfront.net d29u10q7qlh006.cloudfront.net d2m2wsoho8qq12.cloudfront.net	10 KB
2	excelluabcbs.com 2 redirects service.excelluabcbs.com	2 KB
1	trueleadid.com deviceid.trueleadid.com — Cisco Umbrella Rank: 15651	2 KB
1	lidstatic.com create.lidstatic.com — Cisco Umbrella Rank: 22400	38 KB
1	gstatic.com fonts.gstatic.com	29 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 163	17 KB
1	mediaalpha.com insurance.mediaalpha.com — Cisco Umbrella Rank: 27820	496 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	856 B
1	frebahlem.com 1 redirects www.frebahlem.com	783 B
1	imgtrx.com 1 redirects track.imgtrx.com	923 B
65	22

	Domain	Requested by
15	www.medicare-providers.net	1redird.com www.medicare-providers.net
5	create.leadid.com	create.lidstatic.com deviceid.trueleadid.com
5	api.pushnami.com	www.medicare-providers.net api.pushnami.com
5	1redird.com	1 redirects 1redird.com
4	www.google-analytics.com	www.medicare-providers.net www.google-analytics.com www.googletagmanager.com
4	www.googletagmanager.com	www.medicare-providers.net www.googletagmanager.com
3	cdn.acsbapp.com	acsbapp.com www.medicare-providers.net
3	script.anura.io	www.medicare-providers.net script.anura.io
3	bat.bing.com	www.medicare-providers.net bat.bing.com
2	psp.pushnami.com	api.pushnami.com
2	www.google.com	www.medicare-providers.net
2	trc.pushnami.com	api.pushnami.com
2	secure.apolloi.com	www.medicare-providers.net
2	service.excelluabcbs.com	2 redirects
1	deviceid.trueleadid.com	d2m2wsoho8qq12.cloudfront.net
1	d2m2wsoho8qq12.cloudfront.net	create.lidstatic.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	create.lidstatic.com	www.medicare-providers.net
1	googleads.g.doubleclick.net	www.googleadservices.com
1	fonts.gstatic.com	fonts.googleapis.com
1	acsbapp.com	www.medicare-providers.net
1	www.googleadservices.com	www.medicare-providers.net
1	insurance.mediaalpha.com	www.medicare-providers.net
1	d29u10q7qlh006.cloudfront.net	www.medicare-providers.net
1	fonts.googleapis.com	www.medicare-providers.net
1	www.frebahlem.com	1 redirects
1	track.imgtrx.com	1 redirects
65	27

This site contains links to these domains. Also see Links.

Domain
www.medicare.gov
www.cms.gov
accessibe.com

Subject Issuer	Validity	Valid
www.medicare-providers.net Sectigo RSA Organization Validation Secure Server CA	`2022-06-15` - `2023-06-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
mediaalpha.com Amazon	`2022-07-11` - `2023-08-09`	a year	crt.sh
secure.apolloi.com Sectigo RSA Organization Validation Secure Server CA	`2022-06-15` - `2023-06-15`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.pushnami.com Amazon	`2022-04-03` - `2023-05-02`	a year	crt.sh
*.acsbapp.com GTS CA 1P5	`2023-01-06` - `2023-04-06`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-11-25` - `2023-05-25`	6 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
lidstatic.com Cloudflare Inc ECC CA-3	`2022-03-30` - `2023-03-30`	a year	crt.sh
script.anura.io Amazon	`2022-05-24` - `2023-06-22`	a year	crt.sh
create.leadid.com Amazon	`2022-09-21` - `2023-10-19`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
deviceid.trueleadid.com Amazon	`2022-12-08` - `2024-01-06`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.medicare-providers.net/plans/advantage/?Eref=Q2QCN1ZD&Subreferrer=162106&Subid=3ff8e093b7e84f049db344f2092634bd
Frame ID: C4022D6EBF3FE858FBC61691C82FCB72
Requests: 66 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=28A53F20-FA36-E9C3-19DC-0D1A23BA4121&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.13&lck=81C0E214-F497-A92B-AD7F-7276E94695AB&lac=478B1969-F034-6785-243D-D2DE64FC7F68
Frame ID: 3145E7A546E3974A993768DE16EF1637
Requests: 1 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=28A53F20-FA36-E9C3-19DC-0D1A23BA4121&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.13&lck=81C0E214-F497-A92B-AD7F-7276E94695AB&lac=478B1969-F034-6785-243D-D2DE64FC7F68
Frame ID: E9086094A11C244E26509A5516360A66
Requests: 2 HTTP requests in this frame

Frame: https://api.pushnami.com/scripts/v1/hub
Frame ID: 53B9F69DA34958BE69727B8FAEDA795D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Medicare Advantage Plans | Medicare Providers logo-bbblogo-ssllogo-bbblogo-ssl

Page URL History Show full URLs

http://service.excelluabcbs.com/ HTTP 302
https://service.excelluabcbs.com/ HTTP 302
http://1redird.com/r2.php?e=SeZ8DB3lse50v3x1BsTzY349fnJ2cmdCaEUwNmhPQUpkWTROQXJkQzJJZGttRGZqUTV... Page URL
http://1redird.com/r.php?u=https%3A%2F%2Ftrack.imgtrx.com%2F61bba860040feb00013eb131%3Fsub1%3D3... HTTP 302
https://track.imgtrx.com/61bba860040feb00013eb131?sub1=35MC&sub2=913252047&sub3=medicare&sub4=MAIN&co... HTTP 302
https://www.frebahlem.com/BCSJLZBH/DCJK84N/?sub1=35MC&sub2=63f0b07baaba5d0001a57ea6 HTTP 302
https://www.medicare-providers.net/plans/advantage/?Eref=Q2QCN1ZD&Subreferrer=162106&Subid=3ff8e093b7e84f049db3... Page URL

Detected technologies

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Pushnami (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

api\.pushnami\.com

SWFObject (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swfobject.*\.js

Page Statistics

65
Requests

94 %
HTTPS

48 %
IPv6

22
Domains

27
Subdomains

25
IPs

2
Countries

1185 kB
Transfer

3531 kB
Size

22
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://www.medicare.gov/
Title: Medicare.gov

Search URL Search Domain Scan URL

URL: http://www.cms.gov/
Title: CMS.gov

Search URL Search Domain Scan URL

URL: http://www.cms.gov/medicare-coverage-database/
Title: MCD.gov

Search URL Search Domain Scan URL

URL: https://accessibe.com/?utm_medium=link&utm_source=widget
Title: Web Accessibility By Learn More

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://service.excelluabcbs.com/ HTTP 302
https://service.excelluabcbs.com/ HTTP 302
http://1redird.com/r2.php?e=SeZ8DB3lse50v3x1BsTzY349fnJ2cmdCaEUwNmhPQUpkWTROQXJkQzJJZGttRGZqUTVtWWdaZ25rMFBGdUxiVmxQb291dk14OTh5VGtSRVBmS21ia1ZCYXpPdlBHMlNkY1daYVZ2bXZrMWhpbHFqT3RrOUtlbnVLNXF2V1VDMW5CRFlqeDRnb0t6Wk15em5jY3Y1MnFvd3B2enBrSU1yNWNyS2t6RkxzMHpuS0V2eXVrdUFrOFh0b0EzUjh5UVlha3N6L2hqQ0UvNEVFa1piQzFnaThPOG4xMmcyRWlNOVRaQUl5UjVZS24zTXB5N1RwMktaeks1d3hSaWUrRFBUMVhWaW1UUWFIOTFpd2M2VzlCbjRUcjRWcFNOQ1NzV0xKcWpsZXA0U3g2MVcycVpqQTVJR1U1allCNXQ0U2l6SEF0UnlhSUIwR3lxUlF0L0duNU92SEhnOWJaY1d0a1NPMFJkUk1sRmdSbmlEamdlYlJ4MkZTR2lzaHh3MTJUbW53Wi9MRTEvelhpMHdXcDQ1TkcyaXNaS3QrSzl5a0tVd0lsd24rbTh3RG5HTzFoc1g5dXh3cGkxaXpFQTJId0gzNnRCYk44bWRjQlU0WWF0b29QdUQ5RmdpZWM2VTFnM2NEL2ErRStwL0QvQ0pIUFRoQ0Y4U2N0VE5lNytTK3hqOEM3dE9DbHRnMTA1UUR1MVdCTmQ4R1RMWEJ5SlZZQTNudzJ5aWdwVXVOVmhmSUNsWGFSc0VROUdGS1p6SERnYlRxOW9NWGVwSXErM1ZrREFHbWQrMm1rbDR0ZDUrOXNEb1M2Sk1LeUdEWExSYW1iZnFJTXpRUHY1ckMyWkk2RlVUdit1MjB1RlZGWTlncjA1bmRIZE1zUmhCU2tZS1R6Y3VPNWZ2dXp2MWNBd1VTMTM4bzRScFZxd0xHbVBJQU1NT3VWVDhhZEkySGcrZXM4enN3dzBmNEpCOE9zSGNlUWdHQURtVWJhd0g4c1d1aTRlblE5ZGFzSUE3L2F6WURNdkVvc3ByTlNrbm1vZFRmOTBnby83dW5zMlkrbFJ2VEk1T1l2SzQ2Tk5mZGh2TmxHRm5OdVZic0VyWUc1dVJmRjB3L1JVQWoyMUFmUkZWY0wyMVF4dXVBYTdscTBRNGVPWDFVTXZMTCtOM1BDZHJpNC92VmxRWW1YTHZraklDVHRBUzNlekE3Z1ExWkpjU1k0Qm00WHZM Page URL
http://1redird.com/r.php?u=https%3A%2F%2Ftrack.imgtrx.com%2F61bba860040feb00013eb131%3Fsub1%3D35MC%26sub2%3D913252047%26sub3%3Dmedicare%26sub4%3DMAIN%26cost%3D0.3100&s=j&enc=5j6OJof2QGHm%2BtaTxxA3in49fjkyUGVPSDN0Y1doTzBteUxKRy82S09YSUJqMC9xc1ZWa1J5emFDYnN0K0l0NFAydVkzOEVpOG1xYzlUZ1JYTVFFeXdWK00rUEovSloyclhHazlBQWU1S1RTTEZ4c245ZnhNR2hLSDVuYitmMVRQUVh0UUtXbCtkeXFIajQrVFpidTdQcENLOHp3aTJxMkVJS3EvZmFNcWFuTEU0aHFCcDdPb2pJU1VUMEoxSDYzRjVROWY1Wit1QkdlTTJ4aUIyTm1WRXRoNVhMVWdINzZGL01RenhsR3BwMGhHb1B5ZGZwYWRtSmlzYXFhekhuS0p4emxiTklLeG8wRHNQMXRpR2lpY1dPY1g4RWxqQ2FLak5zcDE2WW1LREhPRUl4Y1JuTHhHY0RkUFBLVFlLU0QySVJ2Y2lCQjdBUTE5Si9saUZzWm1FN01rTEdUR2JJYkp2ak1xV0JPMFpLcG1IL0NGOE5aK1h1ZldqSGZyZUh3cEhYUG12Q1NydGVyakxJU2E2OGY3dUxlQ3g4NE5KUGJtdVYyKzcxK014dk1Pa1BLTVZ4a3BYSDlRWFNFTkpSVDJOVnZVUE1ucFZVRzFXRE5FTXRZUG5RTVJuN2tVMGU4dHZlZkt1eGtOek5aVUU3cEt6ZDE5L2hSbmpEUjdKcEdzTk5adzBNUWZlS0ZPeWtDVWJ1ZVQ3c2pxOUNZMzRTenU3REg0dHk1YzkwVFpxcnBBWG1PSHF2TkVuWHhDaitrOFZBYWE0QTZQYkdTVzUvMmJIdmpiRUwvREw0NlJva1BlVS9hNnNVTldFK2NHWXZpMi9EWmwvT3dicklad0RmVlBnd3JTbDNHaUg5V05WWXJtaGtZQWNoOGFCTGIwMUNCUXVQK3dtamd5Mlp2c0RkdlgvMUgxdHloZUVPYU1QOEIwcS84ZC9VamFGVGFMcEY3eDZwS0ZaOThSNVJINFJZcFRrN21XV1hSN2kvK2pINk1LTkEwQWRiazZrVitDYUpRN0JsQ0ZyY3hWU2pzNXU3Y2theVBxM0c0ODBKcDYwN1ZGSVBWcytZZHBObEdNeDhXaGhBMzY5d1Q2Y1puSjFHc1RScVliSW5SRE5SODJjMmNFUEhSODVVZ3RtMW1OZDNXUVRXeEJraHZHWXZITzB2dUluRW0vM0toR1RBVUthS3RjL1VQSGFOd295bU1lTDVzaWhVaVNrUDNkamR0NUNTdm9mM0UvVGNIN0taakJ5VlJCNlNoR2xpZkZ1emxKOUtXTTkyUmJmTDg2ekRidk1pWXNFSVdrZnF2QmFIMENoTjVNVXJCYWVqZ0E9PQ%3D%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine HTTP 302
https://track.imgtrx.com/61bba860040feb00013eb131?sub1=35MC&sub2=913252047&sub3=medicare&sub4=MAIN&cost=0.3100 HTTP 302
https://www.frebahlem.com/BCSJLZBH/DCJK84N/?sub1=35MC&sub2=63f0b07baaba5d0001a57ea6 HTTP 302
https://www.medicare-providers.net/plans/advantage/?Eref=Q2QCN1ZD&Subreferrer=162106&Subid=3ff8e093b7e84f049db344f2092634bd Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://service.excelluabcbs.com/ HTTP 302
https://service.excelluabcbs.com/ HTTP 302
http://1redird.com/r2.php?e=SeZ8DB3lse50v3x1BsTzY349fnJ2cmdCaEUwNmhPQUpkWTROQXJkQzJJZGttRGZqUTVtWWdaZ25rMFBGdUxiVmxQb291dk14OTh5VGtSRVBmS21ia1ZCYXpPdlBHMlNkY1daYVZ2bXZrMWhpbHFqT3RrOUtlbnVLNXF2V1VDMW5CRFlqeDRnb0t6Wk15em5jY3Y1MnFvd3B2enBrSU1yNWNyS2t6RkxzMHpuS0V2eXVrdUFrOFh0b0EzUjh5UVlha3N6L2hqQ0UvNEVFa1piQzFnaThPOG4xMmcyRWlNOVRaQUl5UjVZS24zTXB5N1RwMktaeks1d3hSaWUrRFBUMVhWaW1UUWFIOTFpd2M2VzlCbjRUcjRWcFNOQ1NzV0xKcWpsZXA0U3g2MVcycVpqQTVJR1U1allCNXQ0U2l6SEF0UnlhSUIwR3lxUlF0L0duNU92SEhnOWJaY1d0a1NPMFJkUk1sRmdSbmlEamdlYlJ4MkZTR2lzaHh3MTJUbW53Wi9MRTEvelhpMHdXcDQ1TkcyaXNaS3QrSzl5a0tVd0lsd24rbTh3RG5HTzFoc1g5dXh3cGkxaXpFQTJId0gzNnRCYk44bWRjQlU0WWF0b29QdUQ5RmdpZWM2VTFnM2NEL2ErRStwL0QvQ0pIUFRoQ0Y4U2N0VE5lNytTK3hqOEM3dE9DbHRnMTA1UUR1MVdCTmQ4R1RMWEJ5SlZZQTNudzJ5aWdwVXVOVmhmSUNsWGFSc0VROUdGS1p6SERnYlRxOW9NWGVwSXErM1ZrREFHbWQrMm1rbDR0ZDUrOXNEb1M2Sk1LeUdEWExSYW1iZnFJTXpRUHY1ckMyWkk2RlVUdit1MjB1RlZGWTlncjA1bmRIZE1zUmhCU2tZS1R6Y3VPNWZ2dXp2MWNBd1VTMTM4bzRScFZxd0xHbVBJQU1NT3VWVDhhZEkySGcrZXM4enN3dzBmNEpCOE9zSGNlUWdHQURtVWJhd0g4c1d1aTRlblE5ZGFzSUE3L2F6WURNdkVvc3ByTlNrbm1vZFRmOTBnby83dW5zMlkrbFJ2VEk1T1l2SzQ2Tk5mZGh2TmxHRm5OdVZic0VyWUc1dVJmRjB3L1JVQWoyMUFmUkZWY0wyMVF4dXVBYTdscTBRNGVPWDFVTXZMTCtOM1BDZHJpNC92VmxRWW1YTHZraklDVHRBUzNlekE3Z1ExWkpjU1k0Qm00WHZM

65 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

r2.php Show response
1redird.com/
Redirect Chain

http://service.excelluabcbs.com/
https://service.excelluabcbs.com/
http://1redird.com/r2.php?e=SeZ8DB3lse50v3x1BsTzY349fnJ2cmdCaEUwNmhPQUpkWTROQXJkQzJJZGttRGZqUTVtWWdaZ25rMFBGdUxiVmxQb291dk14OTh5VGtSRVBmS21ia1ZCYXpPdlBHMlNkY1daYVZ2bXZrMWhpbHFqT3RrOUtlbnVLNXF2V1VDM...

4 KB
2 KB

471ms
101ms

Document
text/html

103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://1redird.com/r2.php?e=SeZ8DB3lse50v3x1BsTzY349fnJ2cmdCaEUwNmhPQUpkWTROQXJkQzJJZGttRGZqUTVtWWdaZ25rMFBGdUxiVmxQb291dk14OTh5VGtSRVBmS21ia1ZCYXpPdlBHMlNkY1daYVZ2bXZrMWhpbHFqT3RrOUtlbnVLNXF2V1VDMW5CRFlqeDRnb0t6Wk15em5jY3Y1MnFvd3B2enBrSU1yNWNyS2t6RkxzMHpuS0V2eXVrdUFrOFh0b0EzUjh5UVlha3N6L2hqQ0UvNEVFa1piQzFnaThPOG4xMmcyRWlNOVRaQUl5UjVZS24zTXB5N1RwMktaeks1d3hSaWUrRFBUMVhWaW1UUWFIOTFpd2M2VzlCbjRUcjRWcFNOQ1NzV0xKcWpsZXA0U3g2MVcycVpqQTVJR1U1allCNXQ0U2l6SEF0UnlhSUIwR3lxUlF0L0duNU92SEhnOWJaY1d0a1NPMFJkUk1sRmdSbmlEamdlYlJ4MkZTR2lzaHh3MTJUbW53Wi9MRTEvelhpMHdXcDQ1TkcyaXNaS3QrSzl5a0tVd0lsd24rbTh3RG5HTzFoc1g5dXh3cGkxaXpFQTJId0gzNnRCYk44bWRjQlU0WWF0b29QdUQ5RmdpZWM2VTFnM2NEL2ErRStwL0QvQ0pIUFRoQ0Y4U2N0VE5lNytTK3hqOEM3dE9DbHRnMTA1UUR1MVdCTmQ4R1RMWEJ5SlZZQTNudzJ5aWdwVXVOVmhmSUNsWGFSc0VROUdGS1p6SERnYlRxOW9NWGVwSXErM1ZrREFHbWQrMm1rbDR0ZDUrOXNEb1M2Sk1LeUdEWExSYW1iZnFJTXpRUHY1ckMyWkk2RlVUdit1MjB1RlZGWTlncjA1bmRIZE1zUmhCU2tZS1R6Y3VPNWZ2dXp2MWNBd1VTMTM4bzRScFZxd0xHbVBJQU1NT3VWVDhhZEkySGcrZXM4enN3dzBmNEpCOE9zSGNlUWdHQURtVWJhd0g4c1d1aTRlblE5ZGFzSUE3L2F6WURNdkVvc3ByTlNrbm1vZFRmOTBnby83dW5zMlkrbFJ2VEk1T1l2SzQ2Tk5mZGh2TmxHRm5OdVZic0VyWUc1dVJmRjB3L1JVQWoyMUFmUkZWY0wyMVF4dXVBYTdscTBRNGVPWDFVTXZMTCtOM1BDZHJpNC92VmxRWW1YTHZraklDVHRBUzNlekE3Z1ExWkpjU1k0Qm00WHZM
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: c05cab9eb1a43f43e508bf395c0c6be30c18c4ab2b50384c2f7e464723fa7484

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

connection: close
content-encoding: gzip
content-length: 2194
content-type: text/html; charset=UTF-8
date: Sat, 18 Feb 2023 11:03:21 GMT
server: Apache/2.4.38 (Debian)
vary: Accept-Encoding

Redirect headers

connection: close
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 18 Feb 2023 11:03:20 GMT
location: http://1redird.com/r2.php?e=SeZ8DB3lse50v3x1BsTzY349fnJ2cmdCaEUwNmhPQUpkWTROQXJkQzJJZGttRGZqUTVtWWdaZ25rMFBGdUxiVmxQb291dk14OTh5VGtSRVBmS21ia1ZCYXpPdlBHMlNkY1daYVZ2bXZrMWhpbHFqT3RrOUtlbnVLNXF2V1VDMW5CRFlqeDRnb0t6Wk15em5jY3Y1MnFvd3B2enBrSU1yNWNyS2t6RkxzMHpuS0V2eXVrdUFrOFh0b0EzUjh5UVlha3N6L2hqQ0UvNEVFa1piQzFnaThPOG4xMmcyRWlNOVRaQUl5UjVZS24zTXB5N1RwMktaeks1d3hSaWUrRFBUMVhWaW1UUWFIOTFpd2M2VzlCbjRUcjRWcFNOQ1NzV0xKcWpsZXA0U3g2MVcycVpqQTVJR1U1allCNXQ0U2l6SEF0UnlhSUIwR3lxUlF0L0duNU92SEhnOWJaY1d0a1NPMFJkUk1sRmdSbmlEamdlYlJ4MkZTR2lzaHh3MTJUbW53Wi9MRTEvelhpMHdXcDQ1TkcyaXNaS3QrSzl5a0tVd0lsd24rbTh3RG5HTzFoc1g5dXh3cGkxaXpFQTJId0gzNnRCYk44bWRjQlU0WWF0b29QdUQ5RmdpZWM2VTFnM2NEL2ErRStwL0QvQ0pIUFRoQ0Y4U2N0VE5lNytTK3hqOEM3dE9DbHRnMTA1UUR1MVdCTmQ4R1RMWEJ5SlZZQTNudzJ5aWdwVXVOVmhmSUNsWGFSc0VROUdGS1p6SERnYlRxOW9NWGVwSXErM1ZrREFHbWQrMm1rbDR0ZDUrOXNEb1M2Sk1LeUdEWExSYW1iZnFJTXpRUHY1ckMyWkk2RlVUdit1MjB1RlZGWTlncjA1bmRIZE1zUmhCU2tZS1R6Y3VPNWZ2dXp2MWNBd1VTMTM4bzRScFZxd0xHbVBJQU1NT3VWVDhhZEkySGcrZXM4enN3dzBmNEpCOE9zSGNlUWdHQURtVWJhd0g4c1d1aTRlblE5ZGFzSUE3L2F6WURNdkVvc3ByTlNrbm1vZFRmOTBnby83dW5zMlkrbFJ2VEk1T1l2SzQ2Tk5mZGh2TmxHRm5OdVZic0VyWUc1dVJmRjB3L1JVQWoyMUFmUkZWY0wyMVF4dXVBYTdscTBRNGVPWDFVTXZMTCtOM1BDZHJpNC92VmxRWW1YTHZraklDVHRBUzNlekE3Z1ExWkpjU1k0Qm00WHZM
server: Apache/2.4.38 (Debian)

GET
H/1.1 200
OK jscheck.js Show response
1redird.com/javascript/ 899 B
718 B 104ms
96ms Script
application/javascript 103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://1redird.com/javascript/jscheck.js
Requested by: Host: 1redird.com
URL: http://1redird.com/r2.php?e=SeZ8DB3lse50v3x1BsTzY349fnJ2cmdCaEUwNmhPQUpkWTROQXJkQzJJZGttRGZqUTVtWWdaZ25rMFBGdUxiVmxQb291dk14OTh5VGtSRVBmS21ia1ZCYXpPdlBHMlNkY1daYVZ2bXZrMWhpbHFqT3RrOUtlbnVLNXF2V1VDMW5CRFlqeDRnb0t6Wk15em5jY3Y1MnFvd3B2enBrSU1yNWNyS2t6RkxzMHpuS0V2eXVrdUFrOFh0b0EzUjh5UVlha3N6L2hqQ0UvNEVFa1piQzFnaThPOG4xMmcyRWlNOVRaQUl5UjVZS24zTXB5N1RwMktaeks1d3hSaWUrRFBUMVhWaW1UUWFIOTFpd2M2VzlCbjRUcjRWcFNOQ1NzV0xKcWpsZXA0U3g2MVcycVpqQTVJR1U1allCNXQ0U2l6SEF0UnlhSUIwR3lxUlF0L0duNU92SEhnOWJaY1d0a1NPMFJkUk1sRmdSbmlEamdlYlJ4MkZTR2lzaHh3MTJUbW53Wi9MRTEvelhpMHdXcDQ1TkcyaXNaS3QrSzl5a0tVd0lsd24rbTh3RG5HTzFoc1g5dXh3cGkxaXpFQTJId0gzNnRCYk44bWRjQlU0WWF0b29QdUQ5RmdpZWM2VTFnM2NEL2ErRStwL0QvQ0pIUFRoQ0Y4U2N0VE5lNytTK3hqOEM3dE9DbHRnMTA1UUR1MVdCTmQ4R1RMWEJ5SlZZQTNudzJ5aWdwVXVOVmhmSUNsWGFSc0VROUdGS1p6SERnYlRxOW9NWGVwSXErM1ZrREFHbWQrMm1rbDR0ZDUrOXNEb1M2Sk1LeUdEWExSYW1iZnFJTXpRUHY1ckMyWkk2RlVUdit1MjB1RlZGWTlncjA1bmRIZE1zUmhCU2tZS1R6Y3VPNWZ2dXp2MWNBd1VTMTM4bzRScFZxd0xHbVBJQU1NT3VWVDhhZEkySGcrZXM4enN3dzBmNEpCOE9zSGNlUWdHQURtVWJhd0g4c1d1aTRlblE5ZGFzSUE3L2F6WURNdkVvc3ByTlNrbm1vZFRmOTBnby83dW5zMlkrbFJ2VEk1T1l2SzQ2Tk5mZGh2TmxHRm5OdVZic0VyWUc1dVJmRjB3L1JVQWoyMUFmUkZWY0wyMVF4dXVBYTdscTBRNGVPWDFVTXZMTCtOM1BDZHJpNC92VmxRWW1YTHZraklDVHRBUzNlekE3Z1ExWkpjU1k0Qm00WHZM
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 40daba765e68df81072dba603adecbd49b4c9b0ee836189af681c3a7827bfd9e

Request headers

accept-language: en-US,en;q=0.9
Referer: http://1redird.com/r2.php?e=SeZ8DB3lse50v3x1BsTzY349fnJ2cmdCaEUwNmhPQUpkWTROQXJkQzJJZGttRGZqUTVtWWdaZ25rMFBGdUxiVmxQb291dk14OTh5VGtSRVBmS21ia1ZCYXpPdlBHMlNkY1daYVZ2bXZrMWhpbHFqT3RrOUtlbnVLNXF2V1VDMW5CRFlqeDRnb0t6Wk15em5jY3Y1MnFvd3B2enBrSU1yNWNyS2t6RkxzMHpuS0V2eXVrdUFrOFh0b0EzUjh5UVlha3N6L2hqQ0UvNEVFa1piQzFnaThPOG4xMmcyRWlNOVRaQUl5UjVZS24zTXB5N1RwMktaeks1d3hSaWUrRFBUMVhWaW1UUWFIOTFpd2M2VzlCbjRUcjRWcFNOQ1NzV0xKcWpsZXA0U3g2MVcycVpqQTVJR1U1allCNXQ0U2l6SEF0UnlhSUIwR3lxUlF0L0duNU92SEhnOWJaY1d0a1NPMFJkUk1sRmdSbmlEamdlYlJ4MkZTR2lzaHh3MTJUbW53Wi9MRTEvelhpMHdXcDQ1TkcyaXNaS3QrSzl5a0tVd0lsd24rbTh3RG5HTzFoc1g5dXh3cGkxaXpFQTJId0gzNnRCYk44bWRjQlU0WWF0b29QdUQ5RmdpZWM2VTFnM2NEL2ErRStwL0QvQ0pIUFRoQ0Y4U2N0VE5lNytTK3hqOEM3dE9DbHRnMTA1UUR1MVdCTmQ4R1RMWEJ5SlZZQTNudzJ5aWdwVXVOVmhmSUNsWGFSc0VROUdGS1p6SERnYlRxOW9NWGVwSXErM1ZrREFHbWQrMm1rbDR0ZDUrOXNEb1M2Sk1LeUdEWExSYW1iZnFJTXpRUHY1ckMyWkk2RlVUdit1MjB1RlZGWTlncjA1bmRIZE1zUmhCU2tZS1R6Y3VPNWZ2dXp2MWNBd1VTMTM4bzRScFZxd0xHbVBJQU1NT3VWVDhhZEkySGcrZXM4enN3dzBmNEpCOE9zSGNlUWdHQURtVWJhd0g4c1d1aTRlblE5ZGFzSUE3L2F6WURNdkVvc3ByTlNrbm1vZFRmOTBnby83dW5zMlkrbFJ2VEk1T1l2SzQ2Tk5mZGh2TmxHRm5OdVZic0VyWUc1dVJmRjB3L1JVQWoyMUFmUkZWY0wyMVF4dXVBYTdscTBRNGVPWDFVTXZMTCtOM1BDZHJpNC92VmxRWW1YTHZraklDVHRBUzNlekE3Z1ExWkpjU1k0Qm00WHZM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 11:03:22 GMT
content-encoding: gzip
last-modified: Sat, 23 Jul 2022 05:32:26 GMT
server: Apache/2.4.38 (Debian)
etag: "383-5e47246a24e80-gzip"
vary: Accept-Encoding
content-type: application/javascript
connection: close
accept-ranges: bytes
content-length: 405

GET
H/1.1 200
OK swfobject.js Show response
1redird.com/javascript/ 10 KB
4 KB 201ms
102ms Script
application/javascript 103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://1redird.com/javascript/swfobject.js
Requested by: Host: 1redird.com
URL: http://1redird.com/r2.php?e=SeZ8DB3lse50v3x1BsTzY349fnJ2cmdCaEUwNmhPQUpkWTROQXJkQzJJZGttRGZqUTVtWWdaZ25rMFBGdUxiVmxQb291dk14OTh5VGtSRVBmS21ia1ZCYXpPdlBHMlNkY1daYVZ2bXZrMWhpbHFqT3RrOUtlbnVLNXF2V1VDMW5CRFlqeDRnb0t6Wk15em5jY3Y1MnFvd3B2enBrSU1yNWNyS2t6RkxzMHpuS0V2eXVrdUFrOFh0b0EzUjh5UVlha3N6L2hqQ0UvNEVFa1piQzFnaThPOG4xMmcyRWlNOVRaQUl5UjVZS24zTXB5N1RwMktaeks1d3hSaWUrRFBUMVhWaW1UUWFIOTFpd2M2VzlCbjRUcjRWcFNOQ1NzV0xKcWpsZXA0U3g2MVcycVpqQTVJR1U1allCNXQ0U2l6SEF0UnlhSUIwR3lxUlF0L0duNU92SEhnOWJaY1d0a1NPMFJkUk1sRmdSbmlEamdlYlJ4MkZTR2lzaHh3MTJUbW53Wi9MRTEvelhpMHdXcDQ1TkcyaXNaS3QrSzl5a0tVd0lsd24rbTh3RG5HTzFoc1g5dXh3cGkxaXpFQTJId0gzNnRCYk44bWRjQlU0WWF0b29QdUQ5RmdpZWM2VTFnM2NEL2ErRStwL0QvQ0pIUFRoQ0Y4U2N0VE5lNytTK3hqOEM3dE9DbHRnMTA1UUR1MVdCTmQ4R1RMWEJ5SlZZQTNudzJ5aWdwVXVOVmhmSUNsWGFSc0VROUdGS1p6SERnYlRxOW9NWGVwSXErM1ZrREFHbWQrMm1rbDR0ZDUrOXNEb1M2Sk1LeUdEWExSYW1iZnFJTXpRUHY1ckMyWkk2RlVUdit1MjB1RlZGWTlncjA1bmRIZE1zUmhCU2tZS1R6Y3VPNWZ2dXp2MWNBd1VTMTM4bzRScFZxd0xHbVBJQU1NT3VWVDhhZEkySGcrZXM4enN3dzBmNEpCOE9zSGNlUWdHQURtVWJhd0g4c1d1aTRlblE5ZGFzSUE3L2F6WURNdkVvc3ByTlNrbm1vZFRmOTBnby83dW5zMlkrbFJ2VEk1T1l2SzQ2Tk5mZGh2TmxHRm5OdVZic0VyWUc1dVJmRjB3L1JVQWoyMUFmUkZWY0wyMVF4dXVBYTdscTBRNGVPWDFVTXZMTCtOM1BDZHJpNC92VmxRWW1YTHZraklDVHRBUzNlekE3Z1ExWkpjU1k0Qm00WHZM
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed

Request headers

accept-language: en-US,en;q=0.9
Referer: http://1redird.com/r2.php?e=SeZ8DB3lse50v3x1BsTzY349fnJ2cmdCaEUwNmhPQUpkWTROQXJkQzJJZGttRGZqUTVtWWdaZ25rMFBGdUxiVmxQb291dk14OTh5VGtSRVBmS21ia1ZCYXpPdlBHMlNkY1daYVZ2bXZrMWhpbHFqT3RrOUtlbnVLNXF2V1VDMW5CRFlqeDRnb0t6Wk15em5jY3Y1MnFvd3B2enBrSU1yNWNyS2t6RkxzMHpuS0V2eXVrdUFrOFh0b0EzUjh5UVlha3N6L2hqQ0UvNEVFa1piQzFnaThPOG4xMmcyRWlNOVRaQUl5UjVZS24zTXB5N1RwMktaeks1d3hSaWUrRFBUMVhWaW1UUWFIOTFpd2M2VzlCbjRUcjRWcFNOQ1NzV0xKcWpsZXA0U3g2MVcycVpqQTVJR1U1allCNXQ0U2l6SEF0UnlhSUIwR3lxUlF0L0duNU92SEhnOWJaY1d0a1NPMFJkUk1sRmdSbmlEamdlYlJ4MkZTR2lzaHh3MTJUbW53Wi9MRTEvelhpMHdXcDQ1TkcyaXNaS3QrSzl5a0tVd0lsd24rbTh3RG5HTzFoc1g5dXh3cGkxaXpFQTJId0gzNnRCYk44bWRjQlU0WWF0b29QdUQ5RmdpZWM2VTFnM2NEL2ErRStwL0QvQ0pIUFRoQ0Y4U2N0VE5lNytTK3hqOEM3dE9DbHRnMTA1UUR1MVdCTmQ4R1RMWEJ5SlZZQTNudzJ5aWdwVXVOVmhmSUNsWGFSc0VROUdGS1p6SERnYlRxOW9NWGVwSXErM1ZrREFHbWQrMm1rbDR0ZDUrOXNEb1M2Sk1LeUdEWExSYW1iZnFJTXpRUHY1ckMyWkk2RlVUdit1MjB1RlZGWTlncjA1bmRIZE1zUmhCU2tZS1R6Y3VPNWZ2dXp2MWNBd1VTMTM4bzRScFZxd0xHbVBJQU1NT3VWVDhhZEkySGcrZXM4enN3dzBmNEpCOE9zSGNlUWdHQURtVWJhd0g4c1d1aTRlblE5ZGFzSUE3L2F6WURNdkVvc3ByTlNrbm1vZFRmOTBnby83dW5zMlkrbFJ2VEk1T1l2SzQ2Tk5mZGh2TmxHRm5OdVZic0VyWUc1dVJmRjB3L1JVQWoyMUFmUkZWY0wyMVF4dXVBYTdscTBRNGVPWDFVTXZMTCtOM1BDZHJpNC92VmxRWW1YTHZraklDVHRBUzNlekE3Z1ExWkpjU1k0Qm00WHZM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 11:03:22 GMT
content-encoding: gzip
last-modified: Sat, 23 Jul 2022 05:32:26 GMT
server: Apache/2.4.38 (Debian)
etag: "27ef-5e47246a24e80-gzip"
vary: Accept-Encoding
content-type: application/javascript
connection: close
accept-ranges: bytes
content-length: 3949

GET
H/1.1 200
OK jscheck.php
1redird.com/ 0
166 B 235ms
120ms XHR
text/html 103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://1redird.com/jscheck.php?enc=5j6OJof2QGHm%2BtaTxxA3in49fjkyUGVPSDN0Y1doTzBteUxKRy82S09YSUJqMC9xc1ZWa1J5emFDYnN0K0l0NFAydVkzOEVpOG1xYzlUZ1JYTVFFeXdWK00rUEovSloyclhHazlBQWU1S1RTTEZ4c245ZnhNR2hLSDVuYitmMVRQUVh0UUtXbCtkeXFIajQrVFpidTdQcENLOHp3aTJxMkVJS3EvZmFNcWFuTEU0aHFCcDdPb2pJU1VUMEoxSDYzRjVROWY1Wit1QkdlTTJ4aUIyTm1WRXRoNVhMVWdINzZGL01RenhsR3BwMGhHb1B5ZGZwYWRtSmlzYXFhekhuS0p4emxiTklLeG8wRHNQMXRpR2lpY1dPY1g4RWxqQ2FLak5zcDE2WW1LREhPRUl4Y1JuTHhHY0RkUFBLVFlLU0QySVJ2Y2lCQjdBUTE5Si9saUZzWm1FN01rTEdUR2JJYkp2ak1xV0JPMFpLcG1IL0NGOE5aK1h1ZldqSGZyZUh3cEhYUG12Q1NydGVyakxJU2E2OGY3dUxlQ3g4NE5KUGJtdVYyKzcxK014dk1Pa1BLTVZ4a3BYSDlRWFNFTkpSVDJOVnZVUE1ucFZVRzFXRE5FTXRZUG5RTVJuN2tVMGU4dHZlZkt1eGtOek5aVUU3cEt6ZDE5L2hSbmpEUjdKcEdzTk5adzBNUWZlS0ZPeWtDVWJ1ZVQ3c2pxOUNZMzRTenU3REg0dHk1YzkwVFpxcnBBWG1PSHF2TkVuWHhDaitrOFZBYWE0QTZQYkdTVzUvMmJIdmpiRUwvREw0NlJva1BlVS9hNnNVTldFK2NHWXZpMi9EWmwvT3dicklad0RmVlBnd3JTbDNHaUg5V05WWXJtaGtZQWNoOGFCTGIwMUNCUXVQK3dtamd5Mlp2c0RkdlgvMUgxdHloZUVPYU1QOEIwcS84ZC9VamFGVGFMcEY3eDZwS0ZaOThSNVJINFJZcFRrN21XV1hSN2kvK2pINk1LTkEwQWRiazZrVitDYUpRN0JsQ0ZyY3hWU2pzNXU3Y2theVBxM0c0ODBKcDYwN1ZGSVBWcytZZHBObEdNeDhXaGhBMzY5d1Q2Y1puSjFHc1RScVliSW5SRE5SODJjMmNFUEhSODVVZ3RtMW1OZDNXUVRXeEJraHZHWXZITzB2dUluRW0vM0toR1RBVUthS3RjL1VQSGFOd295bU1lTDVzaWhVaVNrUDNkamR0NUNTdm9mM0UvVGNIN0taakJ5VlJCNlNoR2xpZkZ1emxKOUtXTTkyUmJmTDg2ekRidk1pWXNFSVdrZnF2QmFIMENoTjVNVXJCYWVqZ0E9PQ%3D%3D&rand=0.46219679946537284
Requested by: Host: 1redird.com
URL: http://1redird.com/javascript/jscheck.js
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache/2.4.38 (Debian) /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: http://1redird.com/r2.php?e=SeZ8DB3lse50v3x1BsTzY349fnJ2cmdCaEUwNmhPQUpkWTROQXJkQzJJZGttRGZqUTVtWWdaZ25rMFBGdUxiVmxQb291dk14OTh5VGtSRVBmS21ia1ZCYXpPdlBHMlNkY1daYVZ2bXZrMWhpbHFqT3RrOUtlbnVLNXF2V1VDMW5CRFlqeDRnb0t6Wk15em5jY3Y1MnFvd3B2enBrSU1yNWNyS2t6RkxzMHpuS0V2eXVrdUFrOFh0b0EzUjh5UVlha3N6L2hqQ0UvNEVFa1piQzFnaThPOG4xMmcyRWlNOVRaQUl5UjVZS24zTXB5N1RwMktaeks1d3hSaWUrRFBUMVhWaW1UUWFIOTFpd2M2VzlCbjRUcjRWcFNOQ1NzV0xKcWpsZXA0U3g2MVcycVpqQTVJR1U1allCNXQ0U2l6SEF0UnlhSUIwR3lxUlF0L0duNU92SEhnOWJaY1d0a1NPMFJkUk1sRmdSbmlEamdlYlJ4MkZTR2lzaHh3MTJUbW53Wi9MRTEvelhpMHdXcDQ1TkcyaXNaS3QrSzl5a0tVd0lsd24rbTh3RG5HTzFoc1g5dXh3cGkxaXpFQTJId0gzNnRCYk44bWRjQlU0WWF0b29QdUQ5RmdpZWM2VTFnM2NEL2ErRStwL0QvQ0pIUFRoQ0Y4U2N0VE5lNytTK3hqOEM3dE9DbHRnMTA1UUR1MVdCTmQ4R1RMWEJ5SlZZQTNudzJ5aWdwVXVOVmhmSUNsWGFSc0VROUdGS1p6SERnYlRxOW9NWGVwSXErM1ZrREFHbWQrMm1rbDR0ZDUrOXNEb1M2Sk1LeUdEWExSYW1iZnFJTXpRUHY1ckMyWkk2RlVUdit1MjB1RlZGWTlncjA1bmRIZE1zUmhCU2tZS1R6Y3VPNWZ2dXp2MWNBd1VTMTM4bzRScFZxd0xHbVBJQU1NT3VWVDhhZEkySGcrZXM4enN3dzBmNEpCOE9zSGNlUWdHQURtVWJhd0g4c1d1aTRlblE5ZGFzSUE3L2F6WURNdkVvc3ByTlNrbm1vZFRmOTBnby83dW5zMlkrbFJ2VEk1T1l2SzQ2Tk5mZGh2TmxHRm5OdVZic0VyWUc1dVJmRjB3L1JVQWoyMUFmUkZWY0wyMVF4dXVBYTdscTBRNGVPWDFVTXZMTCtOM1BDZHJpNC92VmxRWW1YTHZraklDVHRBUzNlekE3Z1ExWkpjU1k0Qm00WHZM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 11:03:22 GMT
server: Apache/2.4.38 (Debian)
connection: close
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

Primary Request / Show response
www.medicare-providers.net/plans/advantage/
Redirect Chain

http://1redird.com/r.php?u=https%3A%2F%2Ftrack.imgtrx.com%2F61bba860040feb00013eb131%3Fsub1%3D35MC%26sub2%3D913252047%26sub3%3Dmedicare%26sub4%3DMAIN%26cost%3D0.3100&s=j&enc=5j6OJof2QGHm%2BtaTxxA3i...
https://track.imgtrx.com/61bba860040feb00013eb131?sub1=35MC&sub2=913252047&sub3=medicare&sub4=MAIN&cost=0.3100
https://www.frebahlem.com/BCSJLZBH/DCJK84N/?sub1=35MC&sub2=63f0b07baaba5d0001a57ea6
https://www.medicare-providers.net/plans/advantage/?Eref=Q2QCN1ZD&Subreferrer=162106&Subid=3ff8e093b7e84f049db344f2092634bd

79 KB
24 KB

974ms
739ms

Document
text/html

69.20.112.197
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.medicare-providers.net/plans/advantage/?Eref=Q2QCN1ZD&Subreferrer=162106&Subid=3ff8e093b7e84f049db344f2092634bd

Requested by

Host: 1redird.com
URL: http://1redird.com/javascript/jscheck.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.20.112.197 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

8ad1f67664366d41027eb2b3438fb2274fcd88f58cd9005fde94391857c9da95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://1redird.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 18 Feb 2023 11:03:24 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 79b646a378033343-MIA
content-type: text/html; charset=utf-8
date: Sat, 18 Feb 2023 11:03:23 GMT
location: https://www.medicare-providers.net/plans/advantage/?Eref=Q2QCN1ZD&Subreferrer=162106&Subid=3ff8e093b7e84f049db344f2092634bd
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K6C2PXBmXbDFqfJex%2FrEgvBNHSb0Kv9yhzR904OlPF2Q0KgftXsAVciqktC2fqfQzdjNJctCc1I%2FPNtnQbPaiNnwjfA58wQXpQnJagwOg4hMKfu%2FLJCQxZrCV%2Fsqh11oSOrymrsz%2FwtYIaYb8u4%2BFg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
x-eflow-request-id: 4be8df3d-62ac-4c3f-99cb-c81ccd79882f

GET
H2 200 fontawesome.min.css
www.medicare-providers.net/common_scripts/leadgen/fonts/fontawesome/ 34 KB
9 KB 122ms
120ms Stylesheet
text/css 69.20.112.197
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.medicare-providers.net/common_scripts/leadgen/fonts/fontawesome/fontawesome.min.css

Requested by

Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/plans/advantage/?Eref=Q2QCN1ZD&Subreferrer=162106&Subid=3ff8e093b7e84f049db344f2092634bd

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.20.112.197 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

889e5b0e0831a15afbf0a7afe2916c25500b2fa6abb5f62727b0c245415a5f12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.medicare-providers.net/plans/advantage/?Eref=Q2QCN1ZD&Subreferrer=162106&Subid=3ff8e093b7e84f049db344f2092634bd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 11:03:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 11 Dec 2019 16:48:23 GMT
server: nginx
content-encoding: gzip
etag: W/"5df11dd7-870a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=900, public, no-cache, must-revalidate
expires: Sat, 18 Feb 2023 11:18:24 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
856 B 233ms
82ms Stylesheet
text/css 2607:f8b0:4006:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Dosis:wght@400;700&display=swap

Requested by

Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/plans/advantage/?Eref=Q2QCN1ZD&Subreferrer=162106&Subid=3ff8e093b7e84f049db344f2092634bd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c881f90f0a5d8a0f9e44307decbb3d40f5176c7b056cf4ff070ffeadbdc56cbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.medicare-providers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 18 Feb 2023 11:03:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 18 Feb 2023 11:03:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 18 Feb 2023 11:03:24 GMT

GET
H2 200 mp.css
www.medicare-providers.net/common_scripts/laravel/leadgen/8/css/ 660 KB
136 KB 137ms
136ms Stylesheet
text/css 69.20.112.197
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.medicare-providers.net/common_scripts/laravel/leadgen/8/css/mp.css

Requested by

Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/plans/advantage/?Eref=Q2QCN1ZD&Subreferrer=162106&Subid=3ff8e093b7e84f049db344f2092634bd

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.20.112.197 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

4c6c1b0eba3f8055bde680604453b6dcafa612c461172845685520c654d45b11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.medicare-providers.net/plans/advantage/?Eref=Q2QCN1ZD&Subreferrer=162106&Subid=3ff8e093b7e84f049db344f2092634bd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 11:03:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 24 Jan 2023 17:27:30 GMT
server: nginx
content-encoding: gzip
etag: W/"63d01502-a50db"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=900, public, no-cache, must-revalidate
expires: Sat, 18 Feb 2023 11:18:24 GMT

GET
H2 200 mp.js Show response
www.medicare-providers.net/common_scripts/laravel/leadgen/8/js/ 527 KB
171 KB 186ms
185ms Script
application/javascript 69.20.112.197
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.medicare-providers.net/common_scripts/laravel/leadgen/8/js/mp.js

Requested by

Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/plans/advantage/?Eref=Q2QCN1ZD&Subreferrer=162106&Subid=3ff8e093b7e84f049db344f2092634bd

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.20.112.197 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

f5af673d90425039df7e73edf7ea00e8181c2fa467b8511b15de90494a03624d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.medicare-providers.net/plans/advantage/?Eref=Q2QCN1ZD&Subreferrer=162106&Subid=3ff8e093b7e84f049db344f2092634bd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 11:03:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Fri, 20 Jan 2023 17:46:51 GMT
server: nginx
content-encoding: gzip
etag: W/"63cad38b-83bb6"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=900, public, no-cache, must-revalidate
expires: Sat, 18 Feb 2023 11:18:24 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 240 KB
80 KB 367ms
158ms Script
application/javascript 2607:f8b0:4006:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-D0E24Q6LYW

Requested by

Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/plans/advantage/?Eref=Q2QCN1ZD&Subreferrer=162106&Subid=3ff8e093b7e84f049db344f2092634bd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f8666d767ed49ffe491c5f45b2d77a0db044eff692b89f814fb7be4fa3a2eae3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.medicare-providers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 11:03:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82079
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 18 Feb 2023 11:03:25 GMT

GET
H2 200 logo_nongov.svg
www.medicare-providers.net/images/ 16 KB
16 KB 185ms
183ms Image
image/svg+xml 69.20.112.197
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.medicare-providers.net/images/logo_nongov.svg

Requested by

Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/plans/advantage/?Eref=Q2QCN1ZD&Subreferrer=162106&Subid=3ff8e093b7e84f049db344f2092634bd

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.20.112.197 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

8ec2ebaad9e0334e1e22a13cb5221bcc7143bfdbea567f070041867c84aa4b91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.medicare-providers.net/plans/advantage/?Eref=Q2QCN1ZD&Subreferrer=162106&Subid=3ff8e093b7e84f049db344f2092634bd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 11:03:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 04 Aug 2022 16:25:37 GMT
server: nginx
etag: "62ebf301-3f75"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=900, public, no-cache, must-revalidate
accept-ranges: bytes
content-length: 16245
expires: Sat, 18 Feb 2023 11:18:25 GMT

GET
H2 200 computer-couple.jpg
www.medicare-providers.net/images/ 23 KB
23 KB 243ms
242ms Image
image/jpeg 69.20.112.197
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.medicare-providers.net/images/computer-couple.jpg

Requested by

Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/plans/advantage/?Eref=Q2QCN1ZD&Subreferrer=162106&Subid=3ff8e093b7e84f049db344f2092634bd

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.20.112.197 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

94b686167bf9433e0c85c857bf6c2464a3f46639bab68ebff710dbdebde3540a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.medicare-providers.net/plans/advantage/?Eref=Q2QCN1ZD&Subreferrer=162106&Subid=3ff8e093b7e84f049db344f2092634bd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 11:03:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 18 Aug 2021 22:01:47 GMT
server: nginx
etag: "611d834b-5b52"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=900, public, no-cache, must-revalidate
accept-ranges: bytes
content-length: 23378
expires: Sat, 18 Feb 2023 11:18:25 GMT

GET
H2 200 EoDv0on9XF5LZNfkyUnsgBvnFnQ.png
d29u10q7qlh006.cloudfront.net/i/i/465/ 8 KB
8 KB 296ms
78ms Image
image/png 2600:9000:21ec:e000:f:7ab9:d180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29u10q7qlh006.cloudfront.net/i/i/465/EoDv0on9XF5LZNfkyUnsgBvnFnQ.png
Requested by: Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/plans/advantage/?Eref=Q2QCN1ZD&Subreferrer=162106&Subid=3ff8e093b7e84f049db344f2092634bd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ec:e000:f:7ab9:d180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dab93b022ed44eaa76d43413830f23bbcbe78993767d5d90d999dbe0474a176d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.medicare-providers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 08:16:02 GMT
via: 1.1 4a8de0adddd15d5e8cadba8208771b58.cloudfront.net (CloudFront)
last-modified: Fri, 06 Oct 2017 19:31:50 GMT
server: AmazonS3
x-amz-cf-pop: JFK51-C1
age: 10044
etag: "00cf89d055a73e1a7d9479691d4ad2c7"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 8049
x-amz-cf-id: Fc30ZsgAX0V6l7FuuewzWbNU34Nioas_pz-woxqUbSaOGiVUxINWWg==

GET
H2 200 impr.gif
insurance.mediaalpha.com/p/ 42 B
496 B 276ms
81ms Image
image/gif 34.205.184.167
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insurance.mediaalpha.com/p/impr.gif?si=4842421147555624960&ad_pos=1&ad_num={total_ads};n_JG09Mmpu-o26knSRrv6_-kQbjpG3jQBHXTRUcEd8-CrvX_vBMbbMYIV6CNwbO9RNBJgF_fdADULK70EhBzEqAK4xwjouPt9oDvkkpAZ6d7TXA_yEXLCtnlwAuOYeG5q1L1HKPomDxGLiE_GW1ECgq-Jo81EpOuQ0Xr71yEbNZw56NbOVrnxtPJgK4w_mr7dzAFa7jsnl7pMzEHMjh-h0SKFrQIs8RRjtgSMZTcERivjb2q-UrlIOgo-aWiz197DFUQWcoi7-QQKggh0_Tr_79sCoLAc703vTxv9actr_pHZ8xqGZa1NXadZkvhd7y1ANNQxDkHUVP6XR6GFiD3F4IHGqNWOaJkPdc3QYb1tqoXJ96LpZHC1WT0zAAGg8fQNO5ypt_BafoN7xyxPyC_iA0Xok4u-rP30Xi5SZ8FRa5Wng2C9fvcPRP2vQC1L36clUdTw_d0
Requested by: Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/plans/advantage/?Eref=Q2QCN1ZD&Subreferrer=162106&Subid=3ff8e093b7e84f049db344f2092634bd
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.184.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-184-167.compute-1.amazonaws.com
Software: Apache /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.medicare-providers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: image/gif
date: Sat, 18 Feb 2023 11:03:25 GMT
server: Apache

GET
H2 200 user_listings.php Show response
secure.apolloi.com/leadgen/pxl/ 0
0 301ms
85ms Script
text/html 69.20.94.14
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.apolloi.com/leadgen/pxl/user_listings.php?selected_listing_type=puS&selected_listing=MA&listing_page_settings_ids=%255B%255D&visit_id=262881143&state=FL&site_id=mp&from_listings=1
Requested by: Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/plans/advantage/?Eref=Q2QCN1ZD&Subreferrer=162106&Subid=3ff8e093b7e84f049db344f2092634bd
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.20.94.14 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS: secure.apolloi.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.medicare-providers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 45 KB
17 KB 370ms
86ms Script
text/javascript 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/plans/advantage/?Eref=Q2QCN1ZD&Subreferrer=162106&Subid=3ff8e093b7e84f049db344f2092634bd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

68f274e5330a1431b6e07a6a979209097633d713576cf9620bee34a6bd898ad7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.medicare-providers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 11:03:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16815
x-xss-protection: 0
server: cafe
etag: 17544913231395580258
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 18 Feb 2023 11:03:25 GMT

GET
H2 200 visit.php Show response
secure.apolloi.com/leadgen/pxl/ 0
0 72ms
70ms Script
text/html 69.20.94.14
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.apolloi.com/leadgen/pxl/visit.php?visit_id=262881143
Requested by: Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/plans/advantage/?Eref=Q2QCN1ZD&Subreferrer=162106&Subid=3ff8e093b7e84f049db344f2092634bd
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.20.94.14 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS: secure.apolloi.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.medicare-providers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 273ms
80ms Script
text/javascript 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/plans/advantage/?Eref=Q2QCN1ZD&Subreferrer=162106&Subid=3ff8e093b7e84f049db344f2092634bd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.medicare-providers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 18 Feb 2023 10:41:43 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 1302
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sat, 18 Feb 2023 12:41:43 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 124 KB
47 KB 283ms
92ms Script
application/javascript 2607:f8b0:4006:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N7J4MN6

Requested by

Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/plans/advantage/?Eref=Q2QCN1ZD&Subreferrer=162106&Subid=3ff8e093b7e84f049db344f2092634bd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

215642f37b49ad2a5335dba45ebecfb222682d6704cc2160e7a6df7ffec8557c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.medicare-providers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 11:03:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47431
x-xss-protection: 0
last-modified: Sat, 18 Feb 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 18 Feb 2023 11:03:25 GMT

GET
H2 200 593ad82461c3a6d644c6428c Show response
api.pushnami.com/scripts/v1/pushnami-adv/ 248 KB
62 KB 288ms
88ms Script
application/javascript 108.139.47.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pushnami.com/scripts/v1/pushnami-adv/593ad82461c3a6d644c6428c
Requested by: Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/plans/advantage/?Eref=Q2QCN1ZD&Subreferrer=162106&Subid=3ff8e093b7e84f049db344f2092634bd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-67.jfk50.r.cloudfront.net
Software: /
Resource Hash: 4ca9b5c9ec6c6351854bf71d2b9520aeae102cd5b6f19a513356031ddbc3669a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.medicare-providers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 10:55:19 GMT
content-encoding: gzip
via: 1.1 3d84bfab616d594edc9340870455ee6a.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P1
age: 486
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: no-cache
x-amz-cf-id: KiKj73XWEh7CdvwfRXOKWp8F6TZcp-hSklUmf8yJBjEiHuudZUQF7g==

GET
H2 200 app.js Show response
acsbapp.com/apps/app/dist/js/ 470 KB
167 KB 174ms
65ms Script
text/javascript 2606:4700:10::6816:1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://acsbapp.com/apps/app/dist/js/app.js
Requested by: Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/plans/advantage/?Eref=Q2QCN1ZD&Subreferrer=162106&Subid=3ff8e093b7e84f049db344f2092634bd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd4de5e5027e0a2a6ac7e5dc1462e99e4c1704cefedf78902e7beae57f4dcea7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.medicare-providers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 11:03:25 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1676551721
age: 268
x-guploader-uploadid: ADPycdutMmcPeg5mv_PmAo8enfvyvEgLXmsCoqWdHuL9w5sZPFD_5IYZl0gR_BCP7H3evgfwEKp-t8vkwsXeDajyuFD9vA
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Thu, 16 Feb 2023 12:49:09 GMT
server: cloudflare
etag: W/"64b3b1f9b575dd07fd102fe0ea9a4659"
vary: Accept-Encoding
x-goog-generation: 1676551749730272
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=gfwVeQ==, md5=ZLOx+bV13Qf9EC/g6ppGWQ==
access-control-expose-headers: *
cache-control: no-cache
x-goog-stored-content-length: 481604
cf-ray: 79b646af6fdb0a3a-MIA
expires: Sun, 18 Feb 2024 10:58:57 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 171ms
68ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/plans/advantage/?Eref=Q2QCN1ZD&Subreferrer=162106&Subid=3ff8e093b7e84f049db344f2092634bd

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1d26490f083b209ef29e08d092649725edf15ac2b33ad62fdeaafd37f7d79d6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.medicare-providers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sat, 18 Feb 2023 11:03:24 GMT
last-modified: Mon, 23 Jan 2023 19:59:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F85D755DB06A4D36AD98CBFDBD5B682C Ref B: MIAEDGE1613 Ref C: 2023-02-18T11:03:25Z
etag: "076bc30652fd91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11552

GET
H2 200 hero-advantage.jpg
www.medicare-providers.net/images/ 38 KB
39 KB 208ms
203ms Image
image/jpeg 69.20.112.197
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.medicare-providers.net/images/hero-advantage.jpg

Requested by

Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/common_scripts/laravel/leadgen/8/css/mp.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.20.112.197 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

d6c0600bc5c44e7d5225c5704a4412cc491cdd329702785e93a79258b07825e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.medicare-providers.net/common_scripts/laravel/leadgen/8/css/mp.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 11:03:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 18 Aug 2021 22:01:47 GMT
server: nginx
etag: "611d834b-98c7"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=900, public, no-cache, must-revalidate
accept-ranges: bytes
content-length: 39111
expires: Sat, 18 Feb 2023 11:18:25 GMT

GET
H2 200 icon-stroke.png
www.medicare-providers.net/images/ 1 KB
1 KB 272ms
268ms Image
image/png 69.20.112.197
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.medicare-providers.net/images/icon-stroke.png

Requested by

Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/common_scripts/laravel/leadgen/8/css/mp.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.20.112.197 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

d875c39bb6d23d3e02d8de7271163f6f191b67f8b2f9e2bbef6dd9d99f52ea3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.medicare-providers.net/common_scripts/laravel/leadgen/8/css/mp.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 11:03:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 18 Aug 2021 22:01:47 GMT
server: nginx
etag: "611d834b-414"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=900, public, no-cache, must-revalidate
accept-ranges: bytes
content-length: 1044
expires: Sat, 18 Feb 2023 11:18:25 GMT

GET
DATA 200
OK truncated
/ 544 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7caa0e8ba5e6055dfc2e676f2757b96beed661dec99101de0e7d49d2ab1f4edb

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4d5be8ca971c364805b59308b4762db81064cbd50450e1bc9a846917aa3d2cf1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 bg-tablet.jpg
www.medicare-providers.net/images/ 29 KB
30 KB 269ms
268ms Image
image/jpeg 69.20.112.197
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.medicare-providers.net/images/bg-tablet.jpg

Requested by

Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/common_scripts/laravel/leadgen/8/css/mp.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.20.112.197 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

5ce5ea0b2d5434b1cefb853d016b6ab21b7fde312d953202e36f03928d078de1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.medicare-providers.net/common_scripts/laravel/leadgen/8/css/mp.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 11:03:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 18 Aug 2021 22:01:47 GMT
server: nginx
etag: "611d834b-75a9"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=900, public, no-cache, must-revalidate
accept-ranges: bytes
content-length: 30121
expires: Sat, 18 Feb 2023 11:18:25 GMT

GET
DATA 200
OK truncated
/ 599 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 511c63410dac03b9958b384cd2751858037865fed1efc3d3170b73e2b5ca8186

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 957 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fdc8253fe15a1215cde820406e93118e8c06cb07ed4b29bab57682e6bf2a3f37

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 1001 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd04cd9de6c95a6108f9e7fcc7dc3d1c564f24013564c30a1a7e70fc037e2eaf

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13367dc55165c747ad440f1dec2b78cb35ec73fb304bf33c322cc199430d3c0e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b0cc8cc216a92b5ba9159a17d65bdee14a5d19226e8bde4ff773bcd995e3426

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 HhyaU5sn9vOmLzloC_U.woff2
fonts.gstatic.com/s/dosis/v27/ 29 KB
29 KB 225ms
75ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dosis/v27/HhyaU5sn9vOmLzloC_U.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Dosis:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9d88c1280c412b1bccb32e6d99da3369feeb3fae8b64900e7066a1829385699

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.medicare-providers.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 22:20:23 GMT
x-content-type-options: nosniff
age: 132182
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29436
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:56:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 22:20:23 GMT

GET
H2 200 fa-solid-900.woff2
www.medicare-providers.net/common_scripts/leadgen/fonts/fontawesome/ 39 KB
40 KB 220ms
220ms Font
application/font-woff2 69.20.112.197
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.medicare-providers.net/common_scripts/leadgen/fonts/fontawesome/fa-solid-900.woff2

Requested by

Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/common_scripts/leadgen/fonts/fontawesome/fontawesome.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.20.112.197 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

434466b59545a8a1cac6ddb38197cdc6b35995a98c3f3812fb88d61b1c300dd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.medicare-providers.net/common_scripts/leadgen/fonts/fontawesome/fontawesome.min.css
Origin: https://www.medicare-providers.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 11:03:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 11 Dec 2019 16:48:23 GMT
server: nginx
etag: "5df11dd7-9cd4"
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
cache-control: max-age=900, public, no-cache, must-revalidate
accept-ranges: bytes
content-length: 40148
expires: Sat, 18 Feb 2023 11:18:25 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/979637013/ 2 KB
2 KB 260ms
86ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/979637013/?random=1676718205365&cv=9&fst=1676718205365&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.medicare-providers.net%2Fplans%2Fadvantage%2F%3FEref%3DQ2QCN1ZD%26Subreferrer%3D162106%26Subid%3D3ff8e093b7e84f049db344f2092634bd&ref=http%3A%2F%2F1redird.com%2F&tiba=Medicare%20Advantage%20Plans%20%7C%20Medicare%20Providers&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39742bad386bc54b2dcc1adb18fe9f1d6ec9eabcd79c9b31ea8a47fc1c755d3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.medicare-providers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Feb 2023 11:03:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1024
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 81c0e214-f497-a92b-ad7f-7276e94695ab.js Show response
create.lidstatic.com/campaign/ 118 KB
38 KB 174ms
43ms Script
text/javascript 2606:4700:10::6816:26b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://create.lidstatic.com/campaign/81c0e214-f497-a92b-ad7f-7276e94695ab.js?snippet_version=2
Requested by: Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/plans/advantage/?Eref=Q2QCN1ZD&Subreferrer=162106&Subid=3ff8e093b7e84f049db344f2092634bd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:26b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a59a57df59a776e475f735bcbfee038bffc6edead569658ffb75c7932f4177a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.medicare-providers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 11:03:25 GMT
x-amz-version-id: G0917biKrDcN9MmKdMyTQ11WfdCSFaGL
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: B88483DH6C7HR3B7
age: 1250
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: je8Y3b6jKeYVkxgVtZdq68gYtKdpc3q1CPR5kp88r46wsVB7DtJEjLssd4In9wx6288nXgAQR08=
last-modified: Mon, 09 Jan 2023 17:55:46 GMT
server: cloudflare
etag: W/"89554f15c732dd9d9ffed7ac2153f68c"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1800
cf-ray: 79b646b0a968b3cd-MIA

GET
H2 200 request.js Show response
script.anura.io/ 55 KB
20 KB 376ms
182ms Script
application/javascript 3.95.140.41
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/request.js?instance=2761973509&source=MADD&campaign=162106-MP&variable=AnuraResponse&258785000126

Requested by

Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/plans/advantage/?Eref=Q2QCN1ZD&Subreferrer=162106&Subid=3ff8e093b7e84f049db344f2092634bd

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.95.140.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-95-140-41.compute-1.amazonaws.com

Software

nginx /

Resource Hash

3881a012723009224914eccb07f8cf2f719651bbe19407a725509d834dc56c8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.medicare-providers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Feb 2023 11:03:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H2 204 5751758.js Show response
bat.bing.com/p/action/ 0
118 B 129ms
95ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5751758.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.medicare-providers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Sat, 18 Feb 2023 11:03:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5133BEA9F16C4C528D383FD94B4FE4DD Ref B: MIAEDGE1613 Ref C: 2023-02-18T11:03:25Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
360 B 61ms
59ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5751758&Ver=2&mid=8c3569be-2801-4df3-aa29-17396d5fbb7f&sid=ddc63f10af7b11edad142db7c7cf8756&vid=ddc888c0af7b11eda57895e9e34d2716&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Medicare%20Advantage%20Plans%20%7C%20Medicare%20Providers&kw=Find%20%26%20Compare,%20Health%20Insurance,%20Quotes,%20Medicare%20Insurance,%20Plans,%20medicare-providers.net&p=https%3A%2F%2Fwww.medicare-providers.net%2Fplans%2Fadvantage%2F%3FEref%3DQ2QCN1ZD%26Subreferrer%3D162106%26Subid%3D3ff8e093b7e84f049db344f2092634bd&r=http%3A%2F%2F1redird.com%2F&lt=2785&evt=pageLoad&sv=1&rn=516630

Requested by

Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/plans/advantage/?Eref=Q2QCN1ZD&Subreferrer=162106&Subid=3ff8e093b7e84f049db344f2092634bd

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.medicare-providers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 18 Feb 2023 11:03:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 59696D7E9CA449DE841F03D1838C31FC Ref B: MIAEDGE1613 Ref C: 2023-02-18T11:03:25Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 111 KB
44 KB 85ms
84ms Script
application/javascript 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-KFT29QZ&cid=1232298724.1676718206

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

58d5ee876b1cbe71050f09a5b698618658905bb53f319887e2ef868b2c89a380

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.medicare-providers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 11:03:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44603
x-xss-protection: 0
last-modified: Sat, 18 Feb 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 18 Feb 2023 11:03:25 GMT

GET
H2 200 config.json Show response
cdn.acsbapp.com/cache/app/medicare-providers.net/ 164 B
705 B 180ms
77ms Fetch
application/json 2606:4700:10::ac43:b9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.acsbapp.com/cache/app/medicare-providers.net/config.json
Requested by: Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1aedad766e50e3ddd115ad142625d5e58098f6e3a45a1748b16bde553e9010cd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.medicare-providers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 11:03:25 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-guploader-uploadid: ADPycdsR0j-hRIE4_cWIrniIgEgXTatA-PF8ubuLw22b6e5wf2Pdmo9ZhteyiHuIYh5aVnvr_pcWIhYC1bgp-4UeSH4aqA
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Wed, 08 Feb 2023 13:54:32 GMT
server: cloudflare
etag: W/"333ef507d47708e606dfccd97e46500e"
vary: Accept-Encoding
x-goog-hash: crc32c=Q2FyAA==, md5=Mz71B9R3COYG38zZfkZQDg==
x-goog-generation: 1675864472484511
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: no-cache
x-goog-stored-content-length: 164
cf-ray: 79b646b1e8b267c3-MIA
expires: Sun, 18 Feb 2024 11:03:25 GMT

GET
H2 200 593ad82461c3a6d644c6428c
api.pushnami.com/scripts/v1/pushnami-two-step-styles/ 6 KB
2 KB 85ms
82ms Stylesheet
text/css 108.139.47.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pushnami.com/scripts/v1/pushnami-two-step-styles/593ad82461c3a6d644c6428c
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/593ad82461c3a6d644c6428c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-67.jfk50.r.cloudfront.net
Software: /
Resource Hash: ec3cf9d49f5df3314ae6ac1702d1c96669a5aeb259e49412d966931b32a812d0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.medicare-providers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 10:59:34 GMT
content-encoding: gzip
via: 1.1 3d84bfab616d594edc9340870455ee6a.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P1
age: 231
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: text/css; charset=utf-8
cache-control: no-cache
x-amz-cf-id: r8FWU1ZIFcLWqREYcIz60sKOK97I8VQXAisorZ92Sm6ITklMCws_6A==

GET
H2 200 593ad82461c3a6d644c6428c Show response
api.pushnami.com/scripts/v1/pushnami-two-step/ 17 KB
9 KB 91ms
89ms Script
application/javascript 108.139.47.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pushnami.com/scripts/v1/pushnami-two-step/593ad82461c3a6d644c6428c
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/593ad82461c3a6d644c6428c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-67.jfk50.r.cloudfront.net
Software: /
Resource Hash: 51a802b4b8a38f4951f7ec95145e52ef0e85139d4bc4df5d033e10dcd4623ae2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.medicare-providers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 10:59:34 GMT
content-encoding: gzip
via: 1.1 3d84bfab616d594edc9340870455ee6a.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P1
age: 231
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: no-cache
x-amz-cf-id: 6gpVwQq3TT-3sTcxO5Vsnb7xEBH6GHPe41VgWG3c06qGKn_d4u7uGA==

POST
H2 200 track Show response
trc.pushnami.com/api/push/ 2 B
168 B 127ms
125ms Fetch
text/html 54.145.195.26
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/593ad82461c3a6d644c6428c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.145.195.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-145-195-26.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept: application/json, text/plain, */*
Referer: https://www.medicare-providers.net/
accept-language: en-US,en;q=0.9
key: 593ad82461c3a6d644c6428c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Sat, 18 Feb 2023 11:03:26 GMT
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
content-length: 2
content-type: text/html; charset=utf-8

OPTIONS
H2 204 track
trc.pushnami.com/api/push/ Frame 0
0 231ms
79ms Preflight 54.145.195.26
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.145.195.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-145-195-26.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: key
Access-Control-Request-Method: POST
Origin: https://www.medicare-providers.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,key
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: WWW-Authenticate,Server-Authorization
access-control-max-age: 86400
cache-control: no-cache
date: Sat, 18 Feb 2023 11:03:25 GMT

POST
H2 200 GenerateToken Show response
create.leadid.com/2.11.13/ 36 B
659 B 320ms
147ms XHR
text/plain 34.203.172.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.13/GenerateToken?msn=1&pid=7e317c8e-9997-4674-a8a9-0a4ed9d72bd7&_=215226658

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/81c0e214-f497-a92b-ad7f-7276e94695ab.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.203.172.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-203-172-198.compute-1.amazonaws.com

Software

nginx /

Resource Hash

62cb8acdf438a727592d057ebf865d8fb939e077453f5428e60afebd900edc3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.medicare-providers.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 18 Feb 2023 11:03:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 240 KB
80 KB 88ms
87ms Script
application/javascript 2607:f8b0:4006:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-D0E24Q6LYW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N7J4MN6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

03e8f6a9e330c4284dc97acec414c6a57c81be882196bd734c02e4db185aa797

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.medicare-providers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 11:03:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82107
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 18 Feb 2023 11:03:25 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/979637013/ 42 B
455 B 257ms
104ms Image
image/gif 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/979637013/?random=1676718205365&cv=9&fst=1676718000000&num=1&guid=ON&eid=375603261%2C466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.medicare-providers.net%2Fplans%2Fadvantage%2F%3FEref%3DQ2QCN1ZD%26Subreferrer%3D162106%26Subid%3D3ff8e093b7e84f049db344f2092634bd&ref=http%3A%2F%2F1redird.com%2F&tiba=Medicare%20Advantage%20Plans%20%7C%20Medicare%20Providers&fmt=3&is_vtc=1&random=49490648&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/plans/advantage/?Eref=Q2QCN1ZD&Subreferrer=162106&Subid=3ff8e093b7e84f049db344f2092634bd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.medicare-providers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Feb 2023 11:03:26 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 79ms
78ms Ping
text/plain 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-D0E24Q6LYW&gtm=45je32f0&_p=839402632&cid=1232298724.1676718206&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1676718205&sct=1&seg=0&dl=https%3A%2F%2Fwww.medicare-providers.net%2Fplans%2Fadvantage%2F%3FEref%3DQ2QCN1ZD%26Subreferrer%3D162106%26Subid%3D3ff8e093b7e84f049db344f2092634bd&dr=http%3A%2F%2F1redird.com%2F&dt=Medicare%20Advantage%20Plans%20%7C%20Medicare%20Providers&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D0E24Q6LYW
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80c::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.medicare-providers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Feb 2023 11:03:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.medicare-providers.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 80ms
78ms XHR
text/plain 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=839402632&t=pageview&_s=1&dl=https%3A%2F%2Fwww.medicare-providers.net%2Fplans%2Fadvantage%2F%3FEref%3DQ2QCN1ZD%26Subreferrer%3D162106%26Subid%3D3ff8e093b7e84f049db344f2092634bd&dr=http%3A%2F%2F1redird.com%2F&ul=en-us&de=UTF-8&dt=Medicare%20Advantage%20Plans%20%7C%20Medicare%20Providers&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAAEADQAAAACAAI~&jid=1942372910&gjid=906480&cid=1232298724.1676718206&tid=UA-12025801-1&_gid=1062905831.1676718206&_r=1&_slc=1&z=287457040

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.medicare-providers.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 18 Feb 2023 11:03:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.medicare-providers.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 en.build.json Show response
cdn.acsbapp.com/cache/app/ 239 KB
30 KB 95ms
93ms Fetch
application/json 2606:4700:10::ac43:b9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.acsbapp.com/cache/app/en.build.json
Requested by: Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d33795965fe26ddd893bfc0bd2c04273ee880c7e686041338ceccfbcd41249bf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.medicare-providers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 11:03:26 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-goog-meta-goog-reserved-file-mtime: 1676551695
x-guploader-uploadid: ADPycdtRvyTGEVckiLn1pRuOa1g8FwNeWEBZJODqwDcuqCYoTbXwl_-oHwHxzaVUIu7IsRmgmsMcVc65hcHeYvbC5cslfA
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Thu, 16 Feb 2023 12:49:02 GMT
server: cloudflare
etag: W/"22d036e4cd5464d0e3b61564c7f05e80"
vary: Accept-Encoding
x-goog-generation: 1676551742863018
content-type: application/json
access-control-allow-origin: *
x-goog-hash: crc32c=n+mmWw==, md5=ItA25M1UZNDjthVkx/BegA==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: no-cache
x-goog-stored-content-length: 244609
cf-ray: 79b646b369f167c3-MIA
expires: Sun, 18 Feb 2024 11:03:26 GMT

GET
H2 200 icon
api.pushnami.com/api/mirage/ 8 KB
8 KB 71ms
71ms Image
image/png 108.139.47.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.pushnami.com/api/mirage/icon?websiteUrl=https%3A%2F%2Fwww.medicare-providers.net
Requested by: Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/plans/advantage/?Eref=Q2QCN1ZD&Subreferrer=162106&Subid=3ff8e093b7e84f049db344f2092634bd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-67.jfk50.r.cloudfront.net
Software: /
Resource Hash: 0b909f84fcb6abab18d0c94df6047ff1e36322786607587b7f154f5603e405ac

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.medicare-providers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 10:08:50 GMT
via: 1.1 3d84bfab616d594edc9340870455ee6a.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P1
age: 3276
x-cache: Hit from cloudfront
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
content-length: 8134
x-amz-cf-id: VLe37sBzv4pOYWZJqg1iQ4zhIJpuq5bepoofwjyUc4fgnirjR5lBnw==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
355 B 205ms
68ms XHR
text/plain 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-12025801-1&cid=1232298724.1676718206&jid=1942372910&gjid=906480&_gid=1062905831.1676718206&_u=KGBAAEACQAAAACAAI~&z=1270835971

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.medicare-providers.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 18 Feb 2023 11:03:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.medicare-providers.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK iframe.html Show response
d2m2wsoho8qq12.cloudfront.net/ Frame 3145 3 KB
2 KB 240ms
67ms Document
text/html 108.138.125.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=28A53F20-FA36-E9C3-19DC-0D1A23BA4121&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.13&lck=81C0E214-F497-A92B-AD7F-7276E94695AB&lac=478B1969-F034-6785-243D-D2DE64FC7F68

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/81c0e214-f497-a92b-ad7f-7276e94695ab.js?snippet_version=2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.138.125.96 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-125-96.jfk50.r.cloudfront.net

Software

nginx /

Resource Hash

e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.medicare-providers.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Age: 5565
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sat, 18 Feb 2023 09:30:41 GMT
ETag: W/"63ebe88f-dbb"
Last-Modified: Tue, 14 Feb 2023 20:01:19 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Via: 1.1 3155a44b32f22cf1d72a9a7b7439a6e2.cloudfront.net (CloudFront)
X-Amz-Cf-Id: M-4WNoo0I53_0_sjGUQR0q2s1HGNMSDwTkdNKrtY7EwSDhm-4fpbiA==
X-Amz-Cf-Pop: JFK50-P4
X-Cache: Hit from cloudfront

POST
H2 200 SaveDom Show response
create.leadid.com/2.11.13/ 0
621 B 76ms
76ms XHR
text/plain 34.203.172.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.13/SaveDom?msn=2&pid=7e317c8e-9997-4674-a8a9-0a4ed9d72bd7&token=28A53F20-FA36-E9C3-19DC-0D1A23BA4121&_=215226659

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/81c0e214-f497-a92b-ad7f-7276e94695ab.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.203.172.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-203-172-198.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.medicare-providers.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 18 Feb 2023 11:03:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 InitFormData Show response
create.leadid.com/2.11.13/ 0
622 B 71ms
68ms XHR
text/plain 34.203.172.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.13/InitFormData?msn=3&pid=7e317c8e-9997-4674-a8a9-0a4ed9d72bd7&token=28A53F20-FA36-E9C3-19DC-0D1A23BA4121&_=215226660

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/81c0e214-f497-a92b-ad7f-7276e94695ab.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.203.172.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-203-172-198.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.medicare-providers.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 18 Feb 2023 11:03:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 set_visit_ulid Show response
www.medicare-providers.net/api/ 7 B
400 B 89ms
88ms XHR
text/html 69.20.112.197
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.medicare-providers.net/api/set_visit_ulid

Requested by

Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/common_scripts/laravel/leadgen/8/js/mp.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.20.112.197 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

c88a0b907419a70c27ab7c1f8e5fb54441a4d9c3567e4c928fa7b2091194aecf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.medicare-providers.net/plans/advantage/?Eref=Q2QCN1ZD&Subreferrer=162106&Subid=3ff8e093b7e84f049db344f2092634bd
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 18 Feb 2023 11:03:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx
x-ratelimit-remaining: 599
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, no-cache, private
x-ratelimit-limit: 600
x-frame-options: SAMEORIGIN
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 logomono.svg
cdn.acsbapp.com/apps/app/dist/media/ 4 KB
2 KB 45ms
44ms Image
image/svg+xml 2606:4700:10::6816:1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.acsbapp.com/apps/app/dist/media/logomono.svg
Requested by: Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/plans/advantage/?Eref=Q2QCN1ZD&Subreferrer=162106&Subid=3ff8e093b7e84f049db344f2092634bd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 846745b9f0e7bb77e945f00c4255540eefc3c2335f9f596895589ff58967f465

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.medicare-providers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 11:03:26 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1676295519
age: 747
x-guploader-uploadid: ADPycds_1hJCKjvdPtB0OFLK8zbz1b7yurIbrZDYlIi28KH12Kba2qxlm-o-I4vJUN4ed1pXej4KkTyxgs8a8KaBSfcfwQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Thu, 16 Feb 2023 12:49:10 GMT
server: cloudflare
etag: W/"d0f042523a198bec3979f9e9b8e753a4"
vary: Accept-Encoding
x-goog-generation: 1676295553317325
content-type: image/svg+xml
access-control-allow-origin: *
x-goog-hash: crc32c=WqbZUg==, md5=0PBCUjoZi+w5efnpuOdTpA==
access-control-expose-headers: *
cache-control: no-cache
x-goog-stored-content-length: 4105
cf-ray: 79b646b6bbf50a3a-MIA
expires: Sun, 18 Feb 2024 10:50:59 GMT

POST
H2 200 check_web_user Show response
www.medicare-providers.net/api/ 0
393 B 78ms
78ms XHR
text/html 69.20.112.197
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.medicare-providers.net/api/check_web_user

Requested by

Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/common_scripts/laravel/leadgen/8/js/mp.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.20.112.197 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.medicare-providers.net/plans/advantage/?Eref=Q2QCN1ZD&Subreferrer=162106&Subid=3ff8e093b7e84f049db344f2092634bd
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Feb 2023 11:03:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx
x-ratelimit-remaining: 598
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, no-cache, private
x-ratelimit-limit: 600
x-frame-options: SAMEORIGIN
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 94ms
93ms Image
image/gif 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-12025801-1&cid=1232298724.1676718206&jid=1942372910&_u=KGBAAEACQAAAACAAI~&z=1535970752

Requested by

Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/plans/advantage/?Eref=Q2QCN1ZD&Subreferrer=162106&Subid=3ff8e093b7e84f049db344f2092634bd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.medicare-providers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Feb 2023 11:03:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 iframe.html Show response
deviceid.trueleadid.com/ Frame E908 4 KB
2 KB 292ms
60ms Document
text/html 34.238.105.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://deviceid.trueleadid.com/iframe.html?token=28A53F20-FA36-E9C3-19DC-0D1A23BA4121&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.13&lck=81C0E214-F497-A92B-AD7F-7276E94695AB&lac=478B1969-F034-6785-243D-D2DE64FC7F68
Requested by: Host: d2m2wsoho8qq12.cloudfront.net
URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=28A53F20-FA36-E9C3-19DC-0D1A23BA4121&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.13&lck=81C0E214-F497-A92B-AD7F-7276E94695AB&lac=478B1969-F034-6785-243D-D2DE64FC7F68
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.105.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-105-34.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a

Request headers

Referer: https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=86400 public
content-encoding: gzip
content-type: text/html
date: Sat, 18 Feb 2023 11:03:27 GMT
etag: W/"63dbe867-1049"
expires: Sun, 19 Feb 2023 11:03:27 GMT
last-modified: Thu, 02 Feb 2023 16:44:23 GMT
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
server: nginx

POST
H2 200 response.json Show response
script.anura.io/ 50 B
402 B 339ms
217ms XHR
application/json 3.95.140.41
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/response.json

Requested by

Host: script.anura.io
URL: https://script.anura.io/request.js?instance=2761973509&source=MADD&campaign=162106-MP&variable=AnuraResponse&258785000126

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.95.140.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-95-140-41.compute-1.amazonaws.com

Software

nginx /

Resource Hash

b09576d69c1b8a0948ee83f362700f052713b6a113cd4b1eacfd16002c9034e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.medicare-providers.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 18 Feb 2023 11:03:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H2 200 SaveDeviceId.js Show response
create.leadid.com/2.11.13/ Frame E908 0
626 B 184ms
65ms Script
text/javascript 34.203.172.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.13/SaveDeviceId.js?lac=478B1969-F034-6785-243D-D2DE64FC7F68&lck=81C0E214-F497-A92B-AD7F-7276E94695AB&methods=48&token=28A53F20-FA36-E9C3-19DC-0D1A23BA4121&uuid=749563fde05d4881b99d6ddd8b853978

Requested by

Host: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=28A53F20-FA36-E9C3-19DC-0D1A23BA4121&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.13&lck=81C0E214-F497-A92B-AD7F-7276E94695AB&lac=478B1969-F034-6785-243D-D2DE64FC7F68

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.203.172.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-203-172-198.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://deviceid.trueleadid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 11:03:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 InitFormData Show response
create.leadid.com/2.11.13/ 0
622 B 70ms
69ms XHR
text/plain 34.203.172.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.13/InitFormData?msn=4&pid=7e317c8e-9997-4674-a8a9-0a4ed9d72bd7&token=28A53F20-FA36-E9C3-19DC-0D1A23BA4121&_=215226661

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/81c0e214-f497-a92b-ad7f-7276e94695ab.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.203.172.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-203-172-198.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.medicare-providers.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 18 Feb 2023 11:03:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 result.json Show response
script.anura.io/ 27 B
384 B 73ms
73ms XHR
application/json 3.95.140.41
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/result.json

Requested by

Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/plans/advantage/?Eref=Q2QCN1ZD&Subreferrer=162106&Subid=3ff8e093b7e84f049db344f2092634bd

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.95.140.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-95-140-41.compute-1.amazonaws.com

Software

nginx /

Resource Hash

59855fb273cce24eaff91d16cdb093b5b26a2bdca96f6a5ec4d95d81d657e929

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.medicare-providers.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 18 Feb 2023 11:03:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H2 200 hub Show response
api.pushnami.com/scripts/v1/ Frame 53B9 2 KB
1 KB 69ms
67ms Document
text/html 108.139.47.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pushnami.com/scripts/v1/hub

Requested by

Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/593ad82461c3a6d644c6428c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.47.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-47-67.jfk50.r.cloudfront.net

Software

Resource Hash

2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' *
X-Content-Security-Policy	default-src 'unsafe-inline' *

Request headers

Referer: https://www.medicare-providers.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-origin: *
age: 597
cache-control: no-cache
content-encoding: gzip
content-security-policy: default-src 'unsafe-inline' *
content-type: text/html; charset=utf-8
date: Sat, 18 Feb 2023 10:53:30 GMT
vary: accept-encoding
via: 1.1 3d84bfab616d594edc9340870455ee6a.cloudfront.net (CloudFront)
x-amz-cf-id: yq_2eTvI1EfKaaH5nMJN3qDF1GWb43WfL_0YFkz0_2Ew2FVG_mMP-A==
x-amz-cf-pop: JFK50-P1
x-cache: Hit from cloudfront
x-content-security-policy: default-src 'unsafe-inline' *
x-webkit-csp: default-src 'unsafe-inline' *

GET
H3 400 a
www.googletagmanager.com/ 0
0 91ms
90ms Image
text/html 2607:f8b0:4006:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googletagmanager.com/a?id=GTM-KFT29QZ&cv=175&t=ol&s=h1&h=739&g=351&p=ga&o=4000&l=738&q=1045&f=146&e=162&i=26&d=525&c=-431&hc=0&sr=0.050000&ps=0.0327732899669777&cb=1906006470
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80f::2008 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.medicare-providers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H2 200 fraud_status.php Show response
www.medicare-providers.net/common_scripts/omg/ 0
341 B 155ms
152ms XHR
text/html 69.20.112.197
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.medicare-providers.net/common_scripts/omg/fraud_status.php?source=anura&response=

Requested by

Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/common_scripts/laravel/leadgen/8/js/mp.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.20.112.197 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.medicare-providers.net/plans/advantage/?Eref=Q2QCN1ZD&Subreferrer=162106&Subid=3ff8e093b7e84f049db344f2092634bd
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Feb 2023 11:03:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 fraud_status.php Show response
www.medicare-providers.net/common_scripts/omg/ 0
342 B 115ms
113ms XHR
text/html 69.20.112.197
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.medicare-providers.net/common_scripts/omg/fraud_status.php?source=anura&response={%22result%22:%22bad%22,%22mobile%22:0}

Requested by

Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/common_scripts/laravel/leadgen/8/js/mp.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.20.112.197 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.medicare-providers.net/plans/advantage/?Eref=Q2QCN1ZD&Subreferrer=162106&Subid=3ff8e093b7e84f049db344f2092634bd
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Feb 2023 11:03:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 fraud_status.php Show response
www.medicare-providers.net/common_scripts/omg/ 0
342 B 113ms
113ms XHR
text/html 69.20.112.197
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.medicare-providers.net/common_scripts/omg/fraud_status.php?source=anura&response={%22result%22:%22bad%22,%22mobile%22:0}

Requested by

Host: www.medicare-providers.net
URL: https://www.medicare-providers.net/common_scripts/laravel/leadgen/8/js/mp.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.20.112.197 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.medicare-providers.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.medicare-providers.net/plans/advantage/?Eref=Q2QCN1ZD&Subreferrer=162106&Subid=3ff8e093b7e84f049db344f2092634bd
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Feb 2023 11:03:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H2 200 psp Show response
psp.pushnami.com/api/ 2 B
231 B 104ms
102ms Fetch
text/html 3.216.213.114

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/593ad82461c3a6d644c6428c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.213.114 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept: application/json, text/plain, */*
Referer: https://www.medicare-providers.net/
accept-language: en-US,en;q=0.9
key: 593ad82461c3a6d644c6428c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.medicare-providers.net
date: Sat, 18 Feb 2023 11:03:27 GMT
cache-control: no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: accept-encoding
content-type: text/html; charset=utf-8

OPTIONS
H2 200 psp
psp.pushnami.com/api/ Frame 0
0 355ms
68ms Preflight
application/json 3.216.213.114

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.213.114 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: key
Access-Control-Request-Method: POST
Origin: https://www.medicare-providers.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: key
access-control-allow-methods: POST
access-control-allow-origin: https://www.medicare-providers.net
access-control-expose-headers: content-type, content-length, etag
access-control-max-age: 600
cache-control: no-cache
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sat, 18 Feb 2023 11:03:27 GMT
vary: accept-encoding

Verdicts & Comments Add Verdict or Comment

155 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
service.excelluabcbs.com/	1970-01-20 19:21:18	Name: __tad Value: 1676718200.3052691
.1redird.com/	1970-01-20 18:30:54	Name: __dsnsid Value: 20230218220320dba00fdfd8ede90aa7
.track.imgtrx.com/	1970-01-20 09:46:44	Name: redcmps Value: W3siaWQiOiI2MWJiYTg2MDA0MGZlYjAwMDEzZWIxMzEiLCJ0IjoiMjAyMy0wMi0xOFQxMTowMzoyMy4yNDk0NjcyM1oifV0=
.track.imgtrx.com/	1970-01-20 18:30:54	Name: redhash Value: NjNmMGIwN2JhYWJhNWQwMDAxYTU3ZWE2fDB8NjFiYmE4NjAwNDBmZWIwMDAxM2ViMTMxfHw5ZTRhNWU4Ny1lNWRjLTRjMjUtYjdjMC0wYTc3Zjc4YWI2Yjh8MTY3NjcxODIwMw==
www.frebahlem.com/	1970-01-20 10:28:30	Name: uniqueClick_DCJK84N Value: 423246f0-3d14-43fc-b88f-e2cc38f32bac:1676718203
www.frebahlem.com/	1970-01-20 11:54:54	Name: transaction_id Value: 3ff8e093b7e84f049db344f2092634bd
www.medicare-providers.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: cbff7c9ce3541eee57f9810f9421055d
.www.medicare-providers.net/	1970-01-20 09:46:44	Name: mobile_detection Value: a%3A0%3A%7B%7D
www.medicare-providers.net/	1970-01-20 09:45:25	Name: laravel_session Value: eyJpdiI6Im8vQ3NOUGdIU3JjOFNMTXBnajdWZFE9PSIsInZhbHVlIjoidjk1RnIwT3IrZGE4ZmhKVkJLMzdmY08zMG1LS3YwcGZvT3R4alB5a0VTN2Z6NkI4N1BGbTBzUVB1SVNQSmdqeitraHFLT0ZKeUVNSkRxVDZQaUROVm9Dbi9aaWMxVmNyM2tUdm1SRDU5MEFUbEJSNE1qUUpHcTNkYXYyTUxsc2kiLCJtYWMiOiI5NTQzNWRhMzliMGQwZWQxYzM0MDdjNGI1Y2E3ZGNiZDQ5NGFlODc5ZTYxZWY0ZTRjNjllYWNlNjE3NDAyOGQ0IiwidGFnIjoiIn0%3D
.insurance.mediaalpha.com/	1970-01-20 19:21:18	Name: ~u Value: _2g4Y3PN5FDKaSKJEF7CrWq-eoKIjrKKV45p2uqwbw8R__ZK9FE
.insurance.mediaalpha.com/	1970-01-20 11:11:42	Name: ~ Value: FVz1ZpznRPvqp2t7xZDFFsfuKZLeSWobNcM3Aj_sFyuHoSBwIGXnaFXNRdk5w--JK-B4dI-wU_5s6DE0M3daWodSkABGPBG6YcAzwV4YjHiU2SDEtoYRYLGzFFUlPvhPPP748Qqczfs00BW3AgQaX3dbgxc-kS4hXF0s6arBfxCophMD7wI
.medicare-providers.net/	1970-01-20 09:46:44	Name: _uetsid Value: ddc63f10af7b11edad142db7c7cf8756
.medicare-providers.net/	1970-01-20 19:06:54	Name: _uetvid Value: ddc888c0af7b11eda57895e9e34d2716
.bing.com/	1970-01-20 19:06:54	Name: MUID Value: 1BD6F9C0BF1A6AA13FF5EB7CBEBD6BED
.bat.bing.com/	1970-01-20 09:55:23	Name: MR Value: 0
.medicare-providers.net/	1970-01-20 09:46:44	Name: _gid Value: GA1.2.1062905831.1676718206
.doubleclick.net/	1970-01-20 09:45:19	Name: test_cookie Value: CheckForPermission
.medicare-providers.net/	1970-01-20 19:21:18	Name: _ga_D0E24Q6LYW Value: GS1.1.1676718205.1.0.1676718205.0.0.0
.medicare-providers.net/	1970-01-20 19:21:18	Name: _ga Value: GA1.1.1232298724.1676718206
.medicare-providers.net/	1970-01-20 09:45:18	Name: _gat Value: 1
www.medicare-providers.net/	1969-12-31 23:59:59	Name: leadid_token-478B1969-F034-6785-243D-D2DE64FC7F68-81C0E214-F497-A92B-AD7F-7276E94695AB Value: 28A53F20-FA36-E9C3-19DC-0D1A23BA4121
.deviceid.trueleadid.com/	1970-01-20 19:21:18	Name: uuid Value: 749563fde05d4881b99d6ddd8b853978

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.googletagmanager.com/a?id=GTM-KFT29QZ&cv=175&t=ol&s=h1&h=739&g=351&p=ga&o=4000&l=738&q=1045&f=146&e=162&i=26&d=525&c=-431&hc=0&sr=0.050000&ps=0.0327732899669777&cb=1906006470 Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1redird.com
acsbapp.com
api.pushnami.com
bat.bing.com
cdn.acsbapp.com
create.leadid.com
create.lidstatic.com
d29u10q7qlh006.cloudfront.net
d2m2wsoho8qq12.cloudfront.net
deviceid.trueleadid.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
insurance.mediaalpha.com
psp.pushnami.com
script.anura.io
secure.apolloi.com
service.excelluabcbs.com
stats.g.doubleclick.net
track.imgtrx.com
trc.pushnami.com
www.frebahlem.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.medicare-providers.net
103.224.182.206
103.224.182.244
108.138.125.96
108.139.47.67
108.62.123.181
142.251.40.226
2600:9000:21ec:e000:f:7ab9:d180:93a1
2606:4700:10::6816:1cc
2606:4700:10::6816:26b6
2606:4700:10::ac43:b9b
2606:4700:3033::ac43:d6f7
2607:f8b0:4004:c1b::9d
2607:f8b0:4006:80a::200a
2607:f8b0:4006:80c::2002
2607:f8b0:4006:80c::200e
2607:f8b0:4006:80f::2008
2607:f8b0:4006:81d::2003
2607:f8b0:4006:820::2004
2620:1ec:c11::200
3.216.213.114
3.95.140.41
34.203.172.198
34.205.184.167
34.238.105.34
54.145.195.26
69.20.112.197
69.20.94.14
03e8f6a9e330c4284dc97acec414c6a57c81be882196bd734c02e4db185aa797
0b909f84fcb6abab18d0c94df6047ff1e36322786607587b7f154f5603e405ac
13367dc55165c747ad440f1dec2b78cb35ec73fb304bf33c322cc199430d3c0e
1aedad766e50e3ddd115ad142625d5e58098f6e3a45a1748b16bde553e9010cd
1d26490f083b209ef29e08d092649725edf15ac2b33ad62fdeaafd37f7d79d6f
215642f37b49ad2a5335dba45ebecfb222682d6704cc2160e7a6df7ffec8557c
2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4
3881a012723009224914eccb07f8cf2f719651bbe19407a725509d834dc56c8d
39742bad386bc54b2dcc1adb18fe9f1d6ec9eabcd79c9b31ea8a47fc1c755d3c
40daba765e68df81072dba603adecbd49b4c9b0ee836189af681c3a7827bfd9e
434466b59545a8a1cac6ddb38197cdc6b35995a98c3f3812fb88d61b1c300dd3
4c6c1b0eba3f8055bde680604453b6dcafa612c461172845685520c654d45b11
4ca9b5c9ec6c6351854bf71d2b9520aeae102cd5b6f19a513356031ddbc3669a
4d5be8ca971c364805b59308b4762db81064cbd50450e1bc9a846917aa3d2cf1
511c63410dac03b9958b384cd2751858037865fed1efc3d3170b73e2b5ca8186
51a802b4b8a38f4951f7ec95145e52ef0e85139d4bc4df5d033e10dcd4623ae2
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
58d5ee876b1cbe71050f09a5b698618658905bb53f319887e2ef868b2c89a380
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
59855fb273cce24eaff91d16cdb093b5b26a2bdca96f6a5ec4d95d81d657e929
5b0cc8cc216a92b5ba9159a17d65bdee14a5d19226e8bde4ff773bcd995e3426
5ce5ea0b2d5434b1cefb853d016b6ab21b7fde312d953202e36f03928d078de1
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
62cb8acdf438a727592d057ebf865d8fb939e077453f5428e60afebd900edc3d
68f274e5330a1431b6e07a6a979209097633d713576cf9620bee34a6bd898ad7
6a59a57df59a776e475f735bcbfee038bffc6edead569658ffb75c7932f4177a
7caa0e8ba5e6055dfc2e676f2757b96beed661dec99101de0e7d49d2ab1f4edb
846745b9f0e7bb77e945f00c4255540eefc3c2335f9f596895589ff58967f465
889e5b0e0831a15afbf0a7afe2916c25500b2fa6abb5f62727b0c245415a5f12
8ad1f67664366d41027eb2b3438fb2274fcd88f58cd9005fde94391857c9da95
8ec2ebaad9e0334e1e22a13cb5221bcc7143bfdbea567f070041867c84aa4b91
94b686167bf9433e0c85c857bf6c2464a3f46639bab68ebff710dbdebde3540a
a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b09576d69c1b8a0948ee83f362700f052713b6a113cd4b1eacfd16002c9034e0
b9d88c1280c412b1bccb32e6d99da3369feeb3fae8b64900e7066a1829385699
bd04cd9de6c95a6108f9e7fcc7dc3d1c564f24013564c30a1a7e70fc037e2eaf
c05cab9eb1a43f43e508bf395c0c6be30c18c4ab2b50384c2f7e464723fa7484
c881f90f0a5d8a0f9e44307decbb3d40f5176c7b056cf4ff070ffeadbdc56cbf
c88a0b907419a70c27ab7c1f8e5fb54441a4d9c3567e4c928fa7b2091194aecf
d33795965fe26ddd893bfc0bd2c04273ee880c7e686041338ceccfbcd41249bf
d6c0600bc5c44e7d5225c5704a4412cc491cdd329702785e93a79258b07825e8
d875c39bb6d23d3e02d8de7271163f6f191b67f8b2f9e2bbef6dd9d99f52ea3e
dab93b022ed44eaa76d43413830f23bbcbe78993767d5d90d999dbe0474a176d
dd4de5e5027e0a2a6ac7e5dc1462e99e4c1704cefedf78902e7beae57f4dcea7
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec3cf9d49f5df3314ae6ac1702d1c96669a5aeb259e49412d966931b32a812d0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5af673d90425039df7e73edf7ea00e8181c2fa467b8511b15de90494a03624d
f8666d767ed49ffe491c5f45b2d77a0db044eff692b89f814fb7be4fa3a2eae3
fdc8253fe15a1215cde820406e93118e8c06cb07ed4b29bab57682e6bf2a3f37

www.medicare-providers.net Open in urlscan Pro 69.20.112.197 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

65 Requests

94 %HTTPS

48 %IPv6

22 Domains

27 Subdomains

25 IPs

2 Countries

1185 kBTransfer

3531 kBSize

22 Cookies

4 Outgoing links

Page URL History

Redirected requests

65 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.medicare-providers.net Open in urlscan Pro
69.20.112.197 Public Scan

Screenshot
Live screenshot

Full Image

65
Requests

94 %
HTTPS

48 %
IPv6

22
Domains

27
Subdomains

25
IPs

2
Countries

1185 kB
Transfer

3531 kB
Size

22
Cookies

65 HTTP transactions
7 data transactions