urlscan.io logo urlscan.io
SecurityTrails logo

quotes.qualifymedicare.com Open in urlscan Pro
67.205.157.224  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://23.11.133.34.bc.googleusercontent.com/t?encv=2&v=RFlSeHJwRHNId2NoWlJ5dzF1NU9xZWR2V09xcTg0bHFpajEyeXJ1N0xVb0lNcjFxMGF5cEpSdm54cWRndHN2b...
Effective URL: https://quotes.qualifymedicare.com/medicare?&SRC=QV1373&Sub_ID=QV1373&Sub_ID2=4504&Pub_ID=102d646a30a9d9d1bd3524a6fa9879&offer_id=2...
Submission: On November 01 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 3 countries across 21 domains to perform 63 HTTP transactions. The main IP is 67.205.157.224, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is quotes.qualifymedicare.com.
TLS certificate: Issued by R3 on October 27th 2021. Valid for: 3 months.
This is the only time quotes.qualifymedicare.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 34.133.11.23 15169 (GOOGLE)
1 1 18.236.164.87 16509 (AMAZON-02)
1 1 54.183.225.97 16509 (AMAZON-02)
1 1 18.200.170.55 16509 (AMAZON-02)
18 67.205.157.224 14061 (DIGITALOC...)
1 151.101.1.26 54113 (FASTLY)
1 142.250.184.200 15169 (GOOGLE)
1 52.222.206.51 16509 (AMAZON-02)
1 54.243.42.155 14618 (AMAZON-AES)
1 13.32.99.118 16509 (AMAZON-02)
6 35.190.88.7 15169 (GOOGLE)
4 172.217.23.110 15169 (GOOGLE)
6 157.240.20.19 32934 (FACEBOOK)
1 64.233.167.155 15169 (GOOGLE)
1 142.250.186.132 15169 (GOOGLE)
1 216.58.212.163 15169 (GOOGLE)
2 52.222.214.15 16509 (AMAZON-02)
1 172.67.41.229 13335 (CLOUDFLAR...)
4 142.250.186.35 15169 (GOOGLE)
1 52.222.214.123 16509 (AMAZON-02)
1 52.55.155.63 ()
1 34.205.104.175 ()
1 23.21.25.50 ()
1 52.222.206.49 ()
63 22
1    34.133.11.23 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 23.11.133.34.bc.googleusercontent.com
23.11.133.34.bc.googleusercontent.com
1    18.236.164.87 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-236-164-87.us-west-2.compute.amazonaws.com
puysegura.com
1    54.183.225.97 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-183-225-97.us-west-1.compute.amazonaws.com
dnuohxof.com
1    18.200.170.55 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-170-55.eu-west-1.compute.amazonaws.com
qv.qvtrack.com
18    67.205.157.224 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
quotes.qualifymedicare.com
1    151.101.1.26 (United States)

ASN54113 (FASTLY, US)
polyfill.io
1    142.250.184.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f8.1e100.net
www.googletagmanager.com
1    52.222.206.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-206-51.fra56.r.cloudfront.net
d2wy8f7a9ursnm.cloudfront.net
1    54.243.42.155 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-42-155.compute-1.amazonaws.com
insurance.mediaalpha.com
1    13.32.99.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-118.fra60.r.cloudfront.net
ns.qualifymedicare.com
6    35.190.88.7 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 7.88.190.35.bc.googleusercontent.com
sessions.bugsnag.com
4    172.217.23.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f14.1e100.net
www.google-analytics.com
6    157.240.20.19 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-frt3.fbcdn.net
connect.facebook.net
1    64.233.167.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wl-in-f155.1e100.net
stats.g.doubleclick.net
1    142.250.186.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f4.1e100.net
www.google.com
1    216.58.212.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f3.1e100.net
www.google.de
2    52.222.214.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-15.fra56.r.cloudfront.net
cdn.trustedform.com
1    172.67.41.229 (United States)

ASN13335 (CLOUDFLARENET, US)
create.lidstatic.com
4    142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net
fonts.gstatic.com
1    52.222.214.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-123.fra56.r.cloudfront.net
js.callcdn.com
1    52.55.155.63 (None, )

ASN- ()
display.ringba.com
1    34.205.104.175 (None, )

ASN- ()
create.leadid.com
1    23.21.25.50 (None, )

ASN- ()
api.trustedform.com
1    52.222.206.49 (None, )

ASN- ()
d2m2wsoho8qq12.cloudfront.net
Domain Requested by
18 quotes.qualifymedicare.com 23.11.133.34.bc.googleusercontent.com
quotes.qualifymedicare.com
cdn.trustedform.com
6 connect.facebook.net 23.11.133.34.bc.googleusercontent.com
connect.facebook.net
6 sessions.bugsnag.com d2wy8f7a9ursnm.cloudfront.net
4 fonts.gstatic.com quotes.qualifymedicare.com
4 www.google-analytics.com www.googletagmanager.com
quotes.qualifymedicare.com
2 cdn.trustedform.com quotes.qualifymedicare.com
cdn.trustedform.com
1 d2m2wsoho8qq12.cloudfront.net create.lidstatic.com
1 api.trustedform.com cdn.trustedform.com
1 create.leadid.com create.lidstatic.com
1 display.ringba.com js.callcdn.com
1 js.callcdn.com quotes.qualifymedicare.com
1 create.lidstatic.com quotes.qualifymedicare.com
1 www.google.de quotes.qualifymedicare.com
1 www.google.com quotes.qualifymedicare.com
1 stats.g.doubleclick.net www.google-analytics.com
1 ns.qualifymedicare.com quotes.qualifymedicare.com
1 insurance.mediaalpha.com quotes.qualifymedicare.com
1 d2wy8f7a9ursnm.cloudfront.net quotes.qualifymedicare.com
1 www.googletagmanager.com quotes.qualifymedicare.com
1 polyfill.io quotes.qualifymedicare.com
1 qv.qvtrack.com 1 redirects
1 dnuohxof.com 1 redirects
1 puysegura.com 1 redirects
1 23.11.133.34.bc.googleusercontent.com
0 nsapi.qualifymedicare.com Failed ns.qualifymedicare.com
63 25

This site contains links to these domains. Also see Links.

Domain
qualifymedicare.com
privacyportal-eu-cdn.onetrust.com
Subject Issuer Validity Valid
qualifymedicare.com
R3		 2021-10-27 -
2022-01-25		 3 months crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2020		 2021-06-04 -
2022-07-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
mediaalpha.com
Amazon		 2021-08-10 -
2022-09-08		 a year crt.sh
ns.qualifymedicare.com
Amazon		 2021-06-30 -
2022-07-29		 a year crt.sh
*.bugsnag.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-05 -
2022-05-05		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-08-11 -
2021-11-09		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
cdn.trustedform.com
Amazon		 2021-05-14 -
2022-06-12		 a year crt.sh
lidstatic.com
Cloudflare Inc ECC CA-3		 2021-04-30 -
2022-04-29		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.callcdn.com
Amazon		 2021-03-16 -
2022-04-14		 a year crt.sh
*.ringba.com
Amazon		 2021-01-12 -
2022-02-09		 a year crt.sh
create.leadid.com
Amazon		 2021-04-24 -
2022-05-23		 a year crt.sh
*.trustedform.com
Amazon		 2021-10-12 -
2022-11-09		 a year crt.sh

This page contains 4 frames:

Primary Page: https://quotes.qualifymedicare.com/medicare?&SRC=QV1373&Sub_ID=QV1373&Sub_ID2=4504&Pub_ID=102d646a30a9d9d1bd3524a6fa9879&offer_id=20&affiliate_id=1373&transaction_id=102d646a30a9d9d1bd3524a6fa9879&sid=qv_1373
Frame ID: D41896A842345C77896EA42B83E9A2DB
Requests: 56 HTTP requests in this frame

Frame: https://api.trustedform.com/certs
Frame ID: 7A0DB1BC10BD4DE385996099240CEEE7
Requests: 1 HTTP requests in this frame

Frame: https://api.trustedform.com/certs/81a4083a251405c5458eed84467cf7abbbc1146f/snapshot
Frame ID: EB9F04DEAEF612E84559269BAAC0AFB2
Requests: 2 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=A4A84C10-178C-E62C-EA30-B895CCCEBB3C&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.7&lck=E925EC5A-9B7E-3937-CD4B-4FD00DEB5CC1&lac=19FF42BE-C948-1EA2-9AD5-1E59A50943FC
Frame ID: BE85222B41E2818DA09834C346679C2F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://23.11.133.34.bc.googleusercontent.com/t?encv=2&v=RFlSeHJwRHNId2NoWlJ5dzF1NU9xZWR2V09xcTg0bHFpajEyeXJ1N0xVb0lNcjFxM... Page URL
  2. https://puysegura.com/?E=RKhVOoGiB9SqhbIyrU567cay2ltB7B34&s1=16&s2=36067 HTTP 302
    https://dnuohxof.com/?E=RKhVOoGiB9SqhbIyrU567cay2ltB7B34&s1=16&s2=36067&ckmguid=3b03f513-04cf-48a... HTTP 302
    https://qv.qvtrack.com/aff_c?offer_id=20&aff_id=1373&aff_sub=4504&aff_sub2=16&aff_click_id=387869696 HTTP 302
    https://quotes.qualifymedicare.com/medicare?&SRC=QV1373&Sub_ID=QV1373&Sub_ID2=4504&Pub_ID=102d646a30a9d9d1bd352... Page URL

Page Statistics

63
Requests

86 %
HTTPS

0 %
IPv6

21
Domains

25
Subdomains

22
IPs

3
Countries

1261 kB
Transfer

4164 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://23.11.133.34.bc.googleusercontent.com/t?encv=2&v=RFlSeHJwRHNId2NoWlJ5dzF1NU9xZWR2V09xcTg0bHFpajEyeXJ1N0xVb0lNcjFxMGF5cEpSdm54cWRndHN2b1hhb1V2VmlvQ01xQ2lLc0k3MmZNd0FPWWZxRmlVQ0pRNGpQUjZiOGVuR0JxdkNTaEgxOGVFaDlCcFV3U1BEOWhxODZKSFRXSGhUTHRQYXg4TlhpZWNTbkJ4R1pmdlZNV05vWGNFRG02RW44OFJ4aUxnOFRYSDJVcDRLUHpSd3pHbUdaM2dEY1Fnd3hnVnJHZGxiTE5WNDBtbjQxa0h4TEdkRC9lN2xKOS9pRT0= Page URL
  2. https://puysegura.com/?E=RKhVOoGiB9SqhbIyrU567cay2ltB7B34&s1=16&s2=36067 HTTP 302
    https://dnuohxof.com/?E=RKhVOoGiB9SqhbIyrU567cay2ltB7B34&s1=16&s2=36067&ckmguid=3b03f513-04cf-48a1-b461-0b0578b4f6cc HTTP 302
    https://qv.qvtrack.com/aff_c?offer_id=20&aff_id=1373&aff_sub=4504&aff_sub2=16&aff_click_id=387869696 HTTP 302
    https://quotes.qualifymedicare.com/medicare?&SRC=QV1373&Sub_ID=QV1373&Sub_ID2=4504&Pub_ID=102d646a30a9d9d1bd3524a6fa9879&offer_id=20&affiliate_id=1373&transaction_id=102d646a30a9d9d1bd3524a6fa9879&sid=qv_1373 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

63 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
t
23.11.133.34.bc.googleusercontent.com/ 		244 B
697 B 		Document
General
Check archive.org
Download Go to
Full URL
http://23.11.133.34.bc.googleusercontent.com/t?encv=2&v=RFlSeHJwRHNId2NoWlJ5dzF1NU9xZWR2V09xcTg0bHFpajEyeXJ1N0xVb0lNcjFxMGF5cEpSdm54cWRndHN2b1hhb1V2VmlvQ01xQ2lLc0k3MmZNd0FPWWZxRmlVQ0pRNGpQUjZiOGVuR0JxdkNTaEgxOGVFaDlCcFV3U1BEOWhxODZKSFRXSGhUTHRQYXg4TlhpZWNTbkJ4R1pmdlZNV05vWGNFRG02RW44OFJ4aUxnOFRYSDJVcDRLUHpSd3pHbUdaM2dEY1Fnd3hnVnJHZGxiTE5WNDBtbjQxa0h4TEdkRC9lN2xKOS9pRT0=
Protocol
HTTP/1.1
Server
34.133.11.23 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
23.11.133.34.bc.googleusercontent.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips Phusion_Passenger/6.0.11 PHP/7.0.33 / PHP/7.0.33
Resource Hash
6301ae4b1479113f370dbf6ada5656468a565ea27a290d42d8ffebd5999b2fcf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Mon, 01 Nov 2021 20:11:36 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips Phusion_Passenger/6.0.11 PHP/7.0.33
X-Powered-By
PHP/7.0.33
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Content-Length
244
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html;charset=UTF-8
Primary Request medicare
quotes.qualifymedicare.com/
Redirect Chain
  • https://puysegura.com/?E=RKhVOoGiB9SqhbIyrU567cay2ltB7B34&s1=16&s2=36067
  • https://dnuohxof.com/?E=RKhVOoGiB9SqhbIyrU567cay2ltB7B34&s1=16&s2=36067&ckmguid=3b03f513-04cf-48a1-b461-0b0578b4f6cc
  • https://qv.qvtrack.com/aff_c?offer_id=20&aff_id=1373&aff_sub=4504&aff_sub2=16&aff_click_id=387869696
  • https://quotes.qualifymedicare.com/medicare?&SRC=QV1373&Sub_ID=QV1373&Sub_ID2=4504&Pub_ID=102d646a30a9d9d1bd3524a6fa9879&offer_id=20&affiliate_id=1373&transaction_id=102d646a30a9d9d1bd3524a6fa9879&...
76 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://quotes.qualifymedicare.com/medicare?&SRC=QV1373&Sub_ID=QV1373&Sub_ID2=4504&Pub_ID=102d646a30a9d9d1bd3524a6fa9879&offer_id=20&affiliate_id=1373&transaction_id=102d646a30a9d9d1bd3524a6fa9879&sid=qv_1373
Requested by
Host: 23.11.133.34.bc.googleusercontent.com
URL: http://23.11.133.34.bc.googleusercontent.com/t?encv=2&v=RFlSeHJwRHNId2NoWlJ5dzF1NU9xZWR2V09xcTg0bHFpajEyeXJ1N0xVb0lNcjFxMGF5cEpSdm54cWRndHN2b1hhb1V2VmlvQ01xQ2lLc0k3MmZNd0FPWWZxRmlVQ0pRNGpQUjZiOGVuR0JxdkNTaEgxOGVFaDlCcFV3U1BEOWhxODZKSFRXSGhUTHRQYXg4TlhpZWNTbkJ4R1pmdlZNV05vWGNFRG02RW44OFJ4aUxnOFRYSDJVcDRLUHpSd3pHbUdaM2dEY1Fnd3hnVnJHZGxiTE5WNDBtbjQxa0h4TEdkRC9lN2xKOS9pRT0=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
67.205.157.224 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
46126077098b02a99d5a377b7b9338a85ca972c7b5bf9b3e01423ceae916c33c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://23.11.133.34.bc.googleusercontent.com/t?encv=2&v=RFlSeHJwRHNId2NoWlJ5dzF1NU9xZWR2V09xcTg0bHFpajEyeXJ1N0xVb0lNcjFxMGF5cEpSdm54cWRndHN2b1hhb1V2VmlvQ01xQ2lLc0k3MmZNd0FPWWZxRmlVQ0pRNGpQUjZiOGVuR0JxdkNTaEgxOGVFaDlCcFV3U1BEOWhxODZKSFRXSGhUTHRQYXg4TlhpZWNTbkJ4R1pmdlZNV05vWGNFRG02RW44OFJ4aUxnOFRYSDJVcDRLUHpSd3pHbUdaM2dEY1Fnd3hnVnJHZGxiTE5WNDBtbjQxa0h4TEdkRC9lN2xKOS9pRT0=

Response headers

server
nginx/1.13.3
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, private
date
Mon, 01 Nov 2021 20:11:39 GMT
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
content-encoding
gzip

Redirect headers

Server
nginx
Date
Mon, 01 Nov 2021 20:11:39 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
424
Connection
keep-alive
Cache-Control
no-cache, no-store, must-revalidate
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Location
https://quotes.qualifymedicare.com/medicare?&SRC=QV1373&Sub_ID=QV1373&Sub_ID2=4504&Pub_ID=102d646a30a9d9d1bd3524a6fa9879&offer_id=20&affiliate_id=1373&transaction_id=102d646a30a9d9d1bd3524a6fa9879&sid=qv_1373
P3p
CP="NOI CUR OUR NOR INT"
Pragma
no-cache
Tracking_id
102d646a30a9d9d1bd3524a6fa9879
X-Robots-Tag
noindex, nofollow
Access-Control-Allow-Origin
*
X-Request-Id
0c2a8878798ff91c3988ca885d563df0
Access-Control-Allow-Headers
Tune-SDK-Version
polyfill.min.js
polyfill.io/v3/ 		101 B
559 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=Promise.prototype.finally%2CPromise%2CElement.prototype.remove
Requested by
Host: quotes.qualifymedicare.com
URL: https://quotes.qualifymedicare.com/medicare?&SRC=QV1373&Sub_ID=QV1373&Sub_ID2=4504&Pub_ID=102d646a30a9d9d1bd3524a6fa9879&offer_id=20&affiliate_id=1373&transaction_id=102d646a30a9d9d1bd3524a6fa9879&sid=qv_1373
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.26 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dd1b5e04d54c4420fe3e8e6abe2875fc7f13a3cd6384b6c2afc1a35e302dd846
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://quotes.qualifymedicare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
992700
detected-user-agent
Chrome/95.0.4638
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT-CLUSTER, fastly;desc="Edge time";dur=1
content-length
101
referrer-policy
origin-when-cross-origin
last-modified
Wed, 20 Oct 2021 22:43:03 GMT
date
Mon, 01 Nov 2021 20:11:40 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/95.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
gtm.js
www.googletagmanager.com/ 		130 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PLW78QJ
Requested by
Host: quotes.qualifymedicare.com
URL: https://quotes.qualifymedicare.com/medicare?&SRC=QV1373&Sub_ID=QV1373&Sub_ID2=4504&Pub_ID=102d646a30a9d9d1bd3524a6fa9879&offer_id=20&affiliate_id=1373&transaction_id=102d646a30a9d9d1bd3524a6fa9879&sid=qv_1373
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
9cbf746bf2784917156a62ac12a63cf5d39a16d5518422cf43cbb401d4f81140
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://quotes.qualifymedicare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 20:11:40 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49573
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 01 Nov 2021 20:11:40 GMT
bugsnag.min.js
d2wy8f7a9ursnm.cloudfront.net/v7/ 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2wy8f7a9ursnm.cloudfront.net/v7/bugsnag.min.js
Requested by
Host: quotes.qualifymedicare.com
URL: https://quotes.qualifymedicare.com/medicare?&SRC=QV1373&Sub_ID=QV1373&Sub_ID2=4504&Pub_ID=102d646a30a9d9d1bd3524a6fa9879&offer_id=20&affiliate_id=1373&transaction_id=102d646a30a9d9d1bd3524a6fa9879&sid=qv_1373
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.206.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-206-51.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
614aff1363969b4af5d989a61506e4c73cb0c91dd43d7c058ce226f3904a6228

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://quotes.qualifymedicare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 13 Oct 2021 15:05:35 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Wed, 13 Oct 2021 15:05:25 GMT
Server
AmazonS3
Age
1659966
ETag
W/"8a396e8ad44a8046460f76277e54a4b4"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript; charset=UTF-8
Via
1.1 102d8cf947b68167e34dd1299c206242.cloudfront.net (CloudFront)
Cache-Control
public, max-age=315360000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA56-P3
X-Amz-Cf-Id
t1dLb1FKe9YhzSJ26x5qmGDRdKSuaBbHlm39lBWIq6R0bKdslB1qHQ==
combined.js
quotes.qualifymedicare.com/js/ 		361 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quotes.qualifymedicare.com/js/combined.js?id=ef4da83c6db506f3a643
Requested by
Host: quotes.qualifymedicare.com
URL: https://quotes.qualifymedicare.com/medicare?&SRC=QV1373&Sub_ID=QV1373&Sub_ID2=4504&Pub_ID=102d646a30a9d9d1bd3524a6fa9879&offer_id=20&affiliate_id=1373&transaction_id=102d646a30a9d9d1bd3524a6fa9879&sid=qv_1373
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
67.205.157.224 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
197cc8b85fc8f9d77f3cb3d8b645daf472890819172b5ca149798445c57e7353
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://quotes.qualifymedicare.com/medicare?&SRC=QV1373&Sub_ID=QV1373&Sub_ID2=4504&Pub_ID=102d646a30a9d9d1bd3524a6fa9879&offer_id=20&affiliate_id=1373&transaction_id=102d646a30a9d9d1bd3524a6fa9879&sid=qv_1373
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 20:11:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 30 Jul 2021 14:34:57 GMT
server
nginx/1.13.3
x-frame-options
SAMEORIGIN
etag
W/"61040e11-5a52a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
serve.js
insurance.mediaalpha.com/js/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://insurance.mediaalpha.com/js/serve.js
Requested by
Host: quotes.qualifymedicare.com
URL: https://quotes.qualifymedicare.com/medicare?&SRC=QV1373&Sub_ID=QV1373&Sub_ID2=4504&Pub_ID=102d646a30a9d9d1bd3524a6fa9879&offer_id=20&affiliate_id=1373&transaction_id=102d646a30a9d9d1bd3524a6fa9879&sid=qv_1373
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.42.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-42-155.compute-1.amazonaws.com
Software
Apache /
Resource Hash
042a82f58baa7a201449dc7d695f0e109ea8deb6b6463e9030e0ac1f4deef11e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://quotes.qualifymedicare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 01 Nov 2021 20:11:40 GMT
Content-Encoding
gzip
Server
Apache
Connection
keep-alive
Content-Length
5063
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
app.js
quotes.qualifymedicare.com/js/ 		1 MB
328 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quotes.qualifymedicare.com/js/app.js?id=798d1963a5f140e18733
Requested by
Host: quotes.qualifymedicare.com
URL: https://quotes.qualifymedicare.com/medicare?&SRC=QV1373&Sub_ID=QV1373&Sub_ID2=4504&Pub_ID=102d646a30a9d9d1bd3524a6fa9879&offer_id=20&affiliate_id=1373&transaction_id=102d646a30a9d9d1bd3524a6fa9879&sid=qv_1373
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
67.205.157.224 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
dc9b78120e4e34fcd5703df9b1d574aacc0c68dd40d63d8563df84a9ce024e6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://quotes.qualifymedicare.com/medicare?&SRC=QV1373&Sub_ID=QV1373&Sub_ID2=4504&Pub_ID=102d646a30a9d9d1bd3524a6fa9879&offer_id=20&affiliate_id=1373&transaction_id=102d646a30a9d9d1bd3524a6fa9879&sid=qv_1373
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 20:11:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 21 Oct 2021 17:07:04 GMT
server
nginx/1.13.3
x-frame-options
SAMEORIGIN
etag
W/"61719e38-119c30"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
combined.css
quotes.qualifymedicare.com/css/ 		222 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://quotes.qualifymedicare.com/css/combined.css?id=b6e9f4a9cb6746ca7158
Requested by
Host: quotes.qualifymedicare.com
URL: https://quotes.qualifymedicare.com/medicare?&SRC=QV1373&Sub_ID=QV1373&Sub_ID2=4504&Pub_ID=102d646a30a9d9d1bd3524a6fa9879&offer_id=20&affiliate_id=1373&transaction_id=102d646a30a9d9d1bd3524a6fa9879&sid=qv_1373
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
67.205.157.224 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
7a53e5c81102f4f73559daf80643c34ce7f885bb57d16ba7b1a2a411a7523b57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://quotes.qualifymedicare.com/medicare?&SRC=QV1373&Sub_ID=QV1373&Sub_ID2=4504&Pub_ID=102d646a30a9d9d1bd3524a6fa9879&offer_id=20&affiliate_id=1373&transaction_id=102d646a30a9d9d1bd3524a6fa9879&sid=qv_1373
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 20:11:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 30 Jul 2021 14:34:57 GMT
server
nginx/1.13.3
x-frame-options
SAMEORIGIN
etag
W/"61040e11-37621"
vary
Accept-Encoding
content-type
text/css
x-xss-protection
1; mode=block
app.css
quotes.qualifymedicare.com/css/ 		24 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://quotes.qualifymedicare.com/css/app.css?id=11a832a04bddb281e38e
Requested by
Host: quotes.qualifymedicare.com
URL: https://quotes.qualifymedicare.com/medicare?&SRC=QV1373&Sub_ID=QV1373&Sub_ID2=4504&Pub_ID=102d646a30a9d9d1bd3524a6fa9879&offer_id=20&affiliate_id=1373&transaction_id=102d646a30a9d9d1bd3524a6fa9879&sid=qv_1373
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
67.205.157.224 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
e0670644f011bf72fb4c4a6c70a4dca03fd8761e209a302571013efb996333e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://quotes.qualifymedicare.com/medicare?&SRC=QV1373&Sub_ID=QV1373&Sub_ID2=4504&Pub_ID=102d646a30a9d9d1bd3524a6fa9879&offer_id=20&affiliate_id=1373&transaction_id=102d646a30a9d9d1bd3524a6fa9879&sid=qv_1373
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 20:11:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 30 Jul 2021 14:34:57 GMT
server
nginx/1.13.3
x-frame-options
SAMEORIGIN
etag
W/"61040e11-5fc1"
vary
Accept-Encoding
content-type
text/css
x-xss-protection
1; mode=block
N1D3569C61887F.js
ns.qualifymedicare.com/js/ 		69 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ns.qualifymedicare.com/js/N1D3569C61887F.js
Requested by
Host: quotes.qualifymedicare.com
URL: https://quotes.qualifymedicare.com/medicare?&SRC=QV1373&Sub_ID=QV1373&Sub_ID2=4504&Pub_ID=102d646a30a9d9d1bd3524a6fa9879&offer_id=20&affiliate_id=1373&transaction_id=102d646a30a9d9d1bd3524a6fa9879&sid=qv_1373
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-118.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
df4872c795067ac25c3135f01096a942ff65ab4cac2e5c0598d004a934b7163d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://quotes.qualifymedicare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 20:11:41 GMT
content-encoding
gzip
last-modified
Wed, 20 Oct 2021 18:22:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
W/"3928651fec4ee168f2b05b235f5a0001"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/x-javascript
via
1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
cache-control
max-age=300
x-amz-cf-id
kWxWqFOHffGAc8loORGZY696C-KZWaYxbeHV7NU0RQXnzfn7MVL1ng==
/
sessions.bugsnag.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.88.7 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
7.88.190.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Origin
https://quotes.qualifymedicare.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-headers
Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods
POST
access-control-allow-origin
*
date
Mon, 01 Nov 2021 20:11:40 GMT
content-length
0
via
1.1 google
alt-svc
clear
/
sessions.bugsnag.com/ 		21 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Requested by
Host: d2wy8f7a9ursnm.cloudfront.net
URL: https://d2wy8f7a9ursnm.cloudfront.net/v7/bugsnag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.88.7 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
7.88.190.35.bc.googleusercontent.com
Software
/
Resource Hash
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version
1
Referer
https://quotes.qualifymedicare.com/
Bugsnag-Sent-At
2021-11-01T20:11:40.206Z
Accept-Language
de-DE,de;q=0.9
Bugsnag-Api-Key
65d5445119f141706e23f60a40992dce
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Mon, 01 Nov 2021 20:11:40 GMT
via
1.1 google
alt-svc
clear
content-length
21
content-type
application/json
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLW78QJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://quotes.qualifymedicare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 26 Oct 2021 23:24:02 GMT
server
Golfe2
age
666
date
Mon, 01 Nov 2021 20:00:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Mon, 01 Nov 2021 22:00:34 GMT
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: 23.11.133.34.bc.googleusercontent.com
URL: http://23.11.133.34.bc.googleusercontent.com/t?encv=2&v=RFlSeHJwRHNId2NoWlJ5dzF1NU9xZWR2V09xcTg0bHFpajEyeXJ1N0xVb0lNcjFxMGF5cEpSdm54cWRndHN2b1hhb1V2VmlvQ01xQ2lLc0k3MmZNd0FPWWZxRmlVQ0pRNGpQUjZiOGVuR0JxdkNTaEgxOGVFaDlCcFV3U1BEOWhxODZKSFRXSGhUTHRQYXg4TlhpZWNTbkJ4R1pmdlZNV05vWGNFRG02RW44OFJ4aUxnOFRYSDJVcDRLUHpSd3pHbUdaM2dEY1Fnd3hnVnJHZGxiTE5WNDBtbjQxa0h4TEdkRC9lN2xKOS9pRT0=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.20.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://quotes.qualifymedicare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25965
x-xss-protection
0
pragma
public
x-fb-debug
j/LF+ysCi6LHvZW0Yp0NAtCI+cPgH0W5ptyYu8BOqSjYFAWCL1oixWOTn0VSretimDNPpWvRpuWdGYRtI236og==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Mon, 01 Nov 2021 20:11:40 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
229188358434172
connect.facebook.net/signals/config/ 		307 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/229188358434172?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.20.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
63ca3e74236e892b7848373d84691503ab1ce70261cc4ff21db83878acba7be4
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://quotes.qualifymedicare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
8v+0RYLkXBv+WFI58gqPZxrm2bQrxo3x5IkPS3g+gK+zxnbgGW3YMnfNL4NpuM8xePh3jZK/sPkdH7fnsG8DHQ==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 01 Nov 2021 20:11:40 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-164652376-1&cid=2043938651.1635797500&jid=832267473&gjid=878064221&_gid=2019437379.1635797500&_u=YGBAiEABBAAAAE~&z=1440949920
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.167.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wl-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://quotes.qualifymedicare.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 01 Nov 2021 20:11:40 GMT
content-type
text/plain
access-control-allow-origin
https://quotes.qualifymedicare.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=724162901&t=pageview&_s=1&dl=https%3A%2F%2Fquotes.qualifymedicare.com%2Fmedicare%3F%26SRC%3DQV1373%26Sub_ID%3DQV1373%26Sub_ID2%3D4504%26Pub_ID%3D102d646a30a9d9d1bd3524a6fa9879%26offer_id%3D20%26affiliate_id%3D1373%26transaction_id%3D102d646a30a9d9d1bd3524a6fa9879%26sid%3Dqv_1373&dr=http%3A%2F%2F23.11.133.34.bc.googleusercontent.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABB~&jid=832267473&gjid=878064221&cid=2043938651.1635797500&tid=UA-164652376-1&_gid=2019437379.1635797500&gtm=2wgar0PLW78QJ&z=1554200291
Requested by
Host: quotes.qualifymedicare.com
URL: https://quotes.qualifymedicare.com/medicare?&SRC=QV1373&Sub_ID=QV1373&Sub_ID2=4504&Pub_ID=102d646a30a9d9d1bd3524a6fa9879&offer_id=20&affiliate_id=1373&transaction_id=102d646a30a9d9d1bd3524a6fa9879&sid=qv_1373
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://quotes.qualifymedicare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 13:46:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
23102
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-164652376-1&cid=2043938651.1635797500&jid=832267473&_u=YGBAiEABBAAAAE~&z=2024045617
Requested by
Host: quotes.qualifymedicare.com
URL: https://quotes.qualifymedicare.com/medicare?&SRC=QV1373&Sub_ID=QV1373&Sub_ID2=4504&Pub_ID=102d646a30a9d9d1bd3524a6fa9879&offer_id=20&affiliate_id=1373&transaction_id=102d646a30a9d9d1bd3524a6fa9879&sid=qv_1373
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://quotes.qualifymedicare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 20:11:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-164652376-1&cid=2043938651.1635797500&jid=832267473&_u=YGBAiEABBAAAAE~&z=2024045617
Requested by
Host: quotes.qualifymedicare.com
URL: https://quotes.qualifymedicare.com/medicare?&SRC=QV1373&Sub_ID=QV1373&Sub_ID2=4504&Pub_ID=102d646a30a9d9d1bd3524a6fa9879&offer_id=20&affiliate_id=1373&transaction_id=102d646a30a9d9d1bd3524a6fa9879&sid=qv_1373
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://quotes.qualifymedicare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 20:11:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
689801304971358
connect.facebook.net/signals/config/ 		307 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/689801304971358?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.20.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
df1de70fbdd6413faab33f083c1d3fc35a2562b822c54ebc5269b9f148c432e1
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://quotes.qualifymedicare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
QJt3kWlf31pnmW1ILQSF7ie743LCC7zfPHjqWFcY+jfE28Vk0JQ59zQCCvGXQaslHhh9TQyKV/xB2A/DPoWWew==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 01 Nov 2021 20:11:40 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
706688969886441
connect.facebook.net/signals/config/ 		307 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/706688969886441?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.20.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
435ecaa76a4081cb3b0a7047b4eb932ee4a0e1cb75ce5b5679d184baea4f8d3c
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://quotes.qualifymedicare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
0Y1itXKFAtjQMnmIaAHpsXeWUNHZsXkgOSIvtoq7Zml5tBXKJ7SWMapHysgxMpt3SxkzI3OkbBD/hylLg7lTAQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 01 Nov 2021 20:11:40 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
bootstrap.js
cdn.trustedform.com/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16357975006210.45475115766331875
Requested by
Host: quotes.qualifymedicare.com
URL: https://quotes.qualifymedicare.com/medicare?&SRC=QV1373&Sub_ID=QV1373&Sub_ID2=4504&Pub_ID=102d646a30a9d9d1bd3524a6fa9879&offer_id=20&affiliate_id=1373&transaction_id=102d646a30a9d9d1bd3524a6fa9879&sid=qv_1373
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9f74593149adc21c135cc88bba9dfb21d71504ae0f2f558e0f2fe227ff98b380

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://quotes.qualifymedicare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 20:11:41 GMT
content-encoding
gzip
last-modified
Thu, 14 Oct 2021 22:37:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
etag
W/"676b14012df40978e4f1e696cb3be8f4"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-amz-version-id
Wukglm8NBgwYNfr9FYt3vY_dbgf_HJ6l
x-amz-cf-id
Za4Pirdrw8aJBA9CxK71ltFh__Sf-197c_S4FLbYKO3ayu20yVxbTw==
e925ec5a-9b7e-3937-cd4b-4fd00deb5cc1.js
create.lidstatic.com/campaign/ 		123 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://create.lidstatic.com/campaign/e925ec5a-9b7e-3937-cd4b-4fd00deb5cc1.js?snippet_version=2
Requested by
Host: quotes.qualifymedicare.com
URL: https://quotes.qualifymedicare.com/medicare?&SRC=QV1373&Sub_ID=QV1373&Sub_ID2=4504&Pub_ID=102d646a30a9d9d1bd3524a6fa9879&offer_id=20&affiliate_id=1373&transaction_id=102d646a30a9d9d1bd3524a6fa9879&sid=qv_1373
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.41.229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de8bc6c32725e2188055ec6d1abf2eebf5f7d5b0d15b71b73e402e6e480a7808

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://quotes.qualifymedicare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 20:11:41 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Tue, 25 May 2021 13:45:08 GMT
server
cloudflare
x-amz-request-id
D6316RJTH4ZSC0KW
etag
W/"fa624886b4a60e47a7911d9e1c06dfca"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=1800
x-amz-replication-status
COMPLETED
cf-ray
6a77c60b39452778-PRG
x-amz-version-id
js7OA97nZ7rm6AgC_zExzL4WNvbozlEa
x-amz-id-2
YR472t4ERi4WO6W+V68tZJsOkd/ZPJQGmOjAJVJbCdgQbBHm1tlfb5yJonAtAbLP/+hhgyujed8=
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v9/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v9/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: quotes.qualifymedicare.com
URL: https://quotes.qualifymedicare.com/css/combined.css?id=b6e9f4a9cb6746ca7158
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
fab32ccef85408b763c899ad7c0b910c96c76dc9ed7158ce304fdcd3c0bf8388
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://quotes.qualifymedicare.com/
Origin
https://quotes.qualifymedicare.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 08:16:41 GMT
x-content-type-options
nosniff
age
388499
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7968
x-xss-protection
0
last-modified
Tue, 08 Oct 2019 21:22:03 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 28 Oct 2022 08:16:41 GMT
/
sessions.bugsnag.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.88.7 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
7.88.190.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Origin
https://quotes.qualifymedicare.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-headers
Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods
POST
access-control-allow-origin
*
date
Mon, 01 Nov 2021 20:11:40 GMT
content-length
0
via
1.1 google
alt-svc
clear
/
sessions.bugsnag.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.88.7 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
7.88.190.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Origin
https://quotes.qualifymedicare.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-headers
Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods
POST
access-control-allow-origin
*
date
Mon, 01 Nov 2021 20:11:40 GMT
content-length
0
via
1.1 google
alt-svc
clear
27.js
quotes.qualifymedicare.com/js/chunks/ 		55 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quotes.qualifymedicare.com/js/chunks/27.js?id=1045199ada68b44f024f
Requested by
Host: quotes.qualifymedicare.com
URL: https://quotes.qualifymedicare.com/js/app.js?id=798d1963a5f140e18733
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
67.205.157.224 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
c7390dbeaf71fccd7ea15ba5e14df791bf4e9a13136e55729f08533db2f53a55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://quotes.qualifymedicare.com/medicare?&SRC=QV1373&Sub_ID=QV1373&Sub_ID2=4504&Pub_ID=102d646a30a9d9d1bd3524a6fa9879&offer_id=20&affiliate_id=1373&transaction_id=102d646a30a9d9d1bd3524a6fa9879&sid=qv_1373
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 20:11:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 30 Jul 2021 14:34:57 GMT
server
nginx/1.13.3
x-frame-options
SAMEORIGIN
etag
W/"61040e11-dc71"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
28.js
quotes.qualifymedicare.com/js/chunks/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quotes.qualifymedicare.com/js/chunks/28.js?id=81529dc2c3b4a55f80a2
Requested by
Host: quotes.qualifymedicare.com
URL: https://quotes.qualifymedicare.com/js/app.js?id=798d1963a5f140e18733
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
67.205.157.224 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
2be01413e6757062edd5875cd4c62c9b0f90f24b7dd8314fe4d2c85f61ed0775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://quotes.qualifymedicare.com/medicare?&SRC=QV1373&Sub_ID=QV1373&Sub_ID2=4504&Pub_ID=102d646a30a9d9d1bd3524a6fa9879&offer_id=20&affiliate_id=1373&transaction_id=102d646a30a9d9d1bd3524a6fa9879&sid=qv_1373
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 20:11:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 23 Sep 2021 15:16:12 GMT
server
nginx/1.13.3
x-frame-options
SAMEORIGIN
etag
W/"614c9a3c-137e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
/
sessions.bugsnag.com/ 		21 B
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Requested by
Host: d2wy8f7a9ursnm.cloudfront.net
URL: https://d2wy8f7a9ursnm.cloudfront.net/v7/bugsnag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.88.7 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
7.88.190.35.bc.googleusercontent.com
Software
/
Resource Hash
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version
1
Referer
https://quotes.qualifymedicare.com/
Bugsnag-Sent-At
2021-11-01T20:11:40.737Z
Accept-Language
de-DE,de;q=0.9
Bugsnag-Api-Key
65d5445119f141706e23f60a40992dce
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Mon, 01 Nov 2021 20:11:40 GMT
via
1.1 google
alt-svc
clear
content-length
21
content-type
application/json
/
sessions.bugsnag.com/ 		21 B
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Requested by
Host: d2wy8f7a9ursnm.cloudfront.net
URL: https://d2wy8f7a9ursnm.cloudfront.net/v7/bugsnag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.88.7 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
7.88.190.35.bc.googleusercontent.com
Software
/
Resource Hash
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version
1
Referer
https://quotes.qualifymedicare.com/
Bugsnag-Sent-At
2021-11-01T20:11:40.744Z
Accept-Language
de-DE,de;q=0.9
Bugsnag-Api-Key
65d5445119f141706e23f60a40992dce
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Mon, 01 Nov 2021 20:11:40 GMT
via
1.1 google
alt-svc
clear
content-length
21
content-type
application/json
0.js
quotes.qualifymedicare.com/js/chunks/ 		15 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quotes.qualifymedicare.com/js/chunks/0.js?id=9a93bedc79105a4a3216
Requested by
Host: quotes.qualifymedicare.com
URL: https://quotes.qualifymedicare.com/js/app.js?id=798d1963a5f140e18733
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
67.205.157.224 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
9d87d7378a961432e4db40c72a964062058a418d33aa724a20319fc5525e47f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://quotes.qualifymedicare.com/medicare?SRC=QV1373&Sub_ID=QV1373&Sub_ID2=4504&Pub_ID=102d646a30a9d9d1bd3524a6fa9879&offer_id=20&affiliate_id=1373&transaction_id=102d646a30a9d9d1bd3524a6fa9879&sid=qv_1373
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 20:11:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 30 Jul 2021 14:34:57 GMT
server
nginx/1.13.3
x-frame-options
SAMEORIGIN
etag
W/"61040e11-3bf8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
25.js
quotes.qualifymedicare.com/js/chunks/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quotes.qualifymedicare.com/js/chunks/25.js?id=a793c8cebbc1f4c2a409
Requested by
Host: quotes.qualifymedicare.com
URL: https://quotes.qualifymedicare.com/js/app.js?id=798d1963a5f140e18733
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
67.205.157.224 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
1de9ce2402d64485801d5be6d4cc07c916c0c83ecc981a494519501e0126c09f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://quotes.qualifymedicare.com/medicare?SRC=QV1373&Sub_ID=QV1373&Sub_ID2=4504&Pub_ID=102d646a30a9d9d1bd3524a6fa9879&offer_id=20&affiliate_id=1373&transaction_id=102d646a30a9d9d1bd3524a6fa9879&sid=qv_1373
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 20:11:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 07 Oct 2021 08:41:58 GMT
server
nginx/1.13.3
x-frame-options
SAMEORIGIN
etag
W/"615eb2d6-a5a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
16.js
quotes.qualifymedicare.com/js/chunks/ 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quotes.qualifymedicare.com/js/chunks/16.js?id=e807c805e1cd2b3330c6
Requested by
Host: quotes.qualifymedicare.com
URL: https://quotes.qualifymedicare.com/js/app.js?id=798d1963a5f140e18733
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
67.205.157.224 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
6f8fad21e46eeb5db13045d519f47e3f7c3e7ae68d63f0b638903e72b4628635
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://quotes.qualifymedicare.com/medicare?SRC=QV1373&Sub_ID=QV1373&Sub_ID2=4504&Pub_ID=102d646a30a9d9d1bd3524a6fa9879&offer_id=20&affiliate_id=1373&transaction_id=102d646a30a9d9d1bd3524a6fa9879&sid=qv_1373
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 20:11:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 07 Oct 2021 08:41:58 GMT
server
nginx/1.13.3
x-frame-options
SAMEORIGIN
etag
W/"615eb2d6-8389"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
17.js
quotes.qualifymedicare.com/js/chunks/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quotes.qualifymedicare.com/js/chunks/17.js?id=5aa1f0971e55cc0dcf28
Requested by
Host: quotes.qualifymedicare.com
URL: https://quotes.qualifymedicare.com/js/app.js?id=798d1963a5f140e18733
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
67.205.157.224 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
38393eac4ad281d91bf12a7033abad71ee9361e7c435a61946d843ff8611a6eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://quotes.qualifymedicare.com/medicare?SRC=QV1373&Sub_ID=QV1373&Sub_ID2=4504&Pub_ID=102d646a30a9d9d1bd3524a6fa9879&offer_id=20&affiliate_id=1373&transaction_id=102d646a30a9d9d1bd3524a6fa9879&sid=qv_1373
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 20:11:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 07 Oct 2021 08:41:58 GMT
server
nginx/1.13.3
x-frame-options
SAMEORIGIN
etag
W/"615eb2d6-38d7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
13.js
quotes.qualifymedicare.com/js/chunks/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quotes.qualifymedicare.com/js/chunks/13.js?id=995fdda7ddcbad3380ad
Requested by
Host: quotes.qualifymedicare.com
URL: https://quotes.qualifymedicare.com/js/app.js?id=798d1963a5f140e18733
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
67.205.157.224 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
c75d0e774b08058ae8ed0e5e9a4d6107d7fddba261d93b7a74fca85aeed3081b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://quotes.qualifymedicare.com/medicare?SRC=QV1373&Sub_ID=QV1373&Sub_ID2=4504&Pub_ID=102d646a30a9d9d1bd3524a6fa9879&offer_id=20&affiliate_id=1373&transaction_id=102d646a30a9d9d1bd3524a6fa9879&sid=qv_1373
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 20:11:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 07 Oct 2021 08:41:58 GMT
server
nginx/1.13.3
x-frame-options
SAMEORIGIN
etag
W/"615eb2d6-e63"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
15.js
quotes.qualifymedicare.com/js/chunks/ 		775 B
726 B 		Script
General
Check archive.org
Download Go to
Full URL
https://quotes.qualifymedicare.com/js/chunks/15.js?id=9e6a4c5510b7ececf819
Requested by
Host: quotes.qualifymedicare.com
URL: https://quotes.qualifymedicare.com/js/app.js?id=798d1963a5f140e18733
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
67.205.157.224 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
7ee98cf776cddef70f6600e7a109c34a78cb998d856dbcecdfdf281e5fbb0150
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://quotes.qualifymedicare.com/medicare?SRC=QV1373&Sub_ID=QV1373&Sub_ID2=4504&Pub_ID=102d646a30a9d9d1bd3524a6fa9879&offer_id=20&affiliate_id=1373&transaction_id=102d646a30a9d9d1bd3524a6fa9879&sid=qv_1373
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 20:11:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 07 Oct 2021 08:41:58 GMT
server
nginx/1.13.3
x-frame-options
SAMEORIGIN
etag
W/"615eb2d6-307"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=724162901&t=pageview&_s=1&dl=https%3A%2F%2Fquotes.qualifymedicare.com%2Fmedicare%3F%26SRC%3DQV1373%26Sub_ID%3DQV1373%26Sub_ID2%3D4504%26Pub_ID%3D102d646a30a9d9d1bd3524a6fa9879%26offer_id%3D20%26affiliate_id%3D1373%26transaction_id%3D102d646a30a9d9d1bd3524a6fa9879%26sid%3Dqv_1373&dr=http%3A%2F%2F23.11.133.34.bc.googleusercontent.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiEABBAAAAE~&jid=&gjid=&cid=2043938651.1635797500&tid=UA-164652376-1&_gid=2019437379.1635797500&gtm=2wgar0PLW78QJ&z=1358547167
Requested by
Host: quotes.qualifymedicare.com
URL: https://quotes.qualifymedicare.com/medicare?SRC=QV1373&Sub_ID=QV1373&Sub_ID2=4504&Pub_ID=102d646a30a9d9d1bd3524a6fa9879&offer_id=20&affiliate_id=1373&transaction_id=102d646a30a9d9d1bd3524a6fa9879&sid=qv_1373
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://quotes.qualifymedicare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 13:46:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
23102
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=724162901&t=pageview&_s=1&dl=https%3A%2F%2Fquotes.qualifymedicare.com%2Fmedicare%3FSRC%3DQV1373%26Sub_ID%3DQV1373%26Sub_ID2%3D4504%26Pub_ID%3D102d646a30a9d9d1bd3524a6fa9879%26offer_id%3D20%26affiliate_id%3D1373%26transaction_id%3D102d646a30a9d9d1bd3524a6fa9879%26sid%3Dqv_1373&dr=http%3A%2F%2F23.11.133.34.bc.googleusercontent.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiEABBAAAAE~&jid=&gjid=&cid=2043938651.1635797500&tid=UA-164652376-1&_gid=2019437379.1635797500&gtm=2wgar0PLW78QJ&z=204734148
Requested by
Host: quotes.qualifymedicare.com
URL: https://quotes.qualifymedicare.com/medicare?SRC=QV1373&Sub_ID=QV1373&Sub_ID2=4504&Pub_ID=102d646a30a9d9d1bd3524a6fa9879&offer_id=20&affiliate_id=1373&transaction_id=102d646a30a9d9d1bd3524a6fa9879&sid=qv_1373
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://quotes.qualifymedicare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 13:46:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
23102
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ringba
quotes.qualifymedicare.com/webform/session/tag/ 		43 B
972 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://quotes.qualifymedicare.com/webform/session/tag/ringba?homepage=1
Requested by
Host: quotes.qualifymedicare.com
URL: https://quotes.qualifymedicare.com/js/app.js?id=798d1963a5f140e18733
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
67.205.157.224 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
2435d019c8ca3eaa52c14f444aec3d2ddcf2a86f5857e2ea0ad84fe4e699b701
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

X-XSRF-TOKEN
eyJpdiI6IlRmaXMvMWRrMWViaVlVUll2YlJOb3c9PSIsInZhbHVlIjoienYxQjRwZHlTRkNqb05JUXhIbCtyLzdOb1h2U05sK0dSL2NROWQ3d0NDaDVvcWhSM1JIamY1ZEZIRHA3RkVkVzFSMEU1WU8zVXg0RWlJam5OY1NEMGhySTZWVzdPMEhqREhMclJlZG93a0M4dmFDdVVsNUFEQkxmaG9odHIyU28iLCJtYWMiOiI0NTgzNDQ1Nzc4MjljNzZlNjEwYjQwNDFiYzQ4MTExNGRmYjBmNTc4ZDRkMWU2YTg2OWFhMzg5MDljODE1YzVlIn0=
X-CSRF-TOKEN
OEfl4gsabjDwN1Io8Ua596AIzbQOi6Hv9wjOI9FT
X-Webform-Session-Token
DnxN5lmceNebODTZ0R7Y2pHFOh1QrfqJqrR2M3IZ
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://quotes.qualifymedicare.com/medicare?SRC=QV1373&Sub_ID=QV1373&Sub_ID2=4504&Pub_ID=102d646a30a9d9d1bd3524a6fa9879&offer_id=20&affiliate_id=1373&transaction_id=102d646a30a9d9d1bd3524a6fa9879&sid=qv_1373
X-Requested-With
XMLHttpRequest

Response headers

date
Mon, 01 Nov 2021 20:11:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.13.3
x-frame-options
SAMEORIGIN
content-type
application/json
cache-control
no-cache, private
vary
Accept-Encoding
x-xss-protection
1; mode=block
oxEng3ak79I77anrTTaYWMotkIPfFVsXA9rdPc9U.webp
quotes.qualifymedicare.com/storage/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://quotes.qualifymedicare.com/storage/oxEng3ak79I77anrTTaYWMotkIPfFVsXA9rdPc9U.webp
Requested by
Host: quotes.qualifymedicare.com
URL: https://quotes.qualifymedicare.com/medicare?SRC=QV1373&Sub_ID=QV1373&Sub_ID2=4504&Pub_ID=102d646a30a9d9d1bd3524a6fa9879&offer_id=20&affiliate_id=1373&transaction_id=102d646a30a9d9d1bd3524a6fa9879&sid=qv_1373
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
67.205.157.224 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
699f949d43ae203fd25376a3119bf7c2745ce18ba9145d018b04087be5da8015
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://quotes.qualifymedicare.com/medicare?SRC=QV1373&Sub_ID=QV1373&Sub_ID2=4504&Pub_ID=102d646a30a9d9d1bd3524a6fa9879&offer_id=20&affiliate_id=1373&transaction_id=102d646a30a9d9d1bd3524a6fa9879&sid=qv_1373
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 20:11:40 GMT
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 15:34:15 GMT
server
nginx/1.13.3
etag
"5f92f7f7-50f0"
x-frame-options
SAMEORIGIN
content-type
image/webp
accept-ranges
bytes
content-length
20720
x-xss-protection
1; mode=block
phone-icon-blue.png
quotes.qualifymedicare.com/img/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://quotes.qualifymedicare.com/img/phone-icon-blue.png
Requested by
Host: quotes.qualifymedicare.com
URL: https://quotes.qualifymedicare.com/medicare?SRC=QV1373&Sub_ID=QV1373&Sub_ID2=4504&Pub_ID=102d646a30a9d9d1bd3524a6fa9879&offer_id=20&affiliate_id=1373&transaction_id=102d646a30a9d9d1bd3524a6fa9879&sid=qv_1373
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
67.205.157.224 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
c93f609750657561e2b08f8ff8f56c2829d147679c99db6deea417326f08e934
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://quotes.qualifymedicare.com/medicare?SRC=QV1373&Sub_ID=QV1373&Sub_ID2=4504&Pub_ID=102d646a30a9d9d1bd3524a6fa9879&offer_id=20&affiliate_id=1373&transaction_id=102d646a30a9d9d1bd3524a6fa9879&sid=qv_1373
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 20:11:40 GMT
x-content-type-options
nosniff
last-modified
Thu, 15 Oct 2020 13:13:51 GMT
server
nginx/1.13.3
etag
"5f884b0f-2171"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
8561
x-xss-protection
1; mode=block
phone-icon-w.svg
quotes.qualifymedicare.com/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://quotes.qualifymedicare.com/img/phone-icon-w.svg
Requested by
Host: quotes.qualifymedicare.com
URL: https://quotes.qualifymedicare.com/medicare?SRC=QV1373&Sub_ID=QV1373&Sub_ID2=4504&Pub_ID=102d646a30a9d9d1bd3524a6fa9879&offer_id=20&affiliate_id=1373&transaction_id=102d646a30a9d9d1bd3524a6fa9879&sid=qv_1373
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
67.205.157.224 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
068bc6a38e6e2966c58145df6cec98e22dc11e9bded86691ac0ac487680ea58c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://quotes.qualifymedicare.com/medicare?SRC=QV1373&Sub_ID=QV1373&Sub_ID2=4504&Pub_ID=102d646a30a9d9d1bd3524a6fa9879&offer_id=20&affiliate_id=1373&transaction_id=102d646a30a9d9d1bd3524a6fa9879&sid=qv_1373
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 20:11:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 28 Aug 2019 16:03:48 GMT
server
nginx/1.13.3
x-frame-options
SAMEORIGIN
etag
W/"5d66a5e4-95e"
vary
Accept-Encoding
content-type
image/svg+xml
x-xss-protection
1; mode=block
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v9/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v9/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: quotes.qualifymedicare.com
URL: https://quotes.qualifymedicare.com/css/combined.css?id=b6e9f4a9cb6746ca7158
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
5e07f937be00bbef113152fa46b2b2d5df97f405b152881c96e1c5069d8f405d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://quotes.qualifymedicare.com/
Origin
https://quotes.qualifymedicare.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 02:46:48 GMT
x-content-type-options
nosniff
age
321892
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7960
x-xss-protection
0
last-modified
Tue, 08 Oct 2019 21:22:10 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 29 Oct 2022 02:46:48 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v9/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v9/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: quotes.qualifymedicare.com
URL: https://quotes.qualifymedicare.com/css/combined.css?id=b6e9f4a9cb6746ca7158
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
07d2b7c2df967b7820b8ce99be3f7db1a1db5a82797826cd9a06e6489e89f71a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://quotes.qualifymedicare.com/
Origin
https://quotes.qualifymedicare.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 18:02:40 GMT
x-content-type-options
nosniff
age
7740
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7836
x-xss-protection
0
last-modified
Tue, 08 Oct 2019 21:22:22 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 01 Nov 2022 18:02:40 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v9/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v9/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: quotes.qualifymedicare.com
URL: https://quotes.qualifymedicare.com/css/combined.css?id=b6e9f4a9cb6746ca7158
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
56a522e79770e488da6015ed10f8c2bdafbcd87a7c6d443f7a293579bd0ef58d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://quotes.qualifymedicare.com/
Origin
https://quotes.qualifymedicare.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 22:35:21 GMT
x-content-type-options
nosniff
age
336979
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7924
x-xss-protection
0
last-modified
Tue, 08 Oct 2019 21:22:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 28 Oct 2022 22:35:21 GMT
1708702472598035
connect.facebook.net/signals/config/ 		307 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1708702472598035?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.20.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
ac83ec2a44e576df28a2646d24287bfa37ce8b0c56186d30a35102dc3cf4d3f4
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://quotes.qualifymedicare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
vqlHnWi3Y4OPb0ZN74AEpHhjV+jLlkZ146uT4PIB2VkE8E483g/U07VnQ/k0gJ1Xk9jjuq/TnyCjUsQgkpuMqw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 01 Nov 2021 20:11:40 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
get-geolocation
quotes.qualifymedicare.com/ 		367 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quotes.qualifymedicare.com/get-geolocation
Requested by
Host: quotes.qualifymedicare.com
URL: https://quotes.qualifymedicare.com/js/combined.js?id=ef4da83c6db506f3a643
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
67.205.157.224 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
0d36db8bd8d057f956f967f8dfda23793e4ad714a5907fc6d09764a41710a892
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://quotes.qualifymedicare.com/medicare?SRC=QV1373&Sub_ID=QV1373&Sub_ID2=4504&Pub_ID=102d646a30a9d9d1bd3524a6fa9879&offer_id=20&affiliate_id=1373&transaction_id=102d646a30a9d9d1bd3524a6fa9879&sid=qv_1373
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 20:11:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.13.3
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
cache-control
no-cache, private
vary
Accept-Encoding
x-xss-protection
1; mode=block
ringba.com.js
js.callcdn.com/js_v3/min/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.callcdn.com/js_v3/min/ringba.com.js
Requested by
Host: quotes.qualifymedicare.com
URL: https://quotes.qualifymedicare.com/js/app.js?id=798d1963a5f140e18733
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-123.fra56.r.cloudfront.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1b35261b95ec779b25d6a27b1b2c1c2d6f1c08f329ffd643478ad63d7ddcdea0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://quotes.qualifymedicare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 08:37:48 GMT
content-encoding
gzip
last-modified
Thu, 14 Oct 2021 21:05:54 GMT
server
Microsoft-IIS/10.0
age
41631
x-powered-by
ASP.NET
etag
W/"0a576463fc1d71:0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
-5YR7Xm8oWa9y9Qx_buEtlEU1g6Gsq8IpuNK-ry9VnX28-iTRJmdTA==
727192434401219
connect.facebook.net/signals/config/ 		307 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/727192434401219?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.20.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
d09d0e88cc340fe5bab0f79aa33ae78dba44466e57f11a37d4780d5a66e9461d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://quotes.qualifymedicare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
YXL8ql4U/PdNTPBBrIfo8IIZO7kQzjwXzQS2z/7LkjLCE1xbVm0CEQqbZkNJ547SYNU2b8XgxykIQXI/7+dlMw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 01 Nov 2021 20:11:40 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
gnbulk
display.ringba.com/v2/nis/ 		394 B
791 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.ringba.com/v2/nis/gnbulk
Requested by
Host: js.callcdn.com
URL: https://js.callcdn.com/js_v3/min/ringba.com.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.155.63 -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
70ec85903090465504df28562a0605f6cd13c2e78dbbe0e63309eb4c383a5cfd

Request headers

Referer
https://quotes.qualifymedicare.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 20:11:40 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Access-Control-Max-Age
300
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://quotes.qualifymedicare.com
Cache-Control
no-cache
Connection
keep-alive
Content-Length
394
X-Runtime
0.0020
Expires
-1
GenerateToken
create.leadid.com/2.11.7/ 		36 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.7/GenerateToken?msn=1&pid=cb3e88e4-f7e7-479d-874c-1f1a7121573e&_=523220402
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/e925ec5a-9b7e-3937-cd4b-4fd00deb5cc1.js?snippet_version=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.104.175 -, , ASN (),
Reverse DNS
Software
nginx/1.17.6 / PHP/7.1.33
Resource Hash
40a75708871790c836718a9b48adcd37fe53c23bf7d54b07f7bc5559212f43b0

Request headers

Referer
https://quotes.qualifymedicare.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 01 Nov 2021 20:11:41 GMT
content-encoding
gzip
server
nginx/1.17.6
x-powered-by
PHP/7.1.33
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
certs
api.trustedform.com/ Frame 7A0D 		475 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16357975006210.45475115766331875
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.21.25.50 -, , ASN (),
Reverse DNS
Software
Cowboy /
Resource Hash
f7c10a03b3a17118267824a70f9902898e8e1a734b64bfa3674a1ef0b15ac131

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 01 Nov 2021 20:11:41 GMT
server
Cowboy
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
475
D3569C61887F
nsapi.qualifymedicare.com/v1/C/RawData/ 		0
0
trustedform-1.5.8.js
cdn.trustedform.com/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.trustedform.com/trustedform-1.5.8.js
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16357975006210.45475115766331875
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2325fcd937bca9732281e9f4f8960d8fb5aed726265ceb609a77f50cd7039148

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://quotes.qualifymedicare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
srRHaEKZoYw77hmUBlWTeIw_odvirpEk
content-encoding
gzip
last-modified
Wed, 01 Sep 2021 19:52:13 GMT
server
AmazonS3
age
24
etag
W/"0ea185cf3ab4939007594db03e431e63"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
date
Mon, 01 Nov 2021 20:11:18 GMT
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
o5NpXwRVk1f3wYykbUMEj8-ujudvp4WLq-nAtKzP7e5GddkGdq2jaA==
snapshot
api.trustedform.com/certs/81a4083a251405c5458eed84467cf7abbbc1146f/ Frame EB9F 		0
0
oxEng3ak79I77anrTTaYWMotkIPfFVsXA9rdPc9U.webp
quotes.qualifymedicare.com/storage/ 		0
0
phone-icon-blue.png
quotes.qualifymedicare.com/img/ 		0
0
phone-icon-w.svg
quotes.qualifymedicare.com/img/ 		0
0
fingerprints
api.trustedform.com/certs/81a4083a251405c5458eed84467cf7abbbc1146f/ Frame EB9F 		0
0
iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame BE85 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=A4A84C10-178C-E62C-EA30-B895CCCEBB3C&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.7&lck=E925EC5A-9B7E-3937-CD4B-4FD00DEB5CC1&lac=19FF42BE-C948-1EA2-9AD5-1E59A50943FC
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/e925ec5a-9b7e-3937-cd4b-4fd00deb5cc1.js?snippet_version=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.206.49 -, , ASN (),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://quotes.qualifymedicare.com/

Response headers

Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Date
Mon, 01 Nov 2021 14:11:26 GMT
Server
nginx/1.17.6
Last-Modified
Sun, 31 Oct 2021 13:58:43 GMT
ETag
W/"617ea113-da5"
P3P
CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
Content-Encoding
gzip
X-Cache
Hit from cloudfront
Via
1.1 5626bf35345f32d3e58fb8d33ec4d967.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-P3
X-Amz-Cf-Id
ARZ6tmL5FV61vD-9ERjh3JoOQ4v3beRj-OLUxqeeUVbMLJTiV8z4tA==
Age
21615
SaveDom
create.leadid.com/2.11.7/ 		0
0
InitFormData
create.leadid.com/2.11.7/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
nsapi.qualifymedicare.com
URL
https://nsapi.qualifymedicare.com/v1/C/RawData/D3569C61887F?v=85520077-1ceb-4866-9a98-c761a9292d5e&se=1175afc9-cb5c-4e45-8282-a9eb5376ca1d&d=eyJ2IjoiODU1MjAwNzctMWNlYi00ODY2LTlhOTgtYzc2MWE5MjkyZDVlIiwibSI6IjRkMzZlNjNlLWFmZjgtNDcyMi1iZDIzLTQwNGEyYWJkY2U5NiIsImNzaSI6IiIsInNlIjoiMTE3NWFmYzktY2I1Yy00ZTQ1LTgyODItYTllYjUzNzZjYTFkIiwibiI6MSwicCI6ImM3YjJkYjA4LWQwODMtNDk2Zi04NDliLTkxZmIwOGIxZTUxMCIsInUiOiJodHRwczovL3F1b3Rlcy5xdWFsaWZ5bWVkaWNhcmUuY29tL21lZGljYXJlP1NSQz1RVjEzNzMmU3ViX0lEPVFWMTM3MyZTdWJfSUQyPTQ1MDQmUHViX0lEPTEwMmQ2NDZhMzBhOWQ5ZDFiZDM1MjRhNmZhOTg3OSZvZmZlcl9pZD0yMCZhZmZpbGlhdGVfaWQ9MTM3MyZ0cmFuc2FjdGlvbl9pZD0xMDJkNjQ2YTMwYTlkOWQxYmQzNTI0YTZmYTk4Nzkmc2lkPXF2XzEzNzMiLCJwbiI6Ii9tZWRpY2FyZSIsInIiOiJodHRwOi8vMjMuMTEuMTMzLjM0LmJjLmdvb2dsZXVzZXJjb250ZW50LmNvbS8iLCJ0IjoiIiwiYyI6Imh0dHBzOi8vcXVvdGVzLnF1YWxpZnltZWRpY2FyZS5jb20vbWVkaWNhcmU%2FU1JDPVFWMTM3MyZTdWJfSUQ9UVYxMzczJlN1Yl9JRDI9NDUwNCZQdWJfSUQ9MTAyZDY0NmEzMGE5ZDlkMWJkMzUyNGE2ZmE5ODc5Jm9mZmVyX2lkPTIwJmFmZmlsaWF0ZV9pZD0xMzczJnRyYW5zYWN0aW9uX2lkPTEwMmQ2NDZhMzBhOWQ5ZDFiZDM1MjRhNmZhOTg3OSZzaWQ9cXZfMTM3MyIsInByIjoiNjE4ODdGIiwicyI6MSwidnMiOjEsImwiOiJQYWdlTG9hZCIsInMwMSI6IlFWMTM3MyJ9&callback=cb889162e1928f2
Domain
api.trustedform.com
URL
https://api.trustedform.com/certs/81a4083a251405c5458eed84467cf7abbbc1146f/snapshot
Domain
quotes.qualifymedicare.com
URL
https://quotes.qualifymedicare.com/storage/oxEng3ak79I77anrTTaYWMotkIPfFVsXA9rdPc9U.webp
Domain
quotes.qualifymedicare.com
URL
https://quotes.qualifymedicare.com/img/phone-icon-blue.png
Domain
quotes.qualifymedicare.com
URL
https://quotes.qualifymedicare.com/img/phone-icon-w.svg
Domain
api.trustedform.com
URL
https://api.trustedform.com/certs/81a4083a251405c5458eed84467cf7abbbc1146f/fingerprints
Domain
create.leadid.com
URL
https://create.leadid.com/2.11.7/SaveDom?msn=2&pid=cb3e88e4-f7e7-479d-874c-1f1a7121573e&token=A4A84C10-178C-E62C-EA30-B895CCCEBB3C&_=523220403
Domain
create.leadid.com
URL
https://create.leadid.com/2.11.7/InitFormData?msn=3&pid=cb3e88e4-f7e7-479d-874c-1f1a7121573e&token=A4A84C10-178C-E62C-EA30-B895CCCEBB3C&_=523220404

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| dataLayer object| FORM_SETTINGS string| __INITIAL_STATE__ object| __INITIAL_ANSWERS__ string| _NOW string| _IP string| _USER_AGENT string| _VISITOR_ID string| _SKIP_TO_STEP function| createImage object| Bugsnag object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| gaplugins object| gaGlobal object| gaData function| _typeof2 function| _typeof boolean| windowIsDefined function| $ function| jQuery function| Popper object| bootstrap function| Inputmask function| moment function| Slider object| MediaAlphaExchange object| __maxch__thunk function| MediaAlphaExchange__fetchUserID function| MediaAlphaExchange__success function| MediaAlphaExchange__error function| MediaAlphaExchange__click function| MediaAlphaExchange__enableDirectLinks function| MediaAlphaExchange__disableDirectLinks function| MediaAlphaExchange__loadDirectLink function| MediaAlphaExchange__load undefined| targetID undefined| targetElt function| ringbaCallbackPhoneNumber function| ringbaCallbackPhoneNumberTYP function| loadMediaAlphaExchange function| clearExtraTextNumber function| phone_format function| addRingbaTag_ function| parseDebType function| addRingbaTag function| loadLiadmScript function| phone_format_ string| IS_BOT object| __TODAY string| full_version string| APP_URL string| APP_NAME string| PUBLIC_URL string| APP_PHONE_NUMBER string| APP_EMAIL string| APP_RINGBA_TAG string| RINGBA_HOME_NUMBER string| RINGBA_TYP_NUMBER object| _rgba_tags object| webpackJsonp function| setImmediate function| clearImmediate function| _ object| regeneratorRuntime function| axios function| getComponentNameAttribute function| canUseWebP function| Vue boolean| ad_block function| _MGX_LU function| _MGX_LG object| MGX object| __MGX__ object| MGX_API object| MGX_DATA object| trustedForm function| trustedFormStartRecording function| trustedFormStopRecording object| VueScrollTo object| _rgba object| ringba object| LeadiDconfig object| LeadiD

15 Cookies

Domain/Path Name / Value
23.11.133.34.bc.googleusercontent.com/ Name: PHPSESSID
Value: cdiitc7ugnsa90198c45tpguv7
.dnuohxof.com/ Name: sl
Value: nkYKqMgJ6d8bVVm03m7xKtH8rpWOjEwEAz8rrjpbJZ983IZHn9PaFA==
.dnuohxof.com/ Name: tib
Value: bxm+bGNKam7YvFZwqtWJWNH8rpWOjEwEAz8rrjpbJZ983IZHn9PaFA==
.dnuohxof.com/ Name: c6721
Value: nkYKqMgJ6d+1PEwXTLNYN6p0M0pRqAMk23twQCD+WkTa7zsnTMeLwA==
qv.qvtrack.com/ Name: enc_aff_session_20
Value: ENC0307d0bc01e6eb159fd04350653ea332de68ae690d47331d6881dbac0e0d689f69806b45cc467d5f671d44754c84896ab0349c1584de6c969f1c06fbe29386f243219c62b8bc5f95ec364d25a9b75861cca250aac4ab0257ac936e53dcc90e7c396bbe1165ca5ed39090b24eb9bd34beb4565fceaa564abbf8ab2494a2491ba4301db9461c074ac2a1cf6ca2be40672988c27dba5e407f1e91cb38f29992cad58108afbc5e
qv.qvtrack.com/ Name: ho_mob
Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI5NS4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyBYNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS85NS4wLjQ2MzguNTQgU2FmYXJpLzUzNy4zNiIsImFjY2VwdF9sYW5ndWFnZSI6ImRlLURFLGRlO3E9MC45IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9
quotes.qualifymedicare.com/ Name: get_query_params
Value: %7B%22SRC%22%3A%22QV1373%22%2C%22Sub_ID%22%3A%22QV1373%22%2C%22Sub_ID2%22%3A%224504%22%2C%22Pub_ID%22%3A%22102d646a30a9d9d1bd3524a6fa9879%22%2C%22offer_id%22%3A%2220%22%2C%22affiliate_id%22%3A%221373%22%2C%22transaction_id%22%3A%22102d646a30a9d9d1bd3524a6fa9879%22%2C%22sid%22%3A%22qv_1373%22%7D
.qualifymedicare.com/ Name: _gcl_au
Value: 1.1.409661381.1635797500
.qualifymedicare.com/ Name: _ga
Value: GA1.2.2043938651.1635797500
.qualifymedicare.com/ Name: _gid
Value: GA1.2.2019437379.1635797500
.qualifymedicare.com/ Name: _dc_gtm_UA-164652376-1
Value: 1
quotes.qualifymedicare.com/ Name: isReturn
Value: false
.qualifymedicare.com/ Name: MGX_UC
Value: JTdCJTIyTUdYX1AlMjIlM0ElN0IlMjJ2JTIyJTNBJTIyODU1MjAwNzctMWNlYi00ODY2LTlhOTgtYzc2MWE5MjkyZDVlJTIyJTJDJTIyZSUyMiUzQTE2MzYzMjMxMDA4MTQlN0QlMkMlMjJNR1hfUFglMjIlM0ElN0IlMjJ2JTIyJTNBJTIyMTE3NWFmYzktY2I1Yy00ZTQ1LTgyODItYTllYjUzNzZjYTFkJTIyJTJDJTIycyUyMiUzQXRydWUlMkMlMjJlJTIyJTNBMTYzNTc5OTMwMDgxNSU3RCUyQyUyMk1HWF9DSUQlMjIlM0ElN0IlMjJ2JTIyJTNBJTIyZTMxZmEyNzktYjhhNC00ODJjLWEyZmYtNDY4MjU1ZjI0MGRmJTIyJTJDJTIyZSUyMiUzQTE2MzYzMjMxMDA4MTUlN0QlN0Q=
quotes.qualifymedicare.com/ Name: XSRF-TOKEN
Value: eyJpdiI6ImcxeVJpUy9Mb25vSlJLUEhTSVdMdnc9PSIsInZhbHVlIjoieHdFUnVFNFE2Uk5OSkt5ZW5VTzNqYVBpT1FwZkRXNDNmSUVhRkdHWUt0eVZ5b2FNdnZtYlA1TkRnRG9xekJXa3RsOFVxQ0d6WWpnemlqWnhycjNZZ2NWZkFNdmVRR1JQMHBxYVlHSDR6TmJaUGZrZWtuNWZ5ZjRuK2dQRXE4MloiLCJtYWMiOiI1ODlmMjhhZDI4NmQyMWQ2MmQwZmRhOGY1YjkwMGYxMGYxODVhY2U1NzA3ZDk1NDIxNjkyZjkzMzM2YzIyYTQxIn0%3D
quotes.qualifymedicare.com/ Name: qualifymedicare_session
Value: eyJpdiI6Ik93TDArQ0x5dEJycS9Vc1ZEdXZwNWc9PSIsInZhbHVlIjoiWVl5bEU2NzdUbXhDWTAvYUVIVEJUNzZrMjNLU3l2OGcwWUkrT3IybEdRNlZKclJZV3FpSFNWMHhKcHRwQ3FZTUo2VDBjQXoyYTg0aXB2UVV3c2hUVXFCU0tEYXFrcmYwc2FSS044ZG5yaWdpSE50WlpyaWhKTEw0ZEZNNmR1QW0iLCJtYWMiOiJkOWU1MDY5YzIxOTk0YmVlMjU2NjFjZjM2NzkwN2IxY2E0NzRlNThiNTUxMDVlMDJmMDAyNTU1ZmZkYTI1ZTk5In0%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

23.11.133.34.bc.googleusercontent.com
api.trustedform.com
cdn.trustedform.com
connect.facebook.net
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
d2wy8f7a9ursnm.cloudfront.net
display.ringba.com
dnuohxof.com
fonts.gstatic.com
insurance.mediaalpha.com
js.callcdn.com
ns.qualifymedicare.com
nsapi.qualifymedicare.com
polyfill.io
puysegura.com
quotes.qualifymedicare.com
qv.qvtrack.com
sessions.bugsnag.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
api.trustedform.com
create.leadid.com
nsapi.qualifymedicare.com
quotes.qualifymedicare.com
13.32.99.118
142.250.184.200
142.250.186.132
142.250.186.35
151.101.1.26
157.240.20.19
172.217.23.110
172.67.41.229
18.200.170.55
18.236.164.87
216.58.212.163
23.21.25.50
34.133.11.23
34.205.104.175
35.190.88.7
52.222.206.49
52.222.206.51
52.222.214.123
52.222.214.15
52.55.155.63
54.183.225.97
54.243.42.155
64.233.167.155
67.205.157.224
042a82f58baa7a201449dc7d695f0e109ea8deb6b6463e9030e0ac1f4deef11e
068bc6a38e6e2966c58145df6cec98e22dc11e9bded86691ac0ac487680ea58c
07d2b7c2df967b7820b8ce99be3f7db1a1db5a82797826cd9a06e6489e89f71a
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0d36db8bd8d057f956f967f8dfda23793e4ad714a5907fc6d09764a41710a892
197cc8b85fc8f9d77f3cb3d8b645daf472890819172b5ca149798445c57e7353
1b35261b95ec779b25d6a27b1b2c1c2d6f1c08f329ffd643478ad63d7ddcdea0
1de9ce2402d64485801d5be6d4cc07c916c0c83ecc981a494519501e0126c09f
2325fcd937bca9732281e9f4f8960d8fb5aed726265ceb609a77f50cd7039148
2435d019c8ca3eaa52c14f444aec3d2ddcf2a86f5857e2ea0ad84fe4e699b701
2be01413e6757062edd5875cd4c62c9b0f90f24b7dd8314fe4d2c85f61ed0775
38393eac4ad281d91bf12a7033abad71ee9361e7c435a61946d843ff8611a6eb
40a75708871790c836718a9b48adcd37fe53c23bf7d54b07f7bc5559212f43b0
435ecaa76a4081cb3b0a7047b4eb932ee4a0e1cb75ce5b5679d184baea4f8d3c
46126077098b02a99d5a377b7b9338a85ca972c7b5bf9b3e01423ceae916c33c
56a522e79770e488da6015ed10f8c2bdafbcd87a7c6d443f7a293579bd0ef58d
5e07f937be00bbef113152fa46b2b2d5df97f405b152881c96e1c5069d8f405d
614aff1363969b4af5d989a61506e4c73cb0c91dd43d7c058ce226f3904a6228
6301ae4b1479113f370dbf6ada5656468a565ea27a290d42d8ffebd5999b2fcf
63ca3e74236e892b7848373d84691503ab1ce70261cc4ff21db83878acba7be4
699f949d43ae203fd25376a3119bf7c2745ce18ba9145d018b04087be5da8015
6f8fad21e46eeb5db13045d519f47e3f7c3e7ae68d63f0b638903e72b4628635
70ec85903090465504df28562a0605f6cd13c2e78dbbe0e63309eb4c383a5cfd
7a53e5c81102f4f73559daf80643c34ce7f885bb57d16ba7b1a2a411a7523b57
7ee98cf776cddef70f6600e7a109c34a78cb998d856dbcecdfdf281e5fbb0150
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
9cbf746bf2784917156a62ac12a63cf5d39a16d5518422cf43cbb401d4f81140
9d87d7378a961432e4db40c72a964062058a418d33aa724a20319fc5525e47f3
9f74593149adc21c135cc88bba9dfb21d71504ae0f2f558e0f2fe227ff98b380
ac83ec2a44e576df28a2646d24287bfa37ce8b0c56186d30a35102dc3cf4d3f4
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
c7390dbeaf71fccd7ea15ba5e14df791bf4e9a13136e55729f08533db2f53a55
c75d0e774b08058ae8ed0e5e9a4d6107d7fddba261d93b7a74fca85aeed3081b
c93f609750657561e2b08f8ff8f56c2829d147679c99db6deea417326f08e934
d09d0e88cc340fe5bab0f79aa33ae78dba44466e57f11a37d4780d5a66e9461d
dc9b78120e4e34fcd5703df9b1d574aacc0c68dd40d63d8563df84a9ce024e6a
dd1b5e04d54c4420fe3e8e6abe2875fc7f13a3cd6384b6c2afc1a35e302dd846
de8bc6c32725e2188055ec6d1abf2eebf5f7d5b0d15b71b73e402e6e480a7808
df1de70fbdd6413faab33f083c1d3fc35a2562b822c54ebc5269b9f148c432e1
df4872c795067ac25c3135f01096a942ff65ab4cac2e5c0598d004a934b7163d
e0670644f011bf72fb4c4a6c70a4dca03fd8761e209a302571013efb996333e1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7c10a03b3a17118267824a70f9902898e8e1a734b64bfa3674a1ef0b15ac131
fab32ccef85408b763c899ad7c0b910c96c76dc9ed7158ce304fdcd3c0bf8388
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62