biden.healthplans.org Open in urlscan Pro
44.195.70.178 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://178.63.123.198/qs=r-acacaeifchjcafiddhcgiafchjjabababaefadfiaccajdfaddhdakghdbacb
Effective URL:
https://biden.healthplans.org/?mdm=email&sub_2=7bf55c2c5b244b178b3c0999db6af1d3&sub_1=975028b1892b126360041a777f63c157&src=bid...
Submission: On December 13 via manual (December 13th 2021, 7:52:37 pm UTC) from US — Scanned from US

Summary HTTP 66 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 27 IPs in 2 countries across 21 domains to perform 66 HTTP transactions. The main IP is 44.195.70.178, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is biden.healthplans.org.
TLS certificate: Issued by Amazon on August 11th 2021. Valid for: a year.

This is the only time biden.healthplans.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	178.63.123.198 178.63.123.198	24940 (HETZNER-AS) (HETZNER-AS)
2	23.250.1.134 23.250.1.134	55286 (SERVER-MANIA) (SERVER-MANIA)
3	2607:f8b0:400... 2607:f8b0:4006:822::2008	15169 (GOOGLE) (GOOGLE)
1	13.225.213.160 13.225.213.160	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:1f97	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13 22	34.232.232.115 34.232.232.115	14618 (AMAZON-AES) (AMAZON-AES)
3 6	18.210.116.206 18.210.116.206	14618 (AMAZON-AES) (AMAZON-AES)
1 1	35.186.248.142 35.186.248.142	15169 (GOOGLE) (GOOGLE)
1	44.195.70.178 44.195.70.178	14618 (AMAZON-AES) (AMAZON-AES)
8	99.84.126.15 99.84.126.15	16509 (AMAZON-02) (AMAZON-02)
1	52.54.227.223 52.54.227.223	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f8b0:400... 2607:f8b0:4006:817::200a	15169 (GOOGLE) (GOOGLE)
3	13.225.205.200 13.225.205.200	16509 (AMAZON-02) (AMAZON-02)
4	2607:f8b0:400... 2607:f8b0:4006:822::2003	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:806::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.176.194 142.250.176.194	15169 (GOOGLE) (GOOGLE)
1	104.112.11.48 104.112.11.48	16625 (AKAMAI-AS) (AKAMAI-AS)
6	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
2	2001:4998:14:... 2001:4998:14:800::1001	14777 (YAHOO) (YAHOO)
1	99.84.126.34 99.84.126.34	16509 (AMAZON-02) (AMAZON-02)
2	64.202.112.95 64.202.112.95	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	2607:f8b0:402... 2607:f8b0:4023:1404::9b	15169 (GOOGLE) (GOOGLE)
1	13.225.214.100 13.225.214.100	16509 (AMAZON-02) (AMAZON-02)
1	52.27.66.213 52.27.66.213	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:80b::2002	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:809::2004	15169 (GOOGLE) (GOOGLE)
1	76.13.32.146 76.13.32.146	26101 (YAHOO-BF1) (YAHOO-BF1)
3	141.226.224.48 141.226.224.48	200478 (TABOOLA-AS) (TABOOLA-AS)
66	27

1 178.63.123.198 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: function-mail-p.okaycoast.net

178.63.123.198	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.250.1.134 (Buffalo, United States)

ASN55286 (SERVER-MANIA, CA)

blueskyace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:822::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.213.160 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-213-160.ewr50.r.cloudfront.net

static.traversedlp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1f97 (United States)

ASN13335 (CLOUDFLARENET, US)

signals.aimtell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 34.232.232.115 (Ashburn, United States) 13 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-232-115.compute-1.amazonaws.com

api.traversedlp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.210.116.206 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-116-206.compute-1.amazonaws.com

partner.mediawallahscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.248.142 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 142.248.186.35.bc.googleusercontent.com

www.servektch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.195.70.178 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-70-178.compute-1.amazonaws.com

biden.healthplans.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 99.84.126.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-126-15.ewr52.r.cloudfront.net

cdn-biden.healthplans.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.54.227.223 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-227-223.compute-1.amazonaws.com

insurance.mediaalpha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:817::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.205.200 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-205-200.ewr50.r.cloudfront.net

dhe4oz50378wj.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:822::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:806::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.176.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.112.11.48 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-112-11-48.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4998:14:800::1001 (Ashburn, United States)

ASN14777 (YAHOO, US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.126.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-126-34.ewr52.r.cloudfront.net

certify-js.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4023:1404::9b (Columbus, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.214.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-100.ewr50.r.cloudfront.net

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.27.66.213 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-27-66-213.us-west-2.compute.amazonaws.com

redirect.prod.experiment.routing.cloudfront.aws.a2z.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80b::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:809::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.13.32.146 (Lockport, United States)

ASN26101 (YAHOO-BF1, US)
PTR: spdc.pbp.vip.bf1.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	traversedlp.com 13 redirects static.traversedlp.com api.traversedlp.com	13 KB
9	taboola.com cdn.taboola.com trc.taboola.com trc-events.taboola.com	33 KB
9	healthplans.org biden.healthplans.org cdn-biden.healthplans.org	289 KB
6	mediawallahscript.com 3 redirects partner.mediawallahscript.com	3 KB
4	gstatic.com fonts.gstatic.com	107 KB
3	google.com www.google.com	763 B
3	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	3 KB
3	outbrain.com amplify.outbrain.com tr.outbrain.com	4 KB
3	google-analytics.com www.google-analytics.com	20 KB
3	cloudfront.net dhe4oz50378wj.cloudfront.net	31 KB
3	googletagmanager.com www.googletagmanager.com	153 KB
2	alexametrics.com certify-js.alexametrics.com certify.alexametrics.com	5 KB
2	yimg.com s.yimg.com	7 KB
2	blueskyace.com blueskyace.com	7 KB
1	yahoo.com sp.analytics.yahoo.com	716 B
1	a2z.com redirect.prod.experiment.routing.cloudfront.aws.a2z.com	48 B
1	googleadservices.com www.googleadservices.com	14 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	mediaalpha.com insurance.mediaalpha.com	5 KB
1	servektch.com 1 redirects www.servektch.com	443 B
1	aimtell.com signals.aimtell.com	333 B
66	21

	Domain	Requested by
22	api.traversedlp.com	13 redirects static.traversedlp.com blueskyace.com
8	cdn-biden.healthplans.org	biden.healthplans.org cdn-biden.healthplans.org
6	partner.mediawallahscript.com	3 redirects blueskyace.com
4	fonts.gstatic.com	fonts.googleapis.com
3	trc-events.taboola.com	cdn.taboola.com
3	www.google.com
3	trc.taboola.com	cdn.taboola.com
3	cdn.taboola.com	www.googletagmanager.com cdn.taboola.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	dhe4oz50378wj.cloudfront.net	biden.healthplans.org
3	www.googletagmanager.com	blueskyace.com biden.healthplans.org www.googletagmanager.com
2	googleads.g.doubleclick.net	www.googleadservices.com
2	tr.outbrain.com	amplify.outbrain.com
2	s.yimg.com	blueskyace.com s.yimg.com
2	blueskyace.com	blueskyace.com
1	sp.analytics.yahoo.com
1	redirect.prod.experiment.routing.cloudfront.aws.a2z.com
1	certify.alexametrics.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	certify-js.alexametrics.com	blueskyace.com
1	amplify.outbrain.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	fonts.googleapis.com	biden.healthplans.org
1	insurance.mediaalpha.com	biden.healthplans.org
1	biden.healthplans.org	blueskyace.com
1	www.servektch.com	1 redirects
1	signals.aimtell.com
1	static.traversedlp.com	www.googletagmanager.com
66	28

This site contains links to these domains. Also see Links.

Domain
www.kff.org

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.traversedlp.com Go Daddy Secure Certificate Authority - G2	`2020-12-29` - `2022-01-30`	a year	crt.sh
aimtell.com Cloudflare Inc ECC CA-3	`2021-06-07` - `2022-06-06`	a year	crt.sh
healthplans.org Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
mediaalpha.com Amazon	`2021-08-10` - `2022-09-08`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2021-05-25` - `2022-06-01`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-11-08` - `2021-12-29`	2 months	crt.sh
certify-js.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
certify.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com Amazon	`2021-10-13` - `2022-11-11`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-19` - `2022-04-13`	6 months	crt.sh

This page contains 2 frames:

Primary Page: https://biden.healthplans.org/?mdm=email&sub_2=7bf55c2c5b244b178b3c0999db6af1d3&sub_1=975028b1892b126360041a777f63c157&src=biden-uufr&sub_3=202673
Frame ID: 4F62C4D7F3964B5D90C89C12962D7B63
Requests: 55 HTTP requests in this frame

Frame: https://partner.mediawallahscript.com/?account_id=1006&partner_id=1028&tag_format=img&tag_action=email&cb=1639425153257&final=true&reqid=367a6c40-5c4e-11ec-a685-55c5ae8d0627&timestamp=2021-12-13T19%3A52%3A33.284Z
Frame ID: 2355B7F5F5977198A5135A5C3020300B
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HealthPlans.org| Find Affordable Health Care Today

Page URL History Show full URLs

http://178.63.123.198/qs=r-acacaeifchjcafiddhcgiafchjjabababaefadfiaccajdfaddhdakghdbacb HTTP 302
http://blueskyace.com/a39366444c0aa43c48b379c5c31cde6b0/?sid1=41688_47226157_11&sid2=1_1_0_0_0_374... Page URL
https://www.servektch.com/34PTSD/2SCN7G/?src=biden-uufr&sub_1=975028b1892b126360041a777f63c157&sub_3=2... HTTP 302
https://biden.healthplans.org/?mdm=email&sub_2=7bf55c2c5b244b178b3c0999db6af1d3&sub_1=975028b1892b12636004... Page URL

Page Statistics

66
Requests

82 %
HTTPS

32 %
IPv6

21
Domains

28
Subdomains

27
IPs

2
Countries

690 kB
Transfer

1434 kB
Size

19
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.kff.org/interactive/subsidy-calculator/#state=&zip=&income-type=dollars&income=20500&employer-coverage=0&people=1&alternate-plan-family=&adult-count=1&adults%5B0%5D%5Bage%5D=21&adults%5B0%5D%5Btobacco%5D=0&child-count=0
Title: subsidy calculator

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://178.63.123.198/qs=r-acacaeifchjcafiddhcgiafchjjabababaefadfiaccajdfaddhdakghdbacb HTTP 302
http://blueskyace.com/a39366444c0aa43c48b379c5c31cde6b0/?sid1=41688_47226157_11&sid2=1_1_0_0_0_3741681_34_2262_95620_47226157_10_824&sid3=34 Page URL
https://www.servektch.com/34PTSD/2SCN7G/?src=biden-uufr&sub_1=975028b1892b126360041a777f63c157&sub_3=202673 HTTP 302
https://biden.healthplans.org/?mdm=email&sub_2=7bf55c2c5b244b178b3c0999db6af1d3&sub_1=975028b1892b126360041a777f63c157&src=biden-uufr&sub_3=202673 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://178.63.123.198/qs=r-acacaeifchjcafiddhcgiafchjjabababaefadfiaccajdfaddhdakghdbacb HTTP 302
http://blueskyace.com/a39366444c0aa43c48b379c5c31cde6b0/?sid1=41688_47226157_11&sid2=1_1_0_0_0_3741681_34_2262_95620_47226157_10_824&sid3=34

Request Chain 8

https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/0.gif HTTP 302
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/0.gif?emailMd5Lower= HTTP 302
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/0.gif?emailMd5Lower=&ic=dff17387-6d30-49c6-b2de-47a96f4332a1 HTTP 302
https://api.traversedlp.com/retargeting/v1/match/enqueue.gif?partnerId=7f2715a7-b8fd-48f4-9443-d095cbdcc02e&redirect=https%3A%2F%2Fapi.traversedlp.com%2Fv1%2F7f2715a7-b8fd-48f4-9443-d095cbdcc02e%2F0.gif%3FemailMd5Lower%3D%26ic%3Ddff17387-6d30-49c6-b2de-47a96f4332a1%26offset%3D1 HTTP 302
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/0.gif?emailMd5Lower=&ic=dff17387-6d30-49c6-b2de-47a96f4332a1&offset=1 HTTP 302
https://partner.mediawallahscript.com/?account_id=1006&partner_id=1028&tag_format=img&tag_action=email&cb=1639425153257 HTTP 302
https://partner.mediawallahscript.com/?account_id=1006&partner_id=1028&tag_format=img&tag_action=email&cb=1639425153257&final=true&reqid=367a6c40-5c4e-11ec-a685-55c5ae8d0627&timestamp=2021-12-13T19%3A52%3A33.284Z

Request Chain 9

https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/1.gif HTTP 302
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/1.gif?emailMd5Lower= HTTP 302
https://partner.mediawallahscript.com/?account_id=1006&partner_id=1028&tag_format=img&tag_action=email&cb=1639425153247 HTTP 302
https://partner.mediawallahscript.com/?account_id=1006&partner_id=1028&tag_format=img&tag_action=email&cb=1639425153247&final=true&reqid=36782250-5c4e-11ec-a0bc-3b0db235cc74&timestamp=2021-12-13T19%3A52%3A33.270Z

Request Chain 10

https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/2.gif HTTP 302
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/2.gif?emailMd5Lower=

Request Chain 11

https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/3.gif HTTP 302
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/3.gif?emailMd5Lower=

Request Chain 13

https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/5.gif HTTP 302
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/5.gif?emailMd5Lower=

Request Chain 14

https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/6.gif HTTP 302
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/6.gif?emailMd5Lower=

Request Chain 15

https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/7.gif HTTP 302
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/7.gif?emailMd5Lower=

Request Chain 16

https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/8.gif HTTP 302
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/8.gif?emailMd5Lower=

Request Chain 17

https://partner.mediawallahscript.com/?account_id=1006&partner_id=2080&uid=dff17387-6d30-49c6-b2de-47a96f4332a1&tag_format=img&tag_action=sync&cb=1639425152897 HTTP 302
https://partner.mediawallahscript.com/?account_id=1006&partner_id=2080&uid=dff17387-6d30-49c6-b2de-47a96f4332a1&tag_format=img&tag_action=sync&cb=1639425152897&final=true&reqid=364ad0c0-5c4e-11ec-8e56-ddf58e1e79f5&timestamp=2021-12-13T19%3A52%3A32.972Z

66 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
blueskyace.com/a39366444c0aa43c48b379c5c31cde6b0/
Redirect Chain

http://178.63.123.198/qs=r-acacaeifchjcafiddhcgiafchjjabababaefadfiaccajdfaddhdakghdbacb
http://blueskyace.com/a39366444c0aa43c48b379c5c31cde6b0/?sid1=41688_47226157_11&sid2=1_1_0_0_0_3741681_34_2262_95620_47226157_10_824&sid3=34

6 KB
7 KB

289ms
228ms

Document
text/html

23.250.1.134
SERVER-MANIA

General

Check archive.org

Show headers Download Go to

Full URL: http://blueskyace.com/a39366444c0aa43c48b379c5c31cde6b0/?sid1=41688_47226157_11&sid2=1_1_0_0_0_3741681_34_2262_95620_47226157_10_824&sid3=34
Protocol: HTTP/1.1
Server: 23.250.1.134 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
Software: nginx / PHP/7.3.32
Resource Hash: 8b203558ce78721e72fc24ad94bf75b0d254cbf31321e65891432fb1aa39c3d2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept-Language: en-US,en;q=0.9

Response headers

Server: nginx
Date: Mon, 13 Dec 2021 20:00:40 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.32

Redirect headers

Date: Mon, 13 Dec 2021 19:52:32 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
X-Powered-By: PHP/5.4.16
location: http://blueskyace.com/a39366444c0aa43c48b379c5c31cde6b0/?sid1=41688_47226157_11&sid2=1_1_0_0_0_3741681_34_2262_95620_47226157_10_824&sid3=34
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 80 KB
32 KB 41ms
24ms Script
application/javascript 2607:f8b0:4006:822::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MB79N3N

Requested by

Host: blueskyace.com
URL: http://blueskyace.com/a39366444c0aa43c48b379c5c31cde6b0/?sid1=41688_47226157_11&sid2=1_1_0_0_0_3741681_34_2262_95620_47226157_10_824&sid3=34

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b4604ff6c3b592e72d6f226a2c61b610f6491875d2d9af0fa08a440941c70d31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://blueskyace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Mon, 13 Dec 2021 19:52:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32141
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Dec 2021 19:52:32 GMT

POST
H/1.1 200
OK fp.php Show response
blueskyace.com/ 0
194 B 201ms
200ms XHR
text/html 23.250.1.134
SERVER-MANIA

General

Check archive.org

Show headers Download Go to

Full URL: http://blueskyace.com/fp.php
Requested by: Host: blueskyace.com
URL: http://blueskyace.com/a39366444c0aa43c48b379c5c31cde6b0/?sid1=41688_47226157_11&sid2=1_1_0_0_0_3741681_34_2262_95620_47226157_10_824&sid3=34
Protocol: HTTP/1.1
Server: 23.250.1.134 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
Software: nginx / PHP/7.3.32
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://blueskyace.com/a39366444c0aa43c48b379c5c31cde6b0/?sid1=41688_47226157_11&sid2=1_1_0_0_0_3741681_34_2262_95620_47226157_10_824&sid3=34
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 13 Dec 2021 20:00:40 GMT
Server: nginx
Connection: keep-alive
X-Powered-By: PHP/7.3.32
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK retargeting.js Show response
static.traversedlp.com/v1/ 11 KB
4 KB 39ms
5ms Script
application/javascript 13.225.213.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.traversedlp.com/v1/retargeting.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MB79N3N
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.213.160 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-213-160.ewr50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3ad3fefdb207753cf1f7f14c610030fd6b00660db09420776630d056c35a2c58

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://blueskyace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Date: Mon, 13 Dec 2021 19:25:26 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Jun 2021 05:37:15 GMT
Server: AmazonS3
Age: 1627
ETag: W/"c31ba40743566f87f00f822e3cefb390"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
x-amz-version-id: F12F5DseUFay5ZveUw335ReTN1KGpJUZ
Via: 1.1 cae77502d3847ca96378af9649c50cb4.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: EWR50-C1
Content-Type: application/javascript
X-Amz-Cf-Id: LBa345W3mImkk8-YJ36sbzKGWKjGkM1y6DSmUKkVEyF-YkcKL_Rhtw==

GET
H2 200 matches
signals.aimtell.com/ 43 B
333 B 96ms
41ms Image
image/gif 2606:4700::6812:1f97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://signals.aimtell.com/matches?token=f5d7c95ea0af0ed4512d414529c2dffa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1f97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://blueskyace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Mon, 13 Dec 2021 19:52:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 6bd1bbc548221a44-EWR
access-control-allow-headers: Content-Type, *
content-length: 43

GET
H2 200 cookie Show response
api.traversedlp.com/retargeting/v1/ 117 B
826 B 64ms
15ms XHR
application/json 34.232.232.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.traversedlp.com/retargeting/v1/cookie
Requested by: Host: static.traversedlp.com
URL: https://static.traversedlp.com/v1/retargeting.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.232.232.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-232-115.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: cdeefcc8a81216ed61a9a3393aaaef25c6a6b7453919d3170f744c19a7e42520

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://blueskyace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Mon, 13 Dec 2021 19:52:32 GMT
server: nginx/1.20.0
etag: W/"75-V+4ZKEXJeyKlISXH9qpbcQ"
vary: Accept-Encoding
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
access-control-allow-origin: http://blueskyace.com
access-control-expose-headers
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 117

OPTIONS
H2 200 enqueue
api.traversedlp.com/retargetinginclusion/ Frame 0
0 31ms
11ms Preflight
text/html 34.232.232.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.traversedlp.com/retargetinginclusion/enqueue
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.232.232.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-232-115.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://blueskyace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Sec-Fetch-Mode: cors

Response headers

date: Mon, 13 Dec 2021 19:52:32 GMT
content-type: text/html; charset=utf-8
content-length: 228
server: nginx/1.20.0
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
access-control-allow-origin: http://blueskyace.com
access-control-allow-credentials: true
access-control-expose-headers
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
access-control-allow-headers: content-type,authorization
allow: ACL,BIND,CHECKOUT,CONNECT,COPY,DELETE,GET,HEAD,LINK,LOCK,M-SEARCH,MERGE,MKACTIVITY,MKCALENDAR,MKCOL,MOVE,NOTIFY,PATCH,POST,PROPFIND,PROPPATCH,PURGE,PUT,REBIND,REPORT,SEARCH,SOURCE,SUBSCRIBE,TRACE,UNBIND,UNLINK,UNLOCK,UNSUBSCRIBE
etag: W/"e4-6lFXkgJZ15OAZuBnvvjMtg"
vary: Accept-Encoding

POST
H2 200 enqueue Show response
api.traversedlp.com/retargetinginclusion/ 0
324 B 17ms
16ms XHR
text/plain 34.232.232.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.traversedlp.com/retargetinginclusion/enqueue
Requested by: Host: static.traversedlp.com
URL: https://static.traversedlp.com/v1/retargeting.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.232.232.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-232-115.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://blueskyace.com/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: http://blueskyace.com
date: Mon, 13 Dec 2021 19:52:32 GMT
access-control-allow-credentials: true
server: nginx/1.20.0
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
vary: X-HTTP-Method-Override
access-control-expose-headers

GET
H/1.1

204
No Content

/
partner.mediawallahscript.com/ Frame 2355
Redirect Chain

https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/0.gif
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/0.gif?emailMd5Lower=
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/0.gif?emailMd5Lower=&ic=dff17387-6d30-49c6-b2de-47a96f4332a1
https://api.traversedlp.com/retargeting/v1/match/enqueue.gif?partnerId=7f2715a7-b8fd-48f4-9443-d095cbdcc02e&redirect=https%3A%2F%2Fapi.traversedlp.com%2Fv1%2F7f2715a7-b8fd-48f4-9443-d095cbdcc02e%2F...
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/0.gif?emailMd5Lower=&ic=dff17387-6d30-49c6-b2de-47a96f4332a1&offset=1
https://partner.mediawallahscript.com/?account_id=1006&partner_id=1028&tag_format=img&tag_action=email&cb=1639425153257
https://partner.mediawallahscript.com/?account_id=1006&partner_id=1028&tag_format=img&tag_action=email&cb=1639425153257&final=true&reqid=367a6c40-5c4e-11ec-a685-55c5ae8d0627&timestamp=2021-12-13T19...

0
298 B

63ms
56ms

Image
text/plain

18.210.116.206
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=1006&partner_id=1028&tag_format=img&tag_action=email&cb=1639425153257&final=true&reqid=367a6c40-5c4e-11ec-a685-55c5ae8d0627&timestamp=2021-12-13T19%3A52%3A33.284Z
Requested by: Host: blueskyace.com
URL: http://blueskyace.com/a39366444c0aa43c48b379c5c31cde6b0/?sid1=41688_47226157_11&sid2=1_1_0_0_0_3741681_34_2262_95620_47226157_10_824&sid3=34
Protocol: HTTP/1.1
Server: 18.210.116.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-116-206.compute-1.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://blueskyace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Date: Mon, 13 Dec 2021 19:52:33 GMT
Cache-Control: private, no-cache, must-revalidate, no-store, max-age=0
Server: nginx/1.16.1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Mon, 13 Dec 2021 19:52:33 GMT
Server: nginx/1.16.1
Vary: Accept, Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: /?account_id=1006&partner_id=1028&tag_format=img&tag_action=email&cb=1639425153257&final=true&reqid=367a6c40-5c4e-11ec-a685-55c5ae8d0627&timestamp=2021-12-13T19%3A52%3A33.284Z
Cache-Control: private, no-cache, must-revalidate, no-store, max-age=0
Connection: keep-alive
Content-Type: text/plain; charset=utf-8
Content-Length: 197
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

204
No Content

/
partner.mediawallahscript.com/ Frame 2355
Redirect Chain

https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/1.gif
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/1.gif?emailMd5Lower=
https://partner.mediawallahscript.com/?account_id=1006&partner_id=1028&tag_format=img&tag_action=email&cb=1639425153247
https://partner.mediawallahscript.com/?account_id=1006&partner_id=1028&tag_format=img&tag_action=email&cb=1639425153247&final=true&reqid=36782250-5c4e-11ec-a0bc-3b0db235cc74&timestamp=2021-12-13T19...

0
298 B

73ms
61ms

Image
text/plain

18.210.116.206
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=1006&partner_id=1028&tag_format=img&tag_action=email&cb=1639425153247&final=true&reqid=36782250-5c4e-11ec-a0bc-3b0db235cc74&timestamp=2021-12-13T19%3A52%3A33.270Z
Requested by: Host: blueskyace.com
URL: http://blueskyace.com/a39366444c0aa43c48b379c5c31cde6b0/?sid1=41688_47226157_11&sid2=1_1_0_0_0_3741681_34_2262_95620_47226157_10_824&sid3=34
Protocol: HTTP/1.1
Server: 18.210.116.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-116-206.compute-1.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://blueskyace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Date: Mon, 13 Dec 2021 19:52:33 GMT
Cache-Control: private, no-cache, must-revalidate, no-store, max-age=0
Server: nginx/1.16.1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Mon, 13 Dec 2021 19:52:33 GMT
Server: nginx/1.16.1
Vary: Accept, Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: /?account_id=1006&partner_id=1028&tag_format=img&tag_action=email&cb=1639425153247&final=true&reqid=36782250-5c4e-11ec-a0bc-3b0db235cc74&timestamp=2021-12-13T19%3A52%3A33.270Z
Cache-Control: private, no-cache, must-revalidate, no-store, max-age=0
Connection: keep-alive
Content-Type: text/plain; charset=utf-8
Content-Length: 197
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

2.gif
api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/ Frame 2355
Redirect Chain

https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/2.gif
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/2.gif?emailMd5Lower=

35 B
465 B

17ms
17ms

Image
image/gif

34.232.232.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/2.gif?emailMd5Lower=
Requested by: Host: blueskyace.com
URL: http://blueskyace.com/a39366444c0aa43c48b379c5c31cde6b0/?sid1=41688_47226157_11&sid2=1_1_0_0_0_3741681_34_2262_95620_47226157_10_824&sid3=34
Protocol: H2
Server: 34.232.232.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-232-115.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://blueskyace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Mon, 13 Dec 2021 19:52:33 GMT
server: nginx/1.20.0
content-type: image/gif
etag: W/"23-whlt6LpBLGDCKrSRr3sUCQ"
content-length: 35
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"

Redirect headers

location: https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/2.gif?emailMd5Lower=
date: Mon, 13 Dec 2021 19:52:33 GMT
server: nginx/1.20.0
content-type: text/plain; charset=UTF-8
content-length: 110
vary: Accept, Accept-Encoding
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"

GET
H2

200

3.gif
api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/ Frame 2355
Redirect Chain

https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/3.gif
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/3.gif?emailMd5Lower=

35 B
470 B

16ms
15ms

Image
image/gif

34.232.232.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/3.gif?emailMd5Lower=
Requested by: Host: blueskyace.com
URL: http://blueskyace.com/a39366444c0aa43c48b379c5c31cde6b0/?sid1=41688_47226157_11&sid2=1_1_0_0_0_3741681_34_2262_95620_47226157_10_824&sid3=34
Protocol: H2
Server: 34.232.232.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-232-115.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://blueskyace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Mon, 13 Dec 2021 19:52:32 GMT
server: nginx/1.20.0
content-type: image/gif
etag: W/"23-whlt6LpBLGDCKrSRr3sUCQ"
content-length: 35
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"

Redirect headers

location: https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/3.gif?emailMd5Lower=
date: Mon, 13 Dec 2021 19:52:32 GMT
server: nginx/1.20.0
content-type: text/plain; charset=UTF-8
content-length: 110
vary: Accept, Accept-Encoding
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"

GET lookup
api.traversedlp.com/retargeting/v1/match/ Frame 2355 0
0

GET
H2

200

5.gif
api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/ Frame 2355
Redirect Chain

https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/5.gif
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/5.gif?emailMd5Lower=

35 B
466 B

15ms
14ms

Image
image/gif

34.232.232.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/5.gif?emailMd5Lower=
Requested by: Host: blueskyace.com
URL: http://blueskyace.com/a39366444c0aa43c48b379c5c31cde6b0/?sid1=41688_47226157_11&sid2=1_1_0_0_0_3741681_34_2262_95620_47226157_10_824&sid3=34
Protocol: H2
Server: 34.232.232.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-232-115.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://blueskyace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Mon, 13 Dec 2021 19:52:32 GMT
server: nginx/1.20.0
content-type: image/gif
etag: W/"23-whlt6LpBLGDCKrSRr3sUCQ"
content-length: 35
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"

Redirect headers

location: https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/5.gif?emailMd5Lower=
date: Mon, 13 Dec 2021 19:52:32 GMT
server: nginx/1.20.0
content-type: text/plain; charset=UTF-8
content-length: 110
vary: Accept, Accept-Encoding
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"

GET
H2

200

6.gif
api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/ Frame 2355
Redirect Chain

https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/6.gif
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/6.gif?emailMd5Lower=

35 B
468 B

19ms
19ms

Image
image/gif

34.232.232.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/6.gif?emailMd5Lower=
Requested by: Host: blueskyace.com
URL: http://blueskyace.com/a39366444c0aa43c48b379c5c31cde6b0/?sid1=41688_47226157_11&sid2=1_1_0_0_0_3741681_34_2262_95620_47226157_10_824&sid3=34
Protocol: H2
Server: 34.232.232.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-232-115.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://blueskyace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Mon, 13 Dec 2021 19:52:33 GMT
server: nginx/1.20.0
content-type: image/gif
etag: W/"23-whlt6LpBLGDCKrSRr3sUCQ"
content-length: 35
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"

Redirect headers

location: https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/6.gif?emailMd5Lower=
date: Mon, 13 Dec 2021 19:52:33 GMT
server: nginx/1.20.0
content-type: text/plain; charset=UTF-8
content-length: 110
vary: Accept, Accept-Encoding
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"

GET
H2

200

7.gif
api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/ Frame 2355
Redirect Chain

https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/7.gif
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/7.gif?emailMd5Lower=

35 B
467 B

16ms
16ms

Image
image/gif

34.232.232.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/7.gif?emailMd5Lower=
Requested by: Host: blueskyace.com
URL: http://blueskyace.com/a39366444c0aa43c48b379c5c31cde6b0/?sid1=41688_47226157_11&sid2=1_1_0_0_0_3741681_34_2262_95620_47226157_10_824&sid3=34
Protocol: H2
Server: 34.232.232.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-232-115.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://blueskyace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Mon, 13 Dec 2021 19:52:32 GMT
server: nginx/1.20.0
content-type: image/gif
etag: W/"23-whlt6LpBLGDCKrSRr3sUCQ"
content-length: 35
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"

Redirect headers

location: https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/7.gif?emailMd5Lower=
date: Mon, 13 Dec 2021 19:52:32 GMT
server: nginx/1.20.0
content-type: text/plain; charset=UTF-8
content-length: 110
vary: Accept, Accept-Encoding
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"

GET
H2

200

8.gif
api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/ Frame 2355
Redirect Chain

https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/8.gif
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/8.gif?emailMd5Lower=

35 B
466 B

15ms
15ms

Image
image/gif

34.232.232.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/8.gif?emailMd5Lower=
Requested by: Host: blueskyace.com
URL: http://blueskyace.com/a39366444c0aa43c48b379c5c31cde6b0/?sid1=41688_47226157_11&sid2=1_1_0_0_0_3741681_34_2262_95620_47226157_10_824&sid3=34
Protocol: H2
Server: 34.232.232.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-232-115.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://blueskyace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Mon, 13 Dec 2021 19:52:32 GMT
server: nginx/1.20.0
content-type: image/gif
etag: W/"23-whlt6LpBLGDCKrSRr3sUCQ"
content-length: 35
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"

Redirect headers

location: https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/8.gif?emailMd5Lower=
date: Mon, 13 Dec 2021 19:52:32 GMT
server: nginx/1.20.0
content-type: text/plain; charset=UTF-8
content-length: 110
vary: Accept, Accept-Encoding
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"

GET
H/1.1

204
No Content

/
partner.mediawallahscript.com/ Frame 2355
Redirect Chain

https://partner.mediawallahscript.com/?account_id=1006&partner_id=2080&uid=dff17387-6d30-49c6-b2de-47a96f4332a1&tag_format=img&tag_action=sync&cb=1639425152897
https://partner.mediawallahscript.com/?account_id=1006&partner_id=2080&uid=dff17387-6d30-49c6-b2de-47a96f4332a1&tag_format=img&tag_action=sync&cb=1639425152897&final=true&reqid=364ad0c0-5c4e-11ec-8...

0
298 B

72ms
72ms

Image
text/plain

18.210.116.206
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=1006&partner_id=2080&uid=dff17387-6d30-49c6-b2de-47a96f4332a1&tag_format=img&tag_action=sync&cb=1639425152897&final=true&reqid=364ad0c0-5c4e-11ec-8e56-ddf58e1e79f5&timestamp=2021-12-13T19%3A52%3A32.972Z
Requested by: Host: blueskyace.com
URL: http://blueskyace.com/a39366444c0aa43c48b379c5c31cde6b0/?sid1=41688_47226157_11&sid2=1_1_0_0_0_3741681_34_2262_95620_47226157_10_824&sid3=34
Protocol: HTTP/1.1
Server: 18.210.116.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-116-206.compute-1.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://blueskyace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Date: Mon, 13 Dec 2021 19:52:33 GMT
Cache-Control: private, no-cache, must-revalidate, no-store, max-age=0
Server: nginx/1.16.1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Mon, 13 Dec 2021 19:52:32 GMT
Server: nginx/1.16.1
Vary: Accept, Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: /?account_id=1006&partner_id=2080&uid=dff17387-6d30-49c6-b2de-47a96f4332a1&tag_format=img&tag_action=sync&cb=1639425152897&final=true&reqid=364ad0c0-5c4e-11ec-8e56-ddf58e1e79f5&timestamp=2021-12-13T19%3A52%3A32.972Z
Cache-Control: private, no-cache, must-revalidate, no-store, max-age=0
Connection: keep-alive
Content-Type: text/plain; charset=utf-8
Content-Length: 237
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

Primary Request / Show response
biden.healthplans.org/
Redirect Chain

https://www.servektch.com/34PTSD/2SCN7G/?src=biden-uufr&sub_1=975028b1892b126360041a777f63c157&sub_3=202673
https://biden.healthplans.org/?mdm=email&sub_2=7bf55c2c5b244b178b3c0999db6af1d3&sub_1=975028b1892b126360041a777f63c157&src=biden-uufr&sub_3=202673

23 KB
7 KB

158ms
47ms

Document
text/html

44.195.70.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://biden.healthplans.org/?mdm=email&sub_2=7bf55c2c5b244b178b3c0999db6af1d3&sub_1=975028b1892b126360041a777f63c157&src=biden-uufr&sub_3=202673
Requested by: Host: blueskyace.com
URL: http://blueskyace.com/a39366444c0aa43c48b379c5c31cde6b0/?sid1=41688_47226157_11&sid2=1_1_0_0_0_3741681_34_2262_95620_47226157_10_824&sid3=34
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.195.70.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-195-70-178.compute-1.amazonaws.com
Software: Apache /
Resource Hash: ef84a7da42544c1ecf86724771c831f7711c5f960f0579eb4d52fc38f1911518

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept-Language: en-US,en;q=0.9
Referer: http://blueskyace.com/a39366444c0aa43c48b379c5c31cde6b0/?sid1=41688_47226157_11&sid2=1_1_0_0_0_3741681_34_2262_95620_47226157_10_824&sid3=34

Response headers

date: Mon, 13 Dec 2021 19:52:33 GMT
content-type: text/html; charset=UTF-8
content-length: 6841
server: Apache
vary: Accept-Encoding
content-encoding: gzip

Redirect headers

server: nginx
date: Mon, 13 Dec 2021 19:52:33 GMT
content-type: text/html; charset=utf-8
content-length: 185
location: https://biden.healthplans.org/?mdm=email&sub_2=7bf55c2c5b244b178b3c0999db6af1d3&sub_1=975028b1892b126360041a777f63c157&src=biden-uufr&sub_3=202673
vary: Origin
x-eflow-request-id: 11a84cb6-e431-4c58-86e2-44f2e636ac20
via: 1.1 google
alt-svc: clear

GET
H2 200 bootstrap-4.6.0,health-global,health-results,owl-carousel,health-index,override-global
cdn-biden.healthplans.org/css/01rHeMw/ 178 KB
28 KB 52ms
16ms Stylesheet
text/css 99.84.126.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-biden.healthplans.org/css/01rHeMw/bootstrap-4.6.0,health-global,health-results,owl-carousel,health-index,override-global
Requested by: Host: biden.healthplans.org
URL: https://biden.healthplans.org/?mdm=email&sub_2=7bf55c2c5b244b178b3c0999db6af1d3&sub_1=975028b1892b126360041a777f63c157&src=biden-uufr&sub_3=202673
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.126.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-126-15.ewr52.r.cloudfront.net
Software: Apache /
Resource Hash: 7e9c454a8459203246cb98a681a9f973322b3356d647a17c5f1f259e67c4e292

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://biden.healthplans.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 12 Dec 2021 21:30:34 GMT
via: 1.1 b45a69a5045b8813964c4110841f77f7.cloudfront.net (CloudFront)
server: Apache
age: 80519
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css; charset=UTF-8
x-amz-cf-pop: EWR52-C3
content-encoding: gzip
content-length: 28413
x-amz-cf-id: JilhoPUZu9T55pl7AGgx2tuDmYn5QsZZD3Ml5utHOGE27kYPO3jh8g==

GET
H2 200 jquery-3.6.0,bootstrap-4.6.0,extensions,oo-utils,validate,health-form-validation,owl-carousel,owl-carousel-setup,health-index,oe-countdown Show response
cdn-biden.healthplans.org/js/01rHeMw/ 263 KB
76 KB 40ms
5ms Script
application/javascript 99.84.126.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-biden.healthplans.org/js/01rHeMw/jquery-3.6.0,bootstrap-4.6.0,extensions,oo-utils,validate,health-form-validation,owl-carousel,owl-carousel-setup,health-index,oe-countdown
Requested by: Host: biden.healthplans.org
URL: https://biden.healthplans.org/?mdm=email&sub_2=7bf55c2c5b244b178b3c0999db6af1d3&sub_1=975028b1892b126360041a777f63c157&src=biden-uufr&sub_3=202673
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.126.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-126-15.ewr52.r.cloudfront.net
Software: Apache /
Resource Hash: eef566fa0ad89c358651707c076332cb2ee2c5dfa8b086dfde4e6ed509c0ea9b

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://biden.healthplans.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 12 Dec 2021 21:30:34 GMT
via: 1.1 b45a69a5045b8813964c4110841f77f7.cloudfront.net (CloudFront)
server: Apache
age: 80519
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
x-amz-cf-pop: EWR52-C3
content-encoding: gzip
x-amz-cf-id: BQMrFMiRe1AXPb9auGuEH6BD-sPKdgmx3X7Oi4iRoJDCxJY5Sd5_6Q==

GET
H2 200 serve.js Show response
insurance.mediaalpha.com/js/ 11 KB
5 KB 49ms
15ms Script
application/javascript 52.54.227.223
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://insurance.mediaalpha.com/js/serve.js
Requested by: Host: biden.healthplans.org
URL: https://biden.healthplans.org/?mdm=email&sub_2=7bf55c2c5b244b178b3c0999db6af1d3&sub_1=975028b1892b126360041a777f63c157&src=biden-uufr&sub_3=202673
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.227.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-227-223.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 042a82f58baa7a201449dc7d695f0e109ea8deb6b6463e9030e0ac1f4deef11e

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://biden.healthplans.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Mon, 13 Dec 2021 19:52:33 GMT
content-encoding: gzip
server: Apache
content-length: 5063
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 44ms
25ms Stylesheet
text/css 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700|Roboto+Slab:400,700|Open+Sans:400,500

Requested by

Host: biden.healthplans.org
URL: https://biden.healthplans.org/?mdm=email&sub_2=7bf55c2c5b244b178b3c0999db6af1d3&sub_1=975028b1892b126360041a777f63c157&src=biden-uufr&sub_3=202673

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

773adf2fa321d087ad777573167e7bdbc2a56d20cf691ee85f9b42086f684508

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://biden.healthplans.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 19:52:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 13 Dec 2021 19:52:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Dec 2021 19:52:33 GMT

GET
H2 200 logo.png
cdn-biden.healthplans.org/img/ 13 KB
14 KB 14ms
14ms Image
image/png 99.84.126.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-biden.healthplans.org/img/logo.png
Requested by: Host: biden.healthplans.org
URL: https://biden.healthplans.org/?mdm=email&sub_2=7bf55c2c5b244b178b3c0999db6af1d3&sub_1=975028b1892b126360041a777f63c157&src=biden-uufr&sub_3=202673
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.126.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-126-15.ewr52.r.cloudfront.net
Software: Apache /
Resource Hash: 12b4e374276c7bda1bf808679551e62fbe8b45c3df02e5c592a61cf775bbfc61

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://biden.healthplans.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Mon, 13 Dec 2021 14:36:24 GMT
via: 1.1 b45a69a5045b8813964c4110841f77f7.cloudfront.net (CloudFront)
last-modified: Thu, 02 Sep 2021 01:10:14 GMT
server: Apache
age: 18969
etag: "65fd7-359e-5caf8d866073d"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: EWR52-C3
accept-ranges: bytes
content-length: 13726
x-amz-cf-id: oBC_fOkYzZlW1HxxMK51Y3fuTVaO-MVC2TR9bYIbjZddKI3uAP6liA==

GET
H/1.1 200
OK 55.png
dhe4oz50378wj.cloudfront.net/img/siteplatform/carriers/health/ 5 KB
6 KB 47ms
14ms Image
image/png 13.225.205.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dhe4oz50378wj.cloudfront.net/img/siteplatform/carriers/health/55.png
Requested by: Host: biden.healthplans.org
URL: https://biden.healthplans.org/?mdm=email&sub_2=7bf55c2c5b244b178b3c0999db6af1d3&sub_1=975028b1892b126360041a777f63c157&src=biden-uufr&sub_3=202673
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.205.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-205-200.ewr50.r.cloudfront.net
Software: Apache /
Resource Hash: 18427cba55210fc967a32f987fe7d5c13a373d489a4629d8ffe6033930e152d9

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://biden.healthplans.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Date: Mon, 13 Dec 2021 02:54:48 GMT
Via: 1.1 42f2de9d3efb503e7960e52396f998c8.cloudfront.net (CloudFront)
Last-Modified: Tue, 09 Mar 2021 01:17:59 GMT
Server: Apache
Age: 61065
ETag: "5a0f1e-1529-5bd1052277fc0"
X-Cache: Hit from cloudfront
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Amz-Cf-Pop: EWR50-C1
Accept-Ranges: bytes
Content-Length: 5417
X-Amz-Cf-Id: Rzs5trrwRHYLRgt79Xr7VU6jYpdYcyyDzZLgvYYVXh5va9H2T_MNKQ==

GET
H/1.1 200
OK 4.png
dhe4oz50378wj.cloudfront.net/img/siteplatform/carriers/health/ 4 KB
5 KB 48ms
15ms Image
image/png 13.225.205.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dhe4oz50378wj.cloudfront.net/img/siteplatform/carriers/health/4.png
Requested by: Host: biden.healthplans.org
URL: https://biden.healthplans.org/?mdm=email&sub_2=7bf55c2c5b244b178b3c0999db6af1d3&sub_1=975028b1892b126360041a777f63c157&src=biden-uufr&sub_3=202673
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.205.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-205-200.ewr50.r.cloudfront.net
Software: Apache /
Resource Hash: 03b18dc1be3efe72d2543f114a3d28f3b86418d0e92bffd88e0954c1a5658f76

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://biden.healthplans.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Date: Mon, 13 Dec 2021 03:06:06 GMT
Via: 1.1 a7c7e4aa6d7cf400aa51dc847716996f.cloudfront.net (CloudFront)
Last-Modified: Tue, 09 Mar 2021 01:17:59 GMT
Server: Apache
Age: 60387
ETag: "5a0f0e-107c-5bd1052277fc0"
X-Cache: Hit from cloudfront
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Amz-Cf-Pop: EWR50-C1
Accept-Ranges: bytes
Content-Length: 4220
X-Amz-Cf-Id: ODqSWqIx3cunhONVF39H_EVgiYKg7HD7xM6uMBn-89wLyGjHnGyT1Q==

GET
H/1.1 200
OK 75.png
dhe4oz50378wj.cloudfront.net/img/siteplatform/carriers/health/ 20 KB
20 KB 48ms
15ms Image
image/png 13.225.205.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dhe4oz50378wj.cloudfront.net/img/siteplatform/carriers/health/75.png
Requested by: Host: biden.healthplans.org
URL: https://biden.healthplans.org/?mdm=email&sub_2=7bf55c2c5b244b178b3c0999db6af1d3&sub_1=975028b1892b126360041a777f63c157&src=biden-uufr&sub_3=202673
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.205.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-205-200.ewr50.r.cloudfront.net
Software: Apache /
Resource Hash: 53b240721f5bb7ef63d68fe78bb6ea13ed9a8380eb0452cf862ee5f59a884a1f

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://biden.healthplans.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Date: Mon, 13 Dec 2021 09:54:40 GMT
Via: 1.1 cb7f1fdf6954dd7324e8117a63207a3c.cloudfront.net (CloudFront)
Last-Modified: Tue, 09 Mar 2021 01:17:59 GMT
Server: Apache
Age: 56179
ETag: "5a0f33-4ee1-5bd1052277fc0"
X-Cache: Hit from cloudfront
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Amz-Cf-Pop: EWR50-C1
Accept-Ranges: bytes
Content-Length: 20193
X-Amz-Cf-Id: muIBYnozyxBCYjBD7UcEpk6vdP_pjv32DJkIWEqDEIVEYThUmQ_TeQ==

GET
H2 200 icon-pin.png
cdn-biden.healthplans.org/img/ 978 B
1 KB 7ms
6ms Image
image/png 99.84.126.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-biden.healthplans.org/img/icon-pin.png
Requested by: Host: biden.healthplans.org
URL: https://biden.healthplans.org/?mdm=email&sub_2=7bf55c2c5b244b178b3c0999db6af1d3&sub_1=975028b1892b126360041a777f63c157&src=biden-uufr&sub_3=202673
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.126.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-126-15.ewr52.r.cloudfront.net
Software: Apache /
Resource Hash: 3f58ecb31e89d77774ed757cf4e5fafed1f3bbd52a4aecd5b6faaf21a787c282

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://biden.healthplans.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Mon, 13 Dec 2021 14:36:25 GMT
via: 1.1 b45a69a5045b8813964c4110841f77f7.cloudfront.net (CloudFront)
last-modified: Thu, 02 Sep 2021 01:10:14 GMT
server: Apache
age: 18968
etag: "64797-3d2-5caf8d866073d"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: EWR52-C3
accept-ranges: bytes
content-length: 978
x-amz-cf-id: W4oPGt7b3XnJ8vW9v00s5chwU534Q_L_EDj7Vqu0frBbphyZiblkrA==

GET
H2 200 icon-card.png
cdn-biden.healthplans.org/img/ 1015 B
1 KB 22ms
21ms Image
image/png 99.84.126.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-biden.healthplans.org/img/icon-card.png
Requested by: Host: biden.healthplans.org
URL: https://biden.healthplans.org/?mdm=email&sub_2=7bf55c2c5b244b178b3c0999db6af1d3&sub_1=975028b1892b126360041a777f63c157&src=biden-uufr&sub_3=202673
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.126.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-126-15.ewr52.r.cloudfront.net
Software: Apache /
Resource Hash: 8d7fb47c1b1e97d5690f8ed17968b0aafb9535993d06b79a71f3a39b7e86b78d

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://biden.healthplans.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Mon, 13 Dec 2021 14:36:25 GMT
via: 1.1 b45a69a5045b8813964c4110841f77f7.cloudfront.net (CloudFront)
last-modified: Thu, 02 Sep 2021 01:10:14 GMT
server: Apache
age: 18968
etag: "64108-3f7-5caf8d866073d"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: EWR52-C3
accept-ranges: bytes
content-length: 1015
x-amz-cf-id: xhzNnmzatvNWSFrCMUo6OjPTUWITMet44hcgy1zaJeu9VUyvKHA6DQ==

GET
H2 200 icon-podium.png
cdn-biden.healthplans.org/img/ 585 B
896 B 27ms
27ms Image
image/png 99.84.126.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-biden.healthplans.org/img/icon-podium.png
Requested by: Host: biden.healthplans.org
URL: https://biden.healthplans.org/?mdm=email&sub_2=7bf55c2c5b244b178b3c0999db6af1d3&sub_1=975028b1892b126360041a777f63c157&src=biden-uufr&sub_3=202673
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.126.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-126-15.ewr52.r.cloudfront.net
Software: Apache /
Resource Hash: fce1c3d0a2ae7dc0949b438d48f9a987ab6c81a9a9839d5d02242f17241e368b

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://biden.healthplans.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Mon, 13 Dec 2021 14:36:25 GMT
via: 1.1 b45a69a5045b8813964c4110841f77f7.cloudfront.net (CloudFront)
last-modified: Thu, 02 Sep 2021 01:10:14 GMT
server: Apache
age: 18968
etag: "64d46-249-5caf8d866073d"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: EWR52-C3
accept-ranges: bytes
content-length: 585
x-amz-cf-id: KKxWcqMImQB3LczBt4OlOVnn4-6CA0YQF5S6iIlWDgATzSrIRyY_5w==

GET
H2 200 biden-hero.jpg
cdn-biden.healthplans.org/img/ 137 KB
138 KB 30ms
29ms Image
image/jpeg 99.84.126.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-biden.healthplans.org/img/biden-hero.jpg
Requested by: Host: cdn-biden.healthplans.org
URL: https://cdn-biden.healthplans.org/css/01rHeMw/bootstrap-4.6.0,health-global,health-results,owl-carousel,health-index,override-global
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.126.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-126-15.ewr52.r.cloudfront.net
Software: Apache /
Resource Hash: ed730114db17860c8ed3cd723a423ec610ab5b7e284bb6f11fb7386102fce06d

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://cdn-biden.healthplans.org/css/01rHeMw/bootstrap-4.6.0,health-global,health-results,owl-carousel,health-index,override-global
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Mon, 13 Dec 2021 02:53:08 GMT
via: 1.1 b45a69a5045b8813964c4110841f77f7.cloudfront.net (CloudFront)
last-modified: Thu, 02 Sep 2021 01:10:14 GMT
server: Apache
age: 61165
etag: "63b69-224e3-5caf8d865f79d"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: EWR52-C3
accept-ranges: bytes
content-length: 140515
x-amz-cf-id: nV-d1mW06EtCJnPsJESyEsN-l6KfDkMj6OoTCRIMHbLFTQ0M_Ej5pA==

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 25ms
5ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700|Roboto+Slab:400,700|Open+Sans:400,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://biden.healthplans.org
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Fri, 10 Dec 2021 01:28:42 GMT
x-content-type-options: nosniff
age: 325431
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 10 Dec 2022 01:28:42 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 26ms
6ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700|Roboto+Slab:400,700|Open+Sans:400,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://biden.healthplans.org
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 07 Dec 2021 16:23:56 GMT
x-content-type-options: nosniff
age: 530917
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 07 Dec 2022 16:23:56 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 27ms
7ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700|Roboto+Slab:400,700|Open+Sans:400,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://biden.healthplans.org
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Mon, 06 Dec 2021 22:58:42 GMT
x-content-type-options: nosniff
age: 593631
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 06 Dec 2022 22:58:42 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 172 KB
61 KB 38ms
34ms Script
application/javascript 2607:f8b0:4006:822::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KGS94WF

Requested by

Host: biden.healthplans.org
URL: https://biden.healthplans.org/?mdm=email&sub_2=7bf55c2c5b244b178b3c0999db6af1d3&sub_1=975028b1892b126360041a777f63c157&src=biden-uufr&sub_3=202673

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9c0569a0b2a4a8ec1a08feb38098e0856e9a82d76a8dcff164a46ed8dffc41d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://biden.healthplans.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Mon, 13 Dec 2021 19:52:33 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62088
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Dec 2021 19:52:33 GMT

GET
H2 200 footer-banner.jpg
cdn-biden.healthplans.org/img/ 23 KB
23 KB 17ms
17ms Image
image/jpeg 99.84.126.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-biden.healthplans.org/img/footer-banner.jpg
Requested by: Host: cdn-biden.healthplans.org
URL: https://cdn-biden.healthplans.org/css/01rHeMw/bootstrap-4.6.0,health-global,health-results,owl-carousel,health-index,override-global
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.126.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-126-15.ewr52.r.cloudfront.net
Software: Apache /
Resource Hash: 82501674ff3d2b5eb37d9f8b57152208be8e5af4879f3cfe8e95631730dff8a5

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://cdn-biden.healthplans.org/css/01rHeMw/bootstrap-4.6.0,health-global,health-results,owl-carousel,health-index,override-global
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Mon, 13 Dec 2021 13:08:14 GMT
via: 1.1 b45a69a5045b8813964c4110841f77f7.cloudfront.net (CloudFront)
last-modified: Thu, 02 Sep 2021 01:10:14 GMT
server: Apache
age: 24259
etag: "63b6b-5a44-5caf8d865f79d"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: EWR52-C3
accept-ranges: bytes
content-length: 23108
x-amz-cf-id: IOsm0-ndLoU7RbAeQ4R95gIZ9G7MjFZRdsUXgYccYQxZwyrQp3FszQ==

GET
H3 200 BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v16/ 32 KB
32 KB 18ms
7ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700|Roboto+Slab:400,700|Open+Sans:400,500

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c2dd34c8a8d2ed4b4e91eed55c2404518bb4a5ff02ae68e7a08f4e14ddb3e46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://biden.healthplans.org
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 07 Dec 2021 16:19:05 GMT
x-content-type-options: nosniff
age: 531208
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32876
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 18:12:04 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 07 Dec 2022 16:19:05 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 163 KB
60 KB 33ms
33ms Script
application/javascript 2607:f8b0:4006:822::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-799LXK9YJB&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGS94WF

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0e35509b65545b9af31918b11dc98a6dcf310a6d6075087b70e1e5cd494c3b33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://biden.healthplans.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Mon, 13 Dec 2021 19:52:33 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61898
x-xss-protection: 0
expires: Mon, 13 Dec 2021 19:52:33 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 23ms
4ms Script
text/javascript 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGS94WF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://biden.healthplans.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5439
date: Mon, 13 Dec 2021 18:21:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 13 Dec 2021 20:21:54 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
14 KB 77ms
58ms Script
text/javascript 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGS94WF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

7317a02358b2b617ba0934b570c313ee76f29176c4821a9a5fd1656413e5f41b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://biden.healthplans.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Mon, 13 Dec 2021 19:52:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14333
x-xss-protection: 0
server: cafe
etag: 8469929769973419123
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 13 Dec 2021 19:52:33 GMT

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 8 KB
3 KB 24ms
6ms Script
application/x-javascript 104.112.11.48
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGS94WF
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.112.11.48 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-112-11-48.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 998d9415269d92557b561a936955f7590d5052865044a9191a528b5a36f3afc9

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://biden.healthplans.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Date: Mon, 13 Dec 2021 19:52:33 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Oct 2021 12:12:10 GMT
Server: AkamaiNetStorage
ETag: "973e2603f46b719eecf8139c22b897a0:1633349530.816673"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3150
Expires: Mon, 13 Dec 2021 20:12:33 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1238849/ 75 KB
25 KB 24ms
4ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1238849/tfa.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGS94WF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b7ac060b3b9d6106fc44a181dcf28719d1fd4038214f236ef321de1d13f4fc78

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://biden.healthplans.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

x-amz-version-id: G6DbAqTNA650nRWFV4rR7lA.CS9N4DRb
content-encoding: gzip
etag: "10effbc083cdc8ac65f7a90cf625615f"
age: 24436
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 24967
x-amz-id-2: /HSX1m9hrOeYQXZqGbbWRYtGruZqBM+p8PVxhQOEvQQpqtyduBVMkGAGqlGPCh2qVVoqV6IWIjY=
x-served-by: cache-lga21963-LGA
last-modified: Mon, 13 Dec 2021 13:04:26 GMT
server: AmazonS3
x-timer: S1639425154.949503,VS0,VE0
date: Mon, 13 Dec 2021 19:52:33 GMT
vary: Accept-Encoding
x-amz-request-id: W2AJKH00BZE9K606
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 66
x-cache-hits: 298

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
6 KB 336ms
13ms Script
application/javascript 2001:4998:14:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: blueskyace.com
URL: http://blueskyace.com/a39366444c0aa43c48b379c5c31cde6b0/?sid1=41688_47226157_11&sid2=1_1_0_0_0_3741681_34_2262_95620_47226157_10_824&sid3=34

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1001 Ashburn, United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

759d6f0c1292d86d24d7abe7ad9a2cd1d86df0041260f98186ccfa26c7daab62

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://biden.healthplans.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

ats-carp-promotion: 1
date: Mon, 13 Dec 2021 19:42:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 584
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 5652
x-amz-id-2: sjpYIrWDHK64/ZM9o1JP+APwUQGlxu3o6cFXkthRNmYGTfWhKmwTHYm+j1aOZ1FlrPFTuZ6RyHg=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Sat, 10 Dec 2022 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Thu, 04 Nov 2021 15:26:13 GMT
server: ATS
etag: "146f99405588b7446958a732612c901d-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: 168H16NZPZTD308A
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
x-amz-version-id: pCmRUUjnQE9zqMEfVdrNnyYpaPAyW8Do
accept-ranges: bytes
content-type: application/javascript

GET
H/1.1 200
OK atrk.js Show response
certify-js.alexametrics.com/ 4 KB
5 KB 52ms
29ms Script
application/javascript 99.84.126.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: blueskyace.com
URL: http://blueskyace.com/a39366444c0aa43c48b379c5c31cde6b0/?sid1=41688_47226157_11&sid2=1_1_0_0_0_3741681_34_2262_95620_47226157_10_824&sid3=34
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.126.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-126-34.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://biden.healthplans.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Date: Fri, 15 Oct 2021 22:59:00 GMT
Via: 1.1 8d41af75f0c67663aa0315daec98e02c.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
Age: 5086414
ETag: "d89453438fbf10dcf4c13265c40d5160"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Cache-Control: max-age=26920000
X-Amz-Cf-Pop: EWR52-C3
Accept-Ranges: bytes
Content-Length: 4255
X-Amz-Cf-Id: iIMGAdGVxICZWa_tcFpBjWIMuN7hBNmTx2DjNz6273XrU_MRgi2_LA==

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
239 B 30ms
8ms Script
application/javascript 64.202.112.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=00e269902ba39bc56d3abdaebd4e09f279
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://biden.healthplans.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Date: Mon, 13 Dec 2021 19:52:33 GMT
content-encoding: gzip
X-TraceId: 6c59bea00f1e1547605015622c3371b8
Content-Length: 56
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 85ms
61ms Image
image/gif 64.202.112.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=00e269902ba39bc56d3abdaebd4e09f279&obApiVersion=1.0-gtm&obtpVersion=1.5.2&name=PAGE_VIEW&dl=https%3A%2F%2Fbiden.healthplans.org%2F%3Fmdm%3Demail%26sub_2%3D7bf55c2c5b244b178b3c0999db6af1d3%26sub_1%3D975028b1892b126360041a777f63c157%26src%3Dbiden-uufr%26sub_3%3D202673&optOut=false&bust=03003247233588999
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://biden.healthplans.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Date: Mon, 13 Dec 2021 19:52:34 GMT
Cache-Control: no-cache
X-TraceId: 06095654d0e66f5b009565412ac64e10
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 36ms
23ms XHR
text/plain 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=378359395&t=pageview&_s=1&dl=https%3A%2F%2Fbiden.healthplans.org%2F%3Fmdm%3Demail%26sub_2%3D7bf55c2c5b244b178b3c0999db6af1d3%26sub_1%3D975028b1892b126360041a777f63c157%26src%3Dbiden-uufr%26sub_3%3D202673&dr=http%3A%2F%2Fblueskyace.com%2F&ul=en-us&de=UTF-8&dt=HealthPlans.org%7C%20Find%20Affordable%20Health%20Care%20Today&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=2076396717&gjid=549921179&cid=317234746.1639425154&tid=UA-18598423-15&_gid=890771514.1639425154&_r=1&gtm=2wgc10KGS94WF&z=1884783355

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://biden.healthplans.org/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:52:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://biden.healthplans.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
trc.taboola.com/1238849/trc/3/ 2 KB
2 KB 23ms
19ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1238849/trc/3/json?tim=1639425153985&data=%7B%22id%22%3A552%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1639425153977%2C%22cv%22%3A%2220211213-1-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.biden.healthplans.org%2F%22%2C%22e%22%3A%22http%3A%2F%2Fblueskyace.com%2F%22%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fmdm%3Demail%26sub_2%3D7bf55c2c5b244b178b3c0999db6af1d3%26sub_1%3D975028b1892b126360041a777f63c157%26src%3Dbiden-uufr%26sub_3%3D202673%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dmediaalpha-healthcare-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1639425153984%2C%22ref%22%3A%22http%3A%2F%2Fblueskyace.com%2F%22%2C%22item-url%22%3A%22https%3A%2F%2Fbiden.healthplans.org%2F%3Fmdm%3Demail%26sub_2%3D7bf55c2c5b244b178b3c0999db6af1d3%26sub_1%3D975028b1892b126360041a777f63c157%26src%3Dbiden-uufr%26sub_3%3D202673%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A41%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1238849/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0af1da093718617d1b867c178d042c1a6789d34e728c1846b732b9f4f404410a

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://biden.healthplans.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

x-vcl-time-ms: 10
date: Mon, 13 Dec 2021 19:52:34 GMT
content-encoding: gzip
server: nginx
x-timer: S1639425154.998343,VS0,VE10
x-served-by: cache-lga21963-LGA
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 22ms
21ms Ping
text/plain 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-799LXK9YJB&gtm=2oec10&_p=378359395&sr=1600x1200&ul=en-us&cid=317234746.1639425154&_s=1&dl=https%3A%2F%2Fbiden.healthplans.org%2F%3Fmdm%3Demail%26sub_2%3D7bf55c2c5b244b178b3c0999db6af1d3%26sub_1%3D975028b1892b126360041a777f63c157%26src%3Dbiden-uufr%26sub_3%3D202673&dr=http%3A%2F%2Fblueskyace.com%2F&dt=HealthPlans.org%7C%20Find%20Affordable%20Health%20Care%20Today&sid=1639425153&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-799LXK9YJB&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://biden.healthplans.org/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:52:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://biden.healthplans.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
444 B 67ms
31ms XHR
text/plain 2607:f8b0:4023:1404::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-18598423-15&cid=317234746.1639425154&jid=2076396717&gjid=549921179&_gid=890771514.1639425154&_u=YEBAAEAAAAAAAC~&z=1585185802

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1404::9b Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://biden.healthplans.org/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 13 Dec 2021 19:52:34 GMT
content-type: text/plain
access-control-allow-origin: https://biden.healthplans.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
552 B 51ms
5ms Image
image/gif 13.225.214.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=HealthPlans.org%7C%20Find%20Affordable%20Health%20Care%20Today&time=1639425154018&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=http%3A%2F%2Fblueskyace.com%2F&host_url=https%3A%2F%2Fbiden.healthplans.org%2F%3Fmdm%3Demail%26sub_2%3D7bf55c2c5b244b178b3c0999db6af1d3%26sub_1%3D975028b1892b126360041a777f63c157%26src%3Dbiden-uufr%26sub_3%3D202673&random_number=600330337&sess_cookie=cbea1c0f17db55a9be23f54308a&sess_cookie_flag=1&user_cookie=cbea1c0f17db55a9be23f54308a&user_cookie_flag=1&dynamic=true&domain=governmenthealthinsurance.com&account=Uicmw1ah9W20em&jsv=20130128&user_lang=en-US
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.214.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-214-100.ewr50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://biden.healthplans.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Date: Mon, 13 Dec 2021 00:43:37 GMT
Via: 1.1 b6217766ccd41d69658fea04297b7c24.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 68938
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: EWR50-C1
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: zV4y_l5ADrf9TQeOg_bN_drSIqfIa3EQm_ebZ4gDbTcwaRt6HKtOLw==

GET
H2 204 x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 0
48 B 294ms
70ms Image
text/plain 52.27.66.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.27.66.213 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-27-66-213.us-west-2.compute.amazonaws.com
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://biden.healthplans.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Mon, 13 Dec 2021 19:52:34 GMT
server: Server

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/758216995/ 2 KB
2 KB 46ms
28ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/758216995/?random=1639425154023&cv=9&fst=1639425154023&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fbiden.healthplans.org%2F%3Fmdm%3Demail%26sub_2%3D7bf55c2c5b244b178b3c0999db6af1d3%26sub_1%3D975028b1892b126360041a777f63c157%26src%3Dbiden-uufr%26sub_3%3D202673&ref=http%3A%2F%2Fblueskyace.com%2F&tiba=HealthPlans.org%7C%20Find%20Affordable%20Health%20Care%20Today&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9c533606a5cdcd290f129a6c143fc3ab59695dd20c0fac9611038ebf2f167e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://biden.healthplans.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1116
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/856722397/ 2 KB
1 KB 45ms
29ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/856722397/?random=1639425154027&cv=9&fst=1639425154027&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fbiden.healthplans.org%2F%3Fmdm%3Demail%26sub_2%3D7bf55c2c5b244b178b3c0999db6af1d3%26sub_1%3D975028b1892b126360041a777f63c157%26src%3Dbiden-uufr%26sub_3%3D202673&ref=http%3A%2F%2Fblueskyace.com%2F&tiba=HealthPlans.org%7C%20Find%20Affordable%20Health%20Care%20Today&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46fb2594cb87c2617cf0da4078b80284d589bed3440df18c2e4594cce28c1f3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://biden.healthplans.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1115
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 2 KB
1 KB 11ms
10ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1238849/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://biden.healthplans.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

x-amz-version-id: iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding: gzip
etag: "3aa74dbf5cd656dbb65deda2d238ddbd"
age: 2334
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 911
x-amz-id-2: egKQhSnk8XXByqji5640IJAxm+rMO7kJ10dQGll108vabxawDBR5qlS3XM6Vwn92cBg4QAi/ibk=
x-served-by: cache-lga21963-LGA
last-modified: Wed, 14 Jul 2021 05:06:01 GMT
server: AmazonS3
x-timer: S1639425154.037965,VS0,VE0
date: Mon, 13 Dec 2021 19:52:34 GMT
vary: Accept-Encoding
x-amz-request-id: C4YPQ2HVS5E6D04Z
via: 1.1 varnish
cache-control: private, max-age=3600
accept-ranges: bytes
content-type: application/javascript
abp: 70
x-cache-hits: 6258

GET
H2 200 json Show response
trc.taboola.com/1336375/trc/3/ 2 KB
1 KB 18ms
18ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1336375/trc/3/json?tim=1639425154029&data=%7B%22id%22%3A949%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3A%22773bea20-a890-499c-8323-55c3f6c43bda-tuct8b12a02%22%2C%22vi%22%3A1639425153977%2C%22cv%22%3A%2220211213-1-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.biden.healthplans.org%2F%22%2C%22e%22%3A%22http%3A%2F%2Fblueskyace.com%2F%22%2C%22cb%22%3A%22TFASC.trkCallback1%22%2C%22qs%22%3A%22%3Fmdm%3Demail%26sub_2%3D7bf55c2c5b244b178b3c0999db6af1d3%26sub_1%3D975028b1892b126360041a777f63c157%26src%3Dbiden-uufr%26sub_3%3D202673%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dmediaalpha-healthcare-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1639425153988%2C%22ref%22%3A%22http%3A%2F%2Fblueskyace.com%2F%22%2C%22item-url%22%3A%22https%3A%2F%2Fbiden.healthplans.org%2F%3Fmdm%3Demail%26sub_2%3D7bf55c2c5b244b178b3c0999db6af1d3%26sub_1%3D975028b1892b126360041a777f63c157%26src%3Dbiden-uufr%26sub_3%3D202673%22%2C%22tos%22%3A6%2C%22ssd%22%3A1%2C%22scd%22%3A41%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1238849/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1baae5ddf4f90af2b9dbf863fec532c273bb13335e16343a072a25f605347f88

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://biden.healthplans.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

x-vcl-time-ms: 10
date: Mon, 13 Dec 2021 19:52:34 GMT
content-encoding: gzip
server: nginx
x-timer: S1639425154.038185,VS0,VE10
x-served-by: cache-lga21963-LGA
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 json Show response
trc.taboola.com/1089853/trc/3/ 2 KB
1 KB 21ms
21ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1089853/trc/3/json?tim=1639425154030&data=%7B%22id%22%3A880%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3A%22773bea20-a890-499c-8323-55c3f6c43bda-tuct8b12a02%22%2C%22vi%22%3A1639425153977%2C%22cv%22%3A%2220211213-1-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.biden.healthplans.org%2F%22%2C%22e%22%3A%22http%3A%2F%2Fblueskyace.com%2F%22%2C%22cb%22%3A%22TFASC.trkCallback2%22%2C%22qs%22%3A%22%3Fmdm%3Demail%26sub_2%3D7bf55c2c5b244b178b3c0999db6af1d3%26sub_1%3D975028b1892b126360041a777f63c157%26src%3Dbiden-uufr%26sub_3%3D202673%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dmediaalpha-healthcare-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1639425153988%2C%22ref%22%3A%22http%3A%2F%2Fblueskyace.com%2F%22%2C%22item-url%22%3A%22https%3A%2F%2Fbiden.healthplans.org%2F%3Fmdm%3Demail%26sub_2%3D7bf55c2c5b244b178b3c0999db6af1d3%26sub_1%3D975028b1892b126360041a777f63c157%26src%3Dbiden-uufr%26sub_3%3D202673%22%2C%22tos%22%3A6%2C%22ssd%22%3A1%2C%22scd%22%3A41%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1238849/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8fde6fa2da1f40e9511553733df2821c32a1ab9066058180ebe28f4467b7b00b

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://biden.healthplans.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

x-vcl-time-ms: 12
date: Mon, 13 Dec 2021 19:52:34 GMT
content-encoding: gzip
server: nginx
x-timer: S1639425154.038357,VS0,VE12
x-served-by: cache-lga21963-LGA
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 panorama.js Show response
cdn.taboola.com/scripts/ 1 KB
1 KB 20ms
20ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/panorama.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1238849/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d7bfa676c07c88144d9ecdcec09a4ec7afcd0449226bf5fc5063342a16d5f8e3

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://biden.healthplans.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

x-amz-version-id: CYlu4uGxGteYv0_gS3v6WaXb_4ObQ4ke
content-encoding: gzip
etag: "245ecb1e94189239a899012670435435"
age: 16741
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 710
x-amz-id-2: LanRyNxNNu6ouY33mzTWsX48xOe9NcnFzUw88lIS6YDtoj21+09FQam/JI331rFt7n1PWCpnLBE=
x-served-by: cache-lga21963-LGA
last-modified: Sun, 18 Apr 2021 12:53:28 GMT
server: AmazonS3
x-timer: S1639425154.065502,VS0,VE0
date: Mon, 13 Dec 2021 19:52:34 GMT
vary: Accept-Encoding
x-amz-request-id: C4YJ5KCZ96C132NH
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 70
x-cache-hits: 30956

GET
H2 200 /
www.google.com/pagead/1p-user-list/758216995/ 42 B
154 B 47ms
29ms Image
image/gif 2607:f8b0:4006:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/758216995/?random=1639425154023&cv=9&fst=1639422000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fbiden.healthplans.org%2F%3Fmdm%3Demail%26sub_2%3D7bf55c2c5b244b178b3c0999db6af1d3%26sub_1%3D975028b1892b126360041a777f63c157%26src%3Dbiden-uufr%26sub_3%3D202673&ref=http%3A%2F%2Fblueskyace.com%2F&tiba=HealthPlans.org%7C%20Find%20Affordable%20Health%20Care%20Today&async=1&fmt=3&is_vtc=1&random=2467337042&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://biden.healthplans.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:52:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/856722397/ 42 B
108 B 47ms
29ms Image
image/gif 2607:f8b0:4006:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/856722397/?random=1639425154027&cv=9&fst=1639422000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fbiden.healthplans.org%2F%3Fmdm%3Demail%26sub_2%3D7bf55c2c5b244b178b3c0999db6af1d3%26sub_1%3D975028b1892b126360041a777f63c157%26src%3Dbiden-uufr%26sub_3%3D202673&ref=http%3A%2F%2Fblueskyace.com%2F&tiba=HealthPlans.org%7C%20Find%20Affordable%20Health%20Care%20Today&async=1&fmt=3&is_vtc=1&random=2395462838&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://biden.healthplans.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:52:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 33ms
24ms Image
image/gif 2607:f8b0:4006:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-18598423-15&cid=317234746.1639425154&jid=2076396717&_u=YEBAAEAAAAAAAC~&z=892413

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://biden.healthplans.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:52:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10048471.json Show response
s.yimg.com/wi/config/ 2 B
488 B 46ms
24ms XHR
application/json 2001:4998:14:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10048471.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1001 Ashburn, United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://biden.healthplans.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Mon, 13 Dec 2021 19:52:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: 19TQBBSG5BJFXAJ1
x-amz-id-2: IN7UWzcrEBrngUxnFK7UiP+Xy3a5A4rKUsUojFZOCNF+VKcnAjAkg63AT/yzQTLkWyXsZbxAn8M=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 22

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
716 B 54ms
20ms Image
image/gif 76.13.32.146
YAHOO-BF1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Mon%2C%2013%20Dec%202021%2019%3A52%3A34%20GMT&n=0&b=HealthPlans.org%7C%20Find%20Affordable%20Health%20Care%20Today&.yp=10048471&f=https%3A%2F%2Fbiden.healthplans.org%2F%3Fmdm%3Demail%26sub_2%3D7bf55c2c5b244b178b3c0999db6af1d3%26sub_1%3D975028b1892b126360041a777f63c157%26src%3Dbiden-uufr%26sub_3%3D202673&e=http%3A%2F%2Fblueskyace.com%2F&enc=UTF-8&yv=1.10.2&tagmgr=gtm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.13.32.146 Lockport, United States, ASN26101 (YAHOO-BF1, US),

Reverse DNS

spdc.pbp.vip.bf1.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://biden.healthplans.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:52:34 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Mon, 13 Dec 2021 19:52:34 GMT

GET
H2 204 unip Show response
trc-events.taboola.com/1089853/log/3/ 0
382 B 35ms
5ms XHR
text/plain 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1089853/log/3/unip?en=pre_d_eng_tb&tos=1552&scd=41&ssd=1&est=1639425153980&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1639425155534&vi=1639425153977&ri=53eff106e2935ecdbc43797579ef6682&sd=v2_53fff6e5447ce0c6869192ca15d2e0dc_773bea20-a890-499c-8323-55c3f6c43bda-tuct8b12a02_1639425154_1639425154_CIC4mh8QvcJCGLm36qrbLyABKAMw4QE4kaQOQJ6fD0jc3tsDUPUDWABgAGiZp8P4jYP4wGpwAQ&ui=773bea20-a890-499c-8323-55c3f6c43bda-tuct8b12a02&ref=http%3A%2F%2Fblueskyace.com%2F&cv=20211213-1-RELEASE&item-url=https%3A%2F%2Fbiden.healthplans.org%2F%3Fmdm%3Demail%26sub_2%3D7bf55c2c5b244b178b3c0999db6af1d3%26sub_1%3D975028b1892b126360041a777f63c157%26src%3Dbiden-uufr%26sub_3%3D202673
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1238849/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://biden.healthplans.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

access-control-allow-origin: https://biden.healthplans.org
pragma: no-cache
date: Mon, 13 Dec 2021 19:52:35 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 unip Show response
trc-events.taboola.com/1238849/log/3/ 0
382 B 35ms
6ms XHR
text/plain 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1238849/log/3/unip?en=pre_d_eng_tb&tos=1553&scd=41&ssd=1&est=1639425153980&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1639425155535&vi=1639425153977&ri=d01d5737c2f6c6286b87a472e2b767ec&sd=v2_40fd81415acaadbb6b8640128cc4eb98_773bea20-a890-499c-8323-55c3f6c43bda-tuct8b12a02_1639425154_1639425154_CIC4mh8Qwc5LGLm36qrbLyABKAEw4QE4kaQOQJ6fD0jc3tsDUPUDWABgAGiZp8P4jYP4wGpwAQ&ui=773bea20-a890-499c-8323-55c3f6c43bda-tuct8b12a02&ref=http%3A%2F%2Fblueskyace.com%2F&cv=20211213-1-RELEASE&item-url=https%3A%2F%2Fbiden.healthplans.org%2F%3Fmdm%3Demail%26sub_2%3D7bf55c2c5b244b178b3c0999db6af1d3%26sub_1%3D975028b1892b126360041a777f63c157%26src%3Dbiden-uufr%26sub_3%3D202673
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1238849/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://biden.healthplans.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

access-control-allow-origin: https://biden.healthplans.org
pragma: no-cache
date: Mon, 13 Dec 2021 19:52:35 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 unip Show response
trc-events.taboola.com/1336375/log/3/ 0
383 B 34ms
5ms XHR
text/plain 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1336375/log/3/unip?en=pre_d_eng_tb&tos=1553&scd=41&ssd=1&est=1639425153980&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1639425155535&vi=1639425153977&ri=3edd9012dc454e340f5484c0a04ddc76&sd=v2_5e147e3a2af8760bc81b61c4cc4ebeac_773bea20-a890-499c-8323-55c3f6c43bda-tuct8b12a02_1639425154_1639425154_CIC4mh8Qt8hRGLm36qrbLyABKAMw4QE4kaQOQJ6fD0jc3tsDUPUDWABgAGiZp8P4jYP4wGpwAQ&ui=773bea20-a890-499c-8323-55c3f6c43bda-tuct8b12a02&ref=http%3A%2F%2Fblueskyace.com%2F&cv=20211213-1-RELEASE&item-url=https%3A%2F%2Fbiden.healthplans.org%2F%3Fmdm%3Demail%26sub_2%3D7bf55c2c5b244b178b3c0999db6af1d3%26sub_1%3D975028b1892b126360041a777f63c157%26src%3Dbiden-uufr%26sub_3%3D202673
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1238849/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://biden.healthplans.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

access-control-allow-origin: https://biden.healthplans.org
pragma: no-cache
date: Mon, 13 Dec 2021 19:52:35 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.traversedlp.com
URL: https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/4.gif

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.taboola.com/mediaalpha-healthplanscom/	1969-12-31 23:59:59	Name: taboola_session_id Value: v2_5e147e3a2af8760bc81b61c4cc4ebeac_773bea20-a890-499c-8323-55c3f6c43bda-tuct8b12a02_1639425154_1639425154_CIC4mh8Qt8hRGLm36qrbLyABKAMw4QE4kaQOQJ6fD0jc3tsDUPUDWABgAGiZp8P4jYP4wGpwAQ
.taboola.com/mediaalpha-healthcare-sc/	1969-12-31 23:59:59	Name: taboola_session_id Value: v2_40fd81415acaadbb6b8640128cc4eb98_773bea20-a890-499c-8323-55c3f6c43bda-tuct8b12a02_1639425154_1639425154_CIC4mh8Qwc5LGLm36qrbLyABKAEw4QE4kaQOQJ6fD0jc3tsDUPUDWABgAGiZp8P4jYP4wGpwAQ
.taboola.com/onthebarrelhead-network/	1969-12-31 23:59:59	Name: taboola_session_id Value: v2_53fff6e5447ce0c6869192ca15d2e0dc_773bea20-a890-499c-8323-55c3f6c43bda-tuct8b12a02_1639425154_1639425154_CIC4mh8QvcJCGLm36qrbLyABKAMw4QE4kaQOQJ6fD0jc3tsDUPUDWABgAGiZp8P4jYP4wGpwAQ
blueskyace.com/	1970-01-20 00:06:57	Name: clkcheck28041 Value: 975028b1892b126360041a777f63c157_202673
.traversedlp.com/	1970-01-20 08:09:21	Name: v1.cookieId Value: s%3Adff17387-6d30-49c6-b2de-47a96f4332a1.asjeFkvflRZHgC11T5wj2APl%2BrFKQQg%2FqMZywBuMxBI
.traversedlp.com/	1970-01-20 08:09:21	Name: v1.syncTimestamp Value: s%3A1639425152888.uvGFh0CHoxTETSI6wXW27Sk6pf3cXIF26Drjv1q8IXo
www.servektch.com/	1970-01-19 23:26:37	Name: uniqueClick_2SCN7G Value: 07805690-3dd6-4fbd-92bb-d54aec1a914d:1639425153
www.servektch.com/	1970-01-20 01:33:21	Name: transaction_id Value: 7bf55c2c5b244b178b3c0999db6af1d3
.biden.healthplans.org/	1970-01-29 23:23:45	Name: ~u Value: pF8rriuL_523Osik2wvZjxcZvPVdTR6aLfWoS8UEbg14B5VHNBw
.biden.healthplans.org/	1970-01-20 00:50:09	Name: ~ Value: t0J_tTkP6X9U-VC4_TKpEe2Zv-Sw5wMOFoAr1nHBqSDVVrtGj7xOWv0ddPvU7n6FskjTGyj0-i7LjxPAehFJSUA5nyrXywIqPtkutwUvHQfugpyy6IqFg2Yy7TFUozmj4HFR6Iws1a-V-vVZa94KAckXnN9T9vm8BT87S9fw066U8SDELtvsORLMOsPBQeq3NzRrE8Vz5OwJRX3Dlw3isgE_Ezk4mg
.healthplans.org/	1970-01-20 01:33:21	Name: _gcl_au Value: 1.1.1001100811.1639425154
.healthplans.org/	1970-01-19 23:25:11	Name: _gid Value: GA1.2.890771514.1639425154
.healthplans.org/	1970-01-19 23:23:45	Name: _gat_UA-18598423-15 Value: 1
.healthplans.org/	1970-01-20 16:54:57	Name: _ga_799LXK9YJB Value: GS1.1.1639425153.1.0.1639425153.0
.healthplans.org/	1970-01-20 16:54:57	Name: _ga Value: GA1.1.317234746.1639425154
.taboola.com/	1970-01-20 08:09:21	Name: t_gid Value: 773bea20-a890-499c-8323-55c3f6c43bda-tuct8b12a02
biden.healthplans.org/	1970-01-19 23:23:45	Name: outbrain_cid_fetch Value: true
.doubleclick.net/	1970-01-19 23:23:46	Name: test_cookie Value: CheckForPermission
.yahoo.com/	1970-01-20 08:09:42	Name: A3 Value: d=AQABBIKkt2ECEPMu2HT0pxqQqXCxEDtX3DIFEgEBAQH2uGHBYQAAAAAA_eMAAA&S=AQAAAns6HefCf8Mxg8Jt5nNWhhM

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	URL: http://blueskyace.com/a39366444c0aa43c48b379c5c31cde6b0/?sid1=41688_47226157_11&sid2=1_1_0_0_0_3741681_34_2262_95620_47226157_10_824&sid3=34(Line 118) Message: Synchronous XMLHttpRequest on the main thread is deprecated because of its detrimental effects to the end user's experience. For more help, check https://xhr.spec.whatwg.org/.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amplify.outbrain.com
api.traversedlp.com
biden.healthplans.org
blueskyace.com
cdn-biden.healthplans.org
cdn.taboola.com
certify-js.alexametrics.com
certify.alexametrics.com
dhe4oz50378wj.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
insurance.mediaalpha.com
partner.mediawallahscript.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
s.yimg.com
signals.aimtell.com
sp.analytics.yahoo.com
static.traversedlp.com
stats.g.doubleclick.net
tr.outbrain.com
trc-events.taboola.com
trc.taboola.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.servektch.com
api.traversedlp.com
104.112.11.48
13.225.205.200
13.225.213.160
13.225.214.100
141.226.224.48
142.250.176.194
151.101.193.44
178.63.123.198
18.210.116.206
2001:4998:14:800::1001
23.250.1.134
2606:4700::6812:1f97
2607:f8b0:4006:806::200e
2607:f8b0:4006:809::2004
2607:f8b0:4006:80b::2002
2607:f8b0:4006:817::200a
2607:f8b0:4006:822::2003
2607:f8b0:4006:822::2008
2607:f8b0:4023:1404::9b
34.232.232.115
35.186.248.142
44.195.70.178
52.27.66.213
52.54.227.223
64.202.112.95
76.13.32.146
99.84.126.15
99.84.126.34
03b18dc1be3efe72d2543f114a3d28f3b86418d0e92bffd88e0954c1a5658f76
042a82f58baa7a201449dc7d695f0e109ea8deb6b6463e9030e0ac1f4deef11e
0af1da093718617d1b867c178d042c1a6789d34e728c1846b732b9f4f404410a
0e35509b65545b9af31918b11dc98a6dcf310a6d6075087b70e1e5cd494c3b33
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
12b4e374276c7bda1bf808679551e62fbe8b45c3df02e5c592a61cf775bbfc61
18427cba55210fc967a32f987fe7d5c13a373d489a4629d8ffe6033930e152d9
1baae5ddf4f90af2b9dbf863fec532c273bb13335e16343a072a25f605347f88
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
2c2dd34c8a8d2ed4b4e91eed55c2404518bb4a5ff02ae68e7a08f4e14ddb3e46
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
3ad3fefdb207753cf1f7f14c610030fd6b00660db09420776630d056c35a2c58
3f58ecb31e89d77774ed757cf4e5fafed1f3bbd52a4aecd5b6faaf21a787c282
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46fb2594cb87c2617cf0da4078b80284d589bed3440df18c2e4594cce28c1f3a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
53b240721f5bb7ef63d68fe78bb6ea13ed9a8380eb0452cf862ee5f59a884a1f
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7317a02358b2b617ba0934b570c313ee76f29176c4821a9a5fd1656413e5f41b
759d6f0c1292d86d24d7abe7ad9a2cd1d86df0041260f98186ccfa26c7daab62
773adf2fa321d087ad777573167e7bdbc2a56d20cf691ee85f9b42086f684508
7e9c454a8459203246cb98a681a9f973322b3356d647a17c5f1f259e67c4e292
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3
82501674ff3d2b5eb37d9f8b57152208be8e5af4879f3cfe8e95631730dff8a5
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b203558ce78721e72fc24ad94bf75b0d254cbf31321e65891432fb1aa39c3d2
8d7fb47c1b1e97d5690f8ed17968b0aafb9535993d06b79a71f3a39b7e86b78d
8fde6fa2da1f40e9511553733df2821c32a1ab9066058180ebe28f4467b7b00b
998d9415269d92557b561a936955f7590d5052865044a9191a528b5a36f3afc9
9c0569a0b2a4a8ec1a08feb38098e0856e9a82d76a8dcff164a46ed8dffc41d1
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a9c533606a5cdcd290f129a6c143fc3ab59695dd20c0fac9611038ebf2f167e9
b4604ff6c3b592e72d6f226a2c61b610f6491875d2d9af0fa08a440941c70d31
b7ac060b3b9d6106fc44a181dcf28719d1fd4038214f236ef321de1d13f4fc78
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cdeefcc8a81216ed61a9a3393aaaef25c6a6b7453919d3170f744c19a7e42520
d7bfa676c07c88144d9ecdcec09a4ec7afcd0449226bf5fc5063342a16d5f8e3
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed730114db17860c8ed3cd723a423ec610ab5b7e284bb6f11fb7386102fce06d
eef566fa0ad89c358651707c076332cb2ee2c5dfa8b086dfde4e6ed509c0ea9b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef84a7da42544c1ecf86724771c831f7711c5f960f0579eb4d52fc38f1911518
fce1c3d0a2ae7dc0949b438d48f9a987ab6c81a9a9839d5d02242f17241e368b

biden.healthplans.org Open in urlscan Pro 44.195.70.178 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

66 Requests

82 %HTTPS

32 %IPv6

21 Domains

28 Subdomains

27 IPs

2 Countries

690 kBTransfer

1434 kBSize

19 Cookies

1 Outgoing links

Page URL History

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

biden.healthplans.org Open in urlscan Pro
44.195.70.178 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

82 %
HTTPS

32 %
IPv6

21
Domains

28
Subdomains

27
IPs

2
Countries

690 kB
Transfer

1434 kB
Size

19
Cookies

66 HTTP transactions
0 data transactions