urlscan.io logo urlscan.io
SecurityTrails logo

medicarecoverageplans.co Open in urlscan Pro
107.180.94.208  Public Scan

Go To Rescan Add Verdict Report
URL: http://medicarecoverageplans.co/
Submission: On December 07 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 12 domains to perform 29 HTTP transactions. The main IP is 107.180.94.208, located in Ashburn, United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is medicarecoverageplans.co.
This is the only time medicarecoverageplans.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 107.180.94.208 26496 (AS-26496-...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 142.250.185.226 15169 (GOOGLE)
5 54.156.11.63 14618 (AMAZON-AES)
1 52.222.137.109 16509 (AMAZON-02)
1 52.86.93.38 14618 (AMAZON-AES)
29 10
14    107.180.94.208 (Ashburn, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: 208.94.180.107.host.secureserver.net
medicarecoverageplans.co
www.medicarecoverageplans.co
www.enginefish.info
1    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2606:4700:10::ac43:29e5 (United States)

ASN13335 (CLOUDFLARENET, US)
create.lidstatic.com
1    2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
www.googleadservices.com
5    54.156.11.63 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-11-63.compute-1.amazonaws.com
create.leadid.com
1    52.222.137.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-137-109.ams50.r.cloudfront.net
d2m2wsoho8qq12.cloudfront.net
1    52.86.93.38 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-93-38.compute-1.amazonaws.com
deviceid.trueleadid.com
Apex Domain
Subdomains		 Transfer
12 medicarecoverageplans.co
medicarecoverageplans.co
www.medicarecoverageplans.co
333 KB
5 leadid.com
create.leadid.com — Cisco Umbrella Rank: 18298
3 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 5234
659 B
2 gstatic.com
www.gstatic.com
23 KB
2 enginefish.info
www.enginefish.info
3 KB
1 trueleadid.com
deviceid.trueleadid.com — Cisco Umbrella Rank: 19305
2 KB
1 cloudfront.net
d2m2wsoho8qq12.cloudfront.net
2 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 170
510 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
548 B
1 lidstatic.com
create.lidstatic.com — Cisco Umbrella Rank: 32366
38 KB
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 39
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 65
52 KB
29 12
Domain Requested by
11 www.medicarecoverageplans.co medicarecoverageplans.co
www.medicarecoverageplans.co
5 create.leadid.com create.lidstatic.com
deviceid.trueleadid.com
2 www.google.de medicarecoverageplans.co
2 www.gstatic.com www.googletagmanager.com
www.gstatic.com
2 www.enginefish.info medicarecoverageplans.co
1 deviceid.trueleadid.com d2m2wsoho8qq12.cloudfront.net
1 d2m2wsoho8qq12.cloudfront.net create.lidstatic.com
1 www.googleadservices.com 1 redirects
1 www.google.com medicarecoverageplans.co
1 create.lidstatic.com medicarecoverageplans.co
1 googleads.g.doubleclick.net www.googletagmanager.com
1 www.googletagmanager.com medicarecoverageplans.co
1 medicarecoverageplans.co
29 13

This site contains links to these domains. Also see Links.

Domain
www.medicarecoverageplans.co
Subject Issuer Validity Valid
medicarecoverageplans.co
R3		 2022-12-07 -
2023-03-07		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
enginefish.info
R3		 2022-11-27 -
2023-02-25		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
lidstatic.com
Cloudflare Inc ECC CA-3		 2022-03-30 -
2023-03-30		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
create.leadid.com
Amazon		 2022-09-21 -
2023-10-19		 a year crt.sh
deviceid.trueleadid.com
Amazon		 2022-01-07 -
2023-02-05		 a year crt.sh

This page contains 3 frames:

Primary Page: http://medicarecoverageplans.co/
Frame ID: 0C0D0D25C7F19938A54E9378BCD9CEC9
Requests: 26 HTTP requests in this frame

Frame: http://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=D1DA40F9-43A1-E590-F17B-F4D8F5D6518A&apiurl=http%3A%2F%2Fcreate.leadid.com%2F2.11.11&lck=5A903A1B-8D66-9A0C-55B7-F7AEB565701B&lac=FAD4152D-F05B-8229-4543-50675B2BBCDE
Frame ID: 9B0F15712C04015D53A9FF92FFE667EA
Requests: 1 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=D1DA40F9-43A1-E590-F17B-F4D8F5D6518A&apiurl=http%3A%2F%2Fcreate.leadid.com%2F2.11.11&lck=5A903A1B-8D66-9A0C-55B7-F7AEB565701B&lac=FAD4152D-F05B-8229-4543-50675B2BBCDE
Frame ID: 1E14A09DC2E402734975FFA1ADDE3A50
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home Refinance & New Home Loan - Home Mortgage Pros

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

29
Requests

90 %
HTTPS

55 %
IPv6

12
Domains

13
Subdomains

10
IPs

2
Countries

460 kB
Transfer

656 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://www.googleadservices.com/pagead/conversion/10900559656/wcm?cc=ZZ&dn=18882158221&cl=6zajCOqxnbwDEKiu5c0o&ct_eid=2 HTTP 302
  • https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=18882158221&cl=6zajCOqxnbwDEKiu5c0o

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
medicarecoverageplans.co/ 		8 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://medicarecoverageplans.co/
Protocol
HTTP/1.1
Server
107.180.94.208 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
208.94.180.107.host.secureserver.net
Software
Apache /
Resource Hash
659bf889c2a4c36b3e518487555068bd92607da5d3bc525369858ca16097fb58

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Type
text/html; charset=utf-8
Date
Wed, 07 Dec 2022 08:17:04 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked
common.css
www.medicarecoverageplans.co/css/ 		35 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.medicarecoverageplans.co/css/common.css
Requested by
Host: medicarecoverageplans.co
URL: http://medicarecoverageplans.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.180.94.208 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
208.94.180.107.host.secureserver.net
Software
Apache /
Resource Hash
f3dc49bc2a6c678d4e8c4b283d6a46c1b0be6aac2ab842f18a302d72cbadcfc2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://medicarecoverageplans.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Wed, 07 Dec 2022 08:17:04 GMT
Last-Modified
Wed, 07 Dec 2022 03:52:49 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
36035
jquery.js
www.medicarecoverageplans.co/scripts/ 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.medicarecoverageplans.co/scripts/jquery.js
Requested by
Host: medicarecoverageplans.co
URL: http://medicarecoverageplans.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.180.94.208 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
208.94.180.107.host.secureserver.net
Software
Apache /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://medicarecoverageplans.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Wed, 07 Dec 2022 08:17:04 GMT
Last-Modified
Wed, 07 Dec 2022 03:52:40 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
86659
jquery.mask.js
www.medicarecoverageplans.co/scripts/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.medicarecoverageplans.co/scripts/jquery.mask.js
Requested by
Host: medicarecoverageplans.co
URL: http://medicarecoverageplans.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.180.94.208 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
208.94.180.107.host.secureserver.net
Software
Apache /
Resource Hash
787bb8431c6bbbeb1f60b7e8aa14bf0065da5dd008a5b21e35585bf189908989

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://medicarecoverageplans.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Wed, 07 Dec 2022 08:17:04 GMT
Last-Modified
Wed, 07 Dec 2022 03:52:40 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
5929
common.js
www.medicarecoverageplans.co/scripts/ 		436 B
691 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.medicarecoverageplans.co/scripts/common.js
Requested by
Host: medicarecoverageplans.co
URL: http://medicarecoverageplans.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.180.94.208 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
208.94.180.107.host.secureserver.net
Software
Apache /
Resource Hash
7cefb7d923aca59fcd76d13db002e0eb4da272baa09967f5af295f2def672501

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://medicarecoverageplans.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Wed, 07 Dec 2022 08:17:04 GMT
Last-Modified
Wed, 07 Dec 2022 03:52:40 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
436
js
www.googletagmanager.com/gtag/ 		135 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-10900559656
Requested by
Host: medicarecoverageplans.co
URL: http://medicarecoverageplans.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4815d3e0511bedf959d937e2185fbc9d225a803b13807a10af3287645fac8c48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://medicarecoverageplans.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 08:17:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52967
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 07 Dec 2022 08:17:06 GMT
logo.jpg
www.medicarecoverageplans.co/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.medicarecoverageplans.co/images/logo.jpg
Requested by
Host: medicarecoverageplans.co
URL: http://medicarecoverageplans.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.180.94.208 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
208.94.180.107.host.secureserver.net
Software
Apache /
Resource Hash
461d986ad30ea38a0b8680f358a5ea67bf27a10c0e4cffc23080043326342778

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://medicarecoverageplans.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Wed, 07 Dec 2022 08:17:04 GMT
Last-Modified
Wed, 07 Dec 2022 03:52:45 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
15048
1.jpg
www.medicarecoverageplans.co/images/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.medicarecoverageplans.co/images/1.jpg
Requested by
Host: medicarecoverageplans.co
URL: http://medicarecoverageplans.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.180.94.208 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
208.94.180.107.host.secureserver.net
Software
Apache /
Resource Hash
255e0e50bd04dd8e2d56e341f53dd5687bc194f08b3c96159d5c216062999366

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://medicarecoverageplans.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Wed, 07 Dec 2022 08:17:04 GMT
Last-Modified
Wed, 07 Dec 2022 03:52:42 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
17393
2.jpg
www.medicarecoverageplans.co/images/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.medicarecoverageplans.co/images/2.jpg
Requested by
Host: medicarecoverageplans.co
URL: http://medicarecoverageplans.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.180.94.208 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
208.94.180.107.host.secureserver.net
Software
Apache /
Resource Hash
e9f0776581e49e73406d11bbb25649d1ae238e3ce5adfca2b895ff7c97b1b7fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://medicarecoverageplans.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Wed, 07 Dec 2022 08:17:04 GMT
Last-Modified
Wed, 07 Dec 2022 03:52:43 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
18241
3.jpg
www.medicarecoverageplans.co/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.medicarecoverageplans.co/images/3.jpg
Requested by
Host: medicarecoverageplans.co
URL: http://medicarecoverageplans.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.180.94.208 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
208.94.180.107.host.secureserver.net
Software
Apache /
Resource Hash
ba3d12b9cc3eb73fc563bc7460e29d71a8cffda89f755d6326a4fe689d80669d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://medicarecoverageplans.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Wed, 07 Dec 2022 08:17:04 GMT
Last-Modified
Wed, 07 Dec 2022 03:52:43 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
15320
4.jpg
www.medicarecoverageplans.co/images/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.medicarecoverageplans.co/images/4.jpg
Requested by
Host: medicarecoverageplans.co
URL: http://medicarecoverageplans.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.180.94.208 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
208.94.180.107.host.secureserver.net
Software
Apache /
Resource Hash
e325b12564be90553675b93c8340a789b82c74a6a0758a0443cbab7fdf21c2a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://medicarecoverageplans.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Wed, 07 Dec 2022 08:17:05 GMT
Last-Modified
Wed, 07 Dec 2022 03:52:43 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
17773
dnc.css
www.enginefish.info/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.enginefish.info/css/dnc.css
Requested by
Host: medicarecoverageplans.co
URL: http://medicarecoverageplans.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.180.94.208 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
208.94.180.107.host.secureserver.net
Software
Apache /
Resource Hash
08823b626b4ab8051ed0abb5f2873dc9ed90069707f272874e7d3cde50c52ec3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://medicarecoverageplans.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Wed, 07 Dec 2022 08:17:05 GMT
Last-Modified
Wed, 24 Aug 2022 06:05:55 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2089
dnc.js
www.enginefish.info/scripts/ 		767 B
1022 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.enginefish.info/scripts/dnc.js
Requested by
Host: medicarecoverageplans.co
URL: http://medicarecoverageplans.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.180.94.208 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
208.94.180.107.host.secureserver.net
Software
Apache /
Resource Hash
376303605e09437a9a368eb1bd18be2145ef61e1ee07d31d09e64ac2c1b90cc3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://medicarecoverageplans.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Wed, 07 Dec 2022 08:17:05 GMT
Last-Modified
Wed, 24 Aug 2022 11:02:53 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
767
phone.png
www.medicarecoverageplans.co/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.medicarecoverageplans.co/images/phone.png
Requested by
Host: www.medicarecoverageplans.co
URL: https://www.medicarecoverageplans.co/css/common.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.180.94.208 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
208.94.180.107.host.secureserver.net
Software
Apache /
Resource Hash
e8a46cdc2c5e742a375a1be5886f7fe41135569dd7321fa3290d0cb95c753f4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.medicarecoverageplans.co/css/common.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Wed, 07 Dec 2022 08:17:05 GMT
Last-Modified
Wed, 07 Dec 2022 03:52:45 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
1477
hero.jpg
www.medicarecoverageplans.co/images/ 		113 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.medicarecoverageplans.co/images/hero.jpg
Requested by
Host: www.medicarecoverageplans.co
URL: https://www.medicarecoverageplans.co/css/common.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.180.94.208 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
208.94.180.107.host.secureserver.net
Software
Apache /
Resource Hash
908b91ea7a2c05cdc3a2574897c8bfb6516f3fa05869a07509a56a6c6fb3cfec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.medicarecoverageplans.co/css/common.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Wed, 07 Dec 2022 08:17:05 GMT
Last-Modified
Wed, 07 Dec 2022 03:52:44 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
115498
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10900559656/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10900559656/?random=1670401026366&cv=11&fst=1670401026366&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmedicarecoverageplans.co%2F&tiba=Home%20Refinance%20%26%20New%20Home%20Loan%20-%20Home%20Mortgage%20Pros&auid=610121990.1670401026&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10900559656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
af939371de5ff9ca6392861cdbdfccb10e491b780b1f32d5bf282710c6be01c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://medicarecoverageplans.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 08:17:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
904
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
loader.js
www.gstatic.com/wcm/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/wcm/loader.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10900559656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://medicarecoverageplans.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 08:01:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
915
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
last-modified
Mon, 15 Mar 2021 16:45:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 07 Dec 2022 09:01:51 GMT
call-tracking_7.js
www.gstatic.com/call-tracking/ 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/call-tracking/call-tracking_7.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://medicarecoverageplans.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 08:58:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
429515
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-telephony
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21020
x-xss-protection
0
last-modified
Wed, 03 Feb 2021 22:45:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-telephony"
vary
Accept-Encoding
report-to
{"group":"ads-telephony","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-telephony"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Dec 2023 08:58:31 GMT
5a903a1b-8d66-9a0c-55b7-f7aeb565701b.js
create.lidstatic.com/campaign/ 		121 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://create.lidstatic.com/campaign/5a903a1b-8d66-9a0c-55b7-f7aeb565701b.js?snippet_version=2
Requested by
Host: medicarecoverageplans.co
URL: http://medicarecoverageplans.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:29e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecabb200af45a539c8e67d027178ad84dc9cef40c47babfbed5a687af2b77057

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://medicarecoverageplans.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 08:17:07 GMT
x-amz-version-id
gMlDV9koM_Za6YBJmbdxveuPP1yoh08t
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 11 May 2022 19:47:24 GMT
server
cloudflare
x-amz-request-id
8YBRBCFJPCCSSMMV
etag
W/"2ba84e3669c6fce13756d4e906e1f748"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=1800
x-amz-replication-status
COMPLETED
cf-ray
775bd2b079d7bb74-FRA
x-amz-id-2
ql8WQsO0573RBbHQAprU8GC2X6+eBF2fAnHvW++iUeVlMh4WiiRVj3LFfvgWwe1dpoTZju4Hc5Q=
/
www.google.com/pagead/1p-user-list/10900559656/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/10900559656/?random=1670401026366&cv=11&fst=1670400000000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=http%3A%2F%2Fmedicarecoverageplans.co%2F&tiba=Home%20Refinance%20%26%20New%20Home%20Loan%20-%20Home%20Mortgage%20Pros&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=711041468&rmt_tld=0&ipr=y
Requested by
Host: medicarecoverageplans.co
URL: http://medicarecoverageplans.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://medicarecoverageplans.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 08:17:06 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/10900559656/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/10900559656/?random=1670401026366&cv=11&fst=1670400000000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=http%3A%2F%2Fmedicarecoverageplans.co%2F&tiba=Home%20Refinance%20%26%20New%20Home%20Loan%20-%20Home%20Mortgage%20Pros&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=711041468&rmt_tld=1&ipr=y
Requested by
Host: medicarecoverageplans.co
URL: http://medicarecoverageplans.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://medicarecoverageplans.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 08:17:06 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
wcm
www.google.de/pagead/attribution/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/10900559656/wcm?cc=ZZ&dn=18882158221&cl=6zajCOqxnbwDEKiu5c0o&ct_eid=2
  • https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=18882158221&cl=6zajCOqxnbwDEKiu5c0o
80 B
111 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=18882158221&cl=6zajCOqxnbwDEKiu5c0o
Requested by
Host: medicarecoverageplans.co
URL: http://medicarecoverageplans.co/
Protocol
H3
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://medicarecoverageplans.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 08:17:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
null
content-type
application/json; charset=UTF-8
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87
x-xss-protection
0

Redirect headers

date
Wed, 07 Dec 2022 08:17:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=18882158221&cl=6zajCOqxnbwDEKiu5c0o
access-control-allow-origin
http://medicarecoverageplans.co
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
GenerateToken
create.leadid.com/2.11.11/ 		36 B
660 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.11/GenerateToken?msn=1&pid=b4864df5-c54c-4c44-a226-43a0e59cf896&_=826263131
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/5a903a1b-8d66-9a0c-55b7-f7aeb565701b.js?snippet_version=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.11.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-11-63.compute-1.amazonaws.com
Software
nginx /
Resource Hash
c5165f735caea71e2975cec133afd280109dc8d55948016e541aa06ce25c2a40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
http://medicarecoverageplans.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 07 Dec 2022 08:17:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame 9B0F 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=D1DA40F9-43A1-E590-F17B-F4D8F5D6518A&apiurl=http%3A%2F%2Fcreate.leadid.com%2F2.11.11&lck=5A903A1B-8D66-9A0C-55B7-F7AEB565701B&lac=FAD4152D-F05B-8229-4543-50675B2BBCDE
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/5a903a1b-8d66-9a0c-55b7-f7aeb565701b.js?snippet_version=2
Protocol
HTTP/1.1
Server
52.222.137.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-137-109.ams50.r.cloudfront.net
Software
nginx /
Resource Hash
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
http://medicarecoverageplans.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
46328
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Tue, 06 Dec 2022 19:24:59 GMT
ETag
W/"63875a4b-dbb"
Last-Modified
Wed, 30 Nov 2022 13:27:39 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Via
1.1 618e94643d6094e9ff9adbaaa8ed3aee.cloudfront.net (CloudFront)
X-Amz-Cf-Id
o2VWdT47WOLxGcdsmQnCiCckUsmaU8G0bVapGJiv_MaV8BsmWYlPrg==
X-Amz-Cf-Pop
AMS50-C1
X-Cache
Hit from cloudfront
SaveDom
create.leadid.com/2.11.11/ 		0
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.11/SaveDom?msn=2&pid=b4864df5-c54c-4c44-a226-43a0e59cf896&token=D1DA40F9-43A1-E590-F17B-F4D8F5D6518A&_=826263132
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/5a903a1b-8d66-9a0c-55b7-f7aeb565701b.js?snippet_version=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.11.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-11-63.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
http://medicarecoverageplans.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 07 Dec 2022 08:17:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
InitFormData
create.leadid.com/2.11.11/ 		0
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.11/InitFormData?msn=3&pid=b4864df5-c54c-4c44-a226-43a0e59cf896&token=D1DA40F9-43A1-E590-F17B-F4D8F5D6518A&_=826263133
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/5a903a1b-8d66-9a0c-55b7-f7aeb565701b.js?snippet_version=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.11.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-11-63.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
http://medicarecoverageplans.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 07 Dec 2022 08:17:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
iframe.html
deviceid.trueleadid.com/ Frame 1E14 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://deviceid.trueleadid.com/iframe.html?token=D1DA40F9-43A1-E590-F17B-F4D8F5D6518A&apiurl=http%3A%2F%2Fcreate.leadid.com%2F2.11.11&lck=5A903A1B-8D66-9A0C-55B7-F7AEB565701B&lac=FAD4152D-F05B-8229-4543-50675B2BBCDE
Requested by
Host: d2m2wsoho8qq12.cloudfront.net
URL: http://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=D1DA40F9-43A1-E590-F17B-F4D8F5D6518A&apiurl=http%3A%2F%2Fcreate.leadid.com%2F2.11.11&lck=5A903A1B-8D66-9A0C-55B7-F7AEB565701B&lac=FAD4152D-F05B-8229-4543-50675B2BBCDE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.93.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-93-38.compute-1.amazonaws.com
Software
nginx /
Resource Hash
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a

Request headers

Referer
http://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=86400 public
content-encoding
gzip
content-type
text/html
date
Wed, 07 Dec 2022 08:17:08 GMT
etag
W/"632c7ff9-1049"
expires
Thu, 08 Dec 2022 08:17:08 GMT
last-modified
Thu, 22 Sep 2022 15:32:09 GMT
p3p
CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
server
nginx
Snap
create.leadid.com/2.11.11/ 		0
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.11/Snap?msn=4&pid=b4864df5-c54c-4c44-a226-43a0e59cf896&token=D1DA40F9-43A1-E590-F17B-F4D8F5D6518A&_=826263134
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/5a903a1b-8d66-9a0c-55b7-f7aeb565701b.js?snippet_version=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.11.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-11-63.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
http://medicarecoverageplans.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 07 Dec 2022 08:17:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
SaveDeviceId.js
create.leadid.com/2.11.11/ Frame 1E14 		0
627 B 		Script
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.11/SaveDeviceId.js?lac=FAD4152D-F05B-8229-4543-50675B2BBCDE&lck=5A903A1B-8D66-9A0C-55B7-F7AEB565701B&methods=48&token=D1DA40F9-43A1-E590-F17B-F4D8F5D6518A&uuid=a5cd9d01d9c847fab82faf7450f2c931
Requested by
Host: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=D1DA40F9-43A1-E590-F17B-F4D8F5D6518A&apiurl=http%3A%2F%2Fcreate.leadid.com%2F2.11.11&lck=5A903A1B-8D66-9A0C-55B7-F7AEB565701B&lac=FAD4152D-F05B-8229-4543-50675B2BBCDE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.11.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-11-63.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deviceid.trueleadid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 08:17:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange function| $ function| jQuery function| gtag object| dataLayer object| google_tag_manager object| google_tag_data object| GooglebQhCsO function| _googWcmImpl string| _googWcmAk function| _googWccDebug function| _googCallTrackingImpl function| _gaPhoneImpl string| google_wcc_status object| LeadiDconfig object| LeadiD string| label string| id boolean| sensitiveData object| defaultStyleFrame

5 Cookies

Domain/Path Name / Value
medicarecoverageplans.co/ Name: PHPSESSID
Value: a0e7fd58526939bc1f5e7ce148b08d5d
.medicarecoverageplans.co/ Name: _gcl_au
Value: 1.1.610121990.1670401026
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
medicarecoverageplans.co/ Name: leadid_token-FAD4152D-F05B-8229-4543-50675B2BBCDE-5A903A1B-8D66-9A0C-55B7-F7AEB565701B
Value: D1DA40F9-43A1-E590-F17B-F4D8F5D6518A
.deviceid.trueleadid.com/ Name: uuid
Value: a5cd9d01d9c847fab82faf7450f2c931

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
deviceid.trueleadid.com
googleads.g.doubleclick.net
medicarecoverageplans.co
www.enginefish.info
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.medicarecoverageplans.co
107.180.94.208
142.250.185.226
2606:4700:10::ac43:29e5
2a00:1450:4001:803::2003
2a00:1450:4001:809::2004
2a00:1450:4001:809::2008
2a00:1450:4001:810::2003
2a00:1450:4001:828::2002
52.222.137.109
52.86.93.38
54.156.11.63
08823b626b4ab8051ed0abb5f2873dc9ed90069707f272874e7d3cde50c52ec3
255e0e50bd04dd8e2d56e341f53dd5687bc194f08b3c96159d5c216062999366
376303605e09437a9a368eb1bd18be2145ef61e1ee07d31d09e64ac2c1b90cc3
461d986ad30ea38a0b8680f358a5ea67bf27a10c0e4cffc23080043326342778
4815d3e0511bedf959d937e2185fbc9d225a803b13807a10af3287645fac8c48
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a
659bf889c2a4c36b3e518487555068bd92607da5d3bc525369858ca16097fb58
787bb8431c6bbbeb1f60b7e8aa14bf0065da5dd008a5b21e35585bf189908989
7cefb7d923aca59fcd76d13db002e0eb4da272baa09967f5af295f2def672501
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
908b91ea7a2c05cdc3a2574897c8bfb6516f3fa05869a07509a56a6c6fb3cfec
9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4
af939371de5ff9ca6392861cdbdfccb10e491b780b1f32d5bf282710c6be01c0
ba3d12b9cc3eb73fc563bc7460e29d71a8cffda89f755d6326a4fe689d80669d
c5165f735caea71e2975cec133afd280109dc8d55948016e541aa06ce25c2a40
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
e325b12564be90553675b93c8340a789b82c74a6a0758a0443cbab7fdf21c2a4
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8a46cdc2c5e742a375a1be5886f7fe41135569dd7321fa3290d0cb95c753f4b
e9f0776581e49e73406d11bbb25649d1ae238e3ce5adfca2b895ff7c97b1b7fd
ecabb200af45a539c8e67d027178ad84dc9cef40c47babfbed5a687af2b77057
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3dc49bc2a6c678d4e8c4b283d6a46c1b0be6aac2ab842f18a302d72cbadcfc2
ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df