medicaidrecoveries.com Open in urlscan Pro
34.74.92.138 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://medicaidrecoveries.com/wp-admin/knol/santanew/
Effective URL:
https://medicaidrecoveries.com/
Submission: On December 06 via api (December 6th 2023, 8:12:35 pm UTC) from US — Scanned from DE

Summary HTTP 76 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 21 IPs in 3 countries across 14 domains to perform 76 HTTP transactions. The main IP is 34.74.92.138, located in North Charleston, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is medicaidrecoveries.com.
TLS certificate: Issued by R3 on October 26th 2023. Valid for: 3 months.

This is the only time medicaidrecoveries.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 14	34.74.92.138 34.74.92.138	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2400:52e0:1e0... 2400:52e0:1e00::1082:1	200325 (BUNNYCDN) (BUNNYCDN)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:e2:... 2606:4700:e2::ac40:8c0d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	2a02:6ea0:c70... 2a02:6ea0:c700::19	60068 (CDN77 ^_^) (CDN77 ^_^)
2	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
3	52.182.214.99 52.182.214.99	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2600:1f14:5db... 2600:1f14:5db:eb22:ae0c:d388:3803:603b	16509 (AMAZON-02) (AMAZON-02)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
76	21

14 34.74.92.138 (North Charleston, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 138.92.74.34.bc.googleusercontent.com

medicaidrecoveries.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2400:52e0:1e00::1082:1 (Germany)

ASN200325 (BUNNYCDN, SI)

hb.wpmucdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e2::ac40:8c0d (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6ea0:c700::19 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

e889335f42dcf842a99fe5586e4b65fa.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.182.214.99 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

g.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f14:5db:eb22:ae0c:d388:3803:603b (Boardman, United States)

ASN16509 (AMAZON-02, US)

api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	medicaidrecoveries.com 1 redirects medicaidrecoveries.com	2 MB
13	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 357	231 KB
11	googlesyndication.com e889335f42dcf842a99fe5586e4b65fa.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 148 pagead2.googlesyndication.com — Cisco Umbrella Rank: 102	53 KB
8	gstatic.com fonts.gstatic.com maps.gstatic.com	240 KB
7	userway.org cdn.userway.org — Cisco Umbrella Rank: 4271 api.userway.org — Cisco Umbrella Rank: 4071	58 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 796 g.clarity.ms — Cisco Umbrella Rank: 49609 c.clarity.ms — Cisco Umbrella Rank: 1377	28 KB
6	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196	190 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2189	21 KB
3	wpmucdn.com hb.wpmucdn.com — Cisco Umbrella Rank: 46217	46 KB
2	google.com www.google.com — Cisco Umbrella Rank: 2	3 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	146 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 228	761 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	64 KB
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 971	247 KB
76	14

	Domain	Requested by
14	medicaidrecoveries.com	1 redirects medicaidrecoveries.com hb.wpmucdn.com
13	maps.googleapis.com	www.google.com maps.googleapis.com medicaidrecoveries.com
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
6	fonts.gstatic.com	medicaidrecoveries.com
6	cdn.userway.org	medicaidrecoveries.com cdn.userway.org
6	securepubads.g.doubleclick.net	medicaidrecoveries.com securepubads.g.doubleclick.net www.googletagservices.com
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	g.clarity.ms	www.clarity.ms
3	hb.wpmucdn.com	medicaidrecoveries.com
2	c.clarity.ms	1 redirects
2	maps.gstatic.com	www.google.com medicaidrecoveries.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.google.com	medicaidrecoveries.com tpc.googlesyndication.com
2	www.clarity.ms	medicaidrecoveries.com www.clarity.ms
2	www.googletagmanager.com	medicaidrecoveries.com www.googletagmanager.com
1	c.bing.com	1 redirects
1	api.userway.org	cdn.userway.org
1	www.googletagservices.com	securepubads.g.doubleclick.net
1	e889335f42dcf842a99fe5586e4b65fa.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	region1.google-analytics.com	www.googletagmanager.com
1	use.fontawesome.com	medicaidrecoveries.com
76	21

This site contains links to these domains. Also see Links.

Domain
goo.gl
www.bbb.org
www.facebook.com
realreviewtube.com

Subject Issuer	Validity	Valid
medicaidrecoveries.com R3	`2023-10-26` - `2024-01-24`	3 months	crt.sh
*.wpmucdn.com RapidSSL TLS RSA CA G1	`2023-03-24` - `2024-03-23`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-08-29` - `2024-08-29`	a year	crt.sh
1667503734.rsc.cdn77.org R3	`2023-10-10` - `2024-01-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
api.userway.org Amazon RSA 2048 M03	`2023-09-02` - `2024-09-30`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://medicaidrecoveries.com/
Frame ID: C9BD581C1926BEE261DA90ED43A6F9F2
Requests: 49 HTTP requests in this frame

Frame: https://www.google.com/maps/embed?pb=!1m14!1m8!1m3!1d11638.229500823323!2d-77.5501049!3d43.1768144!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0xafa0c1b25ec8d3e!2sMedicaid%20Recoveries%2C%20Inc.!5e0!3m2!1sen!2s!4v1637916569350!5m2!1sen!2s
Frame ID: 7CDCD686307DC50AA91E8FFABEA6FE51
Requests: 16 HTTP requests in this frame

Frame: https://e889335f42dcf842a99fe5586e4b65fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E73E9DE4F4156DF8A3B40258F8D2BC17
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssgPC-6AO_tiP3EDRib8PNxbQMFpHk5XVKD1RXxl3PV1PMwceZJyc0UU7AgHF9apU5SXuKxvfhlCZ1-x6sDXsq6ilrX1l4Qqfr8ICcEM_6O66o1ovCN74SoNGRnsjJ2O3z9SGkV7yEQPMo4Z8DZ-gHNhvUyQhXeJ9kiNxpASScEs92DxMCsIa-N4pT8ri1aJ9UqKidi08Q5XsQEzvMLcAhiFm0iC4JMu_47i7CoAl0ij63dZyBO_-Q1dK4dCLfpP1lFSlj7ihkcUu2VNbQI2U2OpF4Wsd66ORj_GXbJ36k95YcIO3n5SnQfW37y1-9xE42MTKKoh4T4Sgml69TyL_kuAH-pOxc&sai=AMfl-YQtvy5oEnZIFthvZRPxagbBdZY8OKCYXxJv33P3V2VObsSek_6y1-2T56We65Za5Y6rbXLgByw3cary4rMlr-JthB0fRIIUUQAQrzySHg_7cCXCld_CHHiJtvWyCbAUS9Gn1lY1GHxnFwa89Qc3Hv_o7kYJ_Q2c1RHDwQ&sig=Cg0ArKJSzIBn6MCEFgGEEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 18329D1BCEFF54E120DE9D052C827680
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B2D24CF29DF4422D4CC49845DED7F62E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A8822A4AE09C50FD265AD21C861678FD
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Medicaid Assistance in Rochester, NY | Medicaid Recoveries, Inc.

Page URL History Show full URLs

https://medicaidrecoveries.com/wp-admin/knol/santanew/ HTTP 301
https://medicaidrecoveries.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

UserWay (Accessibility) Expand

Overall confidence: 100%
Detected patterns

cdn\.userway\.org/widget.*\.js

Page Statistics

76
Requests

99 %
HTTPS

86 %
IPv6

14
Domains

21
Subdomains

21
IPs

3
Countries

3038 kB
Transfer

5748 kB
Size

17
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://goo.gl/maps/Pk4qcGV2qXteTYXs5
Title: Get Directions

Search URL Search Domain Scan URL

URL: https://www.bbb.org/us/ny/rochester/profile/medical-service-organization/medicaid-recoveries-inc-0041-235973296?utm_campaign=bbb_seal&utm_content=Medicaid%20Recoveries%2C%20Inc.&utm_medium=website&utm_source=seal_click_235973296
Title: <img decoding="async" alt="Click for the Business Profile for Medicaid Recoveries, Inc." src="https://www.bbb.org/TerminusContent/dist/img/dynamic-seal/ab-seal-horizontal-blue.svg" width="192px" />BBB RATING: A+

Search URL Search Domain Scan URL

URL: https://www.facebook.com/MedicaidRecoveries/
Title: 

Search URL Search Domain Scan URL

URL: https://realreviewtube.com/
Title: ReviewTube

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://medicaidrecoveries.com/wp-admin/knol/santanew/ HTTP 301
https://medicaidrecoveries.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=413C31AEB6FF4140833B781E82E5303D&RedC=c.clarity.ms&MXFR=3A4358FB5ED962D419AA4B245AD96C99 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=413C31AEB6FF4140833B781E82E5303D&MUID=03A582FFC5EA697E05BA9120C44668FA

76 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
medicaidrecoveries.com/
Redirect Chain

https://medicaidrecoveries.com/wp-admin/knol/santanew/
https://medicaidrecoveries.com/

172 KB
29 KB

328ms
328ms

Document
text/html

34.74.92.138
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://medicaidrecoveries.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.74.92.138 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

138.92.74.34.bc.googleusercontent.com

Software

nginx / WP Engine

Resource Hash

9e224b8e9e6f24dd961a0383fbbd16ad55617fe23cb92f9c2516394e8e0afeb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=600, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 06 Dec 2023 20:12:28 GMT
link: <https://medicaidrecoveries.com/wp-json/>; rel="https://api.w.org/" <https://medicaidrecoveries.com/wp-json/wp/v2/pages/7>; rel="alternate"; type="application/json" <https://medicaidrecoveries.com/>; rel=shortlink
permissions-policy: accelerometer=(self), autoplay=(self), camera=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), payment=(self), usb=(self)
referrer-policy: origin-when-cross-origin
server: nginx
strict-transport-security: max-age=2592000
vary: Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 7
x-cache-group: normal
x-cacheable: SHORT
x-content-type-options: nosniff
x-frame-options: sameorigin
x-powered-by: WP Engine
x-xss-protection: 1

Redirect headers

cache-control: max-age=0, must-revalidate, private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 06 Dec 2023 20:12:28 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
link: <https://medicaidrecoveries.com/wp-json/>; rel="https://api.w.org/"
location: https://medicaidrecoveries.com
permissions-policy: accelerometer=(self), autoplay=(self), camera=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), payment=(self), usb=(self)
referrer-policy: origin-when-cross-origin
server: nginx
strict-transport-security: max-age=2592000
x-cache: MISS
x-cacheable: NO:Passed
x-content-type-options: nosniff
x-frame-options: sameorigin
x-pass-why: wp-admin
x-powered-by: WP Engine
x-xss-protection: 1

GET
H2 200 4e50a8c1-6ea9-4501-820f-1375842fb370.css
hb.wpmucdn.com/medicaidrecoveries.com/ 20 KB
4 KB 122ms
61ms Stylesheet
text/css 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/medicaidrecoveries.com/4e50a8c1-6ea9-4501-820f-1375842fb370.css
Requested by: Host: medicaidrecoveries.com
URL: https://medicaidrecoveries.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 579cdf7fd01f54d123624df77f301a7338ed91521a0f15cccb1aa4dd39eb23ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicaidrecoveries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:12:28 GMT
content-encoding: br
cdn-edgestorageid: 1081
x-amz-server-side-encryption: AES256
cdn-cachedat: 12/01/2023 17:44:45
cdn-pullzone: 1101156
last-modified: Thu, 23 Nov 2023 14:29:09 GMT
server: BunnyCDN-DE1-1082
x-amz-meta-hb-minify: minify=0.2%, origSize=20810
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"e977685d6057f347ca380bb6bfaf6349"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 55f4aa5ca4997e96e0dfe3602b6b7a85
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 187 KB
68 KB 113ms
50ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-202349636-34

Requested by

Host: medicaidrecoveries.com
URL: https://medicaidrecoveries.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eeec29f3e373993708de04f183c9e7d351457518d9bafb139b44ea6a7847fae6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicaidrecoveries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:12:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69122
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 06 Dec 2023 20:12:28 GMT

GET
H2 200 all.js Show response
use.fontawesome.com/releases/v5.0.9/js/ 682 KB
247 KB 414ms
337ms Script
application/javascript 2606:4700:e2::ac40:8c0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.0.9/js/all.js
Requested by: Host: medicaidrecoveries.com
URL: https://medicaidrecoveries.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2fec0e2942f49dd3cad4650431d550d761f11dded17834d4835768c2ca730c0

Request headers

Referer: https://medicaidrecoveries.com/
Origin: https://medicaidrecoveries.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:12:29 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 22 Sep 2023 01:44:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"bffc6023835e717c0348c41583e56eba"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gtfCbyKTInxa8OMQiozCwD8P0UGFi%2F9r%2B4il3Xe9G6oEsLJiy2T9BDfon6InPKa%2FfRFCapkZ2z3Cbez7IRoRw5jOahF%2BushhPhMv1G7ATRZGCAIb3Lg%2BGEhO9TEO0KkFD0alngbRxWa4AzR4iPoQ3un%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 83172f18eb223c80-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 404 modules.ttf
medicaidrecoveries.com/wp-content/themes/Divi/core/admin/fonts/ 0
0 178ms
177ms Font
text/html 34.74.92.138
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://medicaidrecoveries.com/wp-content/themes/Divi/core/admin/fonts/modules.ttf
Requested by: Host: medicaidrecoveries.com
URL: https://medicaidrecoveries.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.92.138 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 138.92.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash

Request headers

Referer: https://medicaidrecoveries.com/
Origin: https://medicaidrecoveries.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:12:28 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/html

GET
H2 200 dashicons.ttf
medicaidrecoveries.com/wp-includes/fonts/ 55 KB
55 KB 178ms
177ms Font
application/octet-stream 34.74.92.138
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://medicaidrecoveries.com/wp-includes/fonts/dashicons.ttf
Requested by: Host: medicaidrecoveries.com
URL: https://medicaidrecoveries.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.92.138 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 138.92.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: cacd900a2587c234c53e9d0108fc51ff6c61420c4f89a1731014b673a7b9a1a8

Request headers

Referer: https://medicaidrecoveries.com/
Origin: https://medicaidrecoveries.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:12:28 GMT
last-modified: Fri, 17 Jul 2020 17:11:03 GMT
server: nginx
etag: "5f11dba7-dc48"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 56392

GET
H2 200 et-core-unified-deferred-7.min.css
medicaidrecoveries.com/wp-content/et-cache/7/ 7 KB
2 KB 177ms
176ms Stylesheet
text/css 34.74.92.138
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://medicaidrecoveries.com/wp-content/et-cache/7/et-core-unified-deferred-7.min.css?ver=1700429696
Requested by: Host: medicaidrecoveries.com
URL: https://medicaidrecoveries.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.92.138 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 138.92.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: a4bc7cfcaaab86555b41bc375407c8819a3f535a1b15c04c62810a5032f5a9d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicaidrecoveries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:12:28 GMT
content-encoding: br
last-modified: Sun, 19 Nov 2023 21:34:56 GMT
server: nginx
etag: W/"655a7f80-1aa6"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 91 KB
30 KB 142ms
92ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: medicaidrecoveries.com
URL: https://medicaidrecoveries.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92cd55d71c091eb31ee4be8904f3cd4a4812fff77c48c264af788ed05e585913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicaidrecoveries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:12:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29906
x-xss-protection: 0
server: cafe
etag: 874 / 19697 / m202311290101 / config-hash: 16835354973066905572
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 20:12:28 GMT

GET
H2 200 ad2e6e10-8083-4c71-ae63-46d76da38702.js Show response
hb.wpmucdn.com/medicaidrecoveries.com/ 99 KB
37 KB 106ms
47ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/medicaidrecoveries.com/ad2e6e10-8083-4c71-ae63-46d76da38702.js
Requested by: Host: medicaidrecoveries.com
URL: https://medicaidrecoveries.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 5674b0a11a287377a390c9a6c3c2946b3304596cb4fd10a63f5203a3a85f8a31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicaidrecoveries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:12:28 GMT
content-encoding: br
cdn-edgestorageid: 1082
x-amz-server-side-encryption: AES256
cdn-cachedat: 11/29/2023 10:49:15
cdn-pullzone: 1101156
last-modified: Thu, 23 Nov 2023 14:29:10 GMT
server: BunnyCDN-DE1-1082
x-amz-meta-hb-minify: minify=0.0%, origSize=87482
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"fee2da4e3c44c2def2dacf9baf84d91a"
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
cache-control: public, max-age=31919000
cdn-requestid: a5d24b0e52669f6d187a259cf9620407
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 scripts.min.js Show response
medicaidrecoveries.com/wp-content/themes/Divi/js/ 268 KB
60 KB 178ms
178ms Script
application/javascript 34.74.92.138
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://medicaidrecoveries.com/wp-content/themes/Divi/js/scripts.min.js
Requested by: Host: medicaidrecoveries.com
URL: https://medicaidrecoveries.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.92.138 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 138.92.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 52394793edc8f40dce3af97329fc58f3359cd15343e3a223dfdbe126f688d9d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicaidrecoveries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:12:28 GMT
content-encoding: br
last-modified: Tue, 22 Aug 2023 18:04:08 GMT
server: nginx
etag: W/"64e4f898-42f83"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 64d53a5b-8dd9-4e3e-b807-25901c1d0d38.js Show response
hb.wpmucdn.com/medicaidrecoveries.com/ 10 KB
5 KB 120ms
60ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/medicaidrecoveries.com/64d53a5b-8dd9-4e3e-b807-25901c1d0d38.js
Requested by: Host: medicaidrecoveries.com
URL: https://medicaidrecoveries.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 3209a76d8cf3dcca3c6d139ea50890d9e38f1c8a2d04651d038225d7939279c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicaidrecoveries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:12:28 GMT
content-encoding: br
cdn-edgestorageid: 1082
x-amz-server-side-encryption: AES256
cdn-cachedat: 12/01/2023 17:44:45
cdn-pullzone: 1101156
last-modified: Thu, 23 Nov 2023 14:29:11 GMT
server: BunnyCDN-DE1-1082
x-amz-meta-hb-minify: minify=47.1%, origSize=3349
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"7fb8e2ad1a77c36bfe8378104b5a0881"
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
cache-control: public, max-age=31919000
cdn-requestid: 18331d9b5c97a382426edf6a9fb1528e
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 2f510c7becf7cf83bf5c8365fc7180a3.js Show response
medicaidrecoveries.com/wp-content/uploads/hummingbird-assets/ 152 KB
37 KB 178ms
178ms Script
application/javascript 34.74.92.138
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://medicaidrecoveries.com/wp-content/uploads/hummingbird-assets/2f510c7becf7cf83bf5c8365fc7180a3.js
Requested by: Host: medicaidrecoveries.com
URL: https://medicaidrecoveries.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.92.138 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 138.92.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 66da0701afaff7bd213e9fd294349fa60647b472bf617959f39a23b8778edf15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicaidrecoveries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:12:28 GMT
content-encoding: br
last-modified: Thu, 23 Nov 2023 14:29:15 GMT
server: nginx
etag: W/"655f61bb-26149"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 9hlxczqpl5 Show response
www.clarity.ms/tag/ 650 B
1012 B 205ms
131ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/9hlxczqpl5
Requested by: Host: medicaidrecoveries.com
URL: https://medicaidrecoveries.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 59dec8b74f4cd85c1692c3bd163a46c4cc8a59b29c3eb029b4e31f2e2f12d790

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicaidrecoveries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: -1
date: Wed, 06 Dec 2023 20:12:29 GMT
x-azure-ref: 20231206T201228Z-bse5zgsg0d5q1a4yzcxx1f8evn00000000tg00000000c4hz
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 650
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicaidrecoveries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 widget.js Show response
cdn.userway.org/ 2 KB
2 KB 77ms
23ms Script
application/javascript 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widget.js
Requested by: Host: medicaidrecoveries.com
URL: https://medicaidrecoveries.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5bed63ec592510d76c9b20e97112e86d3183a3b8ddb0af839030058a38239073

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicaidrecoveries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 06 Dec 2023 20:12:28 GMT
via: 1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 3458
x-amz-cf-pop: FRA60-P3
age: 539
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1701890090
x-77-nzt: EgwBw7WqEQH3gg0AAAwB1GY4CQH3EgAAAA
x-accel-expires: @1701893690
x-77-age: 3476
x-cache-lb: HIT
last-modified: Tue, 05 Dec 2023 12:01:29 GMT
server: CDN77-Turbo
etag: W/"bb8789f78d5b1a21e1049f020661984a"
x-77-nzt-ray: 4c1562244cf52b96acd5706579709636
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=3600, public
content-type: application/javascript
x-amz-cf-id: ckwNcnuDzBjo-My9J64Rzj4Zxuqy2-UBLKy7SqfwzgccyvLOwXPDEA==

GET
H2 200 embed Show response
www.google.com/maps/ Frame 7CDC 3 KB
2 KB 283ms
230ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/maps/embed?pb=!1m14!1m8!1m3!1d11638.229500823323!2d-77.5501049!3d43.1768144!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0xafa0c1b25ec8d3e!2sMedicaid%20Recoveries%2C%20Inc.!5e0!3m2!1sen!2s!4v1637916569350!5m2!1sen!2s

Requested by

Host: medicaidrecoveries.com
URL: https://medicaidrecoveries.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

1383b7f0a32063310792ef54c469f359f6257a8b331c0cf5f4017dc84d37d7dd

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-fBu-Uwuky6N-D0afHOPwSw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://medicaidrecoveries.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1358
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-fBu-Uwuky6N-D0afHOPwSw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-type: text/html; charset=UTF-8
date: Wed, 06 Dec 2023 20:12:29 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: scaffolding on HTTPServer2
vary: Origin X-Origin Referer
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 92zPtBhPNqw79Ij1E865zBUv7myjJQVD.woff2
fonts.gstatic.com/s/jost/v15/ 17 KB
17 KB 131ms
81ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/jost/v15/92zPtBhPNqw79Ij1E865zBUv7myjJQVD.woff2

Requested by

Host: medicaidrecoveries.com
URL: https://medicaidrecoveries.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1f5c178c16f6414ca3c2abc79e7ef2b6a83ca3b487b4bcf56590fbf98be6c3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://medicaidrecoveries.com/
Origin: https://medicaidrecoveries.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 09:01:09 GMT
x-content-type-options: nosniff
age: 126679
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17352
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:32:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Dec 2024 09:01:09 GMT

GET
H2 200 shutterstock_472725133-min.jpg
medicaidrecoveries.com/wp-content/uploads/2021/11/ 1 MB
1 MB 186ms
185ms Image
image/jpeg 34.74.92.138
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://medicaidrecoveries.com/wp-content/uploads/2021/11/shutterstock_472725133-min.jpg
Requested by: Host: medicaidrecoveries.com
URL: https://medicaidrecoveries.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.92.138 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 138.92.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 19aad8f98dd3d421fd4ba696a4d8499db063d931341e40d377e26298df758dac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicaidrecoveries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:12:28 GMT
last-modified: Fri, 26 Nov 2021 07:48:08 GMT
server: nginx
etag: "61a09138-106890"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1075344

GET
H2 200 dot-grid.jpg
medicaidrecoveries.com/wp-content/uploads/2021/11/ 25 KB
26 KB 186ms
185ms Image
image/jpeg 34.74.92.138
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://medicaidrecoveries.com/wp-content/uploads/2021/11/dot-grid.jpg
Requested by: Host: medicaidrecoveries.com
URL: https://medicaidrecoveries.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.92.138 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 138.92.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: b25a732806eccc32e7588ec3675e810b7350c5961275c65bf9db2f351c1cc899

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicaidrecoveries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:12:28 GMT
last-modified: Fri, 26 Nov 2021 08:03:38 GMT
server: nginx
etag: "61a094da-6589"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 25993

GET
H2 200 pxiByp8kv8JHgFVrLEj6V14.woff2
fonts.gstatic.com/s/poppins/v20/ 49 KB
49 KB 79ms
31ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6V14.woff2

Requested by

Host: medicaidrecoveries.com
URL: https://medicaidrecoveries.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65221c19d1e390c4990c0f52f22fe4922b60b991abaa7a80dad8b2573be1bdab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://medicaidrecoveries.com/
Origin: https://medicaidrecoveries.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 03:22:47 GMT
x-content-type-options: nosniff
age: 146981
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49688
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:56:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Dec 2024 03:22:47 GMT

GET
H2 200 92zPtBhPNqw79Ij1E865zBUv7mx9IgVD.woff2
fonts.gstatic.com/s/jost/v15/ 19 KB
19 KB 105ms
57ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/jost/v15/92zPtBhPNqw79Ij1E865zBUv7mx9IgVD.woff2

Requested by

Host: medicaidrecoveries.com
URL: https://medicaidrecoveries.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31092d5e88f9cad80ef810cbb6c4411768b2a8cdf3186b10600c15591be2e7d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://medicaidrecoveries.com/
Origin: https://medicaidrecoveries.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:08:21 GMT
x-content-type-options: nosniff
age: 522247
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19376
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:42:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 19:08:21 GMT

GET
H2 200 modules.woff
medicaidrecoveries.com/wp-content/themes/Divi/core/admin/fonts/modules/all/ 90 KB
91 KB 184ms
184ms Font
font/woff 34.74.92.138
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://medicaidrecoveries.com/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.woff
Requested by: Host: medicaidrecoveries.com
URL: https://medicaidrecoveries.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.92.138 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 138.92.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 88795f28bb66a45f9c32245dd21d6319ed5d26a45bf5afa31d91a0f83ee855f7

Request headers

Referer: https://medicaidrecoveries.com/
Origin: https://medicaidrecoveries.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:12:28 GMT
last-modified: Tue, 22 Aug 2023 18:04:08 GMT
server: nginx
etag: "64e4f898-1693c"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 92476

GET
H2 200 92zPtBhPNqw79Ij1E865zBUv7mxEIgVD.woff2
fonts.gstatic.com/s/jost/v15/ 19 KB
20 KB 71ms
24ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/jost/v15/92zPtBhPNqw79Ij1E865zBUv7mxEIgVD.woff2

Requested by

Host: medicaidrecoveries.com
URL: https://medicaidrecoveries.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c349c827da0edefcdf5de53d1eee0f392d7dc0da17ea74304967c529c7d45b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://medicaidrecoveries.com/
Origin: https://medicaidrecoveries.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 14:05:19 GMT
x-content-type-options: nosniff
age: 540429
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19436
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:36:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 14:05:19 GMT

GET
H2 200 92zPtBhPNqw79Ij1E865zBUv7myRJQVD.woff2
fonts.gstatic.com/s/jost/v15/ 19 KB
19 KB 133ms
85ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/jost/v15/92zPtBhPNqw79Ij1E865zBUv7myRJQVD.woff2

Requested by

Host: medicaidrecoveries.com
URL: https://medicaidrecoveries.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22c87b7cc8f16187048cd1e302712ad672ba9d92fbde88d2113bafdc846db170

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://medicaidrecoveries.com/
Origin: https://medicaidrecoveries.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 23:25:33 GMT
x-content-type-options: nosniff
age: 161215
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19356
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:32:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Dec 2024 23:25:33 GMT

GET
H2 200 pxiDyp8kv8JHgFVrJJLmr19lFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 55 KB
55 KB 110ms
71ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiDyp8kv8JHgFVrJJLmr19lFQ.woff2

Requested by

Host: medicaidrecoveries.com
URL: https://medicaidrecoveries.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

243c9ac22a1f9eed020122c718e41786e6c2727c84f5f7fb94caea2375d83b5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://medicaidrecoveries.com/
Origin: https://medicaidrecoveries.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 23:12:38 GMT
x-content-type-options: nosniff
age: 161990
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56648
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:12:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Dec 2024 23:12:38 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
78 KB 50ms
49ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-D34PCLVYL5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-202349636-34

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bdd35744cabfdd27fce3a6738d2cd908f4d835662a9ca594ff982956151cd241

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicaidrecoveries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:12:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79450
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 06 Dec 2023 20:12:28 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 72ms
21ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-202349636-34

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicaidrecoveries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 19:41:49 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1839
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 06 Dec 2023 21:41:49 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
258 B 80ms
29ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-D34PCLVYL5&gtm=45je3bt0v9109510592&_p=1701893548851&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=914665511.1701893549&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1701893548&sct=1&seg=0&dl=https%3A%2F%2Fmedicaidrecoveries.com%2F&dt=Medicaid%20Assistance%20in%20Rochester%2C%20NY%20%7C%20Medicaid%20Recoveries%2C%20Inc.&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2678
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D34PCLVYL5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicaidrecoveries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 20:12:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://medicaidrecoveries.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
210 B 29ms
29ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=191805075&t=pageview&_s=1&dl=https%3A%2F%2Fmedicaidrecoveries.com%2F&ul=en-us&de=UTF-8&dt=Medicaid%20Assistance%20in%20Rochester%2C%20NY%20%7C%20Medicaid%20Recoveries%2C%20Inc.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1009036934&gjid=1280965110&cid=914665511.1701893549&tid=UA-202349636-34&_gid=1892124648.1701893549&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=405727638

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://medicaidrecoveries.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 20:12:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://medicaidrecoveries.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/ 432 KB
135 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa40858bc00aa25239b434a313f9b30b4b604715b21395c0f278a3055cd31deb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicaidrecoveries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:36:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23759
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138184
x-xss-protection: 0
server: cafe
etag: 495798054771589180
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 05 Dec 2024 13:36:30 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 73 B
85 B 107ms
59ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=medicaidrecoveries.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0ed2b885974fd42db1b120994d02960e8ae77ec782ecd9d7903deb41e962049

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicaidrecoveries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:12:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61
x-xss-protection: 0
expires: Wed, 06 Dec 2023 20:12:29 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.20/ 60 KB
25 KB 52ms
52ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.20/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/9hlxczqpl5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicaidrecoveries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:12:29 GMT
content-encoding: br
last-modified: Mon, 04 Dec 2023 12:08:18 GMT
etag: W/"0x8DBF4C1B3818466"
vary: Accept-Encoding
x-azure-ref: 20231206T201229Z-bse5zgsg0d5q1a4yzcxx1f8evn00000000tg00000000c4m5
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: a83e7593-d01e-0008-28ad-2634d4000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 68 KB
25 KB 70ms
70ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3403885449427593&correlator=2067088106414661&eid=31079527%2C21065725&output=ldjh&gdfp_req=1&vrg=202311290101&ptt=17&impl=fif&iu_parts=21848388897%2CIABBB-Dynamic-Seal&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1701893549141&lmt=1701893549&adxs=629&adys=3459&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fmedicaidrecoveries.com%2F&vis=1&psz=341x228&msz=341x0&fws=0&ohw=0&ga_vid=914665511.1701893549&ga_sid=1701893549&ga_hid=191805075&ga_fc=true&dlt=1701893548724&idt=370&adks=2476793911&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4480da2ff3806621cd33237964b5262acd9799ee6455999e1e7e5303ba396de1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicaidrecoveries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:12:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25603
x-xss-protection: 0
google-lineitem-id: 5417697586
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138316507035
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://medicaidrecoveries.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
e889335f42dcf842a99fe5586e4b65fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E73E 6 KB
3 KB 144ms
57ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e889335f42dcf842a99fe5586e4b65fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://medicaidrecoveries.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 06 Dec 2023 20:12:29 GMT
expires: Thu, 05 Dec 2024 20:12:29 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ Frame 7CDC 180 KB
62 KB 107ms
43ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&callback=onApiLoad

Requested by

Host: www.google.com
URL: https://www.google.com/maps/embed?pb=!1m14!1m8!1m3!1d11638.229500823323!2d-77.5501049!3d43.1768144!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0xafa0c1b25ec8d3e!2sMedicaid%20Recoveries%2C%20Inc.!5e0!3m2!1sen!2s!4v1637916569350!5m2!1sen!2s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

b2144783bdd4f44df458b551d18c95036b99cc692bc5d64e6400f6b1068ddad8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:12:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63101
x-xss-protection: 0

GET
H2 200 Screenshot_80.png
medicaidrecoveries.com/wp-content/uploads/2021/11/ 4 KB
4 KB 269ms
268ms Image
image/png 34.74.92.138
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://medicaidrecoveries.com/wp-content/uploads/2021/11/Screenshot_80.png
Requested by: Host: medicaidrecoveries.com
URL: https://medicaidrecoveries.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.92.138 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 138.92.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: cf1bcd0f697b73897616ea284c655d8553be4de3242617e37a0f3376603afa91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicaidrecoveries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:12:29 GMT
last-modified: Fri, 26 Nov 2021 07:20:55 GMT
server: nginx
etag: "61a08ad7-fcb"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 4043

GET
H2 200 shutterstock_205495339-min-scaled.jpg
medicaidrecoveries.com/wp-content/uploads/2021/11/ 298 KB
299 KB 269ms
269ms Image
image/jpeg 34.74.92.138
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://medicaidrecoveries.com/wp-content/uploads/2021/11/shutterstock_205495339-min-scaled.jpg
Requested by: Host: medicaidrecoveries.com
URL: https://medicaidrecoveries.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.92.138 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 138.92.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 53b5f2ee7a38901d22190f83376f2b54621aa3aea7a4630ec971fd15def7a919

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicaidrecoveries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:12:29 GMT
last-modified: Fri, 26 Nov 2021 10:12:47 GMT
server: nginx
etag: "61a0b31f-4a872"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 305266

POST
H/1.1 204
No Content collect Show response
g.clarity.ms/ 0
302 B 654ms
324ms XHR
text/plain 52.182.214.99
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.182.214.99 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://medicaidrecoveries.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://medicaidrecoveries.com
Date: Wed, 06 Dec 2023 20:12:29 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:7f62cbe7-9d8b-4a41-a628-fbaa3aa5c695

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1832 0
0 60ms
60ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssgPC-6AO_tiP3EDRib8PNxbQMFpHk5XVKD1RXxl3PV1PMwceZJyc0UU7AgHF9apU5SXuKxvfhlCZ1-x6sDXsq6ilrX1l4Qqfr8ICcEM_6O66o1ovCN74SoNGRnsjJ2O3z9SGkV7yEQPMo4Z8DZ-gHNhvUyQhXeJ9kiNxpASScEs92DxMCsIa-N4pT8ri1aJ9UqKidi08Q5XsQEzvMLcAhiFm0iC4JMu_47i7CoAl0ij63dZyBO_-Q1dK4dCLfpP1lFSlj7ihkcUu2VNbQI2U2OpF4Wsd66ORj_GXbJ36k95YcIO3n5SnQfW37y1-9xE42MTKKoh4T4Sgml69TyL_kuAH-pOxc&sai=AMfl-YQtvy5oEnZIFthvZRPxagbBdZY8OKCYXxJv33P3V2VObsSek_6y1-2T56We65Za5Y6rbXLgByw3cary4rMlr-JthB0fRIIUUQAQrzySHg_7cCXCld_CHHiJtvWyCbAUS9Gn1lY1GHxnFwa89Qc3Hv_o7kYJ_Q2c1RHDwQ&sig=Cg0ArKJSzIBn6MCEFgGEEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: medicaidrecoveries.com
URL: https://medicaidrecoveries.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicaidrecoveries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:12:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 06 Dec 2023 20:12:29 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231204/r20110914/ Frame 1832 24 KB
9 KB 73ms
23ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231204/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicaidrecoveries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 08:03:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43736
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 08:03:33 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/ Frame 1832 3 KB
2 KB 72ms
22ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicaidrecoveries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:26:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2755
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 19:26:34 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1832 202 KB
64 KB 97ms
45ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicaidrecoveries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:12:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65147
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701694399686299"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Dec 2023 20:12:29 GMT

GET
H2 200 14923303296992109467
tpc.googlesyndication.com/simgad/ Frame 1832 68 B
416 B 76ms
26ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14923303296992109467

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicaidrecoveries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 21:33:28 GMT
x-content-type-options: nosniff
age: 599941
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
x-xss-protection: 0
last-modified: Wed, 08 Jul 2020 14:03:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 28 Nov 2024 21:33:28 GMT

GET
DATA 200
OK truncated
/ Frame 1832 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c62bb6ed7c6d22b832b86674f764fe8b3676127cc9b6cf84f48f6d955851bd39

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ Frame 7CDC 3 B
46 B 92ms
45ms XHR
application/json 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&callback=onApiLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:12:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.google.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 init_embed.js Show response
maps.gstatic.com/maps-api-v3/embed/js/55/4/ Frame 7CDC 226 KB
60 KB 101ms
22ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.gstatic.com/maps-api-v3/embed/js/55/4/init_embed.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91c517b650261a41b75a3dff1ba8d77ab069db61b32df2cd470bc3bfad5409ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:31:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2452
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61041
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 22:55:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Dec 2024 19:31:37 GMT

GET
H2 200 widget_app_base_1701777553483.js Show response
cdn.userway.org/widgetapp/2023-12-05-11-59-13/ 136 KB
40 KB 68ms
22ms Script
application/javascript 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2023-12-05-11-59-13/widget_app_base_1701777553483.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 8f3011107f8f8b4c15d5c40c58601546e553156b1db575f3d1eae018ef878600

Request headers

Referer: https://medicaidrecoveries.com/
Origin: https://medicaidrecoveries.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 06 Dec 2023 20:12:29 GMT
via: 1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 10685
x-amz-cf-pop: FRA60-P3
age: 328
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1701882864
x-77-nzt: EgwBw7WqEQH3vSkAAAwBJRPCKAH3EwAAAA
x-accel-expires: @1727802845
x-77-age: 10704
x-cache-lb: HIT
last-modified: Tue, 05 Dec 2023 12:01:24 GMT
server: CDN77-Turbo
etag: W/"2ed53b729acaa536c21c80ac13659b38"
x-77-nzt-ray: 4c15622432eb43a2add5706583f1aa19
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: CtwxjDx-nhVchn0LU5yaCZle6eVijABh4ex9-RFCilnVMRiJd2DvFQ==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1832 0
0 61ms
60ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsumBWunSJ1o8b4c2Of9Sl8vo4WVEDOBGIgxqyiEIQjS1t28dsxMDn_Br7xNDTn06FkMtkVvPfrQAZedQiPqzecmVv5KaRqnK4gpwK0NTXNGQgaLO-P9r3vFNBPj6ZznuMLlmhUIYZfVeoj_V3bdgaQ-DFLd0ivlqvKtoEQ2tjvcTlSltT7Z12e7QqWtQrisWfI2nqH_a_Y4GsQ7wLRE2iC8MsQB4v6OBB_ojynstpMDwCo883OcSa1Od0eVB_1WsMpwrj_7begw5SeLN7LFFT-PLgon1a7dIyVisFzIdNxHBHcL1ZIfybE-tucR008vMbxPbZ7YmbAw4yWiFg_Bt5Y9d_-laZG0qw&sai=AMfl-YRgIHwoQF_KYgBoyKvRAerPrLhXw90d70anv2gaSE1NIMS4Bl5moGc6zCzH-IlJG1hObJa-HC_y0xtkr_1b7QVVljuswjCGmE7PbMW3YsO-En4rtUvbDSzAAhOQjUHQDP9YoU49M99HGj3z6CXfMR1Dop_WwzFMIuyIGA&sig=Cg0ArKJSzA2opSMTIyOEEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicaidrecoveries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:12:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 06 Dec 2023 20:12:29 GMT

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/55/4/ Frame 7CDC 256 KB
57 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/55/4/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&callback=onApiLoad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

969dace001ef24f99f38bd00c5578b85ba9368e77a5667cfcaeaa29d2f57657b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:31:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2452
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57512
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 22:55:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Dec 2024 19:31:37 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/55/4/ Frame 7CDC 173 KB
54 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/55/4/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&callback=onApiLoad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e759dc710ec6d9f9438d5a77f834b247254512fb90cf520764ab591db32cf5cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:31:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2452
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55175
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 22:55:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Dec 2024 19:31:37 GMT

GET
H2 200 map.js Show response
maps.googleapis.com/maps-api-v3/api/js/55/4/ Frame 7CDC 71 KB
23 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/55/4/map.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&callback=onApiLoad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0cf6d91acfbd231daa3ccf96e67596a75ea04458209786b2814f13a7f14fbf6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:31:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2452
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23771
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 22:55:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Dec 2024 19:31:37 GMT

GET
H2 200 overlay.js Show response
maps.googleapis.com/maps-api-v3/api/js/55/4/ Frame 7CDC 3 KB
1 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/55/4/overlay.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&callback=onApiLoad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88e2d34a2ecd255e7c30d9436d1f8f7156973f2badc72161da7f3c1901ae5bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:31:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2451
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1273
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 22:55:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Dec 2024 19:31:38 GMT

GET
DATA 200
OK truncated
/ Frame 7CDC 6 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b0044d91b724bb429337d6dcd9d2332e855bc0b4452c1d3fc9beea9973017521

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 StaticMapService.GetMapImage
maps.googleapis.com/maps/api/js/ Frame 7CDC 21 KB
21 KB 116ms
116ms Image
image/png 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.googleapis.com/maps/api/js/StaticMapService.GetMapImage?1m2&1i596664&2i769062&2e1&3u13&4m2&1u300&2u250&5m5&1e0&5sen&6sus&10b1&12b1&client=google-maps-embed&token=95489

Requested by

Host: medicaidrecoveries.com
URL: https://medicaidrecoveries.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ce58833669ed7f0f35384ac0fe49a1bcc2a6e27dc113df22b89f1d7dbc8fe7d8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:12:29 GMT
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=86400
server-timing: gfet4t7; dur=94
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21773
x-xss-protection: 0
expires: Thu, 07 Dec 2023 20:12:29 GMT

GET
H2 200 onion.js Show response
maps.googleapis.com/maps-api-v3/api/js/55/4/ Frame 7CDC 26 KB
9 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/55/4/onion.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&callback=onApiLoad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f192fc1904ff65df2e882e7cb7afa1432a424adeecefeb081c53c4fde85be8fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:31:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2451
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8900
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 22:55:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Dec 2024 19:31:38 GMT

GET
H2 200 search_impl.js Show response
maps.googleapis.com/maps-api-v3/api/js/55/4/ Frame 7CDC 3 KB
1 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/55/4/search_impl.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&callback=onApiLoad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c15a24cfd927f84920b607b2764a5f7fde792140f08c64ea3808eec291b6d038

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:31:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2451
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1253
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 22:55:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Dec 2024 19:31:38 GMT

POST
H2 200 E8voaT4ZKw Show response
api.userway.org/api/tunings/ 462 B
847 B 553ms
181ms XHR
application/json 2600:1f14:5db:eb22:ae0c:d388:3803:603b
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/tunings/E8voaT4ZKw
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-12-05-11-59-13/widget_app_base_1701777553483.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb22:ae0c:d388:3803:603b Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 3d54da97b250b4548da42a9a6fe558666f2d37a4eb03a6d3d78b3169a99e777f

Request headers

Referer: https://medicaidrecoveries.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 06 Dec 2023 20:12:29 GMT
etag: W/"1ce-GxggF2UaZeheAEeE96oxV6nyEBc"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-service-request-id: usr3d6065fea6c1409
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: *
content-length: 462
x-service-version: uw-pr

GET
H2 200 openhand_8_8.cur
maps.gstatic.com/mapfiles/ Frame 7CDC 326 B
692 B 30ms
30ms Image
image/bmp 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/openhand_8_8.cur

Requested by

Host: medicaidrecoveries.com
URL: https://medicaidrecoveries.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:12:29 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type: image/bmp
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
expires: Wed, 06 Dec 2023 20:12:29 GMT

POST
H3 200 GetViewportInfo Show response
maps.googleapis.com/$rpc/google.internal.maps.mapsjs.v1.MapsJsInternalService/ Frame 7CDC 14 KB
2 KB 54ms
53ms XHR
application/json+protobuf 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/$rpc/google.internal.maps.mapsjs.v1.MapsJsInternalService/GetViewportInfo

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&callback=onApiLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

517ffcdf413f035b73de70dc298339bf6f343545390fa8aea72cfc33e789850e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json+protobuf
X-Goog-Maps-Client-Id: google-maps-embed
Referer: https://www.google.com/
X-Goog-Api-Key
X-Goog-Maps-API-Signature: 56934
X-Goog-Maps-API-Salt: bOzbYwH02r

Response headers

date: Wed, 06 Dec 2023 20:12:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.google.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2263
x-xss-protection: 0

OPTIONS
H3 200 GetViewportInfo
maps.googleapis.com/$rpc/google.internal.maps.mapsjs.v1.MapsJsInternalService/ Frame 0
0 106ms
106ms Preflight
text/html 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/$rpc/google.internal.maps.mapsjs.v1.MapsJsInternalService/GetViewportInfo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-goog-maps-api-salt,x-goog-maps-api-signature,x-goog-maps-client-id,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-goog-maps-api-salt,x-goog-maps-api-signature,x-goog-maps-client-id,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.google.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 06 Dec 2023 20:12:29 GMT
server: scaffolding on HTTPServer2
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=413C31AEB6FF4140833B781E82E5303D&RedC=c.clarity.ms&MXFR=3A4358FB5ED962D419AA4B245AD96C99
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=413C31AEB6FF4140833B781E82E5303D&MUID=03A582FFC5EA697E05BA9120C44668FA

42 B
465 B

47ms
47ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=413C31AEB6FF4140833B781E82E5303D&MUID=03A582FFC5EA697E05BA9120C44668FA
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicaidrecoveries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 20:12:29 GMT
last-modified: Wed, 30 Aug 2023 19:01:41 GMT
server: Microsoft-IIS/10.0
etag: "8d59566974dbd91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 06 Dec 2023 20:12:29 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 860064A8C14D4D9CB26F208126B80C18 Ref B: FRA31EDGE0119 Ref C: 2023-12-06T20:12:29Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=413C31AEB6FF4140833B781E82E5303D&MUID=03A582FFC5EA697E05BA9120C44668FA
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 133ms
80ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311290101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19b2dd8341cff57baf6c1b2fcaf5e87b3554114143ad9c6a76265c1c6893a342

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicaidrecoveries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:12:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12286
x-xss-protection: 0

GET
H2 200 Screenshot_80.png
medicaidrecoveries.com/wp-content/uploads/2021/11/ 4 KB
4 KB 140ms
140ms Image
image/png 34.74.92.138
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://medicaidrecoveries.com/wp-content/uploads/2021/11/Screenshot_80.png
Requested by: Host: hb.wpmucdn.com
URL: https://hb.wpmucdn.com/medicaidrecoveries.com/ad2e6e10-8083-4c71-ae63-46d76da38702.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.92.138 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 138.92.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: cf1bcd0f697b73897616ea284c655d8553be4de3242617e37a0f3376603afa91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicaidrecoveries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:12:29 GMT
last-modified: Fri, 26 Nov 2021 07:20:55 GMT
server: nginx
etag: "61a08ad7-fcb"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 4043

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 288ms
287ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicaidrecoveries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:12:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 06 Dec 2023 20:12:30 GMT

GET
H3 200 AuthenticationService.Authenticate Show response
maps.googleapis.com/maps/api/js/ Frame 7CDC 62 B
84 B 31ms
31ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7m2&1e0&5e0&8b1&callback=_xdc_._ekfok2&client=google-maps-embed&token=115470

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/55/4/common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

eaf87c70971a8be7304fb9d4b2b2c848ee8388354f2e385982223b7eea53b341

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 20:12:29 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment
server-timing: gfet4t7; dur=9
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 IMG_1546-rotated.jpg
medicaidrecoveries.com/wp-content/uploads/2021/11/ 54 KB
54 KB 132ms
132ms Image
image/jpeg 34.74.92.138
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://medicaidrecoveries.com/wp-content/uploads/2021/11/IMG_1546-rotated.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.92.138 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 138.92.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: bd91e1a9bb82698162aa19edbc5dfa29ce78555f8333227186ffd6ccf90a904f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicaidrecoveries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:12:29 GMT
last-modified: Fri, 26 Nov 2021 19:54:44 GMT
server: nginx
etag: "61a13b84-d8b3"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 55475

GET
H3 200 QuotaService.RecordEvent Show response
maps.googleapis.com/maps/api/js/ Frame 7CDC 62 B
83 B 32ms
32ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7su7h7hy&10e1&11b1&callback=_xdc_._olhr2p&client=google-maps-embed&token=71415

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/55/4/common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

fa668b1e4be13d37051aefb93acce0be977319b5835ff09f4f505bc9dc758cdb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 20:12:29 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
content-disposition: attachment
server-timing: gfet4t7; dur=10
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 en-US.json Show response
cdn.userway.org/widgetapp/2023-12-05-11-59-13/locales/ 500 B
961 B 24ms
24ms XHR
application/json 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2023-12-05-11-59-13/locales/en-US.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-12-05-11-59-13/widget_app_base_1701777553483.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 588e561c1b630cc0c94b479e3a0479c7557e4d6991a1bacb5b2acd7f32906f56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicaidrecoveries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 06 Dec 2023 20:12:30 GMT
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 10680
x-amz-cf-pop: FRA60-P3
age: 669
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1701882870
x-77-nzt: EgwBw7WqEQH3uCkAAAwB1GY4nAH38JcBAA
x-accel-expires: @1727698438
x-77-age: 115112
x-cache-lb: HIT
last-modified: Tue, 05 Dec 2023 12:01:24 GMT
server: CDN77-Turbo
etag: W/"6c501e56c0883817da65e6df9f4417ee"
x-77-nzt-ray: 4c15622432eb43a2aed570650458fc02
access-control-max-age: 3000
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/json
x-amz-cf-id: yWPPdUjXgtWG_FyRsgFRrjtEld_Fj2oOYjVkhSvhhf6wQS2ZZAT-Eg==

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B2D2 13 KB
5 KB 24ms
23ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://medicaidrecoveries.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2755
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 06 Dec 2023 19:26:35 GMT
expires: Thu, 05 Dec 2024 19:26:35 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A882 829 B
1010 B 33ms
33ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4c613f9327d6f4e7740b10a7b92c0be0573db4d4bf2fb950a490b277dacf2c30

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-F6mb5Z9hIb9W_YmFQZzi8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://medicaidrecoveries.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-F6mb5Z9hIb9W_YmFQZzi8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 06 Dec 2023 20:12:30 GMT
expires: Wed, 06 Dec 2023 20:12:30 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame B2D2 39 KB
15 KB 71ms
23ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:26:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2778
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Dec 2024 19:26:12 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A882 0
0 98ms
58ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311290101&jk=3403885449427593&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

POST
H/1.1 204
No Content collect Show response
g.clarity.ms/ 0
302 B 160ms
160ms XHR
text/plain 52.182.214.99
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.182.214.99 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://medicaidrecoveries.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://medicaidrecoveries.com
Date: Wed, 06 Dec 2023 20:12:30 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:7f62cbe7-9d8b-4a41-a628-fbaa3aa5c695

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B2D2 0
10 B 23ms
22ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?g7G9HA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:12:30 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 remediation-tool-free.js Show response
cdn.userway.org/remediation/free/ 27 KB
11 KB 26ms
25ms Script
application/javascript 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediation/free/remediation-tool-free.js?ts=1701777553483
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-12-05-11-59-13/widget_app_base_1701777553483.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3250950ae5db5eefe88233790ff6bff2d1dff68f06f65713a7a5534f346d26c3

Request headers

Referer: https://medicaidrecoveries.com/
Origin: https://medicaidrecoveries.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 06 Dec 2023 20:12:30 GMT
via: 1.1 372875ad1ec20daf24f3f29f14a73cd0.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 10685
x-amz-cf-pop: FRA60-P3
age: 162
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1701882865
x-77-nzt: EgwBw7WqEQH3vSkAAAwB1GY4AQH3EwAAAA
x-accel-expires: @1727802846
x-77-age: 10704
x-cache-lb: HIT
last-modified: Tue, 05 Dec 2023 12:01:29 GMT
server: CDN77-Turbo
etag: W/"57f395d8d59b592265e2e7b0f6b3ab1c"
x-77-nzt-ray: 4c15622432eb43a2aed5706599c7d820
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: ZHxTmP4Au5Z6a0gTLfs8m2Vl_yrD5FEgEyRc2LReoVIWYMHUlFmYWQ==

GET
H2 200 body_wh.svg
cdn.userway.org/widgetapp/images/ 931 B
1 KB 22ms
22ms Image
image/svg+xml 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/body_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicaidrecoveries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 06 Dec 2023 20:12:30 GMT
via: 1.1 4612dc3b414cf2057f542e94733d59bc.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 10683
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1701882867
x-77-nzt: EgwBw7WqEQH3uykAAAwBJRPCKAH3FgAAAA
x-accel-expires: @1727802845
x-77-age: 10705
x-cache-lb: HIT
last-modified: Fri, 13 Jan 2023 11:00:14 GMT
server: CDN77-Turbo
etag: W/"2ec2767a3bb93656fb9b75c893d7be75"
x-77-nzt-ray: 4c1562244cf52b96aed57065ce19a921
access-control-max-age: 3000
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: image/svg+xml
x-amz-cf-id: lkpfEeHdXl7wC-JaPvbumGRC49N7VZkLkAhLRbqjlxpQ2uwzNGHniA==

GET
H2 200 spin_wh.svg
cdn.userway.org/widgetapp/images/ 2 KB
1 KB 24ms
23ms Image
image/svg+xml 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/spin_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicaidrecoveries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 06 Dec 2023 20:12:30 GMT
via: 1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 10684
x-amz-cf-pop: FRA60-P3
age: 1
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1701882866
x-77-nzt: EgwBw7WqEQH3vCkAAAwB1GY4mQH3EwAAAA
x-accel-expires: @1727802847
x-77-age: 10703
x-cache-lb: HIT
last-modified: Fri, 13 Jan 2023 11:00:14 GMT
server: CDN77-Turbo
etag: W/"8e0a35946bf39d10f46a1f1653366a0a"
x-77-nzt-ray: 4c1562244cf52b96aed570654755b121
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: image/svg+xml
x-amz-cf-id: qSsYbjAkFZep-IGdEA4PagTH9vSZoPqda0lLK654UpAhXyrP4B8r_A==

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 60ms
60ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311290101&jk=3403885449427593&bg=!jY6ljsHNAAY3kmNgF5I7ADQBe5WfOL9FVBPNTiTOoXDO6HnciAe3Lj7nO21WA2Yrm7b-9r74fXMPh2RHGqoCwC2VSPqnAgAAADlSAAAAA2gBBwoAXztfjw_hBQdAF1LNYfib7OyuVd7gMgCV_udOEiAQThZOyU9UWNiAi1mqjw-0TaT-NSVW0EV-Oy_ajRbYUGfOI13zmamazoHtkM4s0QJKOs0FsHHm1g1awfh8UMbF9HvMmQLC3DdXsAl1OJXJIA4lj1w4lMXWSfoFLawuq2MpXwCDvB3LjcxQBk4VtOtppTV5MfC6wthsGH64a1nzQdHVC45rGTUIffma_6Z5_Je8YklhxJrVvxGLCkihW65W8Wxt0a13Yu4nIYXlGB5-4wNactVp0NfJBxMdMEz_Qk8HGr_AkhZc3JfQywQE0ADjZdH9UkLvFByEgbIsEArQrzzgq_Wa4ZkjpdC441M1a0D9nA75WndAf9iaa2-V2K0H6outqimYhF-NLCYNXrLA47LjFrLHhWkYQ19IsIyhMMxPj9YpVSdBLOpInZUB85N2Ls5EaDtPxKCfvtDC7A3T7N9HZfaRFAPNLWcMiOyM5NP5mH674mJD1NNkgz-dDNkBeZXgn4c60szt4nagmWgONt3AayDnxWEK0_co5-X4YQ0cGtwp7Yj1-zWzRNB4koqcQQQbEqw5FKjGSZlZ90Aujbkvy46bdPdY7ljSoVZvw7hzDtlHulLuXEvYJVq86yNt65T97KtMuTg5c5IaZ4FI_By7s5KSChrVI3fVxkMFGC_EJDaSWS7ah6bvzYljavyORXmKpFAUxgRg3AuRXpriFJvZmtgwgEBYgajUvl2Y5jP8U2YfF2IneEaroNnaV5VQwgEAHaQyMCzwiNl9nf9S_ocRKbcijEMy97ZT8wO6F7RNYziDRZ87HKlMDxmRa81ey1LReqAxwqWUoe5wlouWdS0dev55EaGAI3GLIR5Dl96_DwxYdta_sHHvSeOywjsD-YxIB6cLs-pbSGRAWlN6LMl7mZYS3OuUEnZ9T6gpA11XJ0HkES1bwUr7PQivWbgvGM-0A0a4HA_iTT022GpOtOxzBVpRVx7uKCxfq2g0QZqZaGzlFNNjIXoFO2jg2Y06xp2NBhGCZLouteuJUKQfRA2rFk8BSo-PURvXIUUswC8r3s4xVCi_Fw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicaidrecoveries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

POST
H/1.1 204
No Content collect Show response
g.clarity.ms/ 0
302 B 161ms
161ms XHR
text/plain 52.182.214.99
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.182.214.99 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://medicaidrecoveries.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://medicaidrecoveries.com
Date: Wed, 06 Dec 2023 20:12:32 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:7f62cbe7-9d8b-4a41-a628-fbaa3aa5c695

Verdicts & Comments Add Verdict or Comment

144 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.medicaidrecoveries.com/	1970-01-21 02:20:53	Name: _ga_D34PCLVYL5 Value: GS1.1.1701893548.1.0.1701893548.0.0.0
.medicaidrecoveries.com/	1970-01-21 02:20:53	Name: _ga Value: GA1.2.914665511.1701893549
.medicaidrecoveries.com/	1970-01-20 16:46:19	Name: _gid Value: GA1.2.1892124648.1701893549
.medicaidrecoveries.com/	1970-01-20 16:44:53	Name: _gat_gtag_UA_202349636_34 Value: 1
www.clarity.ms/	1970-01-21 01:30:29	Name: CLID Value: 9c01f1e64dbc4b49923ea911e64ee2bd.20231206.20241205
.medicaidrecoveries.com/	1970-01-21 01:30:29	Name: _clck Value: 1a5a6ri%7C2%7Cfhb%7C0%7C1435
.medicaidrecoveries.com/	1970-01-21 02:06:29	Name: __gads Value: ID=4ff3f66cdd47d78c:T=1701893549:RT=1701893549:S=ALNI_MYeta2YzZiHWRNu0W_u9t8OXpGRMg
.medicaidrecoveries.com/	1970-01-21 02:06:29	Name: __gpi Value: UID=00000d0c911322f9:T=1701893549:RT=1701893549:S=ALNI_Mblf9mSgNk-PIPmelpJR6gd_q7uCw
.doubleclick.net/	1970-01-21 02:06:29	Name: IDE Value: AHWqTUnPJfMR8_Ll1lNJgKDa8dSdCM38Kzzw0k0VwaOBjLy1oWk56SI4fiZR47KWm90
.medicaidrecoveries.com/	1970-01-20 16:46:19	Name: _clsk Value: 1tuq67v%7C1701893549898%7C1%7C1%7Cg.clarity.ms%2Fcollect
.bing.com/	1970-01-21 02:06:29	Name: MUID Value: 03A582FFC5EA697E05BA9120C44668FA
.c.bing.com/	1970-01-20 16:54:58	Name: MR Value: 0
.c.bing.com/	1970-01-21 02:06:29	Name: SRM_B Value: 03A582FFC5EA697E05BA9120C44668FA
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 02:06:29	Name: MUID Value: 03A582FFC5EA697E05BA9120C44668FA
.c.clarity.ms/	1970-01-20 16:54:58	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 16:44:54	Name: ANONCHK Value: 0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://medicaidrecoveries.com/wp-content/themes/Divi/core/admin/fonts/modules.ttf Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.userway.org
c.bing.com
c.clarity.ms
cdn.userway.org
e889335f42dcf842a99fe5586e4b65fa.safeframe.googlesyndication.com
fonts.gstatic.com
g.clarity.ms
hb.wpmucdn.com
maps.googleapis.com
maps.gstatic.com
medicaidrecoveries.com
pagead2.googlesyndication.com
region1.google-analytics.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
use.fontawesome.com
www.clarity.ms
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
2001:4860:4802:34::36
2400:52e0:1e00::1082:1
2600:1f14:5db:eb22:ae0c:d388:3803:603b
2606:4700:e2::ac40:8c0d
2620:1ec:46::45
2620:1ec:c11::200
2a00:1450:4001:800::200a
2a00:1450:4001:808::2004
2a00:1450:4001:80f::2008
2a00:1450:4001:811::2001
2a00:1450:4001:811::2003
2a00:1450:4001:813::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a02:6ea0:c700::19
34.74.92.138
52.182.214.99
68.219.88.97
0cf6d91acfbd231daa3ccf96e67596a75ea04458209786b2814f13a7f14fbf6c
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1383b7f0a32063310792ef54c469f359f6257a8b331c0cf5f4017dc84d37d7dd
19aad8f98dd3d421fd4ba696a4d8499db063d931341e40d377e26298df758dac
19b2dd8341cff57baf6c1b2fcaf5e87b3554114143ad9c6a76265c1c6893a342
22c87b7cc8f16187048cd1e302712ad672ba9d92fbde88d2113bafdc846db170
243c9ac22a1f9eed020122c718e41786e6c2727c84f5f7fb94caea2375d83b5f
31092d5e88f9cad80ef810cbb6c4411768b2a8cdf3186b10600c15591be2e7d8
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3209a76d8cf3dcca3c6d139ea50890d9e38f1c8a2d04651d038225d7939279c7
3250950ae5db5eefe88233790ff6bff2d1dff68f06f65713a7a5534f346d26c3
3d54da97b250b4548da42a9a6fe558666f2d37a4eb03a6d3d78b3169a99e777f
4480da2ff3806621cd33237964b5262acd9799ee6455999e1e7e5303ba396de1
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4c613f9327d6f4e7740b10a7b92c0be0573db4d4bf2fb950a490b277dacf2c30
4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c
517ffcdf413f035b73de70dc298339bf6f343545390fa8aea72cfc33e789850e
52394793edc8f40dce3af97329fc58f3359cd15343e3a223dfdbe126f688d9d3
53b5f2ee7a38901d22190f83376f2b54621aa3aea7a4630ec971fd15def7a919
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5674b0a11a287377a390c9a6c3c2946b3304596cb4fd10a63f5203a3a85f8a31
579cdf7fd01f54d123624df77f301a7338ed91521a0f15cccb1aa4dd39eb23ea
588e561c1b630cc0c94b479e3a0479c7557e4d6991a1bacb5b2acd7f32906f56
59dec8b74f4cd85c1692c3bd163a46c4cc8a59b29c3eb029b4e31f2e2f12d790
5bed63ec592510d76c9b20e97112e86d3183a3b8ddb0af839030058a38239073
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
65221c19d1e390c4990c0f52f22fe4922b60b991abaa7a80dad8b2573be1bdab
66da0701afaff7bd213e9fd294349fa60647b472bf617959f39a23b8778edf15
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7
88795f28bb66a45f9c32245dd21d6319ed5d26a45bf5afa31d91a0f83ee855f7
88e2d34a2ecd255e7c30d9436d1f8f7156973f2badc72161da7f3c1901ae5bec
8f3011107f8f8b4c15d5c40c58601546e553156b1db575f3d1eae018ef878600
91c517b650261a41b75a3dff1ba8d77ab069db61b32df2cd470bc3bfad5409ce
92cd55d71c091eb31ee4be8904f3cd4a4812fff77c48c264af788ed05e585913
969dace001ef24f99f38bd00c5578b85ba9368e77a5667cfcaeaa29d2f57657b
986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c349c827da0edefcdf5de53d1eee0f392d7dc0da17ea74304967c529c7d45b6
9e224b8e9e6f24dd961a0383fbbd16ad55617fe23cb92f9c2516394e8e0afeb8
a0ed2b885974fd42db1b120994d02960e8ae77ec782ecd9d7903deb41e962049
a4bc7cfcaaab86555b41bc375407c8819a3f535a1b15c04c62810a5032f5a9d1
b0044d91b724bb429337d6dcd9d2332e855bc0b4452c1d3fc9beea9973017521
b1f5c178c16f6414ca3c2abc79e7ef2b6a83ca3b487b4bcf56590fbf98be6c3d
b2144783bdd4f44df458b551d18c95036b99cc692bc5d64e6400f6b1068ddad8
b25a732806eccc32e7588ec3675e810b7350c5961275c65bf9db2f351c1cc899
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd91e1a9bb82698162aa19edbc5dfa29ce78555f8333227186ffd6ccf90a904f
bdd35744cabfdd27fce3a6738d2cd908f4d835662a9ca594ff982956151cd241
c15a24cfd927f84920b607b2764a5f7fde792140f08c64ea3808eec291b6d038
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c62bb6ed7c6d22b832b86674f764fe8b3676127cc9b6cf84f48f6d955851bd39
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cacd900a2587c234c53e9d0108fc51ff6c61420c4f89a1731014b673a7b9a1a8
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
ce58833669ed7f0f35384ac0fe49a1bcc2a6e27dc113df22b89f1d7dbc8fe7d8
cf1bcd0f697b73897616ea284c655d8553be4de3242617e37a0f3376603afa91
d2fec0e2942f49dd3cad4650431d550d761f11dded17834d4835768c2ca730c0
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e759dc710ec6d9f9438d5a77f834b247254512fb90cf520764ab591db32cf5cb
eaf87c70971a8be7304fb9d4b2b2c848ee8388354f2e385982223b7eea53b341
eeec29f3e373993708de04f183c9e7d351457518d9bafb139b44ea6a7847fae6
f192fc1904ff65df2e882e7cb7afa1432a424adeecefeb081c53c4fde85be8fe
fa40858bc00aa25239b434a313f9b30b4b604715b21395c0f278a3055cd31deb
fa668b1e4be13d37051aefb93acce0be977319b5835ff09f4f505bc9dc758cdb

medicaidrecoveries.com Open in urlscan Pro 34.74.92.138 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

76 Requests

99 %HTTPS

86 %IPv6

14 Domains

21 Subdomains

21 IPs

3 Countries

3038 kBTransfer

5748 kBSize

17 Cookies

4 Outgoing links

Page URL History

Redirected requests

76 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

medicaidrecoveries.com Open in urlscan Pro
34.74.92.138 Public Scan

Screenshot
Live screenshot

Full Image

76
Requests

99 %
HTTPS

86 %
IPv6

14
Domains

21
Subdomains

21
IPs

3
Countries

3038 kB
Transfer

5748 kB
Size

17
Cookies

76 HTTP transactions
3 data transactions