www.playclashroyale.xtendhealthcare.net Open in urlscan Pro
167.104.0.66  Public Scan

17 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response www.playclashroyale.xtendhealthcare.net/	59 KB 11 KB	418ms 67ms	Document text/html	167.104.0.66 SALLIEMAE
General Check archive.org Show headers Download Go to Full URL https://www.playclashroyale.xtendhealthcare.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 167.104.0.66 Mountain Top, United States, ASN7183 (SALLIEMAE, US), Reverse DNS xtendservices.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 43e84558db03129df8bdfca1f9f199a5e1f8f23f334347071dd7e0913e19752b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains; preload Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 accept-language en-US,en;q=0.9 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers Accept-Ranges bytes Content-Encoding gzip Content-Length 10411 Content-Type text/html Date Wed, 10 Apr 2024 09:51:40 GMT ETag "057e8f1c81da1:0" Last-Modified Thu, 28 Mar 2024 14:31:02 GMT Server Microsoft-IIS/10.0 Strict-Transport-Security max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains; preload Vary Accept-Encoding X-Powered-By ASP.NET
GET H/1.1	200 OK	bootstrap.min.css www.playclashroyale.xtendhealthcare.net/assets/css/	118 KB 119 KB	71ms 67ms	Stylesheet text/css	167.104.0.66 SALLIEMAE
General Check archive.org Show headers Download Go to Full URL https://www.playclashroyale.xtendhealthcare.net/assets/css/bootstrap.min.css Requested by Host: www.playclashroyale.xtendhealthcare.net URL: https://www.playclashroyale.xtendhealthcare.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 167.104.0.66 Mountain Top, United States, ASN7183 (SALLIEMAE, US), Reverse DNS xtendservices.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 5a3d8c05785485d36ee5c94d4681e5b1d9e4b94c5be8b5bd7b0f3168fff1bd9a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.playclashroyale.xtendhealthcare.net/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload Date Wed, 10 Apr 2024 09:51:40 GMT Last-Modified Tue, 18 Jul 2023 15:17:04 GMT Server Microsoft-IIS/10.0 ETag "09869e88ab9d91:0" X-Powered-By ASP.NET Content-Type text/css Accept-Ranges bytes Content-Length 121205
GET H/1.1	200 OK	fontawesome-all.min.css www.playclashroyale.xtendhealthcare.net/assets/font-awesome/css/	46 KB 46 KB	248ms 125ms	Stylesheet text/css	167.104.0.66 SALLIEMAE
General Check archive.org Show headers Download Go to Full URL https://www.playclashroyale.xtendhealthcare.net/assets/font-awesome/css/fontawesome-all.min.css Requested by Host: www.playclashroyale.xtendhealthcare.net URL: https://www.playclashroyale.xtendhealthcare.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 167.104.0.66 Mountain Top, United States, ASN7183 (SALLIEMAE, US), Reverse DNS xtendservices.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 11578a8fbd3f3041f189ccb1a439e6e4cc7514d4017ca55af759572d2d6541c5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.playclashroyale.xtendhealthcare.net/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload Date Wed, 10 Apr 2024 09:51:40 GMT Last-Modified Tue, 18 Jul 2023 15:17:04 GMT Server Microsoft-IIS/10.0 ETag "09869e88ab9d91:0" X-Powered-By ASP.NET Content-Type text/css Accept-Ranges bytes Content-Length 47109
GET H/1.1	200 OK	jquery.min.js Show response www.playclashroyale.xtendhealthcare.net/assets/js/	85 KB 86 KB	255ms 126ms	Script application/javascript	167.104.0.66 SALLIEMAE
General Check archive.org Show headers Download Go to Full URL https://www.playclashroyale.xtendhealthcare.net/assets/js/jquery.min.js Requested by Host: www.playclashroyale.xtendhealthcare.net URL: https://www.playclashroyale.xtendhealthcare.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 167.104.0.66 Mountain Top, United States, ASN7183 (SALLIEMAE, US), Reverse DNS xtendservices.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 32b42f9bc813dd6bad1b45129eade1df8dd1463908f79505209fbfa1aa71018a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.playclashroyale.xtendhealthcare.net/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload Date Wed, 10 Apr 2024 09:51:40 GMT Last-Modified Tue, 18 Jul 2023 15:17:04 GMT Server Microsoft-IIS/10.0 ETag "09869e88ab9d91:0" X-Powered-By ASP.NET Content-Type application/javascript Accept-Ranges bytes Content-Length 87462
GET H/1.1	200 OK	bootstrap.min.js Show response www.playclashroyale.xtendhealthcare.net/assets/js/	36 KB 37 KB	260ms 131ms	Script application/javascript	167.104.0.66 SALLIEMAE
General Check archive.org Show headers Download Go to Full URL https://www.playclashroyale.xtendhealthcare.net/assets/js/bootstrap.min.js Requested by Host: www.playclashroyale.xtendhealthcare.net URL: https://www.playclashroyale.xtendhealthcare.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 167.104.0.66 Mountain Top, United States, ASN7183 (SALLIEMAE, US), Reverse DNS xtendservices.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.playclashroyale.xtendhealthcare.net/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload Date Wed, 10 Apr 2024 09:51:40 GMT Last-Modified Tue, 18 Jul 2023 15:17:04 GMT Server Microsoft-IIS/10.0 ETag "09869e88ab9d91:0" X-Powered-By ASP.NET Content-Type application/javascript Accept-Ranges bytes Content-Length 37051
GET H/1.1	200 OK	app.js Show response www.playclashroyale.xtendhealthcare.net/assets/js/	5 KB 6 KB	194ms 65ms	Script application/javascript	167.104.0.66 SALLIEMAE
General Check archive.org Show headers Download Go to Full URL https://www.playclashroyale.xtendhealthcare.net/assets/js/app.js Requested by Host: www.playclashroyale.xtendhealthcare.net URL: https://www.playclashroyale.xtendhealthcare.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 167.104.0.66 Mountain Top, United States, ASN7183 (SALLIEMAE, US), Reverse DNS xtendservices.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 3ce719c2af7f1468650e0d55a3bfdb2670f82fe1ab3947f6b968adbd8522bb5c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.playclashroyale.xtendhealthcare.net/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload Date Wed, 10 Apr 2024 09:51:40 GMT Last-Modified Tue, 18 Jul 2023 15:17:04 GMT Server Microsoft-IIS/10.0 ETag "09869e88ab9d91:0" X-Powered-By ASP.NET Content-Type application/javascript Accept-Ranges bytes Content-Length 5310
GET H2	200	css2 fonts.googleapis.com/	9 KB 1 KB	227ms 83ms	Stylesheet text/css	2607:f8b0:4006:806::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;1,400;1,700&family=Barlow+Semi+Condensed:ital,wght@0,400;0,500;0,600;1,400;1,500&display=swap Requested by Host: www.playclashroyale.xtendhealthcare.net URL: https://www.playclashroyale.xtendhealthcare.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:806::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 3ca696ff6ce9438b62d40bf01340a2b3788e4f8b75759e7b7f60f1db024414a5 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.playclashroyale.xtendhealthcare.net/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Wed, 10 Apr 2024 09:51:41 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 10 Apr 2024 09:51:41 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 10 Apr 2024 09:51:41 GMT
GET H/1.1	200 OK	main.css www.playclashroyale.xtendhealthcare.net/assets/css/	195 KB 196 KB	252ms 127ms	Stylesheet text/css	167.104.0.66 SALLIEMAE
General Check archive.org Show headers Download Go to Full URL https://www.playclashroyale.xtendhealthcare.net/assets/css/main.css Requested by Host: www.playclashroyale.xtendhealthcare.net URL: https://www.playclashroyale.xtendhealthcare.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 167.104.0.66 Mountain Top, United States, ASN7183 (SALLIEMAE, US), Reverse DNS xtendservices.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 24585dcbec4d79a726c808fc7b88ce9c7f83d9ffec548cc6b467c905ae6487f0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.playclashroyale.xtendhealthcare.net/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload Date Wed, 10 Apr 2024 09:51:40 GMT Last-Modified Thu, 28 Mar 2024 14:31:02 GMT Server Microsoft-IIS/10.0 ETag "057e8f1c81da1:0" X-Powered-By ASP.NET Content-Type text/css Accept-Ranges bytes Content-Length 199896
GET H3	200	api.js Show response www.google.com/recaptcha/	1 KB 856 B	224ms 90ms	Script text/javascript	142.250.64.68 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js Requested by Host: www.playclashroyale.xtendhealthcare.net URL: https://www.playclashroyale.xtendhealthcare.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.64.68 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s30-in-f4.1e100.net Software GSE / Resource Hash a58ff2de4d6a14e055a553e83a4e67aea6aaf589a57364305eec36105cce9ef3 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.playclashroyale.xtendhealthcare.net/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 10 Apr 2024 09:51:41 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Wed, 10 Apr 2024 09:51:41 GMT
GET H2	200	cse.js Show response cse.google.com/	9 KB 4 KB	613ms 94ms	Script text/javascript	2607:f8b0:4006:822::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cse.google.com/cse.js?cx=37665cbb3ff464545 Requested by Host: www.playclashroyale.xtendhealthcare.net URL: https://www.playclashroyale.xtendhealthcare.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software gws / Resource Hash 3e591004bc6ba473b340c111b4ed9c3449830d49ea3229f480cb01be2d2446f3 Security Headers Name Value Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-DbIuQ4gpEBX0C3159GlcGg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.playclashroyale.xtendhealthcare.net/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy object-src 'none';base-uri 'self';script-src 'nonce-DbIuQ4gpEBX0C3159GlcGg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other content-encoding br date Wed, 10 Apr 2024 09:51:42 GMT cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3107 x-xss-protection 0 accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64 cross-origin-opener-policy same-origin-allow-popups; report-to="gws" server gws x-frame-options SAMEORIGIN report-to {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} content-type text/javascript; charset=UTF-8 permissions-policy unload=() origin-trial Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
GET H/1.1	200 OK	XtendHealthcare-Logo.png www.playclashroyale.xtendhealthcare.net/assets/img/	3 KB 3 KB	63ms 62ms	Image image/png	167.104.0.66 SALLIEMAE
General Check archive.org Show headers Download Go to Show image Full URL https://www.playclashroyale.xtendhealthcare.net/assets/img/XtendHealthcare-Logo.png Requested by Host: www.playclashroyale.xtendhealthcare.net URL: https://www.playclashroyale.xtendhealthcare.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 167.104.0.66 Mountain Top, United States, ASN7183 (SALLIEMAE, US), Reverse DNS xtendservices.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash df5b752dfc72846dcb5d4f027915699bd9e9ff5c2ae8783cb1ee699fd5ad26cb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.playclashroyale.xtendhealthcare.net/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload Date Wed, 10 Apr 2024 09:51:40 GMT Last-Modified Tue, 18 Jul 2023 15:17:04 GMT Server Microsoft-IIS/10.0 ETag "09869e88ab9d91:0" X-Powered-By ASP.NET Content-Type image/png Accept-Ranges bytes Content-Length 3059
GET H/1.1	200 OK	HITRUST-Certified-r2-Logo.png images.navient.com/Xtend/web/	3 KB 3 KB	276ms 75ms	Image image/png	167.104.0.200 SALLIEMAE
General Check archive.org Show headers Download Go to Show image Full URL https://images.navient.com/Xtend/web/HITRUST-Certified-r2-Logo.png Requested by Host: www.playclashroyale.xtendhealthcare.net URL: https://www.playclashroyale.xtendhealthcare.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 167.104.0.200 Mountain Top, United States, ASN7183 (SALLIEMAE, US), Reverse DNS images.navient.com Software Microsoft-IIS/10.0 / Resource Hash 6dad9c9f0e5b33db980f6f47dbbdf08c4c785d29b053c51c46001cb1233e5c6f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.playclashroyale.xtendhealthcare.net/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Wed, 10 Apr 2024 09:51:41 GMT Strict-Transport-Security max-age=31536000; includeSubDomains; preload Last-Modified Fri, 01 Mar 2024 14:19:09 GMT Server Microsoft-IIS/10.0 ETag "2519fb6ce36bda1:0" Content-Type image/png Accept-Ranges bytes Content-Length 2616
GET H/1.1	200 OK	xtend-home-expertise.png images.navient.com/Xtend/web/	19 KB 19 KB	81ms 64ms	Image image/png	167.104.0.200 SALLIEMAE
General Check archive.org Show headers Download Go to Show image Full URL https://images.navient.com/Xtend/web/xtend-home-expertise.png Requested by Host: www.playclashroyale.xtendhealthcare.net URL: https://www.playclashroyale.xtendhealthcare.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 167.104.0.200 Mountain Top, United States, ASN7183 (SALLIEMAE, US), Reverse DNS images.navient.com Software Microsoft-IIS/10.0 / Resource Hash 9960d6ff897bb6589eda72cc8c8253a35c2945cb618897f3717a99ff3958bd83 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.playclashroyale.xtendhealthcare.net/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Wed, 10 Apr 2024 09:51:41 GMT Strict-Transport-Security max-age=31536000; includeSubDomains; preload Last-Modified Tue, 14 Dec 2021 13:37:47 GMT Server Microsoft-IIS/10.0 ETag "cce7c9c7eff0d71:0" Content-Type image/png Accept-Ranges bytes Content-Length 18959
GET H/1.1	200 OK	xtend-home-results.png images.navient.com/Xtend/web/	10 KB 10 KB	132ms 62ms	Image image/png	167.104.0.200 SALLIEMAE
General Check archive.org Show headers Download Go to Show image Full URL https://images.navient.com/Xtend/web/xtend-home-results.png Requested by Host: www.playclashroyale.xtendhealthcare.net URL: https://www.playclashroyale.xtendhealthcare.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 167.104.0.200 Mountain Top, United States, ASN7183 (SALLIEMAE, US), Reverse DNS images.navient.com Software Microsoft-IIS/10.0 / Resource Hash d762859efcd8205a20ca31e915400cc935e206ca1e829496db3dbb30ccbb8f2a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.playclashroyale.xtendhealthcare.net/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Wed, 10 Apr 2024 09:51:41 GMT Strict-Transport-Security max-age=31536000; includeSubDomains; preload Last-Modified Tue, 14 Dec 2021 13:37:47 GMT Server Microsoft-IIS/10.0 ETag "c45cdfc7eff0d71:0" Content-Type image/png Accept-Ranges bytes Content-Length 9932
GET H/1.1	200 OK	xtend-home-scale.png images.navient.com/Xtend/web/	12 KB 13 KB	113ms 62ms	Image image/png	167.104.0.200 SALLIEMAE
General Check archive.org Show headers Download Go to Show image Full URL https://images.navient.com/Xtend/web/xtend-home-scale.png Requested by Host: www.playclashroyale.xtendhealthcare.net URL: https://www.playclashroyale.xtendhealthcare.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 167.104.0.200 Mountain Top, United States, ASN7183 (SALLIEMAE, US), Reverse DNS images.navient.com Software Microsoft-IIS/10.0 / Resource Hash f564db7d092491f39ca71af9fe76db0ad8a898c230181108d99fe123bb44f28f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.playclashroyale.xtendhealthcare.net/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Wed, 10 Apr 2024 09:51:41 GMT Strict-Transport-Security max-age=31536000; includeSubDomains; preload Last-Modified Tue, 14 Dec 2021 13:37:47 GMT Server Microsoft-IIS/10.0 ETag "c45cdfc7eff0d71:0" Content-Type image/png Accept-Ranges bytes Content-Length 12617
GET H/1.1	200 OK	xtend-home-front.png images.navient.com/Xtend/web/	4 KB 4 KB	67ms 65ms	Image image/png	167.104.0.200 SALLIEMAE
General Check archive.org Show headers Download Go to Show image Full URL https://images.navient.com/Xtend/web/xtend-home-front.png Requested by Host: www.playclashroyale.xtendhealthcare.net URL: https://www.playclashroyale.xtendhealthcare.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 167.104.0.200 Mountain Top, United States, ASN7183 (SALLIEMAE, US), Reverse DNS images.navient.com Software Microsoft-IIS/10.0 / Resource Hash 708645bba8513251aca4608302a41aca675314f4fcb7f0cf874bb1b222bb171c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.playclashroyale.xtendhealthcare.net/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Wed, 10 Apr 2024 09:51:41 GMT Strict-Transport-Security max-age=31536000; includeSubDomains; preload Last-Modified Fri, 21 Jan 2022 18:23:37 GMT Server Microsoft-IIS/10.0 ETag "377bf1f4ed81:0" Content-Type image/png Accept-Ranges bytes Content-Length 3905
GET H/1.1	200 OK	xtend-home-middle.png images.navient.com/Xtend/web/	3 KB 4 KB	66ms 64ms	Image image/png	167.104.0.200 SALLIEMAE
General Check archive.org Show headers Download Go to Show image Full URL https://images.navient.com/Xtend/web/xtend-home-middle.png Requested by Host: www.playclashroyale.xtendhealthcare.net URL: https://www.playclashroyale.xtendhealthcare.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 167.104.0.200 Mountain Top, United States, ASN7183 (SALLIEMAE, US), Reverse DNS images.navient.com Software Microsoft-IIS/10.0 / Resource Hash 2829985e97efe31b5946748bf85a45f5838ef81de68699e7b2e69f0da6d43066 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.playclashroyale.xtendhealthcare.net/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Wed, 10 Apr 2024 09:51:41 GMT Strict-Transport-Security max-age=31536000; includeSubDomains; preload Last-Modified Fri, 21 Jan 2022 18:23:37 GMT Server Microsoft-IIS/10.0 ETag "f1cbc31f4ed81:0" Content-Type image/png Accept-Ranges bytes Content-Length 3416
GET H/1.1	200 OK	xtend-home-back.png images.navient.com/Xtend/web/	6 KB 6 KB	68ms 66ms	Image image/png	167.104.0.200 SALLIEMAE
General Check archive.org Show headers Download Go to Show image Full URL https://images.navient.com/Xtend/web/xtend-home-back.png Requested by Host: www.playclashroyale.xtendhealthcare.net URL: https://www.playclashroyale.xtendhealthcare.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 167.104.0.200 Mountain Top, United States, ASN7183 (SALLIEMAE, US), Reverse DNS images.navient.com Software Microsoft-IIS/10.0 / Resource Hash 9e12af06fb007b497ec04ef141f86b69fc6e26e58b31e337c0e20befe7a1576f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.playclashroyale.xtendhealthcare.net/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Wed, 10 Apr 2024 09:51:41 GMT Strict-Transport-Security max-age=31536000; includeSubDomains; preload Last-Modified Fri, 21 Jan 2022 18:23:37 GMT Server Microsoft-IIS/10.0 ETag "e9a4bc1f4ed81:0" Content-Type image/png Accept-Ranges bytes Content-Length 5711
GET H2	200	snippet.js Show response static.zdassets.com/ekr/	10 KB 5 KB	628ms 47ms	Script application/javascript	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/ekr/snippet.js?key=2d6a5253-bb18-4590-b896-19e8a3ce1374 Requested by Host: www.playclashroyale.xtendhealthcare.net URL: https://www.playclashroyale.xtendhealthcare.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f Security Headers Name Value Strict-Transport-Security max-age=0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.playclashroyale.xtendhealthcare.net/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 10 Apr 2024 09:51:42 GMT x-amz-version-id sR7NItkX1i3nKckB5vEat7T2DUmPnRiJ content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id ATPJN2BBRNAVEP8C age 52 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 yZSnXp5joC1jEUcdstI6JJxXe+57NDQVrgC8bP2Gtlxd0OKsnfmbb0FPfdOCVjDBGs07rFDX82g= last-modified Mon, 15 Jan 2024 02:56:11 GMT server cloudflare etag W/"c0053b411b753138af468db1bd3b19f3" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HfedHQqymym6oc9P2wX0qRnUhuUTTgnK%2BVLVA4HuiteKaYo0hLbbJ%2BKMZAXPz139emftg8ze%2Fv0InTAvmH2oGYSUgknO%2B9vwk6ntbX86Eq5%2BGE8dTQSMKLYKGf7lgHMnVQxjs2M%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * access-control-allow-methods GET, HEAD cache-control public, max-age=3600, s-maxage=60 access-control-max-age 0 cf-ray 8721d700cefbda7f-MIA access-control-allow-headers *
GET H2	200	gtm.js Show response www.googletagmanager.com/	223 KB 79 KB	610ms 102ms	Script application/javascript	2607:f8b0:4006:824::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-N2J5L6F Requested by Host: www.playclashroyale.xtendhealthcare.net URL: https://www.playclashroyale.xtendhealthcare.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:824::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 76be00ee4c3743aa1dce2cd68dd547bb7c28fd0d3ef826d7c3e69fdef5ce65f2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.playclashroyale.xtendhealthcare.net/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 10 Apr 2024 09:51:42 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 80846 x-xss-protection 0 last-modified Wed, 10 Apr 2024 09:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 10 Apr 2024 09:51:42 GMT
GET H2	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/	499 KB 199 KB	571ms 63ms	Script text/javascript	2607:f8b0:4006:817::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8f2c6777c7ccc01ab67290fa8acd5a4c4866be64129f39dfaeb9197dfa15e137 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.playclashroyale.xtendhealthcare.net/ Origin https://www.playclashroyale.xtendhealthcare.net accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 10 Apr 2024 07:44:53 GMT content-encoding gzip x-content-type-options nosniff age 7609 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 203369 x-xss-protection 0 last-modified Fri, 29 Mar 2024 04:30:36 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 10 Apr 2025 07:44:53 GMT
GET H/1.1	200 OK	Duncan-Solutions_Logo-icon.png images.navient.com/Navient/web/	3 KB 3 KB	62ms 62ms	Image image/png	167.104.0.200 SALLIEMAE
General Check archive.org Show headers Download Go to Show image Full URL https://images.navient.com/Navient/web/Duncan-Solutions_Logo-icon.png Requested by Host: www.playclashroyale.xtendhealthcare.net URL: https://www.playclashroyale.xtendhealthcare.net/assets/css/main.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 167.104.0.200 Mountain Top, United States, ASN7183 (SALLIEMAE, US), Reverse DNS images.navient.com Software Microsoft-IIS/10.0 / Resource Hash 457144e9e938e551ebb3a0e04eb80bf005216659dd3c211651ede4e24b48f1ff Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.playclashroyale.xtendhealthcare.net/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Wed, 10 Apr 2024 09:51:41 GMT Strict-Transport-Security max-age=31536000; includeSubDomains; preload Last-Modified Thu, 23 Jul 2020 14:41:12 GMT Server Microsoft-IIS/10.0 ETag "696acc4fff60d61:0" Content-Type image/png Accept-Ranges bytes Content-Length 3021
GET H2	200	S6u9w4BMUTPHh6UVSwiPGQ.woff2 fonts.gstatic.com/s/lato/v24/	23 KB 23 KB	608ms 125ms	Font font/woff2	2607:f8b0:4006:817::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;1,400;1,700&family=Barlow+Semi+Condensed:ital,wght@0,400;0,500;0,600;1,400;1,500&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://fonts.googleapis.com/ Origin https://www.playclashroyale.xtendhealthcare.net accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 10 Apr 2024 07:50:02 GMT x-content-type-options nosniff age 7300 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23040 x-xss-protection 0 last-modified Tue, 02 May 2023 15:07:25 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 10 Apr 2025 07:50:02 GMT
GET H/1.1	200 OK	glyphicons-halflings-regular.woff2 www.playclashroyale.xtendhealthcare.net/assets/fonts/	18 KB 18 KB	66ms 65ms	Font application/font-woff2	167.104.0.66 SALLIEMAE
General Check archive.org Show headers Download Go to Full URL https://www.playclashroyale.xtendhealthcare.net/assets/fonts/glyphicons-halflings-regular.woff2 Requested by Host: www.playclashroyale.xtendhealthcare.net URL: https://www.playclashroyale.xtendhealthcare.net/assets/css/bootstrap.min.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 167.104.0.66 Mountain Top, United States, ASN7183 (SALLIEMAE, US), Reverse DNS xtendservices.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.playclashroyale.xtendhealthcare.net/assets/css/bootstrap.min.css Origin https://www.playclashroyale.xtendhealthcare.net accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload Date Wed, 10 Apr 2024 09:51:41 GMT Last-Modified Tue, 18 Jul 2023 15:17:04 GMT Server Microsoft-IIS/10.0 ETag "09869e88ab9d91:0" X-Powered-By ASP.NET Content-Type application/font-woff2 Accept-Ranges bytes Content-Length 18028
GET H2	200	S6uyw4BMUTPHjx4wXg.woff2 fonts.gstatic.com/s/lato/v24/	23 KB 24 KB	546ms 64ms	Font font/woff2	2607:f8b0:4006:817::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;1,400;1,700&family=Barlow+Semi+Condensed:ital,wght@0,400;0,500;0,600;1,400;1,500&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://fonts.googleapis.com/ Origin https://www.playclashroyale.xtendhealthcare.net accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 10 Apr 2024 09:03:58 GMT x-content-type-options nosniff age 2864 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23580 x-xss-protection 0 last-modified Tue, 02 May 2023 15:17:22 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 10 Apr 2025 09:03:58 GMT
GET H/1.1	200 OK	fa-solid-900.woff2 www.playclashroyale.xtendhealthcare.net/assets/font-awesome/webfonts/	57 KB 57 KB	64ms 63ms	Font application/font-woff2	167.104.0.66 SALLIEMAE
General Check archive.org Show headers Download Go to Full URL https://www.playclashroyale.xtendhealthcare.net/assets/font-awesome/webfonts/fa-solid-900.woff2 Requested by Host: www.playclashroyale.xtendhealthcare.net URL: https://www.playclashroyale.xtendhealthcare.net/assets/font-awesome/css/fontawesome-all.min.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 167.104.0.66 Mountain Top, United States, ASN7183 (SALLIEMAE, US), Reverse DNS xtendservices.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 02ac0b348abf36a9ff6dbbfaa1920fa896768c48028cf92103826749c5e643f5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.playclashroyale.xtendhealthcare.net/assets/font-awesome/css/fontawesome-all.min.css Origin https://www.playclashroyale.xtendhealthcare.net accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload Date Wed, 10 Apr 2024 09:51:41 GMT Last-Modified Tue, 18 Jul 2023 15:17:04 GMT Server Microsoft-IIS/10.0 ETag "09869e88ab9d91:0" X-Powered-By ASP.NET Content-Type application/font-woff2 Accept-Ranges bytes Content-Length 58240
GET H/1.1	200 OK	fa-brands-400.woff2 www.playclashroyale.xtendhealthcare.net/assets/font-awesome/webfonts/	54 KB 54 KB	66ms 66ms	Font application/font-woff2	167.104.0.66 SALLIEMAE
General Check archive.org Show headers Download Go to Full URL https://www.playclashroyale.xtendhealthcare.net/assets/font-awesome/webfonts/fa-brands-400.woff2 Requested by Host: www.playclashroyale.xtendhealthcare.net URL: https://www.playclashroyale.xtendhealthcare.net/assets/font-awesome/css/fontawesome-all.min.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 167.104.0.66 Mountain Top, United States, ASN7183 (SALLIEMAE, US), Reverse DNS xtendservices.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 71a8a4650af2470f3b5b5ea348e8ac3fbe98741d02a56e98d7cebe113f4069f3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.playclashroyale.xtendhealthcare.net/assets/font-awesome/css/fontawesome-all.min.css Origin https://www.playclashroyale.xtendhealthcare.net accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload Date Wed, 10 Apr 2024 09:51:41 GMT Last-Modified Tue, 18 Jul 2023 15:17:04 GMT Server Microsoft-IIS/10.0 ETag "09869e88ab9d91:0" X-Powered-By ASP.NET Content-Type application/font-woff2 Accept-Ranges bytes Content-Length 55136
GET H/1.1	206 Partial Content	xtend-home-hero.mp4 images.navient.com/xtend/media/	7 MB 0	64ms 63ms	Media video/mp4	167.104.0.200 SALLIEMAE
General Check archive.org Show headers Download Go to Full URL https://images.navient.com/xtend/media/xtend-home-hero.mp4 Requested by Host: www.playclashroyale.xtendhealthcare.net URL: https://www.playclashroyale.xtendhealthcare.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 167.104.0.200 Mountain Top, United States, ASN7183 (SALLIEMAE, US), Reverse DNS images.navient.com Software Microsoft-IIS/10.0 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Accept-Encoding identity;q=1, *;q=0 accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Referer https://www.playclashroyale.xtendhealthcare.net/ Range bytes=0- sec-ch-ua-platform "Win32" Response headers Date Wed, 10 Apr 2024 09:51:41 GMT Strict-Transport-Security max-age=31536000; includeSubDomains; preload Last-Modified Mon, 27 Dec 2021 21:47:26 GMT Server Microsoft-IIS/10.0 ETag "6da46b566bfbd71:0" Content-Type video/mp4 Content-Range bytes 0-10007461/10007462 Accept-Ranges bytes Content-Length 10007462
GET H2	200	2d6a5253-bb18-4590-b896-19e8a3ce1374 Show response ekr.zdassets.com/compose/	1006 B 1 KB	503ms 417ms	Fetch application/json	104.18.72.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ekr.zdassets.com/compose/2d6a5253-bb18-4590-b896-19e8a3ce1374 Requested by Host: static.zdassets.com URL: https://static.zdassets.com/ekr/snippet.js?key=2d6a5253-bb18-4590-b896-19e8a3ce1374 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2f52d0ea25b0a1eb3819ab83472b3f72e67135bdc3a080c0ef3e4023c59aafe6 Security Headers Name Value Strict-Transport-Security max-age=0 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.playclashroyale.xtendhealthcare.net/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 10 Apr 2024 09:51:42 GMT strict-transport-security max-age=0 x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-permitted-cross-domain-policies none content-encoding br cdn-cache-control max-age=60 x-xss-protection 1; mode=block x-request-id 8721d701bfe7a527-SEA, 8721d701bfe7a527-SEA x-runtime 0.010590 referrer-policy strict-origin-when-cross-origin server cloudflare etag W/"2f52d0ea25b0a1eb3819ab83472b3f72" x-download-options noopen x-frame-options SAMEORIGIN access-control-max-age 7200 access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vgte85Ebno7V5zjeyzcMPdzqABfCU6YgrXBDmSUACoh6HoNrP01yrcbpdrQ82fPx8SLJ1qQmRGaHHLmptKExY05%2Fz8tPUUoVcv6PX48ADTyzBKu%2Fs7dvp%2BwSukYcnq%2FCGCQ%3D"}],"group":"cf-nel","max_age":604800} access-control-expose-headers vary Accept, Origin, Accept-Encoding cache-control max-age=300, public, stale-while-revalidate=300, stale-if-error=21600 content-type application/json; charset=utf-8 x-zendesk-zorg yes cf-ray 8721d701bfe7a527-MIA
GET H3	200	cse_element__en.js Show response www.google.com/cse/static/element/8435450f13508ca1/	318 KB 106 KB	80ms 80ms	Script text/javascript	142.250.64.68 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/cse/static/element/8435450f13508ca1/cse_element__en.js?usqp=CAI%3D Requested by Host: cse.google.com URL: https://cse.google.com/cse.js?cx=37665cbb3ff464545 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.64.68 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s30-in-f4.1e100.net Software sffe / Resource Hash 1c8cc3cef0d65c2d9912b24f27bd2f42a79d10be8e00439562a3984f90f05bdd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.playclashroyale.xtendhealthcare.net/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 10 Apr 2024 09:51:42 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 108214 x-xss-protection 0 last-modified Wed, 10 Jan 2024 16:43:07 GMT server sffe vary Accept-Encoding report-to {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]} content-type text/javascript cache-control private, max-age=31536000 accept-ranges bytes link <https://www.adsensecustomsearchads.com>; rel="preconnect" cross-origin-opener-policy-report-only same-origin; report-to="prose-team" expires Wed, 10 Apr 2024 09:51:42 GMT
GET H3	200	default+en.css www.google.com/cse/static/element/8435450f13508ca1/	41 KB 9 KB	81ms 80ms	Stylesheet text/css	142.250.64.68 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/cse/static/element/8435450f13508ca1/default+en.css Requested by Host: cse.google.com URL: https://cse.google.com/cse.js?cx=37665cbb3ff464545 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.64.68 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s30-in-f4.1e100.net Software sffe / Resource Hash a5402de70228d4bf5379b518225b702918f6ae277e9293f9d16334c2b1fa31e3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.playclashroyale.xtendhealthcare.net/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 10 Apr 2024 09:51:42 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9068 x-xss-protection 0 last-modified Wed, 10 Jan 2024 16:43:07 GMT server sffe vary Accept-Encoding report-to {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]} content-type text/css cache-control private, max-age=31536000 accept-ranges bytes link <https://www.adsensecustomsearchads.com>; rel="preconnect" cross-origin-opener-policy-report-only same-origin; report-to="prose-team" expires Wed, 10 Apr 2024 09:51:42 GMT
GET H3	200	minimalist.css www.google.com/cse/static/style/look/v4/	5 KB 1 KB	63ms 62ms	Stylesheet text/css	142.250.64.68 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/cse/static/style/look/v4/minimalist.css Requested by Host: cse.google.com URL: https://cse.google.com/cse.js?cx=37665cbb3ff464545 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.64.68 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s30-in-f4.1e100.net Software sffe / Resource Hash e5867ad740bc719bf1309b5f65537b7ba69f2cba5e9a193679859542d1bc7f95 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.playclashroyale.xtendhealthcare.net/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 10 Apr 2024 09:41:55 GMT content-encoding gzip x-content-type-options nosniff age 587 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1452 x-xss-protection 0 last-modified Mon, 25 May 2020 08:30:00 GMT server sffe vary Accept-Encoding report-to {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]} content-type text/css cache-control public, max-age=3000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="prose-team" expires Wed, 10 Apr 2024 10:31:55 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	259ms 61ms	Script text/javascript	2607:f8b0:4006:80d::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-N2J5L6F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80d::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.playclashroyale.xtendhealthcare.net/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Wed, 10 Apr 2024 08:06:53 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 6289 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Wed, 10 Apr 2024 10:06:53 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	277 KB 94 KB	100ms 99ms	Script application/javascript	2607:f8b0:4006:824::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-M0VZCDGNJJ&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-N2J5L6F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:824::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 0e015e80737aadd639cfd1e475885d968bb477f2a46448e4fb8fba6479242d89 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.playclashroyale.xtendhealthcare.net/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 10 Apr 2024 09:51:42 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 96556 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 10 Apr 2024 09:51:42 GMT
GET H2	200	42917000.js Show response js-na1.hs-scripts.com/	1 KB 1 KB	223ms 46ms	Script application/javascript	2606:4700::6810:89d1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-na1.hs-scripts.com/42917000.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-N2J5L6F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:89d1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9bdcaa1e09ca2519e18569a518d146b6bf8dc46f0061e0657102b8f8b1a43017 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.playclashroyale.xtendhealthcare.net/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 10 Apr 2024 09:51:42 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT x-hubspot-correlation-id a44b1d70-89cc-4b2b-878c-db1a2a994aa0 x-evy-trace-route-service-name envoyset-translator cf-polished origSize=1521 age 2845 x-envoy-upstream-service-time 16 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id a44b1d70-89cc-4b2b-878c-db1a2a994aa0 cf-bgj minify last-modified Wed, 10 Apr 2024 09:04:17 GMT server cloudflare access-control-max-age 3600 vary origin, Accept-Encoding content-type application/javascript;charset=utf-8 access-control-allow-origin https://www.nordstand.xtendhealthcare.net x-evy-trace-served-by-pod iad02/hubapi-td/envoy-proxy-697677dfc-hbrrl x-evy-trace-virtual-host all access-control-allow-credentials true cf-ray 8721d7043f68db1d-MIA
GET H2	200	async-ads.js Show response cse.google.com/adsense/search/	138 KB 51 KB	84ms 82ms	Script text/javascript	2607:f8b0:4006:822::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cse.google.com/adsense/search/async-ads.js Requested by Host: www.google.com URL: https://www.google.com/cse/static/element/8435450f13508ca1/cse_element__en.js?usqp=CAI%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b4fc267cea370a8075bd97f82362ee8fe6f099d6f57bb21aa347f0d88dd6a67d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.playclashroyale.xtendhealthcare.net/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 10 Apr 2024 09:51:42 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="ads-afs-ui" etag "10517482171271296146" vary Accept-Encoding report-to {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]} content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 accept-ranges bytes link <https://syndicatedsearch.goog>; rel="preconnect" expires Wed, 10 Apr 2024 09:51:42 GMT
GET H2	204	generate_204 clients1.google.com/	0 117 B	229ms 65ms	Image text/plain	2607:f8b0:4006:821::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://clients1.google.com/generate_204 Requested by Host: www.playclashroyale.xtendhealthcare.net URL: https://www.playclashroyale.xtendhealthcare.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.playclashroyale.xtendhealthcare.net/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 10 Apr 2024 09:51:42 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
POST H2	204	collect www.google-analytics.com/g/	0 188 B	79ms 78ms	Ping text/plain	2607:f8b0:4006:80d::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-M0VZCDGNJJ&gtm=45je4480v881681652z8857355271za200&_p=1712742701292&gcd=13l3l3l3l1&npa=0&dma=0&cid=1643498009.1712742703&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&dl=https%3A%2F%2Fwww.playclashroyale.xtendhealthcare.net%2F&sid=1712742702&sct=1&seg=0&dt=Home%20%7C%20Xtend%20Healthcare&en=page_view&_fv=1&_nsi=1&_ss=1&ep.client_id_string=sundefined&ep.gtm_container_id=GTM-N2J5L6F&ep.gtm_container_version=8&ep.logged_in=unidentified&ep.user_agent_string=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F123.0.0.0%20Safari%2F537.36&epn.user_timezone_offset=-10&ep.clean_page_path=%2F&ep.gtm_tag_name=GA4%20-%20Page%20View&tfd=2214 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-M0VZCDGNJJ&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80d::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.playclashroyale.xtendhealthcare.net/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Wed, 10 Apr 2024 09:51:42 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.playclashroyale.xtendhealthcare.net cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	web-widget-main-0a93784.js Show response static.zdassets.com/web_widget/classic/latest/ Frame E0F1	969 KB 275 KB	62ms 50ms	Script application/javascript	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/classic/latest/web-widget-main-0a93784.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/ekr/snippet.js?key=2d6a5253-bb18-4590-b896-19e8a3ce1374 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0299fe3b788b70b13c94cda8b38542f2ab16bec27ed26b34295412f615c80e48 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 10 Apr 2024 09:51:42 GMT x-amz-version-id 3oJXdytUit8PgRNqRqrZ9axhMjDX3lS4 content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id FK0N3DZ4SERMX260 age 90464 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 aWsMQUbhGQM+t1MuJTN+MgUqEiGBxau+i2MwW8xoFbbZ6qntkil3pFFXAdsM4bzWV8EKD+hVNJl+IipNnIou5Q== last-modified Wed, 03 Apr 2024 10:26:50 GMT server cloudflare etag W/"7d57cf2646a5abfa9b3c6fbf907250a9" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kMJHP41c7g14w0AjmcfkUv4u%2FZ4hB%2BgBJ1a3XO0%2BsoFsozlNmflvKP8vodRvJmdt74O5gd4UkbBJ%2FdG7Te5%2BjGxmmDdh5Yif2UGAXNXWlfcimC1xWXQcFRrHWHafUfrbHC3WF%2FE%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-allow-methods GET, HEAD cache-control public, max-age=31536000 access-control-max-age 0 cf-ray 8721d7054a59da7f-MIA access-control-allow-headers * expires Thu, 03 Apr 2025 10:26:49 GMT
GET H2	200	42917000.js Show response js.hs-analytics.net/analytics/1712739600000/	68 KB 22 KB	177ms 90ms	Script text/javascript	2606:4700::6810:4fba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-analytics.net/analytics/1712739600000/42917000.js Requested by Host: js-na1.hs-scripts.com URL: https://js-na1.hs-scripts.com/42917000.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:4fba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 812901a9095ec894ab8eb7c15f1f5365ec7b1e38ebdac8bddebb05f60cf69323 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.playclashroyale.xtendhealthcare.net/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 10 Apr 2024 09:51:43 GMT x-amz-version-id null content-encoding br cf-cache-status REVALIDATED x-amz-request-id BEZNJK97H5A8KKS5 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id c41a016e-95d7-4251-9cb2-a29e544b6eaa x-envoy-upstream-service-time 49 x-amz-id-2 UwUzpoxBX4rt03ujryps7e9sjzvE4Rk6jKWgq36D/iLiy3fVL97U5i/tCPZcHvLoO6LqDNorADg= x-evy-trace-listener listener_https x-request-id c41a016e-95d7-4251-9cb2-a29e544b6eaa x-evy-trace-route-configuration listener_https/all last-modified Fri, 05 Apr 2024 20:13:42 GMT server cloudflare etag W/"37b0d7e26cc31a732115c93c51e37d7d" vary origin, Accept-Encoding content-type text/javascript x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/analytics-js-proxy-td/envoy-proxy-6685c9958f-jg42k cache-control max-age=300,public access-control-allow-credentials false cf-ray 8721d705ca5c9ae9-MIA expires Wed, 10 Apr 2024 09:56:43 GMT
GET H2	200	collectedforms.js Show response js.hscollectedforms.net/	69 KB 25 KB	178ms 66ms	Script application/javascript	2606:4700::6810:6efe CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hscollectedforms.net/collectedforms.js Requested by Host: js-na1.hs-scripts.com URL: https://js-na1.hs-scripts.com/42917000.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:6efe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 558e9f2d852ad9a343cfa2b6343e53b6080dae149933e04da166f597696a072d Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.playclashroyale.xtendhealthcare.net/ Origin https://www.playclashroyale.xtendhealthcare.net accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 10 Apr 2024 09:51:43 GMT x-amz-version-id TBuW8j2Zg4wDwUJfaxQJP8dPtvRalswh via 1.1 c13d71f8919c23db6bbd1c08a4dfb350.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status MISS x-amz-cf-pop IAD12-P3 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id 9a3ded00-4d19-4c02-989e-b02d37616724 content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.487/bundles/project.js&cfRay=8721d705fbee5f1f-MIA x-cache Hit from cloudfront cache-tag staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod content-encoding br x-envoy-upstream-service-time 0 x-amz-replication-status COMPLETED x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 9a3ded00-4d19-4c02-989e-b02d37616724 last-modified Thu, 28 Mar 2024 11:43:17 UTC server cloudflare etag W/"d1b5d702ce4c8385e7f9e088139af398" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * x-evy-trace-virtual-host all x-hs-cache-status HIT cache-control s-maxage=600, max-age=300 x-evy-trace-served-by-pod iad02/app-td/envoy-proxy-68b7f7fbff-xzfkt cf-ray 8721d705fbee5f1f-MIA x-amz-cf-id 5fqzHJm21qJL9wpscDonLvMsdr0ER00-9aDH-kfBScYJMJHC5rbgIA== x-hs-target-asset collected-forms-embed-js/static-1.487/bundles/project.js
GET H2	200	banner.js Show response js.hs-banner.com/v2/42917000/	71 KB 23 KB	228ms 133ms	Script text/javascript	2606:4700:4400::ac40:991b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-banner.com/v2/42917000/banner.js Requested by Host: js-na1.hs-scripts.com URL: https://js-na1.hs-scripts.com/42917000.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 84e398a45b919d3c4c0df630c86237b46db6304817a31efd13334568bcf25b85 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.playclashroyale.xtendhealthcare.net/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 10 Apr 2024 09:51:43 GMT x-amz-version-id 8ngMHMUZLV77WDTSW5rsEFl7gxxN8L4w content-encoding br cf-cache-status REVALIDATED x-amz-request-id JY3VXSAEQ1FA2PT3 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id 084a1201-62c1-414e-a709-f37f31d8ca7d x-envoy-upstream-service-time 77 x-amz-id-2 MjaWsPJ/voW/24p3quJTX/YOArvzwqK1SSHCtoTLddyORP0IAH50ljO1wQtOIDgEuxhZHIjZeCc= x-evy-trace-listener listener_https x-request-id 084a1201-62c1-414e-a709-f37f31d8ca7d x-evy-trace-route-configuration listener_https/all last-modified Tue, 09 Apr 2024 22:27:29 GMT server cloudflare etag W/"509f400afad0e0078fd44bfa415990f5" access-control-max-age 604800 access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type text/javascript; charset=UTF-8 access-control-allow-origin https://xtendhealthcare.net x-evy-trace-virtual-host all access-control-expose-headers x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing cache-control max-age=300,public access-control-allow-credentials true x-evy-trace-served-by-pod iad02/analytics-js-proxy-td/envoy-proxy-6685c9958f-fp48c vary origin, Accept-Encoding timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id cf-ray 8721d705db31a4c7-MIA expires Wed, 10 Apr 2024 09:56:43 GMT
GET H2	200	linkid.js Show response www.google-analytics.com/plugins/ua/	2 KB 1 KB	64ms 62ms	Script text/javascript	2607:f8b0:4006:80d::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/plugins/ua/linkid.js Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80d::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.playclashroyale.xtendhealthcare.net/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 10 Apr 2024 09:28:27 GMT content-encoding br x-content-type-options nosniff age 1395 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 697 x-xss-protection 0 last-modified Fri, 30 Jun 2023 18:58:00 GMT server sffe vary Accept-Encoding report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Wed, 10 Apr 2024 10:28:27 GMT
GET H2	200	en-us-json-0a93784.js Show response static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame E0F1	25 KB 6 KB	53ms 48ms	Script application/javascript	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-0a93784.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-0a93784.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e Security Headers Name Value Strict-Transport-Security max-age=0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 10 Apr 2024 09:51:43 GMT x-amz-version-id qxY6R5IY51tjnVPX4zNFeYVwMSskvqXk content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id FK0XYG8M7ZPR8Z0E age 90463 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 YiQXs9uOeEOWI96q7KDzBBQAo9N/EfMD6IzIeKjhxkuu6ZGFKVQKfc/Ok6yB4gubTH58k6vPR9ZzoR7m9visMw== last-modified Wed, 03 Apr 2024 10:26:52 GMT server cloudflare etag W/"6eb45e96a7cbb4b8ca10897f3cf09981" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fe%2BSXqryq%2BcLK3XQ7eptLVbYEKv3e%2FBvD336UFY9HZkdoNM1Ap0GnBWwNG5f%2BgNrMIg9TwpeNnO506eYruV4pXYq47Wln5EQpUidvkRNYqvkz69%2FWnxcv25v9UmTRWLZkjwhi4Y%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-allow-methods GET, HEAD cache-control public, max-age=31536000 access-control-max-age 0 cf-ray 8721d707cbf1da7f-MIA access-control-allow-headers * expires Thu, 03 Apr 2025 10:26:51 GMT
GET H2	200	config Show response businessdevelopment.zendesk.com/embeddable/ Frame E0F1	623 B 1 KB	654ms 138ms	Fetch application/json	104.16.53.111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://businessdevelopment.zendesk.com/embeddable/config Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-0a93784.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 34406d5ca264b541e309459e3dc212cda5e8ea44af27482dadc3f5cd2d00cb64 Security Headers Name Value Strict-Transport-Security max-age=259200; Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 10 Apr 2024 09:51:43 GMT strict-transport-security max-age=259200; content-encoding br cf-cache-status REVALIDATED nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-zendesk-origin-server embeddable-app-server-66b4fdb76c-q9p5d x-cached MISS x-runtime 0.027988 server cloudflare etag W/"34406d5ca264b541e309459e3dc212cd" vary Accept, Origin, Accept-Encoding access-control-max-age 7200 access-control-allow-methods GET access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aJOjWwi%2B5VXbzyLqiQTo9iYqQP9ukVde41dQjRRUTyGZd1X3c8up9RjmfXsfn4GfOMW4ipstQBE8snbyQ0AcKZ8uNf9gMI1hDQVYfUoldo5gwLdssedpAAsP1nnTvRjy1txaIpozcVa2KKjKoaogyss%3D"}],"group":"cf-nel","max_age":604800} access-control-expose-headers cache-control max-age=60, public, stale-while-revalidate=600, stale-if-error=3600 content-type application/json; charset=utf-8 cf-ray 8721d70b0b528daf-MIA
GET H2	200	json Show response forms.hscollectedforms.net/collected-forms/v1/config/	116 B 451 B	103ms 85ms	XHR application/json	2606:4700::6810:6efe CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=42917000&utk= Requested by Host: js.hscollectedforms.net URL: https://js.hscollectedforms.net/collectedforms.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:6efe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1495d2fd2deb134c5e8c26f03e9a532ca7fc4c59632a944e98328052fc122f9a Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Accept application/json, text/plain, */* Referer https://www.playclashroyale.xtendhealthcare.net/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 10 Apr 2024 09:51:43 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id a0927cfc-957a-492b-b61c-b6c072edf7bd x-envoy-upstream-service-time 10 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id a0927cfc-957a-492b-b61c-b6c072edf7bd server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type application/json;charset=utf-8 access-control-allow-origin https://www.playclashroyale.xtendhealthcare.net x-evy-trace-virtual-host all cache-control max-age=0 x-evy-trace-served-by-pod iad02/app-td/envoy-proxy-68b7f7fbff-trtck access-control-max-age 180 x-robots-tag none access-control-allow-headers * cf-ray 8721d7084d945f1f-MIA
GET H2	200	__ptq.gif track.hubspot.com/	45 B 1 KB	509ms 92ms	Image image/gif	2606:4700::6810:7674 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track.hubspot.com/__ptq.gif?k=1&sd=800x600&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2689166750&v=1.1&a=42917000&rcu=https%3A%2F%2Fxtendhealthcare.net%2F&pu=https%3A%2F%2Fwww.playclashroyale.xtendhealthcare.net%2F&t=Home+%7C+Xtend+Healthcare&cts=1712742703399&vi=9893a7607cd6409afe82b86a5f56b663&nc=true&u=246354587.9893a7607cd6409afe82b86a5f56b663.1712742703394.1712742703394.1712742703394.1&b=246354587.1.1712742703394&cc=15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.playclashroyale.xtendhealthcare.net/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 10 Apr 2024 09:51:43 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 131735fa-fd14-4876-9e12-ded159efe9ab p3p CP="NOI CUR ADM OUR NOR STA NID" x-envoy-upstream-service-time 10 content-length 45 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 131735fa-fd14-4876-9e12-ded159efe9ab server cloudflare vary origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Btq8WPR9wbZGJ9mhcSiF7dD%2FMmlpURZKSvdBvkruRAR65YS7Vt9L0qQ%2FBPIGzCBWM%2BdCc2UNxepoPOXy8ehG3KwscaHdm%2FM0G3xg5RkraUTTexkZEyKkmrm0hRWcvkyNDUP4zSSzkR2OKV9bZ2Sk"}],"group":"cf-nel","max_age":604800} content-type image/gif x-evy-trace-served-by-pod iad02/analytics-tracking-td/envoy-proxy-76d96f8b5d-zdnck x-evy-trace-virtual-host all cache-control no-cache, no-store, no-transform access-control-allow-credentials false cf-ray 8721d70b0a3067b6-MIA x-robots-tag none
GET H3	200	counters.gif forms.hsforms.com/embed/v3/	35 B 884 B	148ms 89ms	Image image/gif	104.18.192.125 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=2 Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.192.125 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.playclashroyale.xtendhealthcare.net/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 10 Apr 2024 09:51:43 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id c275d565-ca5d-423e-bafb-89e3f51110a5 x-envoy-upstream-service-time 18 alt-svc h3=":443"; ma=86400 content-length 35 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id c275d565-ca5d-423e-bafb-89e3f51110a5 server cloudflare vary origin content-type image/gif x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/star-hubspot-td/envoy-proxy-9fd6b4b-vfbrb access-control-expose-headers X-Origin-Hublet cache-control max-age=0, no-cache, no-store access-control-allow-credentials false x-robots-tag none cf-ray 8721d70bae2225a7-MIA
GET H/1.1	200 OK	favicon.ico www.playclashroyale.xtendhealthcare.net/	15 KB 15 KB	69ms 68ms	Other image/x-icon	167.104.0.66 SALLIEMAE
General Check archive.org Show headers Download Go to Full URL https://www.playclashroyale.xtendhealthcare.net/favicon.ico Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 167.104.0.66 Mountain Top, United States, ASN7183 (SALLIEMAE, US), Reverse DNS xtendservices.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 3f3b091b5b7d353793fa55ca4be3dfe51b1356070b6371d03b5306fa89d42bdf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.playclashroyale.xtendhealthcare.net/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload Date Wed, 10 Apr 2024 09:51:43 GMT Last-Modified Tue, 18 Jul 2023 15:17:04 GMT Server Microsoft-IIS/10.0 ETag "09869e88ab9d91:0" X-Powered-By ASP.NET Content-Type image/x-icon Accept-Ranges bytes Content-Length 15406