Submitted URL: https://medicaidrecoveries.com/wp-admin/knol/santanew/cuenta.php/
Effective URL: https://medicaidrecoveries.com/
Submission: On January 10 via api from US — Scanned from DE

Summary

This website contacted 20 IPs in 3 countries across 14 domains to perform 79 HTTP transactions. The main IP is 34.74.92.138, located in North Charleston, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is medicaidrecoveries.com.
TLS certificate: Issued by R3 on January 2nd 2024. Valid for: 3 months.
This is the only time medicaidrecoveries.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 14 34.74.92.138 396982 (GOOGLE-CL...)
3 2400:52e0:1e0... 200325 (BUNNYCDN)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:e2:... 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
2 2620:1ec:bdf::45 8075 (MICROSOFT...)
8 2a02:6ea0:c70... 60068 (CDN77 ^_^)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
3 104.211.35.148 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:1f14:5db... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
4 2a00:1450:400... 15169 (GOOGLE)
79 20
Apex Domain
Subdomains
Transfer
14 medicaidrecoveries.com
medicaidrecoveries.com
2 MB
13 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 659
231 KB
11 googlesyndication.com
1f19969bf916735ba55fab9e02d015a0.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 185
pagead2.googlesyndication.com — Cisco Umbrella Rank: 140
53 KB
9 userway.org
cdn.userway.org — Cisco Umbrella Rank: 7457
api.userway.org — Cisco Umbrella Rank: 6974
cdn77.api.userway.org — Cisco Umbrella Rank: 10657
61 KB
8 gstatic.com
fonts.gstatic.com
maps.gstatic.com
240 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1280
y.clarity.ms — Cisco Umbrella Rank: 12607
c.clarity.ms — Cisco Umbrella Rank: 2579
28 KB
6 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269
191 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
region1.google-analytics.com — Cisco Umbrella Rank: 1695
21 KB
3 wpmucdn.com
hb.wpmucdn.com — Cisco Umbrella Rank: 87729
46 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 6
3 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
146 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 539
762 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 271
65 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1888
247 KB
79 14
Domain Requested by
14 medicaidrecoveries.com 1 redirects medicaidrecoveries.com
hb.wpmucdn.com
13 maps.googleapis.com www.google.com
maps.googleapis.com
medicaidrecoveries.com
6 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
6 fonts.gstatic.com medicaidrecoveries.com
6 cdn.userway.org medicaidrecoveries.com
cdn.userway.org
6 securepubads.g.doubleclick.net medicaidrecoveries.com
securepubads.g.doubleclick.net
www.googletagservices.com
4 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 y.clarity.ms www.clarity.ms
3 hb.wpmucdn.com medicaidrecoveries.com
2 cdn77.api.userway.org cdn.userway.org
2 c.clarity.ms 1 redirects
2 maps.gstatic.com www.google.com
medicaidrecoveries.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.google.com medicaidrecoveries.com
tpc.googlesyndication.com
2 www.clarity.ms medicaidrecoveries.com
www.clarity.ms
2 www.googletagmanager.com medicaidrecoveries.com
www.googletagmanager.com
1 c.bing.com 1 redirects
1 www.googletagservices.com securepubads.g.doubleclick.net
1 api.userway.org cdn.userway.org
1 1f19969bf916735ba55fab9e02d015a0.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 region1.google-analytics.com www.googletagmanager.com
1 use.fontawesome.com medicaidrecoveries.com
79 22

This site contains links to these domains. Also see Links.

Domain
goo.gl
www.bbb.org
www.facebook.com
realreviewtube.com
Subject Issuer Validity Valid
medicaidrecoveries.com
R3
2024-01-02 -
2024-04-01
3 months crt.sh
*.wpmucdn.com
RapidSSL TLS RSA CA G1
2023-03-24 -
2024-03-23
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
use.fontawesome.com
Cloudflare Inc ECC CA-3
2023-10-12 -
2024-10-10
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1
2023-12-07 -
2024-12-07
a year crt.sh
1667503734.rsc.cdn77.org
R3
2023-12-19 -
2024-03-18
3 months crt.sh
www.google.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 06
2023-02-13 -
2024-02-08
a year crt.sh
api.userway.org
Amazon RSA 2048 M03
2023-09-02 -
2024-09-30
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
1784939676.rsc.cdn77.org
R3
2023-11-02 -
2024-01-31
3 months crt.sh

This page contains 6 frames:

Primary Page: https://medicaidrecoveries.com/
Frame ID: 998578D037822E495949CBD34A21280E
Requests: 51 HTTP requests in this frame

Frame: https://www.google.com/maps/embed?pb=!1m14!1m8!1m3!1d11638.229500823323!2d-77.5501049!3d43.1768144!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0xafa0c1b25ec8d3e!2sMedicaid%20Recoveries%2C%20Inc.!5e0!3m2!1sen!2s!4v1637916569350!5m2!1sen!2s
Frame ID: DA1494EDA5D984FAE71DB1134C68FADB
Requests: 16 HTTP requests in this frame

Frame: https://1f19969bf916735ba55fab9e02d015a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 59A93B9DB48CF2EF0D08D0510898374C
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss679pDNp4-cbw5cu-fDCcn9aQ3lpTV9uH8XLnG-cC-1cTcK2B6To4vkQMCHCWHKkrY_vYgfOjSoaiMPqp2cPI1zbn7edNl5QVgoP4SyzVJflz1yGtlBlZqC9VnwIvF4uU_PVwOu5zgWv6aFhgaJ0TmP1XcP5fbZ8U5lEGRhyWP9SEUTNQriLNiSnhJiYqAwVHcnevQ0TTweKDC53iUNQm3wGZCUflzTzWnDVyDny2PMHz5vy88shaC-gXkgY1IAafd-tAcDItF7Ej8UGaVuhGko5txEipjjpzuNYFwUzg96NDe9zlYi3GCC2dRfn_PlAZHL2o4_wR2AfkmYtm9RZ4LtXRmNg0jaRhsvabQQVw&sai=AMfl-YSaErLx9OqLDlAOh2bjworfAQpK40RnvbdtMO5sRoSkte7czqVMtmuZSYmMAuTSn1G16MojBCJPhJaiXJFGERnpATIwk3SS9xn9zQq4vbaXQfIEy81j_VPFD8kSxkHN4tGBqQN_0OVOnQIGUg0BoYM&sig=Cg0ArKJSzGIXswrKv_0YEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: B44B67B80E94E9266B38316DB2D01E9E
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AED28CBED7631BCFF0FD0F1E5DB0DD02
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 566DDA94CEBD81F879201BDCCEFB92DC
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Medicaid Assistance in Rochester, NY | Medicaid Recoveries, Inc.

Page URL History Show full URLs

  1. https://medicaidrecoveries.com/wp-admin/knol/santanew/cuenta.php/ HTTP 301
    https://medicaidrecoveries.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • cdn\.userway\.org/widget.*\.js

Page Statistics

79
Requests

97 %
HTTPS

85 %
IPv6

14
Domains

22
Subdomains

20
IPs

3
Countries

3044 kB
Transfer

5769 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://medicaidrecoveries.com/wp-admin/knol/santanew/cuenta.php/ HTTP 301
    https://medicaidrecoveries.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=5E2541DFE9FB433B9DA0824E58F7D202&RedC=c.clarity.ms&MXFR=39D4B74C46BD62F9154EA34E42BD6CA5 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5E2541DFE9FB433B9DA0824E58F7D202&MUID=2A0864E473256657049370E672AE676C

79 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
medicaidrecoveries.com/
Redirect Chain
  • https://medicaidrecoveries.com/wp-admin/knol/santanew/cuenta.php/
  • https://medicaidrecoveries.com/
172 KB
29 KB
Document
General
Full URL
https://medicaidrecoveries.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.74.92.138 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
138.92.74.34.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
7a9540c5d8653efb6ea9a4f059afd8108428347c868c02ddfab171646f7df4b1
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=600, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 10 Jan 2024 04:48:25 GMT
link
<https://medicaidrecoveries.com/wp-json/>; rel="https://api.w.org/" <https://medicaidrecoveries.com/wp-json/wp/v2/pages/7>; rel="alternate"; type="application/json" <https://medicaidrecoveries.com/>; rel=shortlink
permissions-policy
accelerometer=(self), autoplay=(self), camera=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), payment=(self), usb=(self)
referrer-policy
origin-when-cross-origin
server
nginx
strict-transport-security
max-age=2592000
vary
Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
HIT: 1
x-cache-group
normal
x-cacheable
SHORT
x-content-type-options
nosniff
x-frame-options
sameorigin
x-powered-by
WP Engine
x-xss-protection
1

Redirect headers

cache-control
max-age=0, must-revalidate, private
content-type
text/html; charset=UTF-8
date
Wed, 10 Jan 2024 04:48:25 GMT
expires
Wed, 11 Jan 1984 05:00:00 GMT
link
<https://medicaidrecoveries.com/wp-json/>; rel="https://api.w.org/"
location
https://medicaidrecoveries.com
permissions-policy
accelerometer=(self), autoplay=(self), camera=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), payment=(self), usb=(self)
referrer-policy
origin-when-cross-origin
server
nginx
strict-transport-security
max-age=2592000
x-cache
MISS
x-cacheable
NO:Passed
x-content-type-options
nosniff
x-frame-options
sameorigin
x-pass-why
wp-admin
x-powered-by
WP Engine
x-xss-protection
1
4e50a8c1-6ea9-4501-820f-1375842fb370.css
hb.wpmucdn.com/medicaidrecoveries.com/
20 KB
4 KB
Stylesheet
General
Full URL
https://hb.wpmucdn.com/medicaidrecoveries.com/4e50a8c1-6ea9-4501-820f-1375842fb370.css
Requested by
Host: medicaidrecoveries.com
URL: https://medicaidrecoveries.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
579cdf7fd01f54d123624df77f301a7338ed91521a0f15cccb1aa4dd39eb23ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medicaidrecoveries.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 04:48:25 GMT
content-encoding
br
cdn-edgestorageid
1081
x-amz-server-side-encryption
AES256
cdn-cachedat
01/10/2024 00:22:49
cdn-pullzone
1101156
last-modified
Thu, 23 Nov 2023 14:29:09 GMT
server
BunnyCDN-DE1-1080
x-amz-meta-hb-minify
minify=0.2%, origSize=20810
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"e977685d6057f347ca380bb6bfaf6349"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
778bbc1f-fc99-4e43-843d-a54ddaa69624
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
2cedbaa9a8a36890def3e659bcb9b22a
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
js
www.googletagmanager.com/gtag/
188 KB
68 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-202349636-34
Requested by
Host: medicaidrecoveries.com
URL: https://medicaidrecoveries.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e44246a8efcfa5b53c73b82d3ac2e9e29b59b8cea5f79d3ce70c33a8937480b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medicaidrecoveries.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 04:48:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69563
x-xss-protection
0
last-modified
Wed, 10 Jan 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 10 Jan 2024 04:48:25 GMT
all.js
use.fontawesome.com/releases/v5.0.9/js/
682 KB
247 KB
Script
General
Full URL
https://use.fontawesome.com/releases/v5.0.9/js/all.js
Requested by
Host: medicaidrecoveries.com
URL: https://medicaidrecoveries.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2fec0e2942f49dd3cad4650431d550d761f11dded17834d4835768c2ca730c0

Request headers

Referer
https://medicaidrecoveries.com/
Origin
https://medicaidrecoveries.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 04:48:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Sep 2023 01:44:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
15936
etag
W/"bffc6023835e717c0348c41583e56eba"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sIDTDnUIUAYIkm%2FB85WcXOAy%2F9bGE7NMuI8glSfo0h1SwNjL0UT9Fl2HCjOO%2BnpKZj30L35Zbl%2FVjijr887YHtrEAxzs%2FK4w%2B0VLFMIq6Dt6F6MpAeaJvojltrUE%2F2Dai30UhLQVkrktuJNolk4rgpbE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
843249a2191d3609-FRA
alt-svc
h3=":443"; ma=86400
modules.ttf
medicaidrecoveries.com/wp-content/themes/Divi/core/admin/fonts/
0
0
Font
General
Full URL
https://medicaidrecoveries.com/wp-content/themes/Divi/core/admin/fonts/modules.ttf
Requested by
Host: medicaidrecoveries.com
URL: https://medicaidrecoveries.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.74.92.138 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
138.92.74.34.bc.googleusercontent.com
Software
nginx /
Resource Hash

Request headers

Referer
https://medicaidrecoveries.com/
Origin
https://medicaidrecoveries.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 04:48:25 GMT
content-encoding
br
server
nginx
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/html
dashicons.ttf
medicaidrecoveries.com/wp-includes/fonts/
55 KB
55 KB
Font
General
Full URL
https://medicaidrecoveries.com/wp-includes/fonts/dashicons.ttf
Requested by
Host: medicaidrecoveries.com
URL: https://medicaidrecoveries.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.74.92.138 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
138.92.74.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
cacd900a2587c234c53e9d0108fc51ff6c61420c4f89a1731014b673a7b9a1a8

Request headers

Referer
https://medicaidrecoveries.com/
Origin
https://medicaidrecoveries.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 04:48:25 GMT
last-modified
Fri, 17 Jul 2020 17:11:03 GMT
server
nginx
etag
"5f11dba7-dc48"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
56392
et-core-unified-deferred-7.min.css
medicaidrecoveries.com/wp-content/et-cache/7/
7 KB
2 KB
Stylesheet
General
Full URL
https://medicaidrecoveries.com/wp-content/et-cache/7/et-core-unified-deferred-7.min.css?ver=1703019182
Requested by
Host: medicaidrecoveries.com
URL: https://medicaidrecoveries.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.74.92.138 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
138.92.74.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
a4bc7cfcaaab86555b41bc375407c8819a3f535a1b15c04c62810a5032f5a9d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medicaidrecoveries.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 04:48:25 GMT
content-encoding
br
last-modified
Tue, 19 Dec 2023 20:53:02 GMT
server
nginx
etag
W/"658202ae-1aa6"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
gpt.js
securepubads.g.doubleclick.net/tag/js/
96 KB
29 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: medicaidrecoveries.com
URL: https://medicaidrecoveries.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc63dbd09ce06c1e1a30acc5cdd34053a78a0631f6f6c455eda8cfb86590acca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medicaidrecoveries.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 04:48:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29215
x-xss-protection
0
server
cafe
etag
582 / 19732 / m202401030101 / config-hash: 1817704787884296793
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 10 Jan 2024 04:48:26 GMT
ad2e6e10-8083-4c71-ae63-46d76da38702.js
hb.wpmucdn.com/medicaidrecoveries.com/
99 KB
37 KB
Script
General
Full URL
https://hb.wpmucdn.com/medicaidrecoveries.com/ad2e6e10-8083-4c71-ae63-46d76da38702.js
Requested by
Host: medicaidrecoveries.com
URL: https://medicaidrecoveries.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
5674b0a11a287377a390c9a6c3c2946b3304596cb4fd10a63f5203a3a85f8a31

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medicaidrecoveries.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 04:48:25 GMT
content-encoding
br
cdn-edgestorageid
1082
x-amz-server-side-encryption
AES256
cdn-cachedat
01/10/2024 00:23:02
cdn-pullzone
1101156
last-modified
Thu, 23 Nov 2023 14:29:10 GMT
server
BunnyCDN-DE1-1080
x-amz-meta-hb-minify
minify=0.0%, origSize=87482
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"fee2da4e3c44c2def2dacf9baf84d91a"
vary
Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
778bbc1f-fc99-4e43-843d-a54ddaa69624
cache-control
public, max-age=31919000
cdn-requestid
2a4da72ed181498c89a859394b922f82
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
scripts.min.js
medicaidrecoveries.com/wp-content/themes/Divi/js/
268 KB
60 KB
Script
General
Full URL
https://medicaidrecoveries.com/wp-content/themes/Divi/js/scripts.min.js
Requested by
Host: medicaidrecoveries.com
URL: https://medicaidrecoveries.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.74.92.138 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
138.92.74.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
52394793edc8f40dce3af97329fc58f3359cd15343e3a223dfdbe126f688d9d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medicaidrecoveries.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 04:48:25 GMT
content-encoding
br
last-modified
Tue, 22 Aug 2023 18:04:08 GMT
server
nginx
etag
W/"64e4f898-42f83"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
64d53a5b-8dd9-4e3e-b807-25901c1d0d38.js
hb.wpmucdn.com/medicaidrecoveries.com/
10 KB
5 KB
Script
General
Full URL
https://hb.wpmucdn.com/medicaidrecoveries.com/64d53a5b-8dd9-4e3e-b807-25901c1d0d38.js
Requested by
Host: medicaidrecoveries.com
URL: https://medicaidrecoveries.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
3209a76d8cf3dcca3c6d139ea50890d9e38f1c8a2d04651d038225d7939279c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medicaidrecoveries.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 04:48:25 GMT
content-encoding
br
cdn-edgestorageid
1082
x-amz-server-side-encryption
AES256
cdn-cachedat
01/10/2024 00:22:49
cdn-pullzone
1101156
last-modified
Thu, 23 Nov 2023 14:29:11 GMT
server
BunnyCDN-DE1-1080
x-amz-meta-hb-minify
minify=47.1%, origSize=3349
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"7fb8e2ad1a77c36bfe8378104b5a0881"
vary
Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
778bbc1f-fc99-4e43-843d-a54ddaa69624
cache-control
public, max-age=31919000
cdn-requestid
8e4683c7addce4af9e8cf452b8a7a188
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
2f510c7becf7cf83bf5c8365fc7180a3.js
medicaidrecoveries.com/wp-content/uploads/hummingbird-assets/
152 KB
37 KB
Script
General
Full URL
https://medicaidrecoveries.com/wp-content/uploads/hummingbird-assets/2f510c7becf7cf83bf5c8365fc7180a3.js
Requested by
Host: medicaidrecoveries.com
URL: https://medicaidrecoveries.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.74.92.138 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
138.92.74.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
66da0701afaff7bd213e9fd294349fa60647b472bf617959f39a23b8778edf15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medicaidrecoveries.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 04:48:25 GMT
content-encoding
br
last-modified
Thu, 23 Nov 2023 14:29:15 GMT
server
nginx
etag
W/"655f61bb-26149"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
9hlxczqpl5
www.clarity.ms/tag/
650 B
1013 B
Script
General
Full URL
https://www.clarity.ms/tag/9hlxczqpl5
Requested by
Host: medicaidrecoveries.com
URL: https://medicaidrecoveries.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b55b8ba3f14b06786f33d6e5c147054b38ad92cd4efc7f746afcd27fa83952c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medicaidrecoveries.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
-1
date
Wed, 10 Jan 2024 04:48:26 GMT
x-azure-ref
20240110T044825Z-4szy9erdvx1kd7h0xhcd3va3kw00000001eg000000000ba6
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
650
request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
truncated
/
37 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medicaidrecoveries.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
widget.js
cdn.userway.org/
2 KB
2 KB
Script
General
Full URL
https://cdn.userway.org/widget.js
Requested by
Host: medicaidrecoveries.com
URL: https://medicaidrecoveries.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
ae511ab76062cd3b1dae0a9d69b0cb28e65bf84d74c8f294cde69c43976c363d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medicaidrecoveries.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 10 Jan 2024 04:48:25 GMT
via
1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
content-encoding
gzip
x-age-lb
433
x-amz-cf-pop
FRA60-P3
age
659
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-accel-date
1704861672
x-77-nzt
EgwBw7WvJwH3sQEAAAwBJRPCNAH3wgUAAA
x-accel-expires
@1704865272
x-77-age
1907
x-cache-lb
HIT
last-modified
Tue, 09 Jan 2024 14:28:46 GMT
server
CDN77-Turbo
etag
W/"991dcd665cdf17cec604440fdb584f7a"
x-77-nzt-ray
25b021314044ba6399219e654acaf838
access-control-max-age
3000
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=3600, public
content-type
application/javascript
x-amz-cf-id
8Ye6Gpodo1mr4z9qsUUE2upgXbTsTvonHMYS3rBT4xeV5MxsJZD9Zw==
embed
www.google.com/maps/ Frame DA14
3 KB
2 KB
Document
General
Full URL
https://www.google.com/maps/embed?pb=!1m14!1m8!1m3!1d11638.229500823323!2d-77.5501049!3d43.1768144!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0xafa0c1b25ec8d3e!2sMedicaid%20Recoveries%2C%20Inc.!5e0!3m2!1sen!2s!4v1637916569350!5m2!1sen!2s
Requested by
Host: medicaidrecoveries.com
URL: https://medicaidrecoveries.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
25230192e4419ee5b7aa17c2a2f106b5a9e2c65b5a7b0ee10696950833948762
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-EhzTJtHW2QpDEg3PvZfzrA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medicaidrecoveries.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
1403
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-EhzTJtHW2QpDEg3PvZfzrA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-type
text/html; charset=UTF-8
date
Wed, 10 Jan 2024 04:48:26 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
scaffolding on HTTPServer2
vary
Origin X-Origin Referer
x-content-type-options
nosniff
x-xss-protection
0
92zPtBhPNqw79Ij1E865zBUv7myjJQVD.woff2
fonts.gstatic.com/s/jost/v15/
17 KB
17 KB
Font
General
Full URL
https://fonts.gstatic.com/s/jost/v15/92zPtBhPNqw79Ij1E865zBUv7myjJQVD.woff2
Requested by
Host: medicaidrecoveries.com
URL: https://medicaidrecoveries.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1f5c178c16f6414ca3c2abc79e7ef2b6a83ca3b487b4bcf56590fbf98be6c3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medicaidrecoveries.com/
Origin
https://medicaidrecoveries.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 02:33:56 GMT
x-content-type-options
nosniff
age
94469
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17352
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:32:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 02:33:56 GMT
shutterstock_472725133-min.jpg
medicaidrecoveries.com/wp-content/uploads/2021/11/
1 MB
1 MB
Image
General
Full URL
https://medicaidrecoveries.com/wp-content/uploads/2021/11/shutterstock_472725133-min.jpg
Requested by
Host: medicaidrecoveries.com
URL: https://medicaidrecoveries.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.74.92.138 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
138.92.74.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
19aad8f98dd3d421fd4ba696a4d8499db063d931341e40d377e26298df758dac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medicaidrecoveries.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 04:48:25 GMT
last-modified
Fri, 26 Nov 2021 07:48:08 GMT
server
nginx
etag
"61a09138-106890"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
1075344
dot-grid.jpg
medicaidrecoveries.com/wp-content/uploads/2021/11/
25 KB
26 KB
Image
General
Full URL
https://medicaidrecoveries.com/wp-content/uploads/2021/11/dot-grid.jpg
Requested by
Host: medicaidrecoveries.com
URL: https://medicaidrecoveries.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.74.92.138 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
138.92.74.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
b25a732806eccc32e7588ec3675e810b7350c5961275c65bf9db2f351c1cc899

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medicaidrecoveries.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 04:48:25 GMT
last-modified
Fri, 26 Nov 2021 08:03:38 GMT
server
nginx
etag
"61a094da-6589"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
25993
pxiByp8kv8JHgFVrLEj6V14.woff2
fonts.gstatic.com/s/poppins/v20/
49 KB
49 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6V14.woff2
Requested by
Host: medicaidrecoveries.com
URL: https://medicaidrecoveries.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65221c19d1e390c4990c0f52f22fe4922b60b991abaa7a80dad8b2573be1bdab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medicaidrecoveries.com/
Origin
https://medicaidrecoveries.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 08:50:09 GMT
x-content-type-options
nosniff
age
71896
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49688
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:56:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 08:50:09 GMT
92zPtBhPNqw79Ij1E865zBUv7mx9IgVD.woff2
fonts.gstatic.com/s/jost/v15/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/jost/v15/92zPtBhPNqw79Ij1E865zBUv7mx9IgVD.woff2
Requested by
Host: medicaidrecoveries.com
URL: https://medicaidrecoveries.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31092d5e88f9cad80ef810cbb6c4411768b2a8cdf3186b10600c15591be2e7d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medicaidrecoveries.com/
Origin
https://medicaidrecoveries.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 13:06:46 GMT
x-content-type-options
nosniff
age
402099
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19376
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:42:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 04 Jan 2025 13:06:46 GMT
modules.woff
medicaidrecoveries.com/wp-content/themes/Divi/core/admin/fonts/modules/all/
90 KB
91 KB
Font
General
Full URL
https://medicaidrecoveries.com/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.woff
Requested by
Host: medicaidrecoveries.com
URL: https://medicaidrecoveries.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.74.92.138 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
138.92.74.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
88795f28bb66a45f9c32245dd21d6319ed5d26a45bf5afa31d91a0f83ee855f7

Request headers

Referer
https://medicaidrecoveries.com/
Origin
https://medicaidrecoveries.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 04:48:25 GMT
last-modified
Tue, 22 Aug 2023 18:04:08 GMT
server
nginx
etag
"64e4f898-1693c"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
92476
92zPtBhPNqw79Ij1E865zBUv7mxEIgVD.woff2
fonts.gstatic.com/s/jost/v15/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/jost/v15/92zPtBhPNqw79Ij1E865zBUv7mxEIgVD.woff2
Requested by
Host: medicaidrecoveries.com
URL: https://medicaidrecoveries.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c349c827da0edefcdf5de53d1eee0f392d7dc0da17ea74304967c529c7d45b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medicaidrecoveries.com/
Origin
https://medicaidrecoveries.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 21:25:26 GMT
x-content-type-options
nosniff
age
112979
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19436
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:36:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Jan 2025 21:25:26 GMT
92zPtBhPNqw79Ij1E865zBUv7myRJQVD.woff2
fonts.gstatic.com/s/jost/v15/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/jost/v15/92zPtBhPNqw79Ij1E865zBUv7myRJQVD.woff2
Requested by
Host: medicaidrecoveries.com
URL: https://medicaidrecoveries.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22c87b7cc8f16187048cd1e302712ad672ba9d92fbde88d2113bafdc846db170
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medicaidrecoveries.com/
Origin
https://medicaidrecoveries.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 06:28:37 GMT
x-content-type-options
nosniff
age
80388
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19356
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:32:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 06:28:37 GMT
pxiDyp8kv8JHgFVrJJLmr19lFQ.woff2
fonts.gstatic.com/s/poppins/v20/
55 KB
55 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiDyp8kv8JHgFVrJJLmr19lFQ.woff2
Requested by
Host: medicaidrecoveries.com
URL: https://medicaidrecoveries.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
243c9ac22a1f9eed020122c718e41786e6c2727c84f5f7fb94caea2375d83b5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medicaidrecoveries.com/
Origin
https://medicaidrecoveries.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 02:13:39 GMT
x-content-type-options
nosniff
age
95686
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56648
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:12:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 02:13:39 GMT
js
www.googletagmanager.com/gtag/
219 KB
78 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-D34PCLVYL5&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-202349636-34
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e606eebb3573dac86103515d790622724a980dc7fcf8f3428223a645d2352aa6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medicaidrecoveries.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 04:48:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79684
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 10 Jan 2024 04:48:25 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-202349636-34
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medicaidrecoveries.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 10 Jan 2024 03:48:17 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
3608
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 10 Jan 2024 05:48:17 GMT
Screenshot_80.png
medicaidrecoveries.com/wp-content/uploads/2021/11/
4 KB
4 KB
Image
General
Full URL
https://medicaidrecoveries.com/wp-content/uploads/2021/11/Screenshot_80.png
Requested by
Host: medicaidrecoveries.com
URL: https://medicaidrecoveries.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.74.92.138 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
138.92.74.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
cf1bcd0f697b73897616ea284c655d8553be4de3242617e37a0f3376603afa91

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medicaidrecoveries.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 04:48:26 GMT
last-modified
Fri, 26 Nov 2021 07:20:55 GMT
server
nginx
etag
"61a08ad7-fcb"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
4043
shutterstock_205495339-min-scaled.jpg
medicaidrecoveries.com/wp-content/uploads/2021/11/
298 KB
299 KB
Image
General
Full URL
https://medicaidrecoveries.com/wp-content/uploads/2021/11/shutterstock_205495339-min-scaled.jpg
Requested by
Host: medicaidrecoveries.com
URL: https://medicaidrecoveries.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.74.92.138 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
138.92.74.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
53b5f2ee7a38901d22190f83376f2b54621aa3aea7a4630ec971fd15def7a919

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medicaidrecoveries.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 04:48:26 GMT
last-modified
Fri, 26 Nov 2021 10:12:47 GMT
server
nginx
etag
"61a0b31f-4a872"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
305266
collect
region1.google-analytics.com/g/
0
258 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-D34PCLVYL5&gtm=45je4180v9109510592&_p=1704862105817&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1657707485.1704862106&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1704862105&sct=1&seg=0&dl=https%3A%2F%2Fmedicaidrecoveries.com%2F&dt=Medicaid%20Assistance%20in%20Rochester%2C%20NY%20%7C%20Medicaid%20Recoveries%2C%20Inc.&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=4913
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D34PCLVYL5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medicaidrecoveries.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 04:48:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://medicaidrecoveries.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
1 B
210 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=906174696&t=pageview&_s=1&dl=https%3A%2F%2Fmedicaidrecoveries.com%2F&ul=en-us&de=UTF-8&dt=Medicaid%20Assistance%20in%20Rochester%2C%20NY%20%7C%20Medicaid%20Recoveries%2C%20Inc.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=121001764&gjid=895325960&cid=1657707485.1704862106&tid=UA-202349636-34&_gid=779915093.1704862106&_r=1&gtm=457e4180&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=61124230
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://medicaidrecoveries.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 04:48:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://medicaidrecoveries.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
clarity.js
www.clarity.ms/s/0.7.20/
60 KB
25 KB
Script
General
Full URL
https://www.clarity.ms/s/0.7.20/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/9hlxczqpl5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medicaidrecoveries.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 04:48:26 GMT
content-encoding
br
last-modified
Tue, 09 Jan 2024 16:38:20 GMT
etag
W/"0x8DC1131640C0DB4"
vary
Accept-Encoding
x-azure-ref
20240110T044826Z-4szy9erdvx1kd7h0xhcd3va3kw00000001eg000000000bag
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
a8585709-501e-004b-7c1b-43d288000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
widget_app_base_1704810370917.js
cdn.userway.org/widgetapp/2024-01-09-14-26-10/
138 KB
41 KB
Script
General
Full URL
https://cdn.userway.org/widgetapp/2024-01-09-14-26-10/widget_app_base_1704810370917.js
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
0a64a3793551b4c543496080521634066ed96e404fff7685b0f3cfcb3a70f518

Request headers

Referer
https://medicaidrecoveries.com/
Origin
https://medicaidrecoveries.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 10 Jan 2024 04:48:26 GMT
via
1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
content-encoding
gzip
x-age-lb
49373
x-amz-cf-pop
FRA60-P3
age
658
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-accel-date
1704812733
x-77-nzt
EgwBw7WvJwH33cAAAAwB1GY4EQH3wwUAAA
x-accel-expires
@1730731258
x-77-age
50848
x-cache-lb
HIT
last-modified
Tue, 09 Jan 2024 14:28:41 GMT
server
CDN77-Turbo
etag
W/"4a4f259aaad424d43941cb1c0548064c"
x-77-nzt-ray
25b021313238ca669a219e659c28a00c
access-control-max-age
3000
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
application/javascript
x-amz-cf-id
-RWTRBQTMqk8lWPc9OgmUl-CnsuemY9Ivaoxxbli0tYWIB5yPZduhw==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/
436 KB
137 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
292c4b31226660d43c28401602552c41ee62725a14405471e49b069251908026
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medicaidrecoveries.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 11:56:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
60718
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140053
x-xss-protection
0
server
cafe
etag
1469350900164882112
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 08 Jan 2025 11:56:28 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
67 B
74 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=medicaidrecoveries.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a22a6a365a92c83d9ca3e89b5459f7b597de665f12309aadd59893dedb22ba9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medicaidrecoveries.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 04:48:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50
x-xss-protection
0
expires
Wed, 10 Jan 2024 04:48:26 GMT
js
maps.googleapis.com/maps/api/ Frame DA14
180 KB
62 KB
Script
General
Full URL
https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&callback=onApiLoad
Requested by
Host: www.google.com
URL: https://www.google.com/maps/embed?pb=!1m14!1m8!1m3!1d11638.229500823323!2d-77.5501049!3d43.1768144!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0xafa0c1b25ec8d3e!2sMedicaid%20Recoveries%2C%20Inc.!5e0!3m2!1sen!2s!4v1637916569350!5m2!1sen!2s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
6559e6118a45b5da01026a044f10f2b426dbdcae024b78ab870cdd35df9915eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 04:48:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63098
x-xss-protection
0
collect
y.clarity.ms/
0
302 B
XHR
General
Full URL
https://y.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.211.35.148 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://medicaidrecoveries.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://medicaidrecoveries.com
Date
Wed, 10 Jan 2024 04:48:26 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0
ads
securepubads.g.doubleclick.net/gampad/
68 KB
25 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2640718353968358&correlator=4308817215981352&eid=31079958%2C31080295&output=ldjh&gdfp_req=1&vrg=202401030101&ptt=17&impl=fif&iu_parts=21848388897%2CIABBB-Dynamic-Seal&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1704862106329&lmt=1704862106&adxs=629&adys=3336&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fmedicaidrecoveries.com%2F&vis=1&psz=341x228&msz=341x0&fws=0&ohw=0&ga_vid=1657707485.1704862106&ga_sid=1704862106&ga_hid=906174696&ga_fc=true&dlt=1704862105575&idt=704&adks=2476793911&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
572b6b8aeaa8b922e8ef423275c0ce2ef5ffd0599d3421c1ebc6d1c7362d336f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medicaidrecoveries.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 04:48:26 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25546
x-xss-protection
0
google-lineitem-id
5417697586
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138316507035
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://medicaidrecoveries.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
1f19969bf916735ba55fab9e02d015a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 59A9
6 KB
3 KB
Document
General
Full URL
https://1f19969bf916735ba55fab9e02d015a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medicaidrecoveries.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 10 Jan 2024 04:48:26 GMT
expires
Thu, 09 Jan 2025 04:48:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
E8voaT4ZKw
api.userway.org/api/tunings/
462 B
847 B
XHR
General
Full URL
https://api.userway.org/api/tunings/E8voaT4ZKw
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-01-09-14-26-10/widget_app_base_1704810370917.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f14:5db:eb00:b5ef:81ee:fcbd:a915 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
3d54da97b250b4548da42a9a6fe558666f2d37a4eb03a6d3d78b3169a99e777f

Request headers

Referer
https://medicaidrecoveries.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 10 Jan 2024 04:48:26 GMT
etag
W/"1ce-GxggF2UaZeheAEeE96oxV6nyEBc"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-service-request-id
usr53a741026f04461
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
*
content-length
462
x-service-version
uw-pr
IMG_1546-rotated.jpg
medicaidrecoveries.com/wp-content/uploads/2021/11/
54 KB
54 KB
Image
General
Full URL
https://medicaidrecoveries.com/wp-content/uploads/2021/11/IMG_1546-rotated.jpg
Requested by
Host: medicaidrecoveries.com
URL: https://medicaidrecoveries.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.74.92.138 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
138.92.74.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
bd91e1a9bb82698162aa19edbc5dfa29ce78555f8333227186ffd6ccf90a904f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medicaidrecoveries.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 04:48:26 GMT
last-modified
Fri, 26 Nov 2021 19:54:44 GMT
server
nginx
etag
"61a13b84-d8b3"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
55475
gen_204
maps.googleapis.com/maps/api/mapsjs/ Frame DA14
3 B
46 B
XHR
General
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&callback=onApiLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 04:48:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.google.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
init_embed.js
maps.gstatic.com/maps-api-v3/embed/js/55/4/ Frame DA14
226 KB
60 KB
Script
General
Full URL
https://maps.gstatic.com/maps-api-v3/embed/js/55/4/init_embed.js
Requested by
Host: www.google.com
URL: https://www.google.com/maps/embed?pb=!1m14!1m8!1m3!1d11638.229500823323!2d-77.5501049!3d43.1768144!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0xafa0c1b25ec8d3e!2sMedicaid%20Recoveries%2C%20Inc.!5e0!3m2!1sen!2s!4v1637916569350!5m2!1sen!2s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91c517b650261a41b75a3dff1ba8d77ab069db61b32df2cd470bc3bfad5409ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 01:47:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
97246
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61041
x-xss-protection
0
last-modified
Mon, 04 Dec 2023 22:55:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 08 Jan 2025 01:47:40 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B44B
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss679pDNp4-cbw5cu-fDCcn9aQ3lpTV9uH8XLnG-cC-1cTcK2B6To4vkQMCHCWHKkrY_vYgfOjSoaiMPqp2cPI1zbn7edNl5QVgoP4SyzVJflz1yGtlBlZqC9VnwIvF4uU_PVwOu5zgWv6aFhgaJ0TmP1XcP5fbZ8U5lEGRhyWP9SEUTNQriLNiSnhJiYqAwVHcnevQ0TTweKDC53iUNQm3wGZCUflzTzWnDVyDny2PMHz5vy88shaC-gXkgY1IAafd-tAcDItF7Ej8UGaVuhGko5txEipjjpzuNYFwUzg96NDe9zlYi3GCC2dRfn_PlAZHL2o4_wR2AfkmYtm9RZ4LtXRmNg0jaRhsvabQQVw&sai=AMfl-YSaErLx9OqLDlAOh2bjworfAQpK40RnvbdtMO5sRoSkte7czqVMtmuZSYmMAuTSn1G16MojBCJPhJaiXJFGERnpATIwk3SS9xn9zQq4vbaXQfIEy81j_VPFD8kSxkHN4tGBqQN_0OVOnQIGUg0BoYM&sig=Cg0ArKJSzGIXswrKv_0YEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: medicaidrecoveries.com
URL: https://medicaidrecoveries.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medicaidrecoveries.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 04:48:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 10 Jan 2024 04:48:26 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame B44B
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medicaidrecoveries.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 08:50:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
71902
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Jan 2024 08:50:04 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame B44B
3 KB
2 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medicaidrecoveries.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:12:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
38133
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Jan 2024 18:12:53 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame B44B
205 KB
65 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medicaidrecoveries.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 04:48:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704717871404979"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Jan 2024 04:48:26 GMT
14923303296992109467
tpc.googlesyndication.com/simgad/ Frame B44B
68 B
446 B
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/14923303296992109467
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medicaidrecoveries.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Wed, 08 Jan 2025 14:33:35 GMT
date
Tue, 09 Jan 2024 14:33:35 GMT
x-content-type-options
nosniff
age
51291
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
x-xss-protection
0
last-modified
Wed, 08 Jul 2020 14:03:25 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame B44B
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7944e04aa48e9c7b420feac0973823b4e399f313123013905bf1594c5bb4398

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
common.js
maps.googleapis.com/maps-api-v3/api/js/55/4/ Frame DA14
256 KB
57 KB
Script
General
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/55/4/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&callback=onApiLoad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
969dace001ef24f99f38bd00c5578b85ba9368e77a5667cfcaeaa29d2f57657b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 22:28:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
22788
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57512
x-xss-protection
0
last-modified
Mon, 04 Dec 2023 22:55:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 08 Jan 2025 22:28:38 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/55/4/ Frame DA14
173 KB
54 KB
Script
General
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/55/4/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&callback=onApiLoad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e759dc710ec6d9f9438d5a77f834b247254512fb90cf520764ab591db32cf5cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 04:16:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
1931
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55175
x-xss-protection
0
last-modified
Mon, 04 Dec 2023 22:55:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 09 Jan 2025 04:16:15 GMT
map.js
maps.googleapis.com/maps-api-v3/api/js/55/4/ Frame DA14
71 KB
23 KB
Script
General
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/55/4/map.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&callback=onApiLoad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0cf6d91acfbd231daa3ccf96e67596a75ea04458209786b2814f13a7f14fbf6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 02:56:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
6736
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23771
x-xss-protection
0
last-modified
Mon, 04 Dec 2023 22:55:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 09 Jan 2025 02:56:10 GMT
overlay.js
maps.googleapis.com/maps-api-v3/api/js/55/4/ Frame DA14
3 KB
1 KB
Script
General
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/55/4/overlay.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&callback=onApiLoad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88e2d34a2ecd255e7c30d9436d1f8f7156973f2badc72161da7f3c1901ae5bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 19:01:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
121623
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1273
x-xss-protection
0
last-modified
Mon, 04 Dec 2023 22:55:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 07 Jan 2025 19:01:23 GMT
truncated
/ Frame DA14
6 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b0044d91b724bb429337d6dcd9d2332e855bc0b4452c1d3fc9beea9973017521

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
StaticMapService.GetMapImage
maps.googleapis.com/maps/api/js/ Frame DA14
21 KB
21 KB
Image
General
Full URL
https://maps.googleapis.com/maps/api/js/StaticMapService.GetMapImage?1m2&1i596664&2i769062&2e1&3u13&4m2&1u300&2u250&5m5&1e0&5sen&6sus&10b1&12b1&client=google-maps-embed&token=85915
Requested by
Host: medicaidrecoveries.com
URL: https://medicaidrecoveries.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ce58833669ed7f0f35384ac0fe49a1bcc2a6e27dc113df22b89f1d7dbc8fe7d8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 00:22:49 GMT
server
scaffolding on HTTPServer2
age
15937
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=86400
server-timing
gfet4t7; dur=2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21773
x-xss-protection
0
expires
Thu, 11 Jan 2024 00:22:49 GMT
onion.js
maps.googleapis.com/maps-api-v3/api/js/55/4/ Frame DA14
26 KB
9 KB
Script
General
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/55/4/onion.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&callback=onApiLoad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f192fc1904ff65df2e882e7cb7afa1432a424adeecefeb081c53c4fde85be8fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 20:10:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
31106
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8900
x-xss-protection
0
last-modified
Mon, 04 Dec 2023 22:55:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 08 Jan 2025 20:10:00 GMT
search_impl.js
maps.googleapis.com/maps-api-v3/api/js/55/4/ Frame DA14
3 KB
1 KB
Script
General
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/55/4/search_impl.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&callback=onApiLoad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c15a24cfd927f84920b607b2764a5f7fde792140f08c64ea3808eec291b6d038
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 08:45:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
72206
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1253
x-xss-protection
0
last-modified
Mon, 04 Dec 2023 22:55:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 08 Jan 2025 08:45:00 GMT
openhand_8_8.cur
maps.gstatic.com/mapfiles/ Frame DA14
326 B
692 B
Image
General
Full URL
https://maps.gstatic.com/mapfiles/openhand_8_8.cur
Requested by
Host: medicaidrecoveries.com
URL: https://medicaidrecoveries.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 04:48:26 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
last-modified
Tue, 18 May 2021 19:15:00 GMT
server
sffe
report-to
{"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type
image/bmp
access-control-allow-origin
*
cache-control
private, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="geo-tactile"
expires
Wed, 10 Jan 2024 04:48:26 GMT
GetViewportInfo
maps.googleapis.com/$rpc/google.internal.maps.mapsjs.v1.MapsJsInternalService/ Frame DA14
14 KB
2 KB
XHR
General
Full URL
https://maps.googleapis.com/$rpc/google.internal.maps.mapsjs.v1.MapsJsInternalService/GetViewportInfo
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&callback=onApiLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
51565bbb883f2a583429a7629ef745192037510f536d2febf23362595c3b47e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json+protobuf
X-Goog-Maps-Client-Id
google-maps-embed
Referer
https://www.google.com/
X-Goog-Api-Key
X-Goog-Maps-API-Signature
102290
X-Goog-Maps-API-Salt
dfREUg6wd

Response headers

date
Wed, 10 Jan 2024 04:48:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.google.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2287
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame B44B
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstZaNMSh6h9YwMutIU-ph098T0FJ09gypbXGPbd7RGBsPlUgrJSNraxP9KHMloJSbkadn90Rz6UBHdd86PYarlbiEu7OdyRLLMoGM8GPMn27OcbZwSaDyEFTRPT8JImPEMTlHgbzQl42Z-2WTAaUdICe4M20snjngOOFPgRbVfu1IKr39b74v6z3Z5v4AMMI2fKuQy2yZLZQP2qLc9zbYUoaZGj2bxHcLeD_FNBevTH9QRJp2Y8SRoCtBpWkPo6utt6iqdB4aFAjeAXzz0if56WKetxwvUFRRwIqBC5mlVHJWcat_4Z_z9LPO-eqP0LUMLbUg0HP4q9CqIt7ItJ1Tulj301qOVFgYT98G_YYw_nXQ&sai=AMfl-YQGH7SVpbinmDD4SFFYdxZgJzemQTrzoThJTrQvlOFqS32ebjtVaSuMBqpkhOrGGVPu7uhAMPZ9c3-OrTFd3DFJrpq3LItvczJ7LdBtvXljh3EDB1mjB5pElplrxgzD1VvlzR_whVnEsOlQE_ygXCw&sig=Cg0ArKJSzLwQq1dDuXuaEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medicaidrecoveries.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 04:48:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 10 Jan 2024 04:48:27 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=5E2541DFE9FB433B9DA0824E58F7D202&RedC=c.clarity.ms&MXFR=39D4B74C46BD62F9154EA34E42BD6CA5
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5E2541DFE9FB433B9DA0824E58F7D202&MUID=2A0864E473256657049370E672AE676C
42 B
441 B
Image
General
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5E2541DFE9FB433B9DA0824E58F7D202&MUID=2A0864E473256657049370E672AE676C
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medicaidrecoveries.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 04:48:26 GMT
last-modified
Tue, 12 Dec 2023 19:03:29 GMT
server
Microsoft-IIS/10.0
etag
"e8d91e42d2dda1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 04:48:26 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 389D33C085044204BE0FD2BAC1CC7DB2 Ref B: FRA31EDGE0206 Ref C: 2024-01-10T04:48:27Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5E2541DFE9FB433B9DA0824E58F7D202&MUID=2A0864E473256657049370E672AE676C
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
13 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401030101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
66549cab7cb4675232f5f91c21f423e19aa7b86f5efe6966e90ebd1599fed1e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medicaidrecoveries.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 04:48:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12548
x-xss-protection
0
Screenshot_80.png
medicaidrecoveries.com/wp-content/uploads/2021/11/
4 KB
4 KB
Image
General
Full URL
https://medicaidrecoveries.com/wp-content/uploads/2021/11/Screenshot_80.png
Requested by
Host: hb.wpmucdn.com
URL: https://hb.wpmucdn.com/medicaidrecoveries.com/ad2e6e10-8083-4c71-ae63-46d76da38702.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.74.92.138 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
138.92.74.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
cf1bcd0f697b73897616ea284c655d8553be4de3242617e37a0f3376603afa91

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medicaidrecoveries.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 04:48:27 GMT
last-modified
Fri, 26 Nov 2021 07:20:55 GMT
server
nginx
etag
"61a08ad7-fcb"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
4043
en-US.json
cdn.userway.org/widgetapp/2024-01-09-14-26-10/locales/
501 B
959 B
XHR
General
Full URL
https://cdn.userway.org/widgetapp/2024-01-09-14-26-10/locales/en-US.json
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-01-09-14-26-10/widget_app_base_1704810370917.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
b87d34c5425a5b6bc0d37a08c2cd36cf21c2dac2645262a375f7460829859138

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medicaidrecoveries.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 10 Jan 2024 04:48:27 GMT
via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
content-encoding
gzip
x-age-lb
49368
x-amz-cf-pop
FRA60-P3
age
610
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-accel-date
1704812739
x-77-nzt
EgwBw7WvJwH32MAAAAwB1GY4CQH3+AUAAA
x-accel-expires
@1730731211
x-77-age
50896
x-cache-lb
HIT
last-modified
Tue, 09 Jan 2024 14:28:40 GMT
server
CDN77-Turbo
etag
W/"27831556b168f3c27f0819652aac1fb5"
x-77-nzt-ray
25b021313238ca669b219e6577b40f01
access-control-max-age
3000
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
application/json
x-amz-cf-id
Wxwl7X6580ha3Tw8I_FYyqIHyolXN_EaaHp1ptjAxllexW6JgjQegQ==
GetViewportInfo
maps.googleapis.com/$rpc/google.internal.maps.mapsjs.v1.MapsJsInternalService/ Frame
0
0
Preflight
General
Full URL
https://maps.googleapis.com/$rpc/google.internal.maps.mapsjs.v1.MapsJsInternalService/GetViewportInfo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-goog-maps-api-salt,x-goog-maps-api-signature,x-goog-maps-client-id,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-goog-maps-api-salt,x-goog-maps-api-signature,x-goog-maps-client-id,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.google.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Wed, 10 Jan 2024 04:48:26 GMT
server
scaffolding on HTTPServer2
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/ Frame DA14
62 B
84 B
Script
General
Full URL
https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7m2&1e0&5e0&8b1&callback=_xdc_._ekfok2&client=google-maps-embed&token=117571
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/55/4/common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
eaf87c70971a8be7304fb9d4b2b2c848ee8388354f2e385982223b7eea53b341
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 04:48:27 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment
server-timing
gfet4t7; dur=8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
QuotaService.RecordEvent
maps.googleapis.com/maps/api/js/ Frame DA14
62 B
83 B
Script
General
Full URL
https://maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7s7avowg&10e1&11b1&callback=_xdc_._xwoia0&client=google-maps-embed&token=53996
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/55/4/common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
6cb89d98c721d20364c52027a60e967f43582481005588564dbd392838540198
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 04:48:27 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
content-disposition
attachment
server-timing
gfet4t7; dur=9
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medicaidrecoveries.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 04:48:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 10 Jan 2024 04:48:27 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AED2
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medicaidrecoveries.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
34906
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 09 Jan 2024 19:06:41 GMT
expires
Wed, 08 Jan 2025 19:06:41 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 566D
829 B
1009 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2b8245a6957370dd410464fd8f62f3bfd7e4103e398f7ff5cc75a402c9f58c84
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5mug1_y6mXvGBhVOFkNuXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://medicaidrecoveries.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-5mug1_y6mXvGBhVOFkNuXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 10 Jan 2024 04:48:27 GMT
expires
Wed, 10 Jan 2024 04:48:27 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame AED2
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 19:06:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
34933
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 08 Jan 2025 19:06:14 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 566D
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401030101&jk=2640718353968358&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

collect
y.clarity.ms/
0
302 B
XHR
General
Full URL
https://y.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.211.35.148 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://medicaidrecoveries.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://medicaidrecoveries.com
Date
Wed, 10 Jan 2024 04:48:27 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0
remediation-tool-free.js
cdn.userway.org/remediation/free/
27 KB
11 KB
Script
General
Full URL
https://cdn.userway.org/remediation/free/remediation-tool-free.js?ts=1704810370917
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-01-09-14-26-10/widget_app_base_1704810370917.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
0eed9eb99e6e17575b699772f3710f933c6e38053a7640280770a916a5cb5121

Request headers

Referer
https://medicaidrecoveries.com/
Origin
https://medicaidrecoveries.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 10 Jan 2024 04:48:27 GMT
via
1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
content-encoding
gzip
x-age-lb
49372
x-amz-cf-pop
FRA60-P3
age
658
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-accel-date
1704812735
x-77-nzt
EgwBw7WvJwHX3MAAAAwB1GY4mQH3wwUAAA
x-accel-expires
@1730731260
x-77-age
50847
x-cache-lb
HIT
last-modified
Tue, 09 Jan 2024 14:28:45 GMT
server
CDN77-Turbo
etag
W/"834ad16c4fc034cae5909b930b785d2a"
x-77-nzt-ray
25b021313238ca669b219e658987781f
access-control-max-age
3000
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
application/javascript
x-amz-cf-id
OKo4xHM-szYcMeAcGMW2JDgOOHhqhO0xYZ621wPV8hngkhnda9jOgg==
body_wh.svg
cdn.userway.org/widgetapp/images/
4 KB
3 KB
Image
General
Full URL
https://cdn.userway.org/widgetapp/images/body_wh.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medicaidrecoveries.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 10 Jan 2024 04:48:27 GMT
via
1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
content-encoding
gzip
x-age-lb
49373
x-amz-cf-pop
FRA60-P3
age
52
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-accel-date
1704812734
x-77-nzt
EgwBw7WvJwH33cAAAAwBJRPCKAH3xAUAAA
x-accel-expires
@1730731258
x-77-age
50849
x-cache-lb
HIT
last-modified
Wed, 27 Dec 2023 13:17:34 GMT
server
CDN77-Turbo
etag
W/"1d8b1582fe82bd329041cc1982ad42e4"
x-77-nzt-ray
25b021314044ba639b219e65d9447e20
access-control-max-age
3000
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
image/svg+xml
x-amz-cf-id
M3_AMpCbU8jFnkVdCD5YKZqbfsbwA6DtOEYCf9QEDCfmgM9EKK7RkQ==
spin_wh.svg
cdn.userway.org/widgetapp/images/
2 KB
1 KB
Image
General
Full URL
https://cdn.userway.org/widgetapp/images/spin_wh.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medicaidrecoveries.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 10 Jan 2024 04:48:27 GMT
via
1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
content-encoding
gzip
x-age-lb
49374
x-amz-cf-pop
FRA60-P3
age
52
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-accel-date
1704812733
x-77-nzt
EgwBw7WvJwH33sAAAAwB1GY4EQH3wwUAAA
x-accel-expires
@1730731258
x-77-age
50849
x-cache-lb
HIT
last-modified
Fri, 13 Jan 2023 11:00:14 GMT
server
CDN77-Turbo
etag
W/"8e0a35946bf39d10f46a1f1653366a0a"
x-77-nzt-ray
25b021314044ba639b219e65b1a08420
access-control-max-age
3000
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
image/svg+xml
x-amz-cf-id
YOxzppD3zg4DEthC8jvlx5SKCkLLQNdp37VdCmOblrhgk7lNJeusCQ==
generate_204
tpc.googlesyndication.com/ Frame AED2
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?xqjCfg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 04:48:27 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
alts.json
cdn77.api.userway.org/api/img-dscr/v2/E8voaT4ZKw/1630025/RLqwMG7OTpTSzPtD/ Frame
0
0
Preflight
General
Full URL
https://cdn77.api.userway.org/api/img-dscr/v2/E8voaT4ZKw/1630025/RLqwMG7OTpTSzPtD/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fmedicaidrecoveries.com%2Fwp-content%2Fuploads%2F2021%2F11%2FIMG_1546-rotated.jpg%22%2C%22alt%22%3A%22Medicaid%20Assistance%20in%20Rochester%2C%20NY%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fmedicaidrecoveries.com%2Fwp-content%2Fuploads%2F2021%2F11%2FScreenshot_80.png%22%2C%22alt%22%3A%22Medicaid%20Recoveries%2C%20Inc.%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fmedicaidrecoveries.com%2Fwp-content%2Fuploads%2F2021%2F11%2Fshutterstock_205495339-min-scaled.jpg%22%2C%22alt%22%3A%22Medicaid%20Assistance%20in%20Rochester%2C%20NY%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22FREE_QUOTA_TIER%22%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://medicaidrecoveries.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
access-control-max-age
3000
cache-control
max-age=604800
date
Wed, 10 Jan 2024 04:48:28 GMT
server
CDN77-Turbo
x-77-cache
MISS
x-77-nzt
EggBw7WvJwAACAHUZjgJAAA
x-77-nzt-ray
25b021311246957e9c219e65c968fc0b
x-77-pop
frankfurtDE
x-service-version
img-dscr-srv-bad7d880
alts.json
cdn77.api.userway.org/api/img-dscr/v2/E8voaT4ZKw/1630025/RLqwMG7OTpTSzPtD/
653 B
819 B
Fetch
General
Full URL
https://cdn77.api.userway.org/api/img-dscr/v2/E8voaT4ZKw/1630025/RLqwMG7OTpTSzPtD/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fmedicaidrecoveries.com%2Fwp-content%2Fuploads%2F2021%2F11%2FIMG_1546-rotated.jpg%22%2C%22alt%22%3A%22Medicaid%20Assistance%20in%20Rochester%2C%20NY%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fmedicaidrecoveries.com%2Fwp-content%2Fuploads%2F2021%2F11%2FScreenshot_80.png%22%2C%22alt%22%3A%22Medicaid%20Recoveries%2C%20Inc.%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fmedicaidrecoveries.com%2Fwp-content%2Fuploads%2F2021%2F11%2Fshutterstock_205495339-min-scaled.jpg%22%2C%22alt%22%3A%22Medicaid%20Assistance%20in%20Rochester%2C%20NY%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22FREE_QUOTA_TIER%22%7D
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/free/remediation-tool-free.js?ts=1704810370917
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
9f2d740b69447d89d2353b9eadbd5a1ec4e4f8d9fa700653065f2add4ea8d46d

Request headers

Referer
https://medicaidrecoveries.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

x-77-pop
frankfurtDE
date
Wed, 10 Jan 2024 04:48:28 GMT
content-encoding
gzip
x-77-cache
MISS
x-service-version
img-dscr-srv-bad7d880
x-77-nzt
EggBw7WvJwFBCAHUZjgJAYE
x-accel-expires
@1705466908
x-cache-lb
MISS
server
CDN77-Turbo
etag
W/"28d-YltGO8XKlVGV052em8nCNzrrMMU"
x-77-nzt-ray
25b021311246957e9c219e65d9870f19
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
access-control-max-age
3000
cache-control
max-age=604800
access-control-allow-headers
*
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401030101&jk=2640718353968358&bg=!pqWlperNAAaumcC-jpk7ADQBe5WfOHuqXz1C06Wjan7uFu3fiQ-71FWZXJ6ysA3Us4iGHLPG7lt9xNCo4V9d3h4i8IgBAgAAAHFSAAAABGgBB5kCzHSDAZNaQEuPp9W2xB1TGgsKg1KUAYcqfIlhoEpRPXMJ7rkUDDEHjiXKA5IiWNkTSPnjSFBRW6pUwzfUsYpzA97OeQZs6IXVfyAYfeThHQYs71X6630cfBll9lJI7nduRT7Auo_Skg4bltzTF_W9Mg6S-YAJwdUzLCwa5wGnU9M0lmZaUV9ADpd3aQxGGvhqOJjCQOgqrjlZ-VbPXOLpFd_omh4pVMZxC9741agH3MIin-GxSx4SFXnWoy1JK9wLeNK_SSTNCtFliOxICU-tn96sNJy5IifWtOW27F2O4YDr7vqkb8K6WNYO_ZUWrXKi4g64bAbG7aBOUWla56blCKHwA_bp47QHi_tDGRLbHG5n3vZVNDF2v0YxH9eFY_erQn5inBxH5qlxTeePdOGk80lpU0q2NJZShxgE8nHRRGrO468DOi5cQK0WW8QiKHpE69DWQHzqqdRnhy6nFUlo8KqTqtt7rHK98kx0G7mCy4SRuv8TYI5A9iJsZv0Nt_vVKKV7ib745JE1B0ELqdRJEtMFqSUosZiBFBMAk0mJqg-qhz1ffH1Ee1KqaCEp3il2MvFjgi60tAzRTLO0bzlONWiMLbx_iRDOoQoMVwTjVas9HC280SLYb15MK31LcaRWGcFzj8OHM7j-nvDT7-zCcSN56gg6Vm7Kogq3r-Xnp3ikCtJEfTwTtVFM3iIsEVDbvt0dt553WQvWuyqWG6msZW_ap-eNwFjlhMYapnWvfQGoMRrncoQKF8y_tgFJtAQTSx22XIzGr2MR2lVcnNWePueeY8JUH41m1LuEFFlSDNChUrL8jgp6SCnfjroBRrDsOXh9WYQ6tUzEzR9e9MfUhZCLWeCRtTsrr2VWBEPjH6dVm__m9LPwH2x3FTRVS4YZ0qksmoRo6R-ewqjYc3bcblTIezu23ISwINsp8l0ioK1VAcKw6Zmfu1-uLyEy
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medicaidrecoveries.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

collect
y.clarity.ms/
0
302 B
XHR
General
Full URL
https://y.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.211.35.148 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://medicaidrecoveries.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://medicaidrecoveries.com
Date
Wed, 10 Jan 2024 04:48:29 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0
status
api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fmedicaidrecoveries.com%2F/DESKTOP/WIDGET_OFF/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.userway.org
URL
https://api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fmedicaidrecoveries.com%2F/DESKTOP/WIDGET_OFF/status

Verdicts & Comments Add Verdict or Comment

143 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| documentPictureInPicture function| jQuery function| $ function| gtag object| dataLayer function| clarity object| googletag object| et_link_options_data object| google_tag_manager object| google_tag_data object| DIVI object| et_builder_utils_params object| et_frontend_scripts object| et_pb_custom object| et_pb_box_shadow_elements string| GoogleAnalyticsObject function| ga function| Waypoint function| et_pb_debounce function| et_pb_smooth_scroll function| et_pb_form_placeholders_init function| et_duplicate_menu function| et_pb_remove_placeholder_text function| et_fix_fullscreen_section function| et_bar_counters_init function| et_fix_pricing_currency_position function| et_pb_set_responsive_grid function| et_pb_set_tabs_height function| et_pb_box_shadow_apply_overlay function| et_pb_init_nav_menu function| et_pb_toggle_nav_menu function| et_pb_apply_sticky_image_effect function| et_pb_menu_inject_inline_centered_logo function| et_pb_menu_inject_item function| et_pb_reposition_menu_module_dropdowns boolean| et_load_event_fired boolean| et_is_transparent_nav boolean| et_is_vertical_nav boolean| et_is_fixed_nav boolean| et_is_minified_js boolean| et_is_minified_css boolean| et_force_width_container_change function| et_pb_init_woo_star_rating function| et_pb_wrap_woo_attribute_fields_in_span function| et_calculate_fullscreen_section_size function| et_pb_init_modules function| etFixDividerSpacing function| etInitWooReviewsRatingStars boolean| et_calculating_scroll_position boolean| et_side_nav_links_initialized object| lazySizes function| rw object| et_pb_motion_elements object| gaGlobal object| UserWayWidgetApp object| gaplugins object| gaData object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome function| et_calculate_header_values function| et_change_primary_nav_position function| et_fix_page_container_position function| et_pb_window_side_nav_scroll_init function| et_pb_side_nav_page_init function| et_pb_slider_init function| et_countdown_timer function| et_countdown_timer_labels function| et_pb_tabs_init function| et_pb_circle_counter_update function| et_apply_parallax function| et_parallax_set_height function| et_apply_builder_css_parallax function| et_pb_play_overlayed_video function| et_pb_resize_section_video_bg function| et_pb_center_video function| et_pb_adjust_video_margin function| et_fix_slider_height function| et_pb_submit_newsletter function| et_fix_testimonial_inner_width function| et_pb_video_background_init function| et_animate_element function| et_process_animation_data function| et_has_animation_data function| et_get_animation_classes function| et_remove_animation function| et_remove_animation_data function| et_reinit_waypoint_modules function| et_calc_fullscreen_section function| debounced_et_apply_builder_css_parallax function| et_pb_parallax_init function| et_pb_fullwidth_header_scroll function| et_pb_search_init function| et_pb_search_percentage_custom_margin_fix function| et_pb_comments_init function| et_pb_shop_add_hover_class object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing number| google_unique_id function| __read function| __spreadArray function| __values string| LS_KEY string| CDN_BASE string| LOCALES string| VERSION object| FuncKeys object| DEFAULT_OPEN_HOTKEY object| userwaySupportedLanguages object| userwayMapToSupportedLanguages object| userwaySupportedLocales string| USERWAY_DEFAULT_FALLBACK_LANGUAGE function| userwaySupports function| formatLangCode function| __assign function| __rest object| messageStream object| _userway_config boolean| _userway string| et_location_hash function| et_pb_init_woo_custom_button_icon string| waypointContextKey object| GoogleGcLKhOms object| UserWay function| __defProp function| __defProps function| __getOwnPropDescs function| __getOwnPropSymbols function| __hasOwnProp function| __propIsEnum function| __defNormalProp function| __spreadValues function| __spreadProps function| __objRest function| __async object| google_image_requests

17 Cookies

Domain/Path Name / Value
.medicaidrecoveries.com/ Name: _ga_D34PCLVYL5
Value: GS1.1.1704862105.1.0.1704862105.0.0.0
www.clarity.ms/ Name: CLID
Value: c609e13ca09d4da0a46ff56d78e5fca6.20240110.20250109
.medicaidrecoveries.com/ Name: _ga
Value: GA1.2.1657707485.1704862106
.medicaidrecoveries.com/ Name: _gid
Value: GA1.2.779915093.1704862106
.medicaidrecoveries.com/ Name: _gat_gtag_UA_202349636_34
Value: 1
.medicaidrecoveries.com/ Name: _clck
Value: ue553x%7C2%7Cfia%7C0%7C1470
.medicaidrecoveries.com/ Name: __gads
Value: ID=4d0f4f8260a2f174:T=1704862106:RT=1704862106:S=ALNI_MYYaqoQgDJLnhL2tVvM6_8nGzErfQ
.medicaidrecoveries.com/ Name: __gpi
Value: UID=00000d3f005d6175:T=1704862106:RT=1704862106:S=ALNI_MZu9pe8vYqd77IidYYFFF7bvd-tzw
.medicaidrecoveries.com/ Name: _clsk
Value: 1yjf5qq%7C1704862106831%7C1%7C1%7Cy.clarity.ms%2Fcollect
.doubleclick.net/ Name: IDE
Value: AHWqTUlW_AnBJNDKSlVa2g9Fi3k55kdXPp96ylqGwzJCsCUuJzCxYqVqRJ99UBgqSKk
.bing.com/ Name: MUID
Value: 2A0864E473256657049370E672AE676C
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 2A0864E473256657049370E672AE676C
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 2A0864E473256657049370E672AE676C
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

3 Console Messages

Source Level URL
Text
network error URL: https://medicaidrecoveries.com/wp-content/themes/Divi/core/admin/fonts/modules.ttf
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript warning URL: https://medicaidrecoveries.com/
Message:
The resource https://medicaidrecoveries.com/wp-includes/fonts/dashicons.ttf was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://medicaidrecoveries.com/
Message:
The resource https://medicaidrecoveries.com/wp-content/themes/Divi/core/admin/fonts/modules.ttf was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1f19969bf916735ba55fab9e02d015a0.safeframe.googlesyndication.com
api.userway.org
c.bing.com
c.clarity.ms
cdn.userway.org
cdn77.api.userway.org
fonts.gstatic.com
hb.wpmucdn.com
maps.googleapis.com
maps.gstatic.com
medicaidrecoveries.com
pagead2.googlesyndication.com
region1.google-analytics.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
use.fontawesome.com
www.clarity.ms
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
y.clarity.ms
api.userway.org
104.211.35.148
2001:4860:4802:32::36
2400:52e0:1e00::1080:1
2600:1f14:5db:eb00:b5ef:81ee:fcbd:a915
2606:4700:e2::ac40:8c0d
2620:1ec:bdf::45
2620:1ec:c11::200
2a00:1450:4001:803::200e
2a00:1450:4001:806::2004
2a00:1450:4001:808::2003
2a00:1450:4001:809::2001
2a00:1450:4001:80e::2001
2a00:1450:4001:827::2003
2a00:1450:4001:827::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2002
2a02:6ea0:c700::11
34.74.92.138
68.219.88.97
0a64a3793551b4c543496080521634066ed96e404fff7685b0f3cfcb3a70f518
0cf6d91acfbd231daa3ccf96e67596a75ea04458209786b2814f13a7f14fbf6c
0eed9eb99e6e17575b699772f3710f933c6e38053a7640280770a916a5cb5121
19aad8f98dd3d421fd4ba696a4d8499db063d931341e40d377e26298df758dac
21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710
22c87b7cc8f16187048cd1e302712ad672ba9d92fbde88d2113bafdc846db170
243c9ac22a1f9eed020122c718e41786e6c2727c84f5f7fb94caea2375d83b5f
25230192e4419ee5b7aa17c2a2f106b5a9e2c65b5a7b0ee10696950833948762
292c4b31226660d43c28401602552c41ee62725a14405471e49b069251908026
2b8245a6957370dd410464fd8f62f3bfd7e4103e398f7ff5cc75a402c9f58c84
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
31092d5e88f9cad80ef810cbb6c4411768b2a8cdf3186b10600c15591be2e7d8
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3209a76d8cf3dcca3c6d139ea50890d9e38f1c8a2d04651d038225d7939279c7
3d54da97b250b4548da42a9a6fe558666f2d37a4eb03a6d3d78b3169a99e777f
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
51565bbb883f2a583429a7629ef745192037510f536d2febf23362595c3b47e3
52394793edc8f40dce3af97329fc58f3359cd15343e3a223dfdbe126f688d9d3
53b5f2ee7a38901d22190f83376f2b54621aa3aea7a4630ec971fd15def7a919
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5674b0a11a287377a390c9a6c3c2946b3304596cb4fd10a63f5203a3a85f8a31
572b6b8aeaa8b922e8ef423275c0ce2ef5ffd0599d3421c1ebc6d1c7362d336f
579cdf7fd01f54d123624df77f301a7338ed91521a0f15cccb1aa4dd39eb23ea
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
65221c19d1e390c4990c0f52f22fe4922b60b991abaa7a80dad8b2573be1bdab
6559e6118a45b5da01026a044f10f2b426dbdcae024b78ab870cdd35df9915eb
66549cab7cb4675232f5f91c21f423e19aa7b86f5efe6966e90ebd1599fed1e3
66da0701afaff7bd213e9fd294349fa60647b472bf617959f39a23b8778edf15
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cb89d98c721d20364c52027a60e967f43582481005588564dbd392838540198
7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7
7a9540c5d8653efb6ea9a4f059afd8108428347c868c02ddfab171646f7df4b1
88795f28bb66a45f9c32245dd21d6319ed5d26a45bf5afa31d91a0f83ee855f7
88e2d34a2ecd255e7c30d9436d1f8f7156973f2badc72161da7f3c1901ae5bec
91c517b650261a41b75a3dff1ba8d77ab069db61b32df2cd470bc3bfad5409ce
969dace001ef24f99f38bd00c5578b85ba9368e77a5667cfcaeaa29d2f57657b
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a22a6a365a92c83d9ca3e89b5459f7b597de665f12309aadd59893dedb22ba9
9c349c827da0edefcdf5de53d1eee0f392d7dc0da17ea74304967c529c7d45b6
9f2d740b69447d89d2353b9eadbd5a1ec4e4f8d9fa700653065f2add4ea8d46d
a4bc7cfcaaab86555b41bc375407c8819a3f535a1b15c04c62810a5032f5a9d1
ae511ab76062cd3b1dae0a9d69b0cb28e65bf84d74c8f294cde69c43976c363d
b0044d91b724bb429337d6dcd9d2332e855bc0b4452c1d3fc9beea9973017521
b1f5c178c16f6414ca3c2abc79e7ef2b6a83ca3b487b4bcf56590fbf98be6c3d
b25a732806eccc32e7588ec3675e810b7350c5961275c65bf9db2f351c1cc899
b55b8ba3f14b06786f33d6e5c147054b38ad92cd4efc7f746afcd27fa83952c1
b87d34c5425a5b6bc0d37a08c2cd36cf21c2dac2645262a375f7460829859138
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd91e1a9bb82698162aa19edbc5dfa29ce78555f8333227186ffd6ccf90a904f
c15a24cfd927f84920b607b2764a5f7fde792140f08c64ea3808eec291b6d038
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cacd900a2587c234c53e9d0108fc51ff6c61420c4f89a1731014b673a7b9a1a8
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
ce58833669ed7f0f35384ac0fe49a1bcc2a6e27dc113df22b89f1d7dbc8fe7d8
cf1bcd0f697b73897616ea284c655d8553be4de3242617e37a0f3376603afa91
d2fec0e2942f49dd3cad4650431d550d761f11dded17834d4835768c2ca730c0
d7944e04aa48e9c7b420feac0973823b4e399f313123013905bf1594c5bb4398
daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8
dc63dbd09ce06c1e1a30acc5cdd34053a78a0631f6f6c455eda8cfb86590acca
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44246a8efcfa5b53c73b82d3ac2e9e29b59b8cea5f79d3ce70c33a8937480b9
e606eebb3573dac86103515d790622724a980dc7fcf8f3428223a645d2352aa6
e759dc710ec6d9f9438d5a77f834b247254512fb90cf520764ab591db32cf5cb
eaf87c70971a8be7304fb9d4b2b2c848ee8388354f2e385982223b7eea53b341
f192fc1904ff65df2e882e7cb7afa1432a424adeecefeb081c53c4fde85be8fe