pay.matchedcaretech.com Open in urlscan Pro
52.1.43.64 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://pay.matchedcaretech.com/
Effective URL:
https://pay.matchedcaretech.com/
Submission: On October 04 via api (October 4th 2022, 3:12:56 pm UTC) from US — Scanned from DE

Summary HTTP 58 Redirects Behaviour Indicators

Summary

This website contacted 25 IPs in 6 countries across 18 domains to perform 58 HTTP transactions. The main IP is 52.1.43.64, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is pay.matchedcaretech.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on October 4th 2022. Valid for: a year.

This is the only time pay.matchedcaretech.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	52.1.43.64 52.1.43.64	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:400d:807::2008	15169 (GOOGLE) (GOOGLE)
1	99.86.4.30 99.86.4.30	16509 (AMAZON-02) (AMAZON-02)
1	65.9.108.9 65.9.108.9	16509 (AMAZON-02) (AMAZON-02)
9	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	52.222.250.47 52.222.250.47	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400d:807::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:1495	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
3	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
2	2a02:26f0:11a... 2a02:26f0:11a::6867:4841	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:230... 2600:9000:2304:a00:f:8ce2:fb80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:806::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	104.16.51.111 104.16.51.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:1ec:46::44 2620:1ec:46::44	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	52.184.204.244 52.184.204.244	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
58	25

2 52.1.43.64 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-43-64.compute-1.amazonaws.com

pay.matchedcaretech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:807::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-30.fra6.r.cloudfront.net

d347164ulyc57y.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.108.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-108-9.tlv50.r.cloudfront.net

d2wy8f7a9ursnm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.18.70.113 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.222.250.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-250-47.fra60.r.cloudfront.net

d85ecz8votkqa.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:807::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.194.133 (United States)

ASN54113 (FASTLY, US)

api.filepicker.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dialog.filepicker.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.filepicker.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:11a::6867:4841 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.72.113 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2304:a00:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.dwin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.51.111 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

poynt.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::44 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.184.204.244 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

n.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 3159 ekr.zdassets.com — Cisco Umbrella Rank: 3703	437 KB
8	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94	20 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 804 c.clarity.ms — Cisco Umbrella Rank: 1219 n.clarity.ms — Cisco Umbrella Rank: 6643	26 KB
5	cloudfront.net d347164ulyc57y.cloudfront.net d2wy8f7a9ursnm.cloudfront.net d85ecz8votkqa.cloudfront.net	188 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 665 c.bing.com — Cisco Umbrella Rank: 426	13 KB
3	google.de www.google.de — Cisco Umbrella Rank: 3460	672 B
3	google.com www.google.com — Cisco Umbrella Rank: 19	672 B
3	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 171 googleads.g.doubleclick.net — Cisco Umbrella Rank: 68	2 KB
3	filepicker.io api.filepicker.io — Cisco Umbrella Rank: 93132 dialog.filepicker.io — Cisco Umbrella Rank: 68499 www.filepicker.io — Cisco Umbrella Rank: 33650	22 KB
3	typekit.net p.typekit.net — Cisco Umbrella Rank: 1263 use.typekit.net — Cisco Umbrella Rank: 1023	50 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 115	222 B
2	zendesk.com poynt.zendesk.com	1 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 203	112 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 129	118 KB
2	matchedcaretech.com 1 redirects pay.matchedcaretech.com	3 KB
1	dwin1.com www.dwin1.com — Cisco Umbrella Rank: 4328	9 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 154	15 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118	1 KB
58	18

	Domain	Requested by
9	static.zdassets.com	pay.matchedcaretech.com static.zdassets.com
8	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.google.de	pay.matchedcaretech.com
3	www.google.com	pay.matchedcaretech.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com pay.matchedcaretech.com
3	d85ecz8votkqa.cloudfront.net	pay.matchedcaretech.com d347164ulyc57y.cloudfront.net
2	n.clarity.ms	www.clarity.ms
2	c.clarity.ms	1 redirects
2	www.facebook.com	pay.matchedcaretech.com
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	poynt.zendesk.com	static.zdassets.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	connect.facebook.net	pay.matchedcaretech.com connect.facebook.net
2	use.typekit.net	d347164ulyc57y.cloudfront.net
2	www.googletagmanager.com	pay.matchedcaretech.com
2	pay.matchedcaretech.com	1 redirects
1	c.bing.com	1 redirects
1	www.filepicker.io	api.filepicker.io
1	dialog.filepicker.io	api.filepicker.io
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.dwin1.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	ekr.zdassets.com	static.zdassets.com
1	api.filepicker.io	pay.matchedcaretech.com
1	p.typekit.net	d347164ulyc57y.cloudfront.net
1	fonts.googleapis.com	d347164ulyc57y.cloudfront.net
1	d2wy8f7a9ursnm.cloudfront.net	pay.matchedcaretech.com
1	d347164ulyc57y.cloudfront.net	pay.matchedcaretech.com
58	28

This site contains no links.

Subject Issuer	Validity	Valid
pay.matchedcaretech.com Go Daddy Secure Certificate Authority - G2	`2022-10-04` - `2023-10-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
ssl1036557.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2022-06-08` - `2022-12-15`	6 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
*.filepicker.io R3	`2022-08-05` - `2022-11-03`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-09-03` - `2023-03-03`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-13` - `2022-10-11`	3 months	crt.sh
*.dwin1.com Amazon	`2021-11-19` - `2022-12-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
poynt.zendesk.com Cloudflare Inc ECC CA-3	`2022-05-17` - `2023-05-17`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://pay.matchedcaretech.com/
Frame ID: F3E34BDEF0648AA2D4B66F563F12866F
Requests: 46 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-framework-96c2ac7dafdad68c4a30.js
Frame ID: 0D2E6CD37A4BCF3AF1477AA6E781C3EF
Requests: 10 HTTP requests in this frame

Frame: https://dialog.filepicker.io/dialog/comm_iframe/
Frame ID: 8E755E2D1A8353C95F6EA91D04C3268F
Requests: 1 HTTP requests in this frame

Frame: https://www.filepicker.io/dialog/comm_iframe/
Frame ID: 8EDEE14A11FA2C24675E22D90BCC6D15
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://pay.matchedcaretech.com/ HTTP 301
https://pay.matchedcaretech.com/ Page URL

Detected technologies

AWIN (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

dwin1\.com

BugSnag (Analytics) Expand

Overall confidence: 100%
Detected patterns

/bugsnag.*\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

58
Requests

98 %
HTTPS

56 %
IPv6

18
Domains

28
Subdomains

25
IPs

6
Countries

1018 kB
Transfer

3120 kB
Size

21
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://pay.matchedcaretech.com/ HTTP 301
https://pay.matchedcaretech.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=9D237E04D8E54CB8919DCB1F0A3B4432&RedC=c.clarity.ms&MXFR=05C8BFD9DA6865BA35DDADEADE686BD8 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=9D237E04D8E54CB8919DCB1F0A3B4432&MUID=182F95F9CDEC6B81308E87CACC2C6ACB

58 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

404
Not Found

Primary Request / Show response
pay.matchedcaretech.com/
Redirect Chain

http://pay.matchedcaretech.com/
https://pay.matchedcaretech.com/

6 KB
3 KB

379ms
117ms

Document
text/html

52.1.43.64
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.matchedcaretech.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.1.43.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-43-64.compute-1.amazonaws.com

Software

Resource Hash

66b344839dcb77d108574958a530ca78d2bf349ed82590844cf23eff9d1c4dd7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

connection: close
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 04 Oct 2022 15:12:50 GMT
last-modified: Tue, 04 Oct 2022 15:12:50 GMT
transfer-encoding: chunked
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

Redirect headers

Connection: keep-alive
Date: Tue, 04 Oct 2022 15:12:50 GMT
Keep-Alive: timeout=5
Location: https://pay.matchedcaretech.com/
Transfer-Encoding: chunked

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
42 KB 151ms
62ms Script
application/javascript 2a00:1450:400d:807::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-49020603-4

Requested by

Host: pay.matchedcaretech.com
URL: https://pay.matchedcaretech.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fa96a3d391d16303cd779c0c9898657fb74219a5aa559cb5b0b625d6f7e4e966

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.matchedcaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 15:12:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 42338
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 04 Oct 2022 15:12:50 GMT

GET
H/1.1 200
OK global.9add06cc.css
d347164ulyc57y.cloudfront.net/release/dist/css/ 325 KB
52 KB 92ms
21ms Stylesheet
text/css 99.86.4.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d347164ulyc57y.cloudfront.net/release/dist/css/global.9add06cc.css
Requested by: Host: pay.matchedcaretech.com
URL: https://pay.matchedcaretech.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-30.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 990bff25280d68da78056f0df3efe50f3e52170f4446e459edc390ff4e2b8911

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.matchedcaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: fnGDptwZglxT97b5Mv9PjaDSuCFVNiDr
Content-Encoding: gzip
Via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
Date: Tue, 04 Oct 2022 04:58:53 GMT
X-Amz-Cf-Pop: FRA6-C1
Age: 36838
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Last-Modified: Tue, 27 Sep 2022 21:38:13 GMT
Server: AmazonS3
ETag: W/"9add06cc9ec8b14a3c140e4857058315"
Vary: Accept-Encoding
Content-Type: text/css
X-Amz-Cf-Id: wm7is2YjTHrU_OhOgHFosNwjRRCvzBjFm7oUynTs6h8gkP9LX0_T-Q==

GET
H/1.1 200
OK bugsnag-3.min.js Show response
d2wy8f7a9ursnm.cloudfront.net/ 15 KB
6 KB 250ms
78ms Script
application/javascript 65.9.108.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2wy8f7a9ursnm.cloudfront.net/bugsnag-3.min.js
Requested by: Host: pay.matchedcaretech.com
URL: https://pay.matchedcaretech.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.108.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-108-9.tlv50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 02bfc0792607137745f4a91a7569037afef83eee2dde83866962522e71f81309

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.matchedcaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 02:03:11 GMT
Content-Encoding: gzip
Via: 1.1 318dc0d466d2a355ca0bbeb0721ef1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: TLV50-C2
Age: 220518
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 5288
Last-Modified: Fri, 01 Dec 2017 10:02:01 GMT
Server: AmazonS3
ETag: "c9eb5e1a021aed97ea4ae916d2c1e26a"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
X-Amz-Cf-Id: TkwCe0uhwVeqJBdH_-C9enQrWqKHvkmcZ13TBvaR1MFVp8EY-PwRIw==

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 23 KB
7 KB 122ms
50ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=81f0a48d-5dc6-41e9-a9c7-fafa30214403

Requested by

Host: pay.matchedcaretech.com
URL: https://pay.matchedcaretech.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c71a7bdc6e1f2f8875556b690007a65be9e5ae1fb285f76d85180c89a3fa52d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.matchedcaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 15:12:50 GMT
x-amz-version-id: TCAqq4sghBBBAAXd3MLZ8Fy8XIds..vO
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: YJ6FWKEZW05SMQ2N
age: 28
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: RhWyAyscoN7D2/viec8w/o2vJpPJbrDfnamkXe9KJIm0PWRMNcxpOZbNBafVFikCrmRgnpbsVy4=
last-modified: Thu, 28 Jul 2022 23:44:02 GMT
server: cloudflare
etag: W/"5cae6ce528dce0c327b2bcbaad459fdb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5AMc6bapZJGycl4Sow8DQW9ksHMp8yaiiuJeOOoikcsWKJqtZMwPBUJFDxUj4gLd0Q4Pinuyht602pYa7FSylzgqPpoJMkJ4ha9P4HIEe9q83xZs26VGQ6r08RmqXGPnztf6ZUM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
cf-ray: 754edbac79699180-FRA

GET
H/1.1 200
OK icon-100.png
d85ecz8votkqa.cloudfront.net/images/ 5 KB
6 KB 204ms
24ms Image
image/png 52.222.250.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d85ecz8votkqa.cloudfront.net/images/icon-100.png
Requested by: Host: pay.matchedcaretech.com
URL: https://pay.matchedcaretech.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-47.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d2f8bbd4cd8ed21ae630e5197ddef4511cffbd6b31690a0545c937d720fce827

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.matchedcaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Tue, 04 Oct 2022 04:58:55 GMT
x-amz-version-id: null
Via: 1.1 d63ea68c8b7458d49fe25f66ef7f0a5e.cloudfront.net (CloudFront)
Last-Modified: Fri, 16 May 2014 01:59:24 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P3
Age: 36837
ETag: "84c43251833947096dd54cbd696fa6e2"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5429
X-Amz-Cf-Id: eRl9diIb31bU4K0M7lNQkK4OA8h9JW1d3GBMwrxrdjooVOeDvAEFpA==

GET
H/1.1 200
OK logo-white-100.png
d85ecz8votkqa.cloudfront.net/images/ 8 KB
9 KB 195ms
23ms Image
image/png 52.222.250.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d85ecz8votkqa.cloudfront.net/images/logo-white-100.png
Requested by: Host: pay.matchedcaretech.com
URL: https://pay.matchedcaretech.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-47.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5c83016b7351bc1595b99eedf4d0ca6ecd46ede6c227eb49ebf0628db4f9dbc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.matchedcaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: null
Date: Mon, 03 Oct 2022 23:33:32 GMT
Via: 1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
Last-Modified: Fri, 16 May 2014 01:02:41 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P3
Age: 56360
ETag: "907757c545885fdeeb317708190ab2e9"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8647
X-Amz-Cf-Id: tlcdGm8cCy5CSQdDgiWNJRfyDFAX1vBXA84sT7ldHkeClmmXj9nSmg==

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 151ms
62ms Stylesheet
text/css 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=IBM+Plex+Sans

Requested by

Host: d347164ulyc57y.cloudfront.net
URL: https://d347164ulyc57y.cloudfront.net/release/dist/css/global.9add06cc.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3464b938424dbe9aa7da6bf5f705aacea77c7478b925beead17e593cf6f7ee98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d347164ulyc57y.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 04 Oct 2022 15:12:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 04 Oct 2022 15:12:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 04 Oct 2022 15:12:50 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
195 B 76ms
18ms Stylesheet
text/css 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=efo3nfe&ht=tk&f=26977.26978.26979.26980.26981.26982.26983.26984&a=74618783&app=typekit&e=css
Requested by: Host: d347164ulyc57y.cloudfront.net
URL: https://d347164ulyc57y.cloudfront.net/release/dist/css/global.9add06cc.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d347164ulyc57y.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

unused62: 8096267
date: Tue, 04 Oct 2022 15:12:50 GMT
last-modified: Sat, 16 Oct 2021 08:18:43 GMT
server: nginx
etag: "616a8ae3-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 220 KB
76 KB 76ms
75ms Script
application/javascript 2a00:1450:400d:807::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W4DQM4W

Requested by

Host: pay.matchedcaretech.com
URL: https://pay.matchedcaretech.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6a270b93b0be6f0da67e273bc345a6f69bb1a250a844bad73a2039d3bea57e30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.matchedcaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 15:12:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77941
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 04 Oct 2022 15:12:50 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 67ms
19ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-49020603-4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.matchedcaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 04 Oct 2022 15:01:59 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 651
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 04 Oct 2022 17:01:59 GMT

GET
H2 200 filepicker.js Show response
api.filepicker.io/v1/ 64 KB
19 KB 130ms
22ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.filepicker.io/v1/filepicker.js
Requested by: Host: pay.matchedcaretech.com
URL: https://pay.matchedcaretech.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5dd816bc603c0aa7b1421797241d7289a7cc47a7d09dbee14d6b77dfdc6b1acb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.matchedcaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 15:12:50 GMT
content-encoding: gzip
via: 1.1 varnish
x-amz-request-id: JJ8Q5TSRJPNDVJMK
age: 140813
x-cache: HIT
content-length: 19303
x-amz-id-2: zKe0+0d7pfp46GJdyZjOhgX3nFX1nzY+djXx/+3QwOgRXDNNIhpjBDbo4JCqiHURE+n9WvF9Q40=
x-served-by: cache-hhn4051-HHN
last-modified: Mon, 15 Feb 2016 13:13:27 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:1000/gname:vagrant/uname:vagrant/gid:1000/mode:33188/mtime:1455542033/atime:1455542034/md5:f37f29a2ea14b20d3a45a0c572f9c8cb/ctime:1455542033
x-timer: S1664896371.953882,VS0,VE0
etag: "f37f29a2ea14b20d3a45a0c572f9c8cb"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-cache-hits: 3

GET
H/1.1 200
OK fa-solid-900.woff2
d85ecz8votkqa.cloudfront.net/fonts/ 115 KB
116 KB 595ms
446ms Font
application/octet-stream 52.222.250.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d85ecz8votkqa.cloudfront.net/fonts/fa-solid-900.woff2
Requested by: Host: d347164ulyc57y.cloudfront.net
URL: https://d347164ulyc57y.cloudfront.net/release/dist/css/global.9add06cc.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-47.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0fc8bfb8053723b289c576544ec5feccc05da9680cb65e46f8d468153cb93106

Request headers

Referer: https://d347164ulyc57y.cloudfront.net/
Origin: https://pay.matchedcaretech.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Tue, 04 Oct 2022 15:12:52 GMT
x-amz-version-id: null
Via: 1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P3
X-Cache: Miss from cloudfront
Connection: keep-alive
Content-Length: 117628
Last-Modified: Mon, 29 Jun 2020 19:14:05 GMT
Server: AmazonS3
ETag: "b650897c484f29df93474098e5dde0ef"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD, DELETE, PUT, POST
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Accept-Ranges: bytes
X-Amz-Cf-Id: tH5p5kasz5lj500qHwgQB1IZpZyWbbwT1N9MdaQmHjAsMCWAPGDXbw==

GET
H2 200 l
use.typekit.net/af/986a34/00000000000000007735b576/30/ 24 KB
25 KB 128ms
31ms Font
application/font-woff2 2a02:26f0:11a::6867:4841
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/986a34/00000000000000007735b576/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: d347164ulyc57y.cloudfront.net
URL: https://d347164ulyc57y.cloudfront.net/release/dist/css/global.9add06cc.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::6867:4841 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 765e473c33aa42d97a33bfaf73a293d401024c988134b9852b92927a6bdfd378

Request headers

Referer: https://d347164ulyc57y.cloudfront.net/
Origin: https://pay.matchedcaretech.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 15:12:50 GMT
server: nginx
etag: "4b299713dfd17cdf4d69fb1b4517ae65f2306009"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 24928

GET
H2 200 l
use.typekit.net/af/069915/00000000000000007735b581/30/ 25 KB
25 KB 132ms
36ms Font
application/font-woff2 2a02:26f0:11a::6867:4841
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/069915/00000000000000007735b581/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: d347164ulyc57y.cloudfront.net
URL: https://d347164ulyc57y.cloudfront.net/release/dist/css/global.9add06cc.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::6867:4841 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: ee602f79944c5a386cf4dce52f33028706e2415eff57b3bcc5e47f6db2cb1791

Request headers

Referer: https://d347164ulyc57y.cloudfront.net/
Origin: https://pay.matchedcaretech.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 15:12:50 GMT
server: nginx
etag: "9e8f71765e9383778e4ff9e44e1ec294aab90ea3"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 25572

GET
H2 200 81f0a48d-5dc6-41e9-a9c7-fafa30214403 Show response
ekr.zdassets.com/compose/ 403 B
1 KB 266ms
212ms XHR
application/json 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/81f0a48d-5dc6-41e9-a9c7-fafa30214403

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=81f0a48d-5dc6-41e9-a9c7-fafa30214403

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e83b3f7fe5192cc8849428cc7b5531be393f3d2772915008c00c4d0a2ac5492

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.matchedcaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 15:12:51 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 21b2435c59ff8847518baa77f10ad8f7, 21b2435c59ff8847518baa77f10ad8f7
x-runtime: 0.002407
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"7e83b3f7fe5192cc8849428cc7b5531b"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C5IgfFhRWJUa1f%2FwhRzvvPgWBafC%2FqqdbxY1Rwhpv4uHCOHc98M5stsjaaS0FGWBPsJo9HONYFKDDY5QsXzk4D0DlMycSe0Rugwhyd%2F4ePHG6kRn0i6ktYIhnt2NcvOpCMg%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
vary: Origin, Accept-Encoding
cf-ray: 754edbae4c3fbbc1-FRA

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 71ms
28ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=234183789&t=pageview&_s=1&dl=https%3A%2F%2Fpay.matchedcaretech.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1007632433&gjid=2073068692&cid=380687953.1664896371&tid=UA-49020603-4&_gid=769001610.1664896371&_r=1&gtm=2ou9s0&z=541002201

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pay.matchedcaretech.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 15:12:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pay.matchedcaretech.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 51ms
51ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=234183789&t=pageview&_s=1&dl=https%3A%2F%2Fpay.matchedcaretech.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=1622173439&gjid=2092776970&cid=380687953.1664896371&tid=UA-49020603-6&_gid=769001610.1664896371&_r=1&gtm=2wg9s0W4DQM4W&z=1574081325

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pay.matchedcaretech.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 15:12:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pay.matchedcaretech.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
15 KB 103ms
50ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W4DQM4W

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.matchedcaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 15:12:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15192
x-xss-protection: 0
server: cafe
etag: 699633608045481581
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 04 Oct 2022 15:12:51 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 103ms
49ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W4DQM4W

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.matchedcaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 04 Oct 2022 15:12:50 GMT
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0F540A80E1464E6283E53AC1D23CA09B Ref B: DUS30EDGE0312 Ref C: 2022-10-04T15:12:51Z
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11367

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 101 KB
27 KB 62ms
19ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: pay.matchedcaretech.com
URL: https://pay.matchedcaretech.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.matchedcaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 04 Oct 2022 15:12:51 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26840
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: ycaNUN8IzFZKQIv3nk2eydXk5g2Ci7zePOa17QdNS+EM7ZydDCT1nmjYySnwmbwmxfkU2BzcISMfrsNcB151YQ==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 19038.js Show response
www.dwin1.com/ 34 KB
9 KB 123ms
34ms Script
application/javascript 2600:9000:2304:a00:f:8ce2:fb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwin1.com/19038.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W4DQM4W
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:a00:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f80eed6f368815a7fd5eb286293c2b0522d3d81a4858295f1ff7dd2b3e4d5280

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.matchedcaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: PePIwPZRZIbkiCepyO3R4xCxJh0XNXLN
content-encoding: gzip
via: 1.1 e34b146b2a4038019e9b2a95fac837fc.cloudfront.net (CloudFront)
date: Tue, 04 Oct 2022 15:08:14 GMT
x-amz-cf-pop: VIE50-P1
age: 277
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 30 Sep 2022 13:44:21 GMT
server: AmazonS3
etag: W/"d2563bca28261a57e5abbf1655472eaa"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600, s-maxage=600
x-amz-cf-id: 1RAzuI0yHwh_t_SBcsjS66bvIT3tL-nbHVRhRHjFXO8lMYA_s78oiw==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
447 B 92ms
28ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-49020603-4&cid=380687953.1664896371&jid=1007632433&gjid=2073068692&_gid=769001610.1664896371&_u=YEBAAUAAAAAAACAAI~&z=1828288086

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pay.matchedcaretech.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 04 Oct 2022 15:12:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pay.matchedcaretech.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 69ms
31ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-49020603-6&cid=380687953.1664896371&jid=1622173439&gjid=2092776970&_gid=769001610.1664896371&_u=aEDAAUABAAAAACAAI~&z=477684225

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pay.matchedcaretech.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 04 Oct 2022 15:12:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pay.matchedcaretech.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 250490609560682 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 391ms
365ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/250490609560682?v=2.9.84&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a1c13d2400c8a32733a8404158ae5ce2db3624d3e8ff3aa94420c04fea81f49b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.matchedcaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 04 Oct 2022 15:12:51 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: WR2O8zrxuAmJF+r6V22Hk9iHsyBxsJaR44Iw70yxlnNxCi9GHFguMxDk0vVQEfbc/DxEX1YyHiQn+5kghB0exg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/760333724/ 2 KB
2 KB 155ms
67ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/760333724/?random=1664896371091&cv=9&fst=1664896371091&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9s0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fpay.matchedcaretech.com%2F&auid=428753047.1664896371&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a8a372951054d58d02d96083e5648471e29fab37ec863c0d8491d0dd9fff9e2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.matchedcaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 15:12:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 994
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 17443429.js Show response
bat.bing.com/p/action/ 1 KB
844 B 138ms
138ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/17443429.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ed66e27addd3029b15238e36c0bc613704e48baa4c83f8071e03e6f64779c2f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.matchedcaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 04 Oct 2022 15:12:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CB978BB40DE543029DAF30FCA13E7549 Ref B: DUS30EDGE0312 Ref C: 2022-10-04T15:12:51Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
content-length: 667

GET
H2 204 0
bat.bing.com/action/ 0
176 B 53ms
52ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=17443429&tm=gtm002&Ver=2&mid=f8377cbc-1bed-4a9f-9b68-3a1f7201f323&sid=0361dbd043f711eda8e03745979275fc&vid=0362948043f711ed8a23497f3b51a42a&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fpay.matchedcaretech.com%2F&r=&lt=964&evt=pageLoad&sv=1&rn=445181

Requested by

Host: pay.matchedcaretech.com
URL: https://pay.matchedcaretech.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.matchedcaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 04 Oct 2022 15:12:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E5FBB5AC28834B3CA4560607714C8079 Ref B: DUS30EDGE0312 Ref C: 2022-10-04T15:12:51Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 107ms
57ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-49020603-4&cid=380687953.1664896371&jid=1007632433&_u=YEBAAUAAAAAAACAAI~&z=1942977992

Requested by

Host: pay.matchedcaretech.com
URL: https://pay.matchedcaretech.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.matchedcaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 15:12:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 112ms
62ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-49020603-4&cid=380687953.1664896371&jid=1007632433&_u=YEBAAUAAAAAAACAAI~&z=1942977992

Requested by

Host: pay.matchedcaretech.com
URL: https://pay.matchedcaretech.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.matchedcaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 15:12:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 106ms
56ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-49020603-6&cid=380687953.1664896371&jid=1622173439&_u=aEDAAUABAAAAACAAI~&z=871021478

Requested by

Host: pay.matchedcaretech.com
URL: https://pay.matchedcaretech.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.matchedcaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 15:12:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 114ms
64ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-49020603-6&cid=380687953.1664896371&jid=1622173439&_u=aEDAAUABAAAAACAAI~&z=871021478

Requested by

Host: pay.matchedcaretech.com
URL: https://pay.matchedcaretech.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.matchedcaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 15:12:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 web-widget-framework-96c2ac7dafdad68c4a30.js Show response
static.zdassets.com/web_widget/latest/ Frame 0D2E 147 KB
48 KB 41ms
41ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-framework-96c2ac7dafdad68c4a30.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=81f0a48d-5dc6-41e9-a9c7-fafa30214403

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d346f5f1b47eeaddd4aac34aafd2456c768c4717cdb7e683c7a457d60354e64

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 15:12:51 GMT
x-amz-version-id: UkAo6Ny3dbaYn_7.09jTM47O3NT8wdvn
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: D3W0P6WHBJN17BBR
age: 469328
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: N082wdzgkAu/mgaweoA8bNFaSG63mJytabwQcau6TjBe8+AsH2+DewmKv5n7sklJbpMM6TshdnA=
last-modified: Thu, 29 Sep 2022 04:10:27 GMT
server: cloudflare
etag: W/"42f3d0976e3c3382c4f7b23328f2803b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Dv%2ByN5%2FTLCqtmzL%2F7%2FJ9a3e8h%2BeQhjfv7uqTgCWO6gWOrUi4i5Il%2BOhvQJDiht09dqd4Q8MsqvQUbgxv9C2T2Us3jSZpiRxEXwEwgUy67SAg634Tr4h9wyY%2Bmv6%2FpfV149H1tg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 754edbafc96a9180-FRA
expires: Fri, 29 Sep 2023 04:10:26 GMT

GET
H2 200 config Show response
poynt.zendesk.com/embeddable/ Frame 0D2E 824 B
1 KB 251ms
170ms Fetch
application/json 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://poynt.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-96c2ac7dafdad68c4a30.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4967dd7f0cebde370ffb0e88979aa9e5f49f97430ddd4f976451065621d53c63

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 15:12:51 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-85dc7d4f4f-qqrrf
x-cached: MISS
x-request-id: b57561552ae16bb473143e5d9efc0f1a
x-runtime: 0.001855
last-modified: Tue, 04 Oct 2022 15:12:51 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hpgvVngh2NDPqV8Rbv9HU8wTpQLC%2BGOCBR7CLOSQK4G0OT%2F2JciXL5fVeEl3GisygOlgqUUAUihtJM1proRBMncOlPWZdbzBwUJU2F6kpJREm2Htvflay9dIRnNMBIs72auk"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 754edbb0cdcd9b22-FRA

GET
H2 200 17443429 Show response
www.clarity.ms/tag/uet/ 1 KB
2 KB 205ms
117ms Script
application/x-javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/17443429
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/17443429.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0ae9bc7a3ea8dcddaee8e1756009edcb9e3a19cdf650218815f2437395617e9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.matchedcaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: application/x-javascript
date: Tue, 04 Oct 2022 15:12:51 GMT
cache-control: no-cache, no-store
expires: -1
x-azure-ref: 0c008YwAAAACUJbz7/aG4QbY6IrtbfQ/oQlJVMzBFREdFMDcxMwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H3 200 /
www.google.com/pagead/1p-user-list/760333724/ 42 B
64 B 74ms
33ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/760333724/?random=1664896371091&cv=9&fst=1664895600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9s0&sendb=1&frm=0&url=https%3A%2F%2Fpay.matchedcaretech.com%2F&async=1&fmt=3&is_vtc=1&random=3169051304&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: pay.matchedcaretech.com
URL: https://pay.matchedcaretech.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.matchedcaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 15:12:51 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/760333724/ 42 B
64 B 83ms
40ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/760333724/?random=1664896371091&cv=9&fst=1664895600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9s0&sendb=1&frm=0&url=https%3A%2F%2Fpay.matchedcaretech.com%2F&async=1&fmt=3&is_vtc=1&random=3169051304&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: pay.matchedcaretech.com
URL: https://pay.matchedcaretech.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.matchedcaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 15:12:51 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2-f/s/0.6.42/ 53 KB
23 KB 116ms
116ms Script
application/javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2-f/s/0.6.42/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/17443429
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d97ca913935c9897ac4e255d17e14c8a3f0d8513681fe5b6736c4921fc5dd078

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.matchedcaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 15:12:51 GMT
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
etag: "1d8d770d65a4bd4"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
x-azure-ref: 0c008YwAAAABWPL9Nna5+QqUiGq3H4+rCQlJVMzBFREdFMDcxMwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

GET
H2 200 web-widget-classic-c3d89f0.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame 0D2E 13 KB
4 KB 40ms
39ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-c3d89f0.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-96c2ac7dafdad68c4a30.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9098952f8248c717092f34be8d826bb3531802ca3cf377be7cb79edb118c9204

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 15:12:51 GMT
x-amz-version-id: 7MUrU.MoHTRbmX3wzPCEazPKhrpbJShi
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: D3W4B1HC9NBMHY2B
age: 469328
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: WW1I6e6HqAI31+auu0OiWSrsx5IAsU5lJI6H4M4zWYRi+TX1Ryu384bWiGhvlidD5ij0WhggGUk=
last-modified: Thu, 29 Sep 2022 04:10:41 GMT
server: cloudflare
etag: W/"a2da7f62a85c2f4f61df1fa42e69d28f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dpb5EtkZHvUbhxaQ3P0b8muClxLeR3wXWuhsPxdqZQdbwmMMAMazmajwlPxoLi5WT639ozNGMKoikEuUh0fHvSTvSNQMuWYn1aRsGm1wmDfBAAyiwO4EIssOzNburn%2FNVAVEJRM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 754edbb1de819180-FRA
expires: Fri, 29 Sep 2023 04:10:40 GMT

GET
H2 200 web-widget-8165-c3d89f0.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame 0D2E 663 KB
190 KB 68ms
67ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-8165-c3d89f0.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-c3d89f0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9fe3344f6ffaaaaaf42a2adab7e1b57944a8312985777943283a47f766fd036

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 15:12:51 GMT
x-amz-version-id: spVNe3DWIBpD60pxIMwG8RXMkJ03IAxM
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: D3WA00DY7AG9R0TY
age: 469328
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: YhrjSp1kgaSiB0p2/BYnSy33TaWtzqun2ZtJAzwOT3F9umldYOXZ9Y0rtrG+Z1CdZng3r/ojsZY=
last-modified: Thu, 29 Sep 2022 04:10:41 GMT
server: cloudflare
etag: W/"3fb1755f31689e15a362e7877ecd38ff"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IEwANrbdxgAYjc30EwbEAiuvY6UCniT8layVG5ljpYzMTM6fit2Ve8micIFFYAwkzBlUDzTgvQ%2Bm3cwk1OXrZVEYQu%2FZ8FSUErd6GAHfXzJRGcmIB4RjiJ1yyySfgVvt9oC0Abw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 754edbb21f2b9180-FRA
expires: Fri, 29 Sep 2023 04:10:40 GMT

GET
H2 200 web-widget-5324-c3d89f0.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame 0D2E 491 KB
108 KB 46ms
46ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-5324-c3d89f0.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-c3d89f0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9710a6b4a42554eda9e7cc8fbcb0ec2d7fbeda5662dab00a5d3ddeb76d5e4a5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 15:12:51 GMT
x-amz-version-id: _RFf2H7hYhzG1UxbhCFb1EHx.sF5em62
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: D3WETBA035VYE7MY
age: 469328
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: m+r/M1Dyyg8PCvhd4UCXX/x+Q6uT0ynnwXOEP+uPwXblQL+JBPqI5lmTFq8J0pL2T38qY192I/s=
last-modified: Thu, 29 Sep 2022 04:10:41 GMT
server: cloudflare
etag: W/"151eb9021fddc23ef235964d355397cf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zKMYXCtZDfmdjbs4126ar28G3HnwYcluRsRSPNMf%2BE7DW%2FjbG62TnU4P6GbIjP6iJ%2BfnOFlkJq9Os3fmhyo14CoPZtPkIOGzMx8YD7nRDK2UdZBpZmju02kgtBCtAqutDNvfILI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 754edbb21f2e9180-FRA
expires: Fri, 29 Sep 2023 04:10:40 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
204 B 61ms
20ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=250490609560682&ev=PageView&dl=https%3A%2F%2Fpay.matchedcaretech.com%2F&rl=&if=false&ts=1664896371547&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1664896371545.1988897044&it=1664896371080&coo=false&rqm=GET

Requested by

Host: pay.matchedcaretech.com
URL: https://pay.matchedcaretech.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.matchedcaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 04 Oct 2022 15:12:51 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 embeddable_blip Show response
poynt.zendesk.com/ Frame 0D2E 0
298 B 140ms
139ms XHR
text/plain 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://poynt.zendesk.com/embeddable_blip?type=analytics&data=eyJhbmFseXRpY3MiOnsidmFsdWUiOnsicmF3Q2xpZW50TG9jYWxlIjoiZW4tVVMiLCJyYXdTZXJ2ZXJMb2NhbGUiOiJkZS1ERSIsImNsaWVudExvY2FsZSI6ImVuLXVzIiwic2VydmVyTG9jYWxlIjoiZGUtZGUiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA2LjAuNTI0OS45MSBTYWZhcmkvNTM3LjM2IiwiaXNNb2JpbGUiOmZhbHNlfSwiYWN0aW9uIjoibG9jYWxlTWlzbWF0Y2giLCJjYXRlZ29yeSI6ImxvY2FsZSJ9LCJidWlkIjoiNmYzZGE3MjdiMzcxNGNiYzkzMzkwZjU3NWM4NWRiOGUiLCJzdWlkIjoiZTExZTI4ODhjOTY2NDc0ODkxNjZjZTNlODZhZDAzNjUiLCJ2ZXJzaW9uIjoiYzNkODlmMCIsInRpbWVzdGFtcCI6IjIwMjItMTAtMDRUMTU6MTI6NTEuNzQ0WiIsInVybCI6Imh0dHBzOi8vcGF5Lm1hdGNoZWRjYXJldGVjaC5jb20vIn0%3D
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-96c2ac7dafdad68c4a30.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 15:12:51 GMT
cf-cache-status: MISS
last-modified: Tue, 04 Oct 2022 15:12:51 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-zendesk-zorg: yes
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GkOBDvYfUjXtIotZqY1XxjtouXQD6qXEp6mHOz4jHyjCz441NS3AC4b3vdK0JAyzB%2F7XXHzjd0qBvkc091Bc48Qk8Ty8ZnsCKf%2FBjqQDVoRd5I0arYYc6y5YId6e6MRWWpWB"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 754edbb37b079b22-FRA
content-length: 0
x-request-id: b669b76b2926c652bc91b4038251a752

GET
H2 200 de-de-json-c3d89f0.js Show response
static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/ Frame 0D2E 27 KB
7 KB 35ms
34ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/de-de-json-c3d89f0.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-c3d89f0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68044eaef1841a02213086348bf81a382b3bee100aa54c7369c947da239a0357

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 15:12:51 GMT
x-amz-version-id: 29lR4LSs7w3Mxdn9FzKAsT80IumtMa_G
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 984K76VK96CD1DEN
age: 469327
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: gGbCi75fLHIY6OnqzxsrwuAkw3Pdhzsnv9Uypbh8fM1Ve8SG9LR7F+aEZrjh7XysrlHYamNYClM=
last-modified: Thu, 29 Sep 2022 04:10:42 GMT
server: cloudflare
etag: W/"dee0c6a89a545cab72e7f62ab96b94c6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ulHq6sC2A8f89RG55OPT6qEmtJJ27nEdXOsfFIp1%2FaaV6hZEZTlTzKSx8Bt4SYvwzv3Pbp7K3kC5UCbJjOKJY4VsdCSmtc6LIWj1B4MzRD7vf22MuqV0rqi3iASV6JQeKAZrWjI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 754edbb38ad09180-FRA
expires: Fri, 29 Sep 2023 04:10:41 GMT

GET
H2 200 / Show response
dialog.filepicker.io/dialog/comm_iframe/ Frame 8E75 2 KB
1 KB 37ms
21ms Document
text/html 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://dialog.filepicker.io/dialog/comm_iframe/
Requested by: Host: api.filepicker.io
URL: https://api.filepicker.io/v1/filepicker.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9e16eecb114bb36df2b69c9ce41ca963bed4a810db6bc07f271a076f6f91f495

Request headers

Referer: https://pay.matchedcaretech.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Headers, Origin, X-File-Name, Key, Content-Type, X-Requested-With, Origin
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
age: 1859100
content-encoding: gzip
content-length: 945
content-type: text/html; charset=utf-8
date: Tue, 04 Oct 2022 15:12:52 GMT
etag: W/"61ae05b6-82a"
last-modified: Mon, 06 Dec 2021 12:44:38 GMT
p3p: CP="OTI DSP COR ADM DEV TAIo PSA PSD IVAi IVDi CONi HIS OUR IND CNT COM INT NAV"
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 13914
x-served-by: cache-hhn4051-HHN
x-timer: S1664896372.174468,VS0,VE0

GET
H2 200 / Show response
www.filepicker.io/dialog/comm_iframe/ Frame 8EDE 2 KB
1020 B 37ms
21ms Document
text/html 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.filepicker.io/dialog/comm_iframe/
Requested by: Host: api.filepicker.io
URL: https://api.filepicker.io/v1/filepicker.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9e16eecb114bb36df2b69c9ce41ca963bed4a810db6bc07f271a076f6f91f495

Request headers

Referer: https://pay.matchedcaretech.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Headers, Origin, X-File-Name, Key, Content-Type, X-Requested-With, Origin
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
age: 1266659
content-encoding: gzip
content-length: 945
content-type: text/html; charset=utf-8
date: Tue, 04 Oct 2022 15:12:52 GMT
etag: W/"61ae05b6-82a"
last-modified: Mon, 06 Dec 2021 12:44:38 GMT
p3p: CP="OTI DSP COR ADM DEV TAIo PSA PSD IVAi IVDi CONi HIS OUR IND CNT COM INT NAV"
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 13557
x-served-by: cache-hhn4051-HHN
x-timer: S1664896372.174853,VS0,VE0

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=9D237E04D8E54CB8919DCB1F0A3B4432&RedC=c.clarity.ms&MXFR=05C8BFD9DA6865BA35DDADEADE686BD8
https://c.clarity.ms/c.gif?CtsSyncId=9D237E04D8E54CB8919DCB1F0A3B4432&MUID=182F95F9CDEC6B81308E87CACC2C6ACB

42 B
392 B

40ms
40ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=9D237E04D8E54CB8919DCB1F0A3B4432&MUID=182F95F9CDEC6B81308E87CACC2C6ACB
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.matchedcaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 15:12:52 GMT
last-modified: Tue, 13 Sep 2022 19:54:52 GMT
server: Microsoft-IIS/10.0
etag: "8d3298b0aac7d81:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 04 Oct 2022 15:12:51 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D8C0F2AAB2AB43EFA4E571833F513F69 Ref B: DUS30EDGE0312 Ref C: 2022-10-04T15:12:52Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=9D237E04D8E54CB8919DCB1F0A3B4432&MUID=182F95F9CDEC6B81308E87CACC2C6ACB
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
20ms Image
image/gif 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=234183789&t=event&ni=1&_s=1&dl=https%3A%2F%2Fpay.matchedcaretech.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=user&ea=client_id&_u=aHDAAUABAAAAACAAI~&jid=&gjid=&cid=380687953.1664896371&tid=UA-49020603-6&_gid=769001610.1664896371&gtm=2wg9s0W4DQM4W&cd3=380687953.1664896371&z=43314476

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.matchedcaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 23:04:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 58125
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
19ms Image
image/gif 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=234183789&t=event&ni=0&_s=1&dl=https%3A%2F%2Fpay.matchedcaretech.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=25%25&_u=aHDAAUABAAAAACAAI~&jid=&gjid=&cid=380687953.1664896371&tid=UA-49020603-6&_gid=769001610.1664896371&gtm=2wg9s0W4DQM4W&z=1464728798

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.matchedcaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 23:04:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 58125
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
20ms Image
image/gif 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=234183789&t=event&ni=0&_s=1&dl=https%3A%2F%2Fpay.matchedcaretech.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=50%25&_u=aHDAAUABAAAAACAAI~&jid=&gjid=&cid=380687953.1664896371&tid=UA-49020603-6&_gid=769001610.1664896371&gtm=2wg9s0W4DQM4W&z=848019176

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.matchedcaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 23:04:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 58125
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
20ms Image
image/gif 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=234183789&t=event&ni=0&_s=1&dl=https%3A%2F%2Fpay.matchedcaretech.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=75%25&_u=aHDAAUABAAAAACAAI~&jid=&gjid=&cid=380687953.1664896371&tid=UA-49020603-6&_gid=769001610.1664896371&gtm=2wg9s0W4DQM4W&z=218554452

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.matchedcaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 23:04:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 58125
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
20ms Image
image/gif 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=234183789&t=event&ni=0&_s=1&dl=https%3A%2F%2Fpay.matchedcaretech.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=100%25&_u=aHDAAUABAAAAACAAI~&jid=&gjid=&cid=380687953.1664896371&tid=UA-49020603-6&_gid=769001610.1664896371&gtm=2wg9s0W4DQM4W&z=1443568608

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.matchedcaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 23:04:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 58125
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect Show response
n.clarity.ms/ 0
163 B 590ms
213ms XHR
text/plain 52.184.204.244
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://n.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-f/s/0.6.42/clarity.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.184.204.244 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://pay.matchedcaretech.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin: https://pay.matchedcaretech.com
date: Tue, 04 Oct 2022 15:12:51 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 41ms
19ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=250490609560682&ev=Microdata&dl=https%3A%2F%2Fpay.matchedcaretech.com%2F&rl=&if=false&ts=1664896372051&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22https%3A%2F%2Fd85ecz8votkqa.cloudfront.net%2Fimages%2Fpoynt-card.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.84&r=stable&ec=1&o=30&fbp=fb.1.1664896371545.1988897044&it=1664896371080&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.matchedcaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 04 Oct 2022 15:12:52 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 web-widget-chat-sdk-c3d89f0.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame 0D2E 202 KB
51 KB 43ms
42ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-chat-sdk-c3d89f0.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-c3d89f0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83b6f9b5c75ff60e6d4228b0a46fa4c0c80c18dabef5d89534d9c7255e10df35

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 15:12:52 GMT
x-amz-version-id: LlyWvhw.LqLHTBnhfcAmt1ScztbTEDBW
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 984GJYE0N37ZBVHQ
age: 469328
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 8uyShcIsO+CtCHWp9SOus8WPxxPG+BNXjtWWauqY28Hl1Wk8+/lxrQ6b5j/xfUduc0fNHxuQVWs=
last-modified: Thu, 29 Sep 2022 04:10:41 GMT
server: cloudflare
etag: W/"865d0cd066636165cf7f35fb97a1d90d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KivR8kUS3mYK3XdgXoDy%2FeKBSUk3OODwnXZmip%2FSaa9UAowuAcOiqz4dNMn4KOdj1r0M9aUoDfZc6u7rdovrkgRH3DI4XciqXOBlGl7HreE2dugXT5cJvRlCWr2zTUkeRUbTZ2I%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 754edbb618709180-FRA
expires: Fri, 29 Sep 2023 04:10:40 GMT

GET
H2 200 web-widget-chat-incoming-message-notification-c3d89f0.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame 0D2E 208 B
609 B 47ms
47ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-chat-incoming-message-notification-c3d89f0.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-c3d89f0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53be1dac57456d1c758599183b9f5b14c95fe22ea6bc0ee70da5d989ef8a9407

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 15:12:52 GMT
x-amz-version-id: N8bqO2zDBha6NGWEL4FjH.vpyzkExl43
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: T6W0QSGKKXAPG63M
age: 469327
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: WmqUZ/zKV8HvCK7j8FhCBpaplt22jH3pt+g7asfZg8K4aQZYOCPbE9dq9XFJAv5cud9hzW6o5Vo=
last-modified: Thu, 29 Sep 2022 04:10:41 GMT
server: cloudflare
etag: W/"659635f5ad1b6653645380f46aa42236"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ujRHdX7ar%2BLAVOkc%2FOSeMgVBhOkQNhOaEURGJ91GNw7aSi2495cs3%2Bs2Ytyy50%2B4rQeXPeWsg055JONVrI8PxHbUzzxqeC%2FGozrtzw0EibIgoMglI2lC4O1%2Fg%2FWtDfDHH2kmYXE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 754edbb87e6f9180-FRA
expires: Fri, 29 Sep 2023 04:10:40 GMT

GET
H2 206 fda6cd35495c75f83508d9d2e77ee33d.mp3
static.zdassets.com/web_widget/latest/classic/ Frame 0D2E 19 KB
20 KB 35ms
34ms Media
audio/mpeg 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/fda6cd35495c75f83508d9d2e77ee33d.mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 04 Oct 2022 15:12:52 GMT
x-amz-version-id: ngeCnQamEcRo6kgSgz9pTF5J7hCEPwJW
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: JV82F2Q75Q9SH52X
age: 18016891
x-amz-server-side-encryption: AES256
Content-Range: bytes 0-19697/19698
x-amz-replication-status: COMPLETED
Content-Length: 19698
x-amz-id-2: 7jRFkhSGoKTJKa8EYsHFT7mixTiGbrFuRCEe9amr3u4nOjnEEnskKoBmwOPPi3COT51zpfkpZQ4xLKaA5ZBQTg==
last-modified: Wed, 09 Mar 2022 06:43:05 GMT
server: cloudflare
etag: "f11ce9e8f40a392830217253fe75d6de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EqFTSinaXgpUXZaAY%2B0z0e43h0cF8HAV9GvzOtUSjKjnXI3cgsWYovzAW9ltGFRaWG6XJa2L00as8cI%2BkJPeLokSxAA35jTMraX6Ei5LpmdCnhh2wRO6p5PEM7ppkgyYqN5jnSs%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 754edbb8cf279180-FRA
expires: Thu, 09 Mar 2023 06:43:04 GMT

POST
H2 204 collect Show response
n.clarity.ms/ 0
48 B 110ms
109ms XHR
text/plain 52.184.204.244
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://n.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-f/s/0.6.42/clarity.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.184.204.244 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://pay.matchedcaretech.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin: https://pay.matchedcaretech.com
date: Tue, 04 Oct 2022 15:12:52 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
dialog.filepicker.io/dialog/comm_iframe	1969-12-31 23:59:59	Name: Value: testcookie
www.filepicker.io/dialog/comm_iframe	1969-12-31 23:59:59	Name: Value: testcookie
.matchedcaretech.com/	1970-01-20 16:04:16	Name: _ga Value: GA1.2.380687953.1664896371
.matchedcaretech.com/	1970-01-20 06:29:42	Name: _gid Value: GA1.2.769001610.1664896371
.matchedcaretech.com/	1970-01-20 06:28:16	Name: _gat_gtag_UA_49020603_4 Value: 1
.matchedcaretech.com/	1970-01-20 08:37:52	Name: _gcl_au Value: 1.1.428753047.1664896371
.matchedcaretech.com/	1970-01-20 06:28:16	Name: _gat_UA-49020603-6 Value: 1
.bing.com/	1970-01-20 15:49:52	Name: MUID Value: 182F95F9CDEC6B81308E87CACC2C6ACB
.matchedcaretech.com/	1970-01-20 06:29:42	Name: _uetsid Value: 0361dbd043f711eda8e03745979275fc
.matchedcaretech.com/	1970-01-20 15:49:52	Name: _uetvid Value: 0362948043f711ed8a23497f3b51a42a
.doubleclick.net/	1970-01-20 06:28:17	Name: test_cookie Value: CheckForPermission
www.clarity.ms/	1970-01-20 15:13:52	Name: CLID Value: c23f466d9dfa4957aa6db1f44ff45959.20221004.20231004
.matchedcaretech.com/	1970-01-20 08:37:52	Name: _fbp Value: fb.1.1664896371545.1988897044
.matchedcaretech.com/	1970-01-20 15:13:52	Name: _clck Value: 1ghajz7\|1\|f5f\|0
.c.bing.com/	1970-01-20 15:49:52	Name: SRM_B Value: 182F95F9CDEC6B81308E87CACC2C6ACB
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 15:49:52	Name: MUID Value: 182F95F9CDEC6B81308E87CACC2C6ACB
.c.clarity.ms/	1970-01-20 06:28:16	Name: ANONCHK Value: 0
widget-mediator.zopim.com/	1970-01-20 06:38:21	Name: AWSALBCORS Value: K31laWkIZqbHgaoXQ37mciglpzjaPt5W0nzPAHkL8s6kvbYNf/eOuCVKt2HFo22vo/w8eP9TFheJwubrh5D/e7OmlLPhDh/iG0f5N6OigIjyRDbtwAvDvaf/f3K+
.matchedcaretech.com/	1970-01-20 06:29:42	Name: _clsk Value: v1pv97\|1664896372485\|1\|1\|n.clarity.ms/collect
.matchedcaretech.com/	1970-01-20 15:13:52	Name: __zlcmid Value: 1CHlH8tKu9423KN

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pay.matchedcaretech.com/ Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.filepicker.io
bat.bing.com
c.bing.com
c.clarity.ms
connect.facebook.net
d2wy8f7a9ursnm.cloudfront.net
d347164ulyc57y.cloudfront.net
d85ecz8votkqa.cloudfront.net
dialog.filepicker.io
ekr.zdassets.com
fonts.googleapis.com
googleads.g.doubleclick.net
n.clarity.ms
p.typekit.net
pay.matchedcaretech.com
poynt.zendesk.com
static.zdassets.com
stats.g.doubleclick.net
use.typekit.net
www.clarity.ms
www.dwin1.com
www.facebook.com
www.filepicker.io
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
104.16.51.111
104.18.70.113
104.18.72.113
151.101.194.133
172.217.16.130
20.234.93.27
2001:4860:4802:34::178
2600:9000:2304:a00:f:8ce2:fb80:93a1
2620:1ec:46::44
2620:1ec:c11::200
2a00:1450:4001:827::2003
2a00:1450:4001:830::2004
2a00:1450:400c:c00::9a
2a00:1450:400d:806::2002
2a00:1450:400d:807::2008
2a00:1450:400d:807::200a
2a02:26f0:11a::6867:4841
2a02:26f0:3500:16::215:1495
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
52.1.43.64
52.184.204.244
52.222.250.47
65.9.108.9
99.86.4.30
00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674
02bfc0792607137745f4a91a7569037afef83eee2dde83866962522e71f81309
0ae9bc7a3ea8dcddaee8e1756009edcb9e3a19cdf650218815f2437395617e9f
0fc8bfb8053723b289c576544ec5feccc05da9680cb65e46f8d468153cb93106
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
3464b938424dbe9aa7da6bf5f705aacea77c7478b925beead17e593cf6f7ee98
4967dd7f0cebde370ffb0e88979aa9e5f49f97430ddd4f976451065621d53c63
4d346f5f1b47eeaddd4aac34aafd2456c768c4717cdb7e683c7a457d60354e64
53be1dac57456d1c758599183b9f5b14c95fe22ea6bc0ee70da5d989ef8a9407
5c83016b7351bc1595b99eedf4d0ca6ecd46ede6c227eb49ebf0628db4f9dbc2
5dd816bc603c0aa7b1421797241d7289a7cc47a7d09dbee14d6b77dfdc6b1acb
66b344839dcb77d108574958a530ca78d2bf349ed82590844cf23eff9d1c4dd7
68044eaef1841a02213086348bf81a382b3bee100aa54c7369c947da239a0357
6a270b93b0be6f0da67e273bc345a6f69bb1a250a844bad73a2039d3bea57e30
765e473c33aa42d97a33bfaf73a293d401024c988134b9852b92927a6bdfd378
7e83b3f7fe5192cc8849428cc7b5531be393f3d2772915008c00c4d0a2ac5492
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83b6f9b5c75ff60e6d4228b0a46fa4c0c80c18dabef5d89534d9c7255e10df35
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
9098952f8248c717092f34be8d826bb3531802ca3cf377be7cb79edb118c9204
9710a6b4a42554eda9e7cc8fbcb0ec2d7fbeda5662dab00a5d3ddeb76d5e4a5e
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
990bff25280d68da78056f0df3efe50f3e52170f4446e459edc390ff4e2b8911
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9e16eecb114bb36df2b69c9ce41ca963bed4a810db6bc07f271a076f6f91f495
a1c13d2400c8a32733a8404158ae5ce2db3624d3e8ff3aa94420c04fea81f49b
a8a372951054d58d02d96083e5648471e29fab37ec863c0d8491d0dd9fff9e2d
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
c71a7bdc6e1f2f8875556b690007a65be9e5ae1fb285f76d85180c89a3fa52d2
d2f8bbd4cd8ed21ae630e5197ddef4511cffbd6b31690a0545c937d720fce827
d97ca913935c9897ac4e255d17e14c8a3f0d8513681fe5b6736c4921fc5dd078
d9fe3344f6ffaaaaaf42a2adab7e1b57944a8312985777943283a47f766fd036
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed66e27addd3029b15238e36c0bc613704e48baa4c83f8071e03e6f64779c2f5
ee602f79944c5a386cf4dce52f33028706e2415eff57b3bcc5e47f6db2cb1791
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19
f80eed6f368815a7fd5eb286293c2b0522d3d81a4858295f1ff7dd2b3e4d5280
fa96a3d391d16303cd779c0c9898657fb74219a5aa559cb5b0b625d6f7e4e966

pay.matchedcaretech.com Open in urlscan Pro 52.1.43.64 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

58 Requests

98 %HTTPS

56 %IPv6

18 Domains

28 Subdomains

25 IPs

6 Countries

1018 kBTransfer

3120 kBSize

21 Cookies

0 Outgoing links

Page URL History

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

pay.matchedcaretech.com Open in urlscan Pro
52.1.43.64 Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

98 %
HTTPS

56 %
IPv6

18
Domains

28
Subdomains

25
IPs

6
Countries

1018 kB
Transfer

3120 kB
Size

21
Cookies

58 HTTP transactions
0 data transactions