paymentplan.crystalclinic.com Open in urlscan Pro
13.224.189.65  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response paymentplan.crystalclinic.com/	4 KB 2 KB	42ms 19ms	Document text/html	13.224.189.65 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://paymentplan.crystalclinic.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.65 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-65.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 64f93f831bb80b83bd95cf862b4d135187ac23d14d93ad3300b9ee798164d945 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 95 content-encoding gzip content-type text/html date Wed, 22 Feb 2023 00:37:48 GMT etag W/"db21c3b57e839b5a73bddcbe998cfbfb" last-modified Thu, 09 Feb 2023 18:31:59 GMT server AmazonS3 vary Accept-Encoding via 1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront) x-amz-cf-id sCBA0xHIvDFHiQG_hPos7pBHYUEcjY4ehoQRWIvQQBu_ypTGPPoE5g== x-amz-cf-pop FRA2-C1 x-amz-version-id ij5QxDTeaa_aP7UmRuF1jha46m3U.DYg x-cache Hit from cloudfront
GET H/1.1	200 OK	Collect.js Show response secure.safewebservices.com/token/	236 KB 69 KB	494ms 195ms	Script text/javascript	104.192.33.59 GATEWAY-PROCESSIN...
General Check archive.org Show headers Download Go to Full URL https://secure.safewebservices.com/token/Collect.js Requested by Host: paymentplan.crystalclinic.com URL: https://paymentplan.crystalclinic.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.192.33.59 , United States, ASN33512 (GATEWAY-PROCESSING-SERVICES, US), Reverse DNS 104-192-33-59.safewebservices.com Software / Resource Hash 00156cf2fa1a6152364efc8dd90b2679f3cebf83d7788241101a5f4513df4f46 Request headers accept-language de-DE,de;q=0.9 Referer https://paymentplan.crystalclinic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Wed, 22 Feb 2023 00:39:23 GMT Content-Encoding gzip Via 1.1 dca1-bit12014 Last-Modified Wed, 15 Feb 2023 23:08:11 GMT ETag "1110c-5f4c52770ecc0" Vary Accept-encoding,X-Unique-Id Content-Type text/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=30 Content-Length 69900
GET H2	200	slick.min.css cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/	1 KB 700 B	31ms 14ms	Stylesheet text/css	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.min.css Requested by Host: paymentplan.crystalclinic.com URL: https://paymentplan.crystalclinic.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8f24862077717aa659bc9f521e03cd8dbb013fcae88a3eff5a3824a064c92029 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://paymentplan.crystalclinic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 00:39:22 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 443542 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 382 last-modified Mon, 04 May 2020 16:16:21 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03fd5-50a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PLV0EzgiewXB7w3XEJl2t8zUJ4qWsfujSjUqo6k%2FwVAIZhwVaWivdHtFlOUNt%2F1Go7gBc9oL3s5kbRXgokQh5YjybhXpm1oyvXgB5diHE%2FjXrNLuyQJxcX3ZFqx3GEZtHKWANNQqCUzoAlMxR9VK4%2BCe"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 79d3aa0fcdc2917d-FRA expires Mon, 12 Feb 2024 00:39:22 GMT
GET H2	200	slick-theme.min.css cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/	2 KB 1 KB	29ms 12ms	Stylesheet text/css	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick-theme.min.css Requested by Host: paymentplan.crystalclinic.com URL: https://paymentplan.crystalclinic.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5a684227c1eef599cf45d875e0f906a73e0fb247aca49c0de70c1a14e7ef818f Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://paymentplan.crystalclinic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 00:39:22 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 5897071 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 637 last-modified Mon, 04 May 2020 16:16:21 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03fd5-92d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WkIJVRqDrxdW5V%2BY3Ej%2FeGj0j2O0Jn6AuYkoafyoC4I5Um06Zv8rzCB3xh0bMKVFYW7DmnMC1BqElZR3laL0cyZokPM7oFPvIoDsu7XOQWUqyPzici5xpO6ZJTVUXYPkSqHS0Q%2FJ%2BzwZIyEit0HD%2BPoU"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 79d3aa0fcdc3917d-FRA expires Mon, 12 Feb 2024 00:39:22 GMT
GET H2	200	optimize.js Show response www.googleoptimize.com/	111 KB 44 KB	150ms 52ms	Script application/javascript	2a00:1450:4001:829::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleoptimize.com/optimize.js?id=OPT-P8S6NBG Requested by Host: paymentplan.crystalclinic.com URL: https://paymentplan.crystalclinic.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 88fa7fd1ab9f7c9a6d5d9f7780b7f5190b3152f242249863aca98962cd7bd7d5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://paymentplan.crystalclinic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 00:39:22 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 44474 x-xss-protection 0 last-modified Wed, 22 Feb 2023 00:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 22 Feb 2023 00:39:22 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	129 KB 50 KB	209ms 79ms	Script application/javascript	2a00:1450:400d:80c::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-700048956 Requested by Host: paymentplan.crystalclinic.com URL: https://paymentplan.crystalclinic.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80c::2008 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 30693ab8f583afa00d4988ec53896b0c61652add5bbf3e738487ee92e6857357 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://paymentplan.crystalclinic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 00:39:23 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 50784 x-xss-protection 0 last-modified Wed, 22 Feb 2023 00:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 22 Feb 2023 00:39:23 GMT
GET H2	200	2.e1539c05.chunk.css paymentplan.crystalclinic.com/static/css/	17 KB 2 KB	491ms 489ms	Stylesheet text/css	13.224.189.65 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://paymentplan.crystalclinic.com/static/css/2.e1539c05.chunk.css Requested by Host: paymentplan.crystalclinic.com URL: https://paymentplan.crystalclinic.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.65 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-65.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash e1a1d70f53dc427dc825096ab254d8a2c9d30d08ac9e72658711af58d2439c15 Request headers accept-language de-DE,de;q=0.9 Referer https://paymentplan.crystalclinic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 00:39:24 GMT x-amz-version-id jiB_8t6s6NQRwtbo.Ng_02B8C54HXymy content-encoding gzip last-modified Thu, 09 Feb 2023 18:31:59 GMT server AmazonS3 via 1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C1 etag W/"d8d03d763ce860af25bbad8afff51571" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Miss from cloudfront content-type text/css x-amz-cf-id Z6WZsN4WPask8ecdOho4mpz3c4fEE2eH0tKkeU_Myw1phUnxpoeWzA==
GET H2	200	main.a405e1ce.chunk.css paymentplan.crystalclinic.com/static/css/	562 KB 70 KB	493ms 492ms	Stylesheet text/css	13.224.189.65 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://paymentplan.crystalclinic.com/static/css/main.a405e1ce.chunk.css Requested by Host: paymentplan.crystalclinic.com URL: https://paymentplan.crystalclinic.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.65 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-65.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash ed9912564c6e49769af84a8c07c9ef07edbc5c5ca469d8c5d4de8b170f4b2059 Request headers accept-language de-DE,de;q=0.9 Referer https://paymentplan.crystalclinic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 00:39:24 GMT x-amz-version-id .tIQoeBZTDeCAPVG9UHotabrt1Z6CLW_ content-encoding gzip last-modified Thu, 09 Feb 2023 18:31:59 GMT server AmazonS3 via 1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C1 etag W/"7440c0e5208ed70e99586a9c065dcf03" vary Accept-Encoding x-cache Miss from cloudfront content-type text/css x-amz-cf-id _gPyUa_xLuae42vHsisifZAzQhQkf4ecNzEChf3g2plOnmd1vi6FqA==
GET H2	200	link-initialize.js Show response cdn.plaid.com/link/v2/stable/	132 KB 41 KB	60ms 31ms	Script application/javascript	13.224.189.94 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.plaid.com/link/v2/stable/link-initialize.js Requested by Host: paymentplan.crystalclinic.com URL: https://paymentplan.crystalclinic.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.94 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-94.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 6aefe88789e1bf7c39b029410a2a8023449f0700ef083c09b5fa3a87e3e0ca9e Request headers accept-language de-DE,de;q=0.9 Referer https://paymentplan.crystalclinic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers x-amz-version-id .a5uXnlb0ltv9D_yxKGnXh1sdHoyqpAv content-encoding gzip via 1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront) date Tue, 21 Feb 2023 17:49:46 GMT x-amz-request-id RG64GJ1HY0EARENT x-amz-cf-pop FRA2-C1 x-amz-server-side-encryption AES256 age 24580 x-cache Hit from cloudfront x-amz-replication-status COMPLETED x-amz-id-2 Saah/9nkzmTca1djkltOo3e8YIWxZdt31nucQn0AOFtHFTbGN5iF82Z7Kdi79AOVq4zQKsa+c/s= last-modified Fri, 17 Feb 2023 17:35:15 GMT server AmazonS3 etag W/"ad0d1dbc50d47007f6102ed1c618cabc" vary Accept-Encoding content-type application/javascript cache-control no-cache,must-revalidate,max-age=0 x-amz-cf-id wgmIbk9elkgyMVbpAhzK7S3SSCvK40Y-RTFtn4n6bZGa_IPjhH_cWg==
GET H2	200	2.17522f95.chunk.js Show response paymentplan.crystalclinic.com/static/js/	943 KB 273 KB	476ms 475ms	Script application/javascript	13.224.189.65 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://paymentplan.crystalclinic.com/static/js/2.17522f95.chunk.js Requested by Host: paymentplan.crystalclinic.com URL: https://paymentplan.crystalclinic.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.65 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-65.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 2899fab80c5c3155b6091390e4b0b7f0a76682acf8982cc33cce24c2c644c3e3 Request headers accept-language de-DE,de;q=0.9 Referer https://paymentplan.crystalclinic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 00:39:24 GMT x-amz-version-id vcbklNni3jGTTU6TuRoV5.umZYVBZPJK content-encoding gzip last-modified Thu, 09 Feb 2023 18:31:59 GMT server AmazonS3 via 1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C1 etag W/"4e5219f6433de75a3c28b9863f753838" vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript x-amz-cf-id qvW8ym7z3EYNg9Rt-h3RzcM-4bd_ztp1ssnrR2hfxPu0uiw8PD9_Hw==
GET H2	200	main.120ccdd6.chunk.js Show response paymentplan.crystalclinic.com/static/js/	392 KB 137 KB	511ms 510ms	Script application/javascript	13.224.189.65 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://paymentplan.crystalclinic.com/static/js/main.120ccdd6.chunk.js Requested by Host: paymentplan.crystalclinic.com URL: https://paymentplan.crystalclinic.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.65 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-65.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 59396f8f0c2fc395975f3338c9de822dafc3012b30a29cb6ccbed3f1e5ed27a0 Request headers accept-language de-DE,de;q=0.9 Referer https://paymentplan.crystalclinic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 00:39:24 GMT x-amz-version-id eSVE7khdsZfB9Q_ew1lzEBkqLz9aLzkT content-encoding gzip last-modified Thu, 09 Feb 2023 18:31:59 GMT server AmazonS3 via 1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C1 etag W/"0d6d237abaced59853f67088c3023d56" vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript x-amz-cf-id YgmtaKud9qbCOIgYoNQ0t8FoLdhuwhaRrCDKoIKciVGSVD0DXfuisQ==
POST H/1.1	200 OK	create Show response secure.safewebservices.com/token/api/	311 B 1 KB	741ms 461ms	XHR application/json	104.192.33.59 GATEWAY-PROCESSIN...
General Check archive.org Show headers Download Go to Full URL https://secure.safewebservices.com/token/api/create Requested by Host: secure.safewebservices.com URL: https://secure.safewebservices.com/token/Collect.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.192.33.59 , United States, ASN33512 (GATEWAY-PROCESSING-SERVICES, US), Reverse DNS 104-192-33-59.safewebservices.com Software / Resource Hash cdfecd5fa17f380f913d516a958f72eb8ba26e48785bbe1f67f39c4e47d60873 Request headers Accept application/json, text/plain, */* Referer https://paymentplan.crystalclinic.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers Date Wed, 22 Feb 2023 00:39:23 GMT Via 1.1 dca1-bit12014 Vary X-Unique-Id Transfer-Encoding chunked Content-Type application/json Access-Control-Allow-Origin * Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=2, max=30
GET H/1.1	200 OK	styles.css secure.safewebservices.com/token/	3 KB 906 B	119ms 118ms	Stylesheet text/css	104.192.33.59 GATEWAY-PROCESSIN...
General Check archive.org Show headers Download Go to Full URL https://secure.safewebservices.com/token/styles.css Requested by Host: secure.safewebservices.com URL: https://secure.safewebservices.com/token/Collect.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.192.33.59 , United States, ASN33512 (GATEWAY-PROCESSING-SERVICES, US), Reverse DNS 104-192-33-59.safewebservices.com Software / Resource Hash 89bb95574bb591c8ec6e822c04fb80c4f736c8660457490007b302bbda6af46b Request headers accept-language de-DE,de;q=0.9 Referer https://paymentplan.crystalclinic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Wed, 22 Feb 2023 00:39:23 GMT Content-Encoding gzip Via 1.1 dca1-bit12014 Last-Modified Wed, 15 Feb 2023 23:08:11 GMT ETag "23c-5f4c52770ecc0" Vary Accept-encoding,X-Unique-Id Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=29 Content-Length 572
GET H2	200	js Show response www.googletagmanager.com/gtag/	129 KB 50 KB	280ms 150ms	Script application/javascript	2a00:1450:400d:80c::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-700048956&l=dataLayer&cx=c Requested by Host: www.googleoptimize.com URL: https://www.googleoptimize.com/optimize.js?id=OPT-P8S6NBG Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80c::2008 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 6c4e122b40c4e48182c4a36ffff9b964ce20369201292fac5afdfe51baba2f39 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://paymentplan.crystalclinic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 00:39:23 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 50796 x-xss-protection 0 last-modified Wed, 22 Feb 2023 00:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 22 Feb 2023 00:39:23 GMT
GET H2	200	logger-1.min.js Show response cdn.lr-ingest.io/	805 KB 161 KB	41ms 22ms	Script text/javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.lr-ingest.io/logger-1.min.js Requested by Host: paymentplan.crystalclinic.com URL: https://paymentplan.crystalclinic.com/static/js/2.17522f95.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e851682966653cc496292e451c72b9b346c6a6f0e18450f2025449c9ae28cdbc Security Headers Name Value Strict-Transport-Security max-age=31556926 Request headers accept-language de-DE,de;q=0.9 Referer https://paymentplan.crystalclinic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 00:39:23 GMT strict-transport-security max-age=31556926 content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 22 x-cache HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-hhn-etou8220053-HHN last-modified Tue, 21 Feb 2023 23:00:18 GMT server cloudflare x-timer S1677020605.907526,VS0,VE1 etag W/"6a44f6477833eb7f19a27ef36bd1bb5d5afe101cc4d4a017380be297f5ff0889" vary x-fh-requested-host, accept-encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uwpq1Ey2aRG8SnWK5Ooc%2Bo3NcskK0hNrNzpQf6A4DbUothxJYxx2%2BvPx%2F%2BqqjFoEkbBMnjK1lR42y%2BPK43NGUUKABA2BULIt7ZeoWCWPwqZZ4url4N%2B76hbZ88SqZL8Lpj5D4eYm3PF8DNHmgHTn"}],"group":"cf-nel","max_age":604800} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=14400 cf-ray 79d3aa15db34693a-FRA x-cache-hits 1
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	45ms 14ms	Script text/javascript	2001:4860:4802:34::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: paymentplan.crystalclinic.com URL: https://paymentplan.crystalclinic.com/static/js/2.17522f95.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://paymentplan.crystalclinic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Tue, 21 Feb 2023 23:14:06 GMT last-modified Tue, 10 Jan 2023 21:29:14 GMT server Golfe2 age 5117 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20085 expires Wed, 22 Feb 2023 01:14:06 GMT
GET H2	200	website Show response paymentplan.crystalclinic.com/v1/providers/	826 B 1 KB	425ms 425ms	XHR application/json	13.224.189.65 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://paymentplan.crystalclinic.com/v1/providers/website?subdomain=paymentplan Requested by Host: paymentplan.crystalclinic.com URL: https://paymentplan.crystalclinic.com/static/js/2.17522f95.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.65 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-65.fra2.r.cloudfront.net Software / Resource Hash 3ba41586ab976bdec2fa2062f200258d5e037182b3418f6267285ff02c548de6 Security Headers Name Value Content-Security-Policy default-src 'none'; script-src ; style-rc; img-src ; connect-src ; frame-src 'self' default-src 'none' Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept application/json X-Provider-Name paymentplan Referer https://paymentplan.crystalclinic.com/ x-session-id 430c1baa-1058-4dbc-bbb5-8139552c17dc accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 X-LogRocket-URL undefined Response headers date Wed, 22 Feb 2023 00:39:24 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff content-security-policy default-src 'none'; script-src ; style-rc; img-src ; connect-src ; frame-src 'self' default-src 'none' via 1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C1 x-dns-prefetch-control off x-cache Miss from cloudfront content-length 826 x-xss-protection 1; mode=block x-request-id f3wehk3bm etag W/"33a-OjymiLvs2g4rd6PpQl5ZvhL6Ik8" x-download-options noopen x-frame-options DENY content-type application/json; charset=utf-8 access-control-allow-origin * x-amz-cf-id D7iskEHx7hM8RbxYZTPwFvgXPTffVhL6N_fJa9HTBHf257OEhhEAvw==
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/700048956/	2 KB 1 KB	186ms 88ms	Script text/javascript	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/700048956/?random=1677026363941&cv=11&fst=1677026363941&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fpaymentplan.crystalclinic.com%2F&tiba=Break%20Free%20From%20Medical%20Bills%20%7C%20PayZen&auid=1993238129.1677026364&data=event%3Dgtag.config&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-700048956 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 78d7f15d0fe75adc58474541d297b96d8c12527bb9a9297b5d1dce169758131a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://paymentplan.crystalclinic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Wed, 22 Feb 2023 00:39:24 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 900 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET BLOB	200 OK	15685e23-88ac-4570-be22-d93ba9ec3a42 https://paymentplan.crystalclinic.com/	443 KB 0		Other text/plain
General Check archive.org Show headers Download Go to Full URL blob:https://paymentplan.crystalclinic.com/15685e23-88ac-4570-be22-d93ba9ec3a42 Requested by Host: paymentplan.crystalclinic.com URL: https://paymentplan.crystalclinic.com/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash d48724dd076daeea30730d5d202c53158f7510fb71eea024e7f67f1472b6ec85 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Content-Length 454052 Content-Type
GET H2	200	/ www.google.com/pagead/1p-user-list/700048956/	42 B 455 B	195ms 73ms	Image image/gif	2a00:1450:400d:807::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/700048956/?random=1677026363941&cv=11&fst=1677024000000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fpaymentplan.crystalclinic.com%2F&tiba=Break%20Free%20From%20Medical%20Bills%20%7C%20PayZen&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3814343120&rmt_tld=0&ipr=y Requested by Host: paymentplan.crystalclinic.com URL: https://paymentplan.crystalclinic.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://paymentplan.crystalclinic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Wed, 22 Feb 2023 00:39:24 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/700048956/	42 B 455 B	138ms 51ms	Image image/gif	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/700048956/?random=1677026363941&cv=11&fst=1677024000000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fpaymentplan.crystalclinic.com%2F&tiba=Break%20Free%20From%20Medical%20Bills%20%7C%20PayZen&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3814343120&rmt_tld=1&ipr=y Requested by Host: paymentplan.crystalclinic.com URL: https://paymentplan.crystalclinic.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://paymentplan.crystalclinic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Wed, 22 Feb 2023 00:39:24 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	uf36xx6n Show response widget.intercom.io/widget/	8 KB 4 KB	173ms 115ms	Script application/javascript	13.224.189.74 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widget.intercom.io/widget/uf36xx6n Requested by Host: paymentplan.crystalclinic.com URL: https://paymentplan.crystalclinic.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-74.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash fcea51343c1eccef621f3ff35dcf49231fcbe3c69d80c366e220ac4945c923fb Request headers accept-language de-DE,de;q=0.9 Referer https://paymentplan.crystalclinic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers x-amz-version-id wVQKA2UqF3g5Blif36lNDyh7MJVu6yXj content-encoding gzip via 1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront) date Wed, 22 Feb 2023 00:24:34 GMT x-amz-cf-pop FRA2-C1 age 991 x-amz-server-side-encryption AES256 x-cache Error from cloudfront alt-svc h3=":443"; ma=86400 content-length 3266 last-modified Tue, 21 Feb 2023 17:29:59 GMT server AmazonS3 etag "b5e88c784cbb95a3a5ed8de30c174cd6" vary Accept-Encoding, Origin content-type application/javascript; charset=UTF-8 cache-control max-age=900, s-maxage=900, public accept-ranges bytes x-amz-cf-id 49-P5wQ_elVbKEIuSd3eBcr8LwhbMRjUGmU1WP1b06uazVgb2fmOgg==
POST H2	200	collect Show response www.google-analytics.com/j/	3 B 217 B	21ms 20ms	XHR text/plain	2001:4860:4802:34::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j99&a=865958885&t=pageview&_s=1&dl=https%3A%2F%2Fpaymentplan.crystalclinic.com%2F&dp=%2Fapp%2Fbill-info&ul=en-us&de=UTF-8&dt=Break%20Free%20From%20Medical%20Bills%20%7C%20PayZen&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABAAAAACAAI~&jid=2100888409&gjid=1260755442&cid=296803234.1677026364&tid=UA-156186430-4&_gid=1356848102.1677026364&_r=1&_slc=1&z=406840413 Requested by Host: paymentplan.crystalclinic.com URL: https://paymentplan.crystalclinic.com/static/js/2.17522f95.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://paymentplan.crystalclinic.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 22 Feb 2023 00:39:24 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://paymentplan.crystalclinic.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	logo.png server.static.payzen.com/providers/crystal-clinic/	38 KB 39 KB	682ms 459ms	Image image/png	13.32.110.64 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://server.static.payzen.com/providers/crystal-clinic/logo.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.110.64 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-110-64.vie50.r.cloudfront.net Software AmazonS3 / Resource Hash fd4a793c2c20668eb63b0f77f6b6da3fd375c34e5baab08981615f15836a1ce5 Request headers accept-language de-DE,de;q=0.9 Referer https://paymentplan.crystalclinic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers x-amz-version-id null date Wed, 22 Feb 2023 00:39:25 GMT via 1.1 42c9dddb4e518a9ed3248bf50565b120.cloudfront.net (CloudFront) last-modified Wed, 13 Apr 2022 17:26:05 GMT server AmazonS3 x-amz-cf-pop VIE50-C2 etag "40edae5ff6590d7cc2a1647b9927fd87" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type image/png accept-ranges bytes content-length 39371 x-amz-cf-id ZuBy6qd9vXadtcky2CLVs4tkdM-yNeFp099p4-LjYLqG3pKKfZXEXQ==
GET H2	200	payzen-logo-colored.ebe25d3f.svg paymentplan.crystalclinic.com/static/media/	21 KB 9 KB	444ms 443ms	Image image/svg+xml	13.224.189.65 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://paymentplan.crystalclinic.com/static/media/payzen-logo-colored.ebe25d3f.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.65 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-65.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 08024a7cd9f499a1775d92dd94842ccd09e7d60c1b69e787e3055cff5de67c1f Request headers accept-language de-DE,de;q=0.9 Referer https://paymentplan.crystalclinic.com/app/bill-info User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 00:39:25 GMT x-amz-version-id UgfELHHB_GCD7NJL6UlsifGLXDQGhZ_j content-encoding gzip last-modified Thu, 09 Feb 2023 18:32:00 GMT server AmazonS3 via 1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C1 etag W/"4e7f23305bfba23fffa65d177e59c744" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Miss from cloudfront content-type image/svg+xml x-amz-cf-id 2SgHenCj4yedkgP6J2d3pLLPBBkYuKSlF_Q0mlLCazWUIGGCo0yWGw==
GET DATA	200 OK	truncated /	6 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fe6ea3fc3abf7833bd86796310408fa45f79b787e2c724c9e63756cdfd260e40 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	10 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 65ebaf544bd719c6f683324fdd961418578bfc1cbf2a9e674c9b8d6bc6c4f1fc Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	7 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6fc86202bce034acdf6c1555064db092625f909b24f6d49417af015a09f6d67f Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Content-Type image/png
GET H2	200	website Show response paymentplan.crystalclinic.com/v1/providers/	826 B 1 KB	416ms 416ms	XHR application/json	13.224.189.65 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://paymentplan.crystalclinic.com/v1/providers/website?subdomain=paymentplan Requested by Host: paymentplan.crystalclinic.com URL: https://paymentplan.crystalclinic.com/static/js/2.17522f95.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.65 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-65.fra2.r.cloudfront.net Software / Resource Hash 3ba41586ab976bdec2fa2062f200258d5e037182b3418f6267285ff02c548de6 Security Headers Name Value Content-Security-Policy default-src 'none'; script-src ; style-rc; img-src ; connect-src ; frame-src 'self' default-src 'none' Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept application/json X-Provider-Name paymentplan Referer https://paymentplan.crystalclinic.com/app/bill-info x-session-id 430c1baa-1058-4dbc-bbb5-8139552c17dc accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 X-LogRocket-URL undefined Response headers date Wed, 22 Feb 2023 00:39:24 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff content-security-policy default-src 'none'; script-src ; style-rc; img-src ; connect-src ; frame-src 'self' default-src 'none' via 1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C1 x-dns-prefetch-control off x-cache Miss from cloudfront content-length 826 x-xss-protection 1; mode=block x-request-id B80wsRa8YQ etag W/"33a-OjymiLvs2g4rd6PpQl5ZvhL6Ik8" x-download-options noopen x-frame-options DENY content-type application/json; charset=utf-8 access-control-allow-origin * x-amz-cf-id vN8cD6dy10tRYM0N2bzxG-AbOg0ogbPc4afWC-wlhOad_CEriNgmFg==
GET H2	200	nunito-regular-webfont.475306cd.woff2 paymentplan.crystalclinic.com/static/media/	22 KB 23 KB	454ms 453ms	Font binary/octet-stream	13.224.189.65 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://paymentplan.crystalclinic.com/static/media/nunito-regular-webfont.475306cd.woff2 Requested by Host: paymentplan.crystalclinic.com URL: https://paymentplan.crystalclinic.com/static/css/main.a405e1ce.chunk.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.65 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-65.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash e00e473dc7333e1df467efc137053838217de66efbd7b98c652e697b6c5db1c3 Request headers Referer https://paymentplan.crystalclinic.com/static/css/main.a405e1ce.chunk.css Origin https://paymentplan.crystalclinic.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 00:39:25 GMT x-amz-version-id JiIgxPp5LE3MsQsWtE50oOl3kADbz_5e via 1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront) last-modified Thu, 09 Feb 2023 18:32:00 GMT server AmazonS3 x-amz-cf-pop FRA2-C1 etag "c2d1906a66d9f3a08337265f0f051212" x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-type binary/octet-stream accept-ranges bytes content-length 23028 x-amz-cf-id gL35XQBLn7a2ThWHqwPJvo38UUsxmzz6SZsutfh_mqUG3VWKF7L6yg==
GET H2	200	nunito-semibold-webfont.b777ec59.woff2 paymentplan.crystalclinic.com/static/media/	23 KB 24 KB	446ms 445ms	Font binary/octet-stream	13.224.189.65 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://paymentplan.crystalclinic.com/static/media/nunito-semibold-webfont.b777ec59.woff2 Requested by Host: paymentplan.crystalclinic.com URL: https://paymentplan.crystalclinic.com/static/css/main.a405e1ce.chunk.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.65 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-65.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash ee567c9989e2cfe4f78174bc17090d96e130a296be2e6734c88f89d32cb81ead Request headers Referer https://paymentplan.crystalclinic.com/static/css/main.a405e1ce.chunk.css Origin https://paymentplan.crystalclinic.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 00:39:25 GMT x-amz-version-id 2rTU.cQ22pwsbxO2YuXwWXVs1wdGLa_6 via 1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront) last-modified Thu, 09 Feb 2023 18:32:00 GMT server AmazonS3 x-amz-cf-pop FRA2-C1 etag "27226c3634849830cf9a7169c3222765" x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-type binary/octet-stream accept-ranges bytes content-length 23748 x-amz-cf-id XbHYKhzKWP8rJrih8F-j4vE-hsIrmgdutbKNhZfSdsZgI0Hz1IMCpw==
GET H2	200	frame-modern.6c27647e.js Show response js.intercomcdn.com/ Frame 614C	482 KB 128 KB	98ms 9ms	Script application/javascript	13.225.78.57 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.intercomcdn.com/frame-modern.6c27647e.js Requested by Host: widget.intercom.io URL: https://widget.intercom.io/widget/uf36xx6n Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.78.57 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-78-57.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash df0ebce9f7d0c304005fe00fc01560f31acd1b6a732d208a657aa63a6b3333f5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers x-amz-version-id KfKMffwFl_3Caw9KOTa3vYFuselhTtjI content-encoding gzip via 1.1 e5b747ffd1713cb17ddd7d55234a3300.cloudfront.net (CloudFront) date Wed, 22 Feb 2023 00:06:59 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop FRA2-C2 age 5806 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 content-length 130286 last-modified Tue, 21 Feb 2023 17:28:18 GMT server AmazonS3 etag "d6c050c31b9b6f78a9ce8ed0ab6012b8" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=31536000, s-maxage=7200, public accept-ranges bytes x-amz-cf-id nWxtut6IXD8VHOQnSPF7-GEzjpJcLrgx6-Cvj7fVcPSBsQ5I0tsydQ==
GET H2	200	vendor-modern.1feaf899.js Show response js.intercomcdn.com/ Frame 614C	236 KB 73 KB	115ms 27ms	Script application/javascript	13.225.78.57 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.intercomcdn.com/vendor-modern.1feaf899.js Requested by Host: widget.intercom.io URL: https://widget.intercom.io/widget/uf36xx6n Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.78.57 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-78-57.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash a193683840839653d93603078ade636aaecaf010a2b66309834bfa23fe28e992 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers x-amz-version-id zKSYysOs3ZH.74YUnU0L6M4W84DpjY1v content-encoding gzip via 1.1 e5b747ffd1713cb17ddd7d55234a3300.cloudfront.net (CloudFront) date Tue, 21 Feb 2023 22:54:50 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop FRA2-C2 age 6275 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 content-length 74410 last-modified Tue, 21 Feb 2023 17:28:18 GMT server AmazonS3 etag "547a55966cd0e9f75b8f52e241e83716" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=31536000, s-maxage=7200, public accept-ranges bytes x-amz-cf-id r7H-ZJcPW-In9w4ecugRIIffIUo9Caje4g1BhZ93xPuA9sZhDRhuNw==
POST H2	200	ping Show response api-iam.intercom.io/messenger/web/ Frame 614C	5 KB 3 KB	726ms 504ms	XHR application/json	54.162.195.244 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api-iam.intercom.io/messenger/web/ping Requested by Host: js.intercomcdn.com URL: https://js.intercomcdn.com/frame-modern.6c27647e.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.162.195.244 , United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-162-195-244.compute-1.amazonaws.com Software nginx / Resource Hash 2b38a6d0e0d0044154ebff0ad45cf783559973fb86804e22a0f819b4f911eb38 Security Headers Name Value Strict-Transport-Security max-age=31556952; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Wed, 22 Feb 2023 00:39:25 GMT strict-transport-security max-age=31556952; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff x-ami-version ami-0be81d9dffa4bc64a status 200 OK x-xss-protection 1; mode=block x-request-id 0008e1ltucaiea8kd2i0 x-runtime 0.357750 server nginx etag W/"2b38a6d0e0d0044154ebff0ad45cf783" x-ratelimit-remaining 13332 vary Accept,Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://paymentplan.crystalclinic.com x-intercom-version 5024054c4915cd45bfb0fb4be4d3729757dd182d cache-control max-age=0, private, must-revalidate access-control-allow-credentials true x-ratelimit-reset 1677026370 x-ratelimit-limit 13333 access-control-allow-methods POST, GET, OPTIONS access-control-allow-headers Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA x-frame-options SAMEORIGIN
POST H2	201	i Show response r.lr-ingest.io/	78 B 604 B	808ms 337ms	XHR application/json	104.198.23.205 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://r.lr-ingest.io/i?a=5fivqm%2Fpayzen&r=5-255f09f5-8876-4a50-b7f5-a9a8c4a573c3&t=e85158bf-af75-47e6-9847-a44b62b877e4&s=0&rs=0%2Cu&u=524c2878-256d-4d4e-8bd8-d0815a7dd24c&is=1 Requested by Host: cdn.lr-ingest.io URL: https://cdn.lr-ingest.io/logger-1.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.198.23.205 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 205.23.198.104.bc.googleusercontent.com Software / Express Resource Hash 0726a1460c479e6771c69b199c50878ab086b6688ee4360232d608a6c18ef142 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://paymentplan.crystalclinic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 00:39:27 GMT strict-transport-security max-age=15724800; includeSubDomains etag W/"4e-tVpdzeH1qOmgCYkZn233dffv4yA" x-powered-by Express access-control-max-age 1728000 access-control-allow-methods GET, PUT, POST, DELETE, PATCH, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin * access-control-allow-credentials true access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret,X-LogRocket-ClickHouse-Override,X-LogRocket-ClickHouse-Enabled-Queries content-length 78
POST H2	200	/ Show response api-js.mixpanel.com/track/	25 B 380 B	99ms 50ms	XHR application/json	107.178.240.159
General Check archive.org Show headers Download Go to Full URL https://api-js.mixpanel.com/track/?verbose=1&ip=1&_=1677026368889 Requested by Host: paymentplan.crystalclinic.com URL: https://paymentplan.crystalclinic.com/static/js/2.17522f95.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 107.178.240.159 -, , ASN (), Reverse DNS Software envoy / Resource Hash e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba Security Headers Name Value Strict-Transport-Security max-age=604800; includeSubDomains Request headers Referer https://paymentplan.crystalclinic.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers strict-transport-security max-age=604800; includeSubDomains date Wed, 22 Feb 2023 00:39:28 GMT via 1.1 google server envoy access-control-max-age 1728000 access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin https://paymentplan.crystalclinic.com access-control-expose-headers X-MP-CE-Backoff cache-control no-cache, no-store access-control-allow-credentials true x-envoy-upstream-service-time 28 access-control-allow-headers X-Requested-With content-length 25 alt-svc clear

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| oncontentvisibilityautostatechange object| dataLayer object| regeneratorRuntime function| setImmediate function| clearImmediate object| CollectJS object| google_tag_manager object| google_optimize object| intercomSettings function| Intercom function| gtag object| Plaid object| webpackJsonpPlaid object| webpackJsonppayzen_client function| _lrMutationObserver object| __SDKCONFIG__ string| GoogleAnalyticsObject function| ga function| _lrXMLHttpRequest object| google_tag_data object| GooglebQhCsO function| _LRLogger boolean| _lr_loaded object| gaplugins object| gaGlobal object| gaData function| __intercomAssignLocation function| __intercomReloadLocation

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.crystalclinic.com/	1970-01-20 12:00:02	Name: _gcl_au Value: 1.1.1993238129.1677026364
			paymentplan.crystalclinic.com/	1970-01-20 09:51:52	Name: _lr_tabs_-5fivqm%2Fpayzen Value: {%22sessionID%22:0%2C%22recordingID%22:%225-255f09f5-8876-4a50-b7f5-a9a8c4a573c3%22%2C%22lastActivity%22:1677026363989}
			paymentplan.crystalclinic.com/	1970-01-20 09:51:52	Name: _lr_hb_-5fivqm%2Fpayzen Value: {%22heartbeat%22:1677026363989}
			.crystalclinic.com/	1970-01-20 19:26:26	Name: _ga Value: GA1.2.296803234.1677026364
			.crystalclinic.com/	1970-01-20 09:51:52	Name: _gid Value: GA1.2.1356848102.1677026364
			paymentplan.crystalclinic.com/	1969-12-31 23:59:59	Name: _lr_uf_-5fivqm Value: 6b9452ad-2863-4d1c-9595-09f18656a146
			.doubleclick.net/	1970-01-20 09:50:27	Name: test_cookie Value: CheckForPermission
			.crystalclinic.com/	1970-01-20 09:50:26	Name: _gat Value: 1
			.crystalclinic.com/	1970-01-20 18:36:02	Name: mp_78fe501982b13b6315a8f78bd0a0e352_mixpanel Value: %7B%22distinct_id%22%3A%20%22186768f89f4423-0134c2e787d181-683f5457-1d4c00-186768f89f5abc%22%2C%22%24device_id%22%3A%20%22186768f89f4423-0134c2e787d181-683f5457-1d4c00-186768f89f5abc%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22__mps%22%3A%20%7B%22%24os%22%3A%20%22Windows%22%2C%22%24browser%22%3A%20%22Chrome%22%2C%22%24browser_version%22%3A%20110%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22last%20page%22%3A%20%22%2Fapp%2Fbill-info%22%7D%2C%22__mpso%22%3A%20%7B%7D%2C%22__mpus%22%3A%20%7B%7D%2C%22__mpa%22%3A%20%7B%7D%2C%22__mpu%22%3A%20%7B%7D%2C%22__mpr%22%3A%20%5B%5D%2C%22__mpap%22%3A%20%5B%5D%7D
			.crystalclinic.com/	1970-01-20 16:19:16	Name: intercom-id-uf36xx6n Value: eb3e18bf-a130-4093-a66d-7716797a5ef3
			.crystalclinic.com/	1970-01-20 10:00:31	Name: intercom-session-uf36xx6n Value:
			.crystalclinic.com/	1970-01-20 16:19:16	Name: intercom-device-id-uf36xx6n Value: e1fc069d-5172-4528-8b61-cbd50a25f0b4