urlscan.io logo urlscan.io
SecurityTrails logo

www.coveredca.com Open in urlscan Pro
23.99.0.12  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://coveredca.com/help-on-demand/
Effective URL: https://www.coveredca.com/help-on-demand/
Submission: On December 28 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 85 IPs in 6 countries across 68 domains to perform 201 HTTP transactions. The main IP is 23.99.0.12, located in San Jose, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.coveredca.com. The Cisco Umbrella rank of the primary domain is 243700.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on November 29th 2023. Valid for: a year.
This is the only time www.coveredca.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 40 23.99.0.12 8075 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:400... 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
3 8 216.58.206.38 15169 (GOOGLE)
1 6 2620:1ec:c11:... 8068 (MICROSOFT...)
9 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 142.250.74.194 15169 (GOOGLE)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 146.75.116.157 54113 (FASTLY)
2 65.9.66.25 16509 (AMAZON-02)
1 2600:9000:20e... 16509 (AMAZON-02)
2 23.212.207.113 16625 (AKAMAI-AS)
4 18.184.58.94 16509 (AMAZON-02)
2 18.216.88.61 16509 (AMAZON-02)
7 23.38.98.117 20940 (AKAMAI-ASN1)
1 3 52.28.181.94 16509 (AMAZON-02)
2 2 172.217.16.134 15169 (GOOGLE)
2 4 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 4 2a00:1450:400... 15169 (GOOGLE)
2 5 2a00:1450:400... 15169 (GOOGLE)
3 2620:1ec:bdf::63 8075 (MICROSOFT...)
4 4 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 104.244.42.133 13414 (TWITTER)
1 104.244.42.67 13414 (TWITTER)
1 2a03:2880:f17... 32934 (FACEBOOK)
1 1 18.239.36.71 16509 (AMAZON-02)
1 65.9.86.120 16509 (AMAZON-02)
2 35.234.162.151 396982 (GOOGLE-CL...)
1 65.9.65.116 16509 (AMAZON-02)
1 2001:678:cb4:... 56396 (AMOBEE)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 34.198.133.245 14618 (AMAZON-AES)
2 154.59.122.94 174 (COGENT-174)
1 2a05:d018:cc3... 16509 (AMAZON-02)
4 5 18.239.83.63 16509 (AMAZON-02)
1 1 216.239.38.21 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 3.33.220.150 16509 (AMAZON-02)
4 192.132.33.69 18568 (BIDTELLECT)
1 2600:9000:211... 16509 (AMAZON-02)
1 18.239.69.21 16509 (AMAZON-02)
1 54.157.191.104 14618 (AMAZON-AES)
4 7 193.0.160.131 54312 (ROCKETFUEL)
2 34.226.94.188 14618 (AMAZON-AES)
3 7 185.89.210.46 29990 (ASN-APPNEX)
2 20.231.53.73 8075 (MICROSOFT...)
1 18.155.129.103 16509 (AMAZON-02)
1 18.239.18.97 16509 (AMAZON-02)
4 35.244.174.68 396982 (GOOGLE-CL...)
4 4 142.250.186.98 15169 (GOOGLE)
1 2 54.76.135.177 16509 (AMAZON-02)
1 198.47.127.205 3257 (GTT-BACKB...)
2 34.98.64.218 396982 (GOOGLE-CL...)
1 3.127.178.105 16509 (AMAZON-02)
1 88.221.168.23 16625 (AKAMAI-AS)
1 3.93.251.5 14618 (AMAZON-AES)
1 2 172.64.151.101 13335 (CLOUDFLAR...)
2 184.30.17.14 16625 (AKAMAI-AS)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 2 54.216.96.95 16509 (AMAZON-02)
1 54.220.65.247 16509 (AMAZON-02)
1 18.195.85.13 16509 (AMAZON-02)
2 2 151.101.130.49 54113 (FASTLY)
19 25 34.91.62.186 396982 (GOOGLE-CL...)
1 2600:9000:219... 16509 (AMAZON-02)
2 3 46.228.174.117 56396 (AMOBEE)
1 13.248.245.213 16509 (AMAZON-02)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 2 34.111.113.62 396982 (GOOGLE-CL...)
1 1 52.29.101.35 16509 (AMAZON-02)
1 18.239.69.99 16509 (AMAZON-02)
2 3 2600:1901:0:8... 15169 (GOOGLE)
1 2 54.78.254.47 16509 (AMAZON-02)
1 52.23.26.141 14618 (AMAZON-AES)
1 63.32.40.40 16509 (AMAZON-02)
1 216.52.2.48 32475 (SINGLEHOP...)
1 69.173.144.139 26667 (RUBICONPR...)
1 52.214.236.211 16509 (AMAZON-02)
1 35.168.223.66 14618 (AMAZON-AES)
1 2 68.219.88.97 8075 (MICROSOFT...)
201 85
40    23.99.0.12 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
coveredca.com
www.coveredca.com
2    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
4    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
6    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
8    216.58.206.38 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f6.1e100.net
10053689.fls.doubleclick.net
10007209.fls.doubleclick.net
12509655.fls.doubleclick.net
6    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
9    2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
2    142.250.74.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
www.googleadservices.com
2    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a02:26f0:3500:16::215:1490 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
2    65.9.66.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-25.fra56.r.cloudfront.net
dmp.datawrkz.com
1    2600:9000:20e1:c000:6:9280:1080:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.adroll.com
2    23.212.207.113 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-207-113.deploy.static.akamaitechnologies.com
origin.acuityplatform.com
4    18.184.58.94 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-58-94.eu-central-1.compute.amazonaws.com
tags.srv.stackadapt.com
2    18.216.88.61 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-216-88-61.us-east-2.compute.amazonaws.com
collector-22874.us.tvsquared.com
7    23.38.98.117 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-38-98-117.deploy.static.akamaitechnologies.com
analytics.tiktok.com
3    52.28.181.94 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-181-94.eu-central-1.compute.amazonaws.com
tags.w55c.net
2    172.217.16.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f6.1e100.net
ad.doubleclick.net
4    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
6    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
4    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
5    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2620:1ec:bdf::63 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
4    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
1    104.244.42.133 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    18.239.36.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-36-71.ams58.r.cloudfront.net
ads.undertone.com
1    65.9.86.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-86-120.ams1.r.cloudfront.net
evt.undertone.com
2    35.234.162.151 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 151.162.234.35.bc.googleusercontent.com
tag.simpli.fi
i.simpli.fi
1    65.9.65.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-65-116.fra56.r.cloudfront.net
js.adsrvr.org
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
r.turn.com
1    2a02:26f0:3500:4::b818:4d8c (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.bttrack.com
1    34.198.133.245 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-133-245.compute-1.amazonaws.com
px.adentifi.com
2    154.59.122.94 (Schiphol, Netherlands)

ASN174 (COGENT-174, US)
e.acuityplatform.com
1    2a05:d018:cc3:fe05:83c0:b7ec:706f:4cee (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.com
5    18.239.83.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-83-63.ams58.r.cloudfront.net
live.rezync.com
1    216.239.38.21 (United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2615.1e100.net
jelly.mdhv.io
1    2001:4860:4802:36::15 (United States)

ASN15169 (GOOGLE, US)
jelly-v6.mdhv.io
2    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
insight.adsrvr.org
4    192.132.33.69 (United States)

ASN18568 (BIDTELLECT, US)
PTR: NET-33-132-192.69.bidtellect.com
bttrack.com
1    2600:9000:211a:4000:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)
c1.rfihub.net
1    18.239.69.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-69-21.ams58.r.cloudfront.net
cdn.boomtrain.com
1    54.157.191.104 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-191-104.compute-1.amazonaws.com
people.api.boomtrain.com
7    193.0.160.131 (United States)

ASN54312 (ROCKETFUEL, US)
20844008p.rfihub.com
p.rfihub.com
a.rfihub.com
2    34.226.94.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-94-188.compute-1.amazonaws.com
nodetracker.datawrkz.com
7    185.89.210.46 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
ib.adnxs.com
2    20.231.53.73 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
q.clarity.ms
1    18.155.129.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-129-103.cdg52.r.cloudfront.net
pagestates-tracking.crazyegg.com
1    18.239.18.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-18-97.ams58.r.cloudfront.net
assets-tracking.crazyegg.com
4    35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
4    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
cm.g.doubleclick.net
2    54.76.135.177 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-135-177.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image2.pubmatic.com
2    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
1    3.127.178.105 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-178-105.eu-central-1.compute.amazonaws.com
ps.eyeota.net
1    88.221.168.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-23.deploy.static.akamaitechnologies.com
contextual.media.net
1    3.93.251.5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-93-251-5.compute-1.amazonaws.com
bpi.rtactivate.com
2    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
2    184.30.17.14 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-17-14.deploy.static.akamaitechnologies.com
x.dlx.addthis.com
stags.bluekai.com
1    2600:1f18:612b:4264:a8a9:bffd:e62a:b1ff (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
partners.tremorhub.com
2    54.216.96.95 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-96-95.eu-west-1.compute.amazonaws.com
aa.agkn.com
1    54.220.65.247 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-65-247.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    18.195.85.13 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-85-13.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
25    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
1    2600:9000:2190:bc00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
3    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
1    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    2600:1f18:612b:4232:b6ba:e8dd:58dc:4af0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
simplifi.partners.tremorhub.com
2    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    52.29.101.35 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-101-35.eu-central-1.compute.amazonaws.com
d.agkn.com
1    18.239.69.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-69-99.ams58.r.cloudfront.net
sync.intentiq.com
3    2600:1901:0:8eee:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
fei.pro-market.net
pbid.pro-market.net
2    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loadm.exelator.com
1    52.23.26.141 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-23-26-141.compute-1.amazonaws.com
sync.bfmio.com
1    63.32.40.40 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-40-40.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    216.52.2.48 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    52.214.236.211 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-236-211.eu-west-1.compute.amazonaws.com
tracking.crazyegg.com
1    35.168.223.66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-168-223-66.compute-1.amazonaws.com
events.api.boomtrain.com
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
Apex Domain
Subdomains		 Transfer
40 coveredca.com
coveredca.com — Cisco Umbrella Rank: 137937
www.coveredca.com — Cisco Umbrella Rank: 243700
1 MB
27 simpli.fi
tag.simpli.fi — Cisco Umbrella Rank: 4333
i.simpli.fi — Cisco Umbrella Rank: 3745
um.simpli.fi — Cisco Umbrella Rank: 780
12 KB
20 doubleclick.net
10053689.fls.doubleclick.net — Cisco Umbrella Rank: 179247
10007209.fls.doubleclick.net — Cisco Umbrella Rank: 295603
12509655.fls.doubleclick.net — Cisco Umbrella Rank: 174781
ad.doubleclick.net — Cisco Umbrella Rank: 139
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
11 KB
12 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 2199
pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 4875
assets-tracking.crazyegg.com — Cisco Umbrella Rank: 4900
tracking.crazyegg.com — Cisco Umbrella Rank: 4175
229 KB
11 google.com
adservice.google.com — Cisco Umbrella Rank: 93
region1.analytics.google.com — Cisco Umbrella Rank: 2693
www.google.com — Cisco Umbrella Rank: 2
3 KB
8 google.de
adservice.google.de — Cisco Umbrella Rank: 14215
www.google.de — Cisco Umbrella Rank: 6765
2 KB
7 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 478
ib.adnxs.com — Cisco Umbrella Rank: 229
5 KB
7 rfihub.com
20844008p.rfihub.com — Cisco Umbrella Rank: 201655
p.rfihub.com — Cisco Umbrella Rank: 825
a.rfihub.com — Cisco Umbrella Rank: 2935
12 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 796
q.clarity.ms — Cisco Umbrella Rank: 7366
c.clarity.ms — Cisco Umbrella Rank: 1377
29 KB
7 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 617
151 KB
6 bing.com
bat.bing.com — Cisco Umbrella Rank: 329
c.bing.com — Cisco Umbrella Rank: 228
17 KB
6 gstatic.com
fonts.gstatic.com
188 KB
5 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1785
6 KB
5 bttrack.com
cdn.bttrack.com — Cisco Umbrella Rank: 7050
bttrack.com — Cisco Umbrella Rank: 815
5 KB
5 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 327
www.linkedin.com — Cisco Umbrella Rank: 629
px4.ads.linkedin.com — Cisco Umbrella Rank: 6419
5 KB
4 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 408
158 B
4 stackadapt.com
tags.srv.stackadapt.com — Cisco Umbrella Rank: 2618
9 KB
4 acuityplatform.com
origin.acuityplatform.com — Cisco Umbrella Rank: 18603
e.acuityplatform.com — Cisco Umbrella Rank: 16444
6 KB
4 datawrkz.com
dmp.datawrkz.com — Cisco Umbrella Rank: 227760
nodetracker.datawrkz.com — Cisco Umbrella Rank: 107234
4 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
343 KB
3 pro-market.net
fei.pro-market.net — Cisco Umbrella Rank: 2174
pbid.pro-market.net — Cisco Umbrella Rank: 7195
1 KB
3 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 499
d.agkn.com — Cisco Umbrella Rank: 686
1 KB
3 boomtrain.com
cdn.boomtrain.com — Cisco Umbrella Rank: 5394
people.api.boomtrain.com — Cisco Umbrella Rank: 5726
events.api.boomtrain.com — Cisco Umbrella Rank: 7926
30 KB
3 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1355
insight.adsrvr.org — Cisco Umbrella Rank: 557
3 KB
3 w55c.net
tags.w55c.net — Cisco Umbrella Rank: 3591
2 KB
2 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 1661
2 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 465
1 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 546
712 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 685
614 B
2 tremorhub.com
partners.tremorhub.com — Cisco Umbrella Rank: 1153
simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 6102
350 B
2 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
1 KB
2 openx.net
us-u.openx.net — Cisco Umbrella Rank: 491
361 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 208
1 KB
2 mdhv.io
jelly.mdhv.io — Cisco Umbrella Rank: 4592
jelly-v6.mdhv.io — Cisco Umbrella Rank: 12300
452 B
2 undertone.com
ads.undertone.com — Cisco Umbrella Rank: 5720
evt.undertone.com — Cisco Umbrella Rank: 5287
1 KB
2 tvsquared.com
collector-22874.us.tvsquared.com — Cisco Umbrella Rank: 171496
9 KB
2 adroll.com
s.adroll.com — Cisco Umbrella Rank: 3061
d.adroll.com — Cisco Umbrella Rank: 1380
27 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 168
90 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 138
2 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 339
239 B
1 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 835
311 B
1 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 850
265 B
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 848
444 B
1 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 1556
421 B
1 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 846
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 372
140 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1258
378 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 674
236 B
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 336
146 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 699
338 B
1 addthis.com
x.dlx.addthis.com — Cisco Umbrella Rank: 1554
182 B
1 rtactivate.com
bpi.rtactivate.com — Cisco Umbrella Rank: 1491
109 B
1 media.net
contextual.media.net — Cisco Umbrella Rank: 665
619 B
1 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 981
344 B
1 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 859
225 B
1 rfihub.net
c1.rfihub.net — Cisco Umbrella Rank: 5475
6 KB
1 adentifi.com
px.adentifi.com — Cisco Umbrella Rank: 9968
35 B
1 turn.com
r.turn.com — Cisco Umbrella Rank: 3570
398 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
185 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 713
394 B
1 t.co
t.co — Cisco Umbrella Rank: 589
377 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 678
15 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 763
15 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 988
14 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 204
7 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 735
30 KB
201 68
Domain Requested by
38 www.coveredca.com www.coveredca.com
25 um.simpli.fi 19 redirects 12509655.fls.doubleclick.net
9 script.crazyegg.com www.googletagmanager.com
script.crazyegg.com
7 analytics.tiktok.com www.coveredca.com
analytics.tiktok.com
6 www.google.de www.coveredca.com
12509655.fls.doubleclick.net
6 fonts.gstatic.com fonts.googleapis.com
5 secure.adnxs.com 3 redirects www.coveredca.com
5 live.rezync.com 4 redirects 12509655.fls.doubleclick.net
5 www.google.com 2 redirects www.coveredca.com
5 bat.bing.com www.googletagmanager.com
bat.bing.com
www.coveredca.com
4 cm.g.doubleclick.net 4 redirects
4 idsync.rlcdn.com 12509655.fls.doubleclick.net
4 p.rfihub.com 3 redirects 12509655.fls.doubleclick.net
4 bttrack.com cdn.bttrack.com
bttrack.com
4 googleads.g.doubleclick.net 2 redirects www.googletagmanager.com
4 adservice.google.com 2 redirects 10053689.fls.doubleclick.net
10007209.fls.doubleclick.net
4 tags.srv.stackadapt.com www.coveredca.com
tags.srv.stackadapt.com
4 www.googletagmanager.com www.coveredca.com
www.googletagmanager.com
3 px.ads.linkedin.com 3 redirects
3 www.clarity.ms bat.bing.com
www.clarity.ms
3 tags.w55c.net 1 redirects www.coveredca.com
10053689.fls.doubleclick.net
3 12509655.fls.doubleclick.net 1 redirects www.googletagmanager.com
12509655.fls.doubleclick.net
3 10053689.fls.doubleclick.net 1 redirects www.googletagmanager.com
adservice.google.com
2 c.clarity.ms 1 redirects
2 loadm.exelator.com 1 redirects 12509655.fls.doubleclick.net
2 fei.pro-market.net 2 redirects
2 pixel.tapad.com 1 redirects 12509655.fls.doubleclick.net
2 sync.1rx.io 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 aa.agkn.com 1 redirects 12509655.fls.doubleclick.net
2 dsum-sec.casalemedia.com 1 redirects 12509655.fls.doubleclick.net
2 us-u.openx.net 12509655.fls.doubleclick.net
2 dpm.demdex.net 1 redirects 12509655.fls.doubleclick.net
2 ib.adnxs.com 12509655.fls.doubleclick.net
2 a.rfihub.com 1 redirects c1.rfihub.net
2 q.clarity.ms www.clarity.ms
2 nodetracker.datawrkz.com dmp.datawrkz.com
www.coveredca.com
2 insight.adsrvr.org 10053689.fls.doubleclick.net
js.adsrvr.org
2 e.acuityplatform.com origin.acuityplatform.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 region1.analytics.google.com www.googletagmanager.com
2 adservice.google.de 1 redirects www.coveredca.com
2 ad.doubleclick.net 2 redirects
2 collector-22874.us.tvsquared.com www.coveredca.com
2 origin.acuityplatform.com www.coveredca.com
10053689.fls.doubleclick.net
2 dmp.datawrkz.com www.googletagmanager.com
dmp.datawrkz.com
2 connect.facebook.net www.coveredca.com
connect.facebook.net
2 www.googleadservices.com 1 redirects www.googletagmanager.com
2 10007209.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fonts.googleapis.com www.coveredca.com
2 coveredca.com 2 redirects
1 c.bing.com 1 redirects
1 events.api.boomtrain.com cdn.boomtrain.com
1 tracking.crazyegg.com script.crazyegg.com
1 pixel.rubiconproject.com 12509655.fls.doubleclick.net
1 ce.lijit.com 12509655.fls.doubleclick.net
1 bcp.crwdcntrl.net 12509655.fls.doubleclick.net
1 stags.bluekai.com 12509655.fls.doubleclick.net
1 sync.bfmio.com 12509655.fls.doubleclick.net
1 pbid.pro-market.net 12509655.fls.doubleclick.net
1 sync.intentiq.com 12509655.fls.doubleclick.net
1 d.agkn.com 1 redirects
1 simplifi.partners.tremorhub.com 12509655.fls.doubleclick.net
1 eb2.3lift.com 12509655.fls.doubleclick.net
1 sync.targeting.unrulymedia.com 12509655.fls.doubleclick.net
1 s.ad.smaato.net 12509655.fls.doubleclick.net
1 i.simpli.fi tag.simpli.fi
1 x.bidswitch.net 12509655.fls.doubleclick.net
1 beacon.krxd.net 12509655.fls.doubleclick.net
1 partners.tremorhub.com 12509655.fls.doubleclick.net
1 x.dlx.addthis.com 12509655.fls.doubleclick.net
1 bpi.rtactivate.com 12509655.fls.doubleclick.net
1 contextual.media.net 12509655.fls.doubleclick.net
1 ps.eyeota.net 12509655.fls.doubleclick.net
1 image2.pubmatic.com 12509655.fls.doubleclick.net
1 assets-tracking.crazyegg.com script.crazyegg.com
1 pagestates-tracking.crazyegg.com script.crazyegg.com
1 20844008p.rfihub.com c1.rfihub.net
1 people.api.boomtrain.com cdn.boomtrain.com
1 cdn.boomtrain.com www.coveredca.com
1 c1.rfihub.net www.coveredca.com
1 jelly-v6.mdhv.io 10053689.fls.doubleclick.net
1 jelly.mdhv.io 1 redirects
1 d.adroll.com s.adroll.com
1 px.adentifi.com 12509655.fls.doubleclick.net
1 cdn.bttrack.com 12509655.fls.doubleclick.net
1 r.turn.com 12509655.fls.doubleclick.net
1 js.adsrvr.org 12509655.fls.doubleclick.net
1 tag.simpli.fi 12509655.fls.doubleclick.net
1 evt.undertone.com 12509655.fls.doubleclick.net
1 ads.undertone.com 1 redirects
1 www.facebook.com www.coveredca.com
1 analytics.twitter.com www.coveredca.com
1 t.co www.coveredca.com
1 px4.ads.linkedin.com www.coveredca.com
1 www.linkedin.com 1 redirects
1 s.adroll.com www.coveredca.com
1 static.ads-twitter.com www.coveredca.com
1 snap.licdn.com www.coveredca.com
1 maxcdn.bootstrapcdn.com www.coveredca.com
1 cdnjs.cloudflare.com www.coveredca.com
1 code.jquery.com www.coveredca.com
201 103

This site contains links to these domains. Also see Links.

Domain
apply.coveredca.com
www.dhcs.ca.gov
Subject Issuer Validity Valid
*.coveredca.com
Go Daddy Secure Certificate Authority - G2		 2023-11-29 -
2024-12-30		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
bootstrapcdn.com
GTS CA 1P5		 2023-11-30 -
2024-02-28		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 01		 2023-10-24 -
2024-04-21		 6 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-10-07 -
2024-01-05		 3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-12-13 -
2024-12-12		 a year crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-21 -
2024-07-19		 a year crt.sh
*.datawrkz.com
Go Daddy Secure Certificate Authority - G2		 2023-05-31 -
2024-07-01		 a year crt.sh
s.adroll.com
Amazon RSA 2048 M01		 2023-06-03 -
2024-07-01		 a year crt.sh
*.acuityplatform.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-04 -
2024-12-04		 a year crt.sh
*.srv.stackadapt.com
Amazon RSA 2048 M02		 2023-09-09 -
2024-10-07		 a year crt.sh
*.us.tvsquared.com
Amazon RSA 2048 M02		 2023-05-29 -
2024-06-26		 a year crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-31 -
2024-10-29		 a year crt.sh
*.simpli.fi
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-07 -
2024-12-07		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.turn.com
RapidSSL TLS RSA CA G1		 2023-03-22 -
2024-03-31		 a year crt.sh
cdn.bttrack.com
R3		 2023-12-07 -
2024-03-06		 3 months crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2023-10-09 -
2024-11-07		 a year crt.sh
*.rezync.com
Amazon RSA 2048 M02		 2023-10-25 -
2024-11-21		 a year crt.sh
*.w55c.net
Amazon RSA 2048 M02		 2023-05-30 -
2024-06-27		 a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2023-04-04 -
2024-04-21		 a year crt.sh
*.rfihub.net
Amazon RSA 2048 M03		 2023-10-31 -
2024-11-28		 a year crt.sh
*.boomtrain.com
Amazon RSA 2048 M02		 2023-02-09 -
2024-03-09		 a year crt.sh
*.api.boomtrain.com
Amazon RSA 2048 M03		 2023-09-16 -
2024-10-14		 a year crt.sh
*.rfihub.com
Sectigo RSA Domain Validation Secure Server CA		 2023-04-27 -
2024-04-27		 a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 06		 2023-02-13 -
2024-02-08		 a year crt.sh
*.google.de
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
crazyegg.com
Amazon RSA 2048 M02		 2023-05-28 -
2024-06-26		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
rtactivate.com
Amazon RSA 2048 M01		 2023-03-14 -
2024-04-11		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-11 -
2024-12-11		 a year crt.sh
*.tremorhub.com
Amazon RSA 2048 M01		 2023-02-22 -
2024-03-23		 a year crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-09-07 -
2024-09-29		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-12		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh

This page contains 10 frames:

Primary Page: https://www.coveredca.com/help-on-demand/
Frame ID: 1FDC7A6CCE8EB7A2E87763CA08B2E021
Requests: 130 HTTP requests in this frame

Frame: https://10053689.fls.doubleclick.net/activityi;dc_pre=CIL_oK2Ss4MDFULmOwIdvAMEng;src=10053689;type=pagev0;cat=pagev00;ord=8962390487284;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F
Frame ID: DF602EAD2B3405076C29B1FD63152E5B
Requests: 1 HTTP requests in this frame

Frame: https://10007209.fls.doubleclick.net/activityi;dc_pre=CI6eoa2Ss4MDFZzIOwIdo1YFCg;src=10007209;type=2020_0;cat=ap_fl0;ord=6673636137137;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F
Frame ID: 36C7C8DE62D4639B14E018EB9FEB9C27
Requests: 2 HTTP requests in this frame

Frame: https://12509655.fls.doubleclick.net/activityi;dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F
Frame ID: 46CB287887DDCC18116A62FFE2691D7C
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CIL_oK2Ss4MDFULmOwIdvAMEng;src=10053689;type=pagev0;cat=pagev00;ord=8962390487284;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F
Frame ID: C70BBA5422A09C5D6EF57753769ABC62
Requests: 1 HTTP requests in this frame

Frame: https://12509655.fls.doubleclick.net/ddm/fls/r/dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F
Frame ID: 0AAB654516352756632ECE814517D129
Requests: 40 HTTP requests in this frame

Frame: https://10053689.fls.doubleclick.net/ddm/fls/r/dc_pre=CIL_oK2Ss4MDFULmOwIdvAMEng;src=10053689;type=pagev0;cat=pagev00;ord=8962390487284;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F
Frame ID: BB18C17D73485A8F05EB189DF94CCEC8
Requests: 6 HTTP requests in this frame

Frame: https://20844008p.rfihub.com/ca.html?ver=9&rb=39542&ca=20844008&_o=39542&_t=20844008&userid=14153f08-7094-4513-a6c3-fe7f81a9dc9e%3A1703801273.7365704&pe=https%3A%2F%2F12509655.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCI_3oa2Ss4MDFavWOwId6MgIWg%3Bsrc%3D12509655%3Btype%3Dcover00%3Bcat%3Ddc_cc0%3Bord%3D6005011502599%3Bauiddc%3D1464867358.1703801273%3Bgtm%3D45He3bt0v830981574%3Bgcd%3D11l1l1l1l1%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B%7Eoref%3Dhttps%253A%252F%252Fwww.coveredca.com%252Fhelp-on-demand%252F&pf=https%3A%2F%2F12509655.fls.doubleclick.net%2F&ra=0031109436747758235
Frame ID: EA85BD4F7C4336B6F882218F4104EE70
Requests: 18 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=7ridaaf&ref=https%3A%2F%2Fwww.coveredca.com%2F&upid=qphywyx&upv=1.1.0
Frame ID: 12C4259DA4F2960D54850972BC72FD85
Requests: 1 HTTP requests in this frame

Frame: https://a.rfihub.com/pstats.html?rb=39542&ca=20844008&ri=d1602faa32b8e610d94913a38f995a59&stats=%7B%2213488%22%3A%22659%2C2%22%2C%2217243%22%3A%2234%2C1%22%2C%2242261%22%3A%2283%2C1%22%2C%2250495%22%3A%22307%2C1%22%2C%2252220%22%3A%22168%2C1%22%2C%2253935%22%3A%22194%2C1%22%2C%2254497%22%3A%22285%2C1%22%2C%2254855%22%3A%22153%2C2%22%2C%2254863%22%3A%22447%2C1%22%2C%2255073%22%3A%2299%2C2%22%2C%2256659%22%3A%22241%2C1%22%2C%2256885%22%3A%22254%2C2%22%2C%2257347%22%3A%22289%2C2%22%2C%2257363%22%3A%22490%2C1%22%2C%2258143%22%3A%22142%2C1%22%2C%2258553%22%3A%22402%2C2%22%2C%2258561%22%3A%22434%2C1%22%7D&ra=16696501073607206
Frame ID: FC94AC1F2C45D1E3CD047CF81EEE23A2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

CC Vert REVERSE LogoLogos/CC/Horiz/color

Page URL History Show full URLs

  1. http://coveredca.com/help-on-demand/ HTTP 301
    https://coveredca.com/help-on-demand/ HTTP 301
    https://www.coveredca.com/help-on-demand/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:a|s)\.adroll\.com
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

201
Requests

81 %
HTTPS

34 %
IPv6

68
Domains

103
Subdomains

85
IPs

6
Countries

2426 kB
Transfer

8730 kB
Size

88
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://coveredca.com/help-on-demand/ HTTP 301
    https://coveredca.com/help-on-demand/ HTTP 301
    https://www.coveredca.com/help-on-demand/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52
  • https://10053689.fls.doubleclick.net/activityi;src=10053689;type=pagev0;cat=pagev00;ord=8962390487284;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F HTTP 302
  • https://10053689.fls.doubleclick.net/activityi;dc_pre=CIL_oK2Ss4MDFULmOwIdvAMEng;src=10053689;type=pagev0;cat=pagev00;ord=8962390487284;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F
Request Chain 53
  • https://10007209.fls.doubleclick.net/activityi;src=10007209;type=2020_0;cat=ap_fl0;ord=6673636137137;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F HTTP 302
  • https://10007209.fls.doubleclick.net/activityi;dc_pre=CI6eoa2Ss4MDFZzIOwIdo1YFCg;src=10007209;type=2020_0;cat=ap_fl0;ord=6673636137137;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F
Request Chain 56
  • https://12509655.fls.doubleclick.net/activityi;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F HTTP 302
  • https://12509655.fls.doubleclick.net/activityi;dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F
Request Chain 70
  • https://tags.w55c.net/rs?id=bb1cfc7f4e8848f681c652efb71d2d86&t=marketing HTTP 302
  • https://tags.w55c.net/rs?sccid=e8a5bae5-a651-3ad1-5313-3e3aad620e85&scc=1&id=bb1cfc7f4e8848f681c652efb71d2d86&t=marketing
Request Chain 71
  • https://ad.doubleclick.net/ddm/activity/src=6219944;type=cov_r0;cat=cov_r000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1 HTTP 302
  • https://ad.doubleclick.net/ddm/activity/src=6219944;dc_pre=CLqAoa2Ss4MDFcjIOwIdg0QD1Q;type=cov_r0;cat=cov_r000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1 HTTP 302
  • https://adservice.google.com/ddm/fls/p/src=6219944;dc_pre=CLqAoa2Ss4MDFcjIOwIdg0QD1Q;type=cov_r0;cat=cov_r000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;~oref=https://www.coveredca.com/ HTTP 302
  • https://adservice.google.de/ddm/fls/p/src=6219944;dc_pre=CLqAoa2Ss4MDFcjIOwIdg0QD1Q;type=cov_r0;cat=cov_r000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;~oref=https://www.coveredca.com/
Request Chain 80
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11388473181/?random=1685878871&cv=11&fst=1703801273099&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v830981574&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F&label=3dwVCMbhy_MYEN2eubYq&hn=www.googleadservices.com&frm=0&value=0&auid=1464867358.1703801273&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=ufGNZeGUDKGc-cAPhq-JmAY&sscte=1&crd=&eitems=ChEIgNa0rAYQpf2h1JGqwumUARIdADQ_jGcMf8md5yKMb99wEv70RRG58wrOMdQDQU4&pscrd=Ek5DaEFJZ05hMHJBWVFfTlc2aFBxTWxOWkpFaVlBc0RCUnVycFRUTGswcVVNMmF2VV9aQWVMZDZtbWFaOGxDUUUwaWhLRWVXYk04anpQN1EaWkNoRUlnTmEwckFZUW1ON1I3dS1hamJ5WUFSSXVBTHZyNWFNVXNvaE0xd2llMk9qbGFmSEo1VUFrODhYREVubjhkLWxqTEE3bTlmUWF1WktKMm9oUVFXejc5dyITCKHVoK2Ss4MDFSFOHgIdhlcCYw HTTP 302
  • https://www.google.com/pagead/1p-conversion/11388473181/?random=1685878871&cv=11&fst=1703801273099&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v830981574&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F&label=3dwVCMbhy_MYEN2eubYq&hn=www.googleadservices.com&frm=0&value=0&auid=1464867358.1703801273&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ05hMHJBWVFfTlc2aFBxTWxOWkpFaVlBc0RCUnVycFRUTGswcVVNMmF2VV9aQWVMZDZtbWFaOGxDUUUwaWhLRWVXYk04anpQN1EaWkNoRUlnTmEwckFZUW1ON1I3dS1hamJ5WUFSSXVBTHZyNWFNVXNvaE0xd2llMk9qbGFmSEo1VUFrODhYREVubjhkLWxqTEE3bTlmUWF1WktKMm9oUVFXejc5dyITCKHVoK2Ss4MDFSFOHgIdhlcCYw&is_vtc=1&ocp_id=ufGNZeGUDKGc-cAPhq-JmAY&cid=CAQSKQAvHhf_Ywdybl3AoO28cp--ZY7WmRRCHpCFcaguX_zC6EB1xXASnSiF&eitems=ChEIgNa0rAYQpf2h1JGqwumUARIdADQ_jGc7eXqkSELwD_coGz4yIjm5NxzGHruDo7Q&random=617153175 HTTP 302
  • https://www.google.de/pagead/1p-conversion/11388473181/?random=1685878871&cv=11&fst=1703801273099&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v830981574&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F&label=3dwVCMbhy_MYEN2eubYq&hn=www.googleadservices.com&frm=0&value=0&auid=1464867358.1703801273&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ05hMHJBWVFfTlc2aFBxTWxOWkpFaVlBc0RCUnVycFRUTGswcVVNMmF2VV9aQWVMZDZtbWFaOGxDUUUwaWhLRWVXYk04anpQN1EaWkNoRUlnTmEwckFZUW1ON1I3dS1hamJ5WUFSSXVBTHZyNWFNVXNvaE0xd2llMk9qbGFmSEo1VUFrODhYREVubjhkLWxqTEE3bTlmUWF1WktKMm9oUVFXejc5dyITCKHVoK2Ss4MDFSFOHgIdhlcCYw&is_vtc=1&ocp_id=ufGNZeGUDKGc-cAPhq-JmAY&cid=CAQSKQAvHhf_Ywdybl3AoO28cp--ZY7WmRRCHpCFcaguX_zC6EB1xXASnSiF&eitems=ChEIgNa0rAYQpf2h1JGqwumUARIdADQ_jGc7eXqkSELwD_coGz4yIjm5NxzGHruDo7Q&random=617153175&ipr=y
Request Chain 86
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2088348&time=1703801273270&url=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2088348&time=1703801273270&url=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2088348%26time%3D1703801273270%26url%3Dhttps%253A%252F%252Fwww.coveredca.com%252Fhelp-on-demand%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2088348&time=1703801273270&url=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2088348&time=1703801273270&url=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F&cookiesTest=true&liSync=true&e_ipv6=AQIKRZt_7hDukQAAAYyyeEBHYO14_ntSZHy8qIewr4lm7-uNqC6whqZGajnKhq4CUmU8MXHmETlZ
Request Chain 93
  • https://adservice.google.com/ddm/fls/i/dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F HTTP 302
  • https://12509655.fls.doubleclick.net/ddm/fls/r/dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F
Request Chain 94
  • https://adservice.google.de/ddm/fls/i/dc_pre=CIL_oK2Ss4MDFULmOwIdvAMEng;src=10053689;type=pagev0;cat=pagev00;ord=8962390487284;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F HTTP 302
  • https://10053689.fls.doubleclick.net/ddm/fls/r/dc_pre=CIL_oK2Ss4MDFULmOwIdvAMEng;src=10053689;type=pagev0;cat=pagev00;ord=8962390487284;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F
Request Chain 97
  • https://ads.undertone.com/t?trackerid=9464&cb=[INSERT_YOUR_CACHE-BUSTER_HERE] HTTP 307
  • https://evt.undertone.com/t?trackerid=9464&cb=[INSERT_YOUR_CACHE-BUSTER_HERE]
Request Chain 107
  • https://jelly.mdhv.io/v1/star.gif?pid=NzT1YtNVMIoKbJEt0Fns4xvOen3A&src=mh&evt=hi HTTP 307
  • https://jelly-v6.mdhv.io/v1/starV6.gif?evt=hi&pid=NzT1YtNVMIoKbJEt0Fns4xvOen3A&src=mh&tx=673f2f3c-a89b-4250-a349-e943d5678928
Request Chain 127
  • https://secure.adnxs.com/seg?add=23515109&t=1 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D23515109%26t%3D1
Request Chain 128
  • https://secure.adnxs.com/seg?add=23372391&t=1 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D23372391%26t%3D1
Request Chain 144
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5107433831810389095&referrer=https%3A%2F%2F12509655.fls.doubleclick.net%2F&forward= HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=0&userid=14153f08-7094-4513-a6c3-fe7f81a9dc9e%3A1703801273.7365704&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D14153f08-7094-4513-a6c3-fe7f81a9dc9e%253A1703801273.7365704%26_%3D1703801274.3703842&cb=1703801274.3704162 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5107433831810389095&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D14153f08-7094-4513-a6c3-fe7f81a9dc9e%253A1703801273.7365704%26_%3D1703801274.3703842 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=14153f08-7094-4513-a6c3-fe7f81a9dc9e%3A1703801273.7365704&_=1703801274.3703842
Request Chain 145
  • https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwNzQzMzgzMTgxMDM4OTA5NQ==&forward= HTTP 302
  • https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEAuDHEZUa5bZbPMeK0UqW0o&google_cver=1 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5107433831810389095&referrer={encSite}&forward= HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=0&userid=14153f08-7094-4513-a6c3-fe7f81a9dc9e%3A1703801273.7365704&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D14153f08-7094-4513-a6c3-fe7f81a9dc9e%253A1703801273.7365704%26_%3D1703801274.5814714&cb=1703801274.5814943 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5107433831810389095&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D14153f08-7094-4513-a6c3-fe7f81a9dc9e%253A1703801273.7365704%26_%3D1703801274.5814714 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=14153f08-7094-4513-a6c3-fe7f81a9dc9e%3A1703801273.7365704&_=1703801274.5814714
Request Chain 147
  • https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5107433831810389095&redir= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5107433831810389095&redir=
Request Chain 150
  • https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
  • https://ps.eyeota.net/match?uid=5107433831810389095&bid=omt9pi0
Request Chain 153
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5107433831810389095&forward= HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5107433831810389095&forward=&C=1
Request Chain 160
  • https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZY3xugAKSYKsaAAM HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=21653&userid=ZY3xugAKSYKsaAAM&_test=ZY3xugAKSYKsaAAM
Request Chain 163
  • https://um.simpli.fi/smaato HTTP 302
  • https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=DDC46E876A8D463393F2A4A8CF91602B
Request Chain 164
  • https://um.simpli.fi/nexxen HTTP 302
  • https://sync.1rx.io/usersync/simplifi/DDC46E876A8D463393F2A4A8CF91602B HTTP 302
  • https://sync.1rx.io/usersync/simplifi/DDC46E876A8D463393F2A4A8CF91602B?zcc=1&cb=1703801274636 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-8d610539-e3ce-4de3-9f32-378587f67786-003
Request Chain 165
  • https://um.simpli.fi/triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=7969&xuid=DDC46E876A8D463393F2A4A8CF91602B&dongle=yf3
Request Chain 166
  • https://um.simpli.fi/telaria_p HTTP 302
  • https://simplifi.partners.tremorhub.com/sync?UISF=DDC46E876A8D463393F2A4A8CF91602B
Request Chain 167
  • https://um.simpli.fi/tapad HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=DDC46E876A8D463393F2A4A8CF91602B HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=DDC46E876A8D463393F2A4A8CF91602B
Request Chain 168
  • https://um.simpli.fi/ad_advisor HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=DDC46E876A8D463393F2A4A8CF91602B HTTP 302
  • https://d.agkn.com/pixel/10751/?che=1703801274542&ip=217.114.218.27&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D219403204744005051196 HTTP 302
  • https://um.simpli.fi/aa_px?sk=219403204744005051196 HTTP 302
  • https://um.simpli.fi/empty.gif
Request Chain 169
  • https://um.simpli.fi/intentiq HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=DDC46E876A8D463393F2A4A8CF91602B
Request Chain 172
  • https://um.simpli.fi/dtnx HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=DDC46E876A8D463393F2A4A8CF91602B;mimetype=img; HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=DDC46E876A8D463393F2A4A8CF91602B;mimetype=img;sr HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=LTI4MTY4MDEzNjU2NTgyODQ4ODE= HTTP 302
  • https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEE6ko5KMwciegNQ1Pi9cfa8&google_cver=1
Request Chain 173
  • https://um.simpli.fi/exelatem HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=DDC46E876A8D463393F2A4A8CF91602B&j=0 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=DDC46E876A8D463393F2A4A8CF91602B&j=0&xl8blockcheck=1
Request Chain 175
  • https://um.simpli.fi/beachfront HTTP 302
  • https://sync.bfmio.com/sync?pid=141&uid=DDC46E876A8D463393F2A4A8CF91602B
Request Chain 176
  • https://um.simpli.fi/bluekai HTTP 302
  • https://stags.bluekai.com/site/29931?id=DDC46E876A8D463393F2A4A8CF91602B
Request Chain 177
  • https://um.simpli.fi/crwdcntrl HTTP 302
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=DDC46E876A8D463393F2A4A8CF91602B
Request Chain 178
  • https://um.simpli.fi/lj_match HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=DDC46E876A8D463393F2A4A8CF91602B
Request Chain 179
  • https://um.simpli.fi/liveramp_match HTTP 302
  • https://idsync.rlcdn.com/419566.gif?partner_uid=DDC46E876A8D463393F2A4A8CF91602B
Request Chain 180
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1703801274307&cv=7&fst=1703801274307&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=982546561&cv=7&fst=1703801274307&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&ocp_id=uvGNZazXFdWa-cAP852R-A0&sscte=1&crd=&pscrd=IhMIrJznrZKzgwMVVU0eAh3zTgTf HTTP 302
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=982546561&cv=7&fst=1703801274307&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIrJznrZKzgwMVVU0eAh3zTgTf&is_vtc=1&ocp_id=uvGNZazXFdWa-cAP852R-A0&cid=CAQSKQAvHhf_wL61Zy5DmQ0qlsmcOnHYoOA6q4PizEL07m6J1ditUUVQo_VB&random=1548798560 HTTP 302
  • https://www.google.de/pagead/1p-conversion/1026675585/?random=982546561&cv=7&fst=1703801274307&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIrJznrZKzgwMVVU0eAh3zTgTf&is_vtc=1&ocp_id=uvGNZazXFdWa-cAP852R-A0&cid=CAQSKQAvHhf_wL61Zy5DmQ0qlsmcOnHYoOA6q4PizEL07m6J1ditUUVQo_VB&random=1548798560&ipr=y
Request Chain 182
  • https://um.simpli.fi/an HTTP 302
  • https://ib.adnxs.com/setuid?entity=66&code=DDC46E876A8D463393F2A4A8CF91602B
Request Chain 183
  • https://um.simpli.fi/rb_match HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=DDC46E876A8D463393F2A4A8CF91602B&expires=365
Request Chain 184
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=DDC46E876A8D463393F2A4A8CF91602B
Request Chain 185
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
  • https://um.simpli.fi/g_match?id=&google_gid=CAESEGUxJNdl_NG0fb_-wa_SKOU&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DDC46E876A8D463393F2A4A8CF91602B HTTP 302
  • https://um.simpli.fi/g_match?id=
Request Chain 187
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fnodetracker.datawrkz.com%2Fcookies%2F%3Ftag_id%3D193%26sid%3D6267728e-dcf7-4691-a343-db3f5d2818a9%26ts%3D1703801274005%26en%3Dapnxsync%26ev%3D%24UID%26img%3D0%26cru%3Dhttps%253A%252F%252Fwww.coveredca.com%252Fhelp-on-demand%252F%26dru%3D%26rd%3D0.5268279954529951%26t%3D0 HTTP 302
  • https://nodetracker.datawrkz.com/cookies/?tag_id=193&sid=6267728e-dcf7-4691-a343-db3f5d2818a9&ts=1703801274005&en=apnxsync&ev=551808324852305401&img=0&cru=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F&dru=&rd=0.5268279954529951&t=0
Request Chain 196
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=691194A560C842D2A7E5EBBB27C4DE06&RedC=c.clarity.ms&MXFR=35B672FE8DBC6ADC28AD610B89BC64E0 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=691194A560C842D2A7E5EBBB27C4DE06&MUID=2E61F9B2BADC6EC91A49EA47BBB76F11

201 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.coveredca.com/help-on-demand/
Redirect Chain
  • http://coveredca.com/help-on-demand/
  • https://coveredca.com/help-on-demand/
  • https://www.coveredca.com/help-on-demand/
146 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.99.0.12 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET ARR/3.0
Resource Hash
06d58bc7f8de713d15ef2fe646262e09d3ad5e367a17d9cdef5e13628cee6991
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
39188
content-type
text/html
date
Thu, 28 Dec 2023 22:07:51 GMT
etag
"202efa562139da1:0"
last-modified
Thu, 28 Dec 2023 00:03:51 GMT
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
ASP.NET ARR/3.0
x-xss-protection
1; mode=block

Redirect headers

content-length
164
content-type
text/html; charset=utf-8
date
Thu, 28 Dec 2023 22:07:51 GMT
location
https://www.coveredca.com/help-on-demand/
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
index-37678a8d.css
www.coveredca.com/js/help-on-demand/dist/assets/ 		389 KB
80 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.coveredca.com/js/help-on-demand/dist/assets/index-37678a8d.css
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.99.0.12 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0
Resource Hash
ad465afd2be162c43a083be2327aa762bb5a2e24ab3e67d8fc106beb0e946c5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/help-on-demand/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Dec 2023 00:03:52 GMT
server
Microsoft-IIS/10.0
etag
"662857572139da1:0"
x-powered-by
ASP.NET, ARR/3.0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
81620
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ 		3 KB
722 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Material+Icons|Material+Icons+Outlined|Material+Icons+Two+Tone|Material+Icons+Round|Material+Icons+Sharp
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
80bbd5be45a524bdbb122e6e34df705780ee6ea56655d6ac9ad9e92c1e12362d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 28 Dec 2023 22:07:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 28 Dec 2023 22:07:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 28 Dec 2023 22:07:52 GMT
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
886e1e675050878cd1710ba030a7787613e5bbbe02a2b099683306c16ac8c8cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 28 Dec 2023 22:07:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 28 Dec 2023 21:16:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 28 Dec 2023 22:07:52 GMT
main.css
www.coveredca.com/css/ 		2 MB
210 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.coveredca.com/css/main.css?v=1703721688
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.99.0.12 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0
Resource Hash
9958e1e4cbdc84b1ccef60856822323f780b40b51b9dfe13e8da3c99cea07c10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/help-on-demand/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Dec 2023 00:03:50 GMT
server
Microsoft-IIS/10.0
etag
"0f7f9552139da1:0"
x-powered-by
ASP.NET, ARR/3.0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
215084
x-xss-protection
1; mode=block
main.497083da.chunk.css
www.coveredca.com/cici-assets/static/css/ 		25 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.coveredca.com/cici-assets/static/css/main.497083da.chunk.css
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.99.0.12 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0
Resource Hash
223b1b488589cdc8072533cc3303d1a791cff31204663422f30415c9a23e4c7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/help-on-demand/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Dec 2023 00:03:50 GMT
server
Microsoft-IIS/10.0
etag
"0f7f9552139da1:0"
x-powered-by
ASP.NET, ARR/3.0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
5384
x-xss-protection
1; mode=block
main.497083da.chunk.css.map
www.coveredca.com/cici-assets/static/css/ 		0
0
index-bdc38576.js
www.coveredca.com/js/help-on-demand/dist/assets/ 		182 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.coveredca.com/js/help-on-demand/dist/assets/index-bdc38576.js
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.99.0.12 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0
Resource Hash
173eb50e8a3d1e741e8bdc08d68dffc83a8314cfd54eebcf46b4d0d34204312c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.coveredca.com/help-on-demand/
Origin
https://www.coveredca.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Dec 2023 00:03:52 GMT
server
Microsoft-IIS/10.0
etag
"c49459572139da1:0"
x-powered-by
ASP.NET, ARR/3.0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
accept-ranges
bytes
content-length
78419
x-xss-protection
1; mode=block
cc-logomark-health.svg
www.coveredca.com/images/icons/ 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.coveredca.com/images/icons/cc-logomark-health.svg
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.99.0.12 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0
Resource Hash
f60af9347eedfbee72de5bcf4c6e84d1be9c73d8e5950ecdbf59c30b94fd8533
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/help-on-demand/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Dec 2023 00:03:52 GMT
server
Microsoft-IIS/10.0
etag
"0242b572139da1:0"
x-powered-by
ASP.NET, ARR/3.0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
accept-ranges
bytes
content-length
2333
x-xss-protection
1; mode=block
medi-cal-logo-no-text.svg
www.coveredca.com/images/icons/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.coveredca.com/images/icons/medi-cal-logo-no-text.svg
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.99.0.12 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0
Resource Hash
5743bf873c2e34857c9a28ec3143cf72c2ed6e859b6524417779237e05b24373
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/help-on-demand/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Dec 2023 00:03:52 GMT
server
Microsoft-IIS/10.0
etag
"0242b572139da1:0"
x-powered-by
ASP.NET, ARR/3.0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
accept-ranges
bytes
content-length
2973
x-xss-protection
1; mode=block
dental.svg
www.coveredca.com/images/icons/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.coveredca.com/images/icons/dental.svg
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.99.0.12 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0
Resource Hash
d229465567104abc89fc5f09784d2c08aa8f8ccd5ef81f5c43cd624d5244ca21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/help-on-demand/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Dec 2023 00:03:52 GMT
server
Microsoft-IIS/10.0
etag
"0242b572139da1:0"
x-powered-by
ASP.NET, ARR/3.0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
accept-ranges
bytes
content-length
1933
x-xss-protection
1; mode=block
vision.svg
www.coveredca.com/images/icons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.coveredca.com/images/icons/vision.svg
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.99.0.12 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0
Resource Hash
822dce82a84529f3a76061eeb6380635b3751bf576d5acb1d397164b854487ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/help-on-demand/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:52 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Thu, 28 Dec 2023 00:03:52 GMT
server
Microsoft-IIS/10.0
etag
"37d848572139da1:0"
x-powered-by
ASP.NET, ARR/3.0
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
accept-ranges
bytes
content-length
2487
x-xss-protection
1; mode=block
support-center.svg
www.coveredca.com/images/icons/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.coveredca.com/images/icons/support-center.svg
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.99.0.12 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0
Resource Hash
83e063ade67778fba56cc7fde820e52394b3e1aa87df445b82e2807c7c1d582d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/help-on-demand/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Dec 2023 00:03:52 GMT
server
Microsoft-IIS/10.0
etag
"0242b572139da1:0"
x-powered-by
ASP.NET, ARR/3.0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
accept-ranges
bytes
content-length
1997
x-xss-protection
1; mode=block
contact-us.svg
www.coveredca.com/images/icons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.coveredca.com/images/icons/contact-us.svg
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.99.0.12 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0
Resource Hash
d30faa0129e9854b5acd1f0920f1ada64233aee3d319cf38d3c2d7815e8dd6d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/help-on-demand/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:53 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Thu, 28 Dec 2023 00:03:52 GMT
server
Microsoft-IIS/10.0
etag
"5b141572139da1:0"
x-powered-by
ASP.NET, ARR/3.0
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
accept-ranges
bytes
content-length
2438
x-xss-protection
1; mode=block
how-to-videos.svg
www.coveredca.com/images/icons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.coveredca.com/images/icons/how-to-videos.svg
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.99.0.12 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0
Resource Hash
2cd98963c4e47dcdcdf5fe6cfd401ec1e7772f92e47b5ae676ea947f749cbe8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/help-on-demand/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:53 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Thu, 28 Dec 2023 00:03:52 GMT
server
Microsoft-IIS/10.0
etag
"b57546572139da1:0"
x-powered-by
ASP.NET, ARR/3.0
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
accept-ranges
bytes
content-length
1809
x-xss-protection
1; mode=block
phone-circle.svg
www.coveredca.com/images/icons/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.coveredca.com/images/icons/phone-circle.svg
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.99.0.12 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0
Resource Hash
744871614a068054aad6b3104c7e6c55e2fe477f21e413088a61fadb7c54aadf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/help-on-demand/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Dec 2023 00:03:52 GMT
server
Microsoft-IIS/10.0
etag
"0242b572139da1:0"
x-powered-by
ASP.NET, ARR/3.0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
accept-ranges
bytes
content-length
1565
x-xss-protection
1; mode=block
jquery-3.4.1.min.js
code.jquery.com/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.min.js
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer
https://www.coveredca.com/
Origin
https://www.coveredca.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:52 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
8999073
x-cache
HIT, HIT
content-length
30638
x-served-by
cache-lga21965-LGA, cache-fra-eddf8230082-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1703801273.943879,VS0,VE0
etag
W/"28feccc0-15851"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
454, 2194332
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.coveredca.com/
Origin
https://www.coveredca.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
156493
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6157
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-4af4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=04W3D6OVitIofP0%2FljU971byD3lgPKw%2F6zhsvqb6BkLxbD43s%2BecDQ55MmkluooNSgKy%2BQXXY%2Fi2UWINOo6jTker7IXjLWieBn0%2FdyzJ2lkkCpLOjS%2Blg%2Bkn0p8tQp47f1iLW1kFJUreZNtsfWFyayxK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83cd1e63ecdf04a3-FRA
expires
Tue, 17 Dec 2024 22:07:52 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ 		48 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.coveredca.com/
Origin
https://www.coveredca.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
865
age
4200093
cdn-cachedat
10/31/2023 18:55:57
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"14d449eb8876fa55e1ef3c2cc52b0c17"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
c5e0d8433c9256f82c9c7cfd9503dbce
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
83cd1e63eef43a9e-FRA
cdn-requestpullsuccess
True
shop-and-compare-link-updater.js
www.coveredca.com/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.coveredca.com/js/shop-and-compare-link-updater.js
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.99.0.12 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0
Resource Hash
ab026746395ad6464237b3358dff74085949bcf3d7560f53890e8e2aa6063d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/help-on-demand/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Dec 2023 00:03:52 GMT
server
Microsoft-IIS/10.0
etag
"0242b572139da1:0"
x-powered-by
ASP.NET, ARR/3.0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
accept-ranges
bytes
content-length
1087
x-xss-protection
1; mode=block
app.js
www.coveredca.com/js/calculator/dist/ 		247 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.coveredca.com/js/calculator/dist/app.js?v=3.3
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.99.0.12 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0
Resource Hash
611c105d9ee7d79490f3db7224c727cad0387194d9295b5ba4147cbdf064d1a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/help-on-demand/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Dec 2023 00:03:52 GMT
server
Microsoft-IIS/10.0
etag
"0242b572139da1:0"
x-powered-by
ASP.NET, ARR/3.0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
accept-ranges
bytes
content-length
75904
x-xss-protection
1; mode=block
financial-help-tool.js
www.coveredca.com/js/components/ 		10 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.coveredca.com/js/components/financial-help-tool.js
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.99.0.12 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0
Resource Hash
ef1d0eb44d6146244468efd853fcd6a89fa14ee1631639524e5879c8be5339ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/help-on-demand/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Dec 2023 00:03:52 GMT
server
Microsoft-IIS/10.0
etag
"0242b572139da1:0"
x-powered-by
ASP.NET, ARR/3.0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
accept-ranges
bytes
content-length
1801
x-xss-protection
1; mode=block
navbar-cca.js
www.coveredca.com/js/ 		2 KB
810 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.coveredca.com/js/navbar-cca.js
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.99.0.12 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0
Resource Hash
9b41ddaf7161d74fcb39d5dae33c773cc694eeb81219aa9f275c128f79d07924
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/help-on-demand/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Dec 2023 00:03:52 GMT
server
Microsoft-IIS/10.0
etag
"c9a859572139da1:0"
x-powered-by
ASP.NET, ARR/3.0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
accept-ranges
bytes
content-length
742
x-xss-protection
1; mode=block
banner-site-wide.js
www.coveredca.com/js/ 		2 KB
705 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.coveredca.com/js/banner-site-wide.js?v=1.1
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.99.0.12 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0
Resource Hash
110007b874c698d7028179f0af0447ad9b1c5a211492d3bb045ac77861534158
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/help-on-demand/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Dec 2023 00:03:52 GMT
server
Microsoft-IIS/10.0
etag
"662857572139da1:0"
x-powered-by
ASP.NET, ARR/3.0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
accept-ranges
bytes
content-length
657
x-xss-protection
1; mode=block
banner.js
www.coveredca.com/js/ 		126 B
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.coveredca.com/js/banner.js
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.99.0.12 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0
Resource Hash
fdbc32cc26feeae22de5dcad0525f2f1dacad5111cca62b20209ea1c3bb7e81c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/help-on-demand/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Dec 2023 00:03:52 GMT
server
Microsoft-IIS/10.0
etag
"662857572139da1:0"
x-powered-by
ASP.NET, ARR/3.0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
accept-ranges
bytes
content-length
212
x-xss-protection
1; mode=block
subnav.js
www.coveredca.com/js/ 		220 B
292 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.coveredca.com/js/subnav.js
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.99.0.12 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0
Resource Hash
66404e8fbb6d781a8baec20a78ad7895dd57abe7e3c6f85f9bb998c8927360b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/help-on-demand/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Dec 2023 00:03:52 GMT
server
Microsoft-IIS/10.0
etag
"c9a859572139da1:0"
x-powered-by
ASP.NET, ARR/3.0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
accept-ranges
bytes
content-length
244
x-xss-protection
1; mode=block
skipnav.js
www.coveredca.com/js/ 		741 B
472 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.coveredca.com/js/skipnav.js
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.99.0.12 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0
Resource Hash
213fcb719ed03061a338a09ae0c687f41ecc9a2b87efcf70ef09809e26cb01b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/help-on-demand/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Dec 2023 00:03:52 GMT
server
Microsoft-IIS/10.0
etag
"c9a859572139da1:0"
x-powered-by
ASP.NET, ARR/3.0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
accept-ranges
bytes
content-length
424
x-xss-protection
1; mode=block
footer.js
www.coveredca.com/js/ 		1 KB
617 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.coveredca.com/js/footer.js
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.99.0.12 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0
Resource Hash
667c468b17b708eeb51c5ed10bf37fa40c6a5885d942920266a226a4b7c3bfa9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/help-on-demand/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Dec 2023 00:03:52 GMT
server
Microsoft-IIS/10.0
etag
"662857572139da1:0"
x-powered-by
ASP.NET, ARR/3.0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
accept-ranges
bytes
content-length
569
x-xss-protection
1; mode=block
toggleData.js
www.coveredca.com/js/ 		3 KB
764 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.coveredca.com/js/toggleData.js
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.99.0.12 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0
Resource Hash
2f2bfae69dd217926e6463c8fd70cc1bdc1895b5da44e507180ce18fd86ff79e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/help-on-demand/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Dec 2023 00:03:52 GMT
server
Microsoft-IIS/10.0
etag
"0242b572139da1:0"
x-powered-by
ASP.NET, ARR/3.0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
accept-ranges
bytes
content-length
686
x-xss-protection
1; mode=block
hover-collapse.js
www.coveredca.com/js/ 		885 B
496 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.coveredca.com/js/hover-collapse.js
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.99.0.12 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0
Resource Hash
660b4785d985be6aad87a8d5a8dd4664d4fe7cdeaa13a8e32f8c1d9993157d8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/help-on-demand/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Dec 2023 00:03:52 GMT
server
Microsoft-IIS/10.0
etag
"c9a859572139da1:0"
x-powered-by
ASP.NET, ARR/3.0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
accept-ranges
bytes
content-length
448
x-xss-protection
1; mode=block
site-search-ui.js
www.coveredca.com/js/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.coveredca.com/js/site-search-ui.js?v=2.1
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.99.0.12 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0
Resource Hash
4104719e5ed512c38e214d679637092aa7bdb7c35925370b33dd21fcfee6794e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/help-on-demand/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Dec 2023 00:03:52 GMT
server
Microsoft-IIS/10.0
etag
"0242b572139da1:0"
x-powered-by
ASP.NET, ARR/3.0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
accept-ranges
bytes
content-length
1801
x-xss-protection
1; mode=block
lead-capture.js
www.coveredca.com/js/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.coveredca.com/js/lead-capture.js
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.99.0.12 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0
Resource Hash
92b6c6f26974edbce6417639dcba4ddafe1a08c883cc531bca651b387aea8d7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/help-on-demand/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Dec 2023 00:03:52 GMT
server
Microsoft-IIS/10.0
etag
"0242b572139da1:0"
x-powered-by
ASP.NET, ARR/3.0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
accept-ranges
bytes
content-length
2450
x-xss-protection
1; mode=block
get-started-tab-state.js
www.coveredca.com/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.coveredca.com/js/get-started-tab-state.js
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.99.0.12 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0
Resource Hash
ad0157d19b24c193916d146dd5f1443bf17a9d1ff3e6c8aabd5fec40e95813ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/help-on-demand/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Dec 2023 00:03:52 GMT
server
Microsoft-IIS/10.0
etag
"0242b572139da1:0"
x-powered-by
ASP.NET, ARR/3.0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
accept-ranges
bytes
content-length
990
x-xss-protection
1; mode=block
gtm-thumbs-up-thumbs-down.js
www.coveredca.com/js/ 		750 B
434 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.coveredca.com/js/gtm-thumbs-up-thumbs-down.js
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.99.0.12 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0
Resource Hash
e138c554d632a5349ffd447c33d7f93be50179fab3891676297697989887550d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/help-on-demand/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Dec 2023 00:03:52 GMT
server
Microsoft-IIS/10.0
etag
"662857572139da1:0"
x-powered-by
ASP.NET, ARR/3.0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
accept-ranges
bytes
content-length
386
x-xss-protection
1; mode=block
gtm-financial-help-tool.js
www.coveredca.com/js/ 		6 KB
784 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.coveredca.com/js/gtm-financial-help-tool.js
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.99.0.12 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0
Resource Hash
207ed6314949fdde0d8bbc61d8f286252e368f84d74558edb1d71041e26c8d9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/help-on-demand/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Dec 2023 00:03:52 GMT
server
Microsoft-IIS/10.0
etag
"0242b572139da1:0"
x-powered-by
ASP.NET, ARR/3.0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
accept-ranges
bytes
content-length
736
x-xss-protection
1; mode=block
gtm-cici.js
www.coveredca.com/js/ 		623 B
402 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.coveredca.com/js/gtm-cici.js
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.99.0.12 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0
Resource Hash
787d715880b6e126bedb126a1968294360df3dbd5c6e0c166ecb9d678e861e26
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/help-on-demand/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Dec 2023 00:03:52 GMT
server
Microsoft-IIS/10.0
etag
"662857572139da1:0"
x-powered-by
ASP.NET, ARR/3.0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
accept-ranges
bytes
content-length
354
x-xss-protection
1; mode=block
scroll-to-anchor-get-started.js
www.coveredca.com/js/ 		694 B
416 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.coveredca.com/js/scroll-to-anchor-get-started.js
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.99.0.12 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0
Resource Hash
ed091dd62c6f4eff39ece4ef50f4f92eb60d8bc43e07aa45215393fa26a52b22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/help-on-demand/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Dec 2023 00:03:52 GMT
server
Microsoft-IIS/10.0
etag
"c9a859572139da1:0"
x-powered-by
ASP.NET, ARR/3.0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
accept-ranges
bytes
content-length
368
x-xss-protection
1; mode=block
tab-trigger-custom-get-started.js
www.coveredca.com/js/ 		325 B
370 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.coveredca.com/js/tab-trigger-custom-get-started.js
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.99.0.12 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0
Resource Hash
2eb4e881fa6aa216d7b9fef136fe0fdd5cde97ae1eb18f2ac0c2c3fdece79a44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/help-on-demand/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Dec 2023 00:03:52 GMT
server
Microsoft-IIS/10.0
etag
"c9a859572139da1:0"
x-powered-by
ASP.NET, ARR/3.0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
accept-ranges
bytes
content-length
322
x-xss-protection
1; mode=block
scroll-to-anchor.js
www.coveredca.com/js/ 		1 KB
758 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.coveredca.com/js/scroll-to-anchor.js
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.99.0.12 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0
Resource Hash
bf3d022643d5737eeb4a945ee6f9554fa1c5c42b082512d4194fd7314caa3dc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/help-on-demand/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Dec 2023 00:03:52 GMT
server
Microsoft-IIS/10.0
etag
"c9a859572139da1:0"
x-powered-by
ASP.NET, ARR/3.0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
accept-ranges
bytes
content-length
710
x-xss-protection
1; mode=block
article.js
www.coveredca.com/js/ 		121 B
264 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.coveredca.com/js/article.js
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.99.0.12 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0
Resource Hash
a12a29182de9b58c5ecf77a599589ece94ea35795ff6d4ca22500f6a631e0a57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/help-on-demand/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Dec 2023 00:03:52 GMT
server
Microsoft-IIS/10.0
etag
"662857572139da1:0"
x-powered-by
ASP.NET, ARR/3.0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
accept-ranges
bytes
content-length
216
x-xss-protection
1; mode=block
scroll-to-top.js
www.coveredca.com/js/ 		913 B
579 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.coveredca.com/js/scroll-to-top.js
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.99.0.12 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0
Resource Hash
697e3bce1ba4d473a40a8527c68dd31765f09f1a4abee806ac519dd731e5f600
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/help-on-demand/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Dec 2023 00:03:52 GMT
server
Microsoft-IIS/10.0
etag
"c9a859572139da1:0"
x-powered-by
ASP.NET, ARR/3.0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
accept-ranges
bytes
content-length
531
x-xss-protection
1; mode=block
2.05a6c18c.chunk.js
www.coveredca.com/cici-assets/static/js/ 		2 MB
573 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.coveredca.com/cici-assets/static/js/2.05a6c18c.chunk.js
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.99.0.12 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0
Resource Hash
f0d1dd0d3bfa03d761273722728da3dcce43a1257359e6a9d6ade858dd689019
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/help-on-demand/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Dec 2023 00:03:50 GMT
server
Microsoft-IIS/10.0
etag
"0f7f9552139da1:0"
x-powered-by
ASP.NET, ARR/3.0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
accept-ranges
bytes
content-length
586280
x-xss-protection
1; mode=block
main.3d452746.chunk.js
www.coveredca.com/cici-assets/static/js/ 		194 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.coveredca.com/cici-assets/static/js/main.3d452746.chunk.js
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.99.0.12 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0
Resource Hash
4b55f0456225a898a91f49324ac543b6fc458781c6913c7e700cebe7c2ca54b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/help-on-demand/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Dec 2023 00:03:50 GMT
server
Microsoft-IIS/10.0
etag
"0f7f9552139da1:0"
x-powered-by
ASP.NET, ARR/3.0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
accept-ranges
bytes
content-length
43709
x-xss-protection
1; mode=block
runtime~main.501345e2.js
www.coveredca.com/cici-assets/static/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.coveredca.com/cici-assets/static/js/runtime~main.501345e2.js
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.99.0.12 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0
Resource Hash
df44cf405a04f57eddc15b95149a6c21c4c3e073fbe3b9853c2870345fa09208
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/help-on-demand/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Dec 2023 00:03:50 GMT
server
Microsoft-IIS/10.0
etag
"856f6f562139da1:0"
x-powered-by
ASP.NET, ARR/3.0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
accept-ranges
bytes
content-length
988
x-xss-protection
1; mode=block
gtm.js
www.googletagmanager.com/ 		406 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NPFXNXX
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a37c6521110d9c690073dfd788c3fed6516f7418c052e743528f73be45ba002e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112299
x-xss-protection
0
last-modified
Thu, 28 Dec 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 28 Dec 2023 22:07:52 GMT
main.497083da.chunk.css.map
www.coveredca.com/cici-assets/static/css/ 		0
0
js
www.googletagmanager.com/gtag/ 		264 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2JX33V4D57&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPFXNXX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6744e10740c477bfc92f142ce4bebfd5e8f668d7b7430d559d8bc0e15ec13361
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91172
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 28 Dec 2023 22:07:53 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPFXNXX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 28 Dec 2023 21:48:17 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1176
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 28 Dec 2023 23:48:17 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.coveredca.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 16:39:21 GMT
x-content-type-options
nosniff
age
538112
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Dec 2024 16:39:21 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.coveredca.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 08:54:09 GMT
x-content-type-options
nosniff
age
220424
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 08:54:09 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Material+Icons|Material+Icons+Outlined|Material+Icons+Two+Tone|Material+Icons+Round|Material+Icons+Sharp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.coveredca.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 08:59:49 GMT
x-content-type-options
nosniff
age
220084
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 19:51:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 08:59:49 GMT
KFOmCnqEu92Fr1Mu7WxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 		5 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.coveredca.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 04:01:35 GMT
x-content-type-options
nosniff
age
65178
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5560
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Dec 2024 04:01:35 GMT
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.coveredca.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 05:12:10 GMT
x-content-type-options
nosniff
age
233743
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9628
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 05:12:10 GMT
activityi;dc_pre=CIL_oK2Ss4MDFULmOwIdvAMEng;src=10053689;type=pagev0;cat=pagev00;ord=8962390487284;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;...
10053689.fls.doubleclick.net/ Frame DF60
Redirect Chain
  • https://10053689.fls.doubleclick.net/activityi;src=10053689;type=pagev0;cat=pagev00;ord=8962390487284;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;ua...
  • https://10053689.fls.doubleclick.net/activityi;dc_pre=CIL_oK2Ss4MDFULmOwIdvAMEng;src=10053689;type=pagev0;cat=pagev00;ord=8962390487284;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l...
603 B
516 B 		Document
General
Check archive.org
Download Go to
Full URL
https://10053689.fls.doubleclick.net/activityi;dc_pre=CIL_oK2Ss4MDFULmOwIdvAMEng;src=10053689;type=pagev0;cat=pagev00;ord=8962390487284;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPFXNXX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f6.1e100.net
Software
cafe /
Resource Hash
addfa26d0aff78c308ad0b18731bff84ec4069b2689ff2af38a5e5e3d1638b11
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.coveredca.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
340
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 28 Dec 2023 22:07:53 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 28 Dec 2023 22:07:53 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://10053689.fls.doubleclick.net/activityi;dc_pre=CIL_oK2Ss4MDFULmOwIdvAMEng;src=10053689;type=pagev0;cat=pagev00;ord=8962390487284;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;dc_pre=CI6eoa2Ss4MDFZzIOwIdo1YFCg;src=10007209;type=2020_0;cat=ap_fl0;ord=6673636137137;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;u...
10007209.fls.doubleclick.net/ Frame 36C7
Redirect Chain
  • https://10007209.fls.doubleclick.net/activityi;src=10007209;type=2020_0;cat=ap_fl0;ord=6673636137137;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab...
  • https://10007209.fls.doubleclick.net/activityi;dc_pre=CI6eoa2Ss4MDFZzIOwIdo1YFCg;src=10007209;type=2020_0;cat=ap_fl0;ord=6673636137137;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1...
513 B
521 B 		Document
General
Check archive.org
Download Go to
Full URL
https://10007209.fls.doubleclick.net/activityi;dc_pre=CI6eoa2Ss4MDFZzIOwIdo1YFCg;src=10007209;type=2020_0;cat=ap_fl0;ord=6673636137137;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPFXNXX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f6.1e100.net
Software
cafe /
Resource Hash
fb8b9e7037b0a8b25f940058db2dd9094b21539bc6eb4a6a46983dc28a6004eb
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.coveredca.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
309
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 28 Dec 2023 22:07:53 GMT
expires
Thu, 28 Dec 2023 22:07:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 28 Dec 2023 22:07:53 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://10007209.fls.doubleclick.net/activityi;dc_pre=CI6eoa2Ss4MDFZzIOwIdo1YFCg;src=10007209;type=2020_0;cat=ap_fl0;ord=6673636137137;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
bat.js
bat.bing.com/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPFXNXX
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Thu, 28 Dec 2023 22:07:52 GMT
last-modified
Fri, 10 Nov 2023 20:09:55 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 1D6034ED0A4D4A59B02BF8B6536EECDD Ref B: FRAEDGE1417 Ref C: 2023-12-28T22:07:53Z
etag
"80abcdf1114da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13175
4001.js
script.crazyegg.com/pages/scripts/0116/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0116/4001.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPFXNXX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e2788846b4a9c9ce794ff5116d0ae8c0543da4972154cee6ed40bdfc6696974

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:53 GMT
content-encoding
gzip
cf-cache-status
HIT
age
3728
cf-polished
origSize=6112
ce-version
11.5.164
cf-bgj
minify
last-modified
Thu, 28 Dec 2023 21:05:45 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-ray
83cd1e655a833aa0-FRA
activityi;dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;...
12509655.fls.doubleclick.net/ Frame 46CB
Redirect Chain
  • https://12509655.fls.doubleclick.net/activityi;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;ua...
  • https://12509655.fls.doubleclick.net/activityi;dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l...
603 B
512 B 		Document
General
Check archive.org
Download Go to
Full URL
https://12509655.fls.doubleclick.net/activityi;dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPFXNXX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f6.1e100.net
Software
cafe /
Resource Hash
d6a5a2e8cb0e4995e02d116247fbb93a988282587d4e03d15905f338d3f0625c
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.coveredca.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
336
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 28 Dec 2023 22:07:53 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 28 Dec 2023 22:07:53 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://12509655.fls.doubleclick.net/activityi;dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/conversion/11388473181/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/11388473181/?random=1703801273099&cv=11&fst=1703801273099&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v830981574&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F&label=3dwVCMbhy_MYEN2eubYq&hn=www.googleadservices.com&frm=0&value=0&bttype=purchase&auid=1464867358.1703801273&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPFXNXX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
20603593ca61f806ae8a816e1e7c1cd595c2d5fe830dd394a684c61c3f067e6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 22:07:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1617
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 28 Dec 2023 22:07:53 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
sudQkvg9r0AcOyXlxlQQUXS/iRK0cgGtlZVw/++9y+1fdPBbCY+ZSlN1/mNFUIZJgd2lE+pGK+gTAOddN+PCrw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		42 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f3b0e2a3800f73c56a4dc78562fc32130a8eec6887982d10e6a5dcf6497969c6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Dec 2023 13:09:33 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=12569
accept-ranges
bytes
content-length
15541
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:53 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 16:56:53 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100081-IAD, cache-fra-eddf8230039-FRA
193.min.js
dmp.datawrkz.com/pxl/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dmp.datawrkz.com/pxl/193.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPFXNXX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c9ab307ba8c17507863729bcf3534353c7a993f634302564f9827873b54836eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
r0M1m8RC7i6yvJx.l0.0bvBTjVWFXTaW
content-encoding
gzip
via
1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
date
Thu, 28 Dec 2023 22:07:54 GMT
last-modified
Wed, 05 May 2021 11:05:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
W/"4fa1af575bce48bb49fd8b2ccb678b5a"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
x-amz-cf-id
5cWz9S7cvr3pXulpzk_YBs5pl-1PBxl111h_2oSrzh_RknjQcIFRNg==
roundtrip.js
s.adroll.com/j/6GHUSUHQLBABLH4LANUROM/ 		85 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/6GHUSUHQLBABLH4LANUROM/roundtrip.js
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e1:c000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0bfb1245a18e150704b90d299768c9dd74293551472b290c0bd9d0f502a36345

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

X-Amz-Version-Id
WRFgUafvq9i7cOESvSwlfEYclaD0NEeR
Content-Encoding
gzip
Via
1.1 5402e178a9a12e26b4a64f83dfd20d10.cloudfront.net (CloudFront)
Date
Thu, 28 Dec 2023 21:36:52 GMT
Age
1862
X-Amz-Cf-Pop
CDG50-C2
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 28 Dec 2023 12:02:19 GMT
Server
AmazonS3
Etag
W/"dc17d1b56dbb6baa07ba67557afa46c4"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Max-Age
600
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
VIlJJDlRgUOxhqDPeHzRChkkvxV_eTBrekTwv1UE51dpl9nbgsqWsg==
js
www.googletagmanager.com/gtag/ 		194 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-622382053
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPFXNXX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3d2675d5ca547524623117f8e9aee1a61aa554ec5842245118d9c27f49c276ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72451
x-xss-protection
0
last-modified
Thu, 28 Dec 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 28 Dec 2023 22:07:53 GMT
js
www.googletagmanager.com/gtag/ 		199 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-347055986
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPFXNXX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
54b3dc1debdf0ca6bbc39dadf155ed30214a77b521fdebb9507dd39f2f5c53ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74061
x-xss-protection
0
last-modified
Thu, 28 Dec 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 28 Dec 2023 22:07:53 GMT
pixel.js
origin.acuityplatform.com/event/v2/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://origin.acuityplatform.com/event/v2/pixel.js
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.207.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-207-113.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 /
Resource Hash
89cf66cb9de8da20fc15e9953845dd4d1de2c0fb465c827a09d818449222c533

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 28 Dec 2023 22:07:53 GMT
Last-Modified
Wed, 04 Jan 2023 18:57:40 GMT
Server
nginx/1.14.0
ETag
"63b5cc24-978"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2424
events.js
tags.srv.stackadapt.com/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/events.js
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.184.58.94 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-58-94.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
976f20824c556d298fb13a73528228bb29a3a4bf23a1a84a9cc3d912c0d0b645

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 28 Dec 2023 22:07:53 GMT
cache-control
max-age=5
content-encoding
gzip
content-type
text/javascript
tv2track.js
collector-22874.us.tvsquared.com/ 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://collector-22874.us.tvsquared.com/tv2track.js
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.216.88.61 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-216-88-61.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 28 Dec 2023 22:07:53 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 Nov 2023 13:50:22 GMT
Server
nginx
ETag
"6542579e-2133"
Content-Type
application/javascript
Cache-Control
max-age=600
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Content-Length
8499
Expires
Thu, 28 Dec 2023 22:17:53 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CBR812JC77UBFBMLVASG&lib=ttq
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.117 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-38-98-117.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
deb88abb0fb9888e33685ababca741fa8853eaf289e18ae9b1ff6ed0b88f9123

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-akamai-request-id
c1264fb7.3ca78b8
date
Thu, 28 Dec 2023 22:07:53 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2312282207532F91636AC0A24692633D-2846D7AE2135E6AD-00
x-cache
TCP_MISS from a23-38-99-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time
100,23.38.99.181
server-timing
cdn-cache; desc=MISS, edge; dur=93, origin; dur=7, inner; dur=4
content-length
1342
pragma
no-cache
server
nginx
x-tt-logid
202312282207532F91636AC0A24692633D
x-cache-remote
TCP_MISS from a23-48-200-208.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
7,23.48.200.208
x-tt-trace-host
01176b51d7392c1fa000bd81347ecbc731002c26da119b4e26813cee03a798eaf2f224b98716455d36f4c096afb7793fe9e09f5f9277fb75644be05c88bcb625a1c3c007e7bcc83a9756f21a462acb4c9b6e6a1e55cf74dee45863521a5b30f04f38609d80b535adb28e8707682f7bdcca
expires
Thu, 28 Dec 2023 22:07:53 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CKOMGCRC77UD28E17N20&lib=ttq
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.117 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-38-98-117.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
74631a6ca8e24342f4b9bac81f5d68c1096295f28128ab771afad2d7e64a178e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-akamai-request-id
3ca78b9
date
Thu, 28 Dec 2023 22:07:53 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-231228220753D36461F8AAACDBADA76F-60F510D51F3609E0-00
x-cache
TCP_MISS from a23-38-99-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing
inner; dur=3, cdn-cache; desc=MISS, edge; dur=1, origin; dur=98
content-length
1348
pragma
no-cache
server
nginx
x-tt-logid
20231228220753D36461F8AAACDBADA76F
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
99,23.38.99.181
x-tt-trace-host
01176b51d7392c1fa000bd81347ecbc731c6479e4890ab6c70b06269a2c6197ad1abef4afde075f88eb76f485673a02aa6965c4976f40b9befbe26b27b6c3ad755ccafef1d3f3c4f4f9f494a0741e498481488ca8b5eaf907b2b6bda8545629172
expires
Thu, 28 Dec 2023 22:07:53 GMT
rs
tags.w55c.net/
Redirect Chain
  • https://tags.w55c.net/rs?id=bb1cfc7f4e8848f681c652efb71d2d86&t=marketing
  • https://tags.w55c.net/rs?sccid=e8a5bae5-a651-3ad1-5313-3e3aad620e85&scc=1&id=bb1cfc7f4e8848f681c652efb71d2d86&t=marketing
42 B
752 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.w55c.net/rs?sccid=e8a5bae5-a651-3ad1-5313-3e3aad620e85&scc=1&id=bb1cfc7f4e8848f681c652efb71d2d86&t=marketing
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
HTTP/1.1
Server
52.28.181.94 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-181-94.eu-central-1.compute.amazonaws.com
Software
Retargeting/v2.0.30-795-gb641a57#rel-ec2-master i-0f7f5cc7c951f6e61@eu-central-1b@dxedge-app-eu-central-1-prod-asg /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 28 Dec 2023 22:07:52 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
Retargeting/v2.0.30-795-gb641a57#rel-ec2-master i-0f7f5cc7c951f6e61@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Forwarded-Proto
Content-Length
42
Expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 28 Dec 2023 22:07:52 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
Retargeting/v2.0.30-795-gb641a57#rel-ec2-master i-0f7f5cc7c951f6e61@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Origin
*
Location
https://tags.w55c.net/rs?sccid=e8a5bae5-a651-3ad1-5313-3e3aad620e85&scc=1&id=bb1cfc7f4e8848f681c652efb71d2d86&t=marketing
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Forwarded-Proto
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
/
adservice.google.de/ddm/fls/p/src=6219944;dc_pre=CLqAoa2Ss4MDFcjIOwIdg0QD1Q;type=cov_r0;cat=cov_r000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7B...
Redirect Chain
  • https://ad.doubleclick.net/ddm/activity/src=6219944;type=cov_r0;cat=cov_r000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1?
  • https://ad.doubleclick.net/ddm/activity/src=6219944;dc_pre=CLqAoa2Ss4MDFcjIOwIdg0QD1Q;type=cov_r0;cat=cov_r000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_co...
  • https://adservice.google.com/ddm/fls/p/src=6219944;dc_pre=CLqAoa2Ss4MDFcjIOwIdg0QD1Q;type=cov_r0;cat=cov_r000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_con...
  • https://adservice.google.de/ddm/fls/p/src=6219944;dc_pre=CLqAoa2Ss4MDFcjIOwIdg0QD1Q;type=cov_r0;cat=cov_r000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_cons...
42 B
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.de/ddm/fls/p/src=6219944;dc_pre=CLqAoa2Ss4MDFcjIOwIdg0QD1Q;type=cov_r0;cat=cov_r000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;~oref=https://www.coveredca.com/
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 22:07:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 28 Dec 2023 22:07:53 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://adservice.google.de/ddm/fls/p/src=6219944;dc_pre=CLqAoa2Ss4MDFcjIOwIdg0QD1Q;type=cov_r0;cat=cov_r000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;~oref=https://www.coveredca.com/
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-2JX33V4D57&gtm=45je3bt0v890224910z8830981574&_p=1703801272874&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=916369582.1703801273&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703801273&sct=1&seg=0&dl=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2508
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2JX33V4D57&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 22:07:54 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.coveredca.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-2JX33V4D57&cid=916369582.1703801273&gtm=45je3bt0v890224910z8830981574&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2JX33V4D57&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 22:07:54 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.coveredca.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-2JX33V4D57&cid=916369582.1703801273&gtm=45je3bt0v890224910z8830981574&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1946973937
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 22:07:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=768706752&t=pageview&_s=1&dl=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAEK~&jid=1995425477&gjid=1921451603&cid=916369582.1703801273&tid=UA-39926152-1&_gid=1025571037.1703801273&_r=1&_slc=1&gtm=45He3bt0n81NPFXNXXv830981574&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=32745864
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.coveredca.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 22:07:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.coveredca.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
350 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-39926152-1&cid=916369582.1703801273&jid=1995425477&gjid=1921451603&_gid=1025571037.1703801273&_u=YADAAEAAAAAAACAEK~&z=1708600771
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.coveredca.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 28 Dec 2023 22:07:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.coveredca.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
27009950.js
bat.bing.com/p/action/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/27009950.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
923fe0df6dede4f65d0606894479fb0ca3d02404bf37ef66a9be5195920a1ea5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
date
Thu, 28 Dec 2023 22:07:52 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 8D788228EBF44A55A986F9619716D49F Ref B: FRAEDGE1417 Ref C: 2023-12-28T22:07:53Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
cache-control
private,max-age=60
343061643.js
bat.bing.com/p/action/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/343061643.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
54732a3ea1bb046de979fb1a49e1dab87ab4f9dee9c5632675b7953bcf470e15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
date
Thu, 28 Dec 2023 22:07:52 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: DE4CE985A8D2442C9FB6056B7A0BA33D Ref B: FRAEDGE1417 Ref C: 2023-12-28T22:07:53Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
cache-control
private,max-age=60
www.coveredca.com.json
script.crazyegg.com/pages/data-scripts/0116/4001/site/ 		19 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0116/4001/site/www.coveredca.com.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0116/4001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4ee3ac958768ed751eff747f986a51df95c802263bfe04e1a5c4ec1c1ae0fd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:53 GMT
content-encoding
gzip
cf-cache-status
HIT
age
10422
ce-version
11.5.164
content-length
4345
last-modified
Thu, 28 Dec 2023 19:14:11 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83cd1e660ba14d6a-FRA
/
www.google.de/pagead/1p-conversion/11388473181/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11388473181/?random=1685878871&cv=11&fst=1703801273099&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v830981574&gcd=11l1l1l1l1&dma_cps=sypha...
  • https://www.google.com/pagead/1p-conversion/11388473181/?random=1685878871&cv=11&fst=1703801273099&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v830981574&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=...
  • https://www.google.de/pagead/1p-conversion/11388473181/?random=1685878871&cv=11&fst=1703801273099&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v830981574&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1...
42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/11388473181/?random=1685878871&cv=11&fst=1703801273099&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v830981574&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F&label=3dwVCMbhy_MYEN2eubYq&hn=www.googleadservices.com&frm=0&value=0&auid=1464867358.1703801273&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ05hMHJBWVFfTlc2aFBxTWxOWkpFaVlBc0RCUnVycFRUTGswcVVNMmF2VV9aQWVMZDZtbWFaOGxDUUUwaWhLRWVXYk04anpQN1EaWkNoRUlnTmEwckFZUW1ON1I3dS1hamJ5WUFSSXVBTHZyNWFNVXNvaE0xd2llMk9qbGFmSEo1VUFrODhYREVubjhkLWxqTEE3bTlmUWF1WktKMm9oUVFXejc5dyITCKHVoK2Ss4MDFSFOHgIdhlcCYw&is_vtc=1&ocp_id=ufGNZeGUDKGc-cAPhq-JmAY&cid=CAQSKQAvHhf_Ywdybl3AoO28cp--ZY7WmRRCHpCFcaguX_zC6EB1xXASnSiF&eitems=ChEIgNa0rAYQpf2h1JGqwumUARIdADQ_jGc7eXqkSELwD_coGz4yIjm5NxzGHruDo7Q&random=617153175&ipr=y
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 22:07:53 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 28 Dec 2023 22:07:53 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/11388473181/?random=1685878871&cv=11&fst=1703801273099&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v830981574&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F&label=3dwVCMbhy_MYEN2eubYq&hn=www.googleadservices.com&frm=0&value=0&auid=1464867358.1703801273&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ05hMHJBWVFfTlc2aFBxTWxOWkpFaVlBc0RCUnVycFRUTGswcVVNMmF2VV9aQWVMZDZtbWFaOGxDUUUwaWhLRWVXYk04anpQN1EaWkNoRUlnTmEwckFZUW1ON1I3dS1hamJ5WUFSSXVBTHZyNWFNVXNvaE0xd2llMk9qbGFmSEo1VUFrODhYREVubjhkLWxqTEE3bTlmUWF1WktKMm9oUVFXejc5dyITCKHVoK2Ss4MDFSFOHgIdhlcCYw&is_vtc=1&ocp_id=ufGNZeGUDKGc-cAPhq-JmAY&cid=CAQSKQAvHhf_Ywdybl3AoO28cp--ZY7WmRRCHpCFcaguX_zC6EB1xXASnSiF&eitems=ChEIgNa0rAYQpf2h1JGqwumUARIdADQ_jGc7eXqkSELwD_coGz4yIjm5NxzGHruDo7Q&random=617153175&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
27009950
www.clarity.ms/tag/uet/ 		828 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/27009950
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/27009950.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bcc5ca10f47aa035b878cf08c5711478a5d5136829877f64b41e5bfbcbc9a370

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
-1
date
Thu, 28 Dec 2023 22:07:53 GMT
x-azure-ref
20231228T220753Z-fddpb6fqzx58tet1rgpkrvsp6c00000005t0000000002n5g
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
828
request-context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
552091788777106
connect.facebook.net/signals/config/ 		136 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/552091788777106?v=2.9.138&r=stable&domain=www.coveredca.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bae004dac2e01a27b10f1dbcecb9db9e020eb70d4d3fd57a867e6f27362f45fb
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 28 Dec 2023 22:07:53 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
36223
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
eXAcEau50ziy/shA/vfnTE45THAB2yvDD5g43/X4rewcq9cr2ZdSqnlw1bYfkvTm0rHsoATOUaPCu45/XuWfbw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-39926152-1&cid=916369582.1703801273&jid=1995425477&_u=YADAAEAAAAAAACAEK~&z=578717546
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 22:07:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-39926152-1&cid=916369582.1703801273&jid=1995425477&_u=YADAAEAAAAAAACAEK~&z=578717546
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 22:07:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
343061643
www.clarity.ms/tag/uet/ 		829 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/343061643
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/343061643.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c23b904dfeeac8933fd53e912d1c08d0a8ef58d5ea26571374f2541b3cd5b192

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
-1
date
Thu, 28 Dec 2023 22:07:53 GMT
x-azure-ref
20231228T220753Z-fddpb6fqzx58tet1rgpkrvsp6c00000005t0000000002n5h
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
829
request-context
appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2088348&time=1703801273270&url=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2088348&time=1703801273270&url=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2088348%26time%3D1703801273270%26url%3Dhttps%253A%252F%252Fwww.coveredca.com%252F...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2088348&time=1703801273270&url=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F&cookiesTest=true&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2088348&time=1703801273270&url=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F&cookiesTest=true&liSync=true&e_ipv6=AQIKRZt_7hDukQAAAYyyeEBHYO...
0
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2088348&time=1703801273270&url=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F&cookiesTest=true&liSync=true&e_ipv6=AQIKRZt_7hDukQAAAYyyeEBHYO14_ntSZHy8qIewr4lm7-uNqC6whqZGajnKhq4CUmU8MXHmETlZ
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:53 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 72E1AC68BAA14630A45CA13B24F26619 Ref B: DUS30EDGE0708 Ref C: 2023-12-28T22:07:54Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYNmSW+1GfOcGAx79XHHg==

Redirect headers

date
Thu, 28 Dec 2023 22:07:54 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 7BAA9F731FDA4DEB8AF0C572052F6842 Ref B: FRAEDGE1514 Ref C: 2023-12-28T22:07:54Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2088348&time=1703801273270&url=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F&cookiesTest=true&liSync=true&e_ipv6=AQIKRZt_7hDukQAAAYyyeEBHYO14_ntSZHy8qIewr4lm7-uNqC6whqZGajnKhq4CUmU8MXHmETlZ
x-li-proto
http/2
content-length
0
x-li-uuid
AAYNmSW6+I3wlEkTkCACNw==
dc_pre=CIL_oK2Ss4MDFULmOwIdvAMEng;src=10053689;type=pagev0;cat=pagev00;ord=8962390487284;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uam...
adservice.google.com/ddm/fls/i/ Frame C70B 		602 B
414 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CIL_oK2Ss4MDFULmOwIdvAMEng;src=10053689;type=pagev0;cat=pagev00;ord=8962390487284;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F
Requested by
Host: 10053689.fls.doubleclick.net
URL: https://10053689.fls.doubleclick.net/activityi;dc_pre=CIL_oK2Ss4MDFULmOwIdvAMEng;src=10053689;type=pagev0;cat=pagev00;ord=8962390487284;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
582115bfb3f28b6228ae8223119b9ec524cf5c2adb3a73b5de885fcce7d7e5b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://10053689.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
341
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 28 Dec 2023 22:07:53 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
adsct
t.co/i/ 		43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=b0c0511f-ba25-4821-b14d-384e36da352b&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=440424d6-e703-48e9-9d9e-a49ce67baac8&tw_document_href=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3mp0&type=javascript&version=2.3.29
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-response-time
103
date
Thu, 28 Dec 2023 22:07:53 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
f51901b7761fcf42
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
64f516405b57103ecf21428ee0e79e904d2edd32e2d3e9404c63f3480f78fb6c
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=b0c0511f-ba25-4821-b14d-384e36da352b&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=440424d6-e703-48e9-9d9e-a49ce67baac8&tw_document_href=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3mp0&type=javascript&version=2.3.29
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-response-time
106
date
Thu, 28 Dec 2023 22:07:53 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
b45d2ba8ef26429e
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
fcc7463fd7e1dadfef4cfa054921156fb1d3d210239612b5506b2e8f9ad92080
content-length
43
dc_pre=CI6eoa2Ss4MDFZzIOwIdo1YFCg;src=10007209;type=2020_0;cat=ap_fl0;ord=6673636137137;auiddc=*;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;u...
adservice.google.com/ddm/fls/z/ Frame 36C7 		42 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CI6eoa2Ss4MDFZzIOwIdo1YFCg;src=10007209;type=2020_0;cat=ap_fl0;ord=6673636137137;auiddc=*;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F
Requested by
Host: 10007209.fls.doubleclick.net
URL: https://10007209.fls.doubleclick.net/activityi;dc_pre=CI6eoa2Ss4MDFZzIOwIdo1YFCg;src=10007209;type=2020_0;cat=ap_fl0;ord=6673636137137;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://10007209.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 22:07:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=552091788777106&ev=PageView&dl=https%3A%2F%2Fwww.coveredca.com&rl=&if=false&ts=1703801273311&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4124&fbp=fb.1.1703801273310.934052432&pm=1&hrl=c4eca5&ler=empty&it=1703801273266&coo=false&cs_cc=1&cas=5298751116913895%2C6296015473787865%2C6755243464492250%2C4919161098184183%2C5571725656217240%2C4098320666887415%2C2744953752283397&rqm=GET
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 28 Dec 2023 22:07:53 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
8ba07dcc278cb95cb008c6e507593ee9.js
script.crazyegg.com/pages/versioned/common-scripts/ 		96 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/common-scripts/8ba07dcc278cb95cb008c6e507593ee9.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0116/4001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6d0824c232f1be9cf8778e2f91360b3562ac7464795f81882f95d22defbd146

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:53 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 19 Dec 2023 07:22:31 GMT
server
cloudflare
age
555411
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83cd1e664bb53aa0-FRA
content-length
31973
dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uam...
12509655.fls.doubleclick.net/ddm/fls/r/ Frame 0AAB
Redirect Chain
  • https://adservice.google.com/ddm/fls/i/dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dm...
  • https://12509655.fls.doubleclick.net/ddm/fls/r/dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l...
2 KB
1011 B 		Document
General
Check archive.org
Download Go to
Full URL
https://12509655.fls.doubleclick.net/ddm/fls/r/dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F
Requested by
Host: 12509655.fls.doubleclick.net
URL: https://12509655.fls.doubleclick.net/activityi;dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f6.1e100.net
Software
cafe /
Resource Hash
f945b7f7198f51c77b676024ca43c482efb95b3184161b37edabc3874d65555a
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://12509655.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
986
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 28 Dec 2023 22:07:53 GMT
expires
Thu, 28 Dec 2023 22:07:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 28 Dec 2023 22:07:53 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://12509655.fls.doubleclick.net/ddm/fls/r/dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dc_pre=CIL_oK2Ss4MDFULmOwIdvAMEng;src=10053689;type=pagev0;cat=pagev00;ord=8962390487284;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uam...
10053689.fls.doubleclick.net/ddm/fls/r/ Frame BB18
Redirect Chain
  • https://adservice.google.de/ddm/fls/i/dc_pre=CIL_oK2Ss4MDFULmOwIdvAMEng;src=10053689;type=pagev0;cat=pagev00;ord=8962390487284;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma...
  • https://10053689.fls.doubleclick.net/ddm/fls/r/dc_pre=CIL_oK2Ss4MDFULmOwIdvAMEng;src=10053689;type=pagev0;cat=pagev00;ord=8962390487284;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l...
1 KB
579 B 		Document
General
Check archive.org
Download Go to
Full URL
https://10053689.fls.doubleclick.net/ddm/fls/r/dc_pre=CIL_oK2Ss4MDFULmOwIdvAMEng;src=10053689;type=pagev0;cat=pagev00;ord=8962390487284;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CIL_oK2Ss4MDFULmOwIdvAMEng;src=10053689;type=pagev0;cat=pagev00;ord=8962390487284;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f6.1e100.net
Software
cafe /
Resource Hash
722960b3c055c5ddab0f140bfd0bdada62f3b16a52ad0e485b65490ef9ff78c3
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
556
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 28 Dec 2023 22:07:53 GMT
expires
Thu, 28 Dec 2023 22:07:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 28 Dec 2023 22:07:53 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://10053689.fls.doubleclick.net/ddm/fls/r/dc_pre=CIL_oK2Ss4MDFULmOwIdvAMEng;src=10053689;type=pagev0;cat=pagev00;ord=8962390487284;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sa.css
tags.srv.stackadapt.com/ 		65 B
203 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.css
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.184.58.94 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-58-94.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
4839570128a8b1b3f49ead967389c294094326b9deae01c24642c345be8c79ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 28 Dec 2023 22:07:53 GMT
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
65
content-type
text/css
sa.jpeg
tags.srv.stackadapt.com/ 		0
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.jpeg
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.184.58.94 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-58-94.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 28 Dec 2023 22:07:53 GMT
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
651
content-type
image/jpeg
t
evt.undertone.com/ Frame 0AAB
Redirect Chain
  • https://ads.undertone.com/t?trackerid=9464&cb=[INSERT_YOUR_CACHE-BUSTER_HERE]
  • https://evt.undertone.com/t?trackerid=9464&cb=[INSERT_YOUR_CACHE-BUSTER_HERE]
0
655 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://evt.undertone.com/t?trackerid=9464&cb=[INSERT_YOUR_CACHE-BUSTER_HERE]
Requested by
Host: 12509655.fls.doubleclick.net
URL: https://12509655.fls.doubleclick.net/ddm/fls/r/dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F
Protocol
H2
Server
65.9.86.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-120.ams1.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://12509655.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 22:07:53 GMT
via
1.1 d143bdfb7cce4cf7ec0bcf9ec13e5914.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://12509655.fls.doubleclick.net/
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-amz-cf-id
Q-vIx1GldeOumdo_JNdqgAwvWj9qQGqfwCC9iTfWf2ALON2Rf_8Cpg==
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Thu, 28 Dec 2023 22:07:53 GMT
via
1.1 04ddc2ad740f178bb6e0e07dc16f9744.cloudfront.net (CloudFront)
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop
AMS58-P2
x-cache
Miss from cloudfront
location
https://evt.undertone.com/t?trackerid=9464&cb=[INSERT_YOUR_CACHE-BUSTER_HERE]
content-length
0
x-amz-cf-id
YlFcMsdG-BmrSWWJ_U-5TyoDTUxSYj5Qc4JJD0upFbKTbZYYUb42hw==
b331230a-99cd-4811-9d5f-052942f61038
tag.simpli.fi/sifitag/ Frame 0AAB 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.simpli.fi/sifitag/b331230a-99cd-4811-9d5f-052942f61038
Requested by
Host: 12509655.fls.doubleclick.net
URL: https://12509655.fls.doubleclick.net/ddm/fls/r/dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.234.162.151 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
151.162.234.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
395e41fc99daec855f98082ab55a53c0075712945dba1de61a008c07ef08e8be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://12509655.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 22:07:53 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
x-request-id
F6UeOy8pss_WFkC6KWmB
expires
Thu, 01 Jan 1970 00:00:00 GMT
up_loader.1.1.0.js
js.adsrvr.org/ Frame 0AAB 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: 12509655.fls.doubleclick.net
URL: https://12509655.fls.doubleclick.net/ddm/fls/r/dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.65.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-65-116.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://12509655.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 28 Dec 2023 01:34:58 GMT
Content-Encoding
gzip
Via
1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
Last-Modified
Wed, 20 Dec 2023 01:34:49 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-C1
Age
73976
x-amz-server-side-encryption
AES256
ETag
W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
mQtOteQlFCve9or4uTtYMeXaj2Df6xll-wtVMrTyPnxK_K6vgsnFgQ==
beacon
r.turn.com/r/ Frame 0AAB 		43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/beacon?b2=aplqcgxxykdWilrHX0gtRuqOj5EEbxmJ3NMN-XV_Pz0_6sku8ubheZXapgKL_IqQ5OxFGR-N5DrhYOYGL3BTHw&cid=
Requested by
Host: 12509655.fls.doubleclick.net
URL: https://12509655.fls.doubleclick.net/ddm/fls/r/dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://12509655.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 28 Dec 2023 22:07:53 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
analytics.min.js
cdn.bttrack.com/js/15522/analytics/1.0/ Frame 0AAB 		599 B
717 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bttrack.com/js/15522/analytics/1.0/analytics.min.js
Requested by
Host: 12509655.fls.doubleclick.net
URL: https://12509655.fls.doubleclick.net/ddm/fls/r/dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:4::b818:4d8c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
db5228bddbe3122695b33bd00d362c0bf6142eab32bcf18f27651b044e3fef22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://12509655.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-servername
assets01-iad
date
Thu, 28 Dec 2023 22:07:53 GMT
cache-control
private, max-age=46966
content-length
599
content-type
text/javascript; charset=utf-8
Pixels
px.adentifi.com/ Frame 0AAB 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.adentifi.com/Pixels?a_id=13618;uq=6032274775633.903;p_url=https%3A%2F%2F12509655.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCI_3oa2Ss4MDFavWOwId6MgIWg%3Bsrc%3D12509655%3Btype%3Dcover00%3Bcat%3Ddc_cc0%3Bord%3D6005011502599%3Bauiddc%3D1464867358.1703801273%3Bgtm%3D45He3bt0v830981574%3Bgcd%3D11l1l1l1l1%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.coveredca.com%252Fhelp-on-demand%252F
Requested by
Host: 12509655.fls.doubleclick.net
URL: https://12509655.fls.doubleclick.net/ddm/fls/r/dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.198.133.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-133-245.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://12509655.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:53 GMT
pj
e.acuityplatform.com/ 		149 B
591 B 		Script
General
Check archive.org
Download Go to
Full URL
https://e.acuityplatform.com/pj?pk=2912521174416905271&pu=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F&pixelKey=2912521174416905271
Requested by
Host: origin.acuityplatform.com
URL: https://origin.acuityplatform.com/event/v2/pixel.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
154.59.122.94 Schiphol, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e4142b08bb91c6729ce36efd4ad1ef33c7a9b8b02f75066b0c2d0c748392fc4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
content-length
149
content-type
text/javascript
6GHUSUHQLBABLH4LANUROM
d.adroll.com/consent/check/ 		509 B
602 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/consent/check/6GHUSUHQLBABLH4LANUROM?pv=71261800696.16046&arrfrr=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F&_s=989d797d155c3aa21732c7fc1598d555&_b=2
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/6GHUSUHQLBABLH4LANUROM/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe05:83c0:b7ec:706f:4cee Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
75d9b2d54e160aa28468c8487ce983ea26bbce9acde597474d7321a7f7f203f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:54 GMT
server
nginx/1.22.1
content-length
509
content-type
application/javascript
sync
live.rezync.com/ Frame 0AAB 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.rezync.com/sync?c=16b6410431b6374e780104abb0443ca8&p=ceeb9c3252957fe978b50e7b8c241d67&k=coveredca-pixel-7735&zmpID=coveredca&cache_buster={cache_buster}
Requested by
Host: 12509655.fls.doubleclick.net
URL: https://12509655.fls.doubleclick.net/ddm/fls/r/dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.83.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-63.ams58.r.cloudfront.net
Software
lighttpd/1.4.69 /
Resource Hash
d9c8cff9653c89b6c64fbaf783459830f5d5dcdd13d2510a5e40e3410fda3b49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://12509655.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:53 GMT
via
1.1 77c9addf0db376b3faacc5e07c320552.cloudfront.net (CloudFront)
server
lighttpd/1.4.69
x-amz-cf-pop
AMS58-P5
vary
Cookie
x-cache
Miss from cloudfront
content-type
text/javascript
accept-ranges
bytes
content-length
2665
x-amz-cf-id
VgP-U6DqPF_uctCxc6-dk8yneDrAbefwpJcZcKPyAP8-1HhE4DvUcg==
saq_pxl
tags.srv.stackadapt.com/ 		116 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/saq_pxl?uid=7oTzSA-cVwO07cxLCBtM3Q&is_js=true&landing_url=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F&t=&tip=3deXxjyPhgL-RtxR5QIHzRRCJ5lI-04EkPiSVMJjTJs&host=https%3A%2F%2Fwww.coveredca.com&sa_conv_data_css_value=%270-d083687b-9270-573f-5ceb-203268d2ac2c%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd9d083687b9270573f5ceb203268d2ac2cd972da1b&sa-user-id-v3=s%253AAQAKIAHdrdrnKhTL6x10ojWX_x2eEetS1eWMyOQxsMRVvNPgEHwYBCC547esBjABOgQ8w7t9QgRjsjyt.kSIeJhe4bdeRDnHJuBf%252BJoqneyOa0UGw0pK%252FvQdiEO8&sa-user-id-v2=s%253A0INoe5JwVz9c6yAyaNKsLNly2hs.8omT8wW5eQ%252BUKcfhcsm59I3rK2UsGLto8rDcuyB7g9A&sa-user-id=s%253A0-d083687b-9270-573f-5ceb-203268d2ac2c.yVX0NuDnwGO6rZAerbWC%252F30tiI8jtvJqu%252FWwaSuy8xQ
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.184.58.94 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-58-94.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
f9d7dcdfe865be551058ef03ebabb19b81722cb8d2dbf46e94094587ed09bcd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
https://www.coveredca.com
date
Thu, 28 Dec 2023 22:07:53 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
116
access-control-allow-methods
GET
content-type
text/plain; charset=utf-8
starV6.gif
jelly-v6.mdhv.io/v1/ Frame BB18
Redirect Chain
  • https://jelly.mdhv.io/v1/star.gif?pid=NzT1YtNVMIoKbJEt0Fns4xvOen3A&src=mh&evt=hi
  • https://jelly-v6.mdhv.io/v1/starV6.gif?evt=hi&pid=NzT1YtNVMIoKbJEt0Fns4xvOen3A&src=mh&tx=673f2f3c-a89b-4250-a349-e943d5678928
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jelly-v6.mdhv.io/v1/starV6.gif?evt=hi&pid=NzT1YtNVMIoKbJEt0Fns4xvOen3A&src=mh&tx=673f2f3c-a89b-4250-a349-e943d5678928
Requested by
Host: 10053689.fls.doubleclick.net
URL: https://10053689.fls.doubleclick.net/ddm/fls/r/dc_pre=CIL_oK2Ss4MDFULmOwIdvAMEng;src=10053689;type=pagev0;cat=pagev00;ord=8962390487284;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F
Protocol
H2
Server
2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://10053689.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 22:07:53 GMT
server
Google Frontend
content-type
image/gif
x-cloud-trace-context
0748d8ade2f52bec7f57b1b628f42c67
cache-control
no-store,no-cache,must-revalidate,max-age=0,post-check=0,pre-check=0
content-length
43
expires
-1

Redirect headers

location
https://jelly-v6.mdhv.io/v1/starV6.gif?evt=hi&pid=NzT1YtNVMIoKbJEt0Fns4xvOen3A&src=mh&tx=673f2f3c-a89b-4250-a349-e943d5678928
x-cloud-trace-context
e6705b2cbb8b7de732cedef88c89b7ba
date
Thu, 28 Dec 2023 22:07:53 GMT
server
Google Frontend
content-length
173
content-type
text/html; charset=utf-8
/
insight.adsrvr.org/track/pxl/ Frame BB18 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/pxl/?adv=ymxregn&ct=0:4xp2kim&fmt=3
Requested by
Host: 10053689.fls.doubleclick.net
URL: https://10053689.fls.doubleclick.net/ddm/fls/r/dc_pre=CIL_oK2Ss4MDFULmOwIdvAMEng;src=10053689;type=pagev0;cat=pagev00;ord=8962390487284;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://10053689.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:53 GMT
server
Kestrel
content-length
70
content-type
image/gif
rs
tags.w55c.net/ Frame BB18 		42 B
752 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.w55c.net/rs?id=48794d658ff946ef98222e6e1ffab3de&t=marketing
Requested by
Host: 10053689.fls.doubleclick.net
URL: https://10053689.fls.doubleclick.net/ddm/fls/r/dc_pre=CIL_oK2Ss4MDFULmOwIdvAMEng;src=10053689;type=pagev0;cat=pagev00;ord=8962390487284;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.181.94 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-181-94.eu-central-1.compute.amazonaws.com
Software
Retargeting/v2.0.30-795-gb641a57#rel-ec2-master i-029f22d856dc4e10e@eu-central-1a@dxedge-app-eu-central-1-prod-asg /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://10053689.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 28 Dec 2023 22:07:53 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
Retargeting/v2.0.30-795-gb641a57#rel-ec2-master i-029f22d856dc4e10e@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Forwarded-Proto
Content-Length
42
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.js
origin.acuityplatform.com/event/v2/ Frame BB18 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://origin.acuityplatform.com/event/v2/pixel.js
Requested by
Host: 10053689.fls.doubleclick.net
URL: https://10053689.fls.doubleclick.net/ddm/fls/r/dc_pre=CIL_oK2Ss4MDFULmOwIdvAMEng;src=10053689;type=pagev0;cat=pagev00;ord=8962390487284;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.207.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-207-113.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 /
Resource Hash
89cf66cb9de8da20fc15e9953845dd4d1de2c0fb465c827a09d818449222c533

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://10053689.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 28 Dec 2023 22:07:53 GMT
Last-Modified
Wed, 04 Jan 2023 18:57:40 GMT
Server
nginx/1.14.0
ETag
"63b5cc24-978"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2424
js
bttrack.com/engagement/ Frame 0AAB 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bttrack.com/engagement/js?goalId=15522&cb=1703801273659
Requested by
Host: cdn.bttrack.com
URL: https://cdn.bttrack.com/js/15522/analytics/1.0/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.132.33.69 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
NET-33-132-192.69.bidtellect.com
Software
/
Resource Hash
b924938b22d290519a2cd99cf33e41f039486fb27124b94a475bcc7596ac1e5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://12509655.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-servername
Track001-iad
pragma
no-cache
date
Thu, 28 Dec 2023 22:06:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000;
content-type
text/javascript; charset=utf-8
cache-control
private,no-cache
expires
-1
pj
e.acuityplatform.com/ Frame BB18 		149 B
591 B 		Script
General
Check archive.org
Download Go to
Full URL
https://e.acuityplatform.com/pj?pk=1674189429132940289&pu=https%3A%2F%2F10053689.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCIL_oK2Ss4MDFULmOwIdvAMEng%3Bsrc%3D10053689%3Btype%3Dpagev0%3Bcat%3Dpagev00%3Bord%3D8962390487284%3Bauiddc%3D1464867358.1703801273%3Bgtm%3D45He3bt0v830981574%3Bgcd%3D11l1l1l1l1%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.coveredca.com%252Fhelp-on-demand%252F&pixelKey=1674189429132940289
Requested by
Host: origin.acuityplatform.com
URL: https://origin.acuityplatform.com/event/v2/pixel.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
154.59.122.94 Schiphol, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e4142b08bb91c6729ce36efd4ad1ef33c7a9b8b02f75066b0c2d0c748392fc4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://10053689.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
content-length
149
content-type
text/javascript
main.MWNkZmM2YTcxMA.js
analytics.tiktok.com/i18n/pixel/static/ 		401 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxMA.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CKOMGCRC77UD28E17N20&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.117 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-38-98-117.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
87260ecf581a44a18ca2165015348383b430e6b77ca0b0ec4a9a3b1ebff57160

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-akamai-request-id
3ca796b
date
Thu, 28 Dec 2023 22:07:53 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20231221122555ED9DF2BDB9F5C943C70C
x-tt-trace-id
00-231221122555ED9DF2BDB9F5C943C70C-6490555D864D3A5D-00
vary
Accept-Encoding
x-cache
TCP_HIT from a23-38-99-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
0109a1c48951fc8e959e6020b6a854d3b16f93ce2e2cc328d0ebb4fae8e34bb4e5f8aedcf21b1e6be882362c0ea42c8dbeb8b03f1d960ecdcdb99bbc2def3bf2e32c01d5abc882c530d5367517e0784faf8d41aaf2221888f2f6487594e964224e
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length
110419
tv2track.php
collector-22874.us.tvsquared.com/ 		42 B
276 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector-22874.us.tvsquared.com/tv2track.php?action_name=&idsite=TV-7272182754-1&rec=1&r=499104&h=23&m=7&s=53&url=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F&_id=5cedab69738e3991&_idts=1703801274&_idvc=0&_idn=1&_viewts=&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=382
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.216.88.61 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-216-88-61.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

P3p
CP='OTI DSP COR NID STP UNI OTPa OUR'
Date
Thu, 28 Dec 2023 22:07:54 GMT
Server
nginx
Connection
keep-alive
Request-Id
3ed7d2e9-fb07-44c6-a0c4-f3c27d9356a4
Content-Length
42
Content-Type
image/gif
identify_ce767.js
analytics.tiktok.com/i18n/pixel/static/ 		135 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_ce767.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.117 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-38-98-117.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-akamai-request-id
3ca79f3
date
Thu, 28 Dec 2023 22:07:53 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20231221122557C4626FD1568A47FE4CAA
x-tt-trace-id
00-231221122557C4626FD1568A47FE4CAA-7254BAA4F04347A4-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-38-99-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
0109a1c48951fc8e959e6020b6a854d3b16f93ce2e2cc328d0ebb4fae8e34bb4e58b2b37f8396fecbf1ccc8fd3157a68ea0705e9c5163ba3e2119f796cf810f9e640ed166e52d7aaeb1e091ef15467fd9ed0fd5ace5f8afd7cd9a2c54e7c50fe90
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length
36128
pixel
analytics.tiktok.com/api/v2/ 		0
700 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.117 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-38-98-117.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.coveredca.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
3ca7a1a
date
Thu, 28 Dec 2023 22:07:54 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2312282207534189FA0CF4ED0A08141D-6B77BAD7B159B286-00
x-cache
TCP_MISS from a23-38-99-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing
inner; dur=53, cdn-cache; desc=MISS, edge; dur=17, origin; dur=151
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202312282207534189FA0CF4ED0A08141D
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
151,23.38.99.181
x-tt-trace-host
01176b51d7392c1fa000bd81347ecbc731c6479e4890ab6c70b06269a2c6197ad1b6adce42a4bf53d9242433ce4ecd5317356b3de5137fff473f218ade1d4c48c7b2df9b3c1fe7d8d3a41eeb71c482b5bf9caf3644b896018d356149722409ad66
access-control-allow-headers
Authorization,*
expires
Thu, 28 Dec 2023 22:07:54 GMT
pixel
analytics.tiktok.com/api/v2/ 		0
696 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.117 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-38-98-117.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.coveredca.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
3ca7a1b
date
Thu, 28 Dec 2023 22:07:54 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-231228220753BF0A2B108B98F5152064-4C28489802E7A34B-00
x-cache
TCP_MISS from a23-38-99-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing
inner; dur=59, cdn-cache; desc=MISS, edge; dur=5, origin; dur=164
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20231228220753BF0A2B108B98F5152064
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
164,23.38.99.181
x-tt-trace-host
01176b51d7392c1fa000bd81347ecbc731c6479e4890ab6c70b06269a2c6197ad1600118d2fc0f256f42422065cf2b8ed31c16a3bf6027811ea52c176024e0b70a60ac07f6123cefecec9cf86140eb8e5684fd9406bbeeb23fb2f86ae5cce02beb
access-control-allow-headers
Authorization,*
expires
Thu, 28 Dec 2023 22:07:54 GMT
tc.min.js
c1.rfihub.net/js/ Frame 0AAB 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1.rfihub.net/js/tc.min.js
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:4000:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Jetty(9.4.51.v20230217) /
Resource Hash
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://12509655.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 21:50:39 GMT
content-encoding
gzip
via
1.1 9a66d849010281b3877fd5f66dbb4720.cloudfront.net (CloudFront)
last-modified
Thu, 28 Dec 2023 21:50:29 GMT
server
Jetty(9.4.51.v20230217)
x-amz-cf-pop
VIE50-C2
age
1034
x-cache
Hit from cloudfront
content-type
application/x-javascript
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
public, max-age=3600
content-length
6162
x-amz-cf-id
4LKQMhHqXgOZuGQhhldAkdDzgbz6N_lCLHmpVOl9FyWKGm8IaX-oSg==
expires
Thu, 28 Dec 2023 22:50:39 GMT
p13n.min.js
cdn.boomtrain.com/p13n/coveredca/ Frame 0AAB 		92 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.boomtrain.com/p13n/coveredca/p13n.min.js
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.239.69.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-69-21.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7d514b2776b034d194ce1f77a6c378464e208007cc51e708fc6b26188fafcfcf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://12509655.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
wLKDJaO7hehKNdFTAixDHR4k7Bz4Smde
Content-Encoding
gzip
Via
1.1 b6b3214c2f1500227643824508cb5d1c.cloudfront.net (CloudFront)
Date
Thu, 28 Dec 2023 21:24:53 GMT
X-Amz-Cf-Pop
AMS58-P4
Age
2581
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 27 Dec 2023 02:50:44 GMT
Server
AmazonS3
ETag
W/"ee6187d29b51c08342f87dc6b9e2978f"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=3600
X-Amz-Cf-Id
BUceCqS3RPiqfapbBar8BKX6_RDSOd33Rxh3Aw6JI3XZSDlaU0nt6g==
clarity.js
www.clarity.ms/s/0.7.20/ 		60 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.20/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/27009950
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:53 GMT
content-encoding
br
last-modified
Wed, 13 Dec 2023 19:57:52 GMT
etag
W/"0x8DBFC15CAB825ED"
vary
Accept-Encoding
x-azure-ref
20231228T220753Z-fddpb6fqzx58tet1rgpkrvsp6c00000005t0000000002n66
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
a4648cbf-901e-0026-570a-3666c3000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
resolve
people.api.boomtrain.com/identify/ Frame 0AAB 		143 B
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e30sImV4dGVybmFsX2lkcyI6eyJ6eW5jIjoiMTQxNTNmMDgtNzA5NC00NTEzLWE2YzMtZmU3ZjgxYTlkYzllOjE3MDM4MDEyNzMuNzM2NTcwNCJ9fQ%3D%3D&site_id=coveredca
Requested by
Host: cdn.boomtrain.com
URL: https://cdn.boomtrain.com/p13n/coveredca/p13n.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.157.191.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-191-104.compute-1.amazonaws.com
Software
nginx /
Resource Hash
518e958fd70a9a6be94d72359a183d4ea93dab5bbe9e03459e2f7f4102ce0e57

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://12509655.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 28 Dec 2023 22:07:54 GMT
Server
nginx
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With,Content-Type,Authorization,x-app-id
Content-Length
143
core.min.js
dmp.datawrkz.com/pxl/core/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dmp.datawrkz.com/pxl/core/core.min.js
Requested by
Host: dmp.datawrkz.com
URL: https://dmp.datawrkz.com/pxl/193.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fd7a2685f5e5c7082acb32296f07c55b919194fc2b05a3c0f5382763d4bc04b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
bWv9rURgS4OOtoFGo.MBMjfSsqXQK9Vp
content-encoding
gzip
via
1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
date
Thu, 28 Dec 2023 21:58:37 GMT
last-modified
Fri, 15 Mar 2019 06:36:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
566
etag
W/"43a9577ea07f483fac54121ae8c929bc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
ZgcCfZYctKitR_OyytW3iUtskLR5YjsIOJaNj1eCzdcffSx7Z06DzQ==
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/622382053/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/622382053/?random=1703801273987&cv=11&fst=1703801273987&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F&hn=www.googleadservices.com&frm=0&auid=1464867358.1703801273&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-622382053
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
610ecd78756d7928372447748b544808b733f98053e96dfd352a225e21eb7337
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 22:07:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1245
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/347055986/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/347055986/?random=1703801273997&cv=11&fst=1703801273997&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F&hn=www.googleadservices.com&frm=0&auid=1464867358.1703801273&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-347055986
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
98f5c2247bc56fa784769ccc6671755943a9f0ac1bda1aab00c174100fc73829
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 22:07:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1247
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ca.html
20844008p.rfihub.com/ Frame EA85 		5 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://20844008p.rfihub.com/ca.html?ver=9&rb=39542&ca=20844008&_o=39542&_t=20844008&userid=14153f08-7094-4513-a6c3-fe7f81a9dc9e%3A1703801273.7365704&pe=https%3A%2F%2F12509655.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCI_3oa2Ss4MDFavWOwId6MgIWg%3Bsrc%3D12509655%3Btype%3Dcover00%3Bcat%3Ddc_cc0%3Bord%3D6005011502599%3Bauiddc%3D1464867358.1703801273%3Bgtm%3D45He3bt0v830981574%3Bgcd%3D11l1l1l1l1%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B%7Eoref%3Dhttps%253A%252F%252Fwww.coveredca.com%252Fhelp-on-demand%252F&pf=https%3A%2F%2F12509655.fls.doubleclick.net%2F&ra=0031109436747758235
Requested by
Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.0.160.131 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.4.51.v20230217) /
Resource Hash
ed3ee695147e26d5a7563a6f329769813939896fefa023cba46bb893f2d0265c

Request headers

Referer
https://12509655.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Content-Length
4926
Content-Type
text/html;charset=utf-8
Date
Thu, 28 Dec 2023 22:07:54 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
/
nodetracker.datawrkz.com/cookies/ 		18 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nodetracker.datawrkz.com/cookies/?tag_id=193&sid=6267728e-dcf7-4691-a343-db3f5d2818a9&ts=1703801274005&en=pageview&img=0&cru=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F&dru=&rd=0.6042410928774873&t=0
Requested by
Host: dmp.datawrkz.com
URL: https://dmp.datawrkz.com/pxl/core/core.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.94.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-94-188.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
16051b6c43c92acb43b3c29341c5114ddd1a6b065ae704eb7f814b1ae28290b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-response-time
1ms
date
Thu, 28 Dec 2023 22:07:54 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.coveredca.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
18
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/seg?add=23515109&t=1
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D23515109%26t%3D1
0
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D23515109%26t%3D1
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 22:07:54 GMT
an-x-request-uuid
bfee0344-c0e1-4ac5-8570-6dcc57d3c047
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
217.114.218.27; 217.114.218.27; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 28 Dec 2023 22:07:54 GMT
an-x-request-uuid
327f0702-3e99-47ed-ae8b-d1cebdf0289b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D23515109%26t%3D1
x-proxy-origin
217.114.218.27; 217.114.218.27; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/seg?add=23372391&t=1
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D23372391%26t%3D1
0
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D23372391%26t%3D1
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 22:07:54 GMT
an-x-request-uuid
2a50f638-ebf6-4962-865e-0989e07a4044
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
217.114.218.27; 217.114.218.27; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 28 Dec 2023 22:07:54 GMT
an-x-request-uuid
bf18f048-d9d9-4d98-8f31-8004569aea49
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D23372391%26t%3D1
x-proxy-origin
217.114.218.27; 217.114.218.27; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
event
bttrack.com/engagement/ Frame 0AAB 		0
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bttrack.com/engagement/event?input=%7B%22globalId%22%3A%2200000000-0000-0000-0000-000000000042%22%2C%22creativeId%22%3A%22%22%2C%22placementId%22%3A%22%22%2C%22goalId%22%3A%2215522%22%2C%22sessionId%22%3A%2206cd28c5-31f3-4adb-91bd-49ff429cea0c%22%2C%22parentPublisherId%22%3A%22%22%2C%22publisherId%22%3A%22%22%2C%22siteId%22%3A%22%22%2C%22commonId%22%3A%22%22%2C%22heartbeat%22%3A1%2C%22url%22%3A%22https%3A%2F%2F12509655.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCI_3oa2Ss4MDFavWOwId6MgIWg%3Bsrc%3D12509655%3Btype%3Dcover00%3Bcat%3Ddc_cc0%3Bord%3D6005011502599%3Bauiddc%3D1464867358.1703801273%3Bgtm%3D45He3bt0v830981574%3Bgcd%3D11l1l1l1l1%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.coveredca.com%252Fhelp-on-demand%252F%22%2C%22fingerprint%22%3A%22%22%2C%22fingerprintProvider%22%3A%22%22%7D
Requested by
Host: bttrack.com
URL: https://bttrack.com/engagement/js?goalId=15522&cb=1703801273659
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.132.33.69 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
NET-33-132-192.69.bidtellect.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://12509655.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-servername
Track003-iad
pragma
no-cache
date
Thu, 28 Dec 2023 22:06:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000;
content-type
text/plain
access-control-allow-origin
*
cache-control
private,no-cache
content-length
0
expires
-1
getpixels
bttrack.com/engagement/ Frame 0AAB 		0
42 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bttrack.com/engagement/getpixels?gid=15522
Requested by
Host: bttrack.com
URL: https://bttrack.com/engagement/js?goalId=15522&cb=1703801273659
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.132.33.69 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
NET-33-132-192.69.bidtellect.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://12509655.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-servername
Track002-iad
pragma
no-cache
date
Thu, 28 Dec 2023 22:06:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000;
content-type
text/html
access-control-allow-origin
*
cache-control
private,no-cache
content-length
0
expires
-1
collect
q.clarity.ms/ 		0
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://q.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.231.53.73 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.coveredca.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.coveredca.com
Date
Thu, 28 Dec 2023 22:07:54 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
act
analytics.tiktok.com/api/v2/pixel/ 		0
840 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.117 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-38-98-117.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.coveredca.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
19be1ac0.3ca7aca
date
Thu, 28 Dec 2023 22:07:54 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-231228220754698393BCA6CF4BADEE6C-6490555DB181C609-00
x-cache
TCP_MISS from a23-38-99-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time
187,23.38.99.181
server-timing
cdn-cache; desc=MISS, edge; dur=129, origin; dur=64, inner; dur=46
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20231228220754698393BCA6CF4BADEE6C
x-cache-remote
TCP_MISS from a23-220-106-16.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
64,23.220.106.16
x-tt-trace-host
01176b51d7392c1fa000bd81347ecbc731002c26da119b4e26813cee03a798eaf22b465e8daf47246c48a57051e7fafd4a0653e5a8b184d336b96b60cd9ee2e7ba5c856a5422c63ca47a21a15b10e453a81ecaa5053cefcedaede2758cddcb3c2d8c85435adb865c584281e0a35124aec4
access-control-allow-headers
Authorization,*
expires
Thu, 28 Dec 2023 22:07:54 GMT
/
www.google.com/pagead/1p-user-list/622382053/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/622382053/?random=1703801273987&cv=11&fst=1703800800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_tFxaZLKd21VCJjUJQLSO1ksZZyJXCGrfgB8NdT_27kTRJjWf&random=787813550&rmt_tld=0&ipr=y
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 22:07:54 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/622382053/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/622382053/?random=1703801273987&cv=11&fst=1703800800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_tFxaZLKd21VCJjUJQLSO1ksZZyJXCGrfgB8NdT_27kTRJjWf&random=787813550&rmt_tld=1&ipr=y
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 22:07:54 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/347055986/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/347055986/?random=1703801273997&cv=11&fst=1703800800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_fWn4WhBgx69-RFpAhubYxFdWORSdLUD3qNIGCZBrGNlJrGj4&random=543746492&rmt_tld=0&ipr=y
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 22:07:54 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/347055986/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/347055986/?random=1703801273997&cv=11&fst=1703800800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_fWn4WhBgx69-RFpAhubYxFdWORSdLUD3qNIGCZBrGNlJrGj4&random=543746492&rmt_tld=1&ipr=y
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 22:07:54 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
www.coveredca.com.json
script.crazyegg.com/pages/data-scripts/0116/4001/sampling/ 		160 B
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0116/4001/sampling/www.coveredca.com.json?t=473278
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/8ba07dcc278cb95cb008c6e507593ee9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3c6511713a76948fa966435907f36e2afbba906a7f30920d52adf8eeb1118e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:54 GMT
content-encoding
gzip
cf-cache-status
HIT
age
8337
ce-version
11.5.164
content-length
147
last-modified
Thu, 28 Dec 2023 19:48:57 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83cd1e6bd9f84d6a-FRA
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.coveredca.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 17:38:05 GMT
x-content-type-options
nosniff
age
275389
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Dec 2024 17:38:05 GMT
0
bat.bing.com/action/ 		0
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=27009950&tm=gtm002&Ver=2&mid=547ea31b-f9d1-4460-adc1-3ca0760eafb6&sid=8cae9a50a5cd11eea80787adb4a30641&vid=8cae8760a5cd11ee8302abbb68fbe286&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F&r=&lt=3575&evt=pageLoad&sv=1&rn=586561
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 28 Dec 2023 22:07:53 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 1616A0C1097B4C039FB079DD4C489ED3 Ref B: FRAEDGE1417 Ref C: 2023-12-28T22:07:54Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/action/ 		0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=343061643&tm=gtm002&Ver=2&mid=18cf28c6-94d9-4a96-8d9b-2423303dca63&sid=8cae9a50a5cd11eea80787adb4a30641&vid=8cae8760a5cd11ee8302abbb68fbe286&vids=0&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F&r=&lt=3575&evt=pageLoad&sv=1&rn=6121
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 28 Dec 2023 22:07:53 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 304EA7AFF6E24C559803ED9D649EADE0 Ref B: FRAEDGE1417 Ref C: 2023-12-28T22:07:54Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
healthcheck
pagestates-tracking.crazyegg.com/ 		19 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagestates-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/8ba07dcc278cb95cb008c6e507593ee9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.129.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-129-103.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 01:43:28 GMT
via
1.1 4d372e1de2b57074dc6d6ebb80786540.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG52-P4
age
8627067
x-cache
Hit from cloudfront
content-length
19
last-modified
Fri, 08 Jul 2022 22:25:51 GMT
server
AmazonS3
etag
"d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
accept-ranges
bytes
x-amz-cf-id
eDrtUjeY9MkAGHJPlcviRIUylqF2l6kG7JKU2FwGvlGvS8KaF3J8Fw==
healthcheck
assets-tracking.crazyegg.com/ 		19 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/8ba07dcc278cb95cb008c6e507593ee9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.18.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-18-97.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 04:00:49 GMT
via
1.1 e3175a7d38795328ac3444e1d56a9f4e.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P6
age
11383626
x-cache
Hit from cloudfront
content-length
19
last-modified
Fri, 08 Jul 2022 22:25:51 GMT
server
AmazonS3
etag
"d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
accept-ranges
bytes
x-amz-cf-id
Golp_M6154qnhNLvSwjcd_pVzcylO7eqwdXOOX072nz7l4DTP5ckfA==
e121dd29-c8b9-4add-97a6-d3d20d35efc5
https://www.coveredca.com/ 		45 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.coveredca.com/e121dd29-c8b9-4add-97a6-d3d20d35efc5
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
45
Content-Type
text/javascript
501709.gif
idsync.rlcdn.com/ Frame EA85
Redirect Chain
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5107433831810389095&referrer=https%3A%2F%2F12509655.fls.doubleclick.net%2F&forward=
  • https://p.rfihub.com/cm?pub=39342&in=0&userid=14153f08-7094-4513-a6c3-fe7f81a9dc9e%3A1703801273.7365704&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D14153f08-7094-4513-a6c3-fe7f81a...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5107433831810389095&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D14153f08-7094-4513-a6...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=14153f08-7094-4513-a6c3-fe7f81a9dc9e%3A1703801273.7365704&_=1703801274.3703842
0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/501709.gif?partner_uid=14153f08-7094-4513-a6c3-fe7f81a9dc9e%3A1703801273.7365704&_=1703801274.3703842
Requested by
Host: 12509655.fls.doubleclick.net
URL: https://12509655.fls.doubleclick.net/activityi;dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F?
Protocol
H3
Server
35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20844008p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:54 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

date
Thu, 28 Dec 2023 22:07:54 GMT
via
1.1 77c9addf0db376b3faacc5e07c320552.cloudfront.net (CloudFront)
server
lighttpd/1.4.69
x-amz-cf-pop
AMS58-P5
vary
Cookie
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
location
https://idsync.rlcdn.com/501709.gif?partner_uid=14153f08-7094-4513-a6c3-fe7f81a9dc9e%3A1703801273.7365704&_=1703801274.3703842
content-length
447
x-amz-cf-id
jNnubvmcoa8iJoNQnnn-cVOTH-gt3n7jItmK48SMYh6NMeYSsMEDWg==
501709.gif
idsync.rlcdn.com/ Frame EA85
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwNzQzMzgzMTgxMDM4OTA5NQ==&forward=
  • https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEAuDHEZUa5bZbPMeK0UqW0o&google_cver=1
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5107433831810389095&referrer={encSite}&forward=
  • https://p.rfihub.com/cm?pub=39342&in=0&userid=14153f08-7094-4513-a6c3-fe7f81a9dc9e%3A1703801273.7365704&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D14153f08-7094-4513-a6c3-fe7f81a...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5107433831810389095&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D14153f08-7094-4513-a6...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=14153f08-7094-4513-a6c3-fe7f81a9dc9e%3A1703801273.7365704&_=1703801274.5814714
0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/501709.gif?partner_uid=14153f08-7094-4513-a6c3-fe7f81a9dc9e%3A1703801273.7365704&_=1703801274.5814714
Requested by
Host: 12509655.fls.doubleclick.net
URL: https://12509655.fls.doubleclick.net/activityi;dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F?
Protocol
H3
Server
35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20844008p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:54 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

date
Thu, 28 Dec 2023 22:07:54 GMT
via
1.1 77c9addf0db376b3faacc5e07c320552.cloudfront.net (CloudFront)
server
lighttpd/1.4.69
x-amz-cf-pop
AMS58-P5
vary
Cookie
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
location
https://idsync.rlcdn.com/501709.gif?partner_uid=14153f08-7094-4513-a6c3-fe7f81a9dc9e%3A1703801273.7365704&_=1703801274.5814714
content-length
447
x-amz-cf-id
yl-SM4fdZx3WREQKALmNnxcSYQvNYHottjepxuRUHmPslnJTnfrJlQ==
setuid
ib.adnxs.com/ Frame EA85 		43 B
829 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=18&code=5107433831810389095
Requested by
Host: 12509655.fls.doubleclick.net
URL: https://12509655.fls.doubleclick.net/ddm/fls/r/dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20844008p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 22:07:54 GMT
an-x-request-uuid
e51a4d1b-bd2f-4b8d-8940-0b6bcf247ab4
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
217.114.218.27; 217.114.218.27; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
demconf.jpg
dpm.demdex.net/ Frame EA85
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5107433831810389095&redir=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5107433831810389095&redir=
42 B
718 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5107433831810389095&redir=
Requested by
Host: 12509655.fls.doubleclick.net
URL: https://12509655.fls.doubleclick.net/activityi;dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F?
Protocol
H2
Server
54.76.135.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-135-177.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20844008p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

dcs
dcs-prod-irl1-1-v054-0403cf5e4.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Thu, 28 Dec 2023 22:07:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
WMfM+9AYQaQ=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-irl1-2-v054-07d021e8c.edge-irl1.demdex.com 0 ms
pragma
no-cache
date
Thu, 28 Dec 2023 22:07:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
LR+FxJIcTPc=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5107433831810389095&redir=
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
Pug
image2.pubmatic.com/AdServer/ Frame EA85 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw==&piggybackCookie=5107433831810389095&r=
Requested by
Host: 12509655.fls.doubleclick.net
URL: https://12509655.fls.doubleclick.net/ddm/fls/r/dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20844008p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 28 Dec 2023 22:07:53 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sd
us-u.openx.net/w/1.0/ Frame EA85 		43 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073062&val=5107433831810389095&r=
Requested by
Host: 12509655.fls.doubleclick.net
URL: https://12509655.fls.doubleclick.net/ddm/fls/r/dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20844008p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 22:07:54 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
match
ps.eyeota.net/ Frame EA85
Redirect Chain
  • https://p.rfihub.com/cm?pub=24472&in=1
  • https://ps.eyeota.net/match?uid=5107433831810389095&bid=omt9pi0
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?uid=5107433831810389095&bid=omt9pi0
Requested by
Host: 12509655.fls.doubleclick.net
URL: https://12509655.fls.doubleclick.net/activityi;dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F?
Protocol
HTTP/1.1
Server
3.127.178.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-178-105.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20844008p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 28 Dec 2023 22:07:54 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location
https://ps.eyeota.net/match?uid=5107433831810389095&bid=omt9pi0
Date
Thu, 28 Dec 2023 22:07:54 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cksync.php
contextual.media.net/ Frame EA85 		57 B
619 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5107433831810389095
Requested by
Host: 12509655.fls.doubleclick.net
URL: https://12509655.fls.doubleclick.net/ddm/fls/r/dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.168.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20844008p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 28 Dec 2023 22:07:54 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Thu, 28 Dec 2023 22:07:54 GMT
/
bpi.rtactivate.com/tag/ Frame EA85 		43 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpi.rtactivate.com/tag/?id=11017&user_id=5107433831810389095
Requested by
Host: 12509655.fls.doubleclick.net
URL: https://12509655.fls.doubleclick.net/ddm/fls/r/dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.93.251.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-93-251-5.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20844008p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:54 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
rum
dsum-sec.casalemedia.com/ Frame EA85
Redirect Chain
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5107433831810389095&forward=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5107433831810389095&forward=&C=1
43 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5107433831810389095&forward=&C=1
Requested by
Host: 12509655.fls.doubleclick.net
URL: https://12509655.fls.doubleclick.net/activityi;dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F?
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20844008p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 22:07:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XPzHi097c7uw%2Fx%2FgswAPFnHJ4GpFqZqdPeNxRBVJGdqFnnrZdxfj54RQS9e744kl%2BoLScHyIrlQF27p8X8gLfwWGt%2BSt1sj17MX%2BYyfACGdkTyHEiC7Hd4x7bgdCIH11S1x8uyLoQLn9Hg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83cd1e6d0a3eaca4-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 28 Dec 2023 22:07:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XtqfJszRFPRHA3j3D6E7W4NNUzi0OvZBFKXbgsK7Z7ckIFn3AQi3TqaBZnGfg9vmWNi3XXBMQTLNCvIFBO3tGRcQ42WH61KpL%2BxwLNxO8ipfgn3VBR8T7tLeXVxX0BMaFaDv0q16oHxoMg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=57&external_user_id=5107433831810389095&forward=&C=1
cache-control
no-cache
cf-ray
83cd1e6ca98daca4-TXL
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
360947.gif
idsync.rlcdn.com/ Frame EA85 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/360947.gif?partner_uid=5107433831810389095
Requested by
Host: 12509655.fls.doubleclick.net
URL: https://12509655.fls.doubleclick.net/ddm/fls/r/dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20844008p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:54 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
rocketfuel_sync
x.dlx.addthis.com/e/ Frame EA85 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5107433831810389095
Requested by
Host: 12509655.fls.doubleclick.net
URL: https://12509655.fls.doubleclick.net/ddm/fls/r/dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.17.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-17-14.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20844008p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Thu, 28 Dec 2023 22:07:54 GMT
pragma
no-cache
date
Thu, 28 Dec 2023 22:07:54 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
43
content-type
image/gif
sync
partners.tremorhub.com/ Frame EA85 		43 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIRF=5107433831810389095&r=908CZlPTgHD2
Requested by
Host: 12509655.fls.doubleclick.net
URL: https://12509655.fls.doubleclick.net/ddm/fls/r/dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4264:a8a9:bffd:e62a:b1ff Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20844008p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Thu, 28 Dec 2023 22:07:54 GMT
server
nginx
content-type
image/gif
g.pixel
aa.agkn.com/adscores/ Frame EA85 		43 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5107433831810389095
Requested by
Host: 12509655.fls.doubleclick.net
URL: https://12509655.fls.doubleclick.net/ddm/fls/r/dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.216.96.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-216-96-95.eu-west-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20844008p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 22:07:54 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
expires
0
usermatch.gif
beacon.krxd.net/ Frame EA85 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5107433831810389095
Requested by
Host: 12509655.fls.doubleclick.net
URL: https://12509655.fls.doubleclick.net/ddm/fls/r/dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.65.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-65-247.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20844008p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-served-by
beacon-n009-dub-prod.krxd.net
date
Thu, 28 Dec 2023 22:07:54 GMT
cache-control
private, no-cache, no-store
x-request-time
D=57 t=1703801274
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
x.bidswitch.net/ Frame EA85 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=119&user_id=5107433831810389095&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}
Requested by
Host: 12509655.fls.doubleclick.net
URL: https://12509655.fls.doubleclick.net/ddm/fls/r/dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.85.13 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-85-13.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20844008p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
cm
p.rfihub.com/ Frame EA85
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZY3xugAKSYKsaAAM
  • https://p.rfihub.com/cm?in=1&pub=21653&userid=ZY3xugAKSYKsaAAM&_test=ZY3xugAKSYKsaAAM
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.rfihub.com/cm?in=1&pub=21653&userid=ZY3xugAKSYKsaAAM&_test=ZY3xugAKSYKsaAAM
Requested by
Host: 12509655.fls.doubleclick.net
URL: https://12509655.fls.doubleclick.net/activityi;dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F?
Protocol
HTTP/1.1
Server
193.0.160.131 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.4.51.v20230217) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20844008p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Date
Thu, 28 Dec 2023 22:07:54 GMT
Cache-Control
no-cache
Server
Jetty(9.4.51.v20230217)
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by
cache-cph2320035-CPH
pragma
no-cache
date
Thu, 28 Dec 2023 22:07:54 GMT
via
1.1 varnish
server
Varnish
x-timer
S1703801275.720313,VS0,VE0
x-cache
HIT
location
https://p.rfihub.com/cm?in=1&pub=21653&userid=ZY3xugAKSYKsaAAM&_test=ZY3xugAKSYKsaAAM
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
up
insight.adsrvr.org/track/ Frame 12C4 		0
59 B 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=7ridaaf&ref=https%3A%2F%2Fwww.coveredca.com%2F&upid=qphywyx&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://12509655.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
content-type
text/html
date
Thu, 28 Dec 2023 22:07:54 GMT
server
Kestrel
p
i.simpli.fi/ Frame 0AAB 		804 B
767 B 		Script
General
Check archive.org
Download Go to
Full URL
https://i.simpli.fi/p?cid=452773&cb=sifi_att_83020487513._hp
Requested by
Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/b331230a-99cd-4811-9d5f-052942f61038
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.234.162.151 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
151.162.234.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
f8d9cef44335caed73356f6054f37bd5d565bf11d94a7c3f6aa2d198ee60a706

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://12509655.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 22:07:54 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
s.ad.smaato.net/c/ Frame 0AAB
Redirect Chain
  • https://um.simpli.fi/smaato
  • https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=DDC46E876A8D463393F2A4A8CF91602B
0
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=DDC46E876A8D463393F2A4A8CF91602B
Requested by
Host: 12509655.fls.doubleclick.net
URL: https://12509655.fls.doubleclick.net/activityi;dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F?
Protocol
H2
Server
2600:9000:2190:bc00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://12509655.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:54 GMT
cache-control
no-cache, must-revalidate
via
1.1 d92debab8d9ca0518390aebaec8733a6.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
LqaD42vzPPLMrbh-UNAoocrqypgxP04oTprdBtzjeHp1SuJLZgsuWQ==
x-cache
Miss from cloudfront

Redirect headers

date
Thu, 28 Dec 2023 22:07:54 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=DDC46E876A8D463393F2A4A8CF91602B
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 27 Dec 2023 22:07:54 GMT
RX-8d610539-e3ce-4de3-9f32-378587f67786-003
sync.targeting.unrulymedia.com/csync/ Frame 0AAB
Redirect Chain
  • https://um.simpli.fi/nexxen
  • https://sync.1rx.io/usersync/simplifi/DDC46E876A8D463393F2A4A8CF91602B
  • https://sync.1rx.io/usersync/simplifi/DDC46E876A8D463393F2A4A8CF91602B?zcc=1&cb=1703801274636
  • https://sync.targeting.unrulymedia.com/csync/RX-8d610539-e3ce-4de3-9f32-378587f67786-003
43 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-8d610539-e3ce-4de3-9f32-378587f67786-003
Requested by
Host: 12509655.fls.doubleclick.net
URL: https://12509655.fls.doubleclick.net/activityi;dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F?
Protocol
H2
Server
46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://12509655.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:55 GMT
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-8d610539-e3ce-4de3-9f32-378587f67786-003
pragma
no-cache
date
Thu, 28 Dec 2023 22:07:54 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
content-type
text/html
xuid
eb2.3lift.com/ Frame 0AAB
Redirect Chain
  • https://um.simpli.fi/triplelift
  • https://eb2.3lift.com/xuid?mid=7969&xuid=DDC46E876A8D463393F2A4A8CF91602B&dongle=yf3
37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7969&xuid=DDC46E876A8D463393F2A4A8CF91602B&dongle=yf3
Requested by
Host: 12509655.fls.doubleclick.net
URL: https://12509655.fls.doubleclick.net/activityi;dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F?
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://12509655.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

date
Thu, 28 Dec 2023 22:07:54 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://eb2.3lift.com/xuid?mid=7969&xuid=DDC46E876A8D463393F2A4A8CF91602B&dongle=yf3
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 27 Dec 2023 22:07:54 GMT
sync
simplifi.partners.tremorhub.com/ Frame 0AAB
Redirect Chain
  • https://um.simpli.fi/telaria_p
  • https://simplifi.partners.tremorhub.com/sync?UISF=DDC46E876A8D463393F2A4A8CF91602B
43 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simplifi.partners.tremorhub.com/sync?UISF=DDC46E876A8D463393F2A4A8CF91602B
Requested by
Host: 12509655.fls.doubleclick.net
URL: https://12509655.fls.doubleclick.net/activityi;dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F?
Protocol
H2
Server
2600:1f18:612b:4232:b6ba:e8dd:58dc:4af0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://12509655.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Thu, 28 Dec 2023 22:07:54 GMT
server
nginx
content-type
image/gif

Redirect headers

date
Thu, 28 Dec 2023 22:07:54 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://simplifi.partners.tremorhub.com/sync?UISF=DDC46E876A8D463393F2A4A8CF91602B
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 27 Dec 2023 22:07:54 GMT
check
pixel.tapad.com/idsync/ex/receive/ Frame 0AAB
Redirect Chain
  • https://um.simpli.fi/tapad
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=DDC46E876A8D463393F2A4A8CF91602B
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=DDC46E876A8D463393F2A4A8CF91602B
95 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=DDC46E876A8D463393F2A4A8CF91602B
Requested by
Host: 12509655.fls.doubleclick.net
URL: https://12509655.fls.doubleclick.net/activityi;dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F?
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://12509655.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:54 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Thu, 28 Dec 2023 22:07:54 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=DDC46E876A8D463393F2A4A8CF91602B
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
empty.gif
um.simpli.fi/ Frame 0AAB
Redirect Chain
  • https://um.simpli.fi/ad_advisor
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=DDC46E876A8D463393F2A4A8CF91602B
  • https://d.agkn.com/pixel/10751/?che=1703801274542&ip=217.114.218.27&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D219403204744005051196
  • https://um.simpli.fi/aa_px?sk=219403204744005051196
  • https://um.simpli.fi/empty.gif
43 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/empty.gif
Requested by
Host: 12509655.fls.doubleclick.net
URL: https://12509655.fls.doubleclick.net/activityi;dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F?
Protocol
H2
Server
34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.62.91.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://12509655.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:54 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43

Redirect headers

date
Thu, 28 Dec 2023 22:07:54 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
/empty.gif
access-control-allow-origin
*
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 0AAB
Redirect Chain
  • https://um.simpli.fi/intentiq
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=DDC46E876A8D463393F2A4A8CF91602B
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=DDC46E876A8D463393F2A4A8CF91602B
Requested by
Host: 12509655.fls.doubleclick.net
URL: https://12509655.fls.doubleclick.net/activityi;dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F?
Protocol
H2
Server
18.239.69.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-69-99.ams58.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://12509655.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Redirect headers

date
Thu, 28 Dec 2023 22:07:54 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=DDC46E876A8D463393F2A4A8CF91602B
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 27 Dec 2023 22:07:54 GMT
pubmatic
um.simpli.fi/ Frame 0AAB 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic
Requested by
Host: 12509655.fls.doubleclick.net
URL: https://12509655.fls.doubleclick.net/activityi;dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.62.91.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://12509655.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:54 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 27 Dec 2023 22:07:54 GMT
freewheel
um.simpli.fi/ Frame 0AAB 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/freewheel
Requested by
Host: 12509655.fls.doubleclick.net
URL: https://12509655.fls.doubleclick.net/activityi;dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.62.91.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://12509655.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:54 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 27 Dec 2023 22:07:54 GMT
engine
pbid.pro-market.net/ Frame 0AAB
Redirect Chain
  • https://um.simpli.fi/dtnx
  • https://fei.pro-market.net/engine?du=24;csync=DDC46E876A8D463393F2A4A8CF91602B;mimetype=img;
  • https://fei.pro-market.net/engine?du=24;csync=DDC46E876A8D463393F2A4A8CF91602B;mimetype=img;sr
  • https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=LTI4MTY4MDEzNjU2NTgyODQ4ODE=
  • https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEE6ko5KMwciegNQ1Pi9cfa8&google_cver=1
43 B
382 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEE6ko5KMwciegNQ1Pi9cfa8&google_cver=1
Requested by
Host: 12509655.fls.doubleclick.net
URL: https://12509655.fls.doubleclick.net/activityi;dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F?
Protocol
H2
Server
2600:1901:0:8eee:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://12509655.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 22:07:54 GMT
via
1.1 google
server
Apache-Coyote/1.1
anserver
gapp-eu-5.c.datonics-gcp-01.internal
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
43
expires
Mon, 1 Jan 1990 0:0:0 GMT

Redirect headers

pragma
no-cache
date
Thu, 28 Dec 2023 22:07:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEE6ko5KMwciegNQ1Pi9cfa8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
315
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
loadm.exelator.com/load/ Frame 0AAB
Redirect Chain
  • https://um.simpli.fi/exelatem
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=DDC46E876A8D463393F2A4A8CF91602B&j=0
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=DDC46E876A8D463393F2A4A8CF91602B&j=0&xl8blockcheck=1
0
771 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=2191&simid=DDC46E876A8D463393F2A4A8CF91602B&j=0&xl8blockcheck=1
Requested by
Host: 12509655.fls.doubleclick.net
URL: https://12509655.fls.doubleclick.net/activityi;dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F?
Protocol
H2
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://12509655.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:54 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Thu, 28 Dec 2023 22:07:54 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loadm.exelator.com/load/?p=204&g=2191&simid=DDC46E876A8D463393F2A4A8CF91602B&j=0&xl8blockcheck=1
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
yahoo
um.simpli.fi/ Frame 0AAB 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/yahoo
Requested by
Host: 12509655.fls.doubleclick.net
URL: https://12509655.fls.doubleclick.net/activityi;dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.62.91.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://12509655.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:54 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 27 Dec 2023 22:07:54 GMT
sync
sync.bfmio.com/ Frame 0AAB
Redirect Chain
  • https://um.simpli.fi/beachfront
  • https://sync.bfmio.com/sync?pid=141&uid=DDC46E876A8D463393F2A4A8CF91602B
0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=141&uid=DDC46E876A8D463393F2A4A8CF91602B
Requested by
Host: 12509655.fls.doubleclick.net
URL: https://12509655.fls.doubleclick.net/activityi;dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F?
Protocol
HTTP/1.1
Server
52.23.26.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-26-141.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://12509655.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Connection
keep-alive
Date
Thu, 28 Dec 2023 22:07:54 GMT

Redirect headers

date
Thu, 28 Dec 2023 22:07:54 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://sync.bfmio.com/sync?pid=141&uid=DDC46E876A8D463393F2A4A8CF91602B
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 27 Dec 2023 22:07:54 GMT
29931
stags.bluekai.com/site/ Frame 0AAB
Redirect Chain
  • https://um.simpli.fi/bluekai
  • https://stags.bluekai.com/site/29931?id=DDC46E876A8D463393F2A4A8CF91602B
62 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/29931?id=DDC46E876A8D463393F2A4A8CF91602B
Requested by
Host: 12509655.fls.doubleclick.net
URL: https://12509655.fls.doubleclick.net/activityi;dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F?
Protocol
H2
Server
184.30.17.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-17-14.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://12509655.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Thu, 28 Dec 2023 22:07:54 GMT
content-length
62
content-type
image/gif

Redirect headers

date
Thu, 28 Dec 2023 22:07:54 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://stags.bluekai.com/site/29931?id=DDC46E876A8D463393F2A4A8CF91602B
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 27 Dec 2023 22:07:54 GMT
tpid=DDC46E876A8D463393F2A4A8CF91602B
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/ Frame 0AAB
Redirect Chain
  • https://um.simpli.fi/crwdcntrl
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=DDC46E876A8D463393F2A4A8CF91602B
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=DDC46E876A8D463393F2A4A8CF91602B
Requested by
Host: 12509655.fls.doubleclick.net
URL: https://12509655.fls.doubleclick.net/activityi;dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F?
Protocol
H2
Server
63.32.40.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-40-40.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://12509655.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 22:07:54 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.15.92
content-length
49
expires
0

Redirect headers

date
Thu, 28 Dec 2023 22:07:54 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=DDC46E876A8D463393F2A4A8CF91602B
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 27 Dec 2023 22:07:54 GMT
merge
ce.lijit.com/ Frame 0AAB
Redirect Chain
  • https://um.simpli.fi/lj_match
  • https://ce.lijit.com/merge?pid=2&3pid=DDC46E876A8D463393F2A4A8CF91602B
0
311 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=DDC46E876A8D463393F2A4A8CF91602B
Requested by
Host: 12509655.fls.doubleclick.net
URL: https://12509655.fls.doubleclick.net/activityi;dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F?
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://12509655.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Expires
Fri, 20 Mar 2009 00:00:00 GMT
Pragma
no-cache
Date
Thu, 28 Dec 2023 22:07:54 GMT
X-MERGE
GDPR Optout true
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
P3P
CP="CUR ADM OUR NOR STA NID"

Redirect headers

date
Thu, 28 Dec 2023 22:07:54 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=DDC46E876A8D463393F2A4A8CF91602B
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 27 Dec 2023 22:07:54 GMT
419566.gif
idsync.rlcdn.com/ Frame 0AAB
Redirect Chain
  • https://um.simpli.fi/liveramp_match
  • https://idsync.rlcdn.com/419566.gif?partner_uid=DDC46E876A8D463393F2A4A8CF91602B
0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/419566.gif?partner_uid=DDC46E876A8D463393F2A4A8CF91602B
Requested by
Host: 12509655.fls.doubleclick.net
URL: https://12509655.fls.doubleclick.net/activityi;dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F?
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://12509655.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:54 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

date
Thu, 28 Dec 2023 22:07:54 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://idsync.rlcdn.com/419566.gif?partner_uid=DDC46E876A8D463393F2A4A8CF91602B
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 27 Dec 2023 22:07:54 GMT
/
www.google.de/pagead/1p-conversion/1026675585/ Frame 0AAB
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1703801274307&cv=7&fst=1703801274307&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=982546561&cv=7&fst=1703801274307&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&ocp_id=u...
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=982546561&cv=7&fst=1703801274307&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIrJznrZ...
  • https://www.google.de/pagead/1p-conversion/1026675585/?random=982546561&cv=7&fst=1703801274307&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIrJznrZK...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/1026675585/?random=982546561&cv=7&fst=1703801274307&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIrJznrZKzgwMVVU0eAh3zTgTf&is_vtc=1&ocp_id=uvGNZazXFdWa-cAP852R-A0&cid=CAQSKQAvHhf_wL61Zy5DmQ0qlsmcOnHYoOA6q4PizEL07m6J1ditUUVQo_VB&random=1548798560&ipr=y
Requested by
Host: 12509655.fls.doubleclick.net
URL: https://12509655.fls.doubleclick.net/activityi;dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F?
Protocol
H3
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://12509655.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 22:07:54 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 28 Dec 2023 22:07:54 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/1026675585/?random=982546561&cv=7&fst=1703801274307&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIrJznrZKzgwMVVU0eAh3zTgTf&is_vtc=1&ocp_id=uvGNZazXFdWa-cAP852R-A0&cid=CAQSKQAvHhf_wL61Zy5DmQ0qlsmcOnHYoOA6q4PizEL07m6J1ditUUVQo_VB&random=1548798560&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
spotx_match
um.simpli.fi/ Frame 0AAB 		0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/spotx_match
Requested by
Host: 12509655.fls.doubleclick.net
URL: https://12509655.fls.doubleclick.net/activityi;dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.62.91.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://12509655.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 28 Dec 2023 22:07:54 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
setuid
ib.adnxs.com/ Frame 0AAB
Redirect Chain
  • https://um.simpli.fi/an
  • https://ib.adnxs.com/setuid?entity=66&code=DDC46E876A8D463393F2A4A8CF91602B
43 B
881 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=66&code=DDC46E876A8D463393F2A4A8CF91602B
Requested by
Host: 12509655.fls.doubleclick.net
URL: https://12509655.fls.doubleclick.net/activityi;dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F?
Protocol
H2
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://12509655.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 22:07:54 GMT
an-x-request-uuid
f72c973f-6612-4c02-9663-f6c829478af0
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
217.114.218.27; 217.114.218.27; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

date
Thu, 28 Dec 2023 22:07:54 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ib.adnxs.com/setuid?entity=66&code=DDC46E876A8D463393F2A4A8CF91602B
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 27 Dec 2023 22:07:54 GMT
tap.php
pixel.rubiconproject.com/ Frame 0AAB
Redirect Chain
  • https://um.simpli.fi/rb_match
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=DDC46E876A8D463393F2A4A8CF91602B&expires=365
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=DDC46E876A8D463393F2A4A8CF91602B&expires=365
Requested by
Host: 12509655.fls.doubleclick.net
URL: https://12509655.fls.doubleclick.net/activityi;dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F?
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://12509655.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
e06182bf224d96e6550f4595601cdb0b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 28 Dec 2023 22:07:54 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=DDC46E876A8D463393F2A4A8CF91602B&expires=365
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 27 Dec 2023 22:07:54 GMT
sd
us-u.openx.net/w/1.0/ Frame 0AAB
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=DDC46E876A8D463393F2A4A8CF91602B
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072966&val=DDC46E876A8D463393F2A4A8CF91602B
Requested by
Host: 12509655.fls.doubleclick.net
URL: https://12509655.fls.doubleclick.net/activityi;dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F?
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://12509655.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 22:07:54 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Thu, 28 Dec 2023 22:07:54 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://us-u.openx.net/w/1.0/sd?id=537072966&val=DDC46E876A8D463393F2A4A8CF91602B
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 27 Dec 2023 22:07:54 GMT
g_match
um.simpli.fi/ Frame 0AAB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
  • https://um.simpli.fi/g_match?id=&google_gid=CAESEGUxJNdl_NG0fb_-wa_SKOU&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DDC46E876A8D463393F2A4A8CF91602B
  • https://um.simpli.fi/g_match?id=
0
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/g_match?id=
Requested by
Host: 12509655.fls.doubleclick.net
URL: https://12509655.fls.doubleclick.net/activityi;dc_pre=CI_3oa2Ss4MDFavWOwId6MgIWg;src=12509655;type=cover00;cat=dc_cc0;ord=6005011502599;auiddc=1464867358.1703801273;gtm=45He3bt0v830981574;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F?
Protocol
H2
Server
34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.62.91.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://12509655.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:54 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Wed, 27 Dec 2023 22:07:54 GMT

Redirect headers

pragma
no-cache
date
Thu, 28 Dec 2023 22:07:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://um.simpli.fi/g_match?id=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
229
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
clock
tracking.crazyegg.com/ 		30 B
137 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tracking.crazyegg.com/clock?t=1703801274364&tk=0c1a7c6b605109034902efb75066f68a&s=417590&p=%2Fhelp-on-demand%2F&u=1164001&v=9630181fbfef648c8a08db132862d306d9704133&f=coveredca.com%2Fhelp-on-demand&ul=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/8ba07dcc278cb95cb008c6e507593ee9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.236.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-236-211.eu-west-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
c99ddcc8af7e58589a2daefbf220c920b11a6a4e56707a03ff1abc43c5cd75a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 28 Dec 2023 22:07:54 GMT
cache-control
no-store
server
awselb/2.0
content-length
30
content-type
text/plain
/
nodetracker.datawrkz.com/cookies/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fnodetracker.datawrkz.com%2Fcookies%2F%3Ftag_id%3D193%26sid%3D6267728e-dcf7-4691-a343-db3f5d2818a9%26ts%3D1703801274005%26en%3Dapnxsync%26ev%3D%24UID%26...
  • https://nodetracker.datawrkz.com/cookies/?tag_id=193&sid=6267728e-dcf7-4691-a343-db3f5d2818a9&ts=1703801274005&en=apnxsync&ev=551808324852305401&img=0&cru=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-...
18 B
324 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nodetracker.datawrkz.com/cookies/?tag_id=193&sid=6267728e-dcf7-4691-a343-db3f5d2818a9&ts=1703801274005&en=apnxsync&ev=551808324852305401&img=0&cru=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F&dru=&rd=0.5268279954529951&t=0
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
H2
Server
34.226.94.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-94-188.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
16051b6c43c92acb43b3c29341c5114ddd1a6b065ae704eb7f814b1ae28290b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-response-time
1ms
date
Thu, 28 Dec 2023 22:07:54 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.coveredca.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
18

Redirect headers

pragma
no-cache
date
Thu, 28 Dec 2023 22:07:54 GMT
an-x-request-uuid
9c151dd6-c1d2-45dd-bbcb-357e1eb2febe
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.coveredca.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://nodetracker.datawrkz.com/cookies/?tag_id=193&sid=6267728e-dcf7-4691-a343-db3f5d2818a9&ts=1703801274005&en=apnxsync&ev=551808324852305401&img=0&cru=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F&dru=&rd=0.5268279954529951&t=0
x-proxy-origin
217.114.218.27; 217.114.218.27; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
track
events.api.boomtrain.com/event/ Frame 0AAB 		2 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.api.boomtrain.com/event/track
Requested by
Host: cdn.boomtrain.com
URL: https://cdn.boomtrain.com/p13n/coveredca/p13n.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.168.223.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-168-223-66.compute-1.amazonaws.com
Software
nginx /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://12509655.fls.doubleclick.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Thu, 28 Dec 2023 22:07:54 GMT
server
nginx
access-control-allow-headers
X-Requested-With, Content-Type, Authorization, x-app-id
content-length
2
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
text/plain
781bc412f56e01faa636bd8b5d50f169.js
script.crazyegg.com/pages/versioned/tracking-scripts/ 		94 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/tracking-scripts/781bc412f56e01faa636bd8b5d50f169.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0116/4001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
678c0bf2781144577d5db7cf03a4fa016b90e1d22d2a0249e3ed88b20a9fdf98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:54 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 22 Dec 2023 11:44:13 GMT
server
cloudflare
age
555412
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83cd1e6dfdd53aa0-FRA
content-length
30686
d9b6b28e3d84db3e4c966a5cf73af402.js
script.crazyegg.com/pages/versioned/trackingpagestate-scripts/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/trackingpagestate-scripts/d9b6b28e3d84db3e4c966a5cf73af402.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0116/4001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86f2855487ee0f2a026de07b800d0a191f2d66723011cf5e7bddea4669037b33

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:54 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 22 Dec 2023 11:44:16 GMT
server
cloudflare
age
555412
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83cd1e6dfde13aa0-FRA
content-length
8025
9d3c7eb7-e7df-47e6-a887-b84364244273
https://www.coveredca.com/ 		241 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.coveredca.com/9d3c7eb7-e7df-47e6-a887-b84364244273
Requested by
Host: www.coveredca.com
URL: https://www.coveredca.com/help-on-demand/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7bb2a9b0b57103bb573bb91e43ef305d3b9fe7bf80a61adf26234f17bc32c5f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
241
Content-Type
text/javascript
index.js
script.crazyegg.com/scripts/addons/1.0.106/ 		897 B
633 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/scripts/addons/1.0.106/index.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0116/4001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9598e291a1015e2151d3a0a9b0623b1f1e5e614186cb867ffb39dd79ca44385a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:54 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 15 Dec 2023 17:28:06 GMT
server
cloudflare
age
555405
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
cf-ray
83cd1e6e3e4e3aa0-FRA
expires
Fri, 27 Dec 2024 22:07:54 GMT
e1135c7f31a16440d5fc9944b7402d81.js
script.crazyegg.com/scripts/addons/thirdparty/ 		325 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/scripts/addons/thirdparty/e1135c7f31a16440d5fc9944b7402d81.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0116/4001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
850b42447426e232e97c525df9bc3ac34a1c18d888c70b771d400306bfa4b954

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:54 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 15 Dec 2023 17:28:06 GMT
server
cloudflare
age
555404
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
cf-ray
83cd1e6e7e903aa0-FRA
expires
Fri, 27 Dec 2024 22:07:54 GMT
survey.js
script.crazyegg.com/scripts/addons/1.0.106/ 		259 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/scripts/addons/1.0.106/survey.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0116/4001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d630bb4d6354fcacbcf1a06ef90f381c724ca1198865939efab101e9f9c8df4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:07:54 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 15 Dec 2023 17:28:06 GMT
server
cloudflare
age
555404
cf-polished
origSize=265204
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
cf-ray
83cd1e6eef0e3aa0-FRA
expires
Fri, 27 Dec 2024 22:07:54 GMT
pstats.html
a.rfihub.com/ Frame FC94 		26 B
1011 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.rfihub.com/pstats.html?rb=39542&ca=20844008&ri=d1602faa32b8e610d94913a38f995a59&stats=%7B%2213488%22%3A%22659%2C2%22%2C%2217243%22%3A%2234%2C1%22%2C%2242261%22%3A%2283%2C1%22%2C%2250495%22%3A%22307%2C1%22%2C%2252220%22%3A%22168%2C1%22%2C%2253935%22%3A%22194%2C1%22%2C%2254497%22%3A%22285%2C1%22%2C%2254855%22%3A%22153%2C2%22%2C%2254863%22%3A%22447%2C1%22%2C%2255073%22%3A%2299%2C2%22%2C%2256659%22%3A%22241%2C1%22%2C%2256885%22%3A%22254%2C2%22%2C%2257347%22%3A%22289%2C2%22%2C%2257363%22%3A%22490%2C1%22%2C%2258143%22%3A%22142%2C1%22%2C%2258553%22%3A%22402%2C2%22%2C%2258561%22%3A%22434%2C1%22%7D&ra=16696501073607206
Requested by
Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.0.160.131 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.4.51.v20230217) /
Resource Hash
f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623

Request headers

Referer
https://12509655.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
26
Content-Type
text/html;charset=iso-8859-1
Date
Thu, 28 Dec 2023 22:07:54 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=691194A560C842D2A7E5EBBB27C4DE06&RedC=c.clarity.ms&MXFR=35B672FE8DBC6ADC28AD610B89BC64E0
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=691194A560C842D2A7E5EBBB27C4DE06&MUID=2E61F9B2BADC6EC91A49EA47BBB76F11
42 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=691194A560C842D2A7E5EBBB27C4DE06&MUID=2E61F9B2BADC6EC91A49EA47BBB76F11
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 22:07:54 GMT
last-modified
Tue, 12 Dec 2023 19:03:29 GMT
server
Microsoft-IIS/10.0
etag
"e8d91e42d2dda1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 28 Dec 2023 22:07:54 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 8FAA56657E70456692F5A9CA69304251 Ref B: FRAEDGE1417 Ref C: 2023-12-28T22:07:55Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=691194A560C842D2A7E5EBBB27C4DE06&MUID=2E61F9B2BADC6EC91A49EA47BBB76F11
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
collect
q.clarity.ms/ 		0
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://q.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.231.53.73 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.coveredca.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.coveredca.com
Date
Thu, 28 Dec 2023 22:07:55 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-2JX33V4D57&gtm=45je3bt0v890224910&_p=1703801272874&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=916369582.1703801273&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1703801273&sct=1&seg=0&dl=https%3A%2F%2Fwww.coveredca.com%2Fhelp-on-demand%2F&dt=&en=scroll&epn.percent_scrolled=90&_et=3&tfd=7512
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2JX33V4D57&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coveredca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 22:07:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.coveredca.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event
bttrack.com/engagement/ Frame 0AAB 		0
46 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bttrack.com/engagement/event?input=%7B%22globalId%22%3A%2200000000-0000-0000-0000-000000000042%22%2C%22creativeId%22%3A%22%22%2C%22placementId%22%3A%22%22%2C%22goalId%22%3A%2215522%22%2C%22sessionId%22%3A%2206cd28c5-31f3-4adb-91bd-49ff429cea0c%22%2C%22parentPublisherId%22%3A%22%22%2C%22publisherId%22%3A%22%22%2C%22siteId%22%3A%22%22%2C%22commonId%22%3A%22%22%2C%22heartbeat%22%3A2%2C%22url%22%3A%22https%3A%2F%2F12509655.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCI_3oa2Ss4MDFavWOwId6MgIWg%3Bsrc%3D12509655%3Btype%3Dcover00%3Bcat%3Ddc_cc0%3Bord%3D6005011502599%3Bauiddc%3D1464867358.1703801273%3Bgtm%3D45He3bt0v830981574%3Bgcd%3D11l1l1l1l1%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.coveredca.com%252Fhelp-on-demand%252F%22%2C%22fingerprint%22%3A%22%22%2C%22fingerprintProvider%22%3A%22%22%7D
Requested by
Host: bttrack.com
URL: https://bttrack.com/engagement/js?goalId=15522&cb=1703801273659
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.132.33.69 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
NET-33-132-192.69.bidtellect.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://12509655.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-servername
Track002-iad
pragma
no-cache
date
Thu, 28 Dec 2023 22:06:58 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000;
content-type
text/plain
access-control-allow-origin
*
cache-control
private,no-cache
content-length
0
expires
-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.coveredca.com
URL
https://www.coveredca.com/cici-assets/static/css/main.497083da.chunk.css.map
Domain
www.coveredca.com
URL
https://www.coveredca.com/cici-assets/static/css/main.497083da.chunk.css.map

Verdicts & Comments Add Verdict or Comment

125 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| documentPictureInPicture object| dataLayer object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| GoogleAnalyticsObject function| ga object| GooglebQhCsO function| fbq function| _fbq string| _linkedin_partner_id object| _linkedin_data_partner_ids function| twq string| adroll_adv_id string| adroll_pix_id string| adroll_version boolean| __adroll_loaded object| adroll function| aap function| acuityPiggybackCallback object| acuityAdsEventQueue function| saq function| _saq object| _tvq string| TiktokAnalyticsObject object| ttq function| $ function| jQuery function| Popper object| bootstrap function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData function| UET function| UET_init function| UET_push object| ueto_7fadd96bd0 object| uetq1 object| ueto_3279a6ca7a object| uetq2 boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_SITE_DATA_URL string| CE_USER_DATA_URL function| lintrk boolean| _already_called_lintrk object| regeneratorRuntime object| twttr string| CE_USER_COMMON_SCRIPT_URL string| CE_USER_THIRDPARTY_SCRIPT_URL function| clearImmediate function| setImmediate function| setUpListenersForMainNav function| documentClickHandlerForMainNavbar function| closeNavbar function| isNavbarOpen function| isElementInsideOfMainNavbar function| activateNavItem function| pathIsGetStarted function| pathIsHealth function| pathIsDental function| pathIsVision function| pathIsSupport function| deactivateNavItems function| __adroll__ string| adroll_sid object| __adroll boolean| adroll_sendrolling_cross_device object| adroll_form_fields object| adroll_third_party_forms object| adroll_third_party_detected object| adroll_snippet_errors function| adroll_tpc_callback object| webpackChunkCE2 object| CE2BH function| CE_URL_FINGERPRINT object| CE_API function| acuityParseResponse object| __adroll_consent_data function| setWindowWidthClass function| shouldSuppressLeadCapture function| doesPageLoadAffordabilityTool function| isEmployeeCoveragePage function| isAgentFinderTool object| res object| saCookies string| current_window_url_param function| getEventDetailsFromClassCampaignMap function| pushClickEventToDataLayer object| JSON2 object| TV2Track object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks function| clarity object| clarityuetq boolean| connectLocal number| tagId object| helpers string| currentURL function| startProcessing function| gtag object| webpackJsonp object| WebChat object| SpeechSDK object| adroll_exp_list boolean| __adroll_consent boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country string| __adroll_consent_adv_country function| updateShopAndCompareLinks object| ORIBILI

88 Cookies

Domain/Path Name / Value
.coveredca.com/ Name: _gcl_au
Value: 1.1.1464867358.1703801273
.coveredca.com/ Name: _ga_2JX33V4D57
Value: GS1.1.1703801273.1.0.1703801273.60.0.0
.coveredca.com/ Name: _ga
Value: GA1.2.916369582.1703801273
.coveredca.com/ Name: _gid
Value: GA1.2.1025571037.1703801273
.coveredca.com/ Name: _gat_UA-39926152-1
Value: 1
.w55c.net/ Name: wfivefivec
Value: BwQjnMNR1RiYxH2
.coveredca.com/ Name: _fbp
Value: fb.1.1703801273310.934052432
tags.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-d083687b-9270-573f-5ceb-203268d2ac2c.yVX0NuDnwGO6rZAerbWC%2F30tiI8jtvJqu%2FWwaSuy8xQ
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-d083687b-9270-573f-5ceb-203268d2ac2c.yVX0NuDnwGO6rZAerbWC%2F30tiI8jtvJqu%2FWwaSuy8xQ
tags.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A0INoe5JwVz9c6yAyaNKsLNly2hs.8omT8wW5eQ%2BUKcfhcsm59I3rK2UsGLto8rDcuyB7g9A
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A0INoe5JwVz9c6yAyaNKsLNly2hs.8omT8wW5eQ%2BUKcfhcsm59I3rK2UsGLto8rDcuyB7g9A
tags.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIAHdrdrnKhTL6x10ojWX_x2eEetS1eWMyOQxsMRVvNPgEHwYBCC547esBjABOgQ8w7t9QgRjsjyt.kSIeJhe4bdeRDnHJuBf%2BJoqneyOa0UGw0pK%2FvQdiEO8
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIAHdrdrnKhTL6x10ojWX_x2eEetS1eWMyOQxsMRVvNPgEHwYBCC547esBjABOgQ8w7t9QgRjsjyt.kSIeJhe4bdeRDnHJuBf%2BJoqneyOa0UGw0pK%2FvQdiEO8
www.coveredca.com/ Name: sa-user-id
Value: s%253A0-d083687b-9270-573f-5ceb-203268d2ac2c.yVX0NuDnwGO6rZAerbWC%252F30tiI8jtvJqu%252FWwaSuy8xQ
www.coveredca.com/ Name: sa-user-id-v2
Value: s%253A0INoe5JwVz9c6yAyaNKsLNly2hs.8omT8wW5eQ%252BUKcfhcsm59I3rK2UsGLto8rDcuyB7g9A
www.coveredca.com/ Name: sa-user-id-v3
Value: s%253AAQAKIAHdrdrnKhTL6x10ojWX_x2eEetS1eWMyOQxsMRVvNPgEHwYBCC547esBjABOgQ8w7t9QgRjsjyt.kSIeJhe4bdeRDnHJuBf%252BJoqneyOa0UGw0pK%252FvQdiEO8
.doubleclick.net/ Name: IDE
Value: AHWqTUliDYive-T8JZ7d8WdfA_RGwHSXlmLpKqQlUXu-3Vg7JQ4yfI_YF5gIBJbTIsg
.simpli.fi/ Name: suid
Value: DDC46E876A8D463393F2A4A8CF91602B
.tiktok.com/ Name: _ttp
Value: 2aBoL66s0h7f9dRMmDZmpWLagm1
www.coveredca.com/ Name: _tq_id.TV-7272182754-1.62b7
Value: 5cedab69738e3991.1703801274.0.1703801274..
.turn.com/ Name: uid
Value: 3912461717855166890
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPr7hnZlcnNpb27C+w=="
.acuityplatform.com/ Name: auid
Value: 870332520841
.rezync.com/ Name: zync-uuid
Value: 14153f08-7094-4513-a6c3-fe7f81a9dc9e:1703801273.7365704
.coveredca.com/ Name: _tt_enable_cookie
Value: 1
.coveredca.com/ Name: _ttp
Value: Z06nzA6FmERB-PiZRHNpSHTMQhK
www.clarity.ms/ Name: CLID
Value: 56e083c294dc4a4eb35ce3be1fc79bad.20231228.20241227
.coveredca.com/ Name: _clck
Value: 14aeshz%7C2%7Cfhx%7C0%7C1457
.t.co/ Name: muc_ads
Value: 9971f4f3-6578-4d0a-8c65-ec6975ee5932
.linkedin.com/ Name: li_sugr
Value: 6c271064-cec0-457e-b3d8-962dd68db122
.linkedin.com/ Name: bcookie
Value: "v=2&c42c7847-6ba9-441b-873f-a2ac516b33fc"
.linkedin.com/ Name: lidc
Value: "b=TGST00:s=T:r=T:a=T:p=T:g=3285:u=1:x=1:i=1703801273:t=1703887673:v=2:sig=AQG8qqWDsrNdtwHEZ47Je0cKPT39I7yM"
.undertone.com/ Name: UTID
Value: 85288279bf7d494eb82bf8a0eae756a7
.undertone.com/ Name: UTID_ENC
Value: 7vsqs8pho80qjtcr603muiizr
.twitter.com/ Name: personalization_id
Value: "v1_n+WwVaOwY8U57W1pY0dgHA=="
.adnxs.com/ Name: uuid2
Value: 551808324852305401
.linkedin.com/ Name: UserMatchHistory
Value: AQKT2eJWhPecIwAAAYyyeD7rweVXvnONGtEU022H2y7f7uqqH0y_6hn9mCeM4vihxzxad1uSIGSrqg
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQLqwZAitD9YrQAAAYyyeD7rhGjn0OxV6tfDWySS6aj1xD-FtW7xszRjercPr99y03ly6nvL8FVr7XF3Y-gq9w
.coveredca.com/ Name: _uetsid
Value: 8cae9a50a5cd11eea80787adb4a30641
.coveredca.com/ Name: _uetvid
Value: 8cae8760a5cd11ee8302abbb68fbe286
.coveredca.com/ Name: _ce.irv
Value: new
.coveredca.com/ Name: cebs
Value: 1
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwNrQwNDC2sDSwNBXiM9Q1M3Mx8SrJ9QjyDXQDADf_uIolAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwNrQwNDC2sDSwNBXiM9Q1M3Mx8SrJ9QjyDXQDADf_uIolAAAA
.simpli.fi/ Name: uid_syncd_secure
Value: true
.bing.com/ Name: MUID
Value: 2E61F9B2BADC6EC91A49EA47BBB76F11
.www.linkedin.com/ Name: bscookie
Value: "v=1&2023122822075428ed634d-7289-4742-88a7-40a619b9cd80AQG0ImtTn4ewffXGqh1kHFRPWMcEPxe3"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MDM4MDEyNzQ7MjswMjGDCPvBUoK/Kw/s7nxy/x6H9XL/XBZ0uBRIsM1fibPoEg==
.coveredca.com/ Name: _ce.clock_event
Value: 1
.casalemedia.com/ Name: CMID
Value: ZY3xun2x3zDraxRKbeiO4wAA
.casalemedia.com/ Name: CMPS
Value: 3353
.casalemedia.com/ Name: CMPRO
Value: 3353
.media.net/ Name: visitor-id
Value: 3468028748281142000V10
.media.net/ Name: data-rk
Value: 5107433831810389095~~3
.demdex.net/ Name: demdex
Value: 47781504498042324472331617954538449912
live.rezync.com/ Name: sd-session-id
Value: .eJwNy0EKwyAQQNG7zDqWmY5m1MsEMSNIG1tismnI3evyw_sXLF_dt9S0HRCP_dQJ8ruO6hAv6PW36QsiOEKxzJ7JE7IPGBzcE3TtvX7aUtdhyJLjgt4IBmusIzZpzmyKSvGUwpqDRpKxIz2FH8KzE7Rw_wGT5yU7.ZY3xug.QuSVzldgt3Bdt0fgErKENzl0c2I
.dpm.demdex.net/ Name: dpm
Value: 47781504498042324472331617954538449912
.adnxs.com/ Name: anj
Value: dTM7k!M4.gD>6NRF']wIg2In6kd_YQ!]tbPl1MNu::wpAk`W=elw1oydZ!8Ti*s?RidS>4D.]L.G^3rP]VsQZ*tAYP)S7s8>!Cntgkv._B^RE$RDl1KR$^T62^*[N'J$@CW:!9>*f=kW*g0D(#!E[H
.coveredca.com/ Name: _clsk
Value: 1l2x0th%7C1703801274497%7C1%7C1%7Cq.clarity.ms%2Fcollect
.tapad.com/ Name: TapAd_TS
Value: 1703801274491
.tapad.com/ Name: TapAd_DID
Value: e14806d0-d34c-465d-ae6e-06abd26d6035
.eyeota.net/ Name: SERVERID
Value: 23447~DM
.coveredca.com/ Name: _ce.clock_data
Value: 28%2C217.114.218.27%2C1%2Cf5ef61ca1e560a2377dfd6c236fd3eb9
.coveredca.com/ Name: cebsp_
Value: 1
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.coveredca.com/ Name: _ce.s
Value: v~9630181fbfef648c8a08db132862d306d9704133~lcw~1703801274545~lva~1703801274244~vpv~0~as~false~v11.fhb~1703801274541~v11.lhb~1703801274541~v11.cs~417590~v11.s~8ce04210-a5cd-11ee-9239-754c7202530a~lcw~1703801274546
.pro-market.net/ Name: anHistory
Value: "-lefcqz80w5e9+2+!#7%.&(!f}`"
.agkn.com/ Name: ab
Value: 0001%3AnSIr%2B%2BDu8LYXIyhdM2cgzztZGTOdKPaD
.krxd.net/ Name: _kuid_
Value: QAKmfwZc
.pro-market.net/ Name: anProfile
Value: "-lefcqz80w5e9+1+1f=1+1g=1+1j=41+rs=s+rt=20011B60000202403247000000000004+s2=(s6edh6)+vm=24-DDC46E876A8D463393F2A4A8CF91602B:53-CAESEE6ko5KMwciegNQ1Pi9cfa8"
.bluekai.com/ Name: bku
Value: blx99nghMVDGWbXb
.bluekai.com/ Name: bkpa
Value: KJy9nyexd02pSUHknp/8mE1hwtkAwDHWxpxtHEQlBAWTHext1p1816R0xEHOmWBsmEWt1eJY9y9gPxry
.exelator.com/ Name: EE
Value: "11ae445f53a8711b743e779e20cc2c18"
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-8d610539-e3ce-4de3-9f32-378587f67786-003%22%7D
.agkn.com/ Name: u
Value: C|0AAAAAAAALSCuOgAAAAAA
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZY3xugAKSYKsaAAM
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcHQMDHVxMQ0zdQ40cLc0DDJ3MQ41dzcMtXIIDnZKNnQYnFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDIYEl%252BUWb6IhfXxUUpaQyLSopPBR%252BLtAEAfVgphw%253D%253D"
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_-OSMXR2dA12dSx18XCNCk00TYpKCvBN9TYILQw3yF_FKBAVaVxRmu7oHRzpXZzo6OjbxGJuaGJoapxmYKFrbmBpomtiamism2iWbKyblmqeZmGYaJmSbJlqZWhuYGxhYGhkbqxnbmxmam5gAgAppzwBawAAAA
.bfmio.com/ Name: __141_cid
Value: DDC46E876A8D463393F2A4A8CF91602B
.bfmio.com/ Name: __io_cid
Value: 4412369918375f18141ea3e2a605b36e13236655
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_13RMWuDUBAHcFpqGxICBdd-BcM733u-Z7dHIwQkUBIk6GasdiwhCJ37ETI6Ojo6OmbMmDGjYz5Cpm7Bu_HH_4477sZv8GGCdWDK-SJIolRuk-3nMg9ZtNuwn9UUFOOagauE0FA9DOx60BJ3xCfiK_GN-PCIXRM3xC1xR-ufsC_EtfWaxPy3_DbhOg73qTHLxhqUKKlbC7ech_aldyVunrGPxGfiC3FP8xfsvxF2N8H7HSc4P9gKBEheMO0o5gtHSOBO6mXcKXJVaEj9r8zP3-9NfKa4JxUTlT28hAs1ttvb5Lk2nvwPkigKM1oCAAA
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-8d610539-e3ce-4de3-9f32-378587f67786-003%22%7D
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 2E61F9B2BADC6EC91A49EA47BBB76F11
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 2E61F9B2BADC6EC91A49EA47BBB76F11
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

8 Console Messages

Source Level URL
Text
security error URL: https://www.coveredca.com/help-on-demand/
Message:
Refused to apply style from 'https://www.coveredca.com/cici-assets/static/css/main.497083da.chunk.css.map' because its MIME type ('text/plain') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security error URL: https://www.coveredca.com/help-on-demand/
Message:
Refused to apply style from 'https://www.coveredca.com/cici-assets/static/css/main.497083da.chunk.css.map' because its MIME type ('text/plain') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
network error URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5107433831810389095
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://idsync.rlcdn.com/419566.gif?partner_uid=DDC46E876A8D463393F2A4A8CF91602B
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=DDC46E876A8D463393F2A4A8CF91602B
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=DDC46E876A8D463393F2A4A8CF91602B
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://idsync.rlcdn.com/501709.gif?partner_uid=14153f08-7094-4513-a6c3-fe7f81a9dc9e%3A1703801273.7365704&_=1703801274.3703842
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://idsync.rlcdn.com/501709.gif?partner_uid=14153f08-7094-4513-a6c3-fe7f81a9dc9e%3A1703801273.7365704&_=1703801274.5814714
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10007209.fls.doubleclick.net
10053689.fls.doubleclick.net
12509655.fls.doubleclick.net
20844008p.rfihub.com
a.rfihub.com
aa.agkn.com
ad.doubleclick.net
ads.undertone.com
adservice.google.com
adservice.google.de
analytics.tiktok.com
analytics.twitter.com
assets-tracking.crazyegg.com
bat.bing.com
bcp.crwdcntrl.net
beacon.krxd.net
bpi.rtactivate.com
bttrack.com
c.bing.com
c.clarity.ms
c1.rfihub.net
cdn.boomtrain.com
cdn.bttrack.com
cdnjs.cloudflare.com
ce.lijit.com
cm.g.doubleclick.net
code.jquery.com
collector-22874.us.tvsquared.com
connect.facebook.net
contextual.media.net
coveredca.com
d.adroll.com
d.agkn.com
dmp.datawrkz.com
dpm.demdex.net
dsum-sec.casalemedia.com
e.acuityplatform.com
eb2.3lift.com
events.api.boomtrain.com
evt.undertone.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
insight.adsrvr.org
jelly-v6.mdhv.io
jelly.mdhv.io
js.adsrvr.org
live.rezync.com
loadm.exelator.com
maxcdn.bootstrapcdn.com
nodetracker.datawrkz.com
origin.acuityplatform.com
p.rfihub.com
pagestates-tracking.crazyegg.com
partners.tremorhub.com
pbid.pro-market.net
people.api.boomtrain.com
pixel.rubiconproject.com
pixel.tapad.com
ps.eyeota.net
px.adentifi.com
px.ads.linkedin.com
px4.ads.linkedin.com
q.clarity.ms
r.turn.com
region1.analytics.google.com
s.ad.smaato.net
s.adroll.com
script.crazyegg.com
secure.adnxs.com
simplifi.partners.tremorhub.com
snap.licdn.com
stags.bluekai.com
static.ads-twitter.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.bfmio.com
sync.intentiq.com
sync.targeting.unrulymedia.com
t.co
tag.simpli.fi
tags.srv.stackadapt.com
tags.w55c.net
tracking.crazyegg.com
um.simpli.fi
us-u.openx.net
www.clarity.ms
www.coveredca.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
x.bidswitch.net
x.dlx.addthis.com
www.coveredca.com
104.244.42.133
104.244.42.67
13.107.42.14
13.248.245.213
142.250.186.98
142.250.74.194
146.75.116.157
151.101.130.49
154.59.122.94
172.217.16.134
172.64.151.101
18.155.129.103
18.184.58.94
18.195.85.13
18.216.88.61
18.239.18.97
18.239.36.71
18.239.69.21
18.239.69.99
18.239.83.63
184.30.17.14
185.89.210.46
192.132.33.69
193.0.160.131
198.47.127.205
20.231.53.73
2001:4860:4802:32::36
2001:4860:4802:36::15
2001:678:cb4:bbbb::11
216.239.38.21
216.52.2.48
216.58.206.38
23.212.207.113
23.38.98.117
23.99.0.12
2600:1901:0:8eee::
2600:1f18:612b:4232:b6ba:e8dd:58dc:4af0
2600:1f18:612b:4264:a8a9:bffd:e62a:b1ff
2600:9000:20e1:c000:6:9280:1080:93a1
2600:9000:211a:4000:1:76cf:fe80:93a1
2600:9000:2190:bc00:1b:5138:8a40:93a1
2606:4700::6811:180e
2606:4700::6812:acf
2606:4700::6813:9308
2620:1ec:21::14
2620:1ec:bdf::63
2620:1ec:c11::200
2a00:1450:4001:811::2002
2a00:1450:4001:813::2003
2a00:1450:4001:81c::2002
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2008
2a00:1450:4001:831::200a
2a00:1450:4001:831::200e
2a00:1450:400c:c00::9c
2a02:26f0:3500:16::215:1490
2a02:26f0:3500:4::b818:4d8c
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:400::649
2a05:d018:cc3:fe05:83c0:b7ec:706f:4cee
3.127.178.105
3.33.220.150
3.93.251.5
34.111.113.62
34.198.133.245
34.226.94.188
34.91.62.186
34.98.64.218
35.168.223.66
35.234.162.151
35.244.174.68
46.228.174.117
52.214.236.211
52.23.26.141
52.28.181.94
52.29.101.35
54.157.191.104
54.216.96.95
54.220.65.247
54.76.135.177
54.78.254.47
63.32.40.40
65.9.65.116
65.9.66.25
65.9.86.120
68.219.88.97
69.173.144.139
88.221.168.23
06d58bc7f8de713d15ef2fe646262e09d3ad5e367a17d9cdef5e13628cee6991
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0bfb1245a18e150704b90d299768c9dd74293551472b290c0bd9d0f502a36345
0e2788846b4a9c9ce794ff5116d0ae8c0543da4972154cee6ed40bdfc6696974
110007b874c698d7028179f0af0447ad9b1c5a211492d3bb045ac77861534158
16051b6c43c92acb43b3c29341c5114ddd1a6b065ae704eb7f814b1ae28290b8
173eb50e8a3d1e741e8bdc08d68dffc83a8314cfd54eebcf46b4d0d34204312c
20603593ca61f806ae8a816e1e7c1cd595c2d5fe830dd394a684c61c3f067e6b
207ed6314949fdde0d8bbc61d8f286252e368f84d74558edb1d71041e26c8d9f
213fcb719ed03061a338a09ae0c687f41ecc9a2b87efcf70ef09809e26cb01b9
223b1b488589cdc8072533cc3303d1a791cff31204663422f30415c9a23e4c7f
2cd98963c4e47dcdcdf5fe6cfd401ec1e7772f92e47b5ae676ea947f749cbe8c
2eb4e881fa6aa216d7b9fef136fe0fdd5cde97ae1eb18f2ac0c2c3fdece79a44
2f2bfae69dd217926e6463c8fd70cc1bdc1895b5da44e507180ce18fd86ff79e
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
395e41fc99daec855f98082ab55a53c0075712945dba1de61a008c07ef08e8be
3d2675d5ca547524623117f8e9aee1a61aa554ec5842245118d9c27f49c276ee
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4104719e5ed512c38e214d679637092aa7bdb7c35925370b33dd21fcfee6794e
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4839570128a8b1b3f49ead967389c294094326b9deae01c24642c345be8c79ba
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
4b55f0456225a898a91f49324ac543b6fc458781c6913c7e700cebe7c2ca54b7
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
518e958fd70a9a6be94d72359a183d4ea93dab5bbe9e03459e2f7f4102ce0e57
54732a3ea1bb046de979fb1a49e1dab87ab4f9dee9c5632675b7953bcf470e15
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54b3dc1debdf0ca6bbc39dadf155ed30214a77b521fdebb9507dd39f2f5c53ec
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5743bf873c2e34857c9a28ec3143cf72c2ed6e859b6524417779237e05b24373
582115bfb3f28b6228ae8223119b9ec524cf5c2adb3a73b5de885fcce7d7e5b1
5d630bb4d6354fcacbcf1a06ef90f381c724ca1198865939efab101e9f9c8df4
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
610ecd78756d7928372447748b544808b733f98053e96dfd352a225e21eb7337
611c105d9ee7d79490f3db7224c727cad0387194d9295b5ba4147cbdf064d1a1
660b4785d985be6aad87a8d5a8dd4664d4fe7cdeaa13a8e32f8c1d9993157d8a
66404e8fbb6d781a8baec20a78ad7895dd57abe7e3c6f85f9bb998c8927360b9
667c468b17b708eeb51c5ed10bf37fa40c6a5885d942920266a226a4b7c3bfa9
6744e10740c477bfc92f142ce4bebfd5e8f668d7b7430d559d8bc0e15ec13361
678c0bf2781144577d5db7cf03a4fa016b90e1d22d2a0249e3ed88b20a9fdf98
697e3bce1ba4d473a40a8527c68dd31765f09f1a4abee806ac519dd731e5f600
722960b3c055c5ddab0f140bfd0bdada62f3b16a52ad0e485b65490ef9ff78c3
744871614a068054aad6b3104c7e6c55e2fe477f21e413088a61fadb7c54aadf
74631a6ca8e24342f4b9bac81f5d68c1096295f28128ab771afad2d7e64a178e
75d9b2d54e160aa28468c8487ce983ea26bbce9acde597474d7321a7f7f203f4
77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec
787d715880b6e126bedb126a1968294360df3dbd5c6e0c166ecb9d678e861e26
7bb2a9b0b57103bb573bb91e43ef305d3b9fe7bf80a61adf26234f17bc32c5f5
7d514b2776b034d194ce1f77a6c378464e208007cc51e708fc6b26188fafcfcf
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
80bbd5be45a524bdbb122e6e34df705780ee6ea56655d6ac9ad9e92c1e12362d
822dce82a84529f3a76061eeb6380635b3751bf576d5acb1d397164b854487ea
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
83e063ade67778fba56cc7fde820e52394b3e1aa87df445b82e2807c7c1d582d
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
850b42447426e232e97c525df9bc3ac34a1c18d888c70b771d400306bfa4b954
86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b
86f2855487ee0f2a026de07b800d0a191f2d66723011cf5e7bddea4669037b33
87260ecf581a44a18ca2165015348383b430e6b77ca0b0ec4a9a3b1ebff57160
886e1e675050878cd1710ba030a7787613e5bbbe02a2b099683306c16ac8c8cd
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
89cf66cb9de8da20fc15e9953845dd4d1de2c0fb465c827a09d818449222c533
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
923fe0df6dede4f65d0606894479fb0ca3d02404bf37ef66a9be5195920a1ea5
92b6c6f26974edbce6417639dcba4ddafe1a08c883cc531bca651b387aea8d7e
9598e291a1015e2151d3a0a9b0623b1f1e5e614186cb867ffb39dd79ca44385a
976f20824c556d298fb13a73528228bb29a3a4bf23a1a84a9cc3d912c0d0b645
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98f5c2247bc56fa784769ccc6671755943a9f0ac1bda1aab00c174100fc73829
9958e1e4cbdc84b1ccef60856822323f780b40b51b9dfe13e8da3c99cea07c10
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b41ddaf7161d74fcb39d5dae33c773cc694eeb81219aa9f275c128f79d07924
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a12a29182de9b58c5ecf77a599589ece94ea35795ff6d4ca22500f6a631e0a57
a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a
a37c6521110d9c690073dfd788c3fed6516f7418c052e743528f73be45ba002e
a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
ab026746395ad6464237b3358dff74085949bcf3d7560f53890e8e2aa6063d36
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad0157d19b24c193916d146dd5f1443bf17a9d1ff3e6c8aabd5fec40e95813ac
ad465afd2be162c43a083be2327aa762bb5a2e24ab3e67d8fc106beb0e946c5d
addfa26d0aff78c308ad0b18731bff84ec4069b2689ff2af38a5e5e3d1638b11
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3c6511713a76948fa966435907f36e2afbba906a7f30920d52adf8eeb1118e8
b924938b22d290519a2cd99cf33e41f039486fb27124b94a475bcc7596ac1e5f
bae004dac2e01a27b10f1dbcecb9db9e020eb70d4d3fd57a867e6f27362f45fb
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcc5ca10f47aa035b878cf08c5711478a5d5136829877f64b41e5bfbcbc9a370
bf3d022643d5737eeb4a945ee6f9554fa1c5c42b082512d4194fd7314caa3dc2
c23b904dfeeac8933fd53e912d1c08d0a8ef58d5ea26571374f2541b3cd5b192
c99ddcc8af7e58589a2daefbf220c920b11a6a4e56707a03ff1abc43c5cd75a3
c9ab307ba8c17507863729bcf3534353c7a993f634302564f9827873b54836eb
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d229465567104abc89fc5f09784d2c08aa8f8ccd5ef81f5c43cd624d5244ca21
d30faa0129e9854b5acd1f0920f1ada64233aee3d319cf38d3c2d7815e8dd6d0
d4ee3ac958768ed751eff747f986a51df95c802263bfe04e1a5c4ec1c1ae0fd5
d6a5a2e8cb0e4995e02d116247fbb93a988282587d4e03d15905f338d3f0625c
d6d0824c232f1be9cf8778e2f91360b3562ac7464795f81882f95d22defbd146
d9c8cff9653c89b6c64fbaf783459830f5d5dcdd13d2510a5e40e3410fda3b49
db5228bddbe3122695b33bd00d362c0bf6142eab32bcf18f27651b044e3fef22
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
deb88abb0fb9888e33685ababca741fa8853eaf289e18ae9b1ff6ed0b88f9123
df44cf405a04f57eddc15b95149a6c21c4c3e073fbe3b9853c2870345fa09208
e138c554d632a5349ffd447c33d7f93be50179fab3891676297697989887550d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4142b08bb91c6729ce36efd4ad1ef33c7a9b8b02f75066b0c2d0c748392fc4e
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
ed091dd62c6f4eff39ece4ef50f4f92eb60d8bc43e07aa45215393fa26a52b22
ed3ee695147e26d5a7563a6f329769813939896fefa023cba46bb893f2d0265c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1d0eb44d6146244468efd853fcd6a89fa14ee1631639524e5879c8be5339ad
f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660
f0d1dd0d3bfa03d761273722728da3dcce43a1257359e6a9d6ade858dd689019
f3b0e2a3800f73c56a4dc78562fc32130a8eec6887982d10e6a5dcf6497969c6
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f60af9347eedfbee72de5bcf4c6e84d1be9c73d8e5950ecdbf59c30b94fd8533
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623
f8d9cef44335caed73356f6054f37bd5d565bf11d94a7c3f6aa2d198ee60a706
f945b7f7198f51c77b676024ca43c482efb95b3184161b37edabc3874d65555a
f9d7dcdfe865be551058ef03ebabb19b81722cb8d2dbf46e94094587ed09bcd5
fb8b9e7037b0a8b25f940058db2dd9094b21539bc6eb4a6a46983dc28a6004eb
fd7a2685f5e5c7082acb32296f07c55b919194fc2b05a3c0f5382763d4bc04b1
fdbc32cc26feeae22de5dcad0525f2f1dacad5111cca62b20209ea1c3bb7e81c