merit-login.covisum.com Open in urlscan Pro
40.86.99.202 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://merit-login.covisum.com/
Effective URL:
https://merit-login.covisum.com/auth/login?resume=/idp/TZmVl/resumeSAML20/idp/SSO.ping&spentity=merit
Submission: On November 09 via automatic, source certstream-suspicious (November 9th 2024, 10:21:47 am UTC) — Scanned from CA

Summary HTTP 56 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 24 IPs in 2 countries across 20 domains to perform 56 HTTP transactions. The main IP is 40.86.99.202, located in Des Moines, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is merit-login.covisum.com.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on June 23rd 2024. Valid for: 6 months.

This is the only time merit-login.covisum.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 17	40.86.99.202 40.86.99.202	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 3	52.230.225.209 52.230.225.209	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	142.250.31.106 142.250.31.106	15169 (GOOGLE) (GOOGLE)
1	151.101.192.176 151.101.192.176	54113 (FASTLY) (FASTLY)
6	2606:4700:440... 2606:4700:4400::ac40:93bc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:8ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4004:c19::61	15169 (GOOGLE) (GOOGLE)
1	2606:2800:11f... 2606:2800:11f:17a5:191a:18d5:537:22f9	15133 (EDGECAST) (EDGECAST)
1	172.253.122.94 172.253.122.94	15169 (GOOGLE) (GOOGLE)
2	151.101.128.176 151.101.128.176	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6811:5ffa	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:28f0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6810:7574	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4b8e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:afc9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	31.13.66.19 31.13.66.19	32934 (FACEBOOK) (FACEBOOK)
2	2606:4700::68... 2606:4700::6812:1fb0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::ac43:1627	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	2600:9000:26c... 2600:9000:26c1:f000:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:61c... 2600:1f18:61c0:2204:73f0:257d:3ae9:9b4f	14618 (AMAZON-AES) (AMAZON-AES)
1	104.18.80.204 104.18.80.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f10... 2a03:2880:f103:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6810:7674	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.179.73.36 52.179.73.36	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
56	24

17 40.86.99.202 (Des Moines, United States) 3 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

merit-login.covisum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.230.225.209 (Des Moines, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

merit-sso.covisum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.31.106 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f106.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.192.176 (San Francisco, United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:4400::ac40:93bc (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ka-p.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:8ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c19::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:11f:17a5:191a:18d5:537:22f9 (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.122.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f94.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.128.176 (San Francisco, United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:5ffa (United States)

ASN13335 (CLOUDFLARENET, US)

js.hubspotfeedback.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:28f0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:7574 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4b8e (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:afc9 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.66.19 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-iad3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:1fb0 (United States)

ASN13335 (CLOUDFLARENET, US)

tracking.g2crowd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:1627 (United States)

ASN13335 (CLOUDFLARENET, US)

www.linkconnector.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:26c1:f000:6:9280:1080:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:61c0:2204:73f0:257d:3ae9:9b4f (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.80.204 (None, )

ASN13335 (CLOUDFLARENET, US)

perf-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f103:83:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7674 (United States)

ASN13335 (CLOUDFLARENET, US)

app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.179.73.36 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	covisum.com 4 redirects merit-login.covisum.com merit-sso.covisum.com	231 KB
6	hubspot.com js.hubspot.com — Cisco Umbrella Rank: 3554 api.hubspot.com — Cisco Umbrella Rank: 5132 cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 3687 app.hubspot.com — Cisco Umbrella Rank: 5859 track.hubspot.com — Cisco Umbrella Rank: 2324	28 KB
6	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1955 ka-p.fontawesome.com — Cisco Umbrella Rank: 3223	198 KB
5	adroll.com 1 redirects s.adroll.com — Cisco Umbrella Rank: 3395 d.adroll.com — Cisco Umbrella Rank: 1624	30 KB
3	stripe.com js.stripe.com — Cisco Umbrella Rank: 1102	165 KB
2	visualstudio.com dc.services.visualstudio.com — Cisco Umbrella Rank: 785	200 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	3 KB
2	g2crowd.com tracking.g2crowd.com — Cisco Umbrella Rank: 8252	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	72 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	98 KB
2	google.com www.google.com — Cisco Umbrella Rank: 3	968 B
1	hsforms.com perf-na1.hsforms.com — Cisco Umbrella Rank: 3796	927 B
1	linkconnector.com www.linkconnector.com — Cisco Umbrella Rank: 40887	484 B
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2191	25 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 5048	26 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2172	27 KB
1	hubspotfeedback.com js.hubspotfeedback.com — Cisco Umbrella Rank: 15178	9 KB
1	gstatic.com www.gstatic.com	215 KB
1	msecnd.net az416426.vo.msecnd.net — Cisco Umbrella Rank: 3081	22 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2500	1 KB
56	20

	Domain	Requested by
17	merit-login.covisum.com	3 redirects merit-login.covisum.com
4	s.adroll.com	1 redirects www.googletagmanager.com merit-login.covisum.com s.adroll.com
4	ka-p.fontawesome.com	kit.fontawesome.com
3	js.stripe.com	merit-login.covisum.com js.stripe.com
3	merit-sso.covisum.com	1 redirects
2	dc.services.visualstudio.com	az416426.vo.msecnd.net
2	www.facebook.com	merit-login.covisum.com
2	api.hubspot.com	az416426.vo.msecnd.net
2	tracking.g2crowd.com	merit-sso.covisum.com tracking.g2crowd.com
2	connect.facebook.net	merit-sso.covisum.com connect.facebook.net
2	www.googletagmanager.com	merit-login.covisum.com www.googletagmanager.com
2	kit.fontawesome.com	merit-login.covisum.com kit.fontawesome.com
2	www.google.com	merit-login.covisum.com www.googletagmanager.com
1	track.hubspot.com
1	app.hubspot.com	js.hubspotfeedback.com
1	perf-na1.hsforms.com	merit-login.covisum.com
1	d.adroll.com	s.adroll.com
1	cta-service-cms2.hubspot.com	js.hubspot.com
1	www.linkconnector.com	www.googletagmanager.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hubspot.com	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hubspotfeedback.com	js.hs-scripts.com
1	www.gstatic.com	www.google.com
1	az416426.vo.msecnd.net	merit-login.covisum.com
1	js.hs-scripts.com	merit-login.covisum.com
56	27

This site contains links to these domains. Also see Links.

Domain
www.covisum.com

Subject Issuer	Validity	Valid
*.covisum.com Go Daddy Secure Certificate Authority - G2	`2024-07-19` - `2025-07-27`	a year	crt.sh
merit-login.covisum.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2024-06-23` - `2024-12-23`	6 months	crt.sh
*.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-10-30` - `2025-02-06`	3 months	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-01-27`	6 months	crt.sh
hs-scripts.com WE1	`2024-09-26` - `2024-12-25`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2024-06-06` - `2025-06-06`	a year	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
hubspotfeedback.com WE1	`2024-09-28` - `2024-12-27`	3 months	crt.sh
hs-banner.com WE1	`2024-09-24` - `2024-12-23`	3 months	crt.sh
hubspot.com WE1	`2024-10-03` - `2025-01-01`	3 months	crt.sh
usemessages.com WE1	`2024-10-06` - `2025-01-04`	3 months	crt.sh
hs-analytics.net WE1	`2024-10-07` - `2025-01-05`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-18` - `2024-11-16`	3 months	crt.sh
g2crowd.com WE1	`2024-10-19` - `2025-01-17`	3 months	crt.sh
linkconnector.com WE1	`2024-09-22` - `2024-12-21`	3 months	crt.sh
s.adroll.com Amazon RSA 2048 M02	`2024-05-03` - `2025-06-01`	a year	crt.sh
d.adroll.com Amazon RSA 2048 M03	`2024-09-08` - `2025-10-07`	a year	crt.sh
hsforms.com WE1	`2024-10-10` - `2025-01-08`	3 months	crt.sh
prod.ai.ingestion.msftcloudes.com Microsoft Azure RSA TLS Issuing CA 04	`2024-09-16` - `2025-09-11`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://merit-login.covisum.com/auth/login?resume=/idp/TZmVl/resumeSAML20/idp/SSO.ping&spentity=merit
Frame ID: D43B0E818149C9E9B9C03487FB38A61D
Requests: 50 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-preconnect-39915745f04592911cdc656c7d22925c.html
Frame ID: 008A0D081F748CEAF848B9E3E04166A3
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fmerit-login.covisum.com
Frame ID: CA24AD5840315F9C9ACC45DE62256ED8
Requests: 1 HTTP requests in this frame

Frame: https://app.hubspot.com/feedback-web-fetcher
Frame ID: 48FD3F8ACE5DD4E065A6C41515CE7EC2
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: E697466935690D7CCCC0199A9F4DA0BB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login - Social Security Timing - Identity Provider

Page URL History Show full URLs

https://merit-login.covisum.com/ HTTP 302
https://merit-login.covisum.com/ping/prestart?ReturnUrl=%2f HTTP 302
https://merit-login.covisum.com/ping/start?partnerIdpId=merit&returnUrl=/ HTTP 302
https://merit-sso.covisum.com/sp/startSSO.ping?PartnerIdpId=merit&TargetResource=https%3a%2f%2fmerit-login... Page URL
https://merit-sso.covisum.com/idp/SSO.saml2 HTTP 302
https://merit-login.covisum.com/auth/login?resume=/idp/TZmVl/resumeSAML20/idp/SSO.ping&spentity=merit Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

56
Requests

98 %
HTTPS

63 %
IPv6

20
Domains

27
Subdomains

24
IPs

2
Countries

1152 kB
Transfer

3947 kB
Size

14
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.covisum.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://merit-login.covisum.com/ HTTP 302
https://merit-login.covisum.com/ping/prestart?ReturnUrl=%2f HTTP 302
https://merit-login.covisum.com/ping/start?partnerIdpId=merit&returnUrl=/ HTTP 302
https://merit-sso.covisum.com/sp/startSSO.ping?PartnerIdpId=merit&TargetResource=https%3a%2f%2fmerit-login.covisum.com%2fPing%2fSso%3freturnUrl%3d%252f&InErrorResource=https%3a%2f%2fmerit-login.covisum.com%2fPing%2fSso%3freturnUrl%3d%252f Page URL
https://merit-sso.covisum.com/idp/SSO.saml2 HTTP 302
https://merit-login.covisum.com/auth/login?resume=/idp/TZmVl/resumeSAML20/idp/SSO.ping&spentity=merit Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://merit-login.covisum.com/ HTTP 302
https://merit-login.covisum.com/ping/prestart?ReturnUrl=%2f HTTP 302
https://merit-login.covisum.com/ping/start?partnerIdpId=merit&returnUrl=/ HTTP 302
https://merit-sso.covisum.com/sp/startSSO.ping?PartnerIdpId=merit&TargetResource=https%3a%2f%2fmerit-login.covisum.com%2fPing%2fSso%3freturnUrl%3d%252f&InErrorResource=https%3a%2f%2fmerit-login.covisum.com%2fPing%2fSso%3freturnUrl%3d%252f

Request Chain 42

https://s.adroll.com/j/pre/47VG5N67VNHO3DF22MMCPK/BIF3K5XSYJEXDPNZPCTBJN/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

56 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

startSSO.ping
merit-sso.covisum.com/sp/
Redirect Chain

https://merit-login.covisum.com/
https://merit-login.covisum.com/ping/prestart?ReturnUrl=%2f
https://merit-login.covisum.com/ping/start?partnerIdpId=merit&returnUrl=/
https://merit-sso.covisum.com/sp/startSSO.ping?PartnerIdpId=merit&TargetResource=https%3a%2f%2fmerit-login.covisum.com%2fPing%2fSso%3freturnUrl%3d%252f&InErrorResource=https%3a%2f%2fmerit-login.cov...

1 KB
2 KB

801ms
83ms

Document
text/html

52.230.225.209
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://merit-sso.covisum.com/sp/startSSO.ping?PartnerIdpId=merit&TargetResource=https%3a%2f%2fmerit-login.covisum.com%2fPing%2fSso%3freturnUrl%3d%252f&InErrorResource=https%3a%2f%2fmerit-login.covisum.com%2fPing%2fSso%3freturnUrl%3d%252f

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.230.225.209 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache, no-store
Content-Length: 1311
Content-Type: text/html;charset=utf-8
Date: Sat, 09 Nov 2024 10:21:40 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Referrer-Policy: origin
X-Frame-Options: SAMEORIGIN

Redirect headers

Access-Control-Expose-Headers: Request-Context
Cache-Control: private
Content-Length: 363
Content-Type: text/html; charset=utf-8
Date: Sat, 09 Nov 2024 10:21:39 GMT
Location: https://merit-sso.covisum.com/sp/startSSO.ping?PartnerIdpId=merit&TargetResource=https%3a%2f%2fmerit-login.covisum.com%2fPing%2fSso%3freturnUrl%3d%252f&InErrorResource=https%3a%2f%2fmerit-login.covisum.com%2fPing%2fSso%3freturnUrl%3d%252f
Permissions-Policy: geolocation=()
Referrer-Policy: no-referrer, strict-origin-when-cross-origin
Request-Context: appId=cid-v1:2f7a7a68-1c89-4dcf-847f-37923af875f7
Server: Microsoft-IIS/10.0
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.2
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET

GET
H/1.1

200
OK

Primary Request login Show response
merit-login.covisum.com/auth/
Redirect Chain

https://merit-sso.covisum.com/idp/SSO.saml2
https://merit-login.covisum.com/auth/login?resume=/idp/TZmVl/resumeSAML20/idp/SSO.ping&spentity=merit

6 KB
4 KB

214ms
213ms

Document
text/html

40.86.99.202
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://merit-login.covisum.com/auth/login?resume=/idp/TZmVl/resumeSAML20/idp/SSO.ping&spentity=merit

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.86.99.202 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e1f709a813278aad038de9c25b3ee0ff1ea51f03ea7053c99d7d76edf4a4a618

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://merit-sso.covisum.com
Referer: https://merit-sso.covisum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Access-Control-Expose-Headers: Request-Context
Cache-Control: private
Content-Encoding: gzip
Content-Length: 3052
Content-Type: text/html; charset=utf-8
Date: Sat, 09 Nov 2024 10:21:40 GMT
Permissions-Policy: geolocation=()
Referrer-Policy: no-referrer, strict-origin-when-cross-origin
Request-Context: appId=cid-v1:2f7a7a68-1c89-4dcf-847f-37923af875f7
Server: Microsoft-IIS/10.0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.2
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET

Redirect headers

Cache-Control: no-cache, no-store
Content-Length: 0
Content-Type: text/html;charset=utf-8
Date: Sat, 09 Nov 2024 10:21:40 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://merit-login.covisum.com/auth/login?resume=/idp/TZmVl/resumeSAML20/idp/SSO.ping&spentity=merit
Pragma: no-cache
Referrer-Policy: origin
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK favicon.ico
merit-sso.covisum.com/ 7 KB
7 KB 48ms
48ms Other
image/x-icon 52.230.225.209
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://merit-sso.covisum.com/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.230.225.209 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://merit-sso.covisum.com/

Response headers

Content-Length: 7406
Date: Sat, 09 Nov 2024 10:21:40 GMT
Content-Type: image/x-icon
Last-Modified: Tue, 23 Feb 2021 19:18:08 GMT

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
968 B 166ms
51ms Script
text/javascript 142.250.31.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: merit-login.covisum.com
URL: https://merit-login.covisum.com/auth/login?resume=/idp/TZmVl/resumeSAML20/idp/SSO.ping&spentity=merit

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.31.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f106.1e100.net

Software

ESF /

Resource Hash

b7920c3ee4d6bb39bee9aead6cbf6e02254f8b2ec119b695fe252837cb2e69a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://merit-login.covisum.com/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Sat, 09 Nov 2024 10:21:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Sat, 09 Nov 2024 10:21:41 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 / Show response
js.stripe.com/v3/ 684 KB
165 KB 159ms
27ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: merit-login.covisum.com
URL: https://merit-login.covisum.com/auth/login?resume=/idp/TZmVl/resumeSAML20/idp/SSO.ping&spentity=merit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

dc0ef64bc5c92e8e7f003fdbbdcbd86b50b99d5254213ce1779cd90229c67242

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://merit-login.covisum.com/

Response headers

x-request-id: 593358f2-0923-44ff-9f45-f6a59429086f
content-encoding: br
etag: "f1125b0266aa62489da53fb2c252b6e0"
age: 39
x-content-type-options: nosniff
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Sat, 09 Nov 2024 10:21:41 GMT
last-modified: Fri, 08 Nov 2024 21:19:53 GMT
content-type: text/javascript; charset=utf-8
x-served-by: cache-yul1970052-YUL
x-cache-hits: 3
vary: Accept-Encoding
strict-transport-security: max-age=31556926; includeSubDomains; preload
cache-control: max-age=60
timing-allow-origin: *
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 168217
server: Fastly

GET
H2 200 d446186408.js Show response
kit.fontawesome.com/ 13 KB
5 KB 318ms
74ms Script
text/javascript 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/d446186408.js
Requested by: Host: merit-login.covisum.com
URL: https://merit-login.covisum.com/auth/login?resume=/idp/TZmVl/resumeSAML20/idp/SSO.ping&spentity=merit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8d974004490975721966fcfd1ed3fb5abb359ae01a2f374738760adf4552492

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://merit-login.covisum.com
Referer: https://merit-login.covisum.com/

Response headers

access-control-max-age: 3000
x-request-id: GAZFqaNWzrZNvTQkPe9B
cache-control: max-age=60, public, stale-while-revalidate=30
content-encoding: gzip
cf-cache-status: MISS
access-control-allow-methods: GET, OPTIONS
cf-ray: 8dfd13cf3b7ca305-YUL
access-control-allow-origin: *
date: Sat, 09 Nov 2024 10:21:41 GMT
content-type: text/javascript
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
server: cloudflare
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token

GET
H/1.1 200
OK Bootstrap-3.3.7.min.css
merit-login.covisum.com/Cache/2024-11-9/Components/ 118 KB
28 KB 62ms
58ms Stylesheet
text/css 40.86.99.202
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://merit-login.covisum.com/Cache/2024-11-9/Components/Bootstrap-3.3.7.min.css

Requested by

Host: merit-login.covisum.com
URL: https://merit-login.covisum.com/auth/login?resume=/idp/TZmVl/resumeSAML20/idp/SSO.ping&spentity=merit

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.86.99.202 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

d6ed3d36c41e13c3beab7317129b94a92a7963e43203b2084b4aeec631112ce9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://merit-login.covisum.com/auth/login?resume=/idp/TZmVl/resumeSAML20/idp/SSO.ping&spentity=merit

Response headers

Access-Control-Expose-Headers: Request-Context
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Sat, 09 Nov 2024 10:21:40 GMT
Content-Type: text/css
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Cache-Control: private
X-AspNet-Version: 4.0.30319
Referrer-Policy: no-referrer, strict-origin-when-cross-origin
Request-Context: appId=cid-v1:2f7a7a68-1c89-4dcf-847f-37923af875f7
Permissions-Policy: geolocation=()
Content-Length: 27640
X-Powered-By: ASP.NET
Server: Microsoft-IIS/10.0
X-AspNetMvc-Version: 5.2

GET
H/1.1 200
OK Default.min.css
merit-login.covisum.com/Cache/2024-11-9/Globals/ 66 KB
14 KB 168ms
54ms Stylesheet
text/css 40.86.99.202
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://merit-login.covisum.com/Cache/2024-11-9/Globals/Default.min.css

Requested by

Host: merit-login.covisum.com
URL: https://merit-login.covisum.com/auth/login?resume=/idp/TZmVl/resumeSAML20/idp/SSO.ping&spentity=merit

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.86.99.202 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

c24cd9a59e49bdc340301c7052123fe3b6ba76d6cebb2e5ccdd3e6274a58050d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://merit-login.covisum.com/auth/login?resume=/idp/TZmVl/resumeSAML20/idp/SSO.ping&spentity=merit

Response headers

Access-Control-Expose-Headers: Request-Context
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Sat, 09 Nov 2024 10:21:41 GMT
Content-Type: text/css
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Cache-Control: private
X-AspNet-Version: 4.0.30319
Referrer-Policy: no-referrer, strict-origin-when-cross-origin
Request-Context: appId=cid-v1:2f7a7a68-1c89-4dcf-847f-37923af875f7
Permissions-Policy: geolocation=()
Content-Length: 14058
X-Powered-By: ASP.NET
Server: Microsoft-IIS/10.0
X-AspNetMvc-Version: 5.2

GET
H/1.1 200
OK Login.min.css
merit-login.covisum.com/Cache/2024-11-9/Views/ 829 B
1 KB 209ms
52ms Stylesheet
text/css 40.86.99.202
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://merit-login.covisum.com/Cache/2024-11-9/Views/Login.min.css

Requested by

Host: merit-login.covisum.com
URL: https://merit-login.covisum.com/auth/login?resume=/idp/TZmVl/resumeSAML20/idp/SSO.ping&spentity=merit

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.86.99.202 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

236bd193c37b436e52c781b6ae9478475e0ad9e6cb5749d0ec22f09b9acc8fa3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://merit-login.covisum.com/auth/login?resume=/idp/TZmVl/resumeSAML20/idp/SSO.ping&spentity=merit

Response headers

Access-Control-Expose-Headers: Request-Context
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Sat, 09 Nov 2024 10:21:41 GMT
Content-Type: text/css
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Cache-Control: private
X-AspNet-Version: 4.0.30319
Referrer-Policy: no-referrer, strict-origin-when-cross-origin
Request-Context: appId=cid-v1:2f7a7a68-1c89-4dcf-847f-37923af875f7
Permissions-Policy: geolocation=()
Content-Length: 487
X-Powered-By: ASP.NET
Server: Microsoft-IIS/10.0
X-AspNetMvc-Version: 5.2

GET
H/1.1 200
OK Default.min.js Show response
merit-login.covisum.com/Cache/2024-11-9/Jquery/ 103 KB
46 KB 225ms
68ms Script
text/javascript 40.86.99.202
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://merit-login.covisum.com/Cache/2024-11-9/Jquery/Default.min.js

Requested by

Host: merit-login.covisum.com
URL: https://merit-login.covisum.com/auth/login?resume=/idp/TZmVl/resumeSAML20/idp/SSO.ping&spentity=merit

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.86.99.202 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

8417f74d0804a6d798654f34254787f00e4876323c25d52a76a0381b23b39287

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://merit-login.covisum.com/auth/login?resume=/idp/TZmVl/resumeSAML20/idp/SSO.ping&spentity=merit

Response headers

Access-Control-Expose-Headers: Request-Context
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Sat, 09 Nov 2024 10:21:41 GMT
Content-Type: text/javascript
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Cache-Control: private
X-AspNet-Version: 4.0.30319
Referrer-Policy: no-referrer, strict-origin-when-cross-origin
Request-Context: appId=cid-v1:2f7a7a68-1c89-4dcf-847f-37923af875f7
Permissions-Policy: geolocation=()
Content-Length: 46716
X-Powered-By: ASP.NET
Server: Microsoft-IIS/10.0
X-AspNetMvc-Version: 5.2

GET
H/1.1 200
OK Default.min.js Show response
merit-login.covisum.com/Cache/2024-11-9/LegacyUI/ 64 KB
26 KB 213ms
57ms Script
text/javascript 40.86.99.202
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://merit-login.covisum.com/Cache/2024-11-9/LegacyUI/Default.min.js

Requested by

Host: merit-login.covisum.com
URL: https://merit-login.covisum.com/auth/login?resume=/idp/TZmVl/resumeSAML20/idp/SSO.ping&spentity=merit

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.86.99.202 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

2a5a0619602464b362dadca03f74bc85da078cf8f4e63b3f399be163850ebf63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://merit-login.covisum.com/auth/login?resume=/idp/TZmVl/resumeSAML20/idp/SSO.ping&spentity=merit

Response headers

Access-Control-Expose-Headers: Request-Context
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Sat, 09 Nov 2024 10:21:41 GMT
Content-Type: text/javascript
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Cache-Control: private
X-AspNet-Version: 4.0.30319
Referrer-Policy: no-referrer, strict-origin-when-cross-origin
Request-Context: appId=cid-v1:2f7a7a68-1c89-4dcf-847f-37923af875f7
Permissions-Policy: geolocation=()
Content-Length: 25627
X-Powered-By: ASP.NET
Server: Microsoft-IIS/10.0
X-AspNetMvc-Version: 5.2

GET
H/1.1 200
OK Default.min.js Show response
merit-login.covisum.com/Cache/2024-11-9/Globals/ 28 KB
13 KB 227ms
65ms Script
text/javascript 40.86.99.202
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://merit-login.covisum.com/Cache/2024-11-9/Globals/Default.min.js

Requested by

Host: merit-login.covisum.com
URL: https://merit-login.covisum.com/auth/login?resume=/idp/TZmVl/resumeSAML20/idp/SSO.ping&spentity=merit

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.86.99.202 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e7037f66431e8b8bae6e20aa126a78c870c81695de62a644630226b776f498e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://merit-login.covisum.com/auth/login?resume=/idp/TZmVl/resumeSAML20/idp/SSO.ping&spentity=merit

Response headers

Access-Control-Expose-Headers: Request-Context
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Sat, 09 Nov 2024 10:21:41 GMT
Content-Type: text/javascript
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Cache-Control: private
X-AspNet-Version: 4.0.30319
Referrer-Policy: no-referrer, strict-origin-when-cross-origin
Request-Context: appId=cid-v1:2f7a7a68-1c89-4dcf-847f-37923af875f7
Permissions-Policy: geolocation=()
Content-Length: 12838
X-Powered-By: ASP.NET
Server: Microsoft-IIS/10.0
X-AspNetMvc-Version: 5.2

GET
H/1.1 200
OK sstMenu.min.js Show response
merit-login.covisum.com/Cache/2024-11-9/Components/ 1 KB
1 KB 228ms
65ms Script
text/javascript 40.86.99.202
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://merit-login.covisum.com/Cache/2024-11-9/Components/sstMenu.min.js

Requested by

Host: merit-login.covisum.com
URL: https://merit-login.covisum.com/auth/login?resume=/idp/TZmVl/resumeSAML20/idp/SSO.ping&spentity=merit

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.86.99.202 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

b4a50fe063a21d640cb4c0086d78c06fb15b224276fccb2058a190f3f8ad615f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://merit-login.covisum.com/auth/login?resume=/idp/TZmVl/resumeSAML20/idp/SSO.ping&spentity=merit

Response headers

Access-Control-Expose-Headers: Request-Context
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Sat, 09 Nov 2024 10:21:41 GMT
Content-Type: text/javascript
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Cache-Control: private
X-AspNet-Version: 4.0.30319
Referrer-Policy: no-referrer, strict-origin-when-cross-origin
Request-Context: appId=cid-v1:2f7a7a68-1c89-4dcf-847f-37923af875f7
Permissions-Policy: geolocation=()
Content-Length: 774
X-Powered-By: ASP.NET
Server: Microsoft-IIS/10.0
X-AspNetMvc-Version: 5.2

GET
H/1.1 200
OK Covisum_color300.png
merit-login.covisum.com/Content/img/ 3 KB
4 KB 62ms
62ms Image
image/png 40.86.99.202
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://merit-login.covisum.com/Content/img/Covisum_color300.png

Requested by

Host: merit-login.covisum.com
URL: https://merit-login.covisum.com/auth/login?resume=/idp/TZmVl/resumeSAML20/idp/SSO.ping&spentity=merit

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.86.99.202 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

f330331d31bdbad2cc6a5626e84203cf05b159061e72a6760532fb0b234348e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://merit-login.covisum.com/auth/login?resume=/idp/TZmVl/resumeSAML20/idp/SSO.ping&spentity=merit

Response headers

X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Expose-Headers: Request-Context
ETag: "04accb65cf9da1:0"
Referrer-Policy: no-referrer, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Request-Context: appId=cid-v1:2f7a7a68-1c89-4dcf-847f-37923af875f7
Permissions-Policy: geolocation=()
Accept-Ranges: bytes
Content-Length: 3579
Date: Sat, 09 Nov 2024 10:21:41 GMT
Content-Type: image/png
Last-Modified: Wed, 28 Aug 2024 15:12:36 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET

GET
H2 200 2755909.js Show response
js.hs-scripts.com/ 2 KB
1 KB 352ms
153ms Script
application/javascript 2606:4700::6810:8ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/2755909.js

Requested by

Host: merit-login.covisum.com
URL: https://merit-login.covisum.com/auth/login?resume=/idp/TZmVl/resumeSAML20/idp/SSO.ping&spentity=merit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbb9beb2137ef8db06380f09651cbb7397f16a984da4a8ecede7997f683f118f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://merit-login.covisum.com/

Response headers

access-control-max-age: 3600
content-encoding: gzip
cf-cache-status: EXPIRED
x-content-type-options: nosniff
expires: Sat, 09 Nov 2024 10:23:12 GMT
date: Sat, 09 Nov 2024 10:21:42 GMT
x-hubspot-correlation-id: ade6226d-7fb9-484c-b1bd-59cb10cadd98
content-type: application/javascript;charset=utf-8
vary: origin, Accept-Encoding
last-modified: Sat, 09 Nov 2024 10:21:42 GMT
cache-control: public, max-age=90
access-control-allow-credentials: true
cf-ray: 8dfd13d10b88a2eb-YUL
accept-ranges: bytes
access-control-allow-origin: https://merit-login.covisum.com
content-length: 677
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 281 KB
98 KB 265ms
76ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TK4K5MP

Requested by

Host: merit-login.covisum.com
URL: https://merit-login.covisum.com/auth/login?resume=/idp/TZmVl/resumeSAML20/idp/SSO.ping&spentity=merit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d7e57a93f899ebc9dfb9af71295c5aed2840aeb804bc11c2ef03eb63b05367b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://merit-login.covisum.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Sat, 09 Nov 2024 10:21:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 09 Nov 2024 10:21:41 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 09 Nov 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 99838
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 94 KB
22 KB 206ms
68ms Script
application/x-javascript 2606:2800:11f:17a5:191a:18d5:537:22f9
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: merit-login.covisum.com
URL: https://merit-login.covisum.com/auth/login?resume=/idp/TZmVl/resumeSAML20/idp/SSO.ping&spentity=merit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:11f:17a5:191a:18d5:537:22f9 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyd/D150) /
Resource Hash: 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://merit-login.covisum.com/

Response headers

content-md5: HdY95yzx9wIyQkVEGES+Ew==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-lease-status: unlocked
etag: 0x8D8E461DA1A5889
age: 828
x-ms-version: 2009-09-19
expires: Sat, 09 Nov 2024 10:51:41 GMT
x-cache: HIT
date: Sat, 09 Nov 2024 10:21:41 GMT
content-type: application/x-javascript
last-modified: Thu, 11 Mar 2021 07:46:59 GMT
vary: Accept-Encoding
cache-control: public, max-age=1800
x-ms-meta-lastmodified: 2020-10-01 19:31:04
x-ms-request-id: 3eb9fd18-601e-00ac-5f8f-323333000000
access-control-allow-origin: *
content-length: 22495
x-ms-blob-type: BlockBlob
server: ECAcc (nyd/D150)

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/ 546 KB
215 KB 207ms
76ms Script
text/javascript 172.253.122.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f94.1e100.net

Software

sffe /

Resource Hash

f8e5f5ce9ff44073cff24bcd3d2b8aa4e67b67891b14ff929fe4743880fdf82e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://merit-login.covisum.com
Referer: https://merit-login.covisum.com/

Response headers

content-encoding: gzip
age: 35567
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Sun, 09 Nov 2025 00:28:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 09 Nov 2024 00:28:54 GMT
last-modified: Tue, 22 Oct 2024 00:01:33 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 220347
x-xss-protection: 0
server: sffe

GET
H2 200 pro.min.css Show response
ka-p.fontawesome.com/releases/v6.6.0/css/ 1 MB
180 KB 119ms
72ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro.min.css?token=d446186408
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/d446186408.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae7c0230749b8a1ac31acdabea1094f958afa5775035ae537cda4a07bf973582

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://merit-login.covisum.com/

Response headers

cache-control: max-age=31556926
content-encoding: gzip
cf-cache-status: HIT
etag: "6695a0b7-2cce4"
cf-ray: 8dfd13d01befa305-YUL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 183524
date: Sat, 09 Nov 2024 10:21:41 GMT
content-type: text/css
last-modified: Mon, 15 Jul 2024 22:20:39 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server: cloudflare

GET
H2 200 pro-v4-shims.min.css Show response
ka-p.fontawesome.com/releases/v6.6.0/css/ 27 KB
4 KB 162ms
115ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro-v4-shims.min.css?token=d446186408
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/d446186408.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0fdba09e5424857290d8e5aa6beb9953d22465dd8cd82e760e549a3f0663320

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://merit-login.covisum.com/

Response headers

cache-control: max-age=31556926
content-encoding: gzip
cf-cache-status: MISS
etag: "6695a0b7-10e7"
cf-ray: 8dfd13d01beea305-YUL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4327
date: Sat, 09 Nov 2024 10:21:41 GMT
content-type: text/css
last-modified: Mon, 15 Jul 2024 22:20:39 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server: cloudflare

GET
H2 200 pro-v5-font-face.min.css Show response
ka-p.fontawesome.com/releases/v6.6.0/css/ 50 KB
7 KB 140ms
93ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro-v5-font-face.min.css?token=d446186408
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/d446186408.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5dba1570e2c1f739e153f9c8d38e73de101eb05a1c3b158b3a267e55c4b545a8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://merit-login.covisum.com/

Response headers

cache-control: max-age=31556926
content-encoding: gzip
cf-cache-status: HIT
etag: "6695a0b8-1c1c"
cf-ray: 8dfd13d01bf0a305-YUL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7196
date: Sat, 09 Nov 2024 10:21:41 GMT
content-type: text/css
last-modified: Mon, 15 Jul 2024 22:20:40 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server: cloudflare

GET
H2 200 pro-v4-font-face.min.css Show response
ka-p.fontawesome.com/releases/v6.6.0/css/ 7 KB
2 KB 189ms
143ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro-v4-font-face.min.css?token=d446186408
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/d446186408.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42ffeae687ee562cc3d669407321ce1754cc922ed793e3371efac196b33cbf47

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://merit-login.covisum.com/

Response headers

cache-control: max-age=31556926
content-encoding: gzip
cf-cache-status: MISS
etag: "6695a0b7-6ca"
cf-ray: 8dfd13d01bf1a305-YUL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1738
date: Sat, 09 Nov 2024 10:21:41 GMT
content-type: text/css
last-modified: Mon, 15 Jul 2024 22:20:39 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server: cloudflare

GET
H2 200 kit-upload.css Show response
kit.fontawesome.com/d446186408/7674515/ 0
129 B 93ms
91ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/d446186408/7674515/kit-upload.css
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/d446186408.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://merit-login.covisum.com/

Response headers

access-control-max-age: 3000
x-request-id: GAZFqamsf4zHrxRO5oFh
cache-control: max-age=31556926, public, must-revalidate
cf-cache-status: MISS
etag: 54af53b207eef226d6511e0a88e3038e
access-control-allow-methods: GET, OPTIONS
cf-ray: 8dfd13cfcbd0a305-YUL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
date: Sat, 09 Nov 2024 10:21:41 GMT
content-type: text/css
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
server: cloudflare
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token

GET
H/1.1 200
OK merit-logo.png
merit-login.covisum.com/Content/img/ 21 KB
22 KB 59ms
58ms Image
image/png 40.86.99.202
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://merit-login.covisum.com/Content/img/merit-logo.png

Requested by

Host: merit-login.covisum.com
URL: https://merit-login.covisum.com/Cache/2024-11-9/Globals/Default.min.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.86.99.202 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

c7b14a21dc882375a36c06ac2b4e7107590b1aa05b7f07367afacd851719e734

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://merit-login.covisum.com/Cache/2024-11-9/Globals/Default.min.css

Response headers

X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Expose-Headers: Request-Context
ETag: "04accb65cf9da1:0"
Referrer-Policy: no-referrer, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Request-Context: appId=cid-v1:2f7a7a68-1c89-4dcf-847f-37923af875f7
Permissions-Policy: geolocation=()
Accept-Ranges: bytes
Content-Length: 21890
Date: Sat, 09 Nov 2024 10:21:41 GMT
Content-Type: image/png
Last-Modified: Wed, 28 Aug 2024 15:12:36 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET

GET
H/1.1 200
OK glyphicons-halflings-regular.woff
merit-login.covisum.com/Content/fonts/ 23 KB
23 KB 47ms
47ms Font
application/font-woff 40.86.99.202
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://merit-login.covisum.com/Content/fonts/glyphicons-halflings-regular.woff

Requested by

Host: merit-login.covisum.com
URL: https://merit-login.covisum.com/Cache/2024-11-9/Components/Bootstrap-3.3.7.min.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.86.99.202 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

a26394f7ede100ca118eff2eda08596275a9839b959c226e15439557a5a80742

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://merit-login.covisum.com
Referer: https://merit-login.covisum.com/Cache/2024-11-9/Components/Bootstrap-3.3.7.min.css

Response headers

X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Expose-Headers: Request-Context
ETag: "04accb65cf9da1:0"
Referrer-Policy: no-referrer, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Request-Context: appId=cid-v1:2f7a7a68-1c89-4dcf-847f-37923af875f7
Permissions-Policy: geolocation=()
Accept-Ranges: bytes
Content-Length: 23424
Date: Sat, 09 Nov 2024 10:21:41 GMT
Content-Type: application/font-woff
Last-Modified: Wed, 28 Aug 2024 15:12:36 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET

GET
H/1.1 404
Not Found merit.json Show response
merit-login.covisum.com/Content/json/ 3 KB
4 KB 49ms
49ms XHR
text/html 40.86.99.202
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://merit-login.covisum.com/Content/json/merit.json

Requested by

Host: merit-login.covisum.com
URL: https://merit-login.covisum.com/Cache/2024-11-9/Jquery/Default.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.86.99.202 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

95d68bbe04d75bc5c8b927214fb557e0627765cbc33f8ce7d8bb635e63150414

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://merit-login.covisum.com/auth/login?resume=/idp/TZmVl/resumeSAML20/idp/SSO.ping&spentity=merit
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Expose-Headers: Request-Context
Cache-Control: private
X-AspNet-Version: 4.0.30319
Referrer-Policy: no-referrer, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Request-Context: appId=cid-v1:2f7a7a68-1c89-4dcf-847f-37923af875f7
Permissions-Policy: geolocation=()
Content-Length: 3259
Date: Sat, 09 Nov 2024 10:21:41 GMT
Content-Type: text/html; charset=utf-8
X-Powered-By: ASP.NET
Server: Microsoft-IIS/10.0
X-Frame-Options: SAMEORIGIN

GET
H2 200 controller-with-preconnect-39915745f04592911cdc656c7d22925c.html
js.stripe.com/v3/ Frame 008A 0
0 93ms
7ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-with-preconnect-39915745f04592911cdc656c7d22925c.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://merit-login.covisum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 41
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=60, stale-while-revalidate=900
content-encoding: br
content-length: 403
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 09 Nov 2024 10:21:41 GMT
etag: "39915745f04592911cdc656c7d22925c"
last-modified: Fri, 08 Nov 2024 21:02:43 GMT
origin-agent-cluster: ?1
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 2
x-content-type-options: nosniff
x-request-id: 9b5652c1-5ff0-4fab-bd66-021f4bbd081e
x-served-by: cache-yul1970036-YUL

GET
H/1.1 200
OK covisum.json Show response
merit-login.covisum.com/Content/json/ 744 B
1 KB 83ms
75ms XHR
application/json 40.86.99.202
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://merit-login.covisum.com/Content/json/covisum.json

Requested by

Host: merit-login.covisum.com
URL: https://merit-login.covisum.com/Cache/2024-11-9/Jquery/Default.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.86.99.202 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

b0039572c779f34068128b2e9773bc8b360a052dd9812b0218928d2e1abfa915

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://merit-login.covisum.com/auth/login?resume=/idp/TZmVl/resumeSAML20/idp/SSO.ping&spentity=merit
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01

Response headers

Access-Control-Expose-Headers: Request-Context
Content-Encoding: gzip
ETag: "04accb65cf9da1:0"
X-Content-Type-Options: nosniff
Date: Sat, 09 Nov 2024 10:21:41 GMT
Content-Type: application/json
Last-Modified: Wed, 28 Aug 2024 15:12:36 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Referrer-Policy: no-referrer, strict-origin-when-cross-origin
Request-Context: appId=cid-v1:2f7a7a68-1c89-4dcf-847f-37923af875f7
Permissions-Policy: geolocation=()
Accept-Ranges: bytes
Content-Length: 534
X-Powered-By: ASP.NET
Server: Microsoft-IIS/10.0

GET
H2 200 feedbackweb-new.js Show response
js.hubspotfeedback.com/ 21 KB
9 KB 184ms
96ms Script
application/javascript 2606:4700::6811:5ffa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hubspotfeedback.com/feedbackweb-new.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2755909.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:5ffa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eca4816aa0bc42db8f08e742c5c7a3ddc4841ee94079221ab214a562a90b3515

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://merit-login.covisum.com
Referer: https://merit-login.covisum.com/

Response headers

x-request-id: 8c61469a-46c1-4ef8-b0ac-1fbb0413f9b7
content-encoding: gzip
cf-cache-status: MISS
x-amz-version-id: LbW_opE54qwY6NJ4k3cCKr2mkZfwk0Mb
etag: W/"061e7f6f2c48ce02f1e48087bf1c230b"
cache-tag: staticjsapp-feedback-web-renderer-script-web-prod,staticjsapp-prod
x-content-type-options: nosniff
x-cache: Miss from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: JQvh26bnDW-Ca0BaUEK9ZaYt4Vu_H2HVHbyC6wJ-Jj0ScN-s5Sgoiw==
x-hubspot-correlation-id: 8c61469a-46c1-4ef8-b0ac-1fbb0413f9b7
content-type: application/javascript; charset=utf-8
last-modified: Fri, 08 Nov 2024 15:10:57 UTC
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-86c46c9777-hgsx8
x-envoy-upstream-service-time: 27
x-hs-target-asset: feedback-web-renderer-ui/static-1.22334/bundles/popupInjector.js
server: cloudflare
x-evy-trace-virtual-host: all
x-amz-server-side-encryption: AES256
access-control-max-age: 3000
access-control-allow-methods: GET
x-hs-cache-status: MISS
date: Sat, 09 Nov 2024 10:21:42 GMT
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=feedback-web-renderer-ui/static-1.22334/bundles/popupInjector.js&cfRay=8dfd13d359fca2e6-EWR
via: 1.1 c5f8f8068a88ebb73e505f5e51b5262e.cloudfront.net (CloudFront)
cf-ray: 8dfd13d359fca2e6-YUL
access-control-allow-origin: *
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD12-P3

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/2755909/ 72 KB
27 KB 171ms
80ms Script
text/javascript 2606:4700:4400::6812:28f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/2755909/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2755909.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2db7ddd43bc562687e10543a1c6698421c46202eb481705c13c9cd1fc8dec234

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://merit-login.covisum.com/

Response headers

x-evy-trace-virtual-host: all
access-control-max-age: 604800
x-request-id: 9989d785-752f-4200-b209-08b96b58d4e4
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"9bc63c9095a88c5bb7df7686ab656a7a"
x-amz-version-id: aP3HE8lhA8EgkwHQUCxIH2w95uwXeEUg
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
expires: Sat, 09 Nov 2024 10:26:42 GMT
x-evy-trace-listener: listener_https
date: Sat, 09 Nov 2024 10:21:42 GMT
x-hubspot-correlation-id: 9989d785-752f-4200-b209-08b96b58d4e4
content-type: text/javascript; charset=UTF-8
last-modified: Thu, 24 Oct 2024 21:01:31 GMT
vary: origin, Accept-Encoding
x-amz-id-2: pBb0gnJI+wqbRXBuS/HHXF5/Nb1EFjBJqVKIijrWQ6ufICHlb1wVZRBcYQJ5iD/N97Yt1Evw+so=
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=300,public
timing-allow-origin: *
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-58b4c4568d-pvpcp
x-envoy-upstream-service-time: 48
access-control-allow-credentials: true
x-amz-request-id: 1AHBTCYW4VAQ65DT
cf-ray: 8dfd13d36ad6a2b4-YUL
access-control-allow-origin: https://www.covisum.com
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 web-interactives-embed.js Show response
js.hubspot.com/ 83 KB
25 KB 201ms
94ms Script
application/javascript 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hubspot.com/web-interactives-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2755909.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb60114d01e18846fc0570ef5b0c637ff1cf5f96b3cea88dd7a7a56bc587d726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://merit-login.covisum.com
Referer: https://merit-login.covisum.com/

Response headers

x-request-id: 0d8fad25-d602-4423-a159-5cafc5a013a5
content-encoding: gzip
cf-cache-status: MISS
x-amz-version-id: CxKDbkLWIG8oARp7ZgYVTZrOz3tr7GRC
etag: W/"83516cb36bba59046b931d3496c56b0c"
cache-tag: staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dtNgrh2xOlssAEWo190LEy6mO8%2B7Uq7vJ7u3XZi%2BM8yFjWnwxiZbnS3GOaDrUAr4IDpkgt0HwJ7oUMcvLPporLFYk65qx8SZ9q8T76%2BbzXIetWfRqW4Fyn2iPryM2a56puQrBqHSIELitTYl"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-cache: Miss from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: v-XnDsYo7EStN2m1mtUyU1GMZb5koBEWhMQ8sWNNCFEvDuZLgFqDug==
x-hubspot-correlation-id: 0d8fad25-d602-4423-a159-5cafc5a013a5
content-type: application/javascript; charset=utf-8
last-modified: Fri, 01 Nov 2024 15:51:22 UTC
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-86c46c9777-xwt4m
x-envoy-upstream-service-time: 35
x-hs-target-asset: web-interactives-embed/static-2.1648/bundles/project.js
server: cloudflare
x-evy-trace-virtual-host: all
x-amz-server-side-encryption: AES256
access-control-max-age: 3000
access-control-allow-methods: GET
x-hs-cache-status: MISS
date: Sat, 09 Nov 2024 10:21:42 GMT
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.1648/bundles/project.js&cfRay=8dfd13d37fa5a2c8-IAD
via: 1.1 b9e3ae23b2e5d7b2e1c159467ba23f34.cloudfront.net (CloudFront)
cf-ray: 8dfd13d37fa5a2c8-YUL
access-control-allow-origin: *
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD12-P3

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 93 KB
26 KB 120ms
30ms Script
application/javascript 2606:4700::6810:4b8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.usemessages.com/conversations-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2755909.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:4b8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

067c9537ec36da4afb93e9fec9bc7e656959b6623e9491f0092200db06657f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://merit-login.covisum.com/

Response headers

x-evy-trace-virtual-host: all
x-request-id: cab778fb-c1aa-4d83-bcb8-443e30bae6bc
content-encoding: gzip
cf-cache-status: HIT
etag: W/"437fb84b40fd41c605a366d14a984219"
x-amz-version-id: GnpHiVDEdERXJOUylwbQwpaNqjGhipG0
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
age: 452
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-hs-cache-status: MISS
x-amz-cf-id: s7w8gtVpEN8LGKj5h57WuOEkmRCZDufh_1BTRmYrQRn8sCMWnlFfSA==
date: Sat, 09 Nov 2024 10:21:42 GMT
x-hubspot-correlation-id: cab778fb-c1aa-4d83-bcb8-443e30bae6bc
content-type: application/javascript; charset=utf-8
last-modified: Thu, 31 Oct 2024 16:46:07 UTC
vary: accept-encoding
x-evy-trace-listener: listener_https
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-86c46c9777-vxksk
x-envoy-upstream-service-time: 5
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.18525/bundles/project.js&cfRay=8dd4d0d62bf3e608-IAD
via: 1.1 9d2dee9b44718f249b789987d2cbe62c.cloudfront.net (CloudFront)
cf-ray: 8dfd13d3684ca251-YUL
x-evy-trace-route-configuration: listener_https/all
x-hs-target-asset: conversations-embed/static-1.18525/bundles/project.js
x-amz-cf-pop: IAD12-P3
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 2755909.js Show response
js.hs-analytics.net/analytics/1731147600000/ 69 KB
25 KB 247ms
140ms Script
text/javascript 2606:4700::6811:afc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1731147600000/2755909.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2755909.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:afc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd8557040ff4a5997a94141d7a7518fb4fe0592063a936a42ebb73c8e8ba857f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://merit-login.covisum.com/

Response headers

x-amz-server-side-encryption: AES256
x-request-id: 938d818c-7cd8-4ee3-9ca6-ed8be9294624
content-encoding: gzip
cf-cache-status: MISS
etag: W/"de3f5cafbfa1125a4ace21f4b020f3dd"
x-amz-version-id: null
expires: Sat, 09 Nov 2024 10:26:42 GMT
x-evy-trace-listener: listener_https
date: Sat, 09 Nov 2024 10:21:42 GMT
x-hubspot-correlation-id: 938d818c-7cd8-4ee3-9ca6-ed8be9294624
content-type: text/javascript
last-modified: Tue, 22 Oct 2024 20:40:25 GMT
vary: origin, Accept-Encoding
x-amz-id-2: xgyuSuHVG1bD8o8kKekgvk74ytGQRWw3s9AL4+BkPLa/kqg/BcgKyOVPGotsADKcjQExkbO0QzD+asypC80d5Q==
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=300,public
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-58b4c4568d-t7hg7
x-envoy-upstream-service-time: 28
access-control-allow-credentials: false
x-amz-request-id: 9R2JCVEDD8SKXD28
cf-ray: 8dfd13d38af6a2cf-YUL
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-evy-trace-virtual-host: all

POST
H3 200 collect
www.google.com/ccm/ 0
0 47ms
47ms Ping
text/plain 142.250.31.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dr=merit-sso.covisum.com&dl=https%3A%2F%2Fmerit-login.covisum.com%2Fauth%2Flogin&scrsrc=www.googletagmanager.com&frm=0&rnd=1129484985.1731147702&auid=305996520.1731147702&npa=0&gtm=45He4b70v812789801za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101925629&tft=1731147702251&tfd=1325&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TK4K5MP
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.31.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bj-in-f106.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://merit-login.covisum.com/

Response headers

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 245 KB
62 KB 84ms
34ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: merit-sso.covisum.com
URL: https://merit-sso.covisum.com/sp/startSSO.ping?PartnerIdpId=merit&TargetResource=https%3a%2f%2fmerit-login.covisum.com%2fPing%2fSso%3freturnUrl%3d%252f&InErrorResource=https%3a%2f%2fmerit-login.covisum.com%2fPing%2fSso%3freturnUrl%3d%252f

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

3021878ed1e5c133103864902064b781f95339d99b91824c1a3052d028bcc2bf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-u9u6ejME' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://merit-login.covisum.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 09 Nov 2024 10:21:42 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-u9u6ejME' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=30, rtx=0, c=23, mss=1232, tbw=4436, tp=9, tpl=0, uplat=3, ullat=-1
pragma: public
x-fb-debug: HHh4X4B1QcelyJzDcxzU+Q1lXDLkTJu4G0veIQ8PPZBXQr4wak0jn72LiNUhCHUSiLY+L5c7Feh501BkJcwFCg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 63542
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 3853.js Show response
tracking.g2crowd.com/attribution_tracking/conversions/ 2 KB
2 KB 234ms
92ms Script
text/javascript 2606:4700::6812:1fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.g2crowd.com/attribution_tracking/conversions/3853.js?p=https://merit-login.covisum.com/auth/login?resume=/idp/TZmVl/resumeSAML20/idp/SSO.ping&spentity=merit&e=hs_object_id

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1fb0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4007079c4db46949a5618c692a0bb0fd8904b6c35e2fd7878b3e494db791901b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://merit-login.covisum.com/

Response headers

content-encoding: br
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
date: Sat, 09 Nov 2024 10:21:42 GMT
content-type: text/javascript;charset=UTF-8
content-disposition: inline
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
referrer-policy: no-referrer
x-download-options: noopen
cf-ray: 8dfd13d40f99a29a-YUL
access-control-allow-origin: *
x-xss-protection: 0
origin-agent-cluster: ?1
server: cloudflare

GET
H2 200 uts_lp.php Show response
www.linkconnector.com/ 230 B
484 B 302ms
152ms Script
text/javascript 2606:4700:10::ac43:1627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.linkconnector.com/uts_lp.php?cgid=901707

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TK4K5MP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f79f93362e9859f5fb237c1c932f9d4409e4f982be143880f2ba9d298cae97c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://merit-login.covisum.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: gzip
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
cf-ray: 8dfd13d41f584bbe-YUL
access-control-allow-origin: https://merit-login.covisum.com
content-length: 197
p3p: CP="NOI DSP COR NID CUR OUR NOR"
date: Sat, 09 Nov 2024 10:21:42 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
x-server: lcweb1
server: cloudflare

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 88 KB
28 KB 180ms
37ms Script
text/javascript 2600:9000:26c1:f000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TK4K5MP
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26c1:f000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 84de47ed6481524074cd5e375bb773f01b59fa6452539b3b60cdb916914ca0e1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://merit-login.covisum.com/

Response headers

Access-Control-Max-Age: 600
Content-Encoding: gzip
X-Amz-Version-Id: XRapE5DFdXRGc5myIfsDq4zGHQVtai2E
Etag: W/"792eca3181a87960d692c005437f63e0"
Age: 2703
Access-Control-Allow-Methods: GET
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: G_yTZKMLgiF79occjL-UPe-WmSUbBRe4IBaL0sz4_hBsila2z0rz4Q==
Date: Sat, 09 Nov 2024 09:36:40 GMT
Content-Type: text/javascript
Vary: accept-encoding
Last-Modified: Tue, 15 Oct 2024 15:51:52 GMT
Access-Control-Allow-Headers: *
Transfer-Encoding: chunked
Cache-Control: max-age=3600, must-revalidate
Connection: keep-alive
Access-Control-Allow-Credentials: false
Via: 1.1 05f27386f4cfcb918eb11b3fea4d975e.cloudfront.net (CloudFront)
Access-Control-Allow-Origin: *
X-Amz-Cf-Pop: IAD61-P1
Server: AmazonS3
X-Amz-Server-Side-Encryption: AES256

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame CA24 0
0 101ms
34ms Document
text/html 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fmerit-login.covisum.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TK4K5MP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Nov 2024 10:21:42 GMT
expires: Sun, 09 Nov 2025 10:21:42 GMT
last-modified: Mon, 21 Oct 2024 16:58:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 335 B
984 B 81ms
79ms XHR
application/json 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=2755909&conversations-embed=static-1.18525&mobile=false&messagesUtk=50fd1af5078c42f68f99b027ac7b6742&traceId=50fd1af5078c42f68f99b027ac7b6742&referrer=https%3A%2F%2Fmerit-sso.covisum.com%2F

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b7ff68a8653616e2560fe0ba518059bf4826ef95866534e09ffc7fa2de9f1dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
X-HubSpot-Messages-Uri: https://merit-login.covisum.com/auth/login?resume=/idp/TZmVl/resumeSAML20/idp/SSO.ping&spentity=merit
Referer: https://merit-login.covisum.com/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ck%2FkJ%2Fkhk3QEhMHNNUA%2BYCMgHNtBJNFuZ0vJ1JEY7dIG4bH7FYygZnH4jqoVc8mSnV%2FD8OF9zRAYrzfmGTKieEhzlJ60Jtl4WjTTri%2BLJxmc2pitEF0sGUA88%2F5AQEcGp0UNIrB2JIhx7kc4fg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-content-type-options: nosniff
date: Sat, 09 Nov 2024 10:21:42 GMT
x-hubspot-correlation-id: a1923444-816b-42c8-87d5-b4c2cc363dcf
content-type: application/json;charset=utf-8
vary: origin, Accept-Encoding
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: false
cf-ray: 8dfd13d48831a2c8-YUL
access-control-allow-origin: https://merit-login.covisum.com
content-length: 256
server: cloudflare

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 127ms
62ms Preflight
text/plain 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://merit-login.covisum.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://merit-login.covisum.com
allow: HEAD,GET,OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 8dfd13d42fdca2c8-YUL
content-length: 18
content-type: text/plain; charset=utf-8
date: Sat, 09 Nov 2024 10:21:42 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MCt7U%2Bmz%2BGnv%2FcG7AiRuBvjlcpkjRnFYDT4s2dwNFpwcfM4IaPWY58eUEZzsyerHxlJ%2BnEI%2FuB3hVJ%2F1APuZ2sV2qfOmn4WWUtuRtsXapA9XZMEl7w5hHzJRxLOxoDT5bym%2BgMRU35n9jBWB6g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-hubspot-correlation-id: 82259fa1-7f75-4975-a983-5cad98556f99

GET
H3 200 1344592172286778 Show response
connect.facebook.net/signals/config/ 50 KB
10 KB 156ms
155ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1344592172286778?v=next&r=canary&domain=merit-login.covisum.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C44%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C169%2C142%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C5%2C90%2C81%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

0f72ca35279621f1bc7969dcfbaf84995b4110c2b6409fab48984fcd266fde98

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-cdawScCB' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://merit-login.covisum.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 09 Nov 2024 10:21:42 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-cdawScCB' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=32, rtx=0, c=76, mss=1232, tbw=71748, tp=66, tpl=0, uplat=121, ullat=0
pragma: public
x-fb-debug: Shyn88CdmD9GprdhQkSMBf+jz2MupBQ8/SFXSIad0AQ7vpwk1nLXjje1/gDx8is4BnnyGaZBIryb51JPm7ICUA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 combinedConfigs Show response
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/ 95 B
1 KB 110ms
64ms Fetch
application/json 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=2755909&currentUrl=https%3A%2F%2Fmerit-login.covisum.com%2Fauth%2Flogin%3Fresume%3D%2Fidp%2FTZmVl%2FresumeSAML20%2Fidp%2FSSO.ping%26spentity%3Dmerit&referrer=https%3A%2F%2Fmerit-sso.covisum.com%2F

Requested by

Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f212e942ac33fd93669f03a55e2c0192224cdb6870b376fac8d3c5255cd01225

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://merit-login.covisum.com/

Response headers

x-robots-tag: noindex, follow
access-control-max-age: 180
x-request-id: 733e39da-1589-4f2b-9569-167ac7c4533f
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qxwoyKskZn8gI%2BBkPf3dJJgxXZ%2BEDnnYDjtsEjdfmhYUBS7PPi0VmRIpHiTnIuFEllmJOT8%2FKnKcs6HHpcKBiFp2sLH%2FLDGpwStN1mQRDG1EmJVa%2FQUNFqvBCVHco%2B8YkZ92qJ85e9HS7kABRm%2Bw66bP96CCC1%2FcqN4%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
access-control-allow-methods: OPTIONS, GET
x-evy-trace-listener: listener_https
date: Sat, 09 Nov 2024 10:21:42 GMT
x-hubspot-correlation-id: 733e39da-1589-4f2b-9569-167ac7c4533f
content-type: application/json;charset=utf-8
vary: origin
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0, no-cache, no-store
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-6c6b56f4b-tbrhv
x-envoy-upstream-service-time: 8
access-control-allow-credentials: true
cf-ray: 8dfd13d4c845a2c8-YUL
access-control-allow-origin: https://merit-login.covisum.com
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-evy-trace-virtual-host: all

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/47VG5N67VNHO3DF22MMCPK/BIF3K5XSYJEXDPNZPCTBJN/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
756 B

59ms
33ms

Script
application/javascript

2600:9000:26c1:f000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Requested by: Host: merit-login.covisum.com
URL: https://merit-login.covisum.com/auth/login?resume=/idp/TZmVl/resumeSAML20/idp/SSO.ping&spentity=merit
Protocol: HTTP/1.1
Server: 2600:9000:26c1:f000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://merit-login.covisum.com/

Response headers

Access-Control-Max-Age: 600
X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Age: 13505
Access-Control-Allow-Methods: GET
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: VDX27kSOdAJkBtHXb83QoQ1y3OSUlGUqgWyZiJLhsIUeodvlOBlj4w==
Date: Sat, 09 Nov 2024 06:36:38 GMT
Content-Type: application/javascript
Vary: Accept-Encoding
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Access-Control-Allow-Headers: *
Connection: keep-alive
Access-Control-Allow-Credentials: false
Via: 1.1 9bba1485ff47cf63bc393925f38d12fc.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 0
X-Amz-Cf-Pop: IAD61-P1
Server: AmazonS3
X-Amz-Server-Side-Encryption: AES256

Redirect headers

Access-Control-Max-Age: 600
Age: 72463
Access-Control-Allow-Methods: GET
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: vrQvQ4JnyVPSbGyLTA2izYcWTSrHqt2s_h2uRIbkp1N9ETRslUzO0g==
Date: Fri, 08 Nov 2024 14:13:58 GMT
Content-Type: application/xml
Access-Control-Allow-Headers: *
Location: https://s.adroll.com/j/pre/index.js
Connection: keep-alive
Access-Control-Allow-Credentials: false
Via: 1.1 05f27386f4cfcb918eb11b3fea4d975e.cloudfront.net (CloudFront)
Access-Control-Allow-Origin: *
Content-Length: 0
X-Amz-Cf-Pop: IAD61-P1
Server: AmazonS3

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/47VG5N67VNHO3DF22MMCPK/BIF3K5XSYJEXDPNZPCTBJN/ 0
809 B 70ms
36ms Script
text/javascript 2600:9000:26c1:f000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/47VG5N67VNHO3DF22MMCPK/BIF3K5XSYJEXDPNZPCTBJN/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26c1:f000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://merit-login.covisum.com/

Response headers

Access-Control-Max-Age: 600
X-Amz-Version-Id: _fxgddnQfSI3140U_u4egQAbT4bH5W9o
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Age: 2170
Access-Control-Allow-Methods: GET
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: TDnUjnybqWiX5jsq7gnLgczhCc21bUrIBtF8tZA9YKDR-1G_uDg7zQ==
Date: Sat, 09 Nov 2024 09:45:33 GMT
Content-Type: text/javascript; charset=utf-8
Vary: Accept-Encoding
Last-Modified: Fri, 01 Nov 2024 12:57:37 GMT
Access-Control-Allow-Headers: *
Cache-Control: max-age=3600, must-revalidate
Connection: keep-alive
Access-Control-Allow-Credentials: false
Via: 1.1 05f27386f4cfcb918eb11b3fea4d975e.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 0
X-Amz-Cf-Pop: IAD61-P1
Server: AmazonS3
X-Amz-Server-Side-Encryption: AES256

POST
H2 200 assign
tracking.g2crowd.com/attribution_tracking/conversions/ 0
0 72ms
71ms Ping
text/html 2606:4700::6812:1fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.g2crowd.com/attribution_tracking/conversions/assign
Requested by: Host: tracking.g2crowd.com
URL: https://tracking.g2crowd.com/attribution_tracking/conversions/3853.js?p=https://merit-login.covisum.com/auth/login?resume=/idp/TZmVl/resumeSAML20/idp/SSO.ping&spentity=merit&e=hs_object_id
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryY3fLNg2wObW7tylR
Referer: https://merit-login.covisum.com/

Response headers

GET
H2 200 47VG5N67VNHO3DF22MMCPK Show response
d.adroll.com/consent/check/ 574 B
667 B 178ms
45ms Script
application/javascript 2600:1f18:61c0:2204:73f0:257d:3ae9:9b4f
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/47VG5N67VNHO3DF22MMCPK?flg=1&pv=49636909089.84975&arrfrr=https%3A%2F%2Fmerit-login.covisum.com%2Fauth%2Flogin%3Fresume%3D%2Fidp%2FTZmVl%2FresumeSAML20%2Fidp%2FSSO.ping%26spentity%3Dmerit&_s=92320188c9cd289c13ba12321540ce57&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:61c0:2204:73f0:257d:3ae9:9b4f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: df82b149c5cb0287d0e95f10851b556e476399fff1fb8f9ef16406cc6f8dc368

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://merit-login.covisum.com/

Response headers

content-length: 574
date: Sat, 09 Nov 2024 10:21:42 GMT
content-type: application/javascript
server: nginx/1.22.1

GET
H3 200 counters.gif
perf-na1.hsforms.com/embed/v3/ 35 B
927 B 150ms
69ms Image
image/gif 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1

Requested by

Host: merit-login.covisum.com
URL: https://merit-login.covisum.com/auth/login?resume=/idp/TZmVl/resumeSAML20/idp/SSO.ping&spentity=merit

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://merit-login.covisum.com/

Response headers

x-robots-tag: none
x-request-id: 4f8fd228-b0b5-46f3-aa72-0d8c6b2f134b
access-control-expose-headers: X-Origin-Hublet
cf-cache-status: MISS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-evy-trace-listener: listener_https
date: Sat, 09 Nov 2024 10:21:42 GMT
x-hubspot-correlation-id: 4f8fd228-b0b5-46f3-aa72-0d8c6b2f134b
content-type: image/gif
vary: origin, Accept-Encoding
last-modified: Sat, 09 Nov 2024 10:21:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0, no-cache, no-store
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-6c6b56f4b-dvg97
x-envoy-upstream-service-time: 3
access-control-allow-credentials: false
cf-ray: 8dfd13d5bc3aabd0-YYZ
accept-ranges: bytes
x-evy-trace-route-configuration: listener_https/all
content-length: 35
server: cloudflare
x-evy-trace-virtual-host: all

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 115ms
38ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1344592172286778&ev=PageView&dl=https%3A%2F%2Fmerit-login.covisum.com&rl=https%3A%2F%2Fmerit-sso.covisum.com&if=false&ts=1731147702634&sw=1600&sh=1200&v=next&r=canary&ec=0&o=8220&pm=1&hrl=47d339&ler=other&cdl=API_unavailable&it=1731147702452&coo=false&cs_cc=1&ccpt=2.59999942779541&uppt=0.19999980926513672&uvpt=0.3000001907348633&ttf=1539&bdt=165.89999961853027&bdsize=250984&btsize=63542&brbs=0&cdt=159.30000019073486&cdsize=51205&ctsize=10394&crbs=0&let=19.300000190734863&upcl=1&upurlcl=4&cccl=2&wcacl=8&rqm=GET

Requested by

Host: merit-login.covisum.com
URL: https://merit-login.covisum.com/auth/login?resume=/idp/TZmVl/resumeSAML20/idp/SSO.ping&spentity=merit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://merit-login.covisum.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=31, rtx=0, c=10, mss=1297, tbw=2938, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sat, 09 Nov 2024 10:21:42 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 134ms
59ms Image
image/png 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1344592172286778&ev=PageView&dl=https%3A%2F%2Fmerit-login.covisum.com&rl=https%3A%2F%2Fmerit-sso.covisum.com&if=false&ts=1731147702634&sw=1600&sh=1200&v=next&r=canary&ec=0&o=8220&pm=1&hrl=47d339&ler=other&cdl=API_unavailable&it=1731147702452&coo=false&cs_cc=1&ccpt=2.59999942779541&uppt=0.19999980926513672&uvpt=0.3000001907348633&ttf=1539&bdt=165.89999961853027&bdsize=250984&btsize=63542&brbs=0&cdt=159.30000019073486&cdsize=51205&ctsize=10394&crbs=0&let=19.300000190734863&upcl=1&upurlcl=4&cccl=2&wcacl=8&rqm=FGET

Requested by

Host: merit-login.covisum.com
URL: https://merit-login.covisum.com/auth/login?resume=/idp/TZmVl/resumeSAML20/idp/SSO.ping&spentity=merit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://merit-login.covisum.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7435222765335362474"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 09 Nov 2024 10:21:42 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: v7bBl8FZNwNGlpdKDPlB0O7Y57ZecKUo/6CGdOn065RwySG7O8/c5ZBxBJmDh7+rCuVb5THACJCY1HyjJjcy3w==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7435222765335362474", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=31, rtx=0, c=10, mss=1297, tbw=3256, tp=-1, tpl=-1, uplat=22, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 feedback-web-fetcher
app.hubspot.com/ Frame 48FD 0
0 193ms
102ms Document
text/html 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/feedback-web-fetcher

Requested by

Host: js.hubspotfeedback.com
URL: https://js.hubspotfeedback.com/feedbackweb-new.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	no-sniff

Request headers

Referer: https://merit-login.covisum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age: 69568
cache-control: max-age=0, no-cache, no-store
cf-cache-status: HIT
cf-ray: 8dfd13d72d8ca2ac-YUL
content-encoding: br
content-security-policy-report-only: script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: *.fullstory.com fullstory.com apis.google.com; report-uri https://send.hsbrowserreports.com/csp/report?resource=feedback-web-renderer-ui/static-1.22336/html/fetcher.html&cfRay=8dfd13d72d8ca2ac&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Ffeedback-web-fetcher&referrer=https%3A%2F%2Fmerit-login.covisum.com%2F&cfenv=prod&pdt=2024-11-09&csp=ro
content-type: text/html; charset=utf-8
date: Sat, 09 Nov 2024 10:21:42 GMT
etag: W/"95a8f57e2ae3b25d95e565013c29b88f"
expires: Sun, 10 Nov 2024 10:21:42 GMT
last-modified: Fri, 08 Nov 2024 14:49:26 GMT
nel: {"report_to":"nel","max_age":86400}
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]} {"group":"nel","max_age":86400,"endpoints":[{"url":"https://nel.hsbrowserreports.com/browser/reporting/reports"}]}
reporting-endpoints: default="https://send.hsbrowserreports.com/csp/reports?cfRay=8dfd13d72d8ca2ac&resource=feedback-web-renderer-ui/static-1.22336/html/fetcher.html"
server: cloudflare
server-timing: cfr;desc=8dfd13d72d8ca2ac, d;desc="feedback-web-renderer-ui#f83abd58-ae46-4382-a1d8-c92143f714a6"
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: accept-encoding
via: 1.1 3042bd56e0ca0a7910df89f6b5e95e9e.cloudfront.net (CloudFront)
x-amz-cf-id: yGsqO0oZKGOILY_aB8OnFUc9Ki8xi7QU_jUErtvm5AmFHbDY-gSvWA==
x-amz-cf-pop: IAD12-P3
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: OisfdJ1BjlH6kv5N0FxTYPWoEcgODmCx
x-cache: Miss from cloudfront
x-content-type-options: no-sniff
x-hs-target-asset: feedback-web-renderer-ui/static-1.22336/html/fetcher.html
x-hs-worker-debug-mode: false

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 151ms
61ms Image
image/gif 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-ca&bfp=285013600&v=1.1&a=2755909&r=https%3A%2F%2Fmerit-sso.covisum.com%2F&pu=https%3A%2F%2Fmerit-login.covisum.com%2Fauth%2Flogin%3Fresume%3D%2Fidp%2FTZmVl%2FresumeSAML20%2Fidp%2FSSO.ping%26spentity%3Dmerit&t=Login+-+Social+Security+Timing+-+Identity+Provider&cts=1731147702793&vi=e0c7a4f3b89bd2814a8b01ab33a1af74&nc=true&u=213953096.e0c7a4f3b89bd2814a8b01ab33a1af74.1731147702788.1731147702788.1731147702788.1&b=213953096.1.1731147702788&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://merit-login.covisum.com/

Response headers

x-robots-tag: none
x-request-id: 411dc097-ca57-4b10-880a-3fea4aaa00be
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wzpqXeNrdCiW6BYw9j5A3yUu3seZwx9YU25i5aZyTw3Ya3sRHitic7e7alKVKlJ8tQt0SJqLoA2HZhQA3RY5YPrAFQNKC7jY4yZIXy5ohWID340sMrwnid1x8Xu2NV9DZQoI%2BvyPXtJv%2FyXFG437"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-evy-trace-listener: listener_https
p3p: CP="NOI CUR ADM OUR NOR STA NID"
date: Sat, 09 Nov 2024 10:21:42 GMT
x-hubspot-correlation-id: 411dc097-ca57-4b10-880a-3fea4aaa00be
content-type: image/gif
vary: origin, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: no-cache, no-store, no-transform
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-746d57b5c6-fwzdf
x-envoy-upstream-service-time: 4
access-control-allow-credentials: false
cf-ray: 8dfd13d72d43a2c0-YUL
x-evy-trace-route-configuration: listener_https/all
content-length: 45
server: cloudflare
x-evy-trace-virtual-host: all

OPTIONS
H2 204 track
dc.services.visualstudio.com/v2/ Frame 0
0 560ms
72ms Preflight 52.179.73.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.179.73.36 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://merit-login.covisum.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context,X-Set-Cross-Origin-Resource-Policy
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
date: Sat, 09 Nov 2024 10:21:42 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ 96 B
200 B 78ms
77ms XHR
application/json 52.179.73.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.179.73.36 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

b532f3a8837f512daecefe598b9d6f71c10f4cabaa16af27f02859862037eb65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://merit-login.covisum.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/json
Sdk-Context: appId

Response headers

strict-transport-security: max-age=31536000
access-control-allow-origin: *
date: Sat, 09 Nov 2024 10:21:42 GMT
content-type: application/json; charset=utf-8
server: Microsoft-HTTPAPI/2.0
x-content-type-options: nosniff

GET
H/1.1 200
OK favicon.ico
merit-login.covisum.com/ 31 KB
32 KB 56ms
56ms Other
image/x-icon 40.86.99.202
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://merit-login.covisum.com/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.86.99.202 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

a94f8a8553caea8430dd4ca3cc01d4e318d19828f74cb65453ffb7f5d9e2f44d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://merit-login.covisum.com/auth/login?resume=/idp/TZmVl/resumeSAML20/idp/SSO.ping&spentity=merit

Response headers

X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Expose-Headers: Request-Context
ETag: "04accb65cf9da1:0"
Referrer-Policy: no-referrer, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Request-Context: appId=cid-v1:2f7a7a68-1c89-4dcf-847f-37923af875f7
Permissions-Policy: geolocation=()
Accept-Ranges: bytes
Content-Length: 32038
Date: Sat, 09 Nov 2024 10:21:42 GMT
Content-Type: image/x-icon
Last-Modified: Wed, 28 Aug 2024 15:12:36 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET

GET
H3 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame E697 0
0 20ms
19ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.128.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://merit-login.covisum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1119405
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=31536000
content-encoding: br
content-length: 122
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 09 Nov 2024 10:21:46 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Fri, 25 Oct 2024 20:04:30 GMT
origin-agent-cluster: ?1
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 72663
x-content-type-options: nosniff
x-request-id: 15f56c65-56d7-45be-b380-3fe25c6d502d
x-served-by: cache-yul1970022-YUL

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
merit-sso.covisum.com/	1969-12-31 23:59:59	Name: PF Value: kgzFOrsFa5ZFlq913t2jsClUInWaForleVcSIMb07uH8
merit-login.covisum.com/	1969-12-31 23:59:59	Name: DSMS Value: 5d3342d0-6a3f-4dba-8916-a96630ee2d2f
merit-login.covisum.com/	1970-01-21 09:38:03	Name: ai_user Value: sVx3k\|2024-11-09T10:21:42.198Z
.covisum.com/	1970-01-21 03:02:03	Name: _gcl_au Value: 1.1.305996520.1731147702
.g2crowd.com/	1970-01-21 00:52:29	Name: __cf_bm Value: jqik..my46.7ePRygvasWOUUqNOVPhxWHElrSCeL_5I-1731147702-1.0.1.1-508ka4L7UK.7NN2_nbLKYyyv1TBrTzMlU_0CxALy2krBKUyyb6nMRPmuS0U8GOWDpvO.e33rqGCBxTYVbYbLBA
merit-login.covisum.com/	1970-01-21 00:52:29	Name: ai_session Value: JEH9I\|1731147702565.4\|1731147702565.4
.hsforms.com/	1970-01-21 00:52:29	Name: __cf_bm Value: 9OSFvANrnJaYSswcdfwzJBxxHqvc.9OgzVxs19mNiNQ-1731147702-1.0.1.1-niM3kU0liUKzxtQ2YIdFJwA6YjHFtEHHIprG0AYgy.9Ku7TKXEhvt0zDxg2WQbzt71BHf4eQ8y0Ttj5S73lqDg
.hsforms.com/	1969-12-31 23:59:59	Name: _cfuvid Value: laJgdUEK3CgLR9EyThy140ilGdV65VaEvYS6PU6BZlU-1731147702713-0.0.1.1-604800000
.covisum.com/	1970-01-21 05:11:39	Name: __hstc Value: 213953096.e0c7a4f3b89bd2814a8b01ab33a1af74.1731147702788.1731147702788.1731147702788.1
.covisum.com/	1970-01-21 05:11:39	Name: hubspotutk Value: e0c7a4f3b89bd2814a8b01ab33a1af74
.covisum.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.covisum.com/	1970-01-21 00:52:29	Name: __hssc Value: 213953096.1.1731147702788
.hubspot.com/	1970-01-21 00:52:29	Name: __cf_bm Value: 9No6K9jc0fUx9T.VGBOZ8daJzhNzoUc1JFeU4mNUS3A-1731147702-1.0.1.1-c2Ot2VbA86vx2sZh8aLNuMCr58rOzKzaMuASCYO9x9OUCrlWAPU9924dOSA2DyBOL527.dD1zyAd6GqWC042SQ
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 3Wgd_gZ6LdlhlrGUitH1YPQ2bWetTYKPJnY23BWx4nw-1731147702980-0.0.1.1-604800000

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://merit-login.covisum.com/auth/login?resume=/idp/TZmVl/resumeSAML20/idp/SSO.ping&spentity=merit Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://merit-login.covisum.com/Content/json/merit.json Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubspot.com
app.hubspot.com
az416426.vo.msecnd.net
connect.facebook.net
cta-service-cms2.hubspot.com
d.adroll.com
dc.services.visualstudio.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hubspot.com
js.hubspotfeedback.com
js.stripe.com
js.usemessages.com
ka-p.fontawesome.com
kit.fontawesome.com
merit-login.covisum.com
merit-sso.covisum.com
perf-na1.hsforms.com
s.adroll.com
track.hubspot.com
tracking.g2crowd.com
www.facebook.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.linkconnector.com
104.18.80.204
142.250.31.106
151.101.128.176
151.101.192.176
172.253.122.94
2600:1f18:61c0:2204:73f0:257d:3ae9:9b4f
2600:9000:26c1:f000:6:9280:1080:93a1
2606:2800:11f:17a5:191a:18d5:537:22f9
2606:4700:10::ac43:1627
2606:4700:4400::6812:28f0
2606:4700:4400::ac40:93bc
2606:4700::6810:4b8e
2606:4700::6810:7574
2606:4700::6810:7674
2606:4700::6810:8ad1
2606:4700::6811:5ffa
2606:4700::6811:afc9
2606:4700::6812:1fb0
2607:f8b0:4004:c19::61
2a03:2880:f103:83:face:b00c:0:25de
31.13.66.19
40.86.99.202
52.179.73.36
52.230.225.209
067c9537ec36da4afb93e9fec9bc7e656959b6623e9491f0092200db06657f1c
0f72ca35279621f1bc7969dcfbaf84995b4110c2b6409fab48984fcd266fde98
236bd193c37b436e52c781b6ae9478475e0ad9e6cb5749d0ec22f09b9acc8fa3
2a5a0619602464b362dadca03f74bc85da078cf8f4e63b3f399be163850ebf63
2db7ddd43bc562687e10543a1c6698421c46202eb481705c13c9cd1fc8dec234
3021878ed1e5c133103864902064b781f95339d99b91824c1a3052d028bcc2bf
4007079c4db46949a5618c692a0bb0fd8904b6c35e2fd7878b3e494db791901b
42ffeae687ee562cc3d669407321ce1754cc922ed793e3371efac196b33cbf47
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
5dba1570e2c1f739e153f9c8d38e73de101eb05a1c3b158b3a267e55c4b545a8
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
8417f74d0804a6d798654f34254787f00e4876323c25d52a76a0381b23b39287
84de47ed6481524074cd5e375bb773f01b59fa6452539b3b60cdb916914ca0e1
95d68bbe04d75bc5c8b927214fb557e0627765cbc33f8ce7d8bb635e63150414
9b7ff68a8653616e2560fe0ba518059bf4826ef95866534e09ffc7fa2de9f1dc
a26394f7ede100ca118eff2eda08596275a9839b959c226e15439557a5a80742
a8d974004490975721966fcfd1ed3fb5abb359ae01a2f374738760adf4552492
a94f8a8553caea8430dd4ca3cc01d4e318d19828f74cb65453ffb7f5d9e2f44d
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ae7c0230749b8a1ac31acdabea1094f958afa5775035ae537cda4a07bf973582
b0039572c779f34068128b2e9773bc8b360a052dd9812b0218928d2e1abfa915
b4a50fe063a21d640cb4c0086d78c06fb15b224276fccb2058a190f3f8ad615f
b532f3a8837f512daecefe598b9d6f71c10f4cabaa16af27f02859862037eb65
b7920c3ee4d6bb39bee9aead6cbf6e02254f8b2ec119b695fe252837cb2e69a0
bbb9beb2137ef8db06380f09651cbb7397f16a984da4a8ecede7997f683f118f
c24cd9a59e49bdc340301c7052123fe3b6ba76d6cebb2e5ccdd3e6274a58050d
c7b14a21dc882375a36c06ac2b4e7107590b1aa05b7f07367afacd851719e734
cb60114d01e18846fc0570ef5b0c637ff1cf5f96b3cea88dd7a7a56bc587d726
cd8557040ff4a5997a94141d7a7518fb4fe0592063a936a42ebb73c8e8ba857f
d6ed3d36c41e13c3beab7317129b94a92a7963e43203b2084b4aeec631112ce9
d7e57a93f899ebc9dfb9af71295c5aed2840aeb804bc11c2ef03eb63b05367b2
dc0ef64bc5c92e8e7f003fdbbdcbd86b50b99d5254213ce1779cd90229c67242
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
df82b149c5cb0287d0e95f10851b556e476399fff1fb8f9ef16406cc6f8dc368
e1f709a813278aad038de9c25b3ee0ff1ea51f03ea7053c99d7d76edf4a4a618
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7037f66431e8b8bae6e20aa126a78c870c81695de62a644630226b776f498e6
eca4816aa0bc42db8f08e742c5c7a3ddc4841ee94079221ab214a562a90b3515
f0fdba09e5424857290d8e5aa6beb9953d22465dd8cd82e760e549a3f0663320
f212e942ac33fd93669f03a55e2c0192224cdb6870b376fac8d3c5255cd01225
f330331d31bdbad2cc6a5626e84203cf05b159061e72a6760532fb0b234348e9
f79f93362e9859f5fb237c1c932f9d4409e4f982be143880f2ba9d298cae97c0
f8e5f5ce9ff44073cff24bcd3d2b8aa4e67b67891b14ff929fe4743880fdf82e

merit-login.covisum.com Open in urlscan Pro 40.86.99.202 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

56 Requests

98 %HTTPS

63 %IPv6

20 Domains

27 Subdomains

24 IPs

2 Countries

1152 kBTransfer

3947 kBSize

14 Cookies

1 Outgoing links

Page URL History

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

merit-login.covisum.com Open in urlscan Pro
40.86.99.202 Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

98 %
HTTPS

63 %
IPv6

20
Domains

27
Subdomains

24
IPs

2
Countries

1152 kB
Transfer

3947 kB
Size

14
Cookies

56 HTTP transactions
0 data transactions