urlscan.io logo urlscan.io
SecurityTrails logo

account.covermymeds.com Open in urlscan Pro
66.97.160.55  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.covermymeds.com/request/view/BBQPVT6A
Effective URL: https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FBBQPVT6A
Submission: On March 03 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 4 countries across 14 domains to perform 47 HTTP transactions. The main IP is 66.97.160.55, located in United States and belongs to CMM-ATL, US. The main domain is account.covermymeds.com.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on February 7th 2020. Valid for: 2 years.
This is the only time account.covermymeds.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

14    66.97.160.55 (United States)

ASN396458 (CMM-ATL, US)
www.covermymeds.com
account.covermymeds.com
4    66.97.160.33 (United States)

ASN396458 (CMM-ATL, US)
chat.covermymeds.com
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    143.204.97.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-97-108.fra50.r.cloudfront.net
cdn.pendo.io
8    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a02:26f0:6c00:28c::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
www.googleadservices.com
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    143.204.94.161 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-94-161.fra50.r.cloudfront.net
js.adsrvr.org
2    2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2620:119:50e1:101::6cae:b25 (United States)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.linkedin.com
3    2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    54.77.184.190 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-184-190.eu-west-1.compute.amazonaws.com
insight.adsrvr.org
2    2a00:1450:4001:800::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
data.pendo.io
Domain Requested by
8 www.google-analytics.com www.googletagmanager.com
account.covermymeds.com
www.google-analytics.com
8 account.covermymeds.com account.covermymeds.com
6 www.covermymeds.com 2 redirects account.covermymeds.com
www.covermymeds.com
4 chat.covermymeds.com account.covermymeds.com
chat.covermymeds.com
3 www.google.de account.covermymeds.com
3 www.google.com account.covermymeds.com
2 data.pendo.io cdn.pendo.io
2 px.ads.linkedin.com 1 redirects account.covermymeds.com
2 stats.g.doubleclick.net www.google-analytics.com
2 connect.facebook.net account.covermymeds.com
connect.facebook.net
2 bat.bing.com www.googletagmanager.com
account.covermymeds.com
1 insight.adsrvr.org js.adsrvr.org
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.facebook.com account.covermymeds.com
1 www.linkedin.com 1 redirects
1 js.adsrvr.org www.googletagmanager.com
1 www.googleadservices.com www.googletagmanager.com
1 snap.licdn.com www.googletagmanager.com
1 cdn.pendo.io account.covermymeds.com
1 www.googletagmanager.com account.covermymeds.com
47 20

This site contains links to these domains. Also see Links.

Domain
www.covermymeds.com
Subject Issuer Validity Valid
*.covermymeds.com
Sectigo RSA Organization Validation Secure Server CA		 2020-02-07 -
2022-02-06		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
cdn.pendo.io
DigiCert SHA2 Extended Validation Server CA		 2019-06-04 -
2021-09-02		 2 years crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2019-04-01 -
2021-05-07		 2 years crt.sh
www.googleadservices.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2021-01-19 -
2021-07-19		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-02-10 -
2021-05-10		 3 months crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1		 2019-03-07 -
2021-04-19		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2021-01-06 -
2021-07-05		 6 months crt.sh
www.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
www.google.de
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.google.de
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
data.pendo.io
GTS CA 1D2		 2021-01-27 -
2021-04-27		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FBBQPVT6A
Frame ID: F0DB51F45DA8FE762919F2CA99BF5D52
Requests: 46 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=yi9xlz1&ref=https%3A%2F%2Faccount.covermymeds.com%2F%3Fdestination_url%3Dhttps%253A%252F%252Fwww.covermymeds.com%252Frequest%252Fview%252FBBQPVT6A&upid=c7xdx7r&upv=1.1.0
Frame ID: 6A40DDEC831E840C37F0F76873A3B90A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.covermymeds.com/request/view/BBQPVT6A HTTP 302
    https://www.covermymeds.com/user/login HTTP 302
    https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FBBQPVT6A Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

47
Requests

100 %
HTTPS

68 %
IPv6

14
Domains

20
Subdomains

18
IPs

4
Countries

1316 kB
Transfer

3098 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.covermymeds.com/request/view/BBQPVT6A HTTP 302
    https://www.covermymeds.com/user/login HTTP 302
    https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FBBQPVT6A Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=34915&time=1614734335034&url=https%3A%2F%2Faccount.covermymeds.com%2F%3Fdestination_url%3Dhttps%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FBBQPVT6A HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D34915%26time%3D1614734335034%26url%3Dhttps%253A%252F%252Faccount.covermymeds.com%252F%253Fdestination_url%253Dhttps%253A%252F%252Fwww.covermymeds.com%252Frequest%252Fview%252FBBQPVT6A%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=34915&time=1614734335034&url=https%3A%2F%2Faccount.covermymeds.com%2F%3Fdestination_url%3Dhttps%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FBBQPVT6A&liSync=true

47 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
account.covermymeds.com/
Redirect Chain
  • https://www.covermymeds.com/request/view/BBQPVT6A
  • https://www.covermymeds.com/user/login
  • https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FBBQPVT6A
9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FBBQPVT6A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.97.160.55 , United States, ASN396458 (CMM-ATL, US),
Reverse DNS
Software
Apache /
Resource Hash
a16a87b871175aa99e1960780def505a23d1e3e4967c3530ab609d308e4e4e32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
account.covermymeds.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Mar 2021 01:18:54 GMT
Server
Apache
Cache-Control
max-age=0, private, must-revalidate
Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
strict-origin-when-cross-origin
X-Permitted-Cross-Domain-Policies
none
X-XSS-Protection
1; mode=block
X-Request-Id
dd697875-acba-4e1b-8d12-b3468b7c231a
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Content-Type-Options
nosniff
Set-Cookie
_account_session=QUg4T0dTVmlxdXdocXVCVXBJRm5kSlJwL0xaZHZ4VEpiNC9aNTdRK1pTMXpWU0hoZ3JSZW9LZ0d3V2VxQVE2aEZJMGxDbDhMRWRmL0x2cklCNWpQVXVMblM3bHBEV25MOEFTLzk0MDNhMGR1VHRQY0NiZUxPS1hzbnF5RXZLVzFsSDBtS1Yvd3hmWlJGMnBETHUxaFF0SFlCdGUvSHptTXYvT0UxRWE3UDBFTEp3S0NNTHU2MUlvSFpGenNpQVZzKy8vOWRtdjlWZVNtTDROWjZtNHcwbDVJOFdLWjZhR1R1T0htSXc4M1hiZ3I1d09oSHFQWmdCb3pLWks0dW95bS0tT3JIWWd0TW5pWVZYV1JsUEtXaDVpQT09--4610908d922e10ba7454da944422a1ff44d172fd; path=/; secure; HttpOnly;HttpOnly;Secure cookiesession1=11538282V2E9LNKNDHPRC4OQHIKC8908;Path=/;HttpOnly
ETag
W/"a16a87b871175aa99e1960780def505a"
Content-Length
3918
Status
200 OK
Vary
Accept-Encoding
X-Cnection
close
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Connection
Keep-Alive

Redirect headers

Date
Wed, 03 Mar 2021 01:18:53 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Location
https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FBBQPVT6A
Content-Length
0
X-Cnection
close
Content-Type
text/html; charset=UTF-8
Strict-Transport-Security
max-age=31536000
application-dd45911632e25303f2d61773743e3a39.css
account.covermymeds.com/packs/ 		249 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://account.covermymeds.com/packs/application-dd45911632e25303f2d61773743e3a39.css
Requested by
Host: account.covermymeds.com
URL: https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FBBQPVT6A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.97.160.55 , United States, ASN396458 (CMM-ATL, US),
Reverse DNS
Software
Apache /
Resource Hash
f986ec941c5d49e89a582bf4224230ad6ef84e24eae46cc6d9c70295fd7732f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FBBQPVT6A
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Mar 2021 01:18:54 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 01 Mar 2021 22:22:25 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Connection
Keep-Alive
Content-Type
text/css
X-Cnection
close
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
45629
nunito_sans.css
www.covermymeds.com/styles_r2/fonts/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.covermymeds.com/styles_r2/fonts/nunito_sans.css
Requested by
Host: account.covermymeds.com
URL: https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FBBQPVT6A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.97.160.55 , United States, ASN396458 (CMM-ATL, US),
Reverse DNS
Software
Apache /
Resource Hash
d029481a0ca774bbe6a6290b02616327bf1c22711a3e26e050031b8494f051d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Mar 2021 01:18:54 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-Cnection
close
Connection
Keep-Alive
Content-Length
600
Last-Modified
Tue, 27 Nov 2018 13:29:25 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000
Access-Control-Allow-Methods
GET
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Expires
Thu, 03 Mar 2022 01:18:54 GMT
application-4e79e146f9882cc734e466a48acd1c4eb7a8fad2e2b7a840468acc85e27de332.js
account.covermymeds.com/assets/ 		142 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://account.covermymeds.com/assets/application-4e79e146f9882cc734e466a48acd1c4eb7a8fad2e2b7a840468acc85e27de332.js
Requested by
Host: account.covermymeds.com
URL: https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FBBQPVT6A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.97.160.55 , United States, ASN396458 (CMM-ATL, US),
Reverse DNS
Software
Apache /
Resource Hash
4e79e146f9882cc734e466a48acd1c4eb7a8fad2e2b7a840468acc85e27de332
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FBBQPVT6A
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Mar 2021 01:18:54 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Cnection
close
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
62371
Last-Modified
Wed, 24 Feb 2021 21:06:32 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Expires
Thu, 03 Mar 2022 01:18:54 GMT
sessions-f41a59af0e3cc9f01ac33ff2a1929529b2a4d36391995451e5803f8ad264fcad.js
account.covermymeds.com/assets/ 		632 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://account.covermymeds.com/assets/sessions-f41a59af0e3cc9f01ac33ff2a1929529b2a4d36391995451e5803f8ad264fcad.js
Requested by
Host: account.covermymeds.com
URL: https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FBBQPVT6A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.97.160.55 , United States, ASN396458 (CMM-ATL, US),
Reverse DNS
Software
Apache /
Resource Hash
f41a59af0e3cc9f01ac33ff2a1929529b2a4d36391995451e5803f8ad264fcad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FBBQPVT6A
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Mar 2021 01:18:54 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 11 Feb 2021 14:11:39 GMT
Server
Apache
Cache-Control
max-age=31536000
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-Cnection
close
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
632
Expires
Thu, 03 Mar 2022 01:18:54 GMT
cmm_header_logo-f891e2ac0fa3c5131f5bed8ad7a69f587f8f49a41ec59514ec76d73b5802cf1d.png
account.covermymeds.com/assets/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://account.covermymeds.com/assets/cmm_header_logo-f891e2ac0fa3c5131f5bed8ad7a69f587f8f49a41ec59514ec76d73b5802cf1d.png
Requested by
Host: account.covermymeds.com
URL: https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FBBQPVT6A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.97.160.55 , United States, ASN396458 (CMM-ATL, US),
Reverse DNS
Software
Apache /
Resource Hash
f891e2ac0fa3c5131f5bed8ad7a69f587f8f49a41ec59514ec76d73b5802cf1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FBBQPVT6A
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Mar 2021 01:18:54 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 28 Jan 2020 22:22:09 GMT
Server
Apache
Cache-Control
max-age=31536000
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-Cnection
close
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Content-Length
17285
Expires
Thu, 03 Mar 2022 01:18:54 GMT
application-2f66fb4be31fa7915fc5.js
account.covermymeds.com/packs/ 		321 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://account.covermymeds.com/packs/application-2f66fb4be31fa7915fc5.js
Requested by
Host: account.covermymeds.com
URL: https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FBBQPVT6A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.97.160.55 , United States, ASN396458 (CMM-ATL, US),
Reverse DNS
Software
Apache /
Resource Hash
f3cbbeb2b929a7ae8c8382d6d6bdc06c5e5f9ff8b12ef1e2d51c4b24009b90c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FBBQPVT6A
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Mar 2021 01:18:54 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 01 Mar 2021 22:22:18 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Connection
Keep-Alive
Content-Type
application/javascript
X-Cnection
close
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
91170
bundle-customer.js
chat.covermymeds.com/javascripts/ 		177 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chat.covermymeds.com/javascripts/bundle-customer.js
Requested by
Host: account.covermymeds.com
URL: https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FBBQPVT6A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.97.160.33 , United States, ASN396458 (CMM-ATL, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
9458cd8a47ba42ebc0641fe9e50278ab1649b8e593f58a52b9fadfa854f1f657
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Mar 2021 01:18:55 GMT
Via
1.1 chat.covermymeds.com
X-Content-Type-Options
nosniff
Server
nginx/1.16.1
X-Frame-Options
SAMEORIGIN
Connection
close
Content-Type
application/javascript
Cache-Control
max-age=5184000, public
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Content-Encoding
gzip
Vary
Accept-Encoding
content-length
61202
Expires
Sun, 02 May 2021 01:18:55 GMT
gtm.js
www.googletagmanager.com/ 		226 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WDWQ49P
Requested by
Host: account.covermymeds.com
URL: https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FBBQPVT6A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
efca47d5c475af22dc93d81b827b3381f36699219995e77149ee3f180878e962
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 01:18:54 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61381
x-xss-protection
0
last-modified
Wed, 03 Mar 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 03 Mar 2021 01:18:54 GMT
hero-quarter-orange-e883210dd4516c14d0c65aa998de99eb.jpg
account.covermymeds.com/packs/images/ 		126 KB
126 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://account.covermymeds.com/packs/images/hero-quarter-orange-e883210dd4516c14d0c65aa998de99eb.jpg
Requested by
Host: account.covermymeds.com
URL: https://account.covermymeds.com/packs/application-dd45911632e25303f2d61773743e3a39.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.97.160.55 , United States, ASN396458 (CMM-ATL, US),
Reverse DNS
Software
Apache /
Resource Hash
61e3d312607c01f114ae98393cee089d6884253bbd41936cc8d09f65cb952f49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://account.covermymeds.com/packs/application-dd45911632e25303f2d61773743e3a39.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Mar 2021 01:18:54 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 01 Mar 2021 22:22:30 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
X-Cnection
close
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Content-Length
129147
pe0qMImSLYBIv1o4X1M8cce9I9tAcVwo.woff2
www.covermymeds.com/fonts/nunitosans/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.covermymeds.com/fonts/nunitosans/pe0qMImSLYBIv1o4X1M8cce9I9tAcVwo.woff2
Requested by
Host: www.covermymeds.com
URL: https://www.covermymeds.com/styles_r2/fonts/nunito_sans.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.97.160.55 , United States, ASN396458 (CMM-ATL, US),
Reverse DNS
Software
Apache /
Resource Hash
09c3f39acdd3ecdaf2d3a17efb700d07fe2691b5524c2aea19c10c9deb662dd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Origin
https://account.covermymeds.com
Referer
https://www.covermymeds.com/styles_r2/fonts/nunito_sans.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Mar 2021 01:18:55 GMT
Content-Encoding
gzip
Last-Modified
Tue, 27 Nov 2018 13:29:25 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Connection
Keep-Alive
Access-Control-Allow-Origin
*
X-Cnection
close
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Content-Length
11256
pe03MImSLYBIv1o4X1M8cc8GBs5tU1ECVZl_.woff2
www.covermymeds.com/fonts/nunitosans/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.covermymeds.com/fonts/nunitosans/pe03MImSLYBIv1o4X1M8cc8GBs5tU1ECVZl_.woff2
Requested by
Host: www.covermymeds.com
URL: https://www.covermymeds.com/styles_r2/fonts/nunito_sans.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.97.160.55 , United States, ASN396458 (CMM-ATL, US),
Reverse DNS
Software
Apache /
Resource Hash
98bf460214a592d28141740a065d561a43fd31c00bcc84c4c7da2c84741de619
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Origin
https://account.covermymeds.com
Referer
https://www.covermymeds.com/styles_r2/fonts/nunito_sans.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Mar 2021 01:18:55 GMT
Content-Encoding
gzip
Last-Modified
Tue, 27 Nov 2018 13:29:25 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Connection
Keep-Alive
Access-Control-Allow-Origin
*
X-Cnection
close
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Content-Length
11380
2bffef_0_0-a929a8f3dbb466ecf4211ae2b8c5ccc4.woff
account.covermymeds.com/packs/fonts/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://account.covermymeds.com/packs/fonts/2bffef_0_0-a929a8f3dbb466ecf4211ae2b8c5ccc4.woff
Requested by
Host: account.covermymeds.com
URL: https://account.covermymeds.com/packs/application-dd45911632e25303f2d61773743e3a39.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.97.160.55 , United States, ASN396458 (CMM-ATL, US),
Reverse DNS
Software
Apache /
Resource Hash
1243303b5bbae5225a6204024bfb1648bb1f809f0ef4a0ce55f5bd64b41c2352
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Origin
https://account.covermymeds.com
Referer
https://account.covermymeds.com/packs/application-dd45911632e25303f2d61773743e3a39.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Mar 2021 01:18:55 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 01 Mar 2021 22:22:30 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff
X-Cnection
close
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Content-Length
30469
pe03MImSLYBIv1o4X1M8cc8WAc5tU1ECVZl_.woff2
www.covermymeds.com/fonts/nunitosans/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.covermymeds.com/fonts/nunitosans/pe03MImSLYBIv1o4X1M8cc8WAc5tU1ECVZl_.woff2
Requested by
Host: www.covermymeds.com
URL: https://www.covermymeds.com/styles_r2/fonts/nunito_sans.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.97.160.55 , United States, ASN396458 (CMM-ATL, US),
Reverse DNS
Software
Apache /
Resource Hash
ea8d599e63bb7e05af49012adc8e7be9f807f8376b3a6141165fbb4431b92dd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Origin
https://account.covermymeds.com
Referer
https://www.covermymeds.com/styles_r2/fonts/nunito_sans.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Mar 2021 01:18:55 GMT
Content-Encoding
gzip
Last-Modified
Tue, 27 Nov 2018 13:29:25 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Connection
Keep-Alive
Access-Control-Allow-Origin
*
X-Cnection
close
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Content-Length
11212
pendo.js
cdn.pendo.io/agent/static/89b77497-23cf-4058-6d78-e33d78245f50/ 		394 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pendo.io/agent/static/89b77497-23cf-4058-6d78-e33d78245f50/pendo.js
Requested by
Host: account.covermymeds.com
URL: https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FBBQPVT6A
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.97.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-97-108.fra50.r.cloudfront.net
Software
UploadServer /
Resource Hash
1d0583ac1d1f621d2de827eb7024e4f4c9b8640256b3731c4e6c9dcc62c27274

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Mar 2021 01:18:55 GMT
Content-Encoding
gzip
Content-Type
application/javascript
X-Amz-Cf-Pop
FRA50-C1
Transfer-Encoding
chunked
X-Cache
RefreshHit from cloudfront
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Fri, 26 Feb 2021 17:08:10 GMT
Server
UploadServer
ETag
"8e110759889045fe9d44a3ee05c6ee1a"
Vary
Accept-Encoding
x-goog-hash
crc32c=Hh1SWw==, md5=jhEHWYiQRf6dRKPuBcbuGg==
x-goog-generation
1614359290432778
Via
1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
Access-Control-Expose-Headers
*
Cache-Control
max-age=450
x-goog-stored-content-length
124211
Accept-Ranges
bytes
X-GUploader-UploadID
ABg5-UwNOOw2qTNdUub0xb67bz5lltm68BKrxBskQX9D6yLR1dqp828v-8a2awwnq2B3vtH8CxK7wprFBpSp_TVArUc
X-Amz-Cf-Id
7kB0_EUPmQ_S9SPeGliAWXHzqwDxaZYA_RW6u46bKJ4hyusdpQ7zuw==
Expires
Wed, 03 Mar 2021 01:26:25 GMT
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDWQ49P
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
4578
date
Wed, 03 Mar 2021 00:02:36 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Wed, 03 Mar 2021 02:02:36 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDWQ49P
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28c::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Mar 2021 01:18:54 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Jan 2021 22:14:03 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=67117
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1855
conversion_async.js
www.googleadservices.com/pagead/ 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDWQ49P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
b4ceacee581031a4014c658e33aa47874612b4c25c1aed8ef682cada98b99d6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 01:18:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12348
x-xss-protection
0
server
cafe
etag
7672817363517198860
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 03 Mar 2021 01:18:55 GMT
bat.js
bat.bing.com/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDWQ49P
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0f8b92749ed5ae1a53b456979b6b1fa2157fbc804b8b6b871f0068316bbf1320

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 01:18:54 GMT
content-encoding
gzip
last-modified
Thu, 25 Feb 2021 01:12:13 GMT
x-msedge-ref
Ref A: 1783B550D2B149A9941EA848DF495EAE Ref B: FRAEDGE1514 Ref C: 2021-03-03T01:18:54Z
etag
"8014993f13bd71:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
8512
fbevents.js
connect.facebook.net/en_US/ 		91 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: account.covermymeds.com
URL: https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FBBQPVT6A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23762
x-fb-rlafr
0
pragma
public
x-fb-debug
gMXDnXyKfQDzhdIt8WJJ4yl3SAjAdUuYJ+K5+5fbwO9Grf//jHEwdMqplftSkkcv7Dpw6Rr1534kiaIKjzMrfQ==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 03 Mar 2021 01:18:54 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coop_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
origin-trial
AqUfQvNe9Mod+kZ3Qx78GGg2ul4TtHv3l126BaOQCbywgYxRUP0y9rs8/el96V62SmT7ue9StD9aXvYmT3UAAQcAAAB5eyJvcmlnaW4iOiJodHRwczovL2ZhY2Vib29rLmNvbTo0NDMiLCJmZWF0dXJlIjoiQ3Jvc3NPcmlnaW5PcGVuZXJQb2xpY3lSZXBvcnRpbmciLCJleHBpcnkiOjE2MTM0MTE1NzMsImlzU3ViZG9tYWluIjp0cnVlfQ==
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
up_loader.1.1.0.js
js.adsrvr.org/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDWQ49P
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.94.161 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-94-161.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Mar 2021 05:45:49 GMT
Via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
Age
70387
ETag
"98d98b3499058b76d58073cf8ede2f10"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Length
4593
X-Amz-Cf-Id
e_2AxjEi05asx4TTb3hI9ElTzkCBRt7aspvfm9UKSiXWbcijsrxYlg==
collect
stats.g.doubleclick.net/j/ 		4 B
429 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-7780355-10&cid=978013272.1614734335&jid=1516197349&gjid=1413783300&_gid=713483864.1614734335&_u=YGBAgEABAAAAAE~&z=568349536
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 03 Mar 2021 01:18:55 GMT
content-type
text/plain
access-control-allow-origin
https://account.covermymeds.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j88&a=204833850&t=pageview&_s=1&dl=https%3A%2F%2Faccount.covermymeds.com%2F%3Fdestination_url%3Dhttps%253A%252F%252Fwww.covermymeds.com%252Frequest%252Fview%252FBBQPVT6A&ul=en-us&de=UTF-8&dt=Log%20In%20%7C%20CoverMyMeds%2C%20The%20Leader%20In%20Electronic%20Prior%20Authorization&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=1516197349&gjid=1413783300&cid=978013272.1614734335&tid=UA-7780355-10&_gid=713483864.1614734335&gtm=2wg2h0WDWQ49P&cd12=null&z=1010921046
Requested by
Host: account.covermymeds.com
URL: https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FBBQPVT6A
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 17:19:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
28788
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
282700338735046
connect.facebook.net/signals/config/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/282700338735046?v=2.9.33&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
589ff9fed407b4d6de9ca61b50e0381627a9d76b43787b01a9215ebc4db6d61b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
6+igq6rAk7hwDS4VqyLXO+Y7fEyi8/D//qbkT90471z4aPOz7OFfLYqPUz+vsxgEvnW0v8dXlSmQdb59Pn8miA==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 03 Mar 2021 01:18:55 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=34915&time=1614734335034&url=https%3A%2F%2Faccount.covermymeds.com%2F%3Fdestination_url%3Dhttps%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FBBQ...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D34915%26time%3D1614734335034%26url%3Dhttps%253A%252F%252Faccount.covermymeds.com%...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=34915&time=1614734335034&url=https%3A%2F%2Faccount.covermymeds.com%2F%3Fdestination_url%3Dhttps%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FBBQ...
0
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=34915&time=1614734335034&url=https%3A%2F%2Faccount.covermymeds.com%2F%3Fdestination_url%3Dhttps%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FBBQPVT6A&liSync=true
Requested by
Host: account.covermymeds.com
URL: https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FBBQPVT6A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:119:50e1:101::6cae:b25 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 01:18:55 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lor1
x-li-proto
http/2
x-li-pop
prod-esv5
content-type
application/javascript
content-length
0
x-li-uuid
8K4ow1KwaBbAxYL8VCsAAA==

Redirect headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
linkedin-action
1
content-length
0
x-li-uuid
CrY2t1KwaBaw3+XLsioAAA==
pragma
no-cache
x-li-pop
afd-prod-esv5
x-msedge-ref
Ref A: 3D11C5A11040455BA5C914DB7E27526C Ref B: FRAEDGE0708 Ref C: 2021-03-03T01:18:55Z
date
Wed, 03 Mar 2021 01:18:55 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options
sameorigin
x-li-fabric
prod-lor1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=34915&time=1614734335034&url=https%3A%2F%2Faccount.covermymeds.com%2F%3Fdestination_url%3Dhttps%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FBBQPVT6A&liSync=true
cache-control
no-cache, no-store
content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-7780355-10&cid=978013272.1614734335&jid=1516197349&_u=YGBAgEABAAAAAE~&z=454461405
Requested by
Host: account.covermymeds.com
URL: https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FBBQPVT6A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Mar 2021 01:18:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-7780355-10&cid=978013272.1614734335&jid=1516197349&_u=YGBAgEABAAAAAE~&z=454461405
Requested by
Host: account.covermymeds.com
URL: https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FBBQPVT6A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Mar 2021 01:18:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=282700338735046&ev=PageView&dl=https%3A%2F%2Faccount.covermymeds.com%2F%3Fdestination_url%3Dhttps%253A%252F%252Fwww.covermymeds.com%252Frequest%252Fview%252FBBQPVT6A&rl=&if=false&ts=1614734335107&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=28&fbp=fb.1.1614734335097.724286759&it=1614734335032&coo=false&rqm=GET
Requested by
Host: account.covermymeds.com
URL: https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FBBQPVT6A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 01:18:55 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 03 Mar 2021 01:18:55 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/856736550/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/856736550/?random=1614734335133&cv=9&fst=1614734335133&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg2h0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Faccount.covermymeds.com%2F%3Fdestination_url%3Dhttps%253A%252F%252Fwww.covermymeds.com%252Frequest%252Fview%252FBBQPVT6A&tiba=Log%20In%20%7C%20CoverMyMeds%2C%20The%20Leader%20In%20Electronic%20Prior%20Authorization&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37a68ce6381eaf4ebe5b15ea47b5e2ceed86f60ebc1aa45e532baf01a44c9822
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Mar 2021 01:18:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1090
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/856736550/ 		42 B
530 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/856736550/?random=1614734335133&cv=9&fst=1614733200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg2h0&sendb=1&frm=0&url=https%3A%2F%2Faccount.covermymeds.com%2F%3Fdestination_url%3Dhttps%253A%252F%252Fwww.covermymeds.com%252Frequest%252Fview%252FBBQPVT6A&tiba=Log%20In%20%7C%20CoverMyMeds%2C%20The%20Leader%20In%20Electronic%20Prior%20Authorization&async=1&fmt=3&is_vtc=1&random=2299832014&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: account.covermymeds.com
URL: https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FBBQPVT6A
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Mar 2021 01:18:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/856736550/ 		42 B
530 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/856736550/?random=1614734335133&cv=9&fst=1614733200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg2h0&sendb=1&frm=0&url=https%3A%2F%2Faccount.covermymeds.com%2F%3Fdestination_url%3Dhttps%253A%252F%252Fwww.covermymeds.com%252Frequest%252Fview%252FBBQPVT6A&tiba=Log%20In%20%7C%20CoverMyMeds%2C%20The%20Leader%20In%20Electronic%20Prior%20Authorization&async=1&fmt=3&is_vtc=1&random=2299832014&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: account.covermymeds.com
URL: https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FBBQPVT6A
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Mar 2021 01:18:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/action/ 		0
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=26055177&Ver=2&mid=99cc8ae6-98ca-44eb-a905-e55a92fb361d&sid=6c5161607bbe11eb98169dd3157818ae&vid=6c521ec07bbe11eb8462ad06464a116f&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Log%20In%20%7C%20CoverMyMeds,%20The%20Leader%20In%20Electronic%20Prior%20Authorization&p=https%3A%2F%2Faccount.covermymeds.com%2F%3Fdestination_url%3Dhttps%253A%252F%252Fwww.covermymeds.com%252Frequest%252Fview%252FBBQPVT6A&r=&lt=2597&evt=pageLoad&msclkid=N&sv=1&rn=853227
Requested by
Host: account.covermymeds.com
URL: https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FBBQPVT6A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 03 Mar 2021 01:18:55 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 1401E07BEAB0453997D3FF93EE39C83E Ref B: FRAEDGE1514 Ref C: 2021-03-03T01:18:55Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
revision
chat.covermymeds.com/api_v2/customer/ 		102 B
851 B 		Script
General
Check archive.org
Download Go to
Full URL
https://chat.covermymeds.com/api_v2/customer/revision?callback=jQuery331015463487848008728_1614734335591&_=1614734335592
Requested by
Host: chat.covermymeds.com
URL: https://chat.covermymeds.com/javascripts/bundle-customer.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.97.160.33 , United States, ASN396458 (CMM-ATL, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
e73e8b24a77fcd09f5d4d31165e888b2044eb761ce62ecca4605b84f17fa3504
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Mar 2021 01:18:56 GMT
Via
1.1 chat.covermymeds.com
X-Content-Type-Options
nosniff, nosniff
X-Permitted-Cross-Domain-Policies
none
P3P
CP="CoverMyMeds does not support p3p."
Connection
close
content-length
102
X-XSS-Protection
1; mode=block
X-Request-Id
2c6e6362-c8cb-434c-920a-34497d561708
X-Runtime
0.003489
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx/1.16.1
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
ETag
W/"e73e8b24a77fcd09f5d4d31165e888b2"
X-Download-Options
noopen
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0, private, must-revalidate
bundle-customer-widget.js
chat.covermymeds.com/javascripts/ 		1 MB
572 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chat.covermymeds.com/javascripts/bundle-customer-widget.js?v=2207b0485223a2167bae363120eeaaabac390986&_=1614734335593
Requested by
Host: chat.covermymeds.com
URL: https://chat.covermymeds.com/javascripts/bundle-customer.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.97.160.33 , United States, ASN396458 (CMM-ATL, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
0644287df7fea41ad83fe9199c853eb978fa20e890c479df6f5070b96e702496
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Mar 2021 01:18:56 GMT
Via
1.1 chat.covermymeds.com
X-Content-Type-Options
nosniff
Server
nginx/1.16.1
X-Frame-Options
SAMEORIGIN
Connection
close
Content-Type
application/javascript
Cache-Control
max-age=5184000, public
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Content-Encoding
gzip
Vary
Accept-Encoding
Expires
Sun, 02 May 2021 01:18:56 GMT
status
chat.covermymeds.com/api_v2/customer/ 		93 B
841 B 		Script
General
Check archive.org
Download Go to
Full URL
https://chat.covermymeds.com/api_v2/customer/status?callback=jQuery33104078915018514766_1614734338208&_=1614734338209
Requested by
Host: chat.covermymeds.com
URL: https://chat.covermymeds.com/javascripts/bundle-customer-widget.js?v=2207b0485223a2167bae363120eeaaabac390986&_=1614734335593
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.97.160.33 , United States, ASN396458 (CMM-ATL, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
2765e81b38691a934836e632fd6f2aeee27cc60028b7b1c8b01dfaac34ed49d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Mar 2021 01:18:58 GMT
Via
1.1 chat.covermymeds.com
X-Content-Type-Options
nosniff, nosniff
X-Permitted-Cross-Domain-Policies
none
P3P
CP="CoverMyMeds does not support p3p."
Connection
close
content-length
93
X-XSS-Protection
1; mode=block
X-Request-Id
53819c1c-3ac9-421d-a96b-584b767583d4
X-Runtime
0.007242
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx/1.16.1
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
ETag
W/"2765e81b38691a934836e632fd6f2aee"
X-Download-Options
noopen
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0, private, must-revalidate
up
insight.adsrvr.org/track/ Frame 6A40 		0
182 B 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=yi9xlz1&ref=https%3A%2F%2Faccount.covermymeds.com%2F%3Fdestination_url%3Dhttps%253A%252F%252Fwww.covermymeds.com%252Frequest%252Fview%252FBBQPVT6A&upid=c7xdx7r&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.184.190 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-184-190.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
insight.adsrvr.org
:scheme
https
:path
/track/up?adv=yi9xlz1&ref=https%3A%2F%2Faccount.covermymeds.com%2F%3Fdestination_url%3Dhttps%253A%252F%252Fwww.covermymeds.com%252Frequest%252Fview%252FBBQPVT6A&upid=c7xdx7r&upv=1.1.0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://account.covermymeds.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://account.covermymeds.com/

Response headers

date
Wed, 03 Mar 2021 01:18:58 GMT
content-type
text/html
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
collect
www.google-analytics.com/j/ 		2 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=204833850&t=event&ni=1&_s=1&dl=https%3A%2F%2Faccount.covermymeds.com%2F%3Fdestination_url%3Dhttps%253A%252F%252Fwww.covermymeds.com%252Frequest%252Fview%252FBBQPVT6A&ul=en-us&de=UTF-8&dt=Log%20In%20%7C%20CoverMyMeds%2C%20The%20Leader%20In%20Electronic%20Prior%20Authorization&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=vertical&el=10%20percent&_u=aGhAAEABAAAAAG~&jid=1479724147&gjid=2004609001&cid=978013272.1614734335&tid=UA-7780355-10&_gid=1600312685.1614734339&_r=1&gtm=2wg2h0WDWQ49P&cd12=null&z=311490311
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 03 Mar 2021 01:18:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://account.covermymeds.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j88&a=204833850&t=event&ni=1&_s=1&dl=https%3A%2F%2Faccount.covermymeds.com%2F%3Fdestination_url%3Dhttps%253A%252F%252Fwww.covermymeds.com%252Frequest%252Fview%252FBBQPVT6A&ul=en-us&de=UTF-8&dt=Log%20In%20%7C%20CoverMyMeds%2C%20The%20Leader%20In%20Electronic%20Prior%20Authorization&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=vertical&el=25%20percent&_u=aGjAAEABAAAAAG~&jid=&gjid=&cid=978013272.1614734335&tid=UA-7780355-10&_gid=1600312685.1614734339&gtm=2wg2h0WDWQ49P&cd12=null&z=518591765
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 17:19:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
28791
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j88&a=204833850&t=event&ni=1&_s=1&dl=https%3A%2F%2Faccount.covermymeds.com%2F%3Fdestination_url%3Dhttps%253A%252F%252Fwww.covermymeds.com%252Frequest%252Fview%252FBBQPVT6A&ul=en-us&de=UTF-8&dt=Log%20In%20%7C%20CoverMyMeds%2C%20The%20Leader%20In%20Electronic%20Prior%20Authorization&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=vertical&el=50%20percent&_u=aGjAAEABAAAAAG~&jid=&gjid=&cid=978013272.1614734335&tid=UA-7780355-10&_gid=1600312685.1614734339&gtm=2wg2h0WDWQ49P&cd12=null&z=1403252909
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 17:19:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
28791
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j88&a=204833850&t=event&ni=1&_s=1&dl=https%3A%2F%2Faccount.covermymeds.com%2F%3Fdestination_url%3Dhttps%253A%252F%252Fwww.covermymeds.com%252Frequest%252Fview%252FBBQPVT6A&ul=en-us&de=UTF-8&dt=Log%20In%20%7C%20CoverMyMeds%2C%20The%20Leader%20In%20Electronic%20Prior%20Authorization&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=vertical&el=75%20percent&_u=aGjAAEABAAAAAG~&jid=&gjid=&cid=978013272.1614734335&tid=UA-7780355-10&_gid=1600312685.1614734339&gtm=2wg2h0WDWQ49P&cd12=null&z=964107853
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 17:19:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
28791
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j88&a=204833850&t=event&ni=1&_s=1&dl=https%3A%2F%2Faccount.covermymeds.com%2F%3Fdestination_url%3Dhttps%253A%252F%252Fwww.covermymeds.com%252Frequest%252Fview%252FBBQPVT6A&ul=en-us&de=UTF-8&dt=Log%20In%20%7C%20CoverMyMeds%2C%20The%20Leader%20In%20Electronic%20Prior%20Authorization&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=vertical&el=90%20percent&_u=aGjAAEABAAAAAG~&jid=&gjid=&cid=978013272.1614734335&tid=UA-7780355-10&_gid=1600312685.1614734339&gtm=2wg2h0WDWQ49P&cd12=null&z=1039028321
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 17:19:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
28791
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j88&a=204833850&t=event&ni=1&_s=1&dl=https%3A%2F%2Faccount.covermymeds.com%2F%3Fdestination_url%3Dhttps%253A%252F%252Fwww.covermymeds.com%252Frequest%252Fview%252FBBQPVT6A&ul=en-us&de=UTF-8&dt=Log%20In%20%7C%20CoverMyMeds%2C%20The%20Leader%20In%20Electronic%20Prior%20Authorization&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=vertical&el=100%20percent&_u=aGjAAEABAAAAAG~&jid=&gjid=&cid=978013272.1614734335&tid=UA-7780355-10&_gid=1600312685.1614734339&gtm=2wg2h0WDWQ49P&cd12=null&z=1065525673
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 17:19:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
28791
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
89b77497-23cf-4058-6d78-e33d78245f50
data.pendo.io/data/ptm.gif/ 		42 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.pendo.io/data/ptm.gif/89b77497-23cf-4058-6d78-e33d78245f50?v=2.79.6_prod&ct=1614734338728&jzb=eJy9UEFuwjAQ_IvPEUmcBAO3qi0ol4JUKK2qyjKxG4xwHNlOWkD8nXUbcuRSqZIPu-Od2dl5PyF3qAWaICUcQwHaGP1lhaFOKkDjYZySJE2S0XCUBqiVVjptqORAoIvHp4c5XdI8_S7b45EvZ_cgwIpCN5X7nekagBuzh37rXG0nYdjhg0K3wqiDEtxCrUIYrI2uLZqcrst8eWvfnlVlw0p_gqjo6hmdew899drDV82MqNxdPwAQZ86zoySEhyMcgyrYslJXAOMBGQ-GFGxxz3dsk3vJfCXX8euak23UZAu-A86nYUr8fC7nrN3N8heNp-0Uv619rgcn4KwkG5-DPvO9Zvxm5uSfM_eGOhtZFJO_34sxOX9cABcnxTc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 01:18:58 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-max-age
600
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
false
access-control-allow-headers
Origin,Accept,Content-Type,Authorization
content-length
42
89b77497-23cf-4058-6d78-e33d78245f50
data.pendo.io/data/guide.js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://data.pendo.io/data/guide.js/89b77497-23cf-4058-6d78-e33d78245f50?jzb=eJx9jkGrwjAQhP_LnqWpVRR7k_dEelHBeg6hCTXQJCXZFq30v3crfTk-2MPsl5nMfqDXQaPzhYQc-O10-b3ykhfbV90PgyzPP7ACUVWus_i1LJpo5xvan4htyBlbeFK5XnnzNkoG0oaR0SgUUqCAPLbNUv_T2Ahbd6JW5FCWP-4wxiti9G-np1Z4ZfEYDYSocE6nG0aTpdmafqXLgnaWcJbsD8mOt95JGMcJG69V9Q&v=2.79.6_prod&ct=1614734338734
Requested by
Host: cdn.pendo.io
URL: https://cdn.pendo.io/agent/static/89b77497-23cf-4058-6d78-e33d78245f50/pendo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
88ac2fbc19bf48aac6f2f1ca006f5bc3d3f290a93c6f2b1cd33cfbf96397d23e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 01:18:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-origin
*
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/javascript
via
1.1 google
access-control-max-age
600
access-control-allow-credentials
false
access-control-allow-headers
Origin,Accept,Content-Type,Authorization
collect
stats.g.doubleclick.net/j/ 		4 B
95 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-7780355-10&cid=978013272.1614734335&jid=1479724147&gjid=2004609001&_gid=1600312685.1614734339&_u=aGhAAEABAAAAAG~&z=1748515982
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 03 Mar 2021 01:18:58 GMT
content-type
text/plain
access-control-allow-origin
https://account.covermymeds.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-7780355-10&cid=978013272.1614734335&jid=1479724147&_u=aGhAAEABAAAAAG~&z=1951516373
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Mar 2021 01:18:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-7780355-10&cid=978013272.1614734335&jid=1479724147&_u=aGhAAEABAAAAAG~&z=1951516373
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Mar 2021 01:18:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| dataLayer function| ValidatedField function| ValidatedPasswordField function| debounce function| $ function| jQuery object| jQuery112408231321487326158 object| pendo object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga string| _linkedin_data_partner_id object| uetq function| fbq function| _fbq object| gaplugins object| gaGlobal object| gaData function| lintrk boolean| _already_called_lintrk function| UET function| GetCustomEvent function| ttd_dom_ready function| TTDUniversalPixelApi function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| core object| __core-js_shared__ function| setImmediate function| clearImmediate object| regeneratorRuntime object| mdc object| Chat object| global object| System function| asap function| Observable boolean| _babelPolyfill object| ChatWidget object| JSON3

1 Cookies

Domain/Path Name / Value
.covermymeds.com/ Name: cmc_is_minimized
Value: true

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

account.covermymeds.com
bat.bing.com
cdn.pendo.io
chat.covermymeds.com
connect.facebook.net
data.pendo.io
googleads.g.doubleclick.net
insight.adsrvr.org
js.adsrvr.org
px.ads.linkedin.com
snap.licdn.com
stats.g.doubleclick.net
www.covermymeds.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
142.250.185.130
143.204.94.161
143.204.97.108
2620:119:50e1:101::6cae:b25
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:800::2013
2a00:1450:4001:808::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2002
2a00:1450:4001:812::2004
2a00:1450:400c:c0c::9d
2a02:26f0:6c00:28c::25ea
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
54.77.184.190
66.97.160.33
66.97.160.55
0644287df7fea41ad83fe9199c853eb978fa20e890c479df6f5070b96e702496
09c3f39acdd3ecdaf2d3a17efb700d07fe2691b5524c2aea19c10c9deb662dd5
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
0f8b92749ed5ae1a53b456979b6b1fa2157fbc804b8b6b871f0068316bbf1320
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1243303b5bbae5225a6204024bfb1648bb1f809f0ef4a0ce55f5bd64b41c2352
1d0583ac1d1f621d2de827eb7024e4f4c9b8640256b3731c4e6c9dcc62c27274
2765e81b38691a934836e632fd6f2aeee27cc60028b7b1c8b01dfaac34ed49d0
37a68ce6381eaf4ebe5b15ea47b5e2ceed86f60ebc1aa45e532baf01a44c9822
4e79e146f9882cc734e466a48acd1c4eb7a8fad2e2b7a840468acc85e27de332
589ff9fed407b4d6de9ca61b50e0381627a9d76b43787b01a9215ebc4db6d61b
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
61e3d312607c01f114ae98393cee089d6884253bbd41936cc8d09f65cb952f49
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88ac2fbc19bf48aac6f2f1ca006f5bc3d3f290a93c6f2b1cd33cfbf96397d23e
9458cd8a47ba42ebc0641fe9e50278ab1649b8e593f58a52b9fadfa854f1f657
98bf460214a592d28141740a065d561a43fd31c00bcc84c4c7da2c84741de619
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
a16a87b871175aa99e1960780def505a23d1e3e4967c3530ab609d308e4e4e32
b4ceacee581031a4014c658e33aa47874612b4c25c1aed8ef682cada98b99d6d
d029481a0ca774bbe6a6290b02616327bf1c22711a3e26e050031b8494f051d3
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e73e8b24a77fcd09f5d4d31165e888b2044eb761ce62ecca4605b84f17fa3504
ea8d599e63bb7e05af49012adc8e7be9f807f8376b3a6141165fbb4431b92dd5
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efca47d5c475af22dc93d81b827b3381f36699219995e77149ee3f180878e962
f3cbbeb2b929a7ae8c8382d6d6bdc06c5e5f9ff8b12ef1e2d51c4b24009b90c8
f41a59af0e3cc9f01ac33ff2a1929529b2a4d36391995451e5803f8ad264fcad
f891e2ac0fa3c5131f5bed8ad7a69f587f8f49a41ec59514ec76d73b5802cf1d
f986ec941c5d49e89a582bf4224230ad6ef84e24eae46cc6d9c70295fd7732f5