urlscan.io logo urlscan.io
SecurityTrails logo

www.coverva.org Open in urlscan Pro
75.2.125.6  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.coverva.org/en/hipp
Submission: On October 24 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 5 countries across 19 domains to perform 92 HTTP transactions. The main IP is 75.2.125.6, located in United States and belongs to AMAZON-02, US. The main domain is www.coverva.org.
TLS certificate: Issued by Entrust Certification Authority - L1K on October 6th 2022. Valid for: a year.
This is the only time www.coverva.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
17 75.2.125.6 16509 (AMAZON-02)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 34.247.60.44 16509 (AMAZON-02)
1 34.252.39.216 16509 (AMAZON-02)
1 1 54.74.40.111 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 65.9.65.116 16509 (AMAZON-02)
25 52.154.205.63 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 142.250.186.130 15169 (GOOGLE)
1 15.236.176.210 16509 (AMAZON-02)
2 2a03:2880:f12... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
13 151.101.2.217 54113 (FASTLY)
3 13.84.36.2 8075 (MICROSOFT...)
1 13.69.106.89 8075 (MICROSOFT...)
6 54.85.211.252 ()
92 22
17    75.2.125.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: ae558034ba94d8f30.awsglobalaccelerator.com
www.coverva.org
2    2a02:26f0:3500:587::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
2    34.247.60.44 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-60-44.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    34.252.39.216 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-39-216.eu-west-1.compute.amazonaws.com
maximus.demdex.net
1    54.74.40.111 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-40-111.eu-west-1.compute.amazonaws.com
cm.everesttech.net
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    65.9.65.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-65-116.fra56.r.cloudfront.net
js.adsrvr.org
25    52.154.205.63 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
medchatapp.com
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
7    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
www.google.de
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
www.googleadservices.com
1    15.236.176.210 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
maximusinc.sc.omtrdc.net
2    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
13    151.101.2.217 (United States)

ASN54113 (FASTLY, US)
app.launchdarkly.com
3    13.84.36.2 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
shared-assets.medchatapp.com
1    13.69.106.89 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
6    54.85.211.252 (None, )

ASN- ()
events.launchdarkly.com
Apex Domain
Subdomains		 Transfer
28 medchatapp.com
medchatapp.com — Cisco Umbrella Rank: 95509
shared-assets.medchatapp.com — Cisco Umbrella Rank: 147744
2 MB
19 launchdarkly.com
app.launchdarkly.com — Cisco Umbrella Rank: 870
events.launchdarkly.com
6 KB
17 coverva.org
www.coverva.org
2 MB
6 gstatic.com
fonts.gstatic.com
84 KB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 214
maximus.demdex.net — Cisco Umbrella Rank: 316949
5 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
221 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 151
111 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 61
143 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 44
ajax.googleapis.com — Cisco Umbrella Rank: 306
32 KB
2 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 490
74 KB
1 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 770
1 google.de
www.google.de — Cisco Umbrella Rank: 6045
548 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
548 B
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
2 KB
1 omtrdc.net
maximusinc.sc.omtrdc.net — Cisco Umbrella Rank: 263040
344 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 131
15 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2668
347 B
1 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1436
2 KB
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1073
517 B
92 19
Domain Requested by
25 medchatapp.com www.coverva.org
medchatapp.com
17 www.coverva.org www.coverva.org
13 app.launchdarkly.com medchatapp.com
6 events.launchdarkly.com medchatapp.com
6 fonts.gstatic.com fonts.googleapis.com
3 shared-assets.medchatapp.com medchatapp.com
2 www.facebook.com connect.facebook.net
2 connect.facebook.net www.coverva.org
connect.facebook.net
2 www.googletagmanager.com www.coverva.org
2 dpm.demdex.net assets.adobedtm.com
www.coverva.org
2 assets.adobedtm.com www.coverva.org
assets.adobedtm.com
1 dc.services.visualstudio.com medchatapp.com
1 www.google.de www.coverva.org
1 www.google.com www.coverva.org
1 googleads.g.doubleclick.net www.googleadservices.com
1 maximusinc.sc.omtrdc.net www.coverva.org
1 www.googleadservices.com www.googletagmanager.com
1 region1.google-analytics.com www.googletagmanager.com
1 ajax.googleapis.com assets.adobedtm.com
1 js.adsrvr.org www.coverva.org
1 fonts.googleapis.com www.coverva.org
1 cm.everesttech.net 1 redirects
1 maximus.demdex.net assets.adobedtm.com
92 23
Subject Issuer Validity Valid
coverva.org
Entrust Certification Authority - L1K		 2022-10-06 -
2023-10-30		 a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-19 -
2023-08-19		 a year crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-26 -
2023-10-27		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-08-02 -
2022-10-31		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.medchatapp.com
Go Daddy Secure Certificate Authority - G2		 2021-12-24 -
2022-12-22		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.sc.omtrdc.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-17 -
2023-03-07		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
app.launchdarkly.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-09-28 -
2023-10-30		 a year crt.sh
in.applicationinsights.azure.com
Microsoft Azure TLS Issuing CA 05		 2022-09-07 -
2023-09-02		 a year crt.sh
events.launchdarkly.com
Amazon		 2022-08-19 -
2023-09-16		 a year crt.sh

This page contains 4 frames:

Primary Page: https://www.coverva.org/en/hipp
Frame ID: B4B92BBB2C8FFCEFBFA84AAC009990D0
Requests: 45 HTTP requests in this frame

Frame: https://maximus.demdex.net/dest5.html?d_nsid=0
Frame ID: 59F5B1D9FEE2678E01114497F2981A64
Requests: 1 HTTP requests in this frame

Frame: https://medchatapp.com/widget-launcher/
Frame ID: B095CF59760CE972BA1CB5EF3A9150F3
Requests: 12 HTTP requests in this frame

Frame: https://medchatapp.com/widget/Rg17rBCiAESsURhm1UTcGw?&hasWrapper=true
Frame ID: 27A3D314F250DFC51782124ADA3B1DF1
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Health Insurance Premium Payment (HIPP) programsCloseClose

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

92
Requests

98 %
HTTPS

45 %
IPv6

19
Domains

23
Subdomains

22
IPs

5
Countries

5086 kB
Transfer

16393 kB
Size

14
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://cm.everesttech.net/cm/dd?d_uuid=38798764106249853522728794596961022820 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y1aYJAAAAIDUHANx

92 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request hipp
www.coverva.org/en/ 		159 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.coverva.org/en/hipp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.125.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ae558034ba94d8f30.awsglobalaccelerator.com
Software
nginx /
Resource Hash
88f764dfae2c2480e23c6d51dd057aadd9e277826cc4e02976fa4082b6bd801d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=30
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 24 Oct 2022 13:50:27 GMT
etag
W/"27c40-PjXfwevdBiSgOCRLSYIlqdDMtZ8"
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-xss-protection
1; mode=block
launch-4a6b746de091.min.js
assets.adobedtm.com/63e6c9fa6c47/b97f7658714a/ 		219 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/63e6c9fa6c47/b97f7658714a/launch-4a6b746de091.min.js
Requested by
Host: www.coverva.org
URL: https://www.coverva.org/en/hipp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
9860ceb61a81f618371aae42ff23c1ecf1b942bb90349491fb7b4019ff225220

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coverva.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 13:50:27 GMT
content-encoding
gzip
last-modified
Tue, 26 Jul 2022 21:20:13 GMT
server
AkamaiNetStorage
etag
"4e5e0361cee5cf8fc0302b307c57b9e7:1658870413.718994"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.coverva.org
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
63321
expires
Mon, 24 Oct 2022 14:50:27 GMT
main~071cedab.89ad9148.chunk.css
www.coverva.org/static/css/ 		559 B
749 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.coverva.org/static/css/main~071cedab.89ad9148.chunk.css
Requested by
Host: www.coverva.org
URL: https://www.coverva.org/en/hipp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.125.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ae558034ba94d8f30.awsglobalaccelerator.com
Software
nginx /
Resource Hash
8c69f43299b8d9773b39064862f42d88bc64b32e8a331ebfafc9de5386d278bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coverva.org/en/hipp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 13:50:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 20 Jul 2022 21:00:21 GMT
server
nginx
etag
"62d86ce5-22f"
content-type
text/css
accept-ranges
bytes
content-length
559
main~071cedab.8db667ca.chunk.js
www.coverva.org/static/js/ 		1 MB
355 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.coverva.org/static/js/main~071cedab.8db667ca.chunk.js
Requested by
Host: www.coverva.org
URL: https://www.coverva.org/en/hipp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.125.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ae558034ba94d8f30.awsglobalaccelerator.com
Software
nginx /
Resource Hash
3a4b884e47e601c35be05ee609419ec14265464d5cd309dc2a4f0a5c55baae36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coverva.org/en/hipp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 13:50:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Wed, 20 Jul 2022 21:00:21 GMT
server
nginx
etag
W/"62d86ce5-10f1b1"
vary
Accept-Encoding
content-type
application/javascript
main~5e745886.a42fefa7.chunk.js
www.coverva.org/static/js/ 		1000 KB
335 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.coverva.org/static/js/main~5e745886.a42fefa7.chunk.js
Requested by
Host: www.coverva.org
URL: https://www.coverva.org/en/hipp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.125.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ae558034ba94d8f30.awsglobalaccelerator.com
Software
nginx /
Resource Hash
e839d04133315e223b25e8f665c2700cbe390734f11d3f1bd84b672c6d60dbbc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coverva.org/en/hipp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 13:50:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Wed, 20 Jul 2022 21:00:21 GMT
server
nginx
etag
W/"62d86ce5-f9fb2"
vary
Accept-Encoding
content-type
application/javascript
main~2b2c0fd8.c823ecb0.chunk.js
www.coverva.org/static/js/ 		2 MB
484 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.coverva.org/static/js/main~2b2c0fd8.c823ecb0.chunk.js
Requested by
Host: www.coverva.org
URL: https://www.coverva.org/en/hipp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.125.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ae558034ba94d8f30.awsglobalaccelerator.com
Software
nginx /
Resource Hash
51d77c29b9b183fa1448ad4bdc89cd64b09a14ca2c58ae884f786bbaa86d8f4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coverva.org/en/hipp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 13:50:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Wed, 20 Jul 2022 21:00:21 GMT
server
nginx
etag
W/"62d86ce5-19a563"
vary
Accept-Encoding
content-type
application/javascript
main~6e19ec55.0e682b15.chunk.js
www.coverva.org/static/js/ 		2 MB
724 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.coverva.org/static/js/main~6e19ec55.0e682b15.chunk.js
Requested by
Host: www.coverva.org
URL: https://www.coverva.org/en/hipp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.125.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ae558034ba94d8f30.awsglobalaccelerator.com
Software
nginx /
Resource Hash
48d1043ce567b8502ffe2eb105875f3a157666b7973316c7503e8de3bfb7969b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coverva.org/en/hipp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 13:50:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Wed, 20 Jul 2022 21:00:21 GMT
server
nginx
etag
W/"62d86ce5-2232b5"
vary
Accept-Encoding
content-type
application/javascript
6.4ff077b6.chunk.js
www.coverva.org/static/js/ 		754 KB
254 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.coverva.org/static/js/6.4ff077b6.chunk.js
Requested by
Host: www.coverva.org
URL: https://www.coverva.org/en/hipp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.125.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ae558034ba94d8f30.awsglobalaccelerator.com
Software
nginx /
Resource Hash
591134ddceb388cd2d70e51a2860e8c0901d84bfc7bfadecf4712a3fb9ae2512
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coverva.org/en/hipp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 13:50:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Wed, 20 Jul 2022 21:00:21 GMT
server
nginx
etag
W/"62d86ce5-bc8c2"
vary
Accept-Encoding
content-type
application/javascript
main~7ce2aaa4.e3f85399.chunk.js
www.coverva.org/static/js/ 		40 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.coverva.org/static/js/main~7ce2aaa4.e3f85399.chunk.js
Requested by
Host: www.coverva.org
URL: https://www.coverva.org/en/hipp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.125.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ae558034ba94d8f30.awsglobalaccelerator.com
Software
nginx /
Resource Hash
01aacda621b54eb9d93868804103f28053df812e27e3e582427cb1dfb9c8a66b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coverva.org/en/hipp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 13:50:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Wed, 20 Jul 2022 21:00:21 GMT
server
nginx
etag
W/"62d86ce5-9e02"
vary
Accept-Encoding
content-type
application/javascript
id
dpm.demdex.net/ 		366 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F6E84ABD5ED8A0AA0A495F8B%40AdobeOrg&d_nsid=0&ts=1666619427652
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/63e6c9fa6c47/b97f7658714a/launch-4a6b746de091.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.60.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-60-44.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d3372d816b760cb76b2a782e950d80ef46ed96380972f90dc4a068ea6b963665
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.coverva.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-2-v044-0cad15b9d.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
OxxdfV1oQRk=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.coverva.org
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
310
Expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/63e6c9fa6c47/b97f7658714a/launch-4a6b746de091.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coverva.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 13:50:27 GMT
content-encoding
gzip
last-modified
Mon, 14 Feb 2022 16:35:31 GMT
server
AkamaiNetStorage
etag
"d860c16ac938f7d839f0ec158d02d0f0:1644856531.418573"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.coverva.org
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12163
expires
Mon, 24 Oct 2022 14:50:27 GMT
dest5.html
maximus.demdex.net/ Frame 59F5 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://maximus.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/63e6c9fa6c47/b97f7658714a/launch-4a6b746de091.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.39.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-39-216.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.coverva.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-irl1-1-v044-0ea413a51.edge-irl1.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
jg+qGffMSbQ=
content-encoding
gzip
date
Mon, 24 Oct 2022 13:50:28 GMT
last-modified
Thu, 29 Sep 2022 16:18:55 GMT
vary
accept-encoding
ibs:dpid=411&dpuuid=Y1aYJAAAAIDUHANx
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=38798764106249853522728794596961022820
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y1aYJAAAAIDUHANx
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y1aYJAAAAIDUHANx
Requested by
Host: www.coverva.org
URL: https://www.coverva.org/en/hipp
Protocol
HTTP/1.1
Server
34.247.60.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-60-44.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coverva.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v044-07a02cb5f.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
gjZ7YGVASSQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y1aYJAAAAIDUHANx
Date
Mon, 24 Oct 2022 13:50:28 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito+Sans:400,400b,400i,700,700b,700i
Requested by
Host: www.coverva.org
URL: https://www.coverva.org/static/js/main~5e745886.a42fefa7.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
95a7c9ee29ed39317be6abdf9418487cb176b4f8fde39a26da75cdaa562b5b2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coverva.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 24 Oct 2022 13:50:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 24 Oct 2022 13:50:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 24 Oct 2022 13:50:28 GMT
js
www.googletagmanager.com/gtag/ 		223 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-M757RGM3NY
Requested by
Host: www.coverva.org
URL: https://www.coverva.org/static/js/main~071cedab.8db667ca.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f7bdf94405fc34fa92cacaf87232ce1e383304eba551ba84b9774fb37c5ef7df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coverva.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 13:50:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78450
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 24 Oct 2022 13:50:28 GMT
fbevents.js
connect.facebook.net/en_US/ 		102 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.coverva.org
URL: https://www.coverva.org/en/hipp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f8486cf55c57486f26236be045e02ada380d1ee0378008375cf54295c23954c8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coverva.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 24 Oct 2022 13:50:28 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27027
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
a8eiq/QqSL8PWW2JeMBnVEU/vC9tz5WPRcYfSU/d67cfrYXD5di4npzzY2d8pSl/aipbYrazVIS2cfP/a0nsNw==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		184 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-781502479
Requested by
Host: www.coverva.org
URL: https://www.coverva.org/static/js/main~071cedab.8db667ca.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
adcb79aa1d09534548eaabe2d3684343b01e2c3f6643b6b03fc3c308628e89df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coverva.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 13:50:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67433
x-xss-protection
0
last-modified
Mon, 24 Oct 2022 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 24 Oct 2022 13:50:28 GMT
up_loader.1.1.0.js
js.adsrvr.org/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.coverva.org
URL: https://www.coverva.org/static/js/main~071cedab.8db667ca.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.65.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-65-116.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coverva.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 24 Oct 2022 01:34:59 GMT
Content-Encoding
gzip
Via
1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-C1
Age
44130
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
piDhOu20Nh8MhMH3TRPs3EeXZ-zH7jMsESD2CtCyLNOHht2qhWlKpw==
widget.js
medchatapp.com/widget/ 		83 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://medchatapp.com/widget/widget.js?api-key=Rg17rBCiAESsURhm1UTcGw
Requested by
Host: www.coverva.org
URL: https://www.coverva.org/static/js/main~071cedab.8db667ca.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.154.205.63 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
abfe3f68b83035026e7a834ef789b33cfd7a0a3e54c1601c42564a02aca16f91

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coverva.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 13:50:28 GMT
content-encoding
gzip
last-modified
Thu, 20 Oct 2022 23:29:06 GMT
server
Microsoft-IIS/10.0
etag
"0df3bedbe4d81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
29051
expires
-1
DXH-5150-Logo-NEW.jpg
www.coverva.org/content/dam/digital/united-states/virginia/cover-va/images/common/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.coverva.org/content/dam/digital/united-states/virginia/cover-va/images/common/DXH-5150-Logo-NEW.jpg
Requested by
Host: www.coverva.org
URL: https://www.coverva.org/en/hipp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.125.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ae558034ba94d8f30.awsglobalaccelerator.com
Software
nginx /
Resource Hash
ab535ef07d54c5f0496e2dd9cbbc1d68c11874a2921b418da01209c903f72c9a
Security Headers
Name Value
Strict-Transport-Security max-age=31557600, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coverva.org/en/hipp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 13:50:28 GMT
strict-transport-security
max-age=31557600, max-age=31536000; includeSubDomains
x-content-type-options
nosniff
age
9522
x-vhost
maximus
x-cache
HIT
content-disposition
attachment
content-length
16162
x-xss-protection
1; mode=block
x-served-by
cache-iad-kiad7000149-IAD
last-modified
Fri, 20 May 2022 00:38:08 GMT
server
nginx
x-timer
S1666619429.651027,VS0,VS0,VE1
etag
"3f22-5df66b44a9c00"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=5184000, public
accept-ranges
bytes
expires
Fri, 23 Dec 2022 13:50:28 GMT
hipp_thumb.png
www.coverva.org/content/dam/digital/united-states/virginia/cover-va/images/common/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.coverva.org/content/dam/digital/united-states/virginia/cover-va/images/common/hipp_thumb.png
Requested by
Host: www.coverva.org
URL: https://www.coverva.org/en/hipp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.125.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ae558034ba94d8f30.awsglobalaccelerator.com
Software
nginx /
Resource Hash
887af521516bfde6f80a24134df8882c8e60d0d4fb42c399ea4857e2b12c3851
Security Headers
Name Value
Strict-Transport-Security max-age=31557600, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coverva.org/en/hipp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 13:50:28 GMT
strict-transport-security
max-age=31557600, max-age=31536000; includeSubDomains
x-content-type-options
nosniff
age
37300
x-vhost
maximus
x-cache
HIT
content-disposition
attachment
content-length
11442
x-xss-protection
1; mode=block
x-served-by
cache-iad-kjyo7100176-IAD
last-modified
Fri, 20 May 2022 00:38:19 GMT
server
nginx
x-timer
S1666619429.646351,VS0,VS0,VE11
etag
"2cb2-5df66b4f274c0"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=5184000, public
accept-ranges
bytes
expires
Fri, 23 Dec 2022 13:50:28 GMT
HIPP_thmb.png
www.coverva.org/content/dam/digital/united-states/virginia/cover-va/images/common/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.coverva.org/content/dam/digital/united-states/virginia/cover-va/images/common/HIPP_thmb.png
Requested by
Host: www.coverva.org
URL: https://www.coverva.org/en/hipp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.125.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ae558034ba94d8f30.awsglobalaccelerator.com
Software
nginx /
Resource Hash
028a0f0c4dbddc448a34f12589723cb95645c8ff46f8e6baa5954c64a367ef8f
Security Headers
Name Value
Strict-Transport-Security max-age=31557600, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coverva.org/en/hipp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 13:50:28 GMT
strict-transport-security
max-age=31557600, max-age=31536000; includeSubDomains
x-content-type-options
nosniff
age
37300
x-vhost
maximus
x-cache
HIT
content-disposition
attachment
content-length
5817
x-xss-protection
1; mode=block
x-served-by
cache-iad-kiad7000047-IAD
last-modified
Fri, 20 May 2022 00:38:12 GMT
server
nginx
x-timer
S1666619429.648210,VS0,VS0,VE2
etag
"16b9-5df66b487a500"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=5184000, public
accept-ranges
bytes
expires
Fri, 23 Dec 2022 13:50:28 GMT
HIPP_broc_thumb.png
www.coverva.org/content/dam/digital/united-states/virginia/cover-va/images/common/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.coverva.org/content/dam/digital/united-states/virginia/cover-va/images/common/HIPP_broc_thumb.png
Requested by
Host: www.coverva.org
URL: https://www.coverva.org/en/hipp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.125.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ae558034ba94d8f30.awsglobalaccelerator.com
Software
nginx /
Resource Hash
6eb697854bb705a004931beb8def48ca58a869bdd320331b49c21119bd180947
Security Headers
Name Value
Strict-Transport-Security max-age=31557600, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coverva.org/en/hipp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 13:50:28 GMT
strict-transport-security
max-age=31557600, max-age=31536000; includeSubDomains
x-content-type-options
nosniff
age
53350
x-vhost
maximus
x-cache
HIT
content-disposition
attachment
content-length
15126
x-xss-protection
1; mode=block
x-served-by
cache-iad-kiad7000074-IAD
last-modified
Fri, 20 May 2022 00:38:12 GMT
server
nginx
x-timer
S1666619429.652636,VS0,VS0,VE2
etag
"3b16-5df66b487a500"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=5184000, public
accept-ranges
bytes
expires
Fri, 23 Dec 2022 13:50:28 GMT
HIPP_fly_thumb.png
www.coverva.org/content/dam/digital/united-states/virginia/cover-va/images/common/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.coverva.org/content/dam/digital/united-states/virginia/cover-va/images/common/HIPP_fly_thumb.png
Requested by
Host: www.coverva.org
URL: https://www.coverva.org/en/hipp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.125.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ae558034ba94d8f30.awsglobalaccelerator.com
Software
nginx /
Resource Hash
ef4ce027fde1c1f12e6b5cd9bac14b2fbadfdb289a952a111a49f27ea28a5678
Security Headers
Name Value
Strict-Transport-Security max-age=31557600, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coverva.org/en/hipp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 13:50:28 GMT
strict-transport-security
max-age=31557600, max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-md5
JeqFoGjDM5sML1kmhWw38w==
age
53350
x-cache
HIT
content-disposition
attachment; filename="HIPP_fly_thumb.png"; filename*=UTF-8''HIPP_fly_thumb.png
content-length
17237
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200049-IAD
last-modified
Fri, 20 May 2022 00:39:39 GMT
server
nginx
x-timer
S1666619429.645756,VS0,VS0,VE0
etag
"0x8DA39F9392F4976"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=5184000, public
accept-ranges
bytes
expires
Fri, 23 Dec 2022 13:50:28 GMT
Acrobat_29.png
www.coverva.org/content/dam/digital/united-states/virginia/cover-va/images/common/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.coverva.org/content/dam/digital/united-states/virginia/cover-va/images/common/Acrobat_29.png
Requested by
Host: www.coverva.org
URL: https://www.coverva.org/en/hipp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.125.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ae558034ba94d8f30.awsglobalaccelerator.com
Software
nginx /
Resource Hash
3e1174d094c6dfbdded5b637cc887aad62a05f7b2937b9c065dc55827af5ad3f
Security Headers
Name Value
Strict-Transport-Security max-age=31557600, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coverva.org/en/hipp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 13:50:28 GMT
strict-transport-security
max-age=31557600, max-age=31536000; includeSubDomains
x-content-type-options
nosniff
age
11974
x-vhost
maximus
x-cache
HIT
content-disposition
attachment
content-length
3030
x-xss-protection
1; mode=block
x-served-by
cache-iad-kiad7000160-IAD
last-modified
Fri, 20 May 2022 00:38:03 GMT
server
nginx
x-timer
S1666619429.644973,VS0,VS0,VE2
etag
"bd6-5df66b3fe50c0"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=5184000, public
accept-ranges
bytes
expires
Fri, 23 Dec 2022 13:50:28 GMT
modal_signup_form
www.coverva.org/api/aem/page/ 		33 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.coverva.org/api/aem/page/modal_signup_form?language=en
Requested by
Host: www.coverva.org
URL: https://www.coverva.org/static/js/main~2b2c0fd8.c823ecb0.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.125.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ae558034ba94d8f30.awsglobalaccelerator.com
Software
nginx /
Resource Hash
383d8f487c839b411a043d852d576c836786e7d0611f0e49e4cc911e933f6e56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
baseUrl
united-states/virginia/
Referer
https://www.coverva.org/en/hipp
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
tenantId
cover-va

Response headers

date
Mon, 24 Oct 2022 13:50:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
etag
W/"8490-Ldxjrc5tt9n9cOfZJvyKPDOPEUY"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
public, max-age=30
x-xss-protection
1; mode=block
f8d3d406f566cea3182f.worker.js
www.coverva.org/ 		778 KB
262 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.coverva.org/f8d3d406f566cea3182f.worker.js
Requested by
Host: www.coverva.org
URL: https://www.coverva.org/en/hipp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.125.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ae558034ba94d8f30.awsglobalaccelerator.com
Software
nginx /
Resource Hash
a6c4ec2572fe881ee4742a95188af2eecc200fee47ab8fc8751d4e9de82d1478
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coverva.org/en/hipp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 13:50:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Wed, 20 Jul 2022 21:00:21 GMT
server
nginx
etag
W/"c29d7-1821d695e88"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
x-xss-protection
1; mode=block
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/63e6c9fa6c47/b97f7658714a/launch-4a6b746de091.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coverva.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 12:05:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6278
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31017
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 14:28:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Oct 2023 12:05:50 GMT
pe0qMImSLYBIv1o4X1M8cce9I9s.woff2
fonts.gstatic.com/s/nunitosans/v12/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:400,400b,400i,700,700b,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.coverva.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 11:07:43 GMT
x-content-type-options
nosniff
age
9765
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16980
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:33:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Oct 2023 11:07:43 GMT
pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2
fonts.gstatic.com/s/nunitosans/v12/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:400,400b,400i,700,700b,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
280aaa8929329764ac3213ca093c63505cfcc665347939c79905c426d33867c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.coverva.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 20:55:52 GMT
x-content-type-options
nosniff
age
579276
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17116
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:31:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Oct 2023 20:55:52 GMT
pe0oMImSLYBIv1o4X1M8cce4E9lKdg.woff2
fonts.gstatic.com/s/nunitosans/v12/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunitosans/v12/pe0oMImSLYBIv1o4X1M8cce4E9lKdg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:400,400b,400i,700,700b,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6637ea3139ffb01e240829717a4f8c195d7be6b81780ed643000b49833d8d6d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.coverva.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 15:46:07 GMT
x-content-type-options
nosniff
age
79461
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17684
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:32:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Oct 2023 15:46:07 GMT
pe0qMImSLYBIv1o4X1M8ccezI9tScg.woff2
fonts.gstatic.com/s/nunitosans/v12/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8ccezI9tScg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:400,400b,400i,700,700b,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5026094d6d554ca578d6b243acd84972d69aa538b4d7d09f1bb37df508447b63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.coverva.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 12:01:46 GMT
x-content-type-options
nosniff
age
6522
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16076
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:35:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Oct 2023 12:01:46 GMT
pe0qMImSLYBIv1o4X1M8cce5I9tScg.woff2
fonts.gstatic.com/s/nunitosans/v12/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8cce5I9tScg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:400,400b,400i,700,700b,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d544a4a2ee3c404deda4424b1823b90fec0e60db1702b48c29306a8db2eda615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.coverva.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 14:11:16 GMT
x-content-type-options
nosniff
age
603552
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10004
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:33:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Oct 2023 14:11:16 GMT
256855624942264
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/256855624942264?v=2.9.87&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dc562f2b77e0c092611557b2b2fc8c34396990d729c2bca90fb252fe0bc9225c
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coverva.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 24 Oct 2022 13:50:28 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
hNwTy9rArwm0Ik4SYVAkQ5wiy/NllpZBhqqRQXzbScBcZOcnbolxhAB3CD+QrwZ2c26JtD4q0+msi0TvlZNzwQ==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
347 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-M757RGM3NY&gtm=2oeaj0&_p=1606509472&cid=2124833498.1666619429&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1666619428&sct=1&seg=0&dl=https%3A%2F%2Fwww.coverva.org%2Fen%2Fhipp&dt=Health%20Insurance%20Premium%20Payment%20(HIPP)%20programs&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M757RGM3NY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coverva.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 13:50:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.coverva.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-781502479
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
8c1f103985ca72fdbd172c878fef875d9e50327c2baac26ce1b80d4a4fbf15e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coverva.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 13:50:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15176
x-xss-protection
0
server
cafe
etag
444338200384796413
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 24 Oct 2022 13:50:28 GMT
s62557996695683
maximusinc.sc.omtrdc.net/b/ss/maximus-CoverVA-prod,maximus-global-prod/1/JS-2.22.4-LCUM/ 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maximusinc.sc.omtrdc.net/b/ss/maximus-CoverVA-prod,maximus-global-prod/1/JS-2.22.4-LCUM/s62557996695683?AQB=1&ndh=1&pf=1&t=24%2F9%2F2022%2013%3A50%3A28%201%200&mid=43243404725943356973172103742320360893&aamlh=6&ce=UTF-8&cl=SESSION&pageName=%2Fen%2Fhipp&g=https%3A%2F%2Fwww.coverva.org%2Fen%2Fhipp&cc=USD&server=www.coverva.org&events=event1&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&v1=%2Fen%2Fhipp&c2=en&c3=hipp&v3=www.coverva.org&c4=D%3Dv6&c5=D%3Dv7&v5=D%3Dmid&c6=D%3Dv13&c7=D%3Dv14&v7=https%3A%2F%2Fwww.coverva.org%2Fen%2Fhipp&v8=english&v17=D%3Dg&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=F6E84ABD5ED8A0AA0A495F8B%40AdobeOrg&AQE=1
Requested by
Host: www.coverva.org
URL: https://www.coverva.org/en/hipp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coverva.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 13:50:29 GMT
x-content-type-options
nosniff
last-modified
Tue, 25 Oct 2022 13:50:29 GMT
server
jag
etag
3579037971971833856-4619806522104473582
vary
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
*
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 23 Oct 2022 13:50:29 GMT
pe0qMImSLYBIv1o4X1M8cceyI9tScg.woff2
fonts.gstatic.com/s/nunitosans/v12/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8cceyI9tScg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:400,400b,400i,700,700b,700i
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be68e4062a70bf9ab3f733873c9229637ed839167cc0fa58e26ec635ffa2d6e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.coverva.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 22:30:16 GMT
x-content-type-options
nosniff
age
573612
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6832
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:31:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Oct 2023 22:30:16 GMT
CVA-logo_SignUp_Email.jpg
www.coverva.org/content/dam/digital/united-states/virginia/cover-va/images/common/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.coverva.org/content/dam/digital/united-states/virginia/cover-va/images/common/CVA-logo_SignUp_Email.jpg
Requested by
Host: www.coverva.org
URL: https://www.coverva.org/en/hipp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.125.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ae558034ba94d8f30.awsglobalaccelerator.com
Software
nginx /
Resource Hash
5803699ce0ea45967969513aa350b189c9094f5fb72078bf528eefe4b40c53c6
Security Headers
Name Value
Strict-Transport-Security max-age=31557600, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coverva.org/en/hipp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 13:50:28 GMT
strict-transport-security
max-age=31557600, max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-md5
MEBFdqkPjCQp3CxCBxRCsA==
age
5056
x-cache
HIT
content-disposition
attachment; filename="CVA-logo_SignUp_Email.jpg"; filename*=UTF-8''CVA-logo_SignUp_Email.jpg
content-length
25411
x-xss-protection
1; mode=block
x-served-by
cache-iad-kjyo7100178-IAD
last-modified
Fri, 20 May 2022 00:39:34 GMT
server
nginx
x-timer
S1666619429.982973,VS0,VS0,VE1
etag
"0x8DA39F936493CA5"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=5184000, public
accept-ranges
bytes
expires
Fri, 23 Dec 2022 13:50:28 GMT
/
www.facebook.com/tr/ 		0
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/?id=256855624942264&ev=PageView&dl=https%3A%2F%2Fwww.coverva.org%2Fen%2Fhipp&rl=&if=false&ts=1666619428941&sw=1600&sh=1200&v=2.9.87&r=stable&ec=0&o=30&fbp=fb.1.1666619428940.184198739&it=1666619428682&coo=false&exp=b3&rqm=GET&cd[rex]=%7B%22retry%22%3A0%7D
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coverva.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 24 Oct 2022 13:50:28 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
https://www.coverva.org
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/781502479/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/781502479/?random=1666619429032&cv=9&fst=1666619429032&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaj0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.coverva.org%2Fen%2Fhipp&tiba=Health%20Insurance%20Premium%20Payment%20(HIPP)%20programs&auid=1824037275.1666619429&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41b99412f85676627d2fe569af2c5c816b036281743dd7ec1ea23b9a57a19816
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coverva.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 13:50:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1063
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/781502479/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/781502479/?random=1666619429032&cv=9&fst=1666616400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaj0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.coverva.org%2Fen%2Fhipp&tiba=Health%20Insurance%20Premium%20Payment%20(HIPP)%20programs&async=1&fmt=3&is_vtc=1&random=3306893109&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.coverva.org
URL: https://www.coverva.org/en/hipp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coverva.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 13:50:29 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/781502479/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/781502479/?random=1666619429032&cv=9&fst=1666616400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaj0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.coverva.org%2Fen%2Fhipp&tiba=Health%20Insurance%20Premium%20Payment%20(HIPP)%20programs&async=1&fmt=3&is_vtc=1&random=3306893109&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.coverva.org
URL: https://www.coverva.org/en/hipp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coverva.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 13:50:29 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
eyJhbm9ueW1vdXMiOnRydWUsImtleSI6ImFub255bW91cyJ9
app.launchdarkly.com/sdk/evalx/590ca63f5fc26e09cd4f103d/users/ 		6 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/evalx/590ca63f5fc26e09cd4f103d/users/eyJhbm9ueW1vdXMiOnRydWUsImtleSI6ImFub255bW91cyJ9
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget/widget.js?api-key=Rg17rBCiAESsURhm1UTcGw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ce2a603216b2d21b1cd5a675e2554d8dc9be1ab3ae4990ee7f67bb5094971838

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coverva.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 13:50:29 GMT
content-encoding
gzip
via
1.1 varnish
age
0
x-cache
HIT
content-length
890
x-served-by
cache-hhn4068-HHN, cache-hhn4057-HHN
x-timer
S1666619429.251795,VS0,VE2
etag
"761dbb"
access-control-max-age
3600
access-control-allow-methods
OPTIONS, GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0
vary
Authorization, Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits
1
widget.9269aac71764f44de739.css
medchatapp.com/widget/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://medchatapp.com/widget/widget.9269aac71764f44de739.css
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget/widget.js?api-key=Rg17rBCiAESsURhm1UTcGw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.154.205.63 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7dbd91f290f31441753ac34e08df314814461831194a0e16ddfa4dd85a311c66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coverva.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 13:50:29 GMT
content-encoding
gzip
last-modified
Thu, 20 Oct 2022 23:29:06 GMT
server
Microsoft-IIS/10.0
etag
"0df3bedbe4d81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
939
/
medchatapp.com/widget-launcher/ Frame B095 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://medchatapp.com/widget-launcher/
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget/widget.js?api-key=Rg17rBCiAESsURhm1UTcGw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.154.205.63 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b4d8e7435cae71af143e288d03fac6ad06e58b524233b1f41b3a27f4c20d1c76

Request headers

Referer
https://www.coverva.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-headers
Content-Type
access-control-allow-origin
*
content-encoding
gzip
content-length
878
content-type
text/html
date
Mon, 24 Oct 2022 13:50:29 GMT
etag
"0e0c1bddbe4d81:0"
last-modified
Thu, 20 Oct 2022 23:29:04 GMT
server
Microsoft-IIS/10.0
vary
Accept-Encoding
x-powered-by
ASP.NET
Rg17rBCiAESsURhm1UTcGw
medchatapp.com/widget/ Frame 27A3 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://medchatapp.com/widget/Rg17rBCiAESsURhm1UTcGw?&hasWrapper=true
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget/widget.js?api-key=Rg17rBCiAESsURhm1UTcGw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.154.205.63 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b6d45404ce47bf959157644c1f391690e8e525e1b8e48a269f89c57a56960c40

Request headers

Referer
https://www.coverva.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-headers
Content-Type
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
905
content-type
text/html
date
Mon, 24 Oct 2022 13:50:29 GMT
etag
"0df3bedbe4d81:0"
expires
-1
last-modified
Thu, 20 Oct 2022 23:29:06 GMT
pragma
no-cache
server
Microsoft-IIS/10.0
vary
Accept-Encoding
x-powered-by
ASP.NET
runtime.fb227d1a52e5a6d1.js
medchatapp.com/widget-launcher/ Frame B095 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://medchatapp.com/widget-launcher/runtime.fb227d1a52e5a6d1.js
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget-launcher/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.154.205.63 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d5eb67e1d759953e7528a0a91d94a9e14042febf962c37a866d5bcd6ce903328

Request headers

Referer
https://medchatapp.com/widget-launcher/
Origin
https://medchatapp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 13:50:29 GMT
content-encoding
gzip
last-modified
Thu, 20 Oct 2022 23:29:06 GMT
server
Microsoft-IIS/10.0
etag
"0df3bedbe4d81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
943
polyfills.ee34b270bafba9ee.js
medchatapp.com/widget-launcher/ Frame B095 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://medchatapp.com/widget-launcher/polyfills.ee34b270bafba9ee.js
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget-launcher/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.154.205.63 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7a2625338a4e787e6df75cdd3578e9132ca23a30531cb0ac0ba5c7a4c2d51e7c

Request headers

Referer
https://medchatapp.com/widget-launcher/
Origin
https://medchatapp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 13:50:29 GMT
content-encoding
gzip
last-modified
Thu, 20 Oct 2022 23:29:06 GMT
server
Microsoft-IIS/10.0
etag
"0df3bedbe4d81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
38441
main.3df1e5f88ec847cf.js
medchatapp.com/widget-launcher/ Frame B095 		749 KB
214 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://medchatapp.com/widget-launcher/main.3df1e5f88ec847cf.js
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget-launcher/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.154.205.63 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
119fd7c15e6d4801592a60bb3b7a1b6f65be126326d4f1459c907d63d6c0241a

Request headers

Referer
https://medchatapp.com/widget-launcher/
Origin
https://medchatapp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 13:50:29 GMT
content-encoding
gzip
last-modified
Thu, 20 Oct 2022 23:29:06 GMT
server
Microsoft-IIS/10.0
etag
"0df3bedbe4d81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
219127
runtime.bc68905e3e316bda.js
medchatapp.com/widget/ Frame 27A3 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://medchatapp.com/widget/runtime.bc68905e3e316bda.js
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget/Rg17rBCiAESsURhm1UTcGw?&hasWrapper=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.154.205.63 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2fbb9b53547aff6be4c57072611e0c0deb83599f768f44cb2074df40832d8e68

Request headers

Referer
https://medchatapp.com/widget/Rg17rBCiAESsURhm1UTcGw?&hasWrapper=true
Origin
https://medchatapp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 13:50:29 GMT
content-encoding
gzip
last-modified
Thu, 20 Oct 2022 23:29:06 GMT
server
Microsoft-IIS/10.0
etag
"0df3bedbe4d81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
1897
polyfills.dc623d97118c097b.js
medchatapp.com/widget/ Frame 27A3 		102 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://medchatapp.com/widget/polyfills.dc623d97118c097b.js
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget/Rg17rBCiAESsURhm1UTcGw?&hasWrapper=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.154.205.63 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8340f542ddddfe7dff939896f54ffb290d2411d08f66ae359852f815806caa24

Request headers

Referer
https://medchatapp.com/widget/Rg17rBCiAESsURhm1UTcGw?&hasWrapper=true
Origin
https://medchatapp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 13:50:29 GMT
content-encoding
gzip
last-modified
Thu, 20 Oct 2022 23:29:06 GMT
server
Microsoft-IIS/10.0
etag
"0df3bedbe4d81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
36448
main.5c8443dad6296f28.js
medchatapp.com/widget/ Frame 27A3 		1 MB
326 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://medchatapp.com/widget/main.5c8443dad6296f28.js
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget/Rg17rBCiAESsURhm1UTcGw?&hasWrapper=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.154.205.63 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
37b8c2acd133bd87b7b64121aca9b5148655842749fbddc0d1241ece45a11d32

Request headers

Referer
https://medchatapp.com/widget/Rg17rBCiAESsURhm1UTcGw?&hasWrapper=true
Origin
https://medchatapp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 13:50:29 GMT
content-encoding
gzip
last-modified
Thu, 20 Oct 2022 23:29:06 GMT
server
Microsoft-IIS/10.0
etag
"0df3bedbe4d81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
333521
styles.1f9b0f1e7767e96c.css
medchatapp.com/widget-launcher/ Frame B095 		506 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://medchatapp.com/widget-launcher/styles.1f9b0f1e7767e96c.css
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget-launcher/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.154.205.63 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
13a3971e860f80ffd05ed9b61422ee9caf8ab9351637ed6e1857847718647e43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medchatapp.com/widget-launcher/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 13:50:29 GMT
content-encoding
gzip
last-modified
Thu, 20 Oct 2022 23:29:06 GMT
server
Microsoft-IIS/10.0
etag
"0df3bedbe4d81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
36074
styles.6455aa7594d561a7.css
medchatapp.com/widget/ Frame 27A3 		508 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://medchatapp.com/widget/styles.6455aa7594d561a7.css
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget/Rg17rBCiAESsURhm1UTcGw?&hasWrapper=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.154.205.63 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5dcf6b3277779b268d36044b59539a3bddefac8d498a077fd9c6fdbb7d39981d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medchatapp.com/widget/Rg17rBCiAESsURhm1UTcGw?&hasWrapper=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 13:50:29 GMT
content-encoding
gzip
last-modified
Thu, 20 Oct 2022 23:29:06 GMT
server
Microsoft-IIS/10.0
etag
"0df3bedbe4d81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
36589
IBMPlexSans-Regular.woff
shared-assets.medchatapp.com/fonts/ Frame B095 		77 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://shared-assets.medchatapp.com/fonts/IBMPlexSans-Regular.woff
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget-launcher/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.84.36.2 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8d35554021d48cf78b78c1199df5bbd52852a2b26df8b5ca250bc32ea189039e

Request headers

Referer
https://medchatapp.com/
Origin
https://medchatapp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 13:50:29 GMT
last-modified
Wed, 02 Dec 2020 19:20:19 GMT
server
Microsoft-IIS/10.0
etag
"4a6d842ce0c8d61:0"
x-powered-by
ASP.NET
content-type
application/font-woff
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
78672
IBMPlexSans-Regular.woff
shared-assets.medchatapp.com/fonts/ Frame 27A3 		77 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://shared-assets.medchatapp.com/fonts/IBMPlexSans-Regular.woff
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget/Rg17rBCiAESsURhm1UTcGw?&hasWrapper=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.84.36.2 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8d35554021d48cf78b78c1199df5bbd52852a2b26df8b5ca250bc32ea189039e

Request headers

Referer
https://medchatapp.com/
Origin
https://medchatapp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 13:50:29 GMT
last-modified
Wed, 02 Dec 2020 19:20:19 GMT
server
Microsoft-IIS/10.0
etag
"4a6d842ce0c8d61:0"
x-powered-by
ASP.NET
content-type
application/font-woff
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
78672
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=256855624942264&ev=Microdata&dl=https%3A%2F%2Fwww.coverva.org%2Fen%2Fhipp&rl=&if=false&ts=1666619430445&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Health%20Insurance%20Premium%20Payment%20(HIPP)%20programs%22%2C%22meta%3Adescription%22%3A%22Test%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.87&r=stable&ec=1&o=30&fbp=fb.1.1666619428940.184198739&it=1666619428682&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coverva.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 24 Oct 2022 13:50:30 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
590ca63f5fc26e09cd4f103d
app.launchdarkly.com/sdk/goals/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/goals/590ca63f5fc26e09cd4f103d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent
Access-Control-Request-Method
GET
Origin
https://medchatapp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Mon, 24 Oct 2022 13:50:30 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
1
x-served-by
cache-hhn4057-HHN
x-timer
S1666619431.634847,VS0,VE1
Rg17rBCiAESsURhm1UTcGw
medchatapp.com/api/widgets/ Frame 27A3 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://medchatapp.com/api/widgets/Rg17rBCiAESsURhm1UTcGw?url=https%3A%2F%2Fwww.coverva.org%2Fen%2Fhipp
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget/polyfills.dc623d97118c097b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.154.205.63 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
2432bcd92b8267e6eca9c66765629a2dc4642896b76a7b747fef254e2555d828
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Pragma
no-cache
x-session-correlation-id
3spu7g
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Accept
application/vnd.medchat+json;v=2.0
Cache-Control
no-cache
Referer
https://medchatapp.com/widget/Rg17rBCiAESsURhm1UTcGw?hasWrapper=true
If-Modified-Since
Sat, 01 Jan 2000 00:00:00 GMT
Request-Id
|4dfb4675425844b699e70e88c7553518.9642cfa79b54472c
Expires
Sat, 01 Jan 2000 00:00:00 GMT

Response headers

content-type
application/vnd.medchat+json; v=2.0; charset=utf-8
date
Mon, 24 Oct 2022 13:50:30 GMT
strict-transport-security
max-age=2592000
server
Microsoft-HTTPAPI/2.0
content-length
4673
request-context
appId=cid-v1:be4588a2-b71d-47dd-8148-6312efa0bc11
widgetStatus
medchatapp.com/api/widgets/Rg17rBCiAESsURhm1UTcGw/ Frame 27A3 		260 B
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://medchatapp.com/api/widgets/Rg17rBCiAESsURhm1UTcGw/widgetStatus
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget/polyfills.dc623d97118c097b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.154.205.63 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
c20ffbb553c9fce0bf4fb7d2369c610adbf63c8a1c8c9cf2716484240e6ce52a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Pragma
no-cache
x-session-correlation-id
3spu7g
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Accept
application/vnd.medchat+json;v=1.0
Cache-Control
no-cache
Referer
https://medchatapp.com/widget/Rg17rBCiAESsURhm1UTcGw?hasWrapper=true
If-Modified-Since
Sat, 01 Jan 2000 00:00:00 GMT
Request-Id
|4dfb4675425844b699e70e88c7553518.73c80b6bcd344e16
Expires
Sat, 01 Jan 2000 00:00:00 GMT

Response headers

content-type
application/vnd.medchat+json; v=1.0; charset=utf-8
date
Mon, 24 Oct 2022 13:50:30 GMT
strict-transport-security
max-age=2592000
server
Microsoft-HTTPAPI/2.0
content-length
260
request-context
appId=cid-v1:be4588a2-b71d-47dd-8148-6312efa0bc11
590ca63f5fc26e09cd4f103d
app.launchdarkly.com/sdk/goals/ Frame 27A3 		2 B
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/goals/590ca63f5fc26e09cd4f103d
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget/polyfills.dc623d97118c097b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://medchatapp.com/
accept-language
de-DE,de;q=0.9
X-LaunchDarkly-User-Agent
JSClient/2.10.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
via
1.1 varnish
date
Mon, 24 Oct 2022 13:50:30 GMT
content-md5
d751713988987e9331980363e24189ce
age
0
x-cache
HIT
content-length
26
x-served-by
cache-hhn4057-HHN
x-timer
S1666619431.660396,VS0,VE1
etag
"d751713988987e9331980363e24189ce"
ld-region
us-east-1
access-control-max-age
300
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits
1
eyJhbm9ueW1vdXMiOnRydWUsImtleSI6ImFub255bW91cyIsImN1c3RvbSI6eyJhcGlLZXkiOiJSZzE3ckJDaUFFU3NVUmhtMVVUY0d3IiwiYmFzZUhyZWYiOiIvd2lkZ2V0LyJ9fQ
app.launchdarkly.com/sdk/evalx/590ca63f5fc26e09cd4f103d/users/ Frame 27A3 		6 KB
983 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/evalx/590ca63f5fc26e09cd4f103d/users/eyJhbm9ueW1vdXMiOnRydWUsImtleSI6ImFub255bW91cyIsImN1c3RvbSI6eyJhcGlLZXkiOiJSZzE3ckJDaUFFU3NVUmhtMVVUY0d3IiwiYmFzZUhyZWYiOiIvd2lkZ2V0LyJ9fQ
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget/polyfills.dc623d97118c097b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ce2a603216b2d21b1cd5a675e2554d8dc9be1ab3ae4990ee7f67bb5094971838

Request headers

Referer
https://medchatapp.com/
accept-language
de-DE,de;q=0.9
X-LaunchDarkly-User-Agent
JSClient/2.10.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 13:50:30 GMT
content-encoding
gzip
via
1.1 varnish
age
0
x-cache
HIT
content-length
890
x-served-by
cache-hhn4039-HHN, cache-hhn4057-HHN
x-timer
S1666619431.663116,VS0,VE1
etag
"761dbb"
access-control-max-age
3600
access-control-allow-methods
OPTIONS, GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0
vary
Authorization, Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits
1
eyJhbm9ueW1vdXMiOnRydWUsImtleSI6ImFub255bW91cyIsImN1c3RvbSI6eyJhcGlLZXkiOiJSZzE3ckJDaUFFU3NVUmhtMVVUY0d3IiwiYmFzZUhyZWYiOiIvd2lkZ2V0LyJ9fQ
app.launchdarkly.com/sdk/evalx/590ca63f5fc26e09cd4f103d/users/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/evalx/590ca63f5fc26e09cd4f103d/users/eyJhbm9ueW1vdXMiOnRydWUsImtleSI6ImFub255bW91cyIsImN1c3RvbSI6eyJhcGlLZXkiOiJSZzE3ckJDaUFFU3NVUmhtMVVUY0d3IiwiYmFzZUhyZWYiOiIvd2lkZ2V0LyJ9fQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent
Access-Control-Request-Method
GET
Origin
https://medchatapp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Mon, 24 Oct 2022 13:50:30 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
1
x-served-by
cache-hhn4057-HHN
x-timer
S1666619431.639406,VS0,VE1
590ca63f5fc26e09cd4f103d
app.launchdarkly.com/sdk/goals/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/goals/590ca63f5fc26e09cd4f103d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent
Access-Control-Request-Method
GET
Origin
https://medchatapp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Mon, 24 Oct 2022 13:50:30 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
2
x-served-by
cache-hhn4057-HHN
x-timer
S1666619431.771607,VS0,VE0
Rg17rBCiAESsURhm1UTcGw
medchatapp.com/api/widgets/ Frame 27A3 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://medchatapp.com/api/widgets/Rg17rBCiAESsURhm1UTcGw?url=https%3A%2F%2Fwww.coverva.org%2Fen%2Fhipp
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget/polyfills.dc623d97118c097b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.154.205.63 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
2432bcd92b8267e6eca9c66765629a2dc4642896b76a7b747fef254e2555d828
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Pragma
no-cache
x-session-correlation-id
3spu7g
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Accept
application/vnd.medchat+json;v=2.0
Cache-Control
no-cache
Referer
https://medchatapp.com/widget/Rg17rBCiAESsURhm1UTcGw?hasWrapper=true
If-Modified-Since
Sat, 01 Jan 2000 00:00:00 GMT
Request-Id
|4dfb4675425844b699e70e88c7553518.7e8d40b417144931
Expires
Sat, 01 Jan 2000 00:00:00 GMT

Response headers

content-type
application/vnd.medchat+json; v=2.0; charset=utf-8
date
Mon, 24 Oct 2022 13:50:30 GMT
strict-transport-security
max-age=2592000
server
Microsoft-HTTPAPI/2.0
content-length
4673
request-context
appId=cid-v1:be4588a2-b71d-47dd-8148-6312efa0bc11
widgetStatus
medchatapp.com/api/widgets/Rg17rBCiAESsURhm1UTcGw/ Frame 27A3 		260 B
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://medchatapp.com/api/widgets/Rg17rBCiAESsURhm1UTcGw/widgetStatus
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget/polyfills.dc623d97118c097b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.154.205.63 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
c20ffbb553c9fce0bf4fb7d2369c610adbf63c8a1c8c9cf2716484240e6ce52a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Pragma
no-cache
x-session-correlation-id
3spu7g
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Accept
application/vnd.medchat+json;v=1.0
Cache-Control
no-cache
Referer
https://medchatapp.com/widget/Rg17rBCiAESsURhm1UTcGw?hasWrapper=true
If-Modified-Since
Sat, 01 Jan 2000 00:00:00 GMT
Request-Id
|4dfb4675425844b699e70e88c7553518.4c676cf851e24815
Expires
Sat, 01 Jan 2000 00:00:00 GMT

Response headers

content-type
application/vnd.medchat+json; v=1.0; charset=utf-8
date
Mon, 24 Oct 2022 13:50:30 GMT
strict-transport-security
max-age=2592000
server
Microsoft-HTTPAPI/2.0
content-length
260
request-context
appId=cid-v1:be4588a2-b71d-47dd-8148-6312efa0bc11
590ca63f5fc26e09cd4f103d
app.launchdarkly.com/sdk/goals/ Frame 27A3 		2 B
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/goals/590ca63f5fc26e09cd4f103d
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget/polyfills.dc623d97118c097b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://medchatapp.com/
accept-language
de-DE,de;q=0.9
X-LaunchDarkly-User-Agent
JSClient/2.10.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
via
1.1 varnish
date
Mon, 24 Oct 2022 13:50:30 GMT
content-md5
d751713988987e9331980363e24189ce
age
0
x-cache
HIT
content-length
26
x-served-by
cache-hhn4057-HHN
x-timer
S1666619431.795657,VS0,VE0
etag
"d751713988987e9331980363e24189ce"
ld-region
us-east-1
access-control-max-age
300
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits
2
eyJhbm9ueW1vdXMiOnRydWUsImtleSI6ImFub255bW91cyIsImN1c3RvbSI6eyJhcGlLZXkiOiJSZzE3ckJDaUFFU3NVUmhtMVVUY0d3IiwiYmFzZUhyZWYiOiIvd2lkZ2V0LyJ9fQ
app.launchdarkly.com/sdk/evalx/590ca63f5fc26e09cd4f103d/users/ Frame 27A3 		6 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/evalx/590ca63f5fc26e09cd4f103d/users/eyJhbm9ueW1vdXMiOnRydWUsImtleSI6ImFub255bW91cyIsImN1c3RvbSI6eyJhcGlLZXkiOiJSZzE3ckJDaUFFU3NVUmhtMVVUY0d3IiwiYmFzZUhyZWYiOiIvd2lkZ2V0LyJ9fQ
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget/polyfills.dc623d97118c097b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ce2a603216b2d21b1cd5a675e2554d8dc9be1ab3ae4990ee7f67bb5094971838

Request headers

Referer
https://medchatapp.com/
accept-language
de-DE,de;q=0.9
X-LaunchDarkly-User-Agent
JSClient/2.10.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 13:50:30 GMT
content-encoding
gzip
via
1.1 varnish
age
0
x-cache
HIT
content-length
890
x-served-by
cache-hhn4039-HHN, cache-hhn4057-HHN
x-timer
S1666619431.795619,VS0,VE0
etag
"761dbb"
access-control-max-age
3600
access-control-allow-methods
OPTIONS, GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0
vary
Authorization, Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits
2
eyJhbm9ueW1vdXMiOnRydWUsImtleSI6ImFub255bW91cyIsImN1c3RvbSI6eyJhcGlLZXkiOiJSZzE3ckJDaUFFU3NVUmhtMVVUY0d3IiwiYmFzZUhyZWYiOiIvd2lkZ2V0LyJ9fQ
app.launchdarkly.com/sdk/evalx/590ca63f5fc26e09cd4f103d/users/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/evalx/590ca63f5fc26e09cd4f103d/users/eyJhbm9ueW1vdXMiOnRydWUsImtleSI6ImFub255bW91cyIsImN1c3RvbSI6eyJhcGlLZXkiOiJSZzE3ckJDaUFFU3NVUmhtMVVUY0d3IiwiYmFzZUhyZWYiOiIvd2lkZ2V0LyJ9fQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent
Access-Control-Request-Method
GET
Origin
https://medchatapp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Mon, 24 Oct 2022 13:50:30 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
2
x-served-by
cache-hhn4057-HHN
x-timer
S1666619431.773727,VS0,VE0
track
dc.services.visualstudio.com/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.89 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://medchatapp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
date
Mon, 24 Oct 2022 13:50:30 GMT
x-content-type-options
nosniff
track
dc.services.visualstudio.com/v2/ Frame 27A3 		0
0
avatar
medchatapp.com/api/orgs/16f27459-7b00-5289-776d-39fa1a2a8c2c/widgets/ec6a0fe5-0277-ec2a-7dda-39fa9f644020/ Frame 27A3 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medchatapp.com/api/orgs/16f27459-7b00-5289-776d-39fa1a2a8c2c/widgets/ec6a0fe5-0277-ec2a-7dda-39fa9f644020/avatar
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.154.205.63 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
b18974847c094811e0378cacf1cffa494ce33a3254235028a5fa8dc2922faf35
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medchatapp.com/widget/Rg17rBCiAESsURhm1UTcGw?hasWrapper=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/png; v=1.0
date
Mon, 24 Oct 2022 13:50:31 GMT
cache-control
private,max-age=604800
strict-transport-security
max-age=2592000
server
Microsoft-HTTPAPI/2.0
content-length
9629
request-context
appId=cid-v1:be4588a2-b71d-47dd-8148-6312efa0bc11
590ca63f5fc26e09cd4f103d
app.launchdarkly.com/sdk/goals/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/goals/590ca63f5fc26e09cd4f103d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent
Access-Control-Request-Method
GET
Origin
https://medchatapp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Mon, 24 Oct 2022 13:50:31 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
3
x-served-by
cache-hhn4057-HHN
x-timer
S1666619431.105292,VS0,VE0
590ca63f5fc26e09cd4f103d
app.launchdarkly.com/sdk/goals/ Frame B095 		2 B
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/goals/590ca63f5fc26e09cd4f103d
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget-launcher/polyfills.ee34b270bafba9ee.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://medchatapp.com/
accept-language
de-DE,de;q=0.9
X-LaunchDarkly-User-Agent
JSClient/2.10.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
via
1.1 varnish
date
Mon, 24 Oct 2022 13:50:31 GMT
content-md5
d751713988987e9331980363e24189ce
age
0
x-cache
HIT
content-length
26
x-served-by
cache-hhn4057-HHN
x-timer
S1666619431.125626,VS0,VE0
etag
"d751713988987e9331980363e24189ce"
ld-region
us-east-1
access-control-max-age
300
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits
3
eyJhbm9ueW1vdXMiOnRydWUsImtleSI6ImFub255bW91cyIsImN1c3RvbSI6eyJhcGlLZXkiOiJSZzE3ckJDaUFFU3NVUmhtMVVUY0d3IiwiYmFzZUhyZWYiOiIvd2lkZ2V0LWxhdW5jaGVyLyJ9fQ
app.launchdarkly.com/sdk/evalx/590ca63f5fc26e09cd4f103d/users/ Frame B095 		6 KB
986 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/evalx/590ca63f5fc26e09cd4f103d/users/eyJhbm9ueW1vdXMiOnRydWUsImtleSI6ImFub255bW91cyIsImN1c3RvbSI6eyJhcGlLZXkiOiJSZzE3ckJDaUFFU3NVUmhtMVVUY0d3IiwiYmFzZUhyZWYiOiIvd2lkZ2V0LWxhdW5jaGVyLyJ9fQ
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget-launcher/polyfills.ee34b270bafba9ee.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ce2a603216b2d21b1cd5a675e2554d8dc9be1ab3ae4990ee7f67bb5094971838

Request headers

Referer
https://medchatapp.com/
accept-language
de-DE,de;q=0.9
X-LaunchDarkly-User-Agent
JSClient/2.10.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 13:50:31 GMT
content-encoding
gzip
via
1.1 varnish
age
0
x-cache
HIT
content-length
890
x-served-by
cache-hhn4037-HHN, cache-hhn4057-HHN
x-timer
S1666619431.127760,VS0,VE1
etag
"761dbb"
access-control-max-age
3600
access-control-allow-methods
OPTIONS, GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0
vary
Authorization, Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits
1
eyJhbm9ueW1vdXMiOnRydWUsImtleSI6ImFub255bW91cyIsImN1c3RvbSI6eyJhcGlLZXkiOiJSZzE3ckJDaUFFU3NVUmhtMVVUY0d3IiwiYmFzZUhyZWYiOiIvd2lkZ2V0LWxhdW5jaGVyLyJ9fQ
app.launchdarkly.com/sdk/evalx/590ca63f5fc26e09cd4f103d/users/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/evalx/590ca63f5fc26e09cd4f103d/users/eyJhbm9ueW1vdXMiOnRydWUsImtleSI6ImFub255bW91cyIsImN1c3RvbSI6eyJhcGlLZXkiOiJSZzE3ckJDaUFFU3NVUmhtMVVUY0d3IiwiYmFzZUhyZWYiOiIvd2lkZ2V0LWxhdW5jaGVyLyJ9fQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent
Access-Control-Request-Method
GET
Origin
https://medchatapp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Mon, 24 Oct 2022 13:50:31 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
3
x-served-by
cache-hhn4057-HHN
x-timer
S1666619431.107963,VS0,VE0
topicStatuses
medchatapp.com/api/widgets/Rg17rBCiAESsURhm1UTcGw/ Frame 27A3 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://medchatapp.com/api/widgets/Rg17rBCiAESsURhm1UTcGw/topicStatuses
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget/polyfills.dc623d97118c097b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.154.205.63 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e4fab8148924251a2095e77fbd83a748464e98cb0b99d3d5e71a4768c3052e74
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Pragma
no-cache
x-session-correlation-id
3spu7g
x-widget-id
ec6a0fe5-0277-ec2a-7dda-39fa9f644020
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Accept
application/vnd.medchat+json;v=1.0
Cache-Control
no-cache
Referer
https://medchatapp.com/widget/Rg17rBCiAESsURhm1UTcGw?hasWrapper=true
If-Modified-Since
Sat, 01 Jan 2000 00:00:00 GMT
Request-Id
|4dfb4675425844b699e70e88c7553518.e9b61bb36aa0452d
Expires
Sat, 01 Jan 2000 00:00:00 GMT

Response headers

content-type
application/vnd.medchat+json; v=1.0; charset=utf-8
date
Mon, 24 Oct 2022 13:50:31 GMT
strict-transport-security
max-age=2592000
server
Microsoft-HTTPAPI/2.0
content-length
2889
request-context
appId=cid-v1:be4588a2-b71d-47dd-8148-6312efa0bc11
122.fc7f0596fee37872.js
medchatapp.com/widget/ Frame 27A3 		1 MB
309 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://medchatapp.com/widget/122.fc7f0596fee37872.js
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget/runtime.bc68905e3e316bda.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.154.205.63 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0c6151f9f36bf2004a900cd6eaab08e8e6475f93ecee0e188c8cc3bb40ec8554

Request headers

Referer
https://medchatapp.com/widget/Rg17rBCiAESsURhm1UTcGw?hasWrapper=true
Origin
https://medchatapp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 13:50:31 GMT
content-encoding
gzip
last-modified
Thu, 20 Oct 2022 23:29:06 GMT
server
Microsoft-IIS/10.0
etag
"0df3bedbe4d81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
315794
541.b8a480b486e80f9e.js
medchatapp.com/widget/ Frame 27A3 		660 KB
178 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://medchatapp.com/widget/541.b8a480b486e80f9e.js
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget/runtime.bc68905e3e316bda.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.154.205.63 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
450cc181ad1dfa26f61d2926af4e3ae71f44158c32a09f2592a919cb2d7d251d

Request headers

Referer
https://medchatapp.com/widget/Rg17rBCiAESsURhm1UTcGw?hasWrapper=true
Origin
https://medchatapp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 13:50:31 GMT
content-encoding
gzip
last-modified
Thu, 20 Oct 2022 23:29:06 GMT
server
Microsoft-IIS/10.0
etag
"0df3bedbe4d81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
181368
2.f6a51ae30c69d8cc.js
medchatapp.com/widget/ Frame 27A3 		40 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://medchatapp.com/widget/2.f6a51ae30c69d8cc.js
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget/runtime.bc68905e3e316bda.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.154.205.63 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d19ad3ebba5051b3ed8b54287fa818e065e713228ee7bde8b7af59bfd7696d75

Request headers

Referer
https://medchatapp.com/widget/Rg17rBCiAESsURhm1UTcGw?hasWrapper=true
Origin
https://medchatapp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 13:50:31 GMT
content-encoding
gzip
last-modified
Thu, 20 Oct 2022 23:29:06 GMT
server
Microsoft-IIS/10.0
etag
"0df3bedbe4d81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
8097
986.a17a07138b449ec9.js
medchatapp.com/widget/ Frame 27A3 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://medchatapp.com/widget/986.a17a07138b449ec9.js
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget/runtime.bc68905e3e316bda.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.154.205.63 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fc054b3bf93a43efa68be8158ba803defb0f7c20f149f66f0dc19773b56dbf0a

Request headers

Referer
https://medchatapp.com/widget/Rg17rBCiAESsURhm1UTcGw?hasWrapper=true
Origin
https://medchatapp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 13:50:31 GMT
content-encoding
gzip
last-modified
Thu, 20 Oct 2022 23:29:06 GMT
server
Microsoft-IIS/10.0
etag
"0df3bedbe4d81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
851
avatar
medchatapp.com/api/orgs/16f27459-7b00-5289-776d-39fa1a2a8c2c/widgets/ec6a0fe5-0277-ec2a-7dda-39fa9f644020/ Frame B095 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medchatapp.com/api/orgs/16f27459-7b00-5289-776d-39fa1a2a8c2c/widgets/ec6a0fe5-0277-ec2a-7dda-39fa9f644020/avatar
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget-launcher/main.3df1e5f88ec847cf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.154.205.63 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
b18974847c094811e0378cacf1cffa494ce33a3254235028a5fa8dc2922faf35
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medchatapp.com/widget-launcher/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/png; v=1.0
date
Mon, 24 Oct 2022 13:50:31 GMT
cache-control
private,max-age=604800
strict-transport-security
max-age=2592000
server
Microsoft-HTTPAPI/2.0
content-length
9629
request-context
appId=cid-v1:be4588a2-b71d-47dd-8148-6312efa0bc11
svg-symbols.svg
medchatapp.com/widget-launcher/assets/ Frame B095 		2 MB
556 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://medchatapp.com/widget-launcher/assets/svg-symbols.svg
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget-launcher/polyfills.ee34b270bafba9ee.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.154.205.63 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
89946eb5a159a2d6fa6c0f6804cb31ce41891483c26d8ae39d6129692eba00e3

Request headers

Accept
application/json, text/plain, */*
Referer
https://medchatapp.com/widget-launcher/
Request-Id
|9b61de083ab64c83bbaa10bde4eae347.830e7520dc7d463c
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 13:50:31 GMT
content-encoding
gzip
last-modified
Thu, 20 Oct 2022 23:29:06 GMT
server
Microsoft-IIS/10.0
etag
"0df3bedbe4d81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
568329
IBMPlexSans-Regular.woff
shared-assets.medchatapp.com/fonts/ Frame B095 		77 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://shared-assets.medchatapp.com/fonts/IBMPlexSans-Regular.woff
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget-launcher/styles.1f9b0f1e7767e96c.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.84.36.2 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8d35554021d48cf78b78c1199df5bbd52852a2b26df8b5ca250bc32ea189039e

Request headers

Referer
https://medchatapp.com/
Origin
https://medchatapp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 13:50:31 GMT
last-modified
Wed, 02 Dec 2020 19:20:19 GMT
server
Microsoft-IIS/10.0
etag
"4a6d842ce0c8d61:0"
x-powered-by
ASP.NET
content-type
application/font-woff
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
78672
241.5de9f42d2d1c50b0.js
medchatapp.com/widget/ Frame 27A3 		87 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://medchatapp.com/widget/241.5de9f42d2d1c50b0.js
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget/runtime.bc68905e3e316bda.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.154.205.63 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c06c704c1a85796bede0c0c6535f54f333e55e1968f582919f11b0f796f98703

Request headers

Referer
https://medchatapp.com/widget/Rg17rBCiAESsURhm1UTcGw/outreach
Origin
https://medchatapp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 13:50:31 GMT
content-encoding
gzip
last-modified
Thu, 20 Oct 2022 23:29:06 GMT
server
Microsoft-IIS/10.0
etag
"0df3bedbe4d81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
21624
590ca63f5fc26e09cd4f103d
events.launchdarkly.com/events/bulk/ Frame 27A3 		0
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/bulk/590ca63f5fc26e09cd4f103d
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget/polyfills.dc623d97118c097b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.211.252 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://medchatapp.com/
X-LaunchDarkly-Event-Schema
3
accept-language
de-DE,de;q=0.9
X-LaunchDarkly-User-Agent
JSClient/2.10.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 24 Oct 2022 13:50:33 GMT
strict-transport-security
max-age=31536000
access-control-max-age
300
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length
0
590ca63f5fc26e09cd4f103d
events.launchdarkly.com/events/bulk/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/bulk/590ca63f5fc26e09cd4f103d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.211.252 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-launchdarkly-event-schema,x-launchdarkly-user-agent
Access-Control-Request-Method
POST
Origin
https://medchatapp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-max-age
300
date
Mon, 24 Oct 2022 13:50:33 GMT
strict-transport-security
max-age=31536000
590ca63f5fc26e09cd4f103d
events.launchdarkly.com/events/bulk/ Frame 27A3 		0
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/bulk/590ca63f5fc26e09cd4f103d
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget/polyfills.dc623d97118c097b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.211.252 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://medchatapp.com/
X-LaunchDarkly-Event-Schema
3
accept-language
de-DE,de;q=0.9
X-LaunchDarkly-User-Agent
JSClient/2.10.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 24 Oct 2022 13:50:33 GMT
strict-transport-security
max-age=31536000
access-control-max-age
300
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length
0
590ca63f5fc26e09cd4f103d
events.launchdarkly.com/events/bulk/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/bulk/590ca63f5fc26e09cd4f103d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.211.252 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-launchdarkly-event-schema,x-launchdarkly-user-agent
Access-Control-Request-Method
POST
Origin
https://medchatapp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-max-age
300
date
Mon, 24 Oct 2022 13:50:33 GMT
strict-transport-security
max-age=31536000
590ca63f5fc26e09cd4f103d
events.launchdarkly.com/events/bulk/ Frame B095 		0
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/bulk/590ca63f5fc26e09cd4f103d
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget-launcher/polyfills.ee34b270bafba9ee.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.211.252 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://medchatapp.com/
X-LaunchDarkly-Event-Schema
3
accept-language
de-DE,de;q=0.9
X-LaunchDarkly-User-Agent
JSClient/2.10.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 24 Oct 2022 13:50:33 GMT
strict-transport-security
max-age=31536000
access-control-max-age
300
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length
0
590ca63f5fc26e09cd4f103d
events.launchdarkly.com/events/bulk/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/bulk/590ca63f5fc26e09cd4f103d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.211.252 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-launchdarkly-event-schema,x-launchdarkly-user-agent
Access-Control-Request-Method
POST
Origin
https://medchatapp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-max-age
300
date
Mon, 24 Oct 2022 13:50:33 GMT
strict-transport-security
max-age=31536000

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dc.services.visualstudio.com
URL
https://dc.services.visualstudio.com/v2/track

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| dataLayer object| INITIAL_STATE function| googleTranslateElementInit object| webpackJsonpdxhub-web-react object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in number| _dataLayerOverwriteMonitor function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| s function| setImmediate function| clearImmediate object| regeneratorRuntime number| 2f1acc6c3a606b082e5eef5e54414ffb boolean| _pdfjsCompatibilityChecked object| core function| saveAs object| _scriptMap function| axios function| gtag function| fbq function| _fbq function| ttd_dom_ready function| TTDUniversalPixelApi object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| s_i_maximus-CoverVA-prod_maximus-global-prod function| $ function| jQuery function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| currentExecutingScript object| medchatapp object| MedChatApp object| MedChat

14 Cookies

Domain/Path Name / Value
.demdex.net/ Name: demdex
Value: 38798764106249853522728794596961022820
.coverva.org/ Name: AMCVS_F6E84ABD5ED8A0AA0A495F8B%40AdobeOrg
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y1aYJAAAAIDUHANx
.coverva.org/ Name: _ga_M757RGM3NY
Value: GS1.1.1666619428.1.0.1666619428.0.0.0
.coverva.org/ Name: _ga
Value: GA1.1.2124833498.1666619429
.coverva.org/ Name: _gcl_au
Value: 1.1.1824037275.1666619429
.dpm.demdex.net/ Name: dpm
Value: 38798764106249853522728794596961022820
.coverva.org/ Name: s_gpv
Value: %2Fen%2Fhipp
.coverva.org/ Name: s_cc
Value: true
.coverva.org/ Name: AMCV_F6E84ABD5ED8A0AA0A495F8B%40AdobeOrg
Value: 1176715910%7CMCIDTS%7C19290%7CMCMID%7C43243404725943356973172103742320360893%7CMCAAMLH-1667224228%7C6%7CMCAAMB-1667224228%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1666626628s%7CNONE%7CMCSYNCSOP%7C411-19297%7CvVersion%7C5.4.0
.coverva.org/ Name: _fbp
Value: fb.1.1666619428940.184198739
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
medchatapp.com/ Name: ai_user
Value: nz7Np|2022-10-24T13:50:30.039Z
medchatapp.com/ Name: ai_session
Value: n5Omr|1666619430190|1666619431146.1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
app.launchdarkly.com
assets.adobedtm.com
cm.everesttech.net
connect.facebook.net
dc.services.visualstudio.com
dpm.demdex.net
events.launchdarkly.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.adsrvr.org
maximus.demdex.net
maximusinc.sc.omtrdc.net
medchatapp.com
region1.google-analytics.com
shared-assets.medchatapp.com
www.coverva.org
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
dc.services.visualstudio.com
13.69.106.89
13.84.36.2
142.250.186.130
15.236.176.210
151.101.2.217
2001:4860:4802:34::36
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2008
2a00:1450:4001:828::2004
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2003
2a02:26f0:3500:587::1e80
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.247.60.44
34.252.39.216
52.154.205.63
54.74.40.111
54.85.211.252
65.9.65.116
75.2.125.6
01aacda621b54eb9d93868804103f28053df812e27e3e582427cb1dfb9c8a66b
028a0f0c4dbddc448a34f12589723cb95645c8ff46f8e6baa5954c64a367ef8f
0c6151f9f36bf2004a900cd6eaab08e8e6475f93ecee0e188c8cc3bb40ec8554
119fd7c15e6d4801592a60bb3b7a1b6f65be126326d4f1459c907d63d6c0241a
13a3971e860f80ffd05ed9b61422ee9caf8ab9351637ed6e1857847718647e43
2432bcd92b8267e6eca9c66765629a2dc4642896b76a7b747fef254e2555d828
280aaa8929329764ac3213ca093c63505cfcc665347939c79905c426d33867c5
2fbb9b53547aff6be4c57072611e0c0deb83599f768f44cb2074df40832d8e68
37b8c2acd133bd87b7b64121aca9b5148655842749fbddc0d1241ece45a11d32
383d8f487c839b411a043d852d576c836786e7d0611f0e49e4cc911e933f6e56
3a4b884e47e601c35be05ee609419ec14265464d5cd309dc2a4f0a5c55baae36
3e1174d094c6dfbdded5b637cc887aad62a05f7b2937b9c065dc55827af5ad3f
41b99412f85676627d2fe569af2c5c816b036281743dd7ec1ea23b9a57a19816
450cc181ad1dfa26f61d2926af4e3ae71f44158c32a09f2592a919cb2d7d251d
48d1043ce567b8502ffe2eb105875f3a157666b7973316c7503e8de3bfb7969b
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5026094d6d554ca578d6b243acd84972d69aa538b4d7d09f1bb37df508447b63
51d77c29b9b183fa1448ad4bdc89cd64b09a14ca2c58ae884f786bbaa86d8f4a
5803699ce0ea45967969513aa350b189c9094f5fb72078bf528eefe4b40c53c6
591134ddceb388cd2d70e51a2860e8c0901d84bfc7bfadecf4712a3fb9ae2512
5dcf6b3277779b268d36044b59539a3bddefac8d498a077fd9c6fdbb7d39981d
6637ea3139ffb01e240829717a4f8c195d7be6b81780ed643000b49833d8d6d1
6eb697854bb705a004931beb8def48ca58a869bdd320331b49c21119bd180947
7a2625338a4e787e6df75cdd3578e9132ca23a30531cb0ac0ba5c7a4c2d51e7c
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7dbd91f290f31441753ac34e08df314814461831194a0e16ddfa4dd85a311c66
8340f542ddddfe7dff939896f54ffb290d2411d08f66ae359852f815806caa24
887af521516bfde6f80a24134df8882c8e60d0d4fb42c399ea4857e2b12c3851
88f764dfae2c2480e23c6d51dd057aadd9e277826cc4e02976fa4082b6bd801d
89946eb5a159a2d6fa6c0f6804cb31ce41891483c26d8ae39d6129692eba00e3
8c1f103985ca72fdbd172c878fef875d9e50327c2baac26ce1b80d4a4fbf15e5
8c69f43299b8d9773b39064862f42d88bc64b32e8a331ebfafc9de5386d278bc
8d35554021d48cf78b78c1199df5bbd52852a2b26df8b5ca250bc32ea189039e
9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c
95a7c9ee29ed39317be6abdf9418487cb176b4f8fde39a26da75cdaa562b5b2e
97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787
9860ceb61a81f618371aae42ff23c1ecf1b942bb90349491fb7b4019ff225220
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a6c4ec2572fe881ee4742a95188af2eecc200fee47ab8fc8751d4e9de82d1478
ab535ef07d54c5f0496e2dd9cbbc1d68c11874a2921b418da01209c903f72c9a
abfe3f68b83035026e7a834ef789b33cfd7a0a3e54c1601c42564a02aca16f91
adcb79aa1d09534548eaabe2d3684343b01e2c3f6643b6b03fc3c308628e89df
b18974847c094811e0378cacf1cffa494ce33a3254235028a5fa8dc2922faf35
b4d8e7435cae71af143e288d03fac6ad06e58b524233b1f41b3a27f4c20d1c76
b6d45404ce47bf959157644c1f391690e8e525e1b8e48a269f89c57a56960c40
be68e4062a70bf9ab3f733873c9229637ed839167cc0fa58e26ec635ffa2d6e5
c06c704c1a85796bede0c0c6535f54f333e55e1968f582919f11b0f796f98703
c20ffbb553c9fce0bf4fb7d2369c610adbf63c8a1c8c9cf2716484240e6ce52a
ce2a603216b2d21b1cd5a675e2554d8dc9be1ab3ae4990ee7f67bb5094971838
d19ad3ebba5051b3ed8b54287fa818e065e713228ee7bde8b7af59bfd7696d75
d3372d816b760cb76b2a782e950d80ef46ed96380972f90dc4a068ea6b963665
d544a4a2ee3c404deda4424b1823b90fec0e60db1702b48c29306a8db2eda615
d5eb67e1d759953e7528a0a91d94a9e14042febf962c37a866d5bcd6ce903328
dc562f2b77e0c092611557b2b2fc8c34396990d729c2bca90fb252fe0bc9225c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4fab8148924251a2095e77fbd83a748464e98cb0b99d3d5e71a4768c3052e74
e839d04133315e223b25e8f665c2700cbe390734f11d3f1bd84b672c6d60dbbc
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4ce027fde1c1f12e6b5cd9bac14b2fbadfdb289a952a111a49f27ea28a5678
f7bdf94405fc34fa92cacaf87232ce1e383304eba551ba84b9774fb37c5ef7df
f8486cf55c57486f26236be045e02ada380d1ee0378008375cf54295c23954c8
fc054b3bf93a43efa68be8158ba803defb0f7c20f149f66f0dc19773b56dbf0a
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e