www.coveredca.com Open in urlscan Pro
23.99.0.12 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://coveredca.com/
Effective URL:
https://www.coveredca.com/
Submission: On September 22 via api (September 22nd 2018, 2:57:31 am UTC) from CZ

Summary HTTP 57 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 23 IPs in 5 countries across 24 domains to perform 57 HTTP transactions. The main IP is 23.99.0.12, located in San Jose, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US. The main domain is www.coveredca.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on February 16th 2018. Valid for: a year.

This is the only time www.coveredca.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	50.63.202.16 50.63.202.16	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com)
1 18	23.99.0.12 23.99.0.12	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
4	2400:cb00:204... 2400:cb00:2048:1::6813:c397	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	205.185.208.52 205.185.208.52	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
1 6	2a00:1450:400... 2a00:1450:4001:817::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:817::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1 3	2a00:1450:400... 2a00:1450:4001:817::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	104.244.43.80 104.244.43.80	13414 (TWITTER) (TWITTER - Twitter Inc.)
1	143.204.98.124 143.204.98.124	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	143.204.101.48 143.204.101.48	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1 2	213.19.147.51 213.19.147.51	26120 (RHYTHMONE) (RHYTHMONE - RhythmOne)
2 2	204.11.109.67 204.11.109.67	33419 (TRIBAL-FU...) (TRIBAL-FUSION - Exponential Interactive)
2 2	172.217.18.162 172.217.18.162	15169 (GOOGLE) (GOOGLE - Google LLC)
1	204.11.109.66 204.11.109.66	33419 (TRIBAL-FU...) (TRIBAL-FUSION - Exponential Interactive)
1 1	216.200.122.11 216.200.122.11	6461 (ZAYO-6461) (ZAYO-6461 - Zayo Bandwidth)
2 2	172.217.23.166 172.217.23.166	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81e::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
2 4	172.217.22.70 172.217.22.70	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:814::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
3	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER - Twitter Inc.)
2 2	37.252.172.80 37.252.172.80	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
2	52.3.188.64 52.3.188.64	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
2 2	54.82.237.73 54.82.237.73	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	34.247.201.188 34.247.201.188	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER - Twitter Inc.)
1	23.38.61.244 23.38.61.244	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	142.0.160.13 142.0.160.13	7160 (NETDYNAMICS) (NETDYNAMICS - Oracle Corporation)
1	142.0.160.17 142.0.160.17	7160 (NETDYNAMICS) (NETDYNAMICS - Oracle Corporation)
57	23

1 50.63.202.16 (Scottsdale, United States) 1 redirects

ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-50-63-202-16.ip.secureserver.net

coveredca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 23.99.0.12 (San Jose, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
PTR: waws-prod-bay-005.cloudapp.net

www.coveredca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2400:cb00:2048:1::6813:c397 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 205.185.208.52 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip052.ssl.hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:817::2004 (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:817::200e (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.43.80 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.124 (Wilmington, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-98-124.fra50.r.cloudfront.net

dnn506yrbagrg.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.101.48 (Wilmington, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-48.fra50.r.cloudfront.net

s.dpmsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.51 (United Kingdom) 1 redirects

ASN26120 (RHYTHMONE - RhythmOne, LLC, US)

rs.gwallet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 204.11.109.67 (Emeryville, United States) 2 redirects

ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US)
PTR: a.tribalfusion.com

s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.162 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s29-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.11.109.66 (Emeryville, United States)

ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US)
PTR: a.tribalfusion.com

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.200.122.11 (Arlington, United States) 1 redirects

ASN6461 (ZAYO-6461 - Zayo Bandwidth, US)
PTR: 216.200.122.11.IPYX-141870-ZYO.zip.zayo.com

gwmtracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.166 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s22-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.22.70 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s17-in-f6.1e100.net

4922306.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.42.69 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.80 (European Union) 2 redirects

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 152.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.3.188.64 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-3-188-64.compute-1.amazonaws.com

a.dpmsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.82.237.73 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-82-237-73.compute-1.amazonaws.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.247.201.188 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-247-201-188.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.42.67 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.38.61.244 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-38-61-244.deploy.static.akamaitechnologies.com

img03.en25.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.0.160.13 (Redwood City, United States) 1 redirects

ASN7160 (NETDYNAMICS - Oracle Corporation, US)

s522558593.t.eloqua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.0.160.17 (Redwood City, United States)

ASN7160 (NETDYNAMICS - Oracle Corporation, US)

ccmd.coveredca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	coveredca.com 2 redirects coveredca.com www.coveredca.com ccmd.coveredca.com	401 KB
9	doubleclick.net 7 redirects cm.g.doubleclick.net ad.doubleclick.net 4922306.fls.doubleclick.net stats.g.doubleclick.net	2 KB
8	google.com 1 redirects www.google.com cse.google.com adservice.google.com	113 KB
4	cloudflare.com cdnjs.cloudflare.com	108 KB
3	twitter.com analytics.twitter.com	666 B
3	t.co t.co	419 B
3	tribalfusion.com 2 redirects s.tribalfusion.com a.tribalfusion.com	2 KB
3	facebook.net connect.facebook.net	28 KB
3	dpmsrv.com s.dpmsrv.com a.dpmsrv.com	39 KB
2	rlcdn.com 2 redirects idsync.rlcdn.com	585 B
2	facebook.com www.facebook.com	448 B
2	adnxs.com 2 redirects ib.adnxs.com	2 KB
2	gwallet.com 1 redirects rs.gwallet.com	755 B
2	google-analytics.com 1 redirects www.google-analytics.com	16 KB
2	jquery.com code.jquery.com	156 KB
1	eloqua.com 1 redirects s522558593.t.eloqua.com	535 B
1	en25.com img03.en25.com	3 KB
1	adsrvr.org match.adsrvr.org	264 B
1	googleapis.com www.googleapis.com	40 B
1	google.de www.google.de	109 B
1	gwmtracking.com 1 redirects gwmtracking.com	472 B
1	cloudfront.net dnn506yrbagrg.cloudfront.net	553 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	googletagmanager.com www.googletagmanager.com	54 KB
57	24

	Domain	Requested by
18	www.coveredca.com	1 redirects www.coveredca.com
6	www.google.com	1 redirects www.coveredca.com cse.google.com www.google.com
4	4922306.fls.doubleclick.net	2 redirects www.googletagmanager.com
4	cdnjs.cloudflare.com	www.coveredca.com
3	analytics.twitter.com	static.ads-twitter.com
3	t.co	www.coveredca.com
3	connect.facebook.net	www.coveredca.com connect.facebook.net
2	idsync.rlcdn.com	2 redirects
2	www.facebook.com	www.coveredca.com
2	a.dpmsrv.com	www.coveredca.com
2	ib.adnxs.com	2 redirects
2	ad.doubleclick.net	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	s.tribalfusion.com	2 redirects
2	rs.gwallet.com	1 redirects www.coveredca.com
2	www.google-analytics.com	1 redirects www.googletagmanager.com
2	code.jquery.com	www.coveredca.com
1	ccmd.coveredca.com	www.coveredca.com
1	s522558593.t.eloqua.com	1 redirects
1	img03.en25.com	www.coveredca.com
1	match.adsrvr.org	www.coveredca.com
1	www.googleapis.com	www.coveredca.com
1	www.google.de	www.coveredca.com
1	stats.g.doubleclick.net	1 redirects
1	adservice.google.com	www.coveredca.com
1	gwmtracking.com	1 redirects
1	a.tribalfusion.com	www.coveredca.com
1	s.dpmsrv.com	www.coveredca.com
1	dnn506yrbagrg.cloudfront.net	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	cse.google.com	www.coveredca.com
1	www.googletagmanager.com	www.coveredca.com
1	coveredca.com	1 redirects
57	33

This site contains links to these domains. Also see Links.

Domain
apply.coveredca.com
storefronts.coveredca.com
events.coveredca.com
coveredca.custhelp.com
app.bigwavesystems.com
hbex.coveredca.com
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com
www.dhcs.ca.gov

Subject Issuer	Validity	Valid
*.coveredca.com Go Daddy Secure Certificate Authority - G2	`2018-02-16` - `2019-02-16`	a year	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-09-22` - `2019-03-31`	6 months	crt.sh
code.jquery.com Let's Encrypt Authority X3	`2018-08-29` - `2018-11-27`	3 months	crt.sh
www.google.com Google Internet Authority G3	`2018-08-28` - `2018-11-20`	3 months	crt.sh
*.google-analytics.com Google Internet Authority G3	`2018-08-28` - `2018-11-20`	3 months	crt.sh
*.google.com Google Internet Authority G3	`2018-08-28` - `2018-11-20`	3 months	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2018-06-28` - `2019-07-03`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2017-11-22` - `2018-11-21`	a year	crt.sh
*.dpmsrv.com Amazon	`2018-06-12` - `2019-07-12`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2017-12-15` - `2019-03-22`	a year	crt.sh
*.gwallet.com COMODO RSA Domain Validation Secure Server CA	`2018-07-12` - `2019-07-12`	a year	crt.sh
*.tribalfusion.com Go Daddy Secure Certificate Authority - G2	`2015-09-03` - `2018-10-07`	3 years	crt.sh
*.doubleclick.net Google Internet Authority G3	`2018-08-28` - `2018-11-20`	3 months	crt.sh
www.google.de Google Internet Authority G3	`2018-08-28` - `2018-11-20`	3 months	crt.sh
*.googleapis.com Google Internet Authority G3	`2018-08-28` - `2018-11-20`	3 months	crt.sh
t.co DigiCert SHA2 Extended Validation Server CA	`2017-07-25` - `2018-11-05`	a year	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2017-02-15` - `2019-04-19`	2 years	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2018-07-19` - `2019-08-28`	a year	crt.sh
*.en25.com DigiCert SHA2 Secure Server CA	`2018-04-25` - `2019-07-25`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.coveredca.com/
Frame ID: F9AF34C10E125DBB0905432EA550D5DA
Requests: 54 HTTP requests in this frame

Frame: https://rs.gwallet.com/r1/pixeltag/x326r932470319?check_uid_cookie
Frame ID: D22EF741D8FABD13B7F0C9DE61A0E49F
Requests: 1 HTTP requests in this frame

Frame: https://4922306.fls.doubleclick.net/activityi;dc_pre=CPjzzdDOzd0CFUKC3god4T0O6w;src=4922306;type=general;cat=visit;ord=1;num=2834373013686;gtm=G9h;auiddc=1959152739.1537585039;~oref=https%3A%2F%2Fwww.coveredca.com%2F
Frame ID: 2B478DCC5ADFBDF543FD9B2B1391BD77
Requests: 1 HTTP requests in this frame

Frame: https://4922306.fls.doubleclick.net/activityi;dc_pre=CKawztDOzd0CFU9x4Aodqw4BCA;src=4922306;type=general;cat=homep0;ord=1;num=2758588644239;gtm=G9h;auiddc=1959152739.1537585039;~oref=https%3A%2F%2Fwww.coveredca.com%2F
Frame ID: D56571FBAB4952DDC410D7D3FC5A99CA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://coveredca.com/ HTTP 301
http://www.coveredca.com/ HTTP 301
https://www.coveredca.com/ Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /IIS(?:\/([\d.]+))?/i

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^CE2$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^google_tag_manager$/i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /modernizr(?:-([\d.]*[\d]))?.*\.js/i
env /^Modernizr$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js/i
env /^jQuery$/i

Page Statistics

57
Requests

98 %
HTTPS

31 %
IPv6

24
Domains

33
Subdomains

23
IPs

5
Countries

922 kB
Transfer

2749 kB
Size

20
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://apply.coveredca.com/lw-shopandcompare/
Title: Shop and Compare

Search URL Search Domain Scan URL

URL: https://apply.coveredca.com/hix/broker/search?anonymousFlag=Y&recordType=null&recordId=null&lang=en&ga=1.136497525.410759250.1403534720
Title: Certified Insurance Agent or Enrollment counselor for assistance

Search URL Search Domain Scan URL

URL: https://apply.coveredca.com/apspahbx/ahbx.portal
Title: Account Sign In

Search URL Search Domain Scan URL

URL: https://apply.coveredca.com/apspahbx/ahbx.portal?lang=en_US&_ga=1.56840559.437789222.1409956415
Title: Account Sign In

Search URL Search Domain Scan URL

URL: https://storefronts.coveredca.com/
Title: Enrollment Centers

Search URL Search Domain Scan URL

URL: https://apply.coveredca.com/hix/broker/search?anonymousFlag=Y&recordType=null&recordId=null&lang=en
Title: Certified Enrollers

Search URL Search Domain Scan URL

URL: http://events.coveredca.com/
Title: Events Near You

Search URL Search Domain Scan URL

URL: https://coveredca.custhelp.com/app/chat/chat_launch
Title: Live Chat

Search URL Search Domain Scan URL

URL: https://app.bigwavesystems.com/lp/a8c3085e-e597-4ac8-ba23-42f245fdfa11
Title: Help On-Demand

Search URL Search Domain Scan URL

URL: http://hbex.coveredca.com/jobs/
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CoveredCA/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/CoveredCA
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/CoveredCA
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.instagram.com/coveredca/?hl=en
Title: Instagram

Search URL Search Domain Scan URL

URL: http://hbex.coveredca.com/
Title: Covered California

Search URL Search Domain Scan URL

URL: http://www.dhcs.ca.gov/Pages/default.aspx
Title: Department of Health Care Services

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://coveredca.com/ HTTP 301
http://www.coveredca.com/ HTTP 301
https://www.coveredca.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

https://rs.gwallet.com/r1/pixeltag/x326r932470319 HTTP 302
https://rs.gwallet.com/r1/pixeltag/x326r932470319?check_uid_cookie

Request Chain 35

https://s.tribalfusion.com/i.cid?c=659483&ev=0&page=English%20Home%20Page HTTP 302
https://s.tribalfusion.com/z/i.cid?c=659483&ev=0&page=English%20Home%20Page HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662447279343991 HTTP 302
https://a.tribalfusion.com/i.match?p=b6&u=CAESEMhAxkdvNcS_YK2XYnvEl_s&google_cver=1&google_ula=2786954,0

Request Chain 36

https://gwmtracking.com/p/v/1/5b2d279af870815f7f594905/format/img HTTP 302
https://ad.doubleclick.net/ddm/activity/src=8717963;type=invmedia;cat=zhzzkckz;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=8717963;dc_pre=CJ6h_NDOzd0CFQY_GQodBTEKKA;type=invmedia;cat=zhzzkckz;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/src=8717963;dc_pre=CJ6h_NDOzd0CFQY_GQodBTEKKA;type=invmedia;cat=zhzzkckz;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Request Chain 37

https://4922306.fls.doubleclick.net/activityi;src=4922306;type=general;cat=visit;ord=1;num=2834373013686;gtm=G9h;auiddc=1959152739.1537585039;~oref=https%3A%2F%2Fwww.coveredca.com%2F HTTP 302
https://4922306.fls.doubleclick.net/activityi;dc_pre=CPjzzdDOzd0CFUKC3god4T0O6w;src=4922306;type=general;cat=visit;ord=1;num=2834373013686;gtm=G9h;auiddc=1959152739.1537585039;~oref=https%3A%2F%2Fwww.coveredca.com%2F

Request Chain 38

https://4922306.fls.doubleclick.net/activityi;src=4922306;type=general;cat=homep0;ord=1;num=2758588644239;gtm=G9h;auiddc=1959152739.1537585039;~oref=https%3A%2F%2Fwww.coveredca.com%2F HTTP 302
https://4922306.fls.doubleclick.net/activityi;dc_pre=CKawztDOzd0CFU9x4Aodqw4BCA;src=4922306;type=general;cat=homep0;ord=1;num=2758588644239;gtm=G9h;auiddc=1959152739.1537585039;~oref=https%3A%2F%2Fwww.coveredca.com%2F

Request Chain 39

https://www.google-analytics.com/r/collect?v=1&_v=j69&a=390644147&t=pageview&_s=1&dl=https%3A%2F%2Fwww.coveredca.com%2F&ul=en-us&de=UTF-8&dt=Health%20Care%20Marketplace%20-%20Official%20Site%20%7C%20Covered%20California%E2%84%A2&sd=24-bit&sr=1600x1200&vp=1585x1185&je=0&_u=YEBAAAAB~&jid=1324479700&gjid=1992191870&cid=1567015938.1537585039&tid=UA-39926152-1&_gid=699602549.1537585039&_r=1&gtm=G9hM7JQHX&z=1851333804 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-39926152-1&cid=1567015938.1537585039&jid=1324479700&_gid=699602549.1537585039&gjid=1992191870&_v=j69&z=1851333804 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-39926152-1&cid=1567015938.1537585039&jid=1324479700&_v=j69&z=1851333804 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-39926152-1&cid=1567015938.1537585039&jid=1324479700&_v=j69&z=1851333804&slf_rd=1&random=1578325910

Request Chain 45

https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&q%3DxImp%26v%3D1.x%26cl%3D133%26pixelIndex%3D0%26r%3D853024%26tzOffset%3D0%26url%3Dhttps%253A%252F%252Fwww.coveredca.com%252F&_=1537585039249 HTTP 302
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26q%253DxImp%2526v%253D1.x%2526cl%253D133%2526pixelIndex%253D0%2526r%253D853024%2526tzOffset%253D0%2526url%253Dhttps%25253A%25252F%25252Fwww.coveredca.com%25252F%26_%3D1537585039249 HTTP 302
https://a.dpmsrv.com/dpmpxl/index.php?id=8015323158597070639&q=xImp&v=1.x&cl=133&pixelIndex=0&r=853024&tzOffset=0&url=https%3A%2F%2Fwww.coveredca.com%2F&_=1537585039249

Request Chain 49

https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=8015323158597070639&pixelIndex=0&_=1537585039250 HTTP 302
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=8015323158597070639&pixelIndex=0&_=1537585039250&google_gid=CAESEPsCByxXLdD8dzQiBzMtpRE&google_cver=1

Request Chain 50

https://idsync.rlcdn.com/423396.gif?partner_uid=8015323158597070639 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=COTrGRIfChsIARDGpwEaEzgwMTUzMjMxNTg1OTcwNzA2MzkQABoNCJDflt0FEgUI6AcQAA HTTP 307
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveramp

Request Chain 55

https://s522558593.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=522558593&ref2=elqNone&tzo=0&ms=863&optin=disabled&firstPartyCookieDomain=ccmd.coveredca.com HTTP 302
http://ccmd.coveredca.com/visitor/v200/svrGP.aspx?pps=3&siteid=522558593&ref2=elqNone&tzo=0&ms=863&optin=disabled&elq1pcGUID=C72854CF575F4B4396CCD8DFB8761BC2

57 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
www.coveredca.com/
Redirect Chain

http://coveredca.com/
http://www.coveredca.com/
https://www.coveredca.com/

56 KB
12 KB

668ms
166ms

Document
text/html

23.99.0.12
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.coveredca.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.99.0.12 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS: waws-prod-bay-005.cloudapp.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 109ccb0b4e83c2626d502f7bc21fa31a3cec234028eb60525748003ab657d509

Request headers

Host: www.coveredca.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Length: 11734
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Thu, 20 Sep 2018 17:38:24 GMT
Accept-Ranges: bytes
ETag: "0687bb851d41:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Set-Cookie: ARRAffinity=aae18594dddc1863f9ea15f0c8c72dd72a0bbc0dd78a6930ee866072535edfc4;Path=/;HttpOnly;Domain=www.coveredca.com
Date: Sat, 22 Sep 2018 02:57:18 GMT

Redirect headers

Content-Type: text/html; charset=UTF-8
Location: https://www.coveredca.com/
Server: Microsoft-IIS/10.0
Date: Sat, 22 Sep 2018 02:57:17 GMT
Content-Length: 0

GET
S 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
7 KB 11ms
9ms Stylesheet
text/css 2400:cb00:2048:1::6813:c397
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.coveredca.com
URL: https://www.coveredca.com/

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2400:cb00:2048:1::6813:c397 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://www.coveredca.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Sep 2018 02:57:18 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
status: 200
served-in-seconds: 0.000
last-modified: Thu, 17 May 2018 09:19:53 GMT
server: cloudflare
etag: W/"5afd4939-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 45e180db793a2324-FRA
expires: Thu, 12 Sep 2019 02:57:18 GMT

GET
H/1.1 200
OK application.css
www.coveredca.com/css/ 213 KB
36 KB 165ms
164ms Stylesheet
text/css 23.99.0.12
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.coveredca.com/css/application.css?v=1.4
Requested by: Host: www.coveredca.com
URL: https://www.coveredca.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.99.0.12 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS: waws-prod-bay-005.cloudapp.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2b7aa64eef9d38dc28ab945dd02608a994141d1d9fce944fd4f1e1bbec1a8a7c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.coveredca.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://www.coveredca.com/
Cookie: ARRAffinity=aae18594dddc1863f9ea15f0c8c72dd72a0bbc0dd78a6930ee866072535edfc4
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.coveredca.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 22 Sep 2018 02:57:18 GMT
Content-Encoding: gzip
ETag: "80d8155ae4d31:0"
Last-Modified: Sat, 05 May 2018 00:43:01 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 36781

GET
S 200 modernizr.js Show response
cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/ 50 KB
16 KB 11ms
10ms Script
application/javascript 2400:cb00:2048:1::6813:c397
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.js

Requested by

Host: www.coveredca.com
URL: https://www.coveredca.com/

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2400:cb00:2048:1::6813:c397 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dfc3ef73c1284c7aff3c5cdac3812d212c8b899037d7860c8ba20a1defb9a7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://www.coveredca.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Sep 2018 02:57:18 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
status: 200
served-in-seconds: 0.002
last-modified: Thu, 17 May 2018 09:23:06 GMT
server: cloudflare
etag: W/"5afd49fa-c897"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 45e180db793b2324-FRA
expires: Thu, 12 Sep 2019 02:57:18 GMT

GET
H/1.1 200
OK jquery-2.2.4.min.js Show response
code.jquery.com/ 84 KB
34 KB 19ms
6ms Script
application/javascript 205.185.208.52
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.4.min.js
Requested by: Host: www.coveredca.com
URL: https://www.coveredca.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.208.52 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: vip052.ssl.hwcdn.net
Software: nginx /
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.coveredca.com/
Origin: https://www.coveredca.com

Response headers

Date: Sat, 22 Sep 2018 02:57:18 GMT
Content-Encoding: gzip
Last-Modified: Fri, 20 May 2016 17:24:41 GMT
Server: nginx
ETag: "573f4859-14e4a"
Vary: Accept-Encoding
X-HW: 1537585038.dop007.fr8.shc,1537585038.dop007.fr8.t,1537585038.cds010.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 34834

GET
H/1.1 200
OK ccLogo-Emails-162.jpg
www.coveredca.com/images/ 7 KB
7 KB 1143ms
163ms Image
image/jpeg 23.99.0.12
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.coveredca.com/images/ccLogo-Emails-162.jpg
Requested by: Host: www.coveredca.com
URL: https://www.coveredca.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.99.0.12 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS: waws-prod-bay-005.cloudapp.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e93d8a3d4d64c0bf41dc20914fcb7de3310d1f93f9b7a2c7f2b5e202065e4f63

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.coveredca.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.coveredca.com/
Cookie: ARRAffinity=aae18594dddc1863f9ea15f0c8c72dd72a0bbc0dd78a6930ee866072535edfc4
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.coveredca.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 22 Sep 2018 02:57:19 GMT
Last-Modified: Thu, 15 Feb 2018 00:43:39 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "d714935f6a5d31:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 6859

GET
S 200 search_box_icon.png
www.google.com/uds/css/v2/ 1018 B
1 KB 15ms
14ms Image
image/png 2a00:1450:4001:817::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/uds/css/v2/search_box_icon.png

Requested by

Host: www.coveredca.com
URL: https://www.coveredca.com/

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:817::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

76a0d76f135419f4d00213037cda0cba949a0372e01ab6a1d70072008a56bd18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.coveredca.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Sep 2018 02:57:18 GMT
x-content-type-options: nosniff
last-modified: Wed, 05 Sep 2018 20:52:43 GMT
server: GSE
age: 0
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=0
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 1018
x-xss-protection: 1; mode=block
expires: Sat, 22 Sep 2018 02:57:18 GMT

GET
H/1.1 200
OK cca-logo-cropped.svg
www.coveredca.com/images/icons/ 6 KB
2 KB 164ms
163ms Image
image/svg+xml 23.99.0.12
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.coveredca.com/images/icons/cca-logo-cropped.svg
Requested by: Host: www.coveredca.com
URL: https://www.coveredca.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.99.0.12 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS: waws-prod-bay-005.cloudapp.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: eddb89e78a040b832a2a3de3c9b5e163444b83c30c2ed202db1321504b865c36

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.coveredca.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.coveredca.com/
Cookie: ARRAffinity=aae18594dddc1863f9ea15f0c8c72dd72a0bbc0dd78a6930ee866072535edfc4; _gcl_au=1.1.1959152739.1537585039; _ga=GA1.2.1567015938.1537585039; _gid=GA1.2.699602549.1537585039; _gat_UA-39926152-1=1; dpm_url_count=1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.coveredca.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 22 Sep 2018 02:57:19 GMT
Content-Encoding: gzip
ETag: "0b3e36f6a5d31:0"
Last-Modified: Thu, 15 Feb 2018 00:43:42 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 2234

GET
H/1.1 200
OK magnify-primary.svg
www.coveredca.com/images/icons/ 755 B
1006 B 163ms
163ms Image
image/svg+xml 23.99.0.12
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.coveredca.com/images/icons/magnify-primary.svg
Requested by: Host: www.coveredca.com
URL: https://www.coveredca.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.99.0.12 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS: waws-prod-bay-005.cloudapp.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e53a98e32c6d573922a80794c6e974c1c0888aa46ff664eb5056d42eff7a0517

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.coveredca.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.coveredca.com/
Cookie: ARRAffinity=aae18594dddc1863f9ea15f0c8c72dd72a0bbc0dd78a6930ee866072535edfc4; _gcl_au=1.1.1959152739.1537585039; _ga=GA1.2.1567015938.1537585039; _gid=GA1.2.699602549.1537585039; _gat_UA-39926152-1=1; dpm_url_count=1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.coveredca.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 22 Sep 2018 02:57:19 GMT
Last-Modified: Thu, 15 Feb 2018 00:43:43 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "e5f1827f6a5d31:0"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 755

GET
H/1.1 200
OK jquery-ui.js Show response
code.jquery.com/ui/1.12.0/ 508 KB
122 KB 14ms
6ms Script
application/javascript 205.185.208.52
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.0/jquery-ui.js
Requested by: Host: www.coveredca.com
URL: https://www.coveredca.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.208.52 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: vip052.ssl.hwcdn.net
Software: nginx /
Resource Hash: d183ca03064fecca7700b311541da2f065de12776f0aadde4a5fd6b009754729

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.coveredca.com/
Origin: https://www.coveredca.com

Response headers

Date: Sat, 22 Sep 2018 02:57:18 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Jul 2016 17:14:47 GMT
Server: nginx
ETag: "577fdf87-7efa2"
Vary: Accept-Encoding
X-HW: 1537585038.dop007.fr8.shc,1537585038.dop007.fr8.t,1537585038.cds010.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 124269

GET
S 200 bootstrap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/ 36 KB
10 KB 10ms
10ms Script
application/javascript 2400:cb00:2048:1::6813:c397
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: www.coveredca.com
URL: https://www.coveredca.com/

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2400:cb00:2048:1::6813:c397 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.coveredca.com/
Origin: https://www.coveredca.com

Response headers

date: Sat, 22 Sep 2018 02:57:18 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
status: 200
served-in-seconds: 0.002
last-modified: Thu, 17 May 2018 09:26:03 GMT
server: cloudflare
etag: W/"5afd4aab-90b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 45e180dbbc7c231e-FRA
expires: Thu, 12 Sep 2019 02:57:18 GMT

GET
H/1.1 200
OK quicklinks.js Show response
www.coveredca.com/js/ 1 KB
899 B 441ms
163ms Script
application/x-javascript 23.99.0.12
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.coveredca.com/js/quicklinks.js
Requested by: Host: www.coveredca.com
URL: https://www.coveredca.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.99.0.12 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS: waws-prod-bay-005.cloudapp.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4772dbb041b960d0d1401ce242a55abd1728fbcf6ffe82266108bec6e1a49af1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.coveredca.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.coveredca.com/
Cookie: ARRAffinity=aae18594dddc1863f9ea15f0c8c72dd72a0bbc0dd78a6930ee866072535edfc4
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.coveredca.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 22 Sep 2018 02:57:18 GMT
Content-Encoding: gzip
ETag: "f26691df6a5d31:0"
Last-Modified: Thu, 15 Feb 2018 00:43:53 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 590

GET
H/1.1 200
OK navbar.js Show response
www.coveredca.com/js/ 8 KB
2 KB 607ms
163ms Script
application/x-javascript 23.99.0.12
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.coveredca.com/js/navbar.js
Requested by: Host: www.coveredca.com
URL: https://www.coveredca.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.99.0.12 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS: waws-prod-bay-005.cloudapp.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0b7087fb1ca167eb64655e90e5a31929e624ae722e986d112a1360ad1beb1528

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.coveredca.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.coveredca.com/
Cookie: ARRAffinity=aae18594dddc1863f9ea15f0c8c72dd72a0bbc0dd78a6930ee866072535edfc4
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.coveredca.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 22 Sep 2018 02:57:19 GMT
Content-Encoding: gzip
ETag: "802a72df6a5d31:0"
Last-Modified: Thu, 15 Feb 2018 00:43:53 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 1964

GET
H/1.1 200
OK search.js Show response
www.coveredca.com/js/ 967 B
991 B 654ms
166ms Script
application/x-javascript 23.99.0.12
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.coveredca.com/js/search.js
Requested by: Host: www.coveredca.com
URL: https://www.coveredca.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.99.0.12 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS: waws-prod-bay-005.cloudapp.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: bdd8a9681db7f47b254bfefda025fa0fac2395999f5bdaf1bcf702f36424903f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.coveredca.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.coveredca.com/
Cookie: ARRAffinity=aae18594dddc1863f9ea15f0c8c72dd72a0bbc0dd78a6930ee866072535edfc4
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.coveredca.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 22 Sep 2018 02:57:19 GMT
Content-Encoding: gzip
ETag: "18e8f359f9a5d31:0"
Last-Modified: Thu, 15 Feb 2018 01:07:29 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 681

GET
H/1.1 200
OK eloqua.js Show response
www.coveredca.com/js/ 4 KB
2 KB 650ms
163ms Script
application/x-javascript 23.99.0.12
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.coveredca.com/js/eloqua.js
Requested by: Host: www.coveredca.com
URL: https://www.coveredca.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.99.0.12 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS: waws-prod-bay-005.cloudapp.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 226209a4f6f515f2545f5010b26321ab2b81b0869df21c94a0510a6870aaf770

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.coveredca.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.coveredca.com/
Cookie: ARRAffinity=aae18594dddc1863f9ea15f0c8c72dd72a0bbc0dd78a6930ee866072535edfc4
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.coveredca.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 22 Sep 2018 02:57:18 GMT
Content-Encoding: gzip
ETag: "04f50bcd44ed41:0"
Last-Modified: Mon, 17 Sep 2018 22:21:10 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 1445

GET
H/1.1 200
OK expandable.js Show response
www.coveredca.com/js/ 4 KB
1 KB 651ms
164ms Script
application/x-javascript 23.99.0.12
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.coveredca.com/js/expandable.js
Requested by: Host: www.coveredca.com
URL: https://www.coveredca.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.99.0.12 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS: waws-prod-bay-005.cloudapp.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d3201ed1d3808726fa4d005003bf5edb43807bde946557bda183b7c7090afce6

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.coveredca.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.coveredca.com/
Cookie: ARRAffinity=aae18594dddc1863f9ea15f0c8c72dd72a0bbc0dd78a6930ee866072535edfc4
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.coveredca.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 22 Sep 2018 02:57:19 GMT
Content-Encoding: gzip
ETag: "802a72df6a5d31:0"
Last-Modified: Thu, 15 Feb 2018 00:43:53 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 921

GET
H/1.1 200
OK responsive-tables.js Show response
www.coveredca.com/js/ 2 KB
1 KB 163ms
163ms Script
application/x-javascript 23.99.0.12
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.coveredca.com/js/responsive-tables.js
Requested by: Host: www.coveredca.com
URL: https://www.coveredca.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.99.0.12 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS: waws-prod-bay-005.cloudapp.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a7be208e9e25828734b7e3a918bc321d33b6497d8cd7a5ad57ec5dbb34f97502

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.coveredca.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.coveredca.com/
Cookie: ARRAffinity=aae18594dddc1863f9ea15f0c8c72dd72a0bbc0dd78a6930ee866072535edfc4; _gcl_au=1.1.1959152739.1537585039; _ga=GA1.2.1567015938.1537585039; _gid=GA1.2.699602549.1537585039; _gat_UA-39926152-1=1; dpm_url_count=1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.coveredca.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 22 Sep 2018 02:57:18 GMT
Content-Encoding: gzip
ETag: "f26691df6a5d31:0"
Last-Modified: Thu, 15 Feb 2018 00:43:53 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 796

GET
H/1.1 200
OK loading.gif
www.coveredca.com/images/ 3 KB
3 KB 163ms
163ms Image
image/gif 23.99.0.12
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.coveredca.com/images/loading.gif
Requested by: Host: www.coveredca.com
URL: https://www.coveredca.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.99.0.12 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS: waws-prod-bay-005.cloudapp.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 762eb8a0e69e8abfa5b1dd40b32ac15132f688a2bebb26b752d6ecce4c256cd0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.coveredca.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.coveredca.com/
Cookie: ARRAffinity=aae18594dddc1863f9ea15f0c8c72dd72a0bbc0dd78a6930ee866072535edfc4; _gcl_au=1.1.1959152739.1537585039; _ga=GA1.2.1567015938.1537585039; _gid=GA1.2.699602549.1537585039; _gat_UA-39926152-1=1; dpm_url_count=1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.coveredca.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 22 Sep 2018 02:57:19 GMT
Last-Modified: Thu, 15 Feb 2018 00:43:43 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "a82b9d7f6a5d31:0"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 3208

GET
S 200 gtm.js Show response
www.googletagmanager.com/ 559 KB
54 KB 86ms
85ms Script
application/javascript 2a00:1450:4001:817::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M7JQHX

Requested by

Host: www.coveredca.com
URL: https://www.coveredca.com/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:817::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

3695845506717fb9d089a2df2f27f13205ce009050989272c7a95bdb87e6c290

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.coveredca.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Sep 2018 02:57:19 GMT
content-encoding: gzip
server: Google Tag Manager (scaffolding)
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 55623
x-xss-protection: 1; mode=block
expires: Sat, 22 Sep 2018 02:57:19 GMT

GET
S 200 cse.js Show response
cse.google.com/ 5 KB
2 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:817::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=001779225245372747843:hy_b11krknu

Requested by

Host: www.coveredca.com
URL: https://www.coveredca.com/

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

gws /

Resource Hash

0427b7c7e2f333f33eb863ed6e632e8e0339ac20c2ea84da779d2c018806246d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.coveredca.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Sep 2018 02:57:19 GMT
content-encoding: gzip
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 1728
x-xss-protection: 1; mode=block
expires: Sat, 22 Sep 2018 02:57:19 GMT

GET
H/1.1 200
OK social-icons.svg
www.coveredca.com/images/icons/ 9 KB
3 KB 440ms
163ms Image
image/svg+xml 23.99.0.12
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.coveredca.com/images/icons/social-icons.svg?v=2.3
Requested by: Host: www.coveredca.com
URL: https://www.coveredca.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.99.0.12 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS: waws-prod-bay-005.cloudapp.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 98c0a7034f5d8bd5f845de3aee1306ded820514c771de3d2487747b1dea78ece

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.coveredca.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.coveredca.com/css/application.css?v=1.4
Cookie: ARRAffinity=aae18594dddc1863f9ea15f0c8c72dd72a0bbc0dd78a6930ee866072535edfc4
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.coveredca.com/css/application.css?v=1.4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 22 Sep 2018 02:57:19 GMT
Content-Encoding: gzip
ETag: "80497c7f6a5d31:0"
Last-Modified: Thu, 15 Feb 2018 00:43:43 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 2482

GET
H/1.1 200
OK sprite.svg
www.coveredca.com/images/ 187 KB
70 KB 279ms
164ms Image
image/svg+xml 23.99.0.12
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.coveredca.com/images/sprite.svg
Requested by: Host: www.coveredca.com
URL: https://www.coveredca.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.99.0.12 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS: waws-prod-bay-005.cloudapp.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 86bdb9e751f4511dc4b980c9ad30a5c3976625a87ccb14f49ca40e4cabf0d9ea

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.coveredca.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.coveredca.com/css/application.css?v=1.4
Cookie: ARRAffinity=aae18594dddc1863f9ea15f0c8c72dd72a0bbc0dd78a6930ee866072535edfc4
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.coveredca.com/css/application.css?v=1.4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 22 Sep 2018 02:57:18 GMT
Content-Encoding: gzip
ETag: "094d9cf6a5d31:0"
Last-Modified: Thu, 15 Feb 2018 00:43:52 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 71145

GET
H/1.1 200
OK english_resp_hero-msg.jpg
www.coveredca.com/images/ 242 KB
243 KB 251ms
163ms Image
image/jpeg 23.99.0.12
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.coveredca.com/images/english_resp_hero-msg.jpg?v=5.0
Requested by: Host: www.coveredca.com
URL: https://www.coveredca.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.99.0.12 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS: waws-prod-bay-005.cloudapp.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3c34748045636d034b2d5ceade24a832b8597d1e2b267136edf8abef779d968

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.coveredca.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.coveredca.com/css/application.css?v=1.4
Cookie: ARRAffinity=aae18594dddc1863f9ea15f0c8c72dd72a0bbc0dd78a6930ee866072535edfc4
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.coveredca.com/css/application.css?v=1.4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 22 Sep 2018 02:57:18 GMT
Last-Modified: Thu, 15 Feb 2018 00:43:40 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "564acc5f6a5d31:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 248258

GET
H/1.1 200
OK logo.svg
www.coveredca.com/images/ 9 KB
4 KB 397ms
163ms Image
image/svg+xml 23.99.0.12
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.coveredca.com/images/logo.svg?v=2.0
Requested by: Host: www.coveredca.com
URL: https://www.coveredca.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.99.0.12 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS: waws-prod-bay-005.cloudapp.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3880fcd67960e5baef74f349393dff62fa370f5dd5a876086641bd374950ba45

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.coveredca.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.coveredca.com/css/application.css?v=1.4
Cookie: ARRAffinity=aae18594dddc1863f9ea15f0c8c72dd72a0bbc0dd78a6930ee866072535edfc4
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.coveredca.com/css/application.css?v=1.4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 22 Sep 2018 02:57:19 GMT
Content-Encoding: gzip
ETag: "80497c7f6a5d31:0"
Last-Modified: Thu, 15 Feb 2018 00:43:43 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 4078

GET
S 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 12ms
11ms Font
application/octet-stream 2400:cb00:2048:1::6813:c397
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: www.coveredca.com
URL: https://www.coveredca.com/

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2400:cb00:2048:1::6813:c397 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://www.coveredca.com

Response headers

date: Sat, 22 Sep 2018 02:57:19 GMT
vary: Accept-Encoding
cf-cache-status: HIT
status: 200
content-length: 77160
served-in-seconds: 0.000
last-modified: Thu, 17 May 2018 09:19:12 GMT
server: cloudflare
etag: "5afd4910-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 45e180ddece1231e-FRA
expires: Thu, 12 Sep 2019 02:57:19 GMT

GET
H/1.1 200
OK CalHEERS-icons.woff
www.coveredca.com/assets/fonts/ 11 KB
11 KB 262ms
163ms Font
application/font-woff 23.99.0.12
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.coveredca.com/assets/fonts/CalHEERS-icons.woff
Requested by: Host: www.coveredca.com
URL: https://www.coveredca.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.99.0.12 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS: waws-prod-bay-005.cloudapp.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0da2970b0056899e434ef760007f7574b7ae17cba00af39dc1d373a26de072c4

Request headers

Pragma: no-cache
Origin: https://www.coveredca.com
Accept-Encoding: gzip, deflate
Host: www.coveredca.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.coveredca.com/css/application.css?v=1.4
Cookie: ARRAffinity=aae18594dddc1863f9ea15f0c8c72dd72a0bbc0dd78a6930ee866072535edfc4
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.coveredca.com/css/application.css?v=1.4
Origin: https://www.coveredca.com

Response headers

Date: Sat, 22 Sep 2018 02:57:19 GMT
Last-Modified: Thu, 15 Feb 2018 00:42:39 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "7b61c9e1f5a5d31:0"
Content-Type: application/font-woff
Accept-Ranges: bytes
Content-Length: 10796

GET
S 200 jsapi Show response
www.google.com/ 26 KB
6 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:817::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/jsapi?autoload=%7B%22modules%22%3A%5B%7B%22name%22%3A%22search%22%2C%22version%22%3A%221.0%22%2C%22callback%22%3A%22__gcse.scb%22%2C%22style%22%3A%22https%3A%2F%2Fwww.google.com%2Fcse%2Fstatic%2Fstyle%2Flook%2Fv2%2Fdefault.css%22%2C%22language%22%3A%22en%22%7D%5D%7D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=001779225245372747843:hy_b11krknu

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:817::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

a1fea6f48733c85dc60c0d338be4d45f5edaf88762c3b94293704835dac491fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.coveredca.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Sep 2018 02:57:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
status: 200
cache-control: private, max-age=3600, must-revalidate
vary: Accept-Encoding
content-length: 6410
x-xss-protection: 1; mode=block
expires: Sat, 22 Sep 2018 02:57:19 GMT

GET
S 200 default+en.css
www.google.com/uds/api/search/1.0/1ca94331d67f5f17586b15e6157d4d31/ 45 KB
10 KB 8ms
5ms Stylesheet
text/css 2a00:1450:4001:817::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/uds/api/search/1.0/1ca94331d67f5f17586b15e6157d4d31/default+en.css

Requested by

Host: www.google.com
URL: https://www.google.com/jsapi?autoload=%7B%22modules%22%3A%5B%7B%22name%22%3A%22search%22%2C%22version%22%3A%221.0%22%2C%22callback%22%3A%22__gcse.scb%22%2C%22style%22%3A%22https%3A%2F%2Fwww.google.com%2Fcse%2Fstatic%2Fstyle%2Flook%2Fv2%2Fdefault.css%22%2C%22language%22%3A%22en%22%7D%5D%7D

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:817::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

210ce3869572640906f4b3216d111907c74e554706ec7f3c71eb13049da1c5b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.coveredca.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 06 Sep 2018 18:00:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
age: 1328228
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
status: 200
vary: Accept-Encoding
cache-control: public, max-age=31536000
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 10168
x-xss-protection: 1; mode=block
expires: Fri, 06 Sep 2019 18:00:11 GMT

GET
S 200 default.css
www.google.com/cse/static/style/look/v2/ 14 KB
3 KB 41ms
40ms Stylesheet
text/css 2a00:1450:4001:817::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v2/default.css

Requested by

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:817::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

24e52f3d9583171bcaa45172261052d86ab0b98bac201aee1c123bf8d1313b69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.coveredca.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Sep 2018 02:57:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 17 Apr 2018 13:30:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: private, max-age=0
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 3081
x-xss-protection: 1; mode=block
expires: Sat, 22 Sep 2018 02:57:19 GMT

GET
S 200 default+en.I.js Show response
www.google.com/uds/api/search/1.0/1ca94331d67f5f17586b15e6157d4d31/ 310 KB
90 KB 7ms
6ms Script
application/x-javascript 2a00:1450:4001:817::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/uds/api/search/1.0/1ca94331d67f5f17586b15e6157d4d31/default+en.I.js

Requested by

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:817::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

a53c1251d51beb974b73de4c579805dee5babd8730b6193bc014b8b44cb87b4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.coveredca.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 06 Sep 2018 18:00:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
age: 1328190
x-frame-options: SAMEORIGIN
content-type: application/x-javascript; charset=UTF-8
status: 200
vary: Accept-Encoding
cache-control: public, max-age=31536000
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 91949
x-xss-protection: 1; mode=block
expires: Fri, 06 Sep 2019 18:00:49 GMT

GET
S 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 6ms
6ms Script
application/javascript 104.244.43.80
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7JQHX
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.43.80 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software: /
Resource Hash: 319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer: https://www.coveredca.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Sep 2018 02:57:19 GMT
content-encoding: gzip
age: 10680
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1954
x-served-by: cache-tw-fra1-cr1-2-TWFRA1
last-modified: Tue, 23 Jan 2018 19:05:33 GMT
x-timer: S1537585039.177120,VS0,VE0
etag: "b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

GET
S 200 analytics.js Show response
www.google-analytics.com/ 39 KB
16 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:817::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7JQHX

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

ed17a6e7532cc3065f9fbd8f607dfd30e09b4531ada9f7cb5732a2bf6cf6744c

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.coveredca.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 13 Sep 2018 23:12:19 GMT
server: Golfe2
age: 4693
date: Sat, 22 Sep 2018 01:39:06 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 16173
expires: Sat, 22 Sep 2018 03:39:06 GMT

GET
H/1.1 200
OK 4682.js Show response
dnn506yrbagrg.cloudfront.net/pages/scripts/0063/ 81 B
553 B 395ms
367ms Script
application/x-javascript 143.204.98.124
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://dnn506yrbagrg.cloudfront.net/pages/scripts/0063/4682.js?427106
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7JQHX
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.98.124 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-98-124.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 587aac9aef8429e8586b14b067f9c01c2316df914a1bad68a22fb56fc5b692bc

Request headers

Referer: https://www.coveredca.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 21 Sep 2018 03:13:05 GMT
Via: 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
Last-Modified: Wed, 12 Sep 2018 06:49:16 GMT
Server: AmazonS3
ETag: "8a434bc3c1e9fc983e170f31ef1c0930"
X-Cache: RefreshHit from cloudfront
Content-Type: application/x-javascript
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 81
X-Amz-Cf-Id: taHBTrqdn4HVEO5MDDJ_0aBwkJp9KXoW_ACj3SsFp4Dz5s8oDRzKhA==

GET
H/1.1 200
OK dpm_d30f79cf7fef47bd7a5611719f936539bec0d2e9.min.js Show response
s.dpmsrv.com/ 107 KB
38 KB 41ms
9ms Script
application/x-javascript 143.204.101.48
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://s.dpmsrv.com/dpm_d30f79cf7fef47bd7a5611719f936539bec0d2e9.min.js
Requested by: Host: www.coveredca.com
URL: https://www.coveredca.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.48 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-48.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b2b09c4166e715c0c14152d7611d79fc463d030323a4aeac229a075ec1845183

Request headers

Referer: https://www.coveredca.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 06 Jul 2018 19:34:46 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Mar 2018 17:40:10 GMT
Server: AmazonS3
Age: 56564
ETag: "cc67e7abbd94ea0c2922914f95e87331"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37989
X-Amz-Cf-Id: 0SE_dSOw8AkpFCQnb43hyO-tDK8QXNaKFQ80tLmI3Z3et87yLe8joA==

GET
S 200 fbevents.js Show response
connect.facebook.net/en_US/ 44 KB
14 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.coveredca.com
URL: https://www.coveredca.com/

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

167cbde7e21233e046dd224a44e9b519057eb04c1fed9995afd48e715503b911

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.coveredca.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 13685
x-xss-protection: 0
pragma: public
x-fb-debug: H2yFjoQhHRG0eWF77PE50jsxAXzoQI8vabjSjejfN3eB7wLwNPGs8B+5IZEAXLjYOjgVExmb2xDkoabkwk3UxQ==
x-frame-options: DENY
date: Sat, 22 Sep 2018 02:57:19 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

Cookie set x326r932470319
rs.gwallet.com/r1/pixeltag/ Frame D22E
Redirect Chain

https://rs.gwallet.com/r1/pixeltag/x326r932470319
https://rs.gwallet.com/r1/pixeltag/x326r932470319?check_uid_cookie

0
0

12ms
12ms

Document
text/html

213.19.147.51
RhythmOne

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.gwallet.com/r1/pixeltag/x326r932470319?check_uid_cookie
Requested by: Host: www.coveredca.com
URL: https://www.coveredca.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.51 , United Kingdom, ASN26120 (RHYTHMONE - RhythmOne, LLC, US),
Reverse DNS
Software: nginx/1.14.0 /
Resource Hash

Request headers

Host: rs.gwallet.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.coveredca.com/
Accept-Encoding: gzip, deflate
Cookie: ra1_uid=5887998433953398336; ra1_sid=283; RA1balancer=MTAuMTAzLjIuOTIgODg4OCB2Mg==
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.coveredca.com/

Response headers

Server: nginx/1.14.0
Date: Sat, 22 Sep 2018 02:57:19 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Pragma: no-cache
P3p: CP="PSAo PSDo OUR BUS DSP NON COR"
Expires: Tue, 29 Oct 2002 19:50:44 GMT
Set-cookie: ra1_uid=5887998433953398336; Expires=Sun, 22-Sep-2019 02:57:19 GMT; Path=/; Domain=gwallet.com; Version=1 ra1_sgm_2109282144=-0-JbWj1-7QZ0000-8QZ0000; Expires=Sun, 22-Sep-2019 02:57:19 GMT; Path=/; Domain=gwallet.com; Version=1 ra1_sid=283; Expires=Sun, 22-Sep-2019 02:57:19 GMT; Path=/; Domain=gwallet.com; Version=1
Cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-encoding: gzip
Set-Cookie: RA1balancer=MTAuMTAzLjIuOTIgODg4OCB2Mg==;Path=/;Domain=.gwallet.com;Expires=Sun, 22-Sep-2019 02:57:19 GMT

Redirect headers

Server: nginx/1.14.0
Date: Sat, 22 Sep 2018 02:57:19 GMT
Content-Type: application/octet-stream
Content-Length: 0
Connection: keep-alive
Pragma: no-cache
P3p: CP="PSAo PSDo OUR BUS DSP NON COR"
Expires: Tue, 29 Oct 2002 19:50:44 GMT
Set-cookie: ra1_uid=5887998433953398336; Expires=Sun, 22-Sep-2019 02:57:19 GMT; Path=/; Domain=gwallet.com; Version=1 ra1_sid=283; Expires=Sun, 22-Sep-2019 02:57:19 GMT; Path=/; Domain=gwallet.com; Version=1
Cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Location: https://rs.gwallet.com/r1/pixeltag/x326r932470319?check_uid_cookie
Set-Cookie: RA1balancer=MTAuMTAzLjIuOTIgODg4OCB2Mg==;Path=/;Domain=.gwallet.com;Expires=Sun, 22-Sep-2019 02:57:19 GMT

GET
H/1.1

200
OK

i.match
a.tribalfusion.com/
Redirect Chain

https://s.tribalfusion.com/i.cid?c=659483&ev=0&page=English%20Home%20Page
https://s.tribalfusion.com/z/i.cid?c=659483&ev=0&page=English%20Home%20Page
https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662447279343991
https://a.tribalfusion.com/i.match?p=b6&u=CAESEMhAxkdvNcS_YK2XYnvEl_s&google_cver=1&google_ula=2786954,0

43 B
541 B

162ms
162ms

Image
image/gif

204.11.109.66
Exponential Inter...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEMhAxkdvNcS_YK2XYnvEl_s&google_cver=1&google_ula=2786954,0
Requested by: Host: www.coveredca.com
URL: https://www.coveredca.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 204.11.109.66 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: a.tribalfusion.com
Software: /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://www.coveredca.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 22 Sep 2018 02:57:20 GMT
X-Function: 302
P3P: CP="NOI DEVo TAIa OUR BUS"
Cache-Control: no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 22 Sep 2018 02:57:20 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://a.tribalfusion.com/i.match?p=b6&u=CAESEMhAxkdvNcS_YK2XYnvEl_s&google_cver=1&google_ula=2786954,0
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 313
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S

200

src=8717963;dc_pre=CJ6h_NDOzd0CFQY_GQodBTEKKA;type=invmedia;cat=zhzzkckz;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
adservice.google.com/ddm/fls/z/
Redirect Chain

https://gwmtracking.com/p/v/1/5b2d279af870815f7f594905/format/img
https://ad.doubleclick.net/ddm/activity/src=8717963;type=invmedia;cat=zhzzkckz;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://ad.doubleclick.net/ddm/activity/src=8717963;dc_pre=CJ6h_NDOzd0CFQY_GQodBTEKKA;type=invmedia;cat=zhzzkckz;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://adservice.google.com/ddm/fls/z/src=8717963;dc_pre=CJ6h_NDOzd0CFQY_GQodBTEKKA;type=invmedia;cat=zhzzkckz;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

42 B
109 B

93ms
93ms

Image
image/gif

2a00:1450:4001:81e::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=8717963;dc_pre=CJ6h_NDOzd0CFQY_GQodBTEKKA;type=invmedia;cat=zhzzkckz;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Requested by

Host: www.coveredca.com
URL: https://www.coveredca.com/

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81e::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.coveredca.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Sep 2018 02:57:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 22 Sep 2018 02:57:20 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
content-type: text/html; charset=UTF-8
location: https://adservice.google.com/ddm/fls/z/src=8717963;dc_pre=CJ6h_NDOzd0CFQY_GQodBTEKKA;type=invmedia;cat=zhzzkckz;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

activityi;dc_pre=CPjzzdDOzd0CFUKC3god4T0O6w;src=4922306;type=general;cat=visit;ord=1;num=2834373013686;gtm=G9h;auiddc=1959152739.1537585039;~oref=https%3A%2F%2Fwww.coveredca.com%2F
4922306.fls.doubleclick.net/ Frame 2B47
Redirect Chain

https://4922306.fls.doubleclick.net/activityi;src=4922306;type=general;cat=visit;ord=1;num=2834373013686;gtm=G9h;auiddc=1959152739.1537585039;~oref=https%3A%2F%2Fwww.coveredca.com%2F?
https://4922306.fls.doubleclick.net/activityi;dc_pre=CPjzzdDOzd0CFUKC3god4T0O6w;src=4922306;type=general;cat=visit;ord=1;num=2834373013686;gtm=G9h;auiddc=1959152739.1537585039;~oref=https%3A%2F%2Fw...

0
0

21ms
20ms

Document
text/html

172.217.22.70
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://4922306.fls.doubleclick.net/activityi;dc_pre=CPjzzdDOzd0CFUKC3god4T0O6w;src=4922306;type=general;cat=visit;ord=1;num=2834373013686;gtm=G9h;auiddc=1959152739.1537585039;~oref=https%3A%2F%2Fwww.coveredca.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7JQHX

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.217.22.70 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s17-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: 4922306.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CPjzzdDOzd0CFUKC3god4T0O6w;src=4922306;type=general;cat=visit;ord=1;num=2834373013686;gtm=G9h;auiddc=1959152739.1537585039;~oref=https%3A%2F%2Fwww.coveredca.com%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.coveredca.com/
accept-encoding: gzip, deflate
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.coveredca.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Sat, 22 Sep 2018 02:57:19 GMT
expires: Sat, 22 Sep 2018 02:57:19 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 817
x-xss-protection: 1; mode=block
set-cookie: IDE=AHWqTUnS8QedJXysFZBEDC_G-lHFhbh9VusMEfe0wSXTNm2YvcYxhzHj_CiHirbv; expires=Mon, 21-Sep-2020 02:57:19 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Sat, 22 Sep 2018 02:57:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://4922306.fls.doubleclick.net/activityi;dc_pre=CPjzzdDOzd0CFUKC3god4T0O6w;src=4922306;type=general;cat=visit;ord=1;num=2834373013686;gtm=G9h;auiddc=1959152739.1537585039;~oref=https%3A%2F%2Fwww.coveredca.com%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 1; mode=block
set-cookie: test_cookie=CheckForPermission; expires=Sat, 22-Sep-2018 03:12:19 GMT; path=/; domain=.doubleclick.net
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2

200

activityi;dc_pre=CKawztDOzd0CFU9x4Aodqw4BCA;src=4922306;type=general;cat=homep0;ord=1;num=2758588644239;gtm=G9h;auiddc=1959152739.1537585039;~oref=https%3A%2F%2Fwww.coveredca.com%2F
4922306.fls.doubleclick.net/ Frame D565
Redirect Chain

https://4922306.fls.doubleclick.net/activityi;src=4922306;type=general;cat=homep0;ord=1;num=2758588644239;gtm=G9h;auiddc=1959152739.1537585039;~oref=https%3A%2F%2Fwww.coveredca.com%2F?
https://4922306.fls.doubleclick.net/activityi;dc_pre=CKawztDOzd0CFU9x4Aodqw4BCA;src=4922306;type=general;cat=homep0;ord=1;num=2758588644239;gtm=G9h;auiddc=1959152739.1537585039;~oref=https%3A%2F%2F...

0
0

23ms
23ms

Document
text/html

172.217.22.70
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://4922306.fls.doubleclick.net/activityi;dc_pre=CKawztDOzd0CFU9x4Aodqw4BCA;src=4922306;type=general;cat=homep0;ord=1;num=2758588644239;gtm=G9h;auiddc=1959152739.1537585039;~oref=https%3A%2F%2Fwww.coveredca.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7JQHX

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.217.22.70 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s17-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: 4922306.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CKawztDOzd0CFU9x4Aodqw4BCA;src=4922306;type=general;cat=homep0;ord=1;num=2758588644239;gtm=G9h;auiddc=1959152739.1537585039;~oref=https%3A%2F%2Fwww.coveredca.com%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.coveredca.com/
accept-encoding: gzip, deflate
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.coveredca.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Sat, 22 Sep 2018 02:57:19 GMT
expires: Sat, 22 Sep 2018 02:57:19 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 1483
x-xss-protection: 1; mode=block
set-cookie: IDE=AHWqTUmS9JgRobW2LwXCuJijn0d2IRS1BNC-o0DmJoOBL7ZInX8sKDuhNFlVtbcd; expires=Mon, 21-Sep-2020 02:57:19 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Sat, 22 Sep 2018 02:57:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://4922306.fls.doubleclick.net/activityi;dc_pre=CKawztDOzd0CFU9x4Aodqw4BCA;src=4922306;type=general;cat=homep0;ord=1;num=2758588644239;gtm=G9h;auiddc=1959152739.1537585039;~oref=https%3A%2F%2Fwww.coveredca.com%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 1; mode=block
set-cookie: test_cookie=CheckForPermission; expires=Sat, 22-Sep-2018 03:12:19 GMT; path=/; domain=.doubleclick.net
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
S

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j69&a=390644147&t=pageview&_s=1&dl=https%3A%2F%2Fwww.coveredca.com%2F&ul=en-us&de=UTF-8&dt=Health%20Care%20Marketplace%20-%20Official%20Site%20%7C%...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-39926152-1&cid=1567015938.1537585039&jid=1324479700&_gid=699602549.1537585039&gjid=1992191870&_v=j69&z=1851333804
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-39926152-1&cid=1567015938.1537585039&jid=1324479700&_v=j69&z=1851333804
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-39926152-1&cid=1567015938.1537585039&jid=1324479700&_v=j69&z=1851333804&slf_rd=1&random=1578325910

42 B
109 B

15ms
15ms

Image
image/gif

2a00:1450:4001:81c::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-39926152-1&cid=1567015938.1537585039&jid=1324479700&_v=j69&z=1851333804&slf_rd=1&random=1578325910

Requested by

Host: www.coveredca.com
URL: https://www.coveredca.com/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.coveredca.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Sep 2018 02:57:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 22 Sep 2018 02:57:19 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-39926152-1&cid=1567015938.1537585039&jid=1324479700&_v=j69&z=1851333804&slf_rd=1&random=1578325910
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 1138248062924775 Show response
connect.facebook.net/signals/config/ 19 KB
7 KB 33ms
32ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1138248062924775?v=2.8.27&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

989c789757071c3e37f059ed3c74b784fb023e83ee302095bae513c1771aa8f5

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.coveredca.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
x-xss-protection: 0
pragma: public
x-fb-debug: rJMoRpYO/3EQGrBm3AhbdtmS3Po97QvH3WqpEPHja1CzePzr4T8TTpCT1lazVEC182hv62aTcAx/ofgoCF+FLg==
x-frame-options: DENY
date: Sat, 22 Sep 2018 02:57:19 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
S 204 generate_204
www.googleapis.com/ 0
40 B 6ms
5ms Image
text/plain 2a00:1450:4001:814::200a
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Requested by: Host: www.coveredca.com
URL: https://www.coveredca.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a00:1450:4001:814::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.coveredca.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 204
date: Sat, 22 Sep 2018 02:57:19 GMT
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0

GET
S 200 adsct
t.co/i/ 43 B
170 B 119ms
118ms Image
image/gif 104.244.42.69
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nw2ma&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0

Requested by

Host: www.coveredca.com
URL: https://www.coveredca.com/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.69 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://www.coveredca.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Sep 2018 02:57:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 112
pragma: no-cache
last-modified: Sat, 22 Sep 2018 02:57:19 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: c64b2c1202f7b8377ba21f18e864d53b
x-transaction: 00a4ad3100562d8c
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
S 200 adsct
t.co/i/ 43 B
125 B 117ms
117ms Image
image/gif 104.244.42.69
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nvxls&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0

Requested by

Host: www.coveredca.com
URL: https://www.coveredca.com/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.69 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://www.coveredca.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Sep 2018 02:57:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 111
pragma: no-cache
last-modified: Sat, 22 Sep 2018 02:57:19 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: c64b2c1202f7b8377ba21f18e864d53b
x-transaction: 009e3a6f00340f33
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
S 200 adsct
t.co/i/ 43 B
124 B 119ms
119ms Image
image/gif 104.244.42.69
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nwaun&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0

Requested by

Host: www.coveredca.com
URL: https://www.coveredca.com/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.69 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://www.coveredca.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Sep 2018 02:57:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 113
pragma: no-cache
last-modified: Sat, 22 Sep 2018 02:57:19 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: c64b2c1202f7b8377ba21f18e864d53b
x-transaction: 00b760f500124062
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1

200
OK

index.php Show response
a.dpmsrv.com/dpmpxl/
Redirect Chain

https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&q%3DxImp%26v%3D1.x%26cl%3D133%26pixelIndex%3D0%26r%3D853024%26tzOffset%3D0%26url%3Dhttps%253A%252F%252Fwww.coveredca.com%25...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26q%253DxImp%2526v%253D1.x%2526cl%253D133%2526pixelIndex%253D0%2526r%253D853024%2526tzOffset%25...
https://a.dpmsrv.com/dpmpxl/index.php?id=8015323158597070639&q=xImp&v=1.x&cl=133&pixelIndex=0&r=853024&tzOffset=0&url=https%3A%2F%2Fwww.coveredca.com%2F&_=1537585039249

256 B
958 B

394ms
98ms

Script
text/javascript

52.3.188.64
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?id=8015323158597070639&q=xImp&v=1.x&cl=133&pixelIndex=0&r=853024&tzOffset=0&url=https%3A%2F%2Fwww.coveredca.com%2F&_=1537585039249
Requested by: Host: www.coveredca.com
URL: https://www.coveredca.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.3.188.64 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-3-188-64.compute-1.amazonaws.com
Software: /
Resource Hash: 532ed6d2a2022c7efebaaf0a6e62087d8846c62a5ace6bdba7a23376829fc771

Request headers

Referer: https://www.coveredca.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Content-Encoding: gzip
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Access-Control-Allow-Headers: content-type, accept
Content-Length: 225
Expires: 0

Redirect headers

Pragma: no-cache
Date: Sat, 22 Sep 2018 02:57:21 GMT
X-Proxy-Origin: 148.251.45.254; 148.251.45.254; 152.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.19:80
AN-X-Request-Uuid: cbd650a3-1c6f-4a24-a355-9efec716d4cb
Server: nginx/1.13.4
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://a.dpmsrv.com/dpmpxl/index.php?id=8015323158597070639&q=xImp&v=1.x&cl=133&pixelIndex=0&r=853024&tzOffset=0&url=https%3A%2F%2Fwww.coveredca.com%2F&_=1537585039249
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
S 200 1085919381420494 Show response
connect.facebook.net/signals/config/ 19 KB
7 KB 40ms
40ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1085919381420494?v=2.8.27&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

0d44a3b5d644574e46ef1cab289d7e834a9ceb217025675c6281bce92b3c3505

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.coveredca.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
x-xss-protection: 0
pragma: public
x-fb-debug: nX3+N0psaiPLG1rU38MMTsV9RlM442K7sIiPUIYTvTzCj4bNyDWhFKf7coayhtPKyp5aG/yVLTvTqjq1VUkDag==
x-frame-options: DENY
date: Sat, 22 Sep 2018 02:57:19 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
S 200 /
www.facebook.com/tr/ 44 B
247 B 6ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=1138248062924775&ev=PageView&dl=https%3A%2F%2Fwww.coveredca.com%2F&rl=&if=false&ts=1537585039265&sw=1600&sh=1200&v=2.8.27&r=stable&a=tmgoogletagmanager&ec=0&o=28&it=1537585039223
Requested by: Host: www.coveredca.com
URL: https://www.coveredca.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: https://www.coveredca.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Sep 2018 02:57:19 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Sat, 22 Sep 2018 02:57:19 GMT

GET
S 200 /
www.facebook.com/tr/ 44 B
201 B 6ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=1085919381420494&ev=PageView&dl=https%3A%2F%2Fwww.coveredca.com%2F&rl=&if=false&ts=1537585039418&sw=1600&sh=1200&v=2.8.27&r=stable&a=tmgoogletagmanager&ec=0&o=28&it=1537585039223
Requested by: Host: www.coveredca.com
URL: https://www.coveredca.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: https://www.coveredca.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Sep 2018 02:57:19 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Sat, 22 Sep 2018 02:57:19 GMT

GET
H/1.1

200
OK

index.php Show response
a.dpmsrv.com/dpmpxl/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=8015323158597070639&pixelIndex=0&_=1537585039250
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=8015323158597070639&pixelIndex=0&_=1537585039250&google_gid=CAESEPsCByxXLdD8dzQiBzMtpRE&google_cver=1

0
575 B

99ms
99ms

Script
text/javascript

52.3.188.64
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=8015323158597070639&pixelIndex=0&_=1537585039250&google_gid=CAESEPsCByxXLdD8dzQiBzMtpRE&google_cver=1
Requested by: Host: www.coveredca.com
URL: https://www.coveredca.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.3.188.64 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-3-188-64.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.coveredca.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Access-Control-Allow-Headers: content-type, accept
Content-Length: 0
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 22 Sep 2018 02:57:19 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=8015323158597070639&pixelIndex=0&_=1537585039250&google_gid=CAESEPsCByxXLdD8dzQiBzMtpRE&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 368
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S

200

generic
match.adsrvr.org/track/cmf/
Redirect Chain

https://idsync.rlcdn.com/423396.gif?partner_uid=8015323158597070639
https://idsync.rlcdn.com/1000.gif?memo=COTrGRIfChsIARDGpwEaEzgwMTUzMjMxNTg1OTcwNzA2MzkQABoNCJDflt0FEgUI6AcQAA
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveramp

70 B
264 B

83ms
27ms

Image
image/gif

34.247.201.188
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveramp
Requested by: Host: www.coveredca.com
URL: https://www.coveredca.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.201.188 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-247-201-188.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://www.coveredca.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Sep 2018 02:57:20 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status: 200
cache-control: private,no-cache, must-revalidate
content-type: image/gif
content-length: 70

Redirect headers

status: 307
date: Sat, 22 Sep 2018 02:57:20 GMT
cache-control: no-cache, no-store
timing-allow-origin: *
content-length: 0
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveramp
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
S 200 adsct Show response
analytics.twitter.com/i/ 31 B
206 B 128ms
128ms Script
application/javascript 104.244.42.67
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nw2ma&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.coveredca.com%2F

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.67 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://www.coveredca.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Sep 2018 02:57:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
content-length: 57
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 122
pragma: no-cache
last-modified: Sat, 22 Sep 2018 02:57:19 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: ac55732cdc36f8e3d05830b6d63eceb2
x-transaction: 009ba48500ee283b
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
S 200 adsct Show response
analytics.twitter.com/i/ 31 B
253 B 124ms
123ms Script
application/javascript 104.244.42.67
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nvxls&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.coveredca.com%2F

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.67 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://www.coveredca.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Sep 2018 02:57:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
content-length: 57
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 117
pragma: no-cache
last-modified: Sat, 22 Sep 2018 02:57:19 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: ac55732cdc36f8e3d05830b6d63eceb2
x-transaction: 004a51db00fe9842
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
S 200 adsct Show response
analytics.twitter.com/i/ 31 B
207 B 128ms
128ms Script
application/javascript 104.244.42.67
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nwaun&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.coveredca.com%2F

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.67 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://www.coveredca.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Sep 2018 02:57:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
content-length: 57
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 121
pragma: no-cache
last-modified: Sat, 22 Sep 2018 02:57:19 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: ac55732cdc36f8e3d05830b6d63eceb2
x-transaction: 00da57cb005ba6b1
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1 200
OK elqCfg.min.js Show response
img03.en25.com/i/ 6 KB
3 KB 22ms
6ms Script
application/x-javascript 23.38.61.244
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://img03.en25.com/i/elqCfg.min.js

Requested by

Host: www.coveredca.com
URL: https://www.coveredca.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.38.61.244 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-38-61-244.deploy.static.akamaitechnologies.com

Software

Resource Hash

23818277c974e4ed1d48a04077c6a133bde3435f3d0bafe8dcca49150ebcb986

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.coveredca.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 19 Jul 2018 18:05:34 GMT
ETag: "f19be4168b1fd41:0"
Vary: Accept-Encoding
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA"
Cache-Control: no-cache, no-store
Date: Sat, 22 Sep 2018 02:57:19 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 2118
Expires: Sat, 22 Sep 2018 02:57:19 GMT

GET
H/1.1

200
OK

svrGP.aspx
ccmd.coveredca.com/visitor/v200/
Redirect Chain

https://s522558593.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=522558593&ref2=elqNone&tzo=0&ms=863&optin=disabled&firstPartyCookieDomain=ccmd.coveredca.com
http://ccmd.coveredca.com/visitor/v200/svrGP.aspx?pps=3&siteid=522558593&ref2=elqNone&tzo=0&ms=863&optin=disabled&elq1pcGUID=C72854CF575F4B4396CCD8DFB8761BC2

49 B
523 B

221ms
115ms

Image
image/gif

142.0.160.17
Oracle Corporation

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://ccmd.coveredca.com/visitor/v200/svrGP.aspx?pps=3&siteid=522558593&ref2=elqNone&tzo=0&ms=863&optin=disabled&elq1pcGUID=C72854CF575F4B4396CCD8DFB8761BC2

Requested by

Host: www.coveredca.com
URL: https://www.coveredca.com/

Protocol

HTTP/1.1

Server

142.0.160.17 Redwood City, United States, ASN7160 (NETDYNAMICS - Oracle Corporation, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000;
X-Content-Type-Options: nosniff
X-Powered-By: ASP.NET
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA"
Cache-Control: private,no-cache, no-store
Date: Sat, 22 Sep 2018 02:57:19 GMT
Content-Type: image/gif
Content-Length: 49
Expires: -1

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000;
X-Content-Type-Options: nosniff
X-Powered-By: ASP.NET
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA"
Location: http://ccmd.coveredca.com/visitor/v200/svrGP.aspx?pps=3&siteid=522558593&ref2=elqNone&tzo=0&ms=863&optin=disabled&elq1pcGUID=C72854CF575F4B4396CCD8DFB8761BC2
Cache-Control: private,no-cache, no-store
Date: Sat, 22 Sep 2018 02:57:19 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 298
Expires: -1

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rfihub.com/	1970-01-19 04:28:01	Name: eud Value: H4sIAAAAAAAAAF3RKw7CQBAG4PBKCI-EA6AIiqRh284yW0lIERBCAwLsbiCkdYDiCsjKHqESiURyBCQSiawC2f7jvszML2YaXXsy9tf-bLJZHiMv5N2B9GoehGKxjFSvw8F5O7x4_9qH03VwHJR9sWrb0mWppCDhyFGUo5TqlKNLnJTy08JJwTfwHfwEf8AZ-FouOgYn4BR8A9_BL_AX8yuQB06rkAeOa7APjuvQBz_AT_AL_AZn6Abcown_aPaVbZN2PLaItbLIlcZSzGSZvdYjYzQZom9hjZ0MYpJW0T-nknJomAIAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAAAOOSMXR2dA129XIO9y_Mssw0T0k3SQzyDsg08PXPslASMA8ojtCvtASC1Ey34IBCLSZXg1lMKhaGhiaJRpbmuibmiRa6JsamSboW5uYmukmpiYlmSUmJJkkmJgDDfEpdWwAAAA
.rfihub.com/	1970-01-19 04:28:01	Name: rud Value: H4sIAAAAAAAAAOMSNjQwsTCyMDYyMLQwtbQwtLQ0NhXiM9RNLM6sTIoq8HZN8c2S4jU0NTY3tTA1MDEAsgCXj1oeNAAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSNjQwsTCyMDYyMLQwtbQwtLQ0NhXiM9RNLM6sTIoq8HZN8c0CAEmZo1wlAAAA
.gwallet.com/	1970-01-19 03:52:01	Name: ra1_sid Value: 283
.gwallet.com/	1970-01-19 03:52:01	Name: ra1_sgm_1738992129 Value: -0-JbWj1-ep80000
.doubleclick.net/	1970-01-19 12:37:37	Name: IDE Value: AHWqTUmS9JgRobW2LwXCuJijn0d2IRS1BNC-o0DmJoOBL7ZInX8sKDuhNFlVtbcd
.coveredca.com/	1970-01-19 12:39:03	Name: ELOQUA Value: GUID=C72854CF575F4B4396CCD8DFB8761BC2
www.coveredca.com/	1969-12-31 23:59:59	Name: dpm_url_count Value: 1
.coveredca.com/	1970-01-18 19:06:25	Name: _gat_UA-39926152-1 Value: 1
.gwallet.com/	1970-01-19 03:52:01	Name: RA1balancer Value: MTAuMTAzLjIuOTIgODg4OCB2Mg==
www.coveredca.com/	1969-12-31 23:59:59	Name: dpm_time_site Value: 2.009
.coveredca.com/	1970-01-19 12:37:37	Name: _ga Value: GA1.2.1567015938.1537585039
www.coveredca.com/	1969-12-31 23:59:59	Name: hasLiveRampMatch Value: true
.gwallet.com/	1970-01-19 03:52:01	Name: ra1_pd_1826578745 Value: CgYIahjiiiiBo
.coveredca.com/	1970-01-18 21:16:01	Name: _gcl_au Value: 1.1.1959152739.1537585039
.gwallet.com/	1970-01-19 03:52:01	Name: ra1_sgm Value: -0-JbWj1-TJR0000-7QZ0000-8QZ0000
.coveredca.com/	1970-01-18 19:07:51	Name: _gid Value: GA1.2.699602549.1537585039
.gwallet.com/	1970-01-19 03:52:01	Name: ra1_uid Value: 5887998433953398336
.www.coveredca.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: aae18594dddc1863f9ea15f0c8c72dd72a0bbc0dd78a6930ee866072535edfc4

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4922306.fls.doubleclick.net
a.dpmsrv.com
a.tribalfusion.com
ad.doubleclick.net
adservice.google.com
analytics.twitter.com
ccmd.coveredca.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
coveredca.com
cse.google.com
dnn506yrbagrg.cloudfront.net
gwmtracking.com
ib.adnxs.com
idsync.rlcdn.com
img03.en25.com
match.adsrvr.org
rs.gwallet.com
s.dpmsrv.com
s.tribalfusion.com
s522558593.t.eloqua.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
www.coveredca.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleapis.com
www.googletagmanager.com
104.244.42.67
104.244.42.69
104.244.43.80
142.0.160.13
142.0.160.17
143.204.101.48
143.204.98.124
172.217.18.162
172.217.22.70
172.217.23.166
204.11.109.66
204.11.109.67
205.185.208.52
213.19.147.51
216.200.122.11
23.38.61.244
23.99.0.12
2400:cb00:2048:1::6813:c397
2a00:1450:4001:814::200a
2a00:1450:4001:817::2004
2a00:1450:4001:817::2008
2a00:1450:4001:817::200e
2a00:1450:4001:81c::2003
2a00:1450:4001:81e::2002
2a00:1450:400c:c00::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.247.201.188
37.252.172.80
50.63.202.16
52.3.188.64
54.82.237.73
0427b7c7e2f333f33eb863ed6e632e8e0339ac20c2ea84da779d2c018806246d
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0b7087fb1ca167eb64655e90e5a31929e624ae722e986d112a1360ad1beb1528
0d44a3b5d644574e46ef1cab289d7e834a9ceb217025675c6281bce92b3c3505
0da2970b0056899e434ef760007f7574b7ae17cba00af39dc1d373a26de072c4
109ccb0b4e83c2626d502f7bc21fa31a3cec234028eb60525748003ab657d509
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
167cbde7e21233e046dd224a44e9b519057eb04c1fed9995afd48e715503b911
210ce3869572640906f4b3216d111907c74e554706ec7f3c71eb13049da1c5b7
226209a4f6f515f2545f5010b26321ab2b81b0869df21c94a0510a6870aaf770
23818277c974e4ed1d48a04077c6a133bde3435f3d0bafe8dcca49150ebcb986
24e52f3d9583171bcaa45172261052d86ab0b98bac201aee1c123bf8d1313b69
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b7aa64eef9d38dc28ab945dd02608a994141d1d9fce944fd4f1e1bbec1a8a7c
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
3695845506717fb9d089a2df2f27f13205ce009050989272c7a95bdb87e6c290
3880fcd67960e5baef74f349393dff62fa370f5dd5a876086641bd374950ba45
4772dbb041b960d0d1401ce242a55abd1728fbcf6ffe82266108bec6e1a49af1
532ed6d2a2022c7efebaaf0a6e62087d8846c62a5ace6bdba7a23376829fc771
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
587aac9aef8429e8586b14b067f9c01c2316df914a1bad68a22fb56fc5b692bc
762eb8a0e69e8abfa5b1dd40b32ac15132f688a2bebb26b752d6ecce4c256cd0
76a0d76f135419f4d00213037cda0cba949a0372e01ab6a1d70072008a56bd18
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7dfc3ef73c1284c7aff3c5cdac3812d212c8b899037d7860c8ba20a1defb9a7f
86bdb9e751f4511dc4b980c9ad30a5c3976625a87ccb14f49ca40e4cabf0d9ea
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
989c789757071c3e37f059ed3c74b784fb023e83ee302095bae513c1771aa8f5
98c0a7034f5d8bd5f845de3aee1306ded820514c771de3d2487747b1dea78ece
a1fea6f48733c85dc60c0d338be4d45f5edaf88762c3b94293704835dac491fd
a53c1251d51beb974b73de4c579805dee5babd8730b6193bc014b8b44cb87b4c
a7be208e9e25828734b7e3a918bc321d33b6497d8cd7a5ad57ec5dbb34f97502
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b2b09c4166e715c0c14152d7611d79fc463d030323a4aeac229a075ec1845183
bdd8a9681db7f47b254bfefda025fa0fac2395999f5bdaf1bcf702f36424903f
d183ca03064fecca7700b311541da2f065de12776f0aadde4a5fd6b009754729
d3201ed1d3808726fa4d005003bf5edb43807bde946557bda183b7c7090afce6
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c34748045636d034b2d5ceade24a832b8597d1e2b267136edf8abef779d968
e53a98e32c6d573922a80794c6e974c1c0888aa46ff664eb5056d42eff7a0517
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e93d8a3d4d64c0bf41dc20914fcb7de3310d1f93f9b7a2c7f2b5e202065e4f63
ed17a6e7532cc3065f9fbd8f607dfd30e09b4531ada9f7cb5732a2bf6cf6744c
eddb89e78a040b832a2a3de3c9b5e163444b83c30c2ed202db1321504b865c36
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

www.coveredca.com Open in urlscan Pro 23.99.0.12 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

57 Requests

98 %HTTPS

31 %IPv6

24 Domains

33 Subdomains

23 IPs

5 Countries

922 kBTransfer

2749 kBSize

20 Cookies

16 Outgoing links

Page URL History

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.coveredca.com Open in urlscan Pro
23.99.0.12 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

98 %
HTTPS

31 %
IPv6

24
Domains

33
Subdomains

23
IPs

5
Countries

922 kB
Transfer

2749 kB
Size

20
Cookies

57 HTTP transactions
0 data transactions