www.coverva.org Open in urlscan Pro
75.2.125.6 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://lnks.gd/l/eyJhbGciOiJIUzI1NiJ9.eyJidWxsZXRpbl9saW5rX2lkIjoxMDYsInVyaSI6ImJwMjpjbGljayIsImJ1bGxldGluX2lkI...
Effective URL:
https://www.coverva.org/en/screening-tool?utm_campaign=2consumers3eng2022&utm_content=OE2022&utm_medium=email&utm_source...
Submission: On January 17 via manual (January 17th 2023, 4:08:03 pm UTC) from US — Scanned from DE

Summary HTTP 96 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 22 IPs in 5 countries across 19 domains to perform 96 HTTP transactions. The main IP is 75.2.125.6, located in United States and belongs to AMAZON-02, US. The main domain is www.coverva.org. The Cisco Umbrella rank of the primary domain is 637362.
TLS certificate: Issued by Entrust Certification Authority - L1K on October 6th 2022. Valid for: a year.

This is the only time www.coverva.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2001:18c8:17f... 2001:18c8:17f:fc75::d186:90e5	8015 (VISI-AS) (VISI-AS)
15	75.2.125.6 75.2.125.6	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:350... 2a02:26f0:3500:587::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	34.250.33.236 34.250.33.236	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	65.9.65.116 65.9.65.116	16509 (AMAZON-02) (AMAZON-02)
25	13.89.105.76 13.89.105.76	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	54.171.1.252 54.171.1.252	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400d:80a::2003	15169 (GOOGLE) (GOOGLE)
1	15.236.117.205 15.236.117.205	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
13	151.101.130.217 151.101.130.217	54113 (FASTLY) (FASTLY)
3	13.84.36.2 13.84.36.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
8	52.201.12.96 52.201.12.96	14618 (AMAZON-AES) (AMAZON-AES)
2	13.69.106.215 13.69.106.215	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
96	22

1 2001:18c8:17f:fc75::d186:90e5 (United States)

ASN8015 (VISI-AS, US)

lnks.gd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 75.2.125.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: ae558034ba94d8f30.awsglobalaccelerator.com

www.coverva.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:587::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.250.33.236 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-33-236.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
maximus.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.65.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-65-116.fra56.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 13.89.105.76 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

medchatapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.1.252 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-1-252.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.236.117.205 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-117-205.eu-west-3.compute.amazonaws.com

maximusinc.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 151.101.130.217 (United States)

ASN54113 (FASTLY, US)

app.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.84.36.2 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

shared-assets.medchatapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.201.12.96 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-12-96.compute-1.amazonaws.com

events.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.69.106.215 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	medchatapp.com medchatapp.com — Cisco Umbrella Rank: 94300 shared-assets.medchatapp.com — Cisco Umbrella Rank: 150469	1 MB
21	launchdarkly.com app.launchdarkly.com — Cisco Umbrella Rank: 671 events.launchdarkly.com — Cisco Umbrella Rank: 471	6 KB
15	coverva.org www.coverva.org — Cisco Umbrella Rank: 637362	2 MB
6	gstatic.com fonts.gstatic.com	84 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	265 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 41	221 KB
3	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 201 maximus.demdex.net — Cisco Umbrella Rank: 341342	5 KB
2	visualstudio.com dc.services.visualstudio.com — Cisco Umbrella Rank: 755	793 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 153	136 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35 ajax.googleapis.com — Cisco Umbrella Rank: 292	32 KB
2	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 478	74 KB
1	google.de www.google.de — Cisco Umbrella Rank: 5983	548 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	548 B
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	2 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2439	347 B
1	omtrdc.net maximusinc.sc.omtrdc.net — Cisco Umbrella Rank: 290268	345 B
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 974	517 B
1	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1412	2 KB
1	lnks.gd lnks.gd — Cisco Umbrella Rank: 29581	943 B
96	19

	Domain	Requested by
25	medchatapp.com	www.coverva.org medchatapp.com
15	www.coverva.org	lnks.gd www.coverva.org
13	app.launchdarkly.com	medchatapp.com
8	events.launchdarkly.com	medchatapp.com
6	fonts.gstatic.com	fonts.googleapis.com
4	www.facebook.com	www.coverva.org
3	shared-assets.medchatapp.com	medchatapp.com
3	www.googletagmanager.com	www.coverva.org www.googletagmanager.com
2	dc.services.visualstudio.com	medchatapp.com
2	connect.facebook.net	lnks.gd connect.facebook.net
2	dpm.demdex.net	assets.adobedtm.com www.coverva.org
2	assets.adobedtm.com	www.coverva.org assets.adobedtm.com
1	www.google.de	www.coverva.org
1	www.google.com	www.coverva.org
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	region1.google-analytics.com	www.googletagmanager.com
1	maximusinc.sc.omtrdc.net	www.coverva.org
1	ajax.googleapis.com	assets.adobedtm.com
1	cm.everesttech.net	1 redirects
1	maximus.demdex.net	assets.adobedtm.com
1	js.adsrvr.org	www.coverva.org
1	fonts.googleapis.com	www.coverva.org
1	lnks.gd
96	23

This site contains links to these domains. Also see Links.

Domain
twitter.com
facebook.com

Subject Issuer	Validity	Valid
lnks.gd GoGetSSL RSA DV CA	`2022-07-07` - `2023-07-07`	a year	crt.sh
coverva.org Entrust Certification Authority - L1K	`2022-10-06` - `2023-10-30`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-08-19`	a year	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-10-26` - `2023-01-24`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.medchatapp.com Go Daddy Secure Certificate Authority - G2	`2022-10-23` - `2023-11-24`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.sc.omtrdc.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-17` - `2023-03-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
app.launchdarkly.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-28` - `2023-10-30`	a year	crt.sh
events.launchdarkly.com Amazon	`2022-08-19` - `2023-09-16`	a year	crt.sh
in.applicationinsights.azure.com Microsoft Azure TLS Issuing CA 06	`2022-11-21` - `2023-11-16`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.coverva.org/en/screening-tool?utm_campaign=2consumers3eng2022&utm_content=OE2022&utm_medium=email&utm_source=govdelivery
Frame ID: 1827BEB1E24C81C9993912DD2C71E09E
Requests: 47 HTTP requests in this frame

Frame: https://maximus.demdex.net/dest5.html?d_nsid=0
Frame ID: E03DB125295DF3DBD9148E549374517E
Requests: 1 HTTP requests in this frame

Frame: https://medchatapp.com/widget-launcher/
Frame ID: BC5FB24DFB8BBBF84A0ECDF2D2A7C44E
Requests: 12 HTTP requests in this frame

Frame: https://medchatapp.com/widget/Rg17rBCiAESsURhm1UTcGw?&hasWrapper=true
Frame ID: BC686498E9E1C6CF7CA7C738C767A41F
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Eligibility Screening ToolCloseClose

Page URL History Show full URLs

https://lnks.gd/l/eyJhbGciOiJIUzI1NiJ9.eyJidWxsZXRpbl9saW5rX2lkIjoxMDYsInVyaSI6ImJwMjpjbGlja... Page URL
https://www.coverva.org/en/screening-tool?utm_campaign=2consumers3eng2022&utm_content=OE2022&utm_med... Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

96
Requests

98 %
HTTPS

55 %
IPv6

19
Domains

23
Subdomains

22
IPs

5
Countries

4603 kB
Transfer

15042 kB
Size

14
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/coverva
Title: Twitter

Search URL Search Domain Scan URL

URL: https://facebook.com/coverva
Title: Cover VA Facebook page

Search URL Search Domain Scan URL

URL: https://facebook.com/famisprograms
Title: FAMIS Facebook page

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://lnks.gd/l/eyJhbGciOiJIUzI1NiJ9.eyJidWxsZXRpbl9saW5rX2lkIjoxMDYsInVyaSI6ImJwMjpjbGljayIsImJ1bGxldGluX2lkIjoiMjAyMzAxMTcuNjk5MTE4MTEiLCJ1cmwiOiJodHRwczovL3d3dy5jb3ZlcnZhLm9yZy9lbi9zY3JlZW5pbmctdG9vbD91dG1fY2FtcGFpZ249MmNvbnN1bWVyczNlbmcyMDIyJnV0bV9jb250ZW50PU9FMjAyMiZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9Z292ZGVsaXZlcnkifQ.6twXHCIb8MBEUc3oh6lNo2_FvoMVxsCD4OMNrW0jggQ/s/1510781211/br/152919689311-l Page URL
https://www.coverva.org/en/screening-tool?utm_campaign=2consumers3eng2022&utm_content=OE2022&utm_medium=email&utm_source=govdelivery Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://cm.everesttech.net/cm/dd?d_uuid=65093698537492504562187318791399650376 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y8bH3QAAAIXilwNx

96 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK 152919689311-l
lnks.gd/l/eyJhbGciOiJIUzI1NiJ9.eyJidWxsZXRpbl9saW5rX2lkIjoxMDYsInVyaSI6ImJwMjpjbGljayIsImJ1bGxldGluX2lkIjoiMjAyMzAxMTcuNjk5MTE4MTEiLCJ1cmwiOiJodHRwczovL3d3dy5jb3ZlcnZhLm9yZy9lbi9zY3JlZW5pbmctdG9vbD... 493 B
943 B 570ms
137ms Document
text/html 2001:18c8:17f:fc75::d186:90e5
VISI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lnks.gd/l/eyJhbGciOiJIUzI1NiJ9.eyJidWxsZXRpbl9saW5rX2lkIjoxMDYsInVyaSI6ImJwMjpjbGljayIsImJ1bGxldGluX2lkIjoiMjAyMzAxMTcuNjk5MTE4MTEiLCJ1cmwiOiJodHRwczovL3d3dy5jb3ZlcnZhLm9yZy9lbi9zY3JlZW5pbmctdG9vbD91dG1fY2FtcGFpZ249MmNvbnN1bWVyczNlbmcyMDIyJnV0bV9jb250ZW50PU9FMjAyMiZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9Z292ZGVsaXZlcnkifQ.6twXHCIb8MBEUc3oh6lNo2_FvoMVxsCD4OMNrW0jggQ/s/1510781211/br/152919689311-l

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:18c8:17f:fc75::d186:90e5 , United States, ASN8015 (VISI-AS, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, private, must-revalidate
Connection: close
Content-Type: text/html; charset=utf-8
Date: Tue, 17 Jan 2023 16:07:56 GMT
ETag: W/"f2f5e6f1f022296c65db5c830d21ba30"
Referer: lnks.gd
Referrer-Policy: origin
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
X-Request-Id: cebeb408-d786-464c-9fea-b6a37946124b
X-Runtime: 0.004575
X-Served-By: prod-hyruleweb10.ep.gdi

GET
H2 200 Primary Request screening-tool Show response
www.coverva.org/en/ 188 KB
34 KB 702ms
400ms Document
text/html 75.2.125.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.coverva.org/en/screening-tool?utm_campaign=2consumers3eng2022&utm_content=OE2022&utm_medium=email&utm_source=govdelivery

Requested by

Host: lnks.gd
URL: https://lnks.gd/l/eyJhbGciOiJIUzI1NiJ9.eyJidWxsZXRpbl9saW5rX2lkIjoxMDYsInVyaSI6ImJwMjpjbGljayIsImJ1bGxldGluX2lkIjoiMjAyMzAxMTcuNjk5MTE4MTEiLCJ1cmwiOiJodHRwczovL3d3dy5jb3ZlcnZhLm9yZy9lbi9zY3JlZW5pbmctdG9vbD91dG1fY2FtcGFpZ249MmNvbnN1bWVyczNlbmcyMDIyJnV0bV9jb250ZW50PU9FMjAyMiZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9Z292ZGVsaXZlcnkifQ.6twXHCIb8MBEUc3oh6lNo2_FvoMVxsCD4OMNrW0jggQ/s/1510781211/br/152919689311-l

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.125.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ae558034ba94d8f30.awsglobalaccelerator.com

Software

nginx /

Resource Hash

84bc412acb1958e56f6a097a7e1b945ff56b05efe0d8ae96cb7029ca0ba14761

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lnks.gd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=30
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 17 Jan 2023 16:07:56 GMT
etag: W/"2efa4-vrB3cpJUhE9fxbE5kV5fOlr2zmY"
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 launch-4a6b746de091.min.js Show response
assets.adobedtm.com/63e6c9fa6c47/b97f7658714a/ 219 KB
62 KB 333ms
8ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/63e6c9fa6c47/b97f7658714a/launch-4a6b746de091.min.js
Requested by: Host: www.coverva.org
URL: https://www.coverva.org/en/screening-tool?utm_campaign=2consumers3eng2022&utm_content=OE2022&utm_medium=email&utm_source=govdelivery
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: cc39cb58ebe6aecf6f11460b1ce13cd82260993b5a135a24426de2b91db08455

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coverva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 16:07:57 GMT
content-encoding: gzip
last-modified: Fri, 23 Dec 2022 16:09:48 GMT
server: AkamaiNetStorage
etag: "323a0c8b8f77147d1abc63b9eb298412:1671811788.220857"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.coverva.org
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 63215
expires: Tue, 17 Jan 2023 17:07:57 GMT

GET
H2 200 main~071cedab.89ad9148.chunk.css
www.coverva.org/static/css/ 559 B
749 B 100ms
100ms Stylesheet
text/css 75.2.125.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.coverva.org/static/css/main~071cedab.89ad9148.chunk.css

Requested by

Host: www.coverva.org
URL: https://www.coverva.org/en/screening-tool?utm_campaign=2consumers3eng2022&utm_content=OE2022&utm_medium=email&utm_source=govdelivery

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.125.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ae558034ba94d8f30.awsglobalaccelerator.com

Software

nginx /

Resource Hash

8c69f43299b8d9773b39064862f42d88bc64b32e8a331ebfafc9de5386d278bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coverva.org/en/screening-tool?utm_campaign=2consumers3eng2022&utm_content=OE2022&utm_medium=email&utm_source=govdelivery
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 16:07:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 20 Jul 2022 21:00:21 GMT
server: nginx
etag: "62d86ce5-22f"
content-type: text/css
accept-ranges: bytes
content-length: 559

GET
H2 200 DXH-5150-Logo-NEW.jpg
www.coverva.org/content/dam/digital/united-states/virginia/cover-va/images/common/ 16 KB
16 KB 283ms
282ms Image
image/jpeg 75.2.125.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.coverva.org/content/dam/digital/united-states/virginia/cover-va/images/common/DXH-5150-Logo-NEW.jpg

Requested by

Host: www.coverva.org
URL: https://www.coverva.org/en/screening-tool?utm_campaign=2consumers3eng2022&utm_content=OE2022&utm_medium=email&utm_source=govdelivery

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.125.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ae558034ba94d8f30.awsglobalaccelerator.com

Software

nginx /

Resource Hash

ab535ef07d54c5f0496e2dd9cbbc1d68c11874a2921b418da01209c903f72c9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coverva.org/en/screening-tool?utm_campaign=2consumers3eng2022&utm_content=OE2022&utm_medium=email&utm_source=govdelivery
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 16:07:56 GMT
strict-transport-security: max-age=31557600, max-age=31536000; includeSubDomains
x-content-type-options: nosniff
age: 24786
x-vhost: maximus
x-cache: HIT
content-disposition: attachment
content-length: 16162
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000045-IAD
last-modified: Fri, 20 May 2022 00:38:08 GMT
server: nginx
x-timer: S1673971677.920948,VS0,VS0,VE1
etag: "3f22-5df66b44a9c00"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=5184000, public
accept-ranges: bytes
expires: Sat, 18 Mar 2023 16:07:56 GMT

GET
H2 200 main~071cedab.8db667ca.chunk.js Show response
www.coverva.org/static/js/ 1 MB
355 KB 102ms
101ms Script
application/javascript 75.2.125.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.coverva.org/static/js/main~071cedab.8db667ca.chunk.js

Requested by

Host: www.coverva.org
URL: https://www.coverva.org/en/screening-tool?utm_campaign=2consumers3eng2022&utm_content=OE2022&utm_medium=email&utm_source=govdelivery

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.125.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ae558034ba94d8f30.awsglobalaccelerator.com

Software

nginx /

Resource Hash

3a4b884e47e601c35be05ee609419ec14265464d5cd309dc2a4f0a5c55baae36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coverva.org/en/screening-tool?utm_campaign=2consumers3eng2022&utm_content=OE2022&utm_medium=email&utm_source=govdelivery
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 16:07:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
last-modified: Wed, 20 Jul 2022 21:00:21 GMT
server: nginx
etag: W/"62d86ce5-10f1b1"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 main~5e745886.a42fefa7.chunk.js Show response
www.coverva.org/static/js/ 1000 KB
335 KB 176ms
175ms Script
application/javascript 75.2.125.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.coverva.org/static/js/main~5e745886.a42fefa7.chunk.js

Requested by

Host: www.coverva.org
URL: https://www.coverva.org/en/screening-tool?utm_campaign=2consumers3eng2022&utm_content=OE2022&utm_medium=email&utm_source=govdelivery

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.125.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ae558034ba94d8f30.awsglobalaccelerator.com

Software

nginx /

Resource Hash

e839d04133315e223b25e8f665c2700cbe390734f11d3f1bd84b672c6d60dbbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coverva.org/en/screening-tool?utm_campaign=2consumers3eng2022&utm_content=OE2022&utm_medium=email&utm_source=govdelivery
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 16:07:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
last-modified: Wed, 20 Jul 2022 21:00:21 GMT
server: nginx
etag: W/"62d86ce5-f9fb2"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 main~2b2c0fd8.c823ecb0.chunk.js Show response
www.coverva.org/static/js/ 2 MB
484 KB 108ms
107ms Script
application/javascript 75.2.125.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.coverva.org/static/js/main~2b2c0fd8.c823ecb0.chunk.js

Requested by

Host: www.coverva.org
URL: https://www.coverva.org/en/screening-tool?utm_campaign=2consumers3eng2022&utm_content=OE2022&utm_medium=email&utm_source=govdelivery

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.125.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ae558034ba94d8f30.awsglobalaccelerator.com

Software

nginx /

Resource Hash

51d77c29b9b183fa1448ad4bdc89cd64b09a14ca2c58ae884f786bbaa86d8f4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coverva.org/en/screening-tool?utm_campaign=2consumers3eng2022&utm_content=OE2022&utm_medium=email&utm_source=govdelivery
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 16:07:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
last-modified: Wed, 20 Jul 2022 21:00:21 GMT
server: nginx
etag: W/"62d86ce5-19a563"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 main~6e19ec55.0e682b15.chunk.js Show response
www.coverva.org/static/js/ 2 MB
724 KB 108ms
107ms Script
application/javascript 75.2.125.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.coverva.org/static/js/main~6e19ec55.0e682b15.chunk.js

Requested by

Host: www.coverva.org
URL: https://www.coverva.org/en/screening-tool?utm_campaign=2consumers3eng2022&utm_content=OE2022&utm_medium=email&utm_source=govdelivery

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.125.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ae558034ba94d8f30.awsglobalaccelerator.com

Software

nginx /

Resource Hash

48d1043ce567b8502ffe2eb105875f3a157666b7973316c7503e8de3bfb7969b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coverva.org/en/screening-tool?utm_campaign=2consumers3eng2022&utm_content=OE2022&utm_medium=email&utm_source=govdelivery
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 16:07:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
last-modified: Wed, 20 Jul 2022 21:00:21 GMT
server: nginx
etag: W/"62d86ce5-2232b5"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 6.4ff077b6.chunk.js Show response
www.coverva.org/static/js/ 754 KB
254 KB 284ms
283ms Script
application/javascript 75.2.125.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.coverva.org/static/js/6.4ff077b6.chunk.js

Requested by

Host: www.coverva.org
URL: https://www.coverva.org/en/screening-tool?utm_campaign=2consumers3eng2022&utm_content=OE2022&utm_medium=email&utm_source=govdelivery

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.125.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ae558034ba94d8f30.awsglobalaccelerator.com

Software

nginx /

Resource Hash

591134ddceb388cd2d70e51a2860e8c0901d84bfc7bfadecf4712a3fb9ae2512

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coverva.org/en/screening-tool?utm_campaign=2consumers3eng2022&utm_content=OE2022&utm_medium=email&utm_source=govdelivery
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 16:07:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
last-modified: Wed, 20 Jul 2022 21:00:21 GMT
server: nginx
etag: W/"62d86ce5-bc8c2"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 main~7ce2aaa4.e3f85399.chunk.js Show response
www.coverva.org/static/js/ 40 KB
8 KB 101ms
100ms Script
application/javascript 75.2.125.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.coverva.org/static/js/main~7ce2aaa4.e3f85399.chunk.js

Requested by

Host: www.coverva.org
URL: https://www.coverva.org/en/screening-tool?utm_campaign=2consumers3eng2022&utm_content=OE2022&utm_medium=email&utm_source=govdelivery

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.125.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ae558034ba94d8f30.awsglobalaccelerator.com

Software

nginx /

Resource Hash

01aacda621b54eb9d93868804103f28053df812e27e3e582427cb1dfb9c8a66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coverva.org/en/screening-tool?utm_campaign=2consumers3eng2022&utm_content=OE2022&utm_medium=email&utm_source=govdelivery
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 16:07:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
last-modified: Wed, 20 Jul 2022 21:00:21 GMT
server: nginx
etag: W/"62d86ce5-9e02"
vary: Accept-Encoding
content-type: application/javascript

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 366 B
1 KB 176ms
36ms XHR
application/json 34.250.33.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F6E84ABD5ED8A0AA0A495F8B%40AdobeOrg&d_nsid=0&ts=1673971677213

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/63e6c9fa6c47/b97f7658714a/launch-4a6b746de091.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.250.33.236 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-250-33-236.eu-west-1.compute.amazonaws.com

Software

Resource Hash

00d312d24ac1fcc94822091635a8b3b879c3449dfe55dc368c4b24c295581e6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.coverva.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-2-v045-02b96ccc8.edge-irl1.demdex.com 7 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: xNyFaqfyTPU=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.coverva.org
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 310
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/ 33 KB
12 KB 8ms
7ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/63e6c9fa6c47/b97f7658714a/launch-4a6b746de091.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coverva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

unused62: 8096267
date: Tue, 17 Jan 2023 16:07:57 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
server: AkamaiNetStorage
etag: "d860c16ac938f7d839f0ec158d02d0f0:1644856531.418573"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.coverva.org
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12163
expires: Tue, 17 Jan 2023 17:07:57 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 139ms
49ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito+Sans:400,400b,400i,700,700b,700i

Requested by

Host: www.coverva.org
URL: https://www.coverva.org/static/js/main~5e745886.a42fefa7.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

95a7c9ee29ed39317be6abdf9418487cb176b4f8fde39a26da75cdaa562b5b2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coverva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 17 Jan 2023 16:07:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 16:07:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 17 Jan 2023 16:07:57 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
78 KB 134ms
51ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-M757RGM3NY

Requested by

Host: www.coverva.org
URL: https://www.coverva.org/static/js/main~071cedab.8db667ca.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d4cd0583c811803c11ab45d477bed795de05523f506c9eaa95c8875998a93796

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coverva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 16:07:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79620
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 17 Jan 2023 16:07:57 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 33ms
10ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

39cc6c78632abb08815246e75d23371d17c0106cfb4156297f74366c8404b533

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coverva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 17 Jan 2023 16:07:57 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27815
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 2vNhXLrC8rX9cjEcEbNLS3fbtdUAqLcDLY28xjz6batxEy9fMs99Mgp0jKtm/Q1yBkvpVNWGQbmi7XvKvPTkLg==
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 202 KB
71 KB 193ms
111ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-781502479

Requested by

Host: www.coverva.org
URL: https://www.coverva.org/static/js/main~071cedab.8db667ca.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9eeeb1411ef753d670f8548d12dd7add94a58042f317698a61ef78603bfc41ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coverva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 16:07:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73070
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 17 Jan 2023 16:07:57 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 39ms
7ms Script
application/x-javascript 65.9.65.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.coverva.org
URL: https://www.coverva.org/static/js/main~071cedab.8db667ca.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.65.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-65-116.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coverva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 17 Jan 2023 06:03:06 GMT
Content-Encoding: gzip
Via: 1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-C1
Age: 36292
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: SEe-cGAIoZYuSzlPXG0l-hCoU9h0krJ3nUseLWKz19o-sZr3tGNtdg==

GET
H2 200 widget.js Show response
medchatapp.com/widget/ 83 KB
29 KB 571ms
268ms Script
application/x-javascript 13.89.105.76
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://medchatapp.com/widget/widget.js?api-key=Rg17rBCiAESsURhm1UTcGw
Requested by: Host: www.coverva.org
URL: https://www.coverva.org/static/js/main~071cedab.8db667ca.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.105.76 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6e7b858b69342bba93b9e657e9dbace1c0b7133a2a518517f313ea38c8bfc69f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coverva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Jan 2023 16:07:58 GMT
content-encoding: gzip
last-modified: Fri, 13 Jan 2023 18:18:48 GMT
server: Microsoft-IIS/10.0
etag: "074de7a7b27d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
access-control-allow-headers: Content-Type
content-length: 29051
expires: -1

GET
H2 200 screening-tool Show response
www.coverva.org/api/aem/page/ 32 KB
5 KB 307ms
306ms XHR
application/json 75.2.125.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.coverva.org/api/aem/page/screening-tool?language=en

Requested by

Host: www.coverva.org
URL: https://www.coverva.org/static/js/main~2b2c0fd8.c823ecb0.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.125.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ae558034ba94d8f30.awsglobalaccelerator.com

Software

nginx /

Resource Hash

1347a4eebcb784355ff49e4f74ab8e68cfeca24bb4ceb9b4f7c342640bf3e4a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
baseUrl: united-states/virginia/
Referer: https://www.coverva.org/en/screening-tool?utm_campaign=2consumers3eng2022&utm_content=OE2022&utm_medium=email&utm_source=govdelivery
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
tenantId: cover-va

Response headers

date: Tue, 17 Jan 2023 16:07:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: nginx
etag: W/"8198-Hns90VnTo00As2M+R2e3+0KZCl4"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: public, max-age=30
x-xss-protection: 1; mode=block

GET
H2 200 modal_signup_form Show response
www.coverva.org/api/aem/page/ 33 KB
5 KB 252ms
251ms XHR
application/json 75.2.125.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.coverva.org/api/aem/page/modal_signup_form?language=en

Requested by

Host: www.coverva.org
URL: https://www.coverva.org/static/js/main~2b2c0fd8.c823ecb0.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.125.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ae558034ba94d8f30.awsglobalaccelerator.com

Software

nginx /

Resource Hash

54e7e253129c6c6358c5ea9201810b95c462ba66a0f9ed8c40bd8e0d1777390a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
baseUrl: united-states/virginia/
Referer: https://www.coverva.org/en/screening-tool?utm_campaign=2consumers3eng2022&utm_content=OE2022&utm_medium=email&utm_source=govdelivery
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
tenantId: cover-va

Response headers

date: Tue, 17 Jan 2023 16:07:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: nginx
etag: W/"8490-7JfiGIIhPfhXKK1jtzBvpjzojgY"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: public, max-age=30
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK dest5.html Show response
maximus.demdex.net/ Frame E03D 7 KB
3 KB 131ms
32ms Document
text/html 34.250.33.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://maximus.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/63e6c9fa6c47/b97f7658714a/launch-4a6b746de091.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.250.33.236 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-250-33-236.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.coverva.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-1-v045-0a2056b15.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: qLEx+nweSDs=
content-encoding: gzip
date: Tue, 17 Jan 2023 16:07:57 GMT
last-modified: Fri, 28 Oct 2022 11:07:23 GMT
vary: accept-encoding

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Y8bH3QAAAIXilwNx
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=65093698537492504562187318791399650376
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y8bH3QAAAIXilwNx

42 B
942 B

32ms
32ms

Image
image/gif

34.250.33.236
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y8bH3QAAAIXilwNx

Requested by

Host: www.coverva.org
URL: https://www.coverva.org/en/screening-tool?utm_campaign=2consumers3eng2022&utm_content=OE2022&utm_medium=email&utm_source=govdelivery

Protocol

HTTP/1.1

Server

34.250.33.236 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-250-33-236.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coverva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v045-09f6df340.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: q1L3sCXuRiM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y8bH3QAAAIXilwNx
Date: Tue, 17 Jan 2023 16:07:57 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 f8d3d406f566cea3182f.worker.js
www.coverva.org/ 778 KB
262 KB 105ms
105ms Other
application/javascript 75.2.125.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.coverva.org/f8d3d406f566cea3182f.worker.js

Requested by

Host: www.coverva.org
URL: https://www.coverva.org/en/screening-tool?utm_campaign=2consumers3eng2022&utm_content=OE2022&utm_medium=email&utm_source=govdelivery

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.125.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ae558034ba94d8f30.awsglobalaccelerator.com

Software

nginx /

Resource Hash

a6c4ec2572fe881ee4742a95188af2eecc200fee47ab8fc8751d4e9de82d1478

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coverva.org/en/screening-tool?utm_campaign=2consumers3eng2022&utm_content=OE2022&utm_medium=email&utm_source=govdelivery
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 16:07:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
last-modified: Wed, 20 Jul 2022 21:00:21 GMT
server: nginx
etag: W/"c29d7-1821d695e88"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
x-xss-protection: 1; mode=block

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 123ms
36ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/63e6c9fa6c47/b97f7658714a/launch-4a6b746de091.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coverva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 15:53:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 850
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31017
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Jan 2024 15:53:47 GMT

GET
H2 200 256855624942264 Show response
connect.facebook.net/signals/config/ 379 KB
108 KB 117ms
117ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/256855624942264?v=2.9.92&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e61286e7773f1a46d31df20639519f3359062e9151109790fea6ee801c9f5bfb

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coverva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 17 Jan 2023 16:07:57 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 4TESxkP/Bsc6oNEMvIIRM90+tIG5OOF7qRj3X9o07YaYZTZSmw57eqHTa9snFhSvUFg1h7IX8FmeVFmAsl02rg==
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pe0qMImSLYBIv1o4X1M8cce9I9s.woff2
fonts.gstatic.com/s/nunitosans/v12/ 17 KB
17 KB 186ms
62ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:400,400b,400i,700,700b,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.coverva.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 22:02:41 GMT
x-content-type-options: nosniff
age: 65116
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16980
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:33:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Jan 2024 22:02:41 GMT

GET
H2 200 pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2
fonts.gstatic.com/s/nunitosans/v12/ 17 KB
17 KB 169ms
47ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:400,400b,400i,700,700b,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

280aaa8929329764ac3213ca093c63505cfcc665347939c79905c426d33867c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.coverva.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 22:03:02 GMT
x-content-type-options: nosniff
age: 65095
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17116
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:31:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Jan 2024 22:03:02 GMT

GET
H2 200 pe0oMImSLYBIv1o4X1M8cce4E9lKdg.woff2
fonts.gstatic.com/s/nunitosans/v12/ 17 KB
17 KB 219ms
104ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe0oMImSLYBIv1o4X1M8cce4E9lKdg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:400,400b,400i,700,700b,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6637ea3139ffb01e240829717a4f8c195d7be6b81780ed643000b49833d8d6d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.coverva.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 02:00:20 GMT
x-content-type-options: nosniff
age: 482857
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17684
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:32:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Jan 2024 02:00:20 GMT

GET
H2 200 pe0qMImSLYBIv1o4X1M8ccezI9tScg.woff2
fonts.gstatic.com/s/nunitosans/v12/ 16 KB
16 KB 244ms
131ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8ccezI9tScg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:400,400b,400i,700,700b,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5026094d6d554ca578d6b243acd84972d69aa538b4d7d09f1bb37df508447b63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.coverva.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 17:03:15 GMT
x-content-type-options: nosniff
age: 83082
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16076
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:35:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Jan 2024 17:03:15 GMT

GET
H2 200 pe0qMImSLYBIv1o4X1M8cce5I9tScg.woff2
fonts.gstatic.com/s/nunitosans/v12/ 10 KB
10 KB 234ms
122ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8cce5I9tScg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:400,400b,400i,700,700b,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d544a4a2ee3c404deda4424b1823b90fec0e60db1702b48c29306a8db2eda615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.coverva.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 18:05:21 GMT
x-content-type-options: nosniff
age: 79356
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10004
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:33:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Jan 2024 18:05:21 GMT

GET
H2 200 s74406207674596
maximusinc.sc.omtrdc.net/b/ss/maximus-CoverVA-prod,maximus-global-prod/1/JS-2.22.4-LCXS/ 43 B
345 B 71ms
19ms Image
image/gif 15.236.117.205
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maximusinc.sc.omtrdc.net/b/ss/maximus-CoverVA-prod,maximus-global-prod/1/JS-2.22.4-LCXS/s74406207674596?AQB=1&ndh=1&pf=1&t=17%2F0%2F2023%2016%3A7%3A57%202%200&mid=60209947483717322891693873994702617233&aamlh=6&ce=UTF-8&cl=SESSION&pageName=%2Fen%2Fscreening-tool&g=https%3A%2F%2Fwww.coverva.org%2Fen%2Fscreening-tool%3Futm_campaign%3D2consumers3eng2022%26utm_content%3DOE2022%26utm_medium%3Demail%26utm_source%3Dgovdelivery&r=https%3A%2F%2Flnks.gd%2F&cc=USD&server=www.coverva.org&events=event1&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&v1=%2Fen%2Fscreening-tool&c2=en&c3=screening-tool&v3=www.coverva.org&c4=D%3Dv6&c5=D%3Dv7&v5=D%3Dmid&c6=D%3Dv13&c7=D%3Dv14&v7=https%3A%2F%2Fwww.coverva.org%2Fen%2Fscreening-tool%3Futm_campaign%3D2consumers3eng2022%26utm_content%3DOE2022%26utm_medium%3Demail%26utm_source%3Dgovdelivery&v8=english&v17=D%3Dg&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=F6E84ABD5ED8A0AA0A495F8B%40AdobeOrg&AQE=1

Requested by

Host: www.coverva.org
URL: https://www.coverva.org/en/screening-tool?utm_campaign=2consumers3eng2022&utm_content=OE2022&utm_medium=email&utm_source=govdelivery

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.117.205 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-117-205.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coverva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Jan 2023 16:07:57 GMT
x-content-type-options: nosniff
last-modified: Wed, 18 Jan 2023 16:07:57 GMT
server: jag
etag: 3594826804369489920-4619798209037945761
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 16 Jan 2023 16:07:57 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
347 B 55ms
19ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-M757RGM3NY&gtm=2oe1a1&_p=96092773&cid=1301854090.1673971678&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1673971677&sct=1&seg=0&dl=https%3A%2F%2Fwww.coverva.org%2Fen%2Fscreening-tool%3Futm_campaign%3D2consumers3eng2022%26utm_content%3DOE2022%26utm_medium%3Demail%26utm_source%3Dgovdelivery&dr=https%3A%2F%2Flnks.gd%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M757RGM3NY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coverva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Jan 2023 16:07:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.coverva.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 202 KB
72 KB 49ms
48ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-781502479&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M757RGM3NY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

69557a349f98e1c8e70b06e3a756c17f96e0761df28cc0be2651641c1e8e1b94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coverva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 16:07:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73106
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 17 Jan 2023 16:07:57 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/781502479/ 2 KB
2 KB 156ms
76ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/781502479/?random=1673971677966&cv=11&fst=1673971677966&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.coverva.org%2Fen%2Fscreening-tool%3Futm_campaign%3D2consumers3eng2022%26utm_content%3DOE2022%26utm_medium%3Demail%26utm_source%3Dgovdelivery&ref=https%3A%2F%2Flnks.gd%2F&auid=193914378.1673971678&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-781502479

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7cc2b532efc3db58f9ad3406501a0f5869b2e0442ba32fcb19bee5698c052495

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coverva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Jan 2023 16:07:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 942
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 CVA-logo_SignUp_Email.jpg
www.coverva.org/content/dam/digital/united-states/virginia/cover-va/images/common/ 25 KB
25 KB 137ms
136ms Image
image/jpeg 75.2.125.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.coverva.org/content/dam/digital/united-states/virginia/cover-va/images/common/CVA-logo_SignUp_Email.jpg

Requested by

Host: www.coverva.org
URL: https://www.coverva.org/en/screening-tool?utm_campaign=2consumers3eng2022&utm_content=OE2022&utm_medium=email&utm_source=govdelivery

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.125.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ae558034ba94d8f30.awsglobalaccelerator.com

Software

nginx /

Resource Hash

5803699ce0ea45967969513aa350b189c9094f5fb72078bf528eefe4b40c53c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coverva.org/en/screening-tool?utm_campaign=2consumers3eng2022&utm_content=OE2022&utm_medium=email&utm_source=govdelivery
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 16:07:58 GMT
strict-transport-security: max-age=31557600, max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-md5: MEBFdqkPjCQp3CxCBxRCsA==
age: 8897
x-cache: HIT
content-disposition: attachment; filename="CVA-logo_SignUp_Email.jpg"; filename*=UTF-8''CVA-logo_SignUp_Email.jpg
content-length: 25411
x-xss-protection: 1; mode=block
x-served-by: cache-nyc-kteb1890036-NYC
last-modified: Fri, 20 May 2022 00:39:34 GMT
server: nginx
x-timer: S1673971678.168790,VS0,VS0,VE0
etag: "0x8DA39F936493CA5"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=5184000, public
accept-ranges: bytes
expires: Sat, 18 Mar 2023 16:07:58 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 35ms
11ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=256855624942264&ev=ViewContent&dl=https%3A%2F%2Fwww.coverva.org%2Fen%2Fscreening-tool%3Futm_campaign%3D2consumers3eng2022%26utm_content%3DOE2022%26utm_medium%3Demail%26utm_source%3Dgovdelivery&rl=https%3A%2F%2Flnks.gd%2F&if=false&ts=1673971678110&sw=1600&sh=1200&v=2.9.92&r=stable&ec=1&o=30&cs_est=true&fbp=fb.1.1673971678109.1998283664&it=1673971677775&coo=false&es=automatic&tm=3&exp=b2&rqm=GET

Requested by

Host: www.coverva.org
URL: https://www.coverva.org/en/screening-tool?utm_campaign=2consumers3eng2022&utm_content=OE2022&utm_medium=email&utm_source=govdelivery

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coverva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 17 Jan 2023 16:07:58 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 35ms
11ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=256855624942264&ev=PageView&dl=https%3A%2F%2Fwww.coverva.org%2Fen%2Fscreening-tool%3Futm_campaign%3D2consumers3eng2022%26utm_content%3DOE2022%26utm_medium%3Demail%26utm_source%3Dgovdelivery&rl=https%3A%2F%2Flnks.gd%2F&if=false&ts=1673971678112&sw=1600&sh=1200&v=2.9.92&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1673971678109.1998283664&it=1673971677775&coo=false&exp=b2&rqm=GET

Requested by

Host: www.coverva.org
URL: https://www.coverva.org/en/screening-tool?utm_campaign=2consumers3eng2022&utm_content=OE2022&utm_medium=email&utm_source=govdelivery

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coverva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 17 Jan 2023 16:07:58 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 8ms
7ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=256855624942264&ev=ViewContent&dl=https%3A%2F%2Fwww.coverva.org%2Fen%2Fscreening-tool%3Futm_campaign%3D2consumers3eng2022%26utm_content%3DOE2022%26utm_medium%3Demail%26utm_source%3Dgovdelivery&rl=https%3A%2F%2Flnks.gd%2F&if=false&ts=1673971678262&sw=1600&sh=1200&v=2.9.92&r=stable&ec=2&o=30&fbp=fb.1.1673971678109.1998283664&it=1673971677775&coo=false&exp=b2&rqm=GET

Requested by

Host: www.coverva.org
URL: https://www.coverva.org/en/screening-tool?utm_campaign=2consumers3eng2022&utm_content=OE2022&utm_medium=email&utm_source=govdelivery

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coverva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 17 Jan 2023 16:07:58 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 covid-19_info.png
www.coverva.org/content/dam/digital/united-states/virginia/cover-va/images/common/ 4 KB
4 KB 133ms
133ms Image
image/png 75.2.125.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.coverva.org/content/dam/digital/united-states/virginia/cover-va/images/common/covid-19_info.png

Requested by

Host: www.coverva.org
URL: https://www.coverva.org/en/screening-tool?utm_campaign=2consumers3eng2022&utm_content=OE2022&utm_medium=email&utm_source=govdelivery

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.125.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ae558034ba94d8f30.awsglobalaccelerator.com

Software

nginx /

Resource Hash

f2552a928c0dc54b09af6e0fa0aead185ca1bca4be2e64472a3928ded9e45fa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coverva.org/en/screening-tool?utm_campaign=2consumers3eng2022&utm_content=OE2022&utm_medium=email&utm_source=govdelivery
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 16:07:58 GMT
strict-transport-security: max-age=31557600, max-age=31536000; includeSubDomains
x-content-type-options: nosniff
age: 3875
x-vhost: maximus
x-cache: HIT
content-disposition: attachment
content-length: 3617
x-xss-protection: 1; mode=block
x-served-by: cache-nyc-kteb1890053-NYC
last-modified: Fri, 20 May 2022 00:38:14 GMT
server: nginx
x-timer: S1673971678.456080,VS0,VS0,VE0
etag: "e21-5df66b4a62980"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=5184000, public
accept-ranges: bytes
expires: Sat, 18 Mar 2023 16:07:58 GMT

POST
H2 200 dynamicServiceCall Show response
www.coverva.org/api/aem/ 3 KB
1 KB 147ms
147ms XHR
application/json 75.2.125.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.coverva.org/api/aem/dynamicServiceCall

Requested by

Host: www.coverva.org
URL: https://www.coverva.org/static/js/main~2b2c0fd8.c823ecb0.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.125.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ae558034ba94d8f30.awsglobalaccelerator.com

Software

nginx /

Resource Hash

f1d19e98250d6a3df07e56ad61ee10ff310f8dfd4f5b4014b25fd9867ce21d63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

params: [object Object]
Accept: application/json, text/plain, */*
Referer: https://www.coverva.org/en/screening-tool?utm_campaign=2consumers3eng2022&utm_content=OE2022&utm_medium=email&utm_source=govdelivery
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
tenantId: cover-va
Content-Type: application/json;charset=UTF-8

Response headers

date: Tue, 17 Jan 2023 16:07:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: nginx
etag: W/"cdf-CEd1Acqgmoqu1YlaqKdhkshtIjY"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: public, max-age=30
x-xss-protection: 1; mode=block

GET
H2 200 pe0qMImSLYBIv1o4X1M8cceyI9tScg.woff2
fonts.gstatic.com/s/nunitosans/v12/ 7 KB
7 KB 48ms
47ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8cceyI9tScg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:400,400b,400i,700,700b,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be68e4062a70bf9ab3f733873c9229637ed839167cc0fa58e26ec635ffa2d6e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.coverva.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 18:05:24 GMT
x-content-type-options: nosniff
age: 79354
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6832
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:31:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Jan 2024 18:05:24 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/781502479/ 42 B
548 B 135ms
51ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/781502479/?random=1673971677966&cv=11&fst=1673971200000&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.coverva.org%2Fen%2Fscreening-tool%3Futm_campaign%3D2consumers3eng2022%26utm_content%3DOE2022%26utm_medium%3Demail%26utm_source%3Dgovdelivery&ref=https%3A%2F%2Flnks.gd%2F&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1182388793&rmt_tld=0&ipr=y

Requested by

Host: www.coverva.org
URL: https://www.coverva.org/en/screening-tool?utm_campaign=2consumers3eng2022&utm_content=OE2022&utm_medium=email&utm_source=govdelivery

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coverva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Jan 2023 16:07:58 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/781502479/ 42 B
548 B 136ms
52ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/781502479/?random=1673971677966&cv=11&fst=1673971200000&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.coverva.org%2Fen%2Fscreening-tool%3Futm_campaign%3D2consumers3eng2022%26utm_content%3DOE2022%26utm_medium%3Demail%26utm_source%3Dgovdelivery&ref=https%3A%2F%2Flnks.gd%2F&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1182388793&rmt_tld=1&ipr=y

Requested by

Host: www.coverva.org
URL: https://www.coverva.org/en/screening-tool?utm_campaign=2consumers3eng2022&utm_content=OE2022&utm_medium=email&utm_source=govdelivery

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coverva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Jan 2023 16:07:58 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 eyJhbm9ueW1vdXMiOnRydWUsImtleSI6ImFub255bW91cyJ9 Show response
app.launchdarkly.com/sdk/evalx/590ca63f5fc26e09cd4f103d/users/ 6 KB
1 KB 43ms
8ms XHR
application/json 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://app.launchdarkly.com/sdk/evalx/590ca63f5fc26e09cd4f103d/users/eyJhbm9ueW1vdXMiOnRydWUsImtleSI6ImFub255bW91cyJ9
Requested by: Host: medchatapp.com
URL: https://medchatapp.com/widget/widget.js?api-key=Rg17rBCiAESsURhm1UTcGw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e175e06e6f31c61f10c77d6732d2d98dda66eebad7412b329806b9ad9823687a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coverva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 16:07:58 GMT
content-encoding: gzip
via: 1.1 varnish
age: 0
x-cache: HIT
content-length: 895
x-served-by: cache-hhn-etou8220088-HHN, cache-hhn-etou8220029-HHN
x-timer: S1673971678.494610,VS0,VE1
etag: "777dbb"
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Authorization, Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits: 1

GET
H2 200 widget.5e5c639410eaf7757c5a.css
medchatapp.com/widget/ 2 KB
1 KB 156ms
155ms Stylesheet
text/css 13.89.105.76
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://medchatapp.com/widget/widget.5e5c639410eaf7757c5a.css
Requested by: Host: medchatapp.com
URL: https://medchatapp.com/widget/widget.js?api-key=Rg17rBCiAESsURhm1UTcGw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.105.76 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7dbd91f290f31441753ac34e08df314814461831194a0e16ddfa4dd85a311c66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coverva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 16:07:58 GMT
content-encoding: gzip
last-modified: Fri, 13 Jan 2023 18:18:48 GMT
server: Microsoft-IIS/10.0
etag: "074de7a7b27d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: Content-Type
content-length: 939

GET
H2 200 / Show response
medchatapp.com/widget-launcher/ Frame BC5F 3 KB
1 KB 257ms
256ms Document
text/html 13.89.105.76
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://medchatapp.com/widget-launcher/
Requested by: Host: medchatapp.com
URL: https://medchatapp.com/widget/widget.js?api-key=Rg17rBCiAESsURhm1UTcGw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.105.76 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: acd36fbd225947b7e4c94eeba14ab50cdc389e642732f228a4c87b875d162e88

Request headers

Referer: https://www.coverva.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-headers: Content-Type
access-control-allow-origin: *
content-encoding: gzip
content-length: 873
content-type: text/html
date: Tue, 17 Jan 2023 16:07:58 GMT
etag: "047ad797b27d91:0"
last-modified: Fri, 13 Jan 2023 18:18:46 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding
x-powered-by: ASP.NET

GET
H2 200 Rg17rBCiAESsURhm1UTcGw Show response
medchatapp.com/widget/ Frame BC68 3 KB
1 KB 146ms
145ms Document
text/html 13.89.105.76
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://medchatapp.com/widget/Rg17rBCiAESsURhm1UTcGw?&hasWrapper=true
Requested by: Host: medchatapp.com
URL: https://medchatapp.com/widget/widget.js?api-key=Rg17rBCiAESsURhm1UTcGw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.105.76 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d4afafbf6073fdcbee18d2ca286aa53516919b865a44486cb73692f1ce670b60

Request headers

Referer: https://www.coverva.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-headers: Content-Type
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 902
content-type: text/html
date: Tue, 17 Jan 2023 16:07:58 GMT
etag: "074de7a7b27d91:0"
expires: -1
last-modified: Fri, 13 Jan 2023 18:18:48 GMT
pragma: no-cache
server: Microsoft-IIS/10.0
vary: Accept-Encoding
x-powered-by: ASP.NET

GET
H2 200 runtime.3bb60df93521dd59.js Show response
medchatapp.com/widget/ Frame BC68 3 KB
2 KB 268ms
267ms Script
application/x-javascript 13.89.105.76
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://medchatapp.com/widget/runtime.3bb60df93521dd59.js
Requested by: Host: medchatapp.com
URL: https://medchatapp.com/widget/Rg17rBCiAESsURhm1UTcGw?&hasWrapper=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.105.76 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1b93a00229287cc6ef3c7633a921ef5626bea1ac1064c989c75a9fd753d46b51

Request headers

Referer: https://medchatapp.com/widget/Rg17rBCiAESsURhm1UTcGw?&hasWrapper=true
Origin: https://medchatapp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 16:07:58 GMT
content-encoding: gzip
last-modified: Fri, 13 Jan 2023 18:18:48 GMT
server: Microsoft-IIS/10.0
etag: "074de7a7b27d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: Content-Type
content-length: 1896

GET
H2 200 polyfills.c200eb0912c7367f.js Show response
medchatapp.com/widget/ Frame BC68 102 KB
36 KB 148ms
148ms Script
application/x-javascript 13.89.105.76
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://medchatapp.com/widget/polyfills.c200eb0912c7367f.js
Requested by: Host: medchatapp.com
URL: https://medchatapp.com/widget/Rg17rBCiAESsURhm1UTcGw?&hasWrapper=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.105.76 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a5fa90adb4047ad0f5381664063adf4a6accbfdb25f094765885631e9a9d47cd

Request headers

Referer: https://medchatapp.com/widget/Rg17rBCiAESsURhm1UTcGw?&hasWrapper=true
Origin: https://medchatapp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 16:07:58 GMT
content-encoding: gzip
last-modified: Fri, 13 Jan 2023 18:18:48 GMT
server: Microsoft-IIS/10.0
etag: "074de7a7b27d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: Content-Type
content-length: 36448

GET
H2 200 main.a2ae8ca327bbd890.js Show response
medchatapp.com/widget/ Frame BC68 1 MB
326 KB 148ms
148ms Script
application/x-javascript 13.89.105.76
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://medchatapp.com/widget/main.a2ae8ca327bbd890.js
Requested by: Host: medchatapp.com
URL: https://medchatapp.com/widget/Rg17rBCiAESsURhm1UTcGw?&hasWrapper=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.105.76 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b9093b339a5ac26f23c33190865b2210d081bbd214a688f2b873be8617c39f91

Request headers

Referer: https://medchatapp.com/widget/Rg17rBCiAESsURhm1UTcGw?&hasWrapper=true
Origin: https://medchatapp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 16:07:58 GMT
content-encoding: gzip
last-modified: Fri, 13 Jan 2023 18:18:48 GMT
server: Microsoft-IIS/10.0
etag: "074de7a7b27d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: Content-Type
content-length: 333594

GET
H2 200 styles.7ccdf899e7f02814.css
medchatapp.com/widget/ Frame BC68 493 KB
36 KB 258ms
258ms Stylesheet
text/css 13.89.105.76
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://medchatapp.com/widget/styles.7ccdf899e7f02814.css
Requested by: Host: medchatapp.com
URL: https://medchatapp.com/widget/Rg17rBCiAESsURhm1UTcGw?&hasWrapper=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.105.76 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 71d26b1cacbbf9386e6fd5a50657dc5673345b4ee642a2815af8103c5a763dbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medchatapp.com/widget/Rg17rBCiAESsURhm1UTcGw?&hasWrapper=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 16:07:58 GMT
content-encoding: gzip
last-modified: Fri, 13 Jan 2023 18:18:48 GMT
server: Microsoft-IIS/10.0
etag: "074de7a7b27d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: Content-Type
content-length: 36224

GET
H2 200 IBMPlexSans-Regular.woff
shared-assets.medchatapp.com/fonts/ Frame BC68 77 KB
77 KB 793ms
122ms Font
application/font-woff 13.84.36.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://shared-assets.medchatapp.com/fonts/IBMPlexSans-Regular.woff
Requested by: Host: medchatapp.com
URL: https://medchatapp.com/widget/Rg17rBCiAESsURhm1UTcGw?&hasWrapper=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.84.36.2 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8d35554021d48cf78b78c1199df5bbd52852a2b26df8b5ca250bc32ea189039e

Request headers

Referer: https://medchatapp.com/
Origin: https://medchatapp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 16:07:59 GMT
last-modified: Wed, 02 Dec 2020 19:20:19 GMT
server: Microsoft-IIS/10.0
etag: "4a6d842ce0c8d61:0"
x-powered-by: ASP.NET
content-type: application/font-woff
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: content-type
content-length: 78672

GET
H2 200 runtime.fb227d1a52e5a6d1.js Show response
medchatapp.com/widget-launcher/ Frame BC5F 1 KB
1 KB 287ms
287ms Script
application/x-javascript 13.89.105.76
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://medchatapp.com/widget-launcher/runtime.fb227d1a52e5a6d1.js
Requested by: Host: medchatapp.com
URL: https://medchatapp.com/widget-launcher/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.105.76 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d5eb67e1d759953e7528a0a91d94a9e14042febf962c37a866d5bcd6ce903328

Request headers

Referer: https://medchatapp.com/widget-launcher/
Origin: https://medchatapp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 16:07:58 GMT
content-encoding: gzip
last-modified: Fri, 13 Jan 2023 18:18:46 GMT
server: Microsoft-IIS/10.0
etag: "047ad797b27d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: Content-Type
content-length: 943

GET
H2 200 polyfills.ee34b270bafba9ee.js Show response
medchatapp.com/widget-launcher/ Frame BC5F 106 KB
38 KB 287ms
287ms Script
application/x-javascript 13.89.105.76
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://medchatapp.com/widget-launcher/polyfills.ee34b270bafba9ee.js
Requested by: Host: medchatapp.com
URL: https://medchatapp.com/widget-launcher/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.105.76 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7a2625338a4e787e6df75cdd3578e9132ca23a30531cb0ac0ba5c7a4c2d51e7c

Request headers

Referer: https://medchatapp.com/widget-launcher/
Origin: https://medchatapp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 16:07:58 GMT
content-encoding: gzip
last-modified: Fri, 13 Jan 2023 18:18:46 GMT
server: Microsoft-IIS/10.0
etag: "047ad797b27d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: Content-Type
content-length: 38441

GET
H2 200 main.99d56e73f57057a1.js Show response
medchatapp.com/widget-launcher/ Frame BC5F 769 KB
223 KB 284ms
283ms Script
application/x-javascript 13.89.105.76
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://medchatapp.com/widget-launcher/main.99d56e73f57057a1.js
Requested by: Host: medchatapp.com
URL: https://medchatapp.com/widget-launcher/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.105.76 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b06c81b672b188fa929d1d5deefb75dc39d614f4a65a679d10e1d5ee84d18fd5

Request headers

Referer: https://medchatapp.com/widget-launcher/
Origin: https://medchatapp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 16:07:58 GMT
content-encoding: gzip
last-modified: Fri, 13 Jan 2023 18:18:46 GMT
server: Microsoft-IIS/10.0
etag: "047ad797b27d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: Content-Type
content-length: 227931

GET
H2 200 styles.b7a15bcff6aa77fe.css
medchatapp.com/widget-launcher/ Frame BC5F 491 KB
35 KB 277ms
276ms Stylesheet
text/css 13.89.105.76
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://medchatapp.com/widget-launcher/styles.b7a15bcff6aa77fe.css
Requested by: Host: medchatapp.com
URL: https://medchatapp.com/widget-launcher/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.105.76 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7862028436a5ce9461b325e43b8d0121f408ee4456bdadede41882d94169fc78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medchatapp.com/widget-launcher/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 16:07:58 GMT
content-encoding: gzip
last-modified: Fri, 13 Jan 2023 18:18:46 GMT
server: Microsoft-IIS/10.0
etag: "047ad797b27d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: Content-Type
content-length: 35697

GET
H2 200 IBMPlexSans-Regular.woff
shared-assets.medchatapp.com/fonts/ Frame BC5F 77 KB
77 KB 690ms
123ms Font
application/font-woff 13.84.36.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://shared-assets.medchatapp.com/fonts/IBMPlexSans-Regular.woff
Requested by: Host: medchatapp.com
URL: https://medchatapp.com/widget-launcher/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.84.36.2 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8d35554021d48cf78b78c1199df5bbd52852a2b26df8b5ca250bc32ea189039e

Request headers

Referer: https://medchatapp.com/
Origin: https://medchatapp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 16:07:59 GMT
last-modified: Wed, 02 Dec 2020 19:20:19 GMT
server: Microsoft-IIS/10.0
etag: "4a6d842ce0c8d61:0"
x-powered-by: ASP.NET
content-type: application/font-woff
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: content-type
content-length: 78672

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 8ms
7ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=256855624942264&ev=Microdata&dl=https%3A%2F%2Fwww.coverva.org%2Fen%2Fscreening-tool%3Futm_campaign%3D2consumers3eng2022%26utm_content%3DOE2022%26utm_medium%3Demail%26utm_source%3Dgovdelivery&rl=https%3A%2F%2Flnks.gd%2F&if=false&ts=1673971679667&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Eligibility%20Screening%20Tool%22%2C%22meta%3Adescription%22%3A%22Test%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.92&r=stable&ec=3&o=30&fbp=fb.1.1673971678109.1998283664&it=1673971677775&coo=false&es=automatic&tm=3&exp=b2&rqm=GET

Requested by

Host: www.coverva.org
URL: https://www.coverva.org/en/screening-tool?utm_campaign=2consumers3eng2022&utm_content=OE2022&utm_medium=email&utm_source=govdelivery

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coverva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 17 Jan 2023 16:07:59 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

OPTIONS
H2 200 590ca63f5fc26e09cd4f103d
app.launchdarkly.com/sdk/goals/ Frame 0
0 18ms
18ms Preflight 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/590ca63f5fc26e09cd4f103d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent
Access-Control-Request-Method: GET
Origin: https://medchatapp.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Tue, 17 Jan 2023 16:07:59 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-served-by: cache-hhn-etou8220029-HHN
x-timer: S1673971680.735622,VS0,VE11

GET
H2 200 Rg17rBCiAESsURhm1UTcGw Show response
medchatapp.com/api/widgets/ Frame BC68 5 KB
5 KB 188ms
188ms XHR
application/vnd.medchat+json 13.89.105.76
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://medchatapp.com/api/widgets/Rg17rBCiAESsURhm1UTcGw?url=https%3A%2F%2Fwww.coverva.org%2Fen%2Fscreening-tool%3Futm_campaign%3D2consumers3eng2022%26utm_content%3DOE2022%26utm_medium%3Demail%26utm_source%3Dgovdelivery

Requested by

Host: medchatapp.com
URL: https://medchatapp.com/widget/polyfills.c200eb0912c7367f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.89.105.76 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

2432bcd92b8267e6eca9c66765629a2dc4642896b76a7b747fef254e2555d828

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Pragma: no-cache
x-session-correlation-id: p0nhc9
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Accept: application/vnd.medchat+json;v=2.0
Cache-Control: no-cache
Referer: https://medchatapp.com/widget/Rg17rBCiAESsURhm1UTcGw?hasWrapper=true
If-Modified-Since: Sat, 01 Jan 2000 00:00:00 GMT
Request-Id: |337faa3c11174d99aafec84724ef80dc.29cc47d52b874c98
Expires: Sat, 01 Jan 2000 00:00:00 GMT

Response headers

content-type: application/vnd.medchat+json; v=2.0; charset=utf-8
date: Tue, 17 Jan 2023 16:07:59 GMT
strict-transport-security: max-age=2592000
server: Microsoft-HTTPAPI/2.0
content-length: 4673
request-context: appId=cid-v1:be4588a2-b71d-47dd-8148-6312efa0bc11

GET
H2 200 widgetStatus Show response
medchatapp.com/api/widgets/Rg17rBCiAESsURhm1UTcGw/ Frame BC68 260 B
451 B 150ms
150ms XHR
application/vnd.medchat+json 13.89.105.76
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://medchatapp.com/api/widgets/Rg17rBCiAESsURhm1UTcGw/widgetStatus

Requested by

Host: medchatapp.com
URL: https://medchatapp.com/widget/polyfills.c200eb0912c7367f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.89.105.76 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

c20ffbb553c9fce0bf4fb7d2369c610adbf63c8a1c8c9cf2716484240e6ce52a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Pragma: no-cache
x-session-correlation-id: p0nhc9
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Accept: application/vnd.medchat+json;v=1.0
Cache-Control: no-cache
Referer: https://medchatapp.com/widget/Rg17rBCiAESsURhm1UTcGw?hasWrapper=true
If-Modified-Since: Sat, 01 Jan 2000 00:00:00 GMT
Request-Id: |337faa3c11174d99aafec84724ef80dc.63e527b27d914505
Expires: Sat, 01 Jan 2000 00:00:00 GMT

Response headers

content-type: application/vnd.medchat+json; v=1.0; charset=utf-8
date: Tue, 17 Jan 2023 16:07:59 GMT
strict-transport-security: max-age=2592000
server: Microsoft-HTTPAPI/2.0
content-length: 260
request-context: appId=cid-v1:be4588a2-b71d-47dd-8148-6312efa0bc11

GET
H2 200 590ca63f5fc26e09cd4f103d Show response
app.launchdarkly.com/sdk/goals/ Frame BC68 2 B
156 B 8ms
7ms XHR
application/json 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/590ca63f5fc26e09cd4f103d

Requested by

Host: medchatapp.com
URL: https://medchatapp.com/widget/polyfills.c200eb0912c7367f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://medchatapp.com/
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.0.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
via: 1.1 varnish
date: Tue, 17 Jan 2023 16:07:59 GMT
content-md5: d751713988987e9331980363e24189ce
age: 0
x-cache: HIT
content-length: 26
x-served-by: cache-hhn-etou8220029-HHN
x-timer: S1673971680.753637,VS0,VE1
etag: "d751713988987e9331980363e24189ce"
ld-region: us-east-1
access-control-max-age: 300
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits: 1

GET
H2 200 eyJraW5kIjoidXNlciIsImFub255bW91cyI6dHJ1ZSwia2V5IjoiYW5vbnltb3VzIiwiYXBpS2V5IjoiUmcxN3JCQ2lBRVNzVVJobTFVVGNHdyIsImJhc2VIcmVmIjoiL3dpZGdldC8ifQ Show response
app.launchdarkly.com/sdk/evalx/590ca63f5fc26e09cd4f103d/contexts/ Frame BC68 6 KB
999 B 17ms
17ms XHR
application/json 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://app.launchdarkly.com/sdk/evalx/590ca63f5fc26e09cd4f103d/contexts/eyJraW5kIjoidXNlciIsImFub255bW91cyI6dHJ1ZSwia2V5IjoiYW5vbnltb3VzIiwiYXBpS2V5IjoiUmcxN3JCQ2lBRVNzVVJobTFVVGNHdyIsImJhc2VIcmVmIjoiL3dpZGdldC8ifQ
Requested by: Host: medchatapp.com
URL: https://medchatapp.com/widget/polyfills.c200eb0912c7367f.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e175e06e6f31c61f10c77d6732d2d98dda66eebad7412b329806b9ad9823687a

Request headers

Referer: https://medchatapp.com/
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.0.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 16:07:59 GMT
content-encoding: gzip
via: 1.1 varnish
age: 0
x-cache: HIT
content-length: 895
x-served-by: cache-hhn-etou8220040-HHN, cache-hhn-etou8220029-HHN
x-timer: S1673971680.745187,VS0,VE10
etag: "777dbb"
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Authorization, Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits: 1

OPTIONS
H2 200 eyJraW5kIjoidXNlciIsImFub255bW91cyI6dHJ1ZSwia2V5IjoiYW5vbnltb3VzIiwiYXBpS2V5IjoiUmcxN3JCQ2lBRVNzVVJobTFVVGNHdyIsImJhc2VIcmVmIjoiL3dpZGdldC8ifQ
app.launchdarkly.com/sdk/evalx/590ca63f5fc26e09cd4f103d/contexts/ Frame 0
0 8ms
7ms Preflight 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/evalx/590ca63f5fc26e09cd4f103d/contexts/eyJraW5kIjoidXNlciIsImFub255bW91cyI6dHJ1ZSwia2V5IjoiYW5vbnltb3VzIiwiYXBpS2V5IjoiUmcxN3JCQ2lBRVNzVVJobTFVVGNHdyIsImJhc2VIcmVmIjoiL3dpZGdldC8ifQ

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent
Access-Control-Request-Method: GET
Origin: https://medchatapp.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Tue, 17 Jan 2023 16:07:59 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-served-by: cache-hhn-etou8220029-HHN
x-timer: S1673971680.736341,VS0,VE1

OPTIONS
H2 204 590ca63f5fc26e09cd4f103d
events.launchdarkly.com/events/diagnostic/ Frame 0
0 1134ms
109ms Preflight 52.201.12.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/590ca63f5fc26e09cd4f103d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.201.12.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-201-12-96.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-user-agent
Access-Control-Request-Method: POST
Origin: https://medchatapp.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Tue, 17 Jan 2023 16:08:00 GMT
strict-transport-security: max-age=31536000

POST
H2 202 590ca63f5fc26e09cd4f103d Show response
events.launchdarkly.com/events/diagnostic/ Frame BC68 0
344 B 108ms
108ms XHR
application/json 52.201.12.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/590ca63f5fc26e09cd4f103d

Requested by

Host: medchatapp.com
URL: https://medchatapp.com/widget/polyfills.c200eb0912c7367f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.201.12.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-201-12-96.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://medchatapp.com/
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.0.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 17 Jan 2023 16:08:01 GMT
strict-transport-security: max-age=31536000
access-control-max-age: 300
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length: 0

OPTIONS
H2 200 590ca63f5fc26e09cd4f103d
app.launchdarkly.com/sdk/goals/ Frame 0
0 7ms
7ms Preflight 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/590ca63f5fc26e09cd4f103d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent
Access-Control-Request-Method: GET
Origin: https://medchatapp.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Tue, 17 Jan 2023 16:07:59 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 2
x-served-by: cache-hhn-etou8220029-HHN
x-timer: S1673971680.849089,VS0,VE0

GET
H2 200 Rg17rBCiAESsURhm1UTcGw Show response
medchatapp.com/api/widgets/ Frame BC68 5 KB
5 KB 286ms
286ms XHR
application/vnd.medchat+json 13.89.105.76
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: medchatapp.com
URL: https://medchatapp.com/widget/polyfills.c200eb0912c7367f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.89.105.76 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

2432bcd92b8267e6eca9c66765629a2dc4642896b76a7b747fef254e2555d828

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Pragma: no-cache
x-session-correlation-id: p0nhc9
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Accept: application/vnd.medchat+json;v=2.0
Cache-Control: no-cache
Referer: https://medchatapp.com/widget/Rg17rBCiAESsURhm1UTcGw?hasWrapper=true
If-Modified-Since: Sat, 01 Jan 2000 00:00:00 GMT
Request-Id: |337faa3c11174d99aafec84724ef80dc.73000a044df04ce2
Expires: Sat, 01 Jan 2000 00:00:00 GMT

Response headers

content-type: application/vnd.medchat+json; v=2.0; charset=utf-8
date: Tue, 17 Jan 2023 16:08:00 GMT
strict-transport-security: max-age=2592000
server: Microsoft-HTTPAPI/2.0
content-length: 4673
request-context: appId=cid-v1:be4588a2-b71d-47dd-8148-6312efa0bc11

GET
H2 200 widgetStatus Show response
medchatapp.com/api/widgets/Rg17rBCiAESsURhm1UTcGw/ Frame BC68 260 B
451 B 174ms
174ms XHR
application/vnd.medchat+json 13.89.105.76
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://medchatapp.com/api/widgets/Rg17rBCiAESsURhm1UTcGw/widgetStatus

Requested by

Host: medchatapp.com
URL: https://medchatapp.com/widget/polyfills.c200eb0912c7367f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.89.105.76 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

c20ffbb553c9fce0bf4fb7d2369c610adbf63c8a1c8c9cf2716484240e6ce52a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Pragma: no-cache
x-session-correlation-id: p0nhc9
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Accept: application/vnd.medchat+json;v=1.0
Cache-Control: no-cache
Referer: https://medchatapp.com/widget/Rg17rBCiAESsURhm1UTcGw?hasWrapper=true
If-Modified-Since: Sat, 01 Jan 2000 00:00:00 GMT
Request-Id: |337faa3c11174d99aafec84724ef80dc.accac6204b2f4fb2
Expires: Sat, 01 Jan 2000 00:00:00 GMT

Response headers

content-type: application/vnd.medchat+json; v=1.0; charset=utf-8
date: Tue, 17 Jan 2023 16:07:59 GMT
strict-transport-security: max-age=2592000
server: Microsoft-HTTPAPI/2.0
content-length: 260
request-context: appId=cid-v1:be4588a2-b71d-47dd-8148-6312efa0bc11

GET
H2 200 590ca63f5fc26e09cd4f103d Show response
app.launchdarkly.com/sdk/goals/ Frame BC68 2 B
114 B 8ms
7ms XHR
application/json 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/590ca63f5fc26e09cd4f103d

Requested by

Host: medchatapp.com
URL: https://medchatapp.com/widget/polyfills.c200eb0912c7367f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://medchatapp.com/
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.0.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
via: 1.1 varnish
date: Tue, 17 Jan 2023 16:07:59 GMT
content-md5: d751713988987e9331980363e24189ce
age: 0
x-cache: HIT
content-length: 26
x-served-by: cache-hhn-etou8220029-HHN
x-timer: S1673971680.856922,VS0,VE0
etag: "d751713988987e9331980363e24189ce"
ld-region: us-east-1
access-control-max-age: 300
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits: 2

GET
H2 200 eyJraW5kIjoidXNlciIsImFub255bW91cyI6dHJ1ZSwia2V5IjoiYW5vbnltb3VzIiwiYXBpS2V5IjoiUmcxN3JCQ2lBRVNzVVJobTFVVGNHdyIsImJhc2VIcmVmIjoiL3dpZGdldC8ifQ Show response
app.launchdarkly.com/sdk/evalx/590ca63f5fc26e09cd4f103d/contexts/ Frame BC68 6 KB
1 KB 8ms
7ms XHR
application/json 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://app.launchdarkly.com/sdk/evalx/590ca63f5fc26e09cd4f103d/contexts/eyJraW5kIjoidXNlciIsImFub255bW91cyI6dHJ1ZSwia2V5IjoiYW5vbnltb3VzIiwiYXBpS2V5IjoiUmcxN3JCQ2lBRVNzVVJobTFVVGNHdyIsImJhc2VIcmVmIjoiL3dpZGdldC8ifQ
Requested by: Host: medchatapp.com
URL: https://medchatapp.com/widget/polyfills.c200eb0912c7367f.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e175e06e6f31c61f10c77d6732d2d98dda66eebad7412b329806b9ad9823687a

Request headers

Referer: https://medchatapp.com/
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.0.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 16:07:59 GMT
content-encoding: gzip
via: 1.1 varnish
age: 0
x-cache: HIT
content-length: 895
x-served-by: cache-hhn-etou8220040-HHN, cache-hhn-etou8220029-HHN
x-timer: S1673971680.857709,VS0,VE0
etag: "777dbb"
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Authorization, Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits: 2

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent
Access-Control-Request-Method: GET
Origin: https://medchatapp.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Tue, 17 Jan 2023 16:07:59 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 2
x-served-by: cache-hhn-etou8220029-HHN
x-timer: S1673971680.849958,VS0,VE0

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 439ms
15ms Preflight 13.69.106.215
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.215 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://medchatapp.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Tue, 17 Jan 2023 16:07:59 GMT
x-content-type-options: nosniff

POST
H2 206 track Show response
dc.services.visualstudio.com/v2/ Frame BC68 607 B
793 B 52ms
51ms XHR
application/json 13.69.106.215
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: medchatapp.com
URL: https://medchatapp.com/widget/polyfills.c200eb0912c7367f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.215 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1b3296060523523d777fd54a707ee9eb140123db1c4615db0f70e61e4b1b99ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://medchatapp.com/
accept-language: de-DE,de;q=0.9
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: D4F41094-DE0D-48BF-B0E4-D9F64536F0C5
strict-transport-security: max-age=31536000
date: Tue, 17 Jan 2023 16:07:59 GMT
x-content-type-options: nosniff
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length: 607

GET
H2 200 avatar
medchatapp.com/api/orgs/16f27459-7b00-5289-776d-39fa1a2a8c2c/widgets/ec6a0fe5-0277-ec2a-7dda-39fa9f644020/ Frame BC68 9 KB
10 KB 141ms
141ms Image
image/png 13.89.105.76
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medchatapp.com/api/orgs/16f27459-7b00-5289-776d-39fa1a2a8c2c/widgets/ec6a0fe5-0277-ec2a-7dda-39fa9f644020/avatar

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.89.105.76 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

b18974847c094811e0378cacf1cffa494ce33a3254235028a5fa8dc2922faf35

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medchatapp.com/widget/Rg17rBCiAESsURhm1UTcGw?hasWrapper=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/png; v=1.0
date: Tue, 17 Jan 2023 16:08:00 GMT
cache-control: private,max-age=604800
strict-transport-security: max-age=2592000
server: Microsoft-HTTPAPI/2.0
content-length: 9629
request-context: appId=cid-v1:be4588a2-b71d-47dd-8148-6312efa0bc11

OPTIONS
H2 200 590ca63f5fc26e09cd4f103d
app.launchdarkly.com/sdk/goals/ Frame 0
0 9ms
9ms Preflight 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/590ca63f5fc26e09cd4f103d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent
Access-Control-Request-Method: GET
Origin: https://medchatapp.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Tue, 17 Jan 2023 16:08:00 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 3
x-served-by: cache-hhn-etou8220029-HHN
x-timer: S1673971680.135135,VS0,VE0

GET
H2 200 590ca63f5fc26e09cd4f103d Show response
app.launchdarkly.com/sdk/goals/ Frame BC5F 2 B
156 B 8ms
8ms XHR
application/json 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/590ca63f5fc26e09cd4f103d

Requested by

Host: medchatapp.com
URL: https://medchatapp.com/widget-launcher/polyfills.ee34b270bafba9ee.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://medchatapp.com/
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.0.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
via: 1.1 varnish
date: Tue, 17 Jan 2023 16:08:00 GMT
content-md5: d751713988987e9331980363e24189ce
age: 0
x-cache: HIT
content-length: 26
x-served-by: cache-hhn-etou8220029-HHN
x-timer: S1673971680.144351,VS0,VE0
etag: "d751713988987e9331980363e24189ce"
ld-region: us-east-1
access-control-max-age: 300
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits: 3

GET
H2 200 eyJraW5kIjoidXNlciIsImFub255bW91cyI6dHJ1ZSwia2V5IjoiYW5vbnltb3VzIiwiYXBpS2V5IjoiUmcxN3JCQ2lBRVNzVVJobTFVVGNHdyIsImJhc2VIcmVmIjoiL3dpZGdldC1sYXVuY2hlci8ifQ Show response
app.launchdarkly.com/sdk/evalx/590ca63f5fc26e09cd4f103d/contexts/ Frame BC5F 6 KB
1009 B 18ms
18ms XHR
application/json 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://app.launchdarkly.com/sdk/evalx/590ca63f5fc26e09cd4f103d/contexts/eyJraW5kIjoidXNlciIsImFub255bW91cyI6dHJ1ZSwia2V5IjoiYW5vbnltb3VzIiwiYXBpS2V5IjoiUmcxN3JCQ2lBRVNzVVJobTFVVGNHdyIsImJhc2VIcmVmIjoiL3dpZGdldC1sYXVuY2hlci8ifQ
Requested by: Host: medchatapp.com
URL: https://medchatapp.com/widget-launcher/polyfills.ee34b270bafba9ee.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e175e06e6f31c61f10c77d6732d2d98dda66eebad7412b329806b9ad9823687a

Request headers

Referer: https://medchatapp.com/
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.0.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 16:08:00 GMT
content-encoding: gzip
via: 1.1 varnish
age: 0
x-cache: MISS
content-length: 895
x-served-by: cache-hhn-etou8220068-HHN, cache-hhn-etou8220029-HHN
x-timer: S1673971680.145223,VS0,VE11
etag: "777dbb"
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Authorization, Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits: 0

OPTIONS
H2 200 eyJraW5kIjoidXNlciIsImFub255bW91cyI6dHJ1ZSwia2V5IjoiYW5vbnltb3VzIiwiYXBpS2V5IjoiUmcxN3JCQ2lBRVNzVVJobTFVVGNHdyIsImJhc2VIcmVmIjoiL3dpZGdldC1sYXVuY2hlci8ifQ
app.launchdarkly.com/sdk/evalx/590ca63f5fc26e09cd4f103d/contexts/ Frame 0
0 9ms
9ms Preflight 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent
Access-Control-Request-Method: GET
Origin: https://medchatapp.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Tue, 17 Jan 2023 16:08:00 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 3
x-served-by: cache-hhn-etou8220029-HHN
x-timer: S1673971680.137798,VS0,VE0

GET
H2 200 topicStatuses Show response
medchatapp.com/api/widgets/Rg17rBCiAESsURhm1UTcGw/ Frame BC68 5 KB
5 KB 279ms
279ms XHR
application/vnd.medchat+json 13.89.105.76
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://medchatapp.com/api/widgets/Rg17rBCiAESsURhm1UTcGw/topicStatuses

Requested by

Host: medchatapp.com
URL: https://medchatapp.com/widget/polyfills.c200eb0912c7367f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.89.105.76 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

a33528af0f76ff54924c07b9556e0cb2dd1065235a22059e2e2cfe817bc14eba

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Pragma: no-cache
x-session-correlation-id: p0nhc9
x-widget-id: ec6a0fe5-0277-ec2a-7dda-39fa9f644020
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Accept: application/vnd.medchat+json;v=1.0
Cache-Control: no-cache
Referer: https://medchatapp.com/widget/Rg17rBCiAESsURhm1UTcGw?hasWrapper=true
If-Modified-Since: Sat, 01 Jan 2000 00:00:00 GMT
Request-Id: |337faa3c11174d99aafec84724ef80dc.d9aba502223a4cc3
Expires: Sat, 01 Jan 2000 00:00:00 GMT

Response headers

content-type: application/vnd.medchat+json; v=1.0; charset=utf-8
date: Tue, 17 Jan 2023 16:08:00 GMT
strict-transport-security: max-age=2592000
server: Microsoft-HTTPAPI/2.0
content-length: 4637
request-context: appId=cid-v1:be4588a2-b71d-47dd-8148-6312efa0bc11

GET
H2 200 122.de71d9ba5a76a747.js Show response
medchatapp.com/widget/ Frame BC68 1 MB
239 KB 147ms
147ms Script
application/x-javascript 13.89.105.76
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://medchatapp.com/widget/122.de71d9ba5a76a747.js
Requested by: Host: medchatapp.com
URL: https://medchatapp.com/widget/runtime.3bb60df93521dd59.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.105.76 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7b58a43eb31b57e58400b9f535335cadf11d32cdf76d8be8c562618f76ec49d6

Request headers

Referer: https://medchatapp.com/widget/Rg17rBCiAESsURhm1UTcGw?hasWrapper=true
Origin: https://medchatapp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 16:08:00 GMT
content-encoding: gzip
last-modified: Fri, 13 Jan 2023 18:18:46 GMT
server: Microsoft-IIS/10.0
etag: "047ad797b27d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: Content-Type
content-length: 244314

GET
H2 200 541.6bfa652c307a0aed.js Show response
medchatapp.com/widget/ Frame BC68 660 KB
178 KB 147ms
147ms Script
application/x-javascript 13.89.105.76
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://medchatapp.com/widget/541.6bfa652c307a0aed.js
Requested by: Host: medchatapp.com
URL: https://medchatapp.com/widget/runtime.3bb60df93521dd59.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.105.76 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 80437595b5eff4bcdd5a76a259f3eec31d4ddfdbcddf577a59a40b23c35e14d2

Request headers

Referer: https://medchatapp.com/widget/Rg17rBCiAESsURhm1UTcGw?hasWrapper=true
Origin: https://medchatapp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 16:08:00 GMT
content-encoding: gzip
last-modified: Fri, 13 Jan 2023 18:18:46 GMT
server: Microsoft-IIS/10.0
etag: "047ad797b27d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: Content-Type
content-length: 181297

GET
H2 200 2.c46aaa8a64a9bfca.js Show response
medchatapp.com/widget/ Frame BC68 40 KB
8 KB 158ms
158ms Script
application/x-javascript 13.89.105.76
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://medchatapp.com/widget/2.c46aaa8a64a9bfca.js
Requested by: Host: medchatapp.com
URL: https://medchatapp.com/widget/runtime.3bb60df93521dd59.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.105.76 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 63c07fc1114cbd8c2d5d0bc4af08bbcceb40f942fda0fbfbf1512cbe45d07ea6

Request headers

Referer: https://medchatapp.com/widget/Rg17rBCiAESsURhm1UTcGw?hasWrapper=true
Origin: https://medchatapp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 16:08:00 GMT
content-encoding: gzip
last-modified: Fri, 13 Jan 2023 18:18:46 GMT
server: Microsoft-IIS/10.0
etag: "047ad797b27d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: Content-Type
content-length: 8096

GET
H2 200 986.a17a07138b449ec9.js Show response
medchatapp.com/widget/ Frame BC68 1 KB
1 KB 147ms
147ms Script
application/x-javascript 13.89.105.76
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://medchatapp.com/widget/986.a17a07138b449ec9.js
Requested by: Host: medchatapp.com
URL: https://medchatapp.com/widget/runtime.3bb60df93521dd59.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.105.76 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fc054b3bf93a43efa68be8158ba803defb0f7c20f149f66f0dc19773b56dbf0a

Request headers

Referer: https://medchatapp.com/widget/Rg17rBCiAESsURhm1UTcGw?hasWrapper=true
Origin: https://medchatapp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 16:08:00 GMT
content-encoding: gzip
last-modified: Fri, 13 Jan 2023 18:18:46 GMT
server: Microsoft-IIS/10.0
etag: "047ad797b27d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: Content-Type
content-length: 851

GET
H2 200 avatar
medchatapp.com/api/orgs/16f27459-7b00-5289-776d-39fa1a2a8c2c/widgets/ec6a0fe5-0277-ec2a-7dda-39fa9f644020/ Frame BC5F 9 KB
10 KB 240ms
239ms Image
image/png 13.89.105.76
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medchatapp.com/api/orgs/16f27459-7b00-5289-776d-39fa1a2a8c2c/widgets/ec6a0fe5-0277-ec2a-7dda-39fa9f644020/avatar

Requested by

Host: medchatapp.com
URL: https://medchatapp.com/widget-launcher/main.99d56e73f57057a1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.89.105.76 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

b18974847c094811e0378cacf1cffa494ce33a3254235028a5fa8dc2922faf35

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medchatapp.com/widget-launcher/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/png; v=1.0
date: Tue, 17 Jan 2023 16:08:00 GMT
cache-control: private,max-age=604800
strict-transport-security: max-age=2592000
server: Microsoft-HTTPAPI/2.0
content-length: 9629
request-context: appId=cid-v1:be4588a2-b71d-47dd-8148-6312efa0bc11

GET
H2 200 default-icons.svg Show response
medchatapp.com/widget-launcher/assets/ Frame BC5F 228 KB
79 KB 238ms
237ms XHR
image/svg+xml 13.89.105.76
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://medchatapp.com/widget-launcher/assets/default-icons.svg
Requested by: Host: medchatapp.com
URL: https://medchatapp.com/widget-launcher/polyfills.ee34b270bafba9ee.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.105.76 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 078c6bb7c8cbf29496f8818b476dd4a04a413468e9b54fda498067a41782be68

Request headers

Accept: application/json, text/plain, */*
Referer: https://medchatapp.com/widget-launcher/
Request-Id: |aca6a32e87994e63adfd600a2a9cb1e1.9ca503a45de341b0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 16:08:00 GMT
content-encoding: gzip
last-modified: Fri, 13 Jan 2023 18:18:48 GMT
server: Microsoft-IIS/10.0
etag: "074de7a7b27d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: Content-Type
content-length: 80571

GET
H2 200 IBMPlexSans-Regular.woff
shared-assets.medchatapp.com/fonts/ Frame BC5F 77 KB
77 KB 126ms
125ms Font
application/font-woff 13.84.36.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://shared-assets.medchatapp.com/fonts/IBMPlexSans-Regular.woff
Requested by: Host: medchatapp.com
URL: https://medchatapp.com/widget/styles.7ccdf899e7f02814.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.84.36.2 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8d35554021d48cf78b78c1199df5bbd52852a2b26df8b5ca250bc32ea189039e

Request headers

Referer: https://medchatapp.com/
Origin: https://medchatapp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 16:07:59 GMT
last-modified: Wed, 02 Dec 2020 19:20:19 GMT
server: Microsoft-IIS/10.0
etag: "4a6d842ce0c8d61:0"
x-powered-by: ASP.NET
content-type: application/font-woff
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: content-type
content-length: 78672

GET
H2 200 241.f67d301498e518bb.js Show response
medchatapp.com/widget/ Frame BC68 84 KB
22 KB 152ms
152ms Script
application/x-javascript 13.89.105.76
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://medchatapp.com/widget/241.f67d301498e518bb.js
Requested by: Host: medchatapp.com
URL: https://medchatapp.com/widget/runtime.3bb60df93521dd59.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.105.76 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d36054a32cf014d935b667a5840d786e163529f0c2621481cfd1119ba37b12eb

Request headers

Referer: https://medchatapp.com/widget/Rg17rBCiAESsURhm1UTcGw/outreach
Origin: https://medchatapp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 16:08:00 GMT
content-encoding: gzip
last-modified: Fri, 13 Jan 2023 18:18:46 GMT
server: Microsoft-IIS/10.0
etag: "047ad797b27d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: Content-Type
content-length: 21927

POST
H2 202 590ca63f5fc26e09cd4f103d Show response
events.launchdarkly.com/events/bulk/ Frame BC68 0
344 B 108ms
108ms XHR
application/json 52.201.12.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/590ca63f5fc26e09cd4f103d

Requested by

Host: medchatapp.com
URL: https://medchatapp.com/widget/polyfills.c200eb0912c7367f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.201.12.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-201-12-96.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://medchatapp.com/
X-LaunchDarkly-Payload-ID: 1e1bcf40-9681-11ed-a3f4-3b3a75564de5
X-LaunchDarkly-Event-Schema: 4
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.0.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 17 Jan 2023 16:08:02 GMT
strict-transport-security: max-age=31536000
access-control-max-age: 300
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length: 0

OPTIONS
H2 204 590ca63f5fc26e09cd4f103d
events.launchdarkly.com/events/bulk/ Frame 0
0 108ms
108ms Preflight 52.201.12.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/590ca63f5fc26e09cd4f103d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.201.12.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-201-12-96.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id,x-launchdarkly-user-agent
Access-Control-Request-Method: POST
Origin: https://medchatapp.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Tue, 17 Jan 2023 16:08:01 GMT
strict-transport-security: max-age=31536000

POST
H2 202 590ca63f5fc26e09cd4f103d Show response
events.launchdarkly.com/events/bulk/ Frame BC68 0
344 B 209ms
209ms XHR
application/json 52.201.12.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/590ca63f5fc26e09cd4f103d

Requested by

Host: medchatapp.com
URL: https://medchatapp.com/widget/polyfills.c200eb0912c7367f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.201.12.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-201-12-96.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://medchatapp.com/
X-LaunchDarkly-Payload-ID: 1e1c9290-9681-11ed-a3f4-3b3a75564de5
X-LaunchDarkly-Event-Schema: 4
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.0.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 17 Jan 2023 16:08:02 GMT
strict-transport-security: max-age=31536000
access-control-max-age: 300
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length: 0

OPTIONS
H2 204 590ca63f5fc26e09cd4f103d
events.launchdarkly.com/events/bulk/ Frame 0
0 116ms
116ms Preflight 52.201.12.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/590ca63f5fc26e09cd4f103d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.201.12.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-201-12-96.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id,x-launchdarkly-user-agent
Access-Control-Request-Method: POST
Origin: https://medchatapp.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Tue, 17 Jan 2023 16:08:01 GMT
strict-transport-security: max-age=31536000

POST
H2 202 590ca63f5fc26e09cd4f103d Show response
events.launchdarkly.com/events/bulk/ Frame BC5F 0
344 B 109ms
108ms XHR
application/json 52.201.12.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/590ca63f5fc26e09cd4f103d

Requested by

Host: medchatapp.com
URL: https://medchatapp.com/widget-launcher/polyfills.ee34b270bafba9ee.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.201.12.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-201-12-96.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://medchatapp.com/
X-LaunchDarkly-Payload-ID: 1e480f60-9681-11ed-a405-2def3a02f75c
X-LaunchDarkly-Event-Schema: 4
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.0.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 17 Jan 2023 16:08:02 GMT
strict-transport-security: max-age=31536000
access-control-max-age: 300
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length: 0

OPTIONS
H2 204 590ca63f5fc26e09cd4f103d
events.launchdarkly.com/events/bulk/ Frame 0
0 108ms
108ms Preflight 52.201.12.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/590ca63f5fc26e09cd4f103d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.201.12.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-201-12-96.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id,x-launchdarkly-user-agent
Access-Control-Request-Method: POST
Origin: https://medchatapp.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Tue, 17 Jan 2023 16:08:02 GMT
strict-transport-security: max-age=31536000

POST collect
region1.google-analytics.com/g/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: region1.google-analytics.com
URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-M757RGM3NY&gtm=2oe1a1&_p=96092773&cid=1301854090.1673971678&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1673971677&sct=1&seg=0&dl=https%3A%2F%2Fwww.coverva.org%2Fen%2Fscreening-tool%3Futm_campaign%3D2consumers3eng2022%26utm_content%3DOE2022%26utm_medium%3Demail%26utm_source%3Dgovdelivery&dr=https%3A%2F%2Flnks.gd%2F&dt=&en=scroll&epn.percent_scrolled=90&_et=8

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.demdex.net/	1970-01-20 13:18:43	Name: demdex Value: 65093698537492504562187318791399650376
.coverva.org/	1969-12-31 23:59:59	Name: AMCVS_F6E84ABD5ED8A0AA0A495F8B%40AdobeOrg Value: 1
.everesttech.net/	1970-01-20 17:45:07	Name: everest_g_v2 Value: g_surferid~Y8bH3QAAAIXilwNx
.dpm.demdex.net/	1970-01-20 13:18:43	Name: dpm Value: 65093698537492504562187318791399650376
.coverva.org/	1969-12-31 23:59:59	Name: s_gpv Value: %2Fen%2Fscreening-tool
.coverva.org/	1969-12-31 23:59:59	Name: s_cc Value: true
.coverva.org/	1970-01-20 18:35:31	Name: AMCV_F6E84ABD5ED8A0AA0A495F8B%40AdobeOrg Value: 1176715910%7CMCIDTS%7C19375%7CMCMID%7C60209947483717322891693873994702617233%7CMCAAMLH-1674576477%7C6%7CMCAAMB-1674576477%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1673978877s%7CNONE%7CMCSYNCSOP%7C411-19382%7CvVersion%7C5.4.0
.coverva.org/	1970-01-20 18:35:31	Name: _ga_M757RGM3NY Value: GS1.1.1673971677.1.0.1673971677.0.0.0
.coverva.org/	1970-01-20 18:35:31	Name: _ga Value: GA1.1.1301854090.1673971678
.coverva.org/	1970-01-20 11:09:07	Name: _gcl_au Value: 1.1.193914378.1673971678
.coverva.org/	1970-01-20 11:09:07	Name: _fbp Value: fb.1.1673971678109.1998283664
.doubleclick.net/	1970-01-20 08:59:32	Name: test_cookie Value: CheckForPermission
medchatapp.com/	1970-01-20 17:45:07	Name: ai_user Value: vWuD1\|2023-01-17T16:07:59.426Z
medchatapp.com/	1970-01-20 08:59:33	Name: ai_session Value: +4C8u\|1673971679444\|1673971680152.9

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
app.launchdarkly.com
assets.adobedtm.com
cm.everesttech.net
connect.facebook.net
dc.services.visualstudio.com
dpm.demdex.net
events.launchdarkly.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.adsrvr.org
lnks.gd
maximus.demdex.net
maximusinc.sc.omtrdc.net
medchatapp.com
region1.google-analytics.com
shared-assets.medchatapp.com
www.coverva.org
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
region1.google-analytics.com
13.69.106.215
13.84.36.2
13.89.105.76
15.236.117.205
151.101.130.217
2001:18c8:17f:fc75::d186:90e5
2001:4860:4802:32::36
2a00:1450:4001:803::200a
2a00:1450:4001:806::2004
2a00:1450:4001:811::2002
2a00:1450:4001:827::2008
2a00:1450:4001:828::2003
2a00:1450:4001:828::200a
2a00:1450:400d:80a::2003
2a02:26f0:3500:587::1e80
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
34.250.33.236
52.201.12.96
54.171.1.252
65.9.65.116
75.2.125.6
00d312d24ac1fcc94822091635a8b3b879c3449dfe55dc368c4b24c295581e6b
01aacda621b54eb9d93868804103f28053df812e27e3e582427cb1dfb9c8a66b
078c6bb7c8cbf29496f8818b476dd4a04a413468e9b54fda498067a41782be68
1347a4eebcb784355ff49e4f74ab8e68cfeca24bb4ceb9b4f7c342640bf3e4a7
1b3296060523523d777fd54a707ee9eb140123db1c4615db0f70e61e4b1b99ba
1b93a00229287cc6ef3c7633a921ef5626bea1ac1064c989c75a9fd753d46b51
2432bcd92b8267e6eca9c66765629a2dc4642896b76a7b747fef254e2555d828
280aaa8929329764ac3213ca093c63505cfcc665347939c79905c426d33867c5
39cc6c78632abb08815246e75d23371d17c0106cfb4156297f74366c8404b533
3a4b884e47e601c35be05ee609419ec14265464d5cd309dc2a4f0a5c55baae36
48d1043ce567b8502ffe2eb105875f3a157666b7973316c7503e8de3bfb7969b
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5026094d6d554ca578d6b243acd84972d69aa538b4d7d09f1bb37df508447b63
51d77c29b9b183fa1448ad4bdc89cd64b09a14ca2c58ae884f786bbaa86d8f4a
54e7e253129c6c6358c5ea9201810b95c462ba66a0f9ed8c40bd8e0d1777390a
5803699ce0ea45967969513aa350b189c9094f5fb72078bf528eefe4b40c53c6
591134ddceb388cd2d70e51a2860e8c0901d84bfc7bfadecf4712a3fb9ae2512
63c07fc1114cbd8c2d5d0bc4af08bbcceb40f942fda0fbfbf1512cbe45d07ea6
6637ea3139ffb01e240829717a4f8c195d7be6b81780ed643000b49833d8d6d1
69557a349f98e1c8e70b06e3a756c17f96e0761df28cc0be2651641c1e8e1b94
6e7b858b69342bba93b9e657e9dbace1c0b7133a2a518517f313ea38c8bfc69f
71d26b1cacbbf9386e6fd5a50657dc5673345b4ee642a2815af8103c5a763dbf
7862028436a5ce9461b325e43b8d0121f408ee4456bdadede41882d94169fc78
7a2625338a4e787e6df75cdd3578e9132ca23a30531cb0ac0ba5c7a4c2d51e7c
7b58a43eb31b57e58400b9f535335cadf11d32cdf76d8be8c562618f76ec49d6
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7cc2b532efc3db58f9ad3406501a0f5869b2e0442ba32fcb19bee5698c052495
7dbd91f290f31441753ac34e08df314814461831194a0e16ddfa4dd85a311c66
80437595b5eff4bcdd5a76a259f3eec31d4ddfdbcddf577a59a40b23c35e14d2
84bc412acb1958e56f6a097a7e1b945ff56b05efe0d8ae96cb7029ca0ba14761
8c69f43299b8d9773b39064862f42d88bc64b32e8a331ebfafc9de5386d278bc
8d35554021d48cf78b78c1199df5bbd52852a2b26df8b5ca250bc32ea189039e
9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c
95a7c9ee29ed39317be6abdf9418487cb176b4f8fde39a26da75cdaa562b5b2e
97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787
9eeeb1411ef753d670f8548d12dd7add94a58042f317698a61ef78603bfc41ca
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a33528af0f76ff54924c07b9556e0cb2dd1065235a22059e2e2cfe817bc14eba
a5fa90adb4047ad0f5381664063adf4a6accbfdb25f094765885631e9a9d47cd
a6c4ec2572fe881ee4742a95188af2eecc200fee47ab8fc8751d4e9de82d1478
ab535ef07d54c5f0496e2dd9cbbc1d68c11874a2921b418da01209c903f72c9a
acd36fbd225947b7e4c94eeba14ab50cdc389e642732f228a4c87b875d162e88
b06c81b672b188fa929d1d5deefb75dc39d614f4a65a679d10e1d5ee84d18fd5
b18974847c094811e0378cacf1cffa494ce33a3254235028a5fa8dc2922faf35
b9093b339a5ac26f23c33190865b2210d081bbd214a688f2b873be8617c39f91
be68e4062a70bf9ab3f733873c9229637ed839167cc0fa58e26ec635ffa2d6e5
c20ffbb553c9fce0bf4fb7d2369c610adbf63c8a1c8c9cf2716484240e6ce52a
cc39cb58ebe6aecf6f11460b1ce13cd82260993b5a135a24426de2b91db08455
d36054a32cf014d935b667a5840d786e163529f0c2621481cfd1119ba37b12eb
d4afafbf6073fdcbee18d2ca286aa53516919b865a44486cb73692f1ce670b60
d4cd0583c811803c11ab45d477bed795de05523f506c9eaa95c8875998a93796
d544a4a2ee3c404deda4424b1823b90fec0e60db1702b48c29306a8db2eda615
d5eb67e1d759953e7528a0a91d94a9e14042febf962c37a866d5bcd6ce903328
e175e06e6f31c61f10c77d6732d2d98dda66eebad7412b329806b9ad9823687a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61286e7773f1a46d31df20639519f3359062e9151109790fea6ee801c9f5bfb
e839d04133315e223b25e8f665c2700cbe390734f11d3f1bd84b672c6d60dbbc
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1d19e98250d6a3df07e56ad61ee10ff310f8dfd4f5b4014b25fd9867ce21d63
f2552a928c0dc54b09af6e0fa0aead185ca1bca4be2e64472a3928ded9e45fa0
fc054b3bf93a43efa68be8158ba803defb0f7c20f149f66f0dc19773b56dbf0a
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.coverva.org Open in urlscan Pro 75.2.125.6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

96 Requests

98 %HTTPS

55 %IPv6

19 Domains

23 Subdomains

22 IPs

5 Countries

4603 kBTransfer

15042 kBSize

14 Cookies

3 Outgoing links

Page URL History

Redirected requests

96 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.coverva.org Open in urlscan Pro
75.2.125.6 Public Scan

Screenshot
Live screenshot

Full Image

96
Requests

98 %
HTTPS

55 %
IPv6

19
Domains

23
Subdomains

22
IPs

5
Countries

4603 kB
Transfer

15042 kB
Size

14
Cookies

96 HTTP transactions
0 data transactions