www.covermymeds.com
Open in
urlscan Pro
66.97.160.55
Public Scan
Effective URL: https://www.covermymeds.com/main/prior-authorization-forms/cigna/
Submission: On March 09 via api from US — Scanned from DE
Summary
TLS certificate: Issued by Sectigo RSA Organization Validation S... on August 9th 2021. Valid for: a year.
This is the only time www.covermymeds.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02, US)
images.ctfassets.net |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
www.googleadservices.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN7151 (BAYAREA-AS, US)
PTR: 209-128-119-150.bayarea.net
stats.sa-as.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-64-82-116.txl50.r.cloudfront.net
js.adsrvr.org |
ASN16509 (AMAZON-02, US)
PTR: ec2-44-241-10-203.us-west-2.compute.amazonaws.com
dx.steelhousemedia.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-64-79-118.txl50.r.cloudfront.net
scripts.demandbase.com |
ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-103.fra56.r.cloudfront.net
vidassets.terminus.services |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com | |
www.linkedin.com |
ASN32934 (FACEBOOK, US)
www.facebook.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-46.fra56.r.cloudfront.net
api.company-target.com |
ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org | |
insight.adsrvr.org |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-77.fra60.r.cloudfront.net
wec-assets.terminus.services |
ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-144-187.compute-1.amazonaws.com
wec-assets-api.terminus.services |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-245-46-233.us-west-2.compute.amazonaws.com
px.steelhousemedia.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-216-23.us-west-2.compute.amazonaws.com
ww.steelhousemedia.com |
ASN7151 (BAYAREA-AS, US)
PTR: 209-128-92-239.bayarea.net
api.kickfire.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
covermymeds.com
1 redirects
www.covermymeds.com — Cisco Umbrella Rank: 33810 |
883 KB |
13 |
ctfassets.net
images.ctfassets.net — Cisco Umbrella Rank: 4327 |
690 KB |
6 |
adsrvr.org
3 redirects
js.adsrvr.org — Cisco Umbrella Rank: 1439 match.adsrvr.org — Cisco Umbrella Rank: 293 insight.adsrvr.org — Cisco Umbrella Rank: 567 |
4 KB |
5 |
terminus.services
2 redirects
vidassets.terminus.services — Cisco Umbrella Rank: 12116 wec-assets.terminus.services — Cisco Umbrella Rank: 13235 wec-assets-api.terminus.services — Cisco Umbrella Rank: 13228 |
13 KB |
5 |
steelhousemedia.com
dx.steelhousemedia.com — Cisco Umbrella Rank: 8038 px.steelhousemedia.com — Cisco Umbrella Rank: 6939 ww.steelhousemedia.com — Cisco Umbrella Rank: 15397 |
8 KB |
5 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31 |
20 KB |
4 |
linkedin.com
3 redirects
px.ads.linkedin.com — Cisco Umbrella Rank: 434 www.linkedin.com — Cisco Umbrella Rank: 609 px4.ads.linkedin.com — Cisco Umbrella Rank: 5153 |
3 KB |
3 |
bing.com
bat.bing.com — Cisco Umbrella Rank: 338 |
12 KB |
2 |
kickfire.com
api.kickfire.com — Cisco Umbrella Rank: 63636 |
1 KB |
2 |
google.de
www.google.de — Cisco Umbrella Rank: 6433 |
655 B |
2 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
655 B |
2 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 68 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 |
2 KB |
2 |
sa-as.com
stats.sa-as.com — Cisco Umbrella Rank: 50927 |
1 KB |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 124 |
38 KB |
2 |
licdn.com
snap.licdn.com — Cisco Umbrella Rank: 799 |
4 KB |
1 |
company-target.com
api.company-target.com — Cisco Umbrella Rank: 2812 |
1 KB |
1 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 96 |
409 B |
1 |
demandbase.com
scripts.demandbase.com — Cisco Umbrella Rank: 5597 |
16 KB |
1 |
googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 101 |
15 KB |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 54 |
82 KB |
65 | 20 |
Domain | Requested by | |
---|---|---|
14 | www.covermymeds.com |
1 redirects
www.covermymeds.com
|
13 | images.ctfassets.net |
www.covermymeds.com
|
5 | www.google-analytics.com |
www.googletagmanager.com
www.covermymeds.com |
3 | px.steelhousemedia.com |
dx.steelhousemedia.com
www.covermymeds.com |
3 | match.adsrvr.org | 3 redirects |
3 | bat.bing.com |
www.googletagmanager.com
bat.bing.com www.covermymeds.com |
2 | api.kickfire.com |
www.covermymeds.com
|
2 | insight.adsrvr.org |
www.covermymeds.com
js.adsrvr.org |
2 | wec-assets-api.terminus.services |
www.covermymeds.com
|
2 | wec-assets.terminus.services | 2 redirects |
2 | www.google.de |
www.covermymeds.com
|
2 | www.google.com |
www.covermymeds.com
|
2 | px.ads.linkedin.com | 2 redirects |
2 | stats.sa-as.com |
www.googletagmanager.com
www.covermymeds.com |
2 | connect.facebook.net |
www.covermymeds.com
connect.facebook.net |
2 | snap.licdn.com |
www.googletagmanager.com
snap.licdn.com |
1 | ww.steelhousemedia.com |
www.covermymeds.com
|
1 | api.company-target.com |
scripts.demandbase.com
|
1 | www.facebook.com |
www.covermymeds.com
|
1 | px4.ads.linkedin.com |
www.covermymeds.com
|
1 | www.linkedin.com | 1 redirects |
1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | vidassets.terminus.services |
www.googletagmanager.com
|
1 | scripts.demandbase.com |
www.covermymeds.com
|
1 | dx.steelhousemedia.com |
www.covermymeds.com
|
1 | js.adsrvr.org |
www.googletagmanager.com
|
1 | www.googleadservices.com |
www.googletagmanager.com
|
1 | www.googletagmanager.com |
www.covermymeds.com
|
65 | 29 |
This site contains links to these domains. Also see Links.
Domain |
---|
insights.covermymeds.com |
experience.covermymeds.com |
account.covermymeds.com |
register.gotowebinar.com |
facebook.com |
twitter.com |
linkedin.com |
instagram.com |
glassdoor.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.covermymeds.com Sectigo RSA Organization Validation Secure Server CA |
2021-08-09 - 2022-08-09 |
a year | crt.sh |
images.ctfassets.net Amazon |
2022-02-17 - 2023-03-18 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-02-17 - 2022-05-12 |
3 months | crt.sh |
*.licdn.com DigiCert SHA2 Secure Server CA |
2021-07-15 - 2022-07-20 |
a year | crt.sh |
www.googleadservices.com GTS CA 1C3 |
2022-02-17 - 2022-05-12 |
3 months | crt.sh |
www.bing.com Microsoft RSA TLS CA 01 |
2021-12-22 - 2022-06-22 |
6 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2021-12-17 - 2022-03-17 |
3 months | crt.sh |
stats.sa-as.com Sectigo RSA Domain Validation Secure Server CA |
2022-02-14 - 2023-02-14 |
a year | crt.sh |
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020 |
2021-03-18 - 2022-04-19 |
a year | crt.sh |
*.steelhousemedia.com Go Daddy Secure Certificate Authority - G2 |
2020-05-27 - 2022-07-16 |
2 years | crt.sh |
tag.demandbase.com Go Daddy Secure Certificate Authority - G2 |
2021-10-18 - 2022-10-14 |
a year | crt.sh |
*.terminus.services Amazon |
2021-11-16 - 2022-12-14 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2022-02-17 - 2022-05-12 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2022-02-17 - 2022-05-12 |
3 months | crt.sh |
www.google.de GTS CA 1C3 |
2022-02-17 - 2022-05-12 |
3 months | crt.sh |
api.demandbase.com Go Daddy Secure Certificate Authority - G2 |
2021-10-20 - 2022-09-26 |
a year | crt.sh |
api.kickfire.com Sectigo RSA Domain Validation Secure Server CA |
2020-07-28 - 2022-07-28 |
2 years | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.covermymeds.com/main/prior-authorization-forms/cigna/
Frame ID: B76EB2F4249E5367386CFFB1C56768F5
Requests: 64 HTTP requests in this frame
Frame:
https://insight.adsrvr.org/track/up?adv=yi9xlz1&ref=https%3A%2F%2Fwww.covermymeds.com%2Fmain%2Fprior-authorization-forms%2Fcigna%2F&upid=c7xdx7r&upv=1.1.0
Frame ID: BF168FBCF2FD5910A9F3D34B8EC52A7E
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Cigna Prior Authorization Forms | CoverMyMedsPage URL History Show full URLs
-
http://www.covermymeds.com/main/prior-authorization-forms/cigna/
HTTP 302
https://www.covermymeds.com/main/prior-authorization-forms/cigna/ Page URL
Detected technologies
Contentful (CMS) ExpandDetected patterns
- <[^>]+(?:https?:)?//(?:assets|downloads|images|videos)\.(?:ct?fassets\.net|contentful\.com)
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
Linkedin Insight Tag (Analytics) Expand
Detected patterns
- snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Page Statistics
14 Outgoing links
These are links going to different origins than the main page.
Title: News
Search URL Search Domain Scan URL
Title: Medication Access Report
Search URL Search Domain Scan URL
Title: Press
Search URL Search Domain Scan URL
Title: See Yourself Here
Search URL Search Domain Scan URL
Title: Open Positions
Search URL Search Domain Scan URL
Title: Campus & Community
Search URL Search Domain Scan URL
Title: Log In
Search URL Search Domain Scan URL
Title: Start a Request
Search URL Search Domain Scan URL
Title: Join a webinar
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.covermymeds.com/main/prior-authorization-forms/cigna/
HTTP 302
https://www.covermymeds.com/main/prior-authorization-forms/cigna/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 37- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=34915&time=1646850475354&url=https%3A%2F%2Fwww.covermymeds.com%2Fmain%2Fprior-authorization-forms%2Fcigna%2F HTTP 302
- https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D34915%26time%3D1646850475354%26url%3Dhttps%253A%252F%252Fwww.covermymeds.com%252Fmain%252Fprior-authorization-forms%252Fcigna%252F%26liSync%3Dtrue HTTP 302
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=34915&time=1646850475354&url=https%3A%2F%2Fwww.covermymeds.com%2Fmain%2Fprior-authorization-forms%2Fcigna%2F&liSync=true HTTP 302
- https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=34915&time=1646850475354&url=https%3A%2F%2Fwww.covermymeds.com%2Fmain%2Fprior-authorization-forms%2Fcigna%2F&liSync=true&e_ipv6=AQJE7LEf1YTwJgAAAX9v8Ab8ilBCwX3OZG2PWHEAGVwKi5oDi2WRay9fuL2ZhfLBeqXC2nShN-AIxCgK-Ome_CDgivRR2A
- https://match.adsrvr.org/track/cmf/generic?ttd_pid=id17evj&ttd_tpi=1&ttd_puid=7d5a230c-32d3-49ee-9b04-fcdd1b9a7cc4|282fba41-a04f-4c3c-b54e-e525ea985214 HTTP 302
- https://match.adsrvr.org/track/cmb/generic?ttd_pid=id17evj&ttd_tpi=1&ttd_puid=7d5a230c-32d3-49ee-9b04-fcdd1b9a7cc4|282fba41-a04f-4c3c-b54e-e525ea985214 HTTP 302
- https://wec-assets.terminus.services/s.gif?d=7d5a230c-32d3-49ee-9b04-fcdd1b9a7cc4|282fba41-a04f-4c3c-b54e-e525ea985214&t=334724e9-5541-41e3-8d3d-973b78cdc556 HTTP 301
- https://wec-assets-api.terminus.services/v1/s.gif
- https://wec-assets.terminus.services/7d5a230c-32d3-49ee-9b04-fcdd1b9a7cc4/t.gif?d=282fba41-a04f-4c3c-b54e-e525ea985214&s=7b4a85c5-8903-4b59-bc0f-7808602e43f6&p=https%3A%2F%2Fwww.covermymeds.com%2Fmain%2Fprior-authorization-forms%2Fcigna%2F&cb=1646850475928&t=Cigna%20Prior%20Authorization%20Forms%20%7C%20CoverMyMeds&r=&e=page_viewed&u=dfa592d5-4e94-4431-adbb-7efa2eef71c2-1646850475928 HTTP 301
- https://wec-assets-api.terminus.services/v1/7d5a230c-32d3-49ee-9b04-fcdd1b9a7cc4/t.gif
- https://match.adsrvr.org/track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=a41c0455-9fd6-11ec-bbd7-51179c92752d&gdpr=&gdpr_consent= HTTP 302
- https://px.steelhousemedia.com/tdsync?tdid=334724e9-5541-41e3-8d3d-973b78cdc556&shguid=a41c0455-9fd6-11ec-bbd7-51179c92752d
65 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
www.covermymeds.com/main/prior-authorization-forms/cigna/ Redirect Chain
|
29 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
base.css
www.covermymeds.com/main/stylesheets/ |
910 KB 162 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vue-forms-seo.css
www.covermymeds.com/main/stylesheets/ |
10 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vue-carousel.css
www.covermymeds.com/main/stylesheets/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-cmm.svg
www.covermymeds.com/main/images/logos/ |
4 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
arrow_download.svg
images.ctfassets.net/70w6ftfzv4je/2GxQwUMhdXiAKLgeVzPkS6/95ce6511fe60b673f2407fc37fb5d544/ |
672 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
prior-auth-square.svg
images.ctfassets.net/2in405srp47m/1HX52cVJd1lKb1e5CrB7Ar/7a770061ca588a42cae3b962dfd2f746/ |
78 KB 32 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
provider-with-patient_2x.jpg
images.ctfassets.net/2in405srp47m/6U7mhe78GB0cvHaEPjPt3d/9c33199d60d334a3f0079c942cd3cfe4/ |
641 KB 642 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
epa-graphic.svg
images.ctfassets.net/70w6ftfzv4je/2kme5RI8WGWmjEPUbzOsf7/8432cdb5a00c8428e335d876d69b80dc/ |
28 KB 7 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lines-1.svg
images.ctfassets.net/70w6ftfzv4je/1ztC96cOgvADKiYhqgR0pV/c225a8ec8bf793561fd6cb985e6198bb/ |
786 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
arrow-right.svg
images.ctfassets.net/70w6ftfzv4je/4KWzJ87hflPLKaBdDBJO9r/eac3053272e9d8dd84102dc3bf3c99b0/ |
389 B 759 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lines-2.svg
images.ctfassets.net/70w6ftfzv4je/4seJMFaCH4IwOKXtw8y1Wf/055fbc006bc25bf1000aee19043001f6/ |
637 B 1003 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
social_fb.svg
images.ctfassets.net/2in405srp47m/5chqa8TMSHhloDolfZwD3G/ad063917c3e970ca28bb2e01e1928248/ |
1 KB 956 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
social_tw.svg
images.ctfassets.net/2in405srp47m/31o8XdebAcrMFmnt6TAaPi/79b470997855cce99eb3c7750daba5c5/ |
1 KB 935 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
social_li.svg
images.ctfassets.net/2in405srp47m/5PHW2sNqZr1spoo5aOi0bV/8cc66b8041d7657a6b772a26270d9696/ |
860 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
social_ig.svg
images.ctfassets.net/2in405srp47m/34nDRFOtASbqGiZWLyT82y/dcd26f73d629f867556c658a85ef79a3/ |
3 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
social_gd.svg
images.ctfassets.net/2in405srp47m/3EvIN78HWVdY7HQyNe9C6U/5215f264b4aa45ca14cdd67b53aab609/ |
765 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
base-bundle.js
www.covermymeds.com/main/javascripts/ |
1 MB 451 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vue-forms-seo-bundle.js
www.covermymeds.com/main/javascripts/ |
125 KB 55 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vue-carousel-bundle.js
www.covermymeds.com/main/javascripts/ |
112 KB 51 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
277 KB 82 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
insight.min.js
snap.licdn.com/li.lms-analytics/ |
1007 B 794 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
39 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bat.js
bat.bing.com/ |
38 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
99 KB 27 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
live.js
stats.sa-as.com/ |
1 KB 986 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
up_loader.1.1.0.js
js.adsrvr.org/ |
4 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
spx
dx.steelhousemedia.com/ |
13 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9oP2Og47.min.js
scripts.demandbase.com/ |
59 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
t.js
vidassets.terminus.services/7d5a230c-32d3-49ee-9b04-fcdd1b9a7cc4/ |
35 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chevron.svg
images.ctfassets.net/70w6ftfzv4je/30453ZBQlR80XsOyAgBCx4/6715e89115ddf118623e3aee426ed3e4/ |
490 B 856 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 445 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 194 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/856736550/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
282700338735046
connect.facebook.net/signals/config/ |
42 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
insight.beta.min.js
snap.licdn.com/li.lms-analytics/ |
8 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
26055177.js
bat.bing.com/p/action/ |
0 116 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
px4.ads.linkedin.com/ Redirect Chain
|
0 265 B |
Image
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 409 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/856736550/ |
42 B 548 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/856736550/ |
42 B 548 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ip.json
api.company-target.com/api/v2/ |
1 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
CoverMySans-Light.woff2
www.covermymeds.com/main/fonts/ |
23 KB 24 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
CoverMySans-Bold.woff2
www.covermymeds.com/main/fonts/ |
24 KB 25 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
CoverMySans-Medium.woff2
www.covermymeds.com/main/fonts/ |
24 KB 24 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
CoverMySerif-Bold.woff2
www.covermymeds.com/main/fonts/ |
24 KB 25 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
CoverMySans-Light.ttf
www.covermymeds.com/main/fonts/ |
48 KB 49 KB |
Font
application/font-sfnt |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
collect
www.google-analytics.com/ |
35 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.php
stats.sa-as.com/ |
95 B 426 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s.gif
wec-assets-api.terminus.services/v1/ Redirect Chain
|
43 B 162 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
t.gif
wec-assets-api.terminus.services/v1/7d5a230c-32d3-49ee-9b04-fcdd1b9a7cc4/ Redirect Chain
|
43 B 161 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
st
px.steelhousemedia.com/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gs
ww.steelhousemedia.com/ |
144 B 733 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0
bat.bing.com/action/ |
0 150 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
st
px.steelhousemedia.com/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tdsync
px.steelhousemedia.com/ Redirect Chain
|
0 303 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
insight.adsrvr.org/track/evnt/ |
70 B 260 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
up
insight.adsrvr.org/track/ Frame BF16 |
0 181 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gip
api.kickfire.com/ |
22 B 305 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
collect
www.google-analytics.com/ |
35 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
collect
www.google-analytics.com/ |
35 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
company:(all)
api.kickfire.com/v2/ |
499 B 901 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
53 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| structuredClone object| oncontextlost object| oncontextrestored object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga string| _linkedin_data_partner_id function| fbq function| _fbq number| DID object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| UET function| UET_init function| UET_push object| ueto_68312a15ed object| uetq function| GetCustomEvent function| lintrk boolean| _already_called_lintrk function| __extends object| Demandbase object| __db function| DBSegment function| VSCapture function| VSLT undefined| pagename undefined| MyPageName undefined| MyID undefined| MySearch object| sniffer function| ttd_dom_ready function| TTDUniversalPixelApi function| setImmediate function| clearImmediate boolean| VimeoPlayerResizeEmbeds_ string| dcm_cid undefined| dcm_tid undefined| dcm_gid object| irongate object| Widgets function| Hammer function| jQuery function| $ function| saveAs object| kickfireGTM28 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.covermymeds.com/ | Name: cookiesession1 Value: 3AC9FF13EMACIIDHU8PEBFV2BSGSE818 |
|
.covermymeds.com/ | Name: _gcl_au Value: 1.1.1395279072.1646850475 |
|
.covermymeds.com/ | Name: _ga Value: GA1.2.643716102.1646850475 |
|
.covermymeds.com/ | Name: _gid Value: GA1.2.403210649.1646850475 |
|
.covermymeds.com/ | Name: _dc_gtm_UA-7780355-10 Value: 1 |
|
.bing.com/ | Name: MUID Value: 20DE747461966F5F0924651660FD6EF1 |
|
.covermymeds.com/ | Name: _fbp Value: fb.1.1646850475358.1485577545 |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
.facebook.com/ | Name: fr Value: 0anj5b8oHvISFs6K2..BiKPGr...1.0.BiKPGr. |
|
.linkedin.com/ | Name: UserMatchHistory Value: AQItdfwJJVgazgAAAX9v8AW9KGVZCjrG-cMe4gv768bj3GLrBlN94sJ8nVDgSkB2Y5GOyB8MtaM7oA |
|
.linkedin.com/ | Name: AnalyticsSyncHistory Value: AQK9ZROLakqfeQAAAX9v8AW-AdOnGK5kMIHMVJQVvKUQOrAW5CDzQ3t9JPrAybiw5ILOuDck4F6MOveOyvgQ8A |
|
.ads.linkedin.com/ | Name: lang Value: v=2&lang=en-us |
|
.linkedin.com/ | Name: bcookie Value: "v=2&2fb3d8f1-01fe-428e-8e0c-893e3e9e52d7" |
|
.linkedin.com/ | Name: lidc Value: "b=TGST02:s=T:r=T:a=T:p=T:g=2736:u=1:x=1:i=1646850475:t=1646936875:v=2:sig=AQEyyK-wyITLsIkaKupc_EUalMpy9Tji" |
|
.linkedin.com/ | Name: lang Value: v=2&lang=de-de |
|
.www.linkedin.com/ | Name: bscookie Value: "v=1&20220309182755b8aea726-8701-467b-808d-26b5b252a8afAQH46ZBS-l3l4_SNbvajq995NVr7OUr8" |
|
.linkedin.com/ | Name: li_gc Value: MTswOzE2NDY4NTA0NzU7MjswMjEojDba/GeK0urN29fjLFShBNLg/v4woe26qzQXnROnkA== |
|
www.covermymeds.com/ | Name: d-a8e6 Value: 282fba41-a04f-4c3c-b54e-e525ea985214 |
|
www.covermymeds.com/ | Name: s-9da4 Value: 7b4a85c5-8903-4b59-bc0f-7808602e43f6 |
|
.adsrvr.org/ | Name: TDID Value: 334724e9-5541-41e3-8d3d-973b78cdc556 |
|
.steelhousemedia.com/ | Name: guid Value: a41c0455-9fd6-11ec-bbd7-51179c92752d |
|
.covermymeds.com/ | Name: landing_page_cookie Value: %5B%7B%22landing_page_name%22%3A%22campaign%3Dnone-specified%22%2C%22page_url%22%3A%22https%3A%2F%2Fwww.covermymeds.com%2Fmain%2Fprior-authorization-forms%2Fcigna%2F%22%2C%22timestamp%22%3A1646850477%7D%5D |
|
.covermymeds.com/ | Name: _uetsid Value: a44c8e809fd611ec8afbe32f5ff1e90e |
|
.covermymeds.com/ | Name: _uetvid Value: a44cb8a09fd611ecb5255b848fa99078 |
|
.px.steelhousemedia.com/ | Name: tt Value: "H4sIAAAAAAAAAKtW8guKNzYyMDGNN7IwtlCyMtBRQuYampmYWZgamJibWxia6CiVKVkZ6SBpMbc0BmqpBQCMsLllRgAAAA==" |
|
.steelhousemedia.com/ | Name: rt Value: "MzIwNDU6MTY0Njg1MDQ3Nw==" |
|
.adsrvr.org/ | Name: TDCPM Value: CAEYASABKAIyCwj-5-bCqIHBOhAFOAFaCnN0ZWVsaG91c2VgAg.. |
|
.covermymeds.com/ | Name: kickfire_api_session_cookie Value: 1 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.company-target.com
api.kickfire.com
bat.bing.com
connect.facebook.net
dx.steelhousemedia.com
googleads.g.doubleclick.net
images.ctfassets.net
insight.adsrvr.org
js.adsrvr.org
match.adsrvr.org
px.ads.linkedin.com
px.steelhousemedia.com
px4.ads.linkedin.com
scripts.demandbase.com
snap.licdn.com
stats.g.doubleclick.net
stats.sa-as.com
vidassets.terminus.services
wec-assets-api.terminus.services
wec-assets.terminus.services
ww.steelhousemedia.com
www.covermymeds.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
13.107.42.14
142.250.74.194
15.197.193.217
18.64.79.118
18.64.82.116
18.66.122.77
18.66.97.46
209.128.119.150
209.128.92.239
23.20.144.187
2600:9000:225f:9600:12:94b3:c380:93a1
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:808::200e
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2003
2a00:1450:400c:c07::9d
2a02:26f0:f7::5c7b:e053
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
44.238.216.23
44.241.10.203
52.222.236.103
54.245.46.233
66.97.160.55
037d81f20bf7442d0c5c146918b0ce56daf0328e40400cb38739fe38b9017fc0
04f516992909aee5c2280f3b88d9a771eb72774337a57b2516583064e43c8dc1
083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966
0bee0be5b3e24b1b6c8a9e90c982e1dd34f8517db327f3c4d63600df8880d43d
0c26857a0108ddf1ed23c1ad6d45efdc379c3f691f18c887a502412658d9af2e
0c830b91898c5a1f5643f5f885e2304393d516dc49c6252968728a7501cc2925
1098a5bbb8ecb4a11c032f56a662d86c69b6e4cf2be1016aaac9a518aed7ceb5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
143108318ed1aea7214b20aa0ce21f8b7ebc33fba8f0903030b63d6c1e0cb813
2cf9b8e14f93068f078bdd6917e6b1cbdc060c0238a2f9267b98654142ab85d1
35b27f0d7907a5c7d46d69265ccd0e469d2d1ee8aaeaca6f57e8e3e716d70d9d
36e33087fe7d0e3ada985d4035ac9bfe1b92e71451408b677fa40a8edeb6e170
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
429cc54b537e9d9ba37d9eff3ce81e022c638a63f6614a130965f43095ae410e
44b7fb6f761a2e8bf64400e3311c4c4bf343e888ee1b8bbf125881c4617ed70f
4534c47c497cd573d13480f6a8af112f1629d27a2670efb14e3ce4601b6bc9ad
5511cace6f2bdb96b47325d54b76747ddd4c279d779bb9fd27dc1f056d226d91
58a785ce245f56c85e714393a6ae8e8276501cab7b11e7986a6b8c588fce63d2
5efa60cf8a60b0c1d7e68d2813110bc034d421ec93121125bfebb6ea924b21f0
5fd3412e66b66ce9bd46b43ff397a3457381722c363c49f6ecfbd412ca9e3d26
68195809df6d702b8d2c25c97140def7f78f61a3a946a751ed0c304f96c8677f
7ac62c4e42d6a7e57ff91dddc35bdc37fbb64ec725edbaca3fa2baa6c0448cda
814b1ccc866a018e625aec0c752e768143e94349540d6d619ef97b18c38df125
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
8a09ca6c061c0ea0f5cbd157363e8a1cfbc787d8262e0e1d791f76d936f9bf29
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9178d19c46b5a36fc8d4de24aa7fef3b62e7f69c259f4e81ee3f2d5aba263216
96fc18cbdee330cac9010c45e36896cc6cf678a0690809551eeeaf9192b83ce8
9adc4ec6d250b81aca0e898710ca586fb09ec218b510f5ae77cb52da8976a9a3
a08a4314a869b36d4d4152b06c44a16aed2cb72cd404a6ae4c7e6b64f4f25f2d
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3f2988ced85347d88d6bc5c0769fa8368cb47f616726d2b6fcd5288aa85fe55
abe38ecd070add9960f15d1f62410557572674f114955adde81a3ba4643cc740
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b8caa17ec0a87046f8c3a03dc0f67daa35629f215a06a1a3e85d9b356c1ad45d
c23e692f0f71246a865030dd1aa9db9d1d11b8336756d96d65af7995e36c7730
c567d0068aa9d314d13047cf6af171cce476501aac5e5521bd2b2233b16fbce5
c7a55197e52bc5f842b53287f10783c15e0f9e83f81540a06a9f7a70f6e4936c
c9041389d90a5a1ac844942cf155387218e7c444426574042d560aa718667b4b
c947d2bb1d4fa47f48588502b47b02dad7ad660e1b464934f1bb88cd79bdf831
cd6b7b6cbf2d446f00252b3bdffc3c07db9b0c0da9fda26c0598b2bc28c09d45
deb366be38e230fb307a20c2c4f21797f80d760cc0e27387646cdccd4a3d9b3d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed3b44200ae26a867a3074ba5c163be17adca021812bf2f006838fe4f3ff4b4d
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4eb54a950b1a82301aa9db5b2971b783e9c63c9172147a61c502771a91555d
f20c642188a304213e1f268270f2e40ce97d00b3e1bf22fbe7208b452772f9a3
f2649db29712c0b6bb0702c7c4b1187b10ec39f238ddee4f17a614fa64ce31f3
f2af019a72fdcf89b35bafe847f8f125ba4a596c4acb12018522a7451bdf6383
f75528a7f33a96ccb1cf3c61ee223f2f94ac49cae485fe70229938c3275ab817
fadf782d7469f434889619919f47e7bdf9515a95283cd8be9e059def532700fc