urlscan.io logo urlscan.io
SecurityTrails logo

accounts2.covers.com Open in urlscan Pro
3.225.149.154  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://accounts2.covers.com/
Effective URL: https://accounts2.covers.com/
Submission: On April 08 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 4 countries across 16 domains to perform 70 HTTP transactions. The main IP is 3.225.149.154, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is accounts2.covers.com. The Cisco Umbrella rank of the primary domain is 307168.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on June 3rd 2022. Valid for: a year.
This is the only time accounts2.covers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 3.225.149.154 14618 (AMAZON-AES)
21 2a04:4e42:8d:... 54113 (FASTLY)
11 18.66.97.128 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 34.96.102.137 396982 (GOOGLE-CL...)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 52.31.88.82 16509 (AMAZON-02)
2 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 18.66.97.53 16509 (AMAZON-02)
1 65.9.95.91 16509 (AMAZON-02)
1 15.236.125.10 16509 (AMAZON-02)
70 15
13    3.225.149.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-149-154.compute-1.amazonaws.com
accounts2.covers.com
21    2a04:4e42:8d::720 (United States)

ASN54113 (FASTLY, US)
img.covers.com
11    18.66.97.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-128.fra56.r.cloudfront.net
headers.covers.com
1    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
5    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com
dev.visualwebsiteoptimizer.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    52.31.88.82 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-88-82.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    2a02:26f0:480:7a9::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
1    18.66.97.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-53.fra56.r.cloudfront.net
static.hotjar.com
1    65.9.95.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-91.prg50.r.cloudfront.net
script.hotjar.com
1    15.236.125.10 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-125-10.eu-west-3.compute.amazonaws.com
triathlon.sc.omtrdc.net
Apex Domain
Subdomains		 Transfer
45 covers.com
accounts2.covers.com — Cisco Umbrella Rank: 307168
img.covers.com — Cisco Umbrella Rank: 223688
headers.covers.com — Cisco Umbrella Rank: 260085
www.covers.com Failed
525 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
66 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 677
script.hotjar.com — Cisco Umbrella Rank: 927
72 KB
2 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 452
14 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 109
239 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 161
136 KB
2 visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4625
2 KB
1 omtrdc.net
triathlon.sc.omtrdc.net — Cisco Umbrella Rank: 273738
344 B
1 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 215
2 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
74 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 357
9 KB
0 everesttech.net Failed
cm.everesttech.net Failed
0 everestjs.net Failed
www.everestjs.net Failed
0 redditstatic.com Failed
www.redditstatic.com Failed
0 datadoghq-browser-agent.com Failed
www.datadoghq-browser-agent.com Failed
0 cookiebot.com Failed
consent.cookiebot.com Failed
70 16
Domain Requested by
21 img.covers.com accounts2.covers.com
headers.covers.com
13 accounts2.covers.com accounts2.covers.com
headers.covers.com
11 headers.covers.com accounts2.covers.com
5 www.google-analytics.com accounts2.covers.com
www.google-analytics.com
2 assets.adobedtm.com img.covers.com
2 www.facebook.com accounts2.covers.com
2 connect.facebook.net accounts2.covers.com
connect.facebook.net
2 dev.visualwebsiteoptimizer.com accounts2.covers.com
1 triathlon.sc.omtrdc.net
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com accounts2.covers.com
1 dpm.demdex.net img.covers.com
1 www.googletagmanager.com accounts2.covers.com
1 ajax.googleapis.com accounts2.covers.com
0 cm.everesttech.net Failed
0 www.everestjs.net Failed headers.covers.com
0 www.redditstatic.com Failed accounts2.covers.com
0 www.covers.com Failed headers.covers.com
0 www.datadoghq-browser-agent.com Failed accounts2.covers.com
0 consent.cookiebot.com Failed accounts2.covers.com
70 20
Subject Issuer Validity Valid
*.covers.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-03 -
2023-07-04		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-03-20 -
2023-06-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-03-20 -
2023-06-12		 3 months crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2		 2022-07-04 -
2023-08-05		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-01-15 -
2023-04-15		 3 months crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-26 -
2023-10-27		 a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-19 -
2023-08-19		 a year crt.sh
*.hotjar.com
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
*.sc.omtrdc.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-03-08		 a year crt.sh

This page contains 1 frames:

Primary Page: https://accounts2.covers.com/
Frame ID: 1511246504231F046257509A888356B2
Requests: 70 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login

Page URL History Show full URLs

  1. http://accounts2.covers.com/ HTTP 307
    https://accounts2.covers.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui[.-]([\d.]*\d)[^/]*\.js
  • jquery-ui.*\.js

Page Statistics

70
Requests

91 %
HTTPS

50 %
IPv6

16
Domains

20
Subdomains

15
IPs

4
Countries

899 kB
Transfer

2664 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://accounts2.covers.com/ HTTP 307
    https://accounts2.covers.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

70 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
accounts2.covers.com/
Redirect Chain
  • http://accounts2.covers.com/
  • https://accounts2.covers.com/
249 KB
37 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts2.covers.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.149.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-149-154.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5bde3a0d230a1163e8c278b015679ed5319640fdc401c326d0b72be8bd1d13f3
Security Headers
Name Value
Content-Security-Policy default-src http://localhost:44383 https://localhost:44383 https://*.covers.com http://*.covers.com; img-src data: https://www.facebook.com/tr/ https://pixel.mathtag.com https://*.covers.com https://www.google-analytics.com https://triathlon.sc.omtrdc.net https://cdn.brid.tv https://stats-dev.brid.tv https://dev.visualwebsiteoptimizer.com https://dpm.demdex.net https://ajax.googleapis.com https://userimages-covers-s3.s3.amazonaws.com https://images-covers-s3.s3.amazonaws.com; media-src https://cdn.brid.tv; script-src https://static.hotjar.com https://triathlon.sc.omtrdc.net 'unsafe-inline' 'unsafe-eval' https://*.covers.com https://connect.facebook.net https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://dev.visualwebsiteoptimizer.com https://assets.adobedtm.com https://ajax.googleapis.com; style-src 'self' 'unsafe-inline' http://*.covers.com https://*.covers.com https://ajax.googleapis.com;style-src-elem 'unsafe-inline' http://*.covers.com https://*.covers.com https://localhost:44383 https://fonts.googleapis.com https://fonts.gstatic.co https://ajax.googleapis.co https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://ajax.googleapis.com https://c.brid.tv;script-src-elem 'unsafe-inline' https://pixel.mathtag.com https://*.covers.com https://www.google-analytics.com https://cdn.cookielaw.org https://www.googletagmanager.com https://assets.adobedtm.com https://cdnjs.cloudflare.com https://*.hotjar.com https://ajax.googleapis.com https://connect.facebook.net https://*.brid.tv https://platform.twitter.com https://static.zdassets.com https://dev.visualwebsiteoptimizer.com https://www.google.com https://www.gstatic.com https://cdn.onesignal.com; connect-src http://*.covers.com https://*.covers.com https://www.google-analytics.com https://cdn.cookielaw.org https://*.hotjar.com https://covers.zendesk.com https://vc.hotjar.io https://dpm.demdex.net https://triathlon.sc.omtrdc.net; font-src https://*.covers.com https://fonts.gstatic.com;frame-src https://pixel.mathtag.com https://*.twitter.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.covers.com;
X-Frame-Options sameorigin

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private
content-encoding
gzip
content-length
35268
content-security-policy
default-src http://localhost:44383 https://localhost:44383 https://*.covers.com http://*.covers.com; img-src data: https://www.facebook.com/tr/ https://pixel.mathtag.com https://*.covers.com https://www.google-analytics.com https://triathlon.sc.omtrdc.net https://cdn.brid.tv https://stats-dev.brid.tv https://dev.visualwebsiteoptimizer.com https://dpm.demdex.net https://ajax.googleapis.com https://userimages-covers-s3.s3.amazonaws.com https://images-covers-s3.s3.amazonaws.com; media-src https://cdn.brid.tv; script-src https://static.hotjar.com https://triathlon.sc.omtrdc.net 'unsafe-inline' 'unsafe-eval' https://*.covers.com https://connect.facebook.net https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://dev.visualwebsiteoptimizer.com https://assets.adobedtm.com https://ajax.googleapis.com; style-src 'self' 'unsafe-inline' http://*.covers.com https://*.covers.com https://ajax.googleapis.com;style-src-elem 'unsafe-inline' http://*.covers.com https://*.covers.com https://localhost:44383 https://fonts.googleapis.com https://fonts.gstatic.co https://ajax.googleapis.co https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://ajax.googleapis.com https://c.brid.tv;script-src-elem 'unsafe-inline' https://pixel.mathtag.com https://*.covers.com https://www.google-analytics.com https://cdn.cookielaw.org https://www.googletagmanager.com https://assets.adobedtm.com https://cdnjs.cloudflare.com https://*.hotjar.com https://ajax.googleapis.com https://connect.facebook.net https://*.brid.tv https://platform.twitter.com https://static.zdassets.com https://dev.visualwebsiteoptimizer.com https://www.google.com https://www.gstatic.com https://cdn.onesignal.com; connect-src http://*.covers.com https://*.covers.com https://www.google-analytics.com https://cdn.cookielaw.org https://*.hotjar.com https://covers.zendesk.com https://vc.hotjar.io https://dpm.demdex.net https://triathlon.sc.omtrdc.net; font-src https://*.covers.com https://fonts.gstatic.com;frame-src https://pixel.mathtag.com https://*.twitter.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.covers.com;
content-type
text/html; charset=utf-8
date
Sat, 08 Apr 2023 15:04:41 GMT
server
Microsoft-IIS/10.0
vary
Accept-Encoding
x-frame-options
sameorigin
x-powered-by
ASP.NET

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://accounts2.covers.com/
Non-Authoritative-Reason
HSTS
founders-grotesk-web-bold.woff2
img.covers.com/covers/fonts/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://img.covers.com/covers/fonts/founders-grotesk-web-bold.woff2
Requested by
Host: accounts2.covers.com
URL: https://accounts2.covers.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
96c81e533bd1bb1106a8f254b90128451bd204d1c9554480b696d7569ca2a55f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://accounts2.covers.com/
Origin
https://accounts2.covers.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 08 Apr 2023 15:04:41 GMT
x-content-type-options
nosniff
age
2705043
x-cache
HIT, HIT
x-imgix-id
db853eea0c7f6d94459b1513d3d5a83777ea0806
cross-origin-resource-policy
cross-origin
content-length
35513
x-served-by
cache-sjc10052-SJC, cache-fra-eddf8230113-FRA
x-imgix-render-farm
01.9544
last-modified
Fri, 04 Feb 2022 17:55:24 GMT
server
imgix
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
inter_regular.woff2
img.covers.com/covers/fonts/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://img.covers.com/covers/fonts/inter_regular.woff2
Requested by
Host: accounts2.covers.com
URL: https://accounts2.covers.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
acdc8f60059cbf557957869f544dce756689a499c506856522204b3ea06be8c7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://accounts2.covers.com/
Origin
https://accounts2.covers.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 08 Apr 2023 15:04:41 GMT
x-content-type-options
nosniff
age
3389423
x-cache
HIT, HIT
x-imgix-id
d0a67c339abfe7e8985dbcc3097ab3b27cf7592a
cross-origin-resource-policy
cross-origin
content-length
37780
x-served-by
cache-sjc10026-SJC, cache-fra-eddf8230113-FRA
x-imgix-render-farm
01.9544
last-modified
Fri, 04 Feb 2022 16:12:36 GMT
server
imgix
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
AllExternal.js
headers.covers.com/Scripts/ 		130 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://headers.covers.com/Scripts/AllExternal.js
Requested by
Host: accounts2.covers.com
URL: https://accounts2.covers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-128.fra56.r.cloudfront.net
Software
Microsoft-IIS/10.0 / covers.com
Resource Hash
7dd97ab4b18c7fdf67a643bfbff120862414cd270c3f908c01c4a1e03921f4a1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts2.covers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 10 May 2022 01:05:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
28821547
x-powered-by
covers.com
x-cache
Hit from cloudfront
last-modified
Mon, 09 May 2022 16:33:38 GMT
server
Microsoft-IIS/10.0
etag
W/"01df588c263d81:0"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
access-control-allow-headers
Content-Type
x-amz-cf-id
2jvEYRpT4mfmEw8nrlZ9kBWbwM6CaeR2nU_i0jO68lf4Rq6nSrJuCw==
jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.13.2/themes/base/ 		35 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.13.2/themes/base/jquery-ui.css
Requested by
Host: accounts2.covers.com
URL: https://accounts2.covers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8c2157918c9fed0bb9dcc56c96b52dc7af70b05ca0228e467eaf91777751ad7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts2.covers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 10:46:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
447466
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8346
x-xss-protection
0
last-modified
Wed, 20 Jul 2022 08:22:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Apr 2024 10:46:55 GMT
critical-css.css
headers.covers.com/content/css/ 		36 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://headers.covers.com/content/css/critical-css.css?v=3
Requested by
Host: accounts2.covers.com
URL: https://accounts2.covers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-128.fra56.r.cloudfront.net
Software
Microsoft-IIS/10.0 / covers.com
Resource Hash
9cd030ddd4128015d8e55488f90f2b52c5fe5766ff905485259b998a9c1ccc46
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts2.covers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 13:36:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
22210072
x-powered-by
covers.com
x-cache
Hit from cloudfront
last-modified
Mon, 25 Jul 2022 13:02:40 GMT
server
Microsoft-IIS/10.0
etag
W/"0582d226a0d81:0"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=31536000
access-control-allow-headers
Content-Type
x-amz-cf-id
nolIrEx5K7cQ-_d9QEGFAFRmUbNlTZmr4VvgcZ9MiQvLql5NXwspRw==
ClientSite.css
accounts2.covers.com/Content/ 		19 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts2.covers.com/Content/ClientSite.css
Requested by
Host: accounts2.covers.com
URL: https://accounts2.covers.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.149.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-149-154.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5e47be016386e1dd9e7e44b201a4340805f7c9d120e44101187596a851130cfb
Security Headers
Name Value
Content-Security-Policy default-src http://localhost:44383 https://localhost:44383 https://*.covers.com http://*.covers.com; img-src data: https://www.facebook.com/tr/ https://pixel.mathtag.com https://*.covers.com https://www.google-analytics.com https://triathlon.sc.omtrdc.net https://cdn.brid.tv https://stats-dev.brid.tv https://dev.visualwebsiteoptimizer.com https://dpm.demdex.net https://ajax.googleapis.com https://userimages-covers-s3.s3.amazonaws.com https://images-covers-s3.s3.amazonaws.com; media-src https://cdn.brid.tv; script-src https://static.hotjar.com https://triathlon.sc.omtrdc.net 'unsafe-inline' 'unsafe-eval' https://*.covers.com https://connect.facebook.net https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://dev.visualwebsiteoptimizer.com https://assets.adobedtm.com https://ajax.googleapis.com; style-src 'self' 'unsafe-inline' http://*.covers.com https://*.covers.com https://ajax.googleapis.com;style-src-elem 'unsafe-inline' http://*.covers.com https://*.covers.com https://localhost:44383 https://fonts.googleapis.com https://fonts.gstatic.co https://ajax.googleapis.co https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://ajax.googleapis.com https://c.brid.tv;script-src-elem 'unsafe-inline' https://pixel.mathtag.com https://*.covers.com https://www.google-analytics.com https://cdn.cookielaw.org https://www.googletagmanager.com https://assets.adobedtm.com https://cdnjs.cloudflare.com https://*.hotjar.com https://ajax.googleapis.com https://connect.facebook.net https://*.brid.tv https://platform.twitter.com https://static.zdassets.com https://dev.visualwebsiteoptimizer.com https://www.google.com https://www.gstatic.com https://cdn.onesignal.com; connect-src http://*.covers.com https://*.covers.com https://www.google-analytics.com https://cdn.cookielaw.org https://*.hotjar.com https://covers.zendesk.com https://vc.hotjar.io https://dpm.demdex.net https://triathlon.sc.omtrdc.net; font-src https://*.covers.com https://fonts.gstatic.com;frame-src https://pixel.mathtag.com https://*.twitter.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.covers.com;
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts2.covers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 08 Apr 2023 15:04:41 GMT
content-encoding
gzip
content-security-policy
default-src http://localhost:44383 https://localhost:44383 https://*.covers.com http://*.covers.com; img-src data: https://www.facebook.com/tr/ https://pixel.mathtag.com https://*.covers.com https://www.google-analytics.com https://triathlon.sc.omtrdc.net https://cdn.brid.tv https://stats-dev.brid.tv https://dev.visualwebsiteoptimizer.com https://dpm.demdex.net https://ajax.googleapis.com https://userimages-covers-s3.s3.amazonaws.com https://images-covers-s3.s3.amazonaws.com; media-src https://cdn.brid.tv; script-src https://static.hotjar.com https://triathlon.sc.omtrdc.net 'unsafe-inline' 'unsafe-eval' https://*.covers.com https://connect.facebook.net https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://dev.visualwebsiteoptimizer.com https://assets.adobedtm.com https://ajax.googleapis.com; style-src 'self' 'unsafe-inline' http://*.covers.com https://*.covers.com https://ajax.googleapis.com;style-src-elem 'unsafe-inline' http://*.covers.com https://*.covers.com https://localhost:44383 https://fonts.googleapis.com https://fonts.gstatic.co https://ajax.googleapis.co https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://ajax.googleapis.com https://c.brid.tv;script-src-elem 'unsafe-inline' https://pixel.mathtag.com https://*.covers.com https://www.google-analytics.com https://cdn.cookielaw.org https://www.googletagmanager.com https://assets.adobedtm.com https://cdnjs.cloudflare.com https://*.hotjar.com https://ajax.googleapis.com https://connect.facebook.net https://*.brid.tv https://platform.twitter.com https://static.zdassets.com https://dev.visualwebsiteoptimizer.com https://www.google.com https://www.gstatic.com https://cdn.onesignal.com; connect-src http://*.covers.com https://*.covers.com https://www.google-analytics.com https://cdn.cookielaw.org https://*.hotjar.com https://covers.zendesk.com https://vc.hotjar.io https://dpm.demdex.net https://triathlon.sc.omtrdc.net; font-src https://*.covers.com https://fonts.gstatic.com;frame-src https://pixel.mathtag.com https://*.twitter.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.covers.com;
last-modified
Wed, 01 Mar 2023 19:17:08 GMT
server
Microsoft-IIS/10.0
etag
"052726a724cd91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
sameorigin
content-type
text/css
accept-ranges
bytes
content-length
3865
jquery-ui-1.13.2.min.js
accounts2.covers.com/Scripts/ 		249 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts2.covers.com/Scripts/jquery-ui-1.13.2.min.js
Requested by
Host: accounts2.covers.com
URL: https://accounts2.covers.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.149.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-149-154.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9d9b75e6bf99296f7797ed12f73137f52966dbb02180ff054c6c01680c7bdb1d
Security Headers
Name Value
Content-Security-Policy default-src http://localhost:44383 https://localhost:44383 https://*.covers.com http://*.covers.com; img-src data: https://www.facebook.com/tr/ https://pixel.mathtag.com https://*.covers.com https://www.google-analytics.com https://triathlon.sc.omtrdc.net https://cdn.brid.tv https://stats-dev.brid.tv https://dev.visualwebsiteoptimizer.com https://dpm.demdex.net https://ajax.googleapis.com https://userimages-covers-s3.s3.amazonaws.com https://images-covers-s3.s3.amazonaws.com; media-src https://cdn.brid.tv; script-src https://static.hotjar.com https://triathlon.sc.omtrdc.net 'unsafe-inline' 'unsafe-eval' https://*.covers.com https://connect.facebook.net https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://dev.visualwebsiteoptimizer.com https://assets.adobedtm.com https://ajax.googleapis.com; style-src 'self' 'unsafe-inline' http://*.covers.com https://*.covers.com https://ajax.googleapis.com;style-src-elem 'unsafe-inline' http://*.covers.com https://*.covers.com https://localhost:44383 https://fonts.googleapis.com https://fonts.gstatic.co https://ajax.googleapis.co https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://ajax.googleapis.com https://c.brid.tv;script-src-elem 'unsafe-inline' https://pixel.mathtag.com https://*.covers.com https://www.google-analytics.com https://cdn.cookielaw.org https://www.googletagmanager.com https://assets.adobedtm.com https://cdnjs.cloudflare.com https://*.hotjar.com https://ajax.googleapis.com https://connect.facebook.net https://*.brid.tv https://platform.twitter.com https://static.zdassets.com https://dev.visualwebsiteoptimizer.com https://www.google.com https://www.gstatic.com https://cdn.onesignal.com; connect-src http://*.covers.com https://*.covers.com https://www.google-analytics.com https://cdn.cookielaw.org https://*.hotjar.com https://covers.zendesk.com https://vc.hotjar.io https://dpm.demdex.net https://triathlon.sc.omtrdc.net; font-src https://*.covers.com https://fonts.gstatic.com;frame-src https://pixel.mathtag.com https://*.twitter.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.covers.com;
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts2.covers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 08 Apr 2023 15:04:41 GMT
content-encoding
gzip
content-security-policy
default-src http://localhost:44383 https://localhost:44383 https://*.covers.com http://*.covers.com; img-src data: https://www.facebook.com/tr/ https://pixel.mathtag.com https://*.covers.com https://www.google-analytics.com https://triathlon.sc.omtrdc.net https://cdn.brid.tv https://stats-dev.brid.tv https://dev.visualwebsiteoptimizer.com https://dpm.demdex.net https://ajax.googleapis.com https://userimages-covers-s3.s3.amazonaws.com https://images-covers-s3.s3.amazonaws.com; media-src https://cdn.brid.tv; script-src https://static.hotjar.com https://triathlon.sc.omtrdc.net 'unsafe-inline' 'unsafe-eval' https://*.covers.com https://connect.facebook.net https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://dev.visualwebsiteoptimizer.com https://assets.adobedtm.com https://ajax.googleapis.com; style-src 'self' 'unsafe-inline' http://*.covers.com https://*.covers.com https://ajax.googleapis.com;style-src-elem 'unsafe-inline' http://*.covers.com https://*.covers.com https://localhost:44383 https://fonts.googleapis.com https://fonts.gstatic.co https://ajax.googleapis.co https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://ajax.googleapis.com https://c.brid.tv;script-src-elem 'unsafe-inline' https://pixel.mathtag.com https://*.covers.com https://www.google-analytics.com https://cdn.cookielaw.org https://www.googletagmanager.com https://assets.adobedtm.com https://cdnjs.cloudflare.com https://*.hotjar.com https://ajax.googleapis.com https://connect.facebook.net https://*.brid.tv https://platform.twitter.com https://static.zdassets.com https://dev.visualwebsiteoptimizer.com https://www.google.com https://www.gstatic.com https://cdn.onesignal.com; connect-src http://*.covers.com https://*.covers.com https://www.google-analytics.com https://cdn.cookielaw.org https://*.hotjar.com https://covers.zendesk.com https://vc.hotjar.io https://dpm.demdex.net https://triathlon.sc.omtrdc.net; font-src https://*.covers.com https://fonts.gstatic.com;frame-src https://pixel.mathtag.com https://*.twitter.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.covers.com;
last-modified
Wed, 01 Mar 2023 19:17:08 GMT
server
Microsoft-IIS/10.0
etag
"052726a724cd91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
sameorigin
content-type
application/javascript
accept-ranges
bytes
jquery.validate.min.js
accounts2.covers.com/Scripts/ 		20 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts2.covers.com/Scripts/jquery.validate.min.js
Requested by
Host: accounts2.covers.com
URL: https://accounts2.covers.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.149.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-149-154.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
025a375f79bd91e31998f1f7f9b697683f5a96941a242349673a04c96471a15f
Security Headers
Name Value
Content-Security-Policy default-src http://localhost:44383 https://localhost:44383 https://*.covers.com http://*.covers.com; img-src data: https://www.facebook.com/tr/ https://pixel.mathtag.com https://*.covers.com https://www.google-analytics.com https://triathlon.sc.omtrdc.net https://cdn.brid.tv https://stats-dev.brid.tv https://dev.visualwebsiteoptimizer.com https://dpm.demdex.net https://ajax.googleapis.com https://userimages-covers-s3.s3.amazonaws.com https://images-covers-s3.s3.amazonaws.com; media-src https://cdn.brid.tv; script-src https://static.hotjar.com https://triathlon.sc.omtrdc.net 'unsafe-inline' 'unsafe-eval' https://*.covers.com https://connect.facebook.net https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://dev.visualwebsiteoptimizer.com https://assets.adobedtm.com https://ajax.googleapis.com; style-src 'self' 'unsafe-inline' http://*.covers.com https://*.covers.com https://ajax.googleapis.com;style-src-elem 'unsafe-inline' http://*.covers.com https://*.covers.com https://localhost:44383 https://fonts.googleapis.com https://fonts.gstatic.co https://ajax.googleapis.co https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://ajax.googleapis.com https://c.brid.tv;script-src-elem 'unsafe-inline' https://pixel.mathtag.com https://*.covers.com https://www.google-analytics.com https://cdn.cookielaw.org https://www.googletagmanager.com https://assets.adobedtm.com https://cdnjs.cloudflare.com https://*.hotjar.com https://ajax.googleapis.com https://connect.facebook.net https://*.brid.tv https://platform.twitter.com https://static.zdassets.com https://dev.visualwebsiteoptimizer.com https://www.google.com https://www.gstatic.com https://cdn.onesignal.com; connect-src http://*.covers.com https://*.covers.com https://www.google-analytics.com https://cdn.cookielaw.org https://*.hotjar.com https://covers.zendesk.com https://vc.hotjar.io https://dpm.demdex.net https://triathlon.sc.omtrdc.net; font-src https://*.covers.com https://fonts.gstatic.com;frame-src https://pixel.mathtag.com https://*.twitter.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.covers.com;
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts2.covers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 08 Apr 2023 15:04:41 GMT
content-encoding
gzip
content-security-policy
default-src http://localhost:44383 https://localhost:44383 https://*.covers.com http://*.covers.com; img-src data: https://www.facebook.com/tr/ https://pixel.mathtag.com https://*.covers.com https://www.google-analytics.com https://triathlon.sc.omtrdc.net https://cdn.brid.tv https://stats-dev.brid.tv https://dev.visualwebsiteoptimizer.com https://dpm.demdex.net https://ajax.googleapis.com https://userimages-covers-s3.s3.amazonaws.com https://images-covers-s3.s3.amazonaws.com; media-src https://cdn.brid.tv; script-src https://static.hotjar.com https://triathlon.sc.omtrdc.net 'unsafe-inline' 'unsafe-eval' https://*.covers.com https://connect.facebook.net https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://dev.visualwebsiteoptimizer.com https://assets.adobedtm.com https://ajax.googleapis.com; style-src 'self' 'unsafe-inline' http://*.covers.com https://*.covers.com https://ajax.googleapis.com;style-src-elem 'unsafe-inline' http://*.covers.com https://*.covers.com https://localhost:44383 https://fonts.googleapis.com https://fonts.gstatic.co https://ajax.googleapis.co https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://ajax.googleapis.com https://c.brid.tv;script-src-elem 'unsafe-inline' https://pixel.mathtag.com https://*.covers.com https://www.google-analytics.com https://cdn.cookielaw.org https://www.googletagmanager.com https://assets.adobedtm.com https://cdnjs.cloudflare.com https://*.hotjar.com https://ajax.googleapis.com https://connect.facebook.net https://*.brid.tv https://platform.twitter.com https://static.zdassets.com https://dev.visualwebsiteoptimizer.com https://www.google.com https://www.gstatic.com https://cdn.onesignal.com; connect-src http://*.covers.com https://*.covers.com https://www.google-analytics.com https://cdn.cookielaw.org https://*.hotjar.com https://covers.zendesk.com https://vc.hotjar.io https://dpm.demdex.net https://triathlon.sc.omtrdc.net; font-src https://*.covers.com https://fonts.gstatic.com;frame-src https://pixel.mathtag.com https://*.twitter.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.covers.com;
last-modified
Wed, 01 Mar 2023 19:17:08 GMT
server
Microsoft-IIS/10.0
etag
"052726a724cd91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
sameorigin
content-type
application/javascript
accept-ranges
bytes
content-length
8084
jquery.validate.unobtrusive.min.js
accounts2.covers.com/Scripts/ 		6 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts2.covers.com/Scripts/jquery.validate.unobtrusive.min.js
Requested by
Host: accounts2.covers.com
URL: https://accounts2.covers.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.149.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-149-154.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f46c9ca499e58948c90d50ea3f4504bbf6ec9bd53eddd9d0507f3edd6d74be46
Security Headers
Name Value
Content-Security-Policy default-src http://localhost:44383 https://localhost:44383 https://*.covers.com http://*.covers.com; img-src data: https://www.facebook.com/tr/ https://pixel.mathtag.com https://*.covers.com https://www.google-analytics.com https://triathlon.sc.omtrdc.net https://cdn.brid.tv https://stats-dev.brid.tv https://dev.visualwebsiteoptimizer.com https://dpm.demdex.net https://ajax.googleapis.com https://userimages-covers-s3.s3.amazonaws.com https://images-covers-s3.s3.amazonaws.com; media-src https://cdn.brid.tv; script-src https://static.hotjar.com https://triathlon.sc.omtrdc.net 'unsafe-inline' 'unsafe-eval' https://*.covers.com https://connect.facebook.net https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://dev.visualwebsiteoptimizer.com https://assets.adobedtm.com https://ajax.googleapis.com; style-src 'self' 'unsafe-inline' http://*.covers.com https://*.covers.com https://ajax.googleapis.com;style-src-elem 'unsafe-inline' http://*.covers.com https://*.covers.com https://localhost:44383 https://fonts.googleapis.com https://fonts.gstatic.co https://ajax.googleapis.co https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://ajax.googleapis.com https://c.brid.tv;script-src-elem 'unsafe-inline' https://pixel.mathtag.com https://*.covers.com https://www.google-analytics.com https://cdn.cookielaw.org https://www.googletagmanager.com https://assets.adobedtm.com https://cdnjs.cloudflare.com https://*.hotjar.com https://ajax.googleapis.com https://connect.facebook.net https://*.brid.tv https://platform.twitter.com https://static.zdassets.com https://dev.visualwebsiteoptimizer.com https://www.google.com https://www.gstatic.com https://cdn.onesignal.com; connect-src http://*.covers.com https://*.covers.com https://www.google-analytics.com https://cdn.cookielaw.org https://*.hotjar.com https://covers.zendesk.com https://vc.hotjar.io https://dpm.demdex.net https://triathlon.sc.omtrdc.net; font-src https://*.covers.com https://fonts.gstatic.com;frame-src https://pixel.mathtag.com https://*.twitter.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.covers.com;
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts2.covers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 08 Apr 2023 15:04:41 GMT
content-encoding
gzip
content-security-policy
default-src http://localhost:44383 https://localhost:44383 https://*.covers.com http://*.covers.com; img-src data: https://www.facebook.com/tr/ https://pixel.mathtag.com https://*.covers.com https://www.google-analytics.com https://triathlon.sc.omtrdc.net https://cdn.brid.tv https://stats-dev.brid.tv https://dev.visualwebsiteoptimizer.com https://dpm.demdex.net https://ajax.googleapis.com https://userimages-covers-s3.s3.amazonaws.com https://images-covers-s3.s3.amazonaws.com; media-src https://cdn.brid.tv; script-src https://static.hotjar.com https://triathlon.sc.omtrdc.net 'unsafe-inline' 'unsafe-eval' https://*.covers.com https://connect.facebook.net https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://dev.visualwebsiteoptimizer.com https://assets.adobedtm.com https://ajax.googleapis.com; style-src 'self' 'unsafe-inline' http://*.covers.com https://*.covers.com https://ajax.googleapis.com;style-src-elem 'unsafe-inline' http://*.covers.com https://*.covers.com https://localhost:44383 https://fonts.googleapis.com https://fonts.gstatic.co https://ajax.googleapis.co https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://ajax.googleapis.com https://c.brid.tv;script-src-elem 'unsafe-inline' https://pixel.mathtag.com https://*.covers.com https://www.google-analytics.com https://cdn.cookielaw.org https://www.googletagmanager.com https://assets.adobedtm.com https://cdnjs.cloudflare.com https://*.hotjar.com https://ajax.googleapis.com https://connect.facebook.net https://*.brid.tv https://platform.twitter.com https://static.zdassets.com https://dev.visualwebsiteoptimizer.com https://www.google.com https://www.gstatic.com https://cdn.onesignal.com; connect-src http://*.covers.com https://*.covers.com https://www.google-analytics.com https://cdn.cookielaw.org https://*.hotjar.com https://covers.zendesk.com https://vc.hotjar.io https://dpm.demdex.net https://triathlon.sc.omtrdc.net; font-src https://*.covers.com https://fonts.gstatic.com;frame-src https://pixel.mathtag.com https://*.twitter.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.covers.com;
last-modified
Wed, 01 Mar 2023 19:17:08 GMT
server
Microsoft-IIS/10.0
etag
"052726a724cd91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
sameorigin
content-type
application/javascript
accept-ranges
bytes
content-length
2668
jquery.unobtrusive-ajax.min.js
accounts2.covers.com/Scripts/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts2.covers.com/Scripts/jquery.unobtrusive-ajax.min.js
Requested by
Host: accounts2.covers.com
URL: https://accounts2.covers.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.149.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-149-154.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
125b6b268c7662f295b841038ca5f594ae1cd5adf116cfdf867f529dcf535a38
Security Headers
Name Value
Content-Security-Policy default-src http://localhost:44383 https://localhost:44383 https://*.covers.com http://*.covers.com; img-src data: https://www.facebook.com/tr/ https://pixel.mathtag.com https://*.covers.com https://www.google-analytics.com https://triathlon.sc.omtrdc.net https://cdn.brid.tv https://stats-dev.brid.tv https://dev.visualwebsiteoptimizer.com https://dpm.demdex.net https://ajax.googleapis.com https://userimages-covers-s3.s3.amazonaws.com https://images-covers-s3.s3.amazonaws.com; media-src https://cdn.brid.tv; script-src https://static.hotjar.com https://triathlon.sc.omtrdc.net 'unsafe-inline' 'unsafe-eval' https://*.covers.com https://connect.facebook.net https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://dev.visualwebsiteoptimizer.com https://assets.adobedtm.com https://ajax.googleapis.com; style-src 'self' 'unsafe-inline' http://*.covers.com https://*.covers.com https://ajax.googleapis.com;style-src-elem 'unsafe-inline' http://*.covers.com https://*.covers.com https://localhost:44383 https://fonts.googleapis.com https://fonts.gstatic.co https://ajax.googleapis.co https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://ajax.googleapis.com https://c.brid.tv;script-src-elem 'unsafe-inline' https://pixel.mathtag.com https://*.covers.com https://www.google-analytics.com https://cdn.cookielaw.org https://www.googletagmanager.com https://assets.adobedtm.com https://cdnjs.cloudflare.com https://*.hotjar.com https://ajax.googleapis.com https://connect.facebook.net https://*.brid.tv https://platform.twitter.com https://static.zdassets.com https://dev.visualwebsiteoptimizer.com https://www.google.com https://www.gstatic.com https://cdn.onesignal.com; connect-src http://*.covers.com https://*.covers.com https://www.google-analytics.com https://cdn.cookielaw.org https://*.hotjar.com https://covers.zendesk.com https://vc.hotjar.io https://dpm.demdex.net https://triathlon.sc.omtrdc.net; font-src https://*.covers.com https://fonts.gstatic.com;frame-src https://pixel.mathtag.com https://*.twitter.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.covers.com;
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts2.covers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 08 Apr 2023 15:04:41 GMT
content-encoding
gzip
content-security-policy
default-src http://localhost:44383 https://localhost:44383 https://*.covers.com http://*.covers.com; img-src data: https://www.facebook.com/tr/ https://pixel.mathtag.com https://*.covers.com https://www.google-analytics.com https://triathlon.sc.omtrdc.net https://cdn.brid.tv https://stats-dev.brid.tv https://dev.visualwebsiteoptimizer.com https://dpm.demdex.net https://ajax.googleapis.com https://userimages-covers-s3.s3.amazonaws.com https://images-covers-s3.s3.amazonaws.com; media-src https://cdn.brid.tv; script-src https://static.hotjar.com https://triathlon.sc.omtrdc.net 'unsafe-inline' 'unsafe-eval' https://*.covers.com https://connect.facebook.net https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://dev.visualwebsiteoptimizer.com https://assets.adobedtm.com https://ajax.googleapis.com; style-src 'self' 'unsafe-inline' http://*.covers.com https://*.covers.com https://ajax.googleapis.com;style-src-elem 'unsafe-inline' http://*.covers.com https://*.covers.com https://localhost:44383 https://fonts.googleapis.com https://fonts.gstatic.co https://ajax.googleapis.co https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://ajax.googleapis.com https://c.brid.tv;script-src-elem 'unsafe-inline' https://pixel.mathtag.com https://*.covers.com https://www.google-analytics.com https://cdn.cookielaw.org https://www.googletagmanager.com https://assets.adobedtm.com https://cdnjs.cloudflare.com https://*.hotjar.com https://ajax.googleapis.com https://connect.facebook.net https://*.brid.tv https://platform.twitter.com https://static.zdassets.com https://dev.visualwebsiteoptimizer.com https://www.google.com https://www.gstatic.com https://cdn.onesignal.com; connect-src http://*.covers.com https://*.covers.com https://www.google-analytics.com https://cdn.cookielaw.org https://*.hotjar.com https://covers.zendesk.com https://vc.hotjar.io https://dpm.demdex.net https://triathlon.sc.omtrdc.net; font-src https://*.covers.com https://fonts.gstatic.com;frame-src https://pixel.mathtag.com https://*.twitter.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.covers.com;
last-modified
Wed, 01 Mar 2023 19:17:08 GMT
server
Microsoft-IIS/10.0
etag
"052726a724cd91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
sameorigin
content-type
application/javascript
accept-ranges
bytes
content-length
1911
sitebase.js
img.covers.com/scripts/base/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.covers.com/scripts/base/sitebase.js
Requested by
Host: accounts2.covers.com
URL: https://accounts2.covers.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
a0cf6c41ddbe65700b915fdb963e1cc78210d7beadb6fde72e19a07824426dd7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts2.covers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 08 Apr 2023 15:04:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3385040
x-cache
HIT, HIT
x-imgix-id
18290f707b55f939969e2278f30b20da47f5d69e
cross-origin-resource-policy
cross-origin
content-length
1951
x-served-by
cache-sjc10050-SJC, cache-fra-eddf8230137-FRA
x-imgix-render-farm
01.9544
last-modified
Thu, 13 Apr 2017 17:14:31 GMT
server
imgix
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
account.js
accounts2.covers.com/Scripts/ 		1 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts2.covers.com/Scripts/account.js
Requested by
Host: accounts2.covers.com
URL: https://accounts2.covers.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.149.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-149-154.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c0db0558ed6640b0cae3df4184d4875dbdc07e12789351f48fb970e7ce938f36
Security Headers
Name Value
Content-Security-Policy default-src http://localhost:44383 https://localhost:44383 https://*.covers.com http://*.covers.com; img-src data: https://www.facebook.com/tr/ https://pixel.mathtag.com https://*.covers.com https://www.google-analytics.com https://triathlon.sc.omtrdc.net https://cdn.brid.tv https://stats-dev.brid.tv https://dev.visualwebsiteoptimizer.com https://dpm.demdex.net https://ajax.googleapis.com https://userimages-covers-s3.s3.amazonaws.com https://images-covers-s3.s3.amazonaws.com; media-src https://cdn.brid.tv; script-src https://static.hotjar.com https://triathlon.sc.omtrdc.net 'unsafe-inline' 'unsafe-eval' https://*.covers.com https://connect.facebook.net https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://dev.visualwebsiteoptimizer.com https://assets.adobedtm.com https://ajax.googleapis.com; style-src 'self' 'unsafe-inline' http://*.covers.com https://*.covers.com https://ajax.googleapis.com;style-src-elem 'unsafe-inline' http://*.covers.com https://*.covers.com https://localhost:44383 https://fonts.googleapis.com https://fonts.gstatic.co https://ajax.googleapis.co https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://ajax.googleapis.com https://c.brid.tv;script-src-elem 'unsafe-inline' https://pixel.mathtag.com https://*.covers.com https://www.google-analytics.com https://cdn.cookielaw.org https://www.googletagmanager.com https://assets.adobedtm.com https://cdnjs.cloudflare.com https://*.hotjar.com https://ajax.googleapis.com https://connect.facebook.net https://*.brid.tv https://platform.twitter.com https://static.zdassets.com https://dev.visualwebsiteoptimizer.com https://www.google.com https://www.gstatic.com https://cdn.onesignal.com; connect-src http://*.covers.com https://*.covers.com https://www.google-analytics.com https://cdn.cookielaw.org https://*.hotjar.com https://covers.zendesk.com https://vc.hotjar.io https://dpm.demdex.net https://triathlon.sc.omtrdc.net; font-src https://*.covers.com https://fonts.gstatic.com;frame-src https://pixel.mathtag.com https://*.twitter.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.covers.com;
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts2.covers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 08 Apr 2023 15:04:41 GMT
content-encoding
gzip
content-security-policy
default-src http://localhost:44383 https://localhost:44383 https://*.covers.com http://*.covers.com; img-src data: https://www.facebook.com/tr/ https://pixel.mathtag.com https://*.covers.com https://www.google-analytics.com https://triathlon.sc.omtrdc.net https://cdn.brid.tv https://stats-dev.brid.tv https://dev.visualwebsiteoptimizer.com https://dpm.demdex.net https://ajax.googleapis.com https://userimages-covers-s3.s3.amazonaws.com https://images-covers-s3.s3.amazonaws.com; media-src https://cdn.brid.tv; script-src https://static.hotjar.com https://triathlon.sc.omtrdc.net 'unsafe-inline' 'unsafe-eval' https://*.covers.com https://connect.facebook.net https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://dev.visualwebsiteoptimizer.com https://assets.adobedtm.com https://ajax.googleapis.com; style-src 'self' 'unsafe-inline' http://*.covers.com https://*.covers.com https://ajax.googleapis.com;style-src-elem 'unsafe-inline' http://*.covers.com https://*.covers.com https://localhost:44383 https://fonts.googleapis.com https://fonts.gstatic.co https://ajax.googleapis.co https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://ajax.googleapis.com https://c.brid.tv;script-src-elem 'unsafe-inline' https://pixel.mathtag.com https://*.covers.com https://www.google-analytics.com https://cdn.cookielaw.org https://www.googletagmanager.com https://assets.adobedtm.com https://cdnjs.cloudflare.com https://*.hotjar.com https://ajax.googleapis.com https://connect.facebook.net https://*.brid.tv https://platform.twitter.com https://static.zdassets.com https://dev.visualwebsiteoptimizer.com https://www.google.com https://www.gstatic.com https://cdn.onesignal.com; connect-src http://*.covers.com https://*.covers.com https://www.google-analytics.com https://cdn.cookielaw.org https://*.hotjar.com https://covers.zendesk.com https://vc.hotjar.io https://dpm.demdex.net https://triathlon.sc.omtrdc.net; font-src https://*.covers.com https://fonts.gstatic.com;frame-src https://pixel.mathtag.com https://*.twitter.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.covers.com;
last-modified
Wed, 01 Mar 2023 19:17:08 GMT
server
Microsoft-IIS/10.0
etag
"052726a724cd91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
sameorigin
content-type
application/javascript
accept-ranges
bytes
content-length
742
responsive_accounts.css
accounts2.covers.com/Content/css/ 		6 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts2.covers.com/Content/css/responsive_accounts.css
Requested by
Host: accounts2.covers.com
URL: https://accounts2.covers.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.149.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-149-154.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ebde597f5b1788ce1a2011772560e8b32166d6b7d1f72ecbec992fb5f0c70dcc
Security Headers
Name Value
Content-Security-Policy default-src http://localhost:44383 https://localhost:44383 https://*.covers.com http://*.covers.com; img-src data: https://www.facebook.com/tr/ https://pixel.mathtag.com https://*.covers.com https://www.google-analytics.com https://triathlon.sc.omtrdc.net https://cdn.brid.tv https://stats-dev.brid.tv https://dev.visualwebsiteoptimizer.com https://dpm.demdex.net https://ajax.googleapis.com https://userimages-covers-s3.s3.amazonaws.com https://images-covers-s3.s3.amazonaws.com; media-src https://cdn.brid.tv; script-src https://static.hotjar.com https://triathlon.sc.omtrdc.net 'unsafe-inline' 'unsafe-eval' https://*.covers.com https://connect.facebook.net https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://dev.visualwebsiteoptimizer.com https://assets.adobedtm.com https://ajax.googleapis.com; style-src 'self' 'unsafe-inline' http://*.covers.com https://*.covers.com https://ajax.googleapis.com;style-src-elem 'unsafe-inline' http://*.covers.com https://*.covers.com https://localhost:44383 https://fonts.googleapis.com https://fonts.gstatic.co https://ajax.googleapis.co https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://ajax.googleapis.com https://c.brid.tv;script-src-elem 'unsafe-inline' https://pixel.mathtag.com https://*.covers.com https://www.google-analytics.com https://cdn.cookielaw.org https://www.googletagmanager.com https://assets.adobedtm.com https://cdnjs.cloudflare.com https://*.hotjar.com https://ajax.googleapis.com https://connect.facebook.net https://*.brid.tv https://platform.twitter.com https://static.zdassets.com https://dev.visualwebsiteoptimizer.com https://www.google.com https://www.gstatic.com https://cdn.onesignal.com; connect-src http://*.covers.com https://*.covers.com https://www.google-analytics.com https://cdn.cookielaw.org https://*.hotjar.com https://covers.zendesk.com https://vc.hotjar.io https://dpm.demdex.net https://triathlon.sc.omtrdc.net; font-src https://*.covers.com https://fonts.gstatic.com;frame-src https://pixel.mathtag.com https://*.twitter.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.covers.com;
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts2.covers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 08 Apr 2023 15:04:41 GMT
content-encoding
gzip
content-security-policy
default-src http://localhost:44383 https://localhost:44383 https://*.covers.com http://*.covers.com; img-src data: https://www.facebook.com/tr/ https://pixel.mathtag.com https://*.covers.com https://www.google-analytics.com https://triathlon.sc.omtrdc.net https://cdn.brid.tv https://stats-dev.brid.tv https://dev.visualwebsiteoptimizer.com https://dpm.demdex.net https://ajax.googleapis.com https://userimages-covers-s3.s3.amazonaws.com https://images-covers-s3.s3.amazonaws.com; media-src https://cdn.brid.tv; script-src https://static.hotjar.com https://triathlon.sc.omtrdc.net 'unsafe-inline' 'unsafe-eval' https://*.covers.com https://connect.facebook.net https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://dev.visualwebsiteoptimizer.com https://assets.adobedtm.com https://ajax.googleapis.com; style-src 'self' 'unsafe-inline' http://*.covers.com https://*.covers.com https://ajax.googleapis.com;style-src-elem 'unsafe-inline' http://*.covers.com https://*.covers.com https://localhost:44383 https://fonts.googleapis.com https://fonts.gstatic.co https://ajax.googleapis.co https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://ajax.googleapis.com https://c.brid.tv;script-src-elem 'unsafe-inline' https://pixel.mathtag.com https://*.covers.com https://www.google-analytics.com https://cdn.cookielaw.org https://www.googletagmanager.com https://assets.adobedtm.com https://cdnjs.cloudflare.com https://*.hotjar.com https://ajax.googleapis.com https://connect.facebook.net https://*.brid.tv https://platform.twitter.com https://static.zdassets.com https://dev.visualwebsiteoptimizer.com https://www.google.com https://www.gstatic.com https://cdn.onesignal.com; connect-src http://*.covers.com https://*.covers.com https://www.google-analytics.com https://cdn.cookielaw.org https://*.hotjar.com https://covers.zendesk.com https://vc.hotjar.io https://dpm.demdex.net https://triathlon.sc.omtrdc.net; font-src https://*.covers.com https://fonts.gstatic.com;frame-src https://pixel.mathtag.com https://*.twitter.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.covers.com;
last-modified
Wed, 01 Mar 2023 19:17:08 GMT
server
Microsoft-IIS/10.0
etag
"052726a724cd91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
sameorigin
content-type
text/css
accept-ranges
bytes
content-length
2031
jquery.dlmenu.component.css
headers.covers.com/Content/css/ 		12 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://headers.covers.com/Content/css/jquery.dlmenu.component.css
Requested by
Host: accounts2.covers.com
URL: https://accounts2.covers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-128.fra56.r.cloudfront.net
Software
Microsoft-IIS/10.0 / covers.com
Resource Hash
371a2b4ef8afb5f5ea08672fd03f0e548398001f66a142a8179a7b2ffc9e8de6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts2.covers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 08 Apr 2023 15:04:42 GMT
via
1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P2
x-powered-by
covers.com
x-cache
Miss from cloudfront
content-length
11932
last-modified
Tue, 04 Apr 2023 14:56:40 GMT
server
Microsoft-IIS/10.0
etag
"0447aa9567d91:0"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Content-Type
x-amz-cf-id
x7YBpLR4fyudnM-yuyIbnEDxOSDqXYsekeYMMkDTu7IcG9AD82vBtQ==
jquery.dlmenu.default.css
headers.covers.com/Content/css/ 		2 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://headers.covers.com/Content/css/jquery.dlmenu.default.css
Requested by
Host: accounts2.covers.com
URL: https://accounts2.covers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-128.fra56.r.cloudfront.net
Software
Microsoft-IIS/10.0 / covers.com
Resource Hash
8832dadd1eea938404355c5cdbb48860b97554f78f6a4c107cce22c82ced2379
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts2.covers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 08 Apr 2023 15:04:42 GMT
via
1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P2
x-powered-by
covers.com
x-cache
Miss from cloudfront
content-length
2077
last-modified
Tue, 04 Apr 2023 14:56:40 GMT
server
Microsoft-IIS/10.0
etag
"0447aa9567d91:0"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Content-Type
x-amz-cf-id
2ApiJhdzlAC4UctNEjnZn2W0uY2nZuj3TSUsvRiaRUoEKJCMq-dZkw==
modernizr.custom.js
headers.covers.com/Scripts/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://headers.covers.com/Scripts/modernizr.custom.js
Requested by
Host: accounts2.covers.com
URL: https://accounts2.covers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-128.fra56.r.cloudfront.net
Software
Microsoft-IIS/10.0 / covers.com
Resource Hash
4970ceae713369b74c3adc1c51d906f161b2a91f3bbcfd4dabd4309042488ac9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts2.covers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 03:14:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
16285805
x-powered-by
covers.com
x-cache
Hit from cloudfront
last-modified
Tue, 27 Sep 2022 13:42:16 GMT
server
Microsoft-IIS/10.0
etag
W/"02ca7f476d2d81:0"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
access-control-allow-headers
Content-Type
x-amz-cf-id
6Mg5rDUVEDZEobXl5uUoAS41qO5HoQbT0VO3oq1XgsI57yUrSd6stg==
jquery.dlmenu.js
headers.covers.com/Scripts/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://headers.covers.com/Scripts/jquery.dlmenu.js
Requested by
Host: accounts2.covers.com
URL: https://accounts2.covers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-128.fra56.r.cloudfront.net
Software
Microsoft-IIS/10.0 / covers.com
Resource Hash
9a5b5aa40b2a4566db16c664b16d9d0bb8ef19fe93a31824e6750b2768d2a4d2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts2.covers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 13:40:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
2424222
x-powered-by
covers.com
x-cache
Hit from cloudfront
last-modified
Mon, 06 Mar 2023 21:01:42 GMT
server
Microsoft-IIS/10.0
etag
W/"07f1bda6e50d91:0"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
access-control-allow-headers
Content-Type
x-amz-cf-id
hfeTRwxbzKnnnyNqUqBvRu80ZYh6aWIk70AhQ28thzSxTYwRe1lxsQ==
header-logo.svg
img.covers.com/covers/header_v2/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.covers.com/covers/header_v2/header-logo.svg
Requested by
Host: accounts2.covers.com
URL: https://accounts2.covers.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
5689b47e0763d87c4887618bae600c817e009ee628c8b7254a1f3ebee2561339
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts2.covers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 08 Apr 2023 15:04:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2705044
x-cache
HIT, HIT
x-imgix-id
32e054d20bf1fbec5c18179997ad15a852fa3f0a
cross-origin-resource-policy
cross-origin
content-length
1610
x-served-by
cache-sjc10052-SJC, cache-fra-eddf8230137-FRA
x-imgix-render-farm
01.9032
last-modified
Thu, 18 Aug 2022 12:28:05 GMT
server
imgix
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
uc.js
consent.cookiebot.com/ 		0
0
datadog-rum-v3.js
www.datadoghq-browser-agent.com/ 		0
0
green-check-circle.svg
img.covers.com/covers/icons/global-icons/brand/ 		493 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.covers.com/covers/icons/global-icons/brand/green-check-circle.svg
Requested by
Host: accounts2.covers.com
URL: https://accounts2.covers.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
185063a0bca1d0e2a8e04dfd804b6cf98c934f75e8a37b94ab94636161b1dcde
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts2.covers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 08 Apr 2023 15:04:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3179627
x-cache
HIT, HIT
x-imgix-id
7c85e29db814c2cc515193a6a29d5993dbeb37ec
cross-origin-resource-policy
cross-origin
content-length
310
x-served-by
cache-sjc10078-SJC, cache-fra-eddf8230137-FRA
x-imgix-render-farm
01.9544
last-modified
Thu, 08 Jul 2021 13:26:33 GMT
server
imgix
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
google-analytics.js
headers.covers.com/scripts/ 		952 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://headers.covers.com/scripts/google-analytics.js
Requested by
Host: accounts2.covers.com
URL: https://accounts2.covers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-128.fra56.r.cloudfront.net
Software
Microsoft-IIS/10.0 / covers.com
Resource Hash
240eda595f1f6a45a60ac21d243da288833d6a8e2a028646e5bc720b531c36f1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts2.covers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 01:14:37 GMT
via
1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P2
age
2555405
x-powered-by
covers.com
x-cache
Hit from cloudfront
content-length
952
last-modified
Mon, 06 Mar 2023 21:01:42 GMT
server
Microsoft-IIS/10.0
etag
"07f1bda6e50d91:0"
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Content-Type
x-amz-cf-id
ZDNS-rs9Czb4ns-OzFivWmfaxxgHoJJdswiNl21H4Olq_DyTs0UYUg==
AdobeConnectorMini.js
headers.covers.com/Scripts/ 		187 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://headers.covers.com/Scripts/AdobeConnectorMini.js?v=1.3
Requested by
Host: accounts2.covers.com
URL: https://accounts2.covers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-128.fra56.r.cloudfront.net
Software
Microsoft-IIS/10.0 / covers.com
Resource Hash
e2614b5d3564c4adcc14dc9f58a6021e5b33e58d2e748adf2c7ed779d02c9fda
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts2.covers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 08 Apr 2023 15:04:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-powered-by
covers.com
x-cache
Miss from cloudfront
pragma
no-cache
server
Microsoft-IIS/10.0
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
Content-Type
x-amz-cf-id
FCQq0WJkly8sk7bigJg30SHyCZHAmtf0qUFzRDJ9vMmKv1MByElh2w==
expires
-1
Header.js
headers.covers.com/Scripts/ 		47 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://headers.covers.com/Scripts/Header.js?v=1.2
Requested by
Host: accounts2.covers.com
URL: https://accounts2.covers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-128.fra56.r.cloudfront.net
Software
Microsoft-IIS/10.0 / covers.com
Resource Hash
42a209502af65f817241bc59e1457a9826cea242071ea916a9ed2a6e0816f841
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts2.covers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 30 May 2022 07:33:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
27070267
x-powered-by
covers.com
x-cache
Hit from cloudfront
last-modified
Tue, 24 May 2022 17:37:02 GMT
server
Microsoft-IIS/10.0
etag
W/"0b383e0946fd81:0"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
access-control-allow-headers
Content-Type
x-amz-cf-id
rKT4nVq3lRog83UndJasCxzx34LeK47dn35nINM8Dwacn40rq41Ofw==
api.js
accounts2.covers.com/scripts/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts2.covers.com/scripts/api.js
Requested by
Host: accounts2.covers.com
URL: https://accounts2.covers.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.149.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-149-154.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6c3ca80c56e793591e0e338545c2deb20526cf1249a150e7cf823ebfa3da4e59
Security Headers
Name Value
Content-Security-Policy default-src http://localhost:44383 https://localhost:44383 https://*.covers.com http://*.covers.com; img-src data: https://www.facebook.com/tr/ https://pixel.mathtag.com https://*.covers.com https://www.google-analytics.com https://triathlon.sc.omtrdc.net https://cdn.brid.tv https://stats-dev.brid.tv https://dev.visualwebsiteoptimizer.com https://dpm.demdex.net https://ajax.googleapis.com https://userimages-covers-s3.s3.amazonaws.com https://images-covers-s3.s3.amazonaws.com; media-src https://cdn.brid.tv; script-src https://static.hotjar.com https://triathlon.sc.omtrdc.net 'unsafe-inline' 'unsafe-eval' https://*.covers.com https://connect.facebook.net https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://dev.visualwebsiteoptimizer.com https://assets.adobedtm.com https://ajax.googleapis.com; style-src 'self' 'unsafe-inline' http://*.covers.com https://*.covers.com https://ajax.googleapis.com;style-src-elem 'unsafe-inline' http://*.covers.com https://*.covers.com https://localhost:44383 https://fonts.googleapis.com https://fonts.gstatic.co https://ajax.googleapis.co https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://ajax.googleapis.com https://c.brid.tv;script-src-elem 'unsafe-inline' https://pixel.mathtag.com https://*.covers.com https://www.google-analytics.com https://cdn.cookielaw.org https://www.googletagmanager.com https://assets.adobedtm.com https://cdnjs.cloudflare.com https://*.hotjar.com https://ajax.googleapis.com https://connect.facebook.net https://*.brid.tv https://platform.twitter.com https://static.zdassets.com https://dev.visualwebsiteoptimizer.com https://www.google.com https://www.gstatic.com https://cdn.onesignal.com; connect-src http://*.covers.com https://*.covers.com https://www.google-analytics.com https://cdn.cookielaw.org https://*.hotjar.com https://covers.zendesk.com https://vc.hotjar.io https://dpm.demdex.net https://triathlon.sc.omtrdc.net; font-src https://*.covers.com https://fonts.gstatic.com;frame-src https://pixel.mathtag.com https://*.twitter.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.covers.com;
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts2.covers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 08 Apr 2023 15:04:42 GMT
content-encoding
gzip
content-security-policy
default-src http://localhost:44383 https://localhost:44383 https://*.covers.com http://*.covers.com; img-src data: https://www.facebook.com/tr/ https://pixel.mathtag.com https://*.covers.com https://www.google-analytics.com https://triathlon.sc.omtrdc.net https://cdn.brid.tv https://stats-dev.brid.tv https://dev.visualwebsiteoptimizer.com https://dpm.demdex.net https://ajax.googleapis.com https://userimages-covers-s3.s3.amazonaws.com https://images-covers-s3.s3.amazonaws.com; media-src https://cdn.brid.tv; script-src https://static.hotjar.com https://triathlon.sc.omtrdc.net 'unsafe-inline' 'unsafe-eval' https://*.covers.com https://connect.facebook.net https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://dev.visualwebsiteoptimizer.com https://assets.adobedtm.com https://ajax.googleapis.com; style-src 'self' 'unsafe-inline' http://*.covers.com https://*.covers.com https://ajax.googleapis.com;style-src-elem 'unsafe-inline' http://*.covers.com https://*.covers.com https://localhost:44383 https://fonts.googleapis.com https://fonts.gstatic.co https://ajax.googleapis.co https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://ajax.googleapis.com https://c.brid.tv;script-src-elem 'unsafe-inline' https://pixel.mathtag.com https://*.covers.com https://www.google-analytics.com https://cdn.cookielaw.org https://www.googletagmanager.com https://assets.adobedtm.com https://cdnjs.cloudflare.com https://*.hotjar.com https://ajax.googleapis.com https://connect.facebook.net https://*.brid.tv https://platform.twitter.com https://static.zdassets.com https://dev.visualwebsiteoptimizer.com https://www.google.com https://www.gstatic.com https://cdn.onesignal.com; connect-src http://*.covers.com https://*.covers.com https://www.google-analytics.com https://cdn.cookielaw.org https://*.hotjar.com https://covers.zendesk.com https://vc.hotjar.io https://dpm.demdex.net https://triathlon.sc.omtrdc.net; font-src https://*.covers.com https://fonts.gstatic.com;frame-src https://pixel.mathtag.com https://*.twitter.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.covers.com;
last-modified
Wed, 01 Mar 2023 19:17:08 GMT
server
Microsoft-IIS/10.0
etag
"052726a724cd91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
sameorigin
content-type
application/javascript
accept-ranges
bytes
content-length
2194
headers.css
headers.covers.com/content/css/ 		158 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://headers.covers.com/content/css/headers.css?v=2.4
Requested by
Host: accounts2.covers.com
URL: https://accounts2.covers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-128.fra56.r.cloudfront.net
Software
Microsoft-IIS/10.0 / covers.com
Resource Hash
4f1925bd88c9b072b47369a705e8611dabba9175f90e7df2b5503bd2ec273d61
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts2.covers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 01:03:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
12578501
x-powered-by
covers.com
x-cache
Hit from cloudfront
last-modified
Wed, 09 Nov 2022 14:24:30 GMT
server
Microsoft-IIS/10.0
etag
W/"023ccfa46f4d81:0"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=31536000
access-control-allow-headers
Content-Type
x-amz-cf-id
mbQSnS2sywZQ1tuUpXFB74oLtMJgbr5QLHbZi6LKuuskoPKEgXzwgw==
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: accounts2.covers.com
URL: https://accounts2.covers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts2.covers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 08 Apr 2023 14:05:12 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
3570
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Sat, 08 Apr 2023 16:05:12 GMT
gtm.js
www.googletagmanager.com/ 		226 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W9GXHN
Requested by
Host: accounts2.covers.com
URL: https://accounts2.covers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b73422069c8e262b55ba170a45d0cbcf158103e2fb4085c41baa8b37b49f65f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts2.covers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 08 Apr 2023 15:04:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75822
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 08 Apr 2023 15:04:42 GMT
j.php
dev.visualwebsiteoptimizer.com/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=161051&u=https%3A%2F%2Faccounts2.covers.com%2F&f=1&r=0.06045550262370303
Requested by
Host: accounts2.covers.com
URL: https://accounts2.covers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
8ad811ffd3365458a48877f7f2f6e56e4f0856f4a49c485264616d2dd7b1524b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts2.covers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 08 Apr 2023 15:04:42 GMT
content-encoding
gzip
via
1.1 google
server
gfra1
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0, no-cache, must-revalidate
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
inter_medium.woff2
img.covers.com/covers/fonts/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://img.covers.com/covers/fonts/inter_medium.woff2
Requested by
Host: headers.covers.com
URL: https://headers.covers.com/content/css/critical-css.css?v=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
acdc8f60059cbf557957869f544dce756689a499c506856522204b3ea06be8c7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://headers.covers.com/
Origin
https://accounts2.covers.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 08 Apr 2023 15:04:42 GMT
x-content-type-options
nosniff
age
2783492
x-cache
HIT, HIT
x-imgix-id
2de574dceefa0c9ac44572b95bfb3040edb2fb07
cross-origin-resource-policy
cross-origin
content-length
37780
x-served-by
cache-sjc10060-SJC, cache-fra-eddf8230113-FRA
x-imgix-render-farm
01.9544
last-modified
Fri, 04 Feb 2022 16:12:36 GMT
server
imgix
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
GetUserCountryCode
www.covers.com/betting/ 		0
0
25-years.png
img.covers.com/covers/footer/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.covers.com/covers/footer/25-years.png
Requested by
Host: accounts2.covers.com
URL: https://accounts2.covers.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
1c2f91afa93553355f86abfb0aa9ca7516c4a877efd4a0a333c558ecf5045604
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts2.covers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 08 Apr 2023 15:04:42 GMT
x-content-type-options
nosniff
age
971862
x-cache
HIT, HIT
x-imgix-id
b65e9763937bda95da47ef29e76cf90f4453176b
cross-origin-resource-policy
cross-origin
content-length
2699
x-served-by
cache-sjc10022-SJC, cache-fra-eddf8230137-FRA
x-imgix-render-farm
01.9544
last-modified
Mon, 30 Mar 2020 13:48:51 GMT
server
imgix
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2628000
accept-ranges
bytes
timing-allow-origin
*
nav_yt_white.png
img.covers.com/covers/header/ 		315 B
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.covers.com/covers/header/nav_yt_white.png
Requested by
Host: accounts2.covers.com
URL: https://accounts2.covers.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
02cf5509eecee41969df838549c7ff6bbd0d2010fa4559b9c7f13f16d1403f73
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts2.covers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 08 Apr 2023 15:04:42 GMT
x-content-type-options
nosniff
age
360900
x-cache
HIT, HIT
x-imgix-id
e3de1d94416363af8a5439afea4b22b9a9db8f2b
cross-origin-resource-policy
cross-origin
content-length
315
x-served-by
cache-sjc10040-SJC, cache-fra-eddf8230137-FRA
x-imgix-render-farm
01.9544
last-modified
Wed, 06 Jun 2018 15:48:44 GMT
server
imgix
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2628000
accept-ranges
bytes
timing-allow-origin
*
nav_facebook_white.png
img.covers.com/covers/header/ 		226 B
388 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.covers.com/covers/header/nav_facebook_white.png
Requested by
Host: accounts2.covers.com
URL: https://accounts2.covers.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
84d212a088e94381c9c0be33918e86ab2045c33eda23b6aeb83fc3258bd27df6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts2.covers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 08 Apr 2023 15:04:42 GMT
x-content-type-options
nosniff
age
999870
x-cache
HIT, HIT
x-imgix-id
9e80c24dcdb553c30e1990788728f8c38dab2b49
cross-origin-resource-policy
cross-origin
content-length
226
x-served-by
cache-sjc10032-SJC, cache-fra-eddf8230137-FRA
x-imgix-render-farm
01.9032
last-modified
Wed, 06 Jun 2018 15:48:39 GMT
server
imgix
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2628000
accept-ranges
bytes
timing-allow-origin
*
nav_twitter_white.png
img.covers.com/covers/header/ 		396 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.covers.com/covers/header/nav_twitter_white.png
Requested by
Host: accounts2.covers.com
URL: https://accounts2.covers.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
cbea044ef8062ae67c1fdbde17c5661038013594c86e49d638befb8a3597de37
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts2.covers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 08 Apr 2023 15:04:42 GMT
x-content-type-options
nosniff
age
1406743
x-cache
HIT, HIT
x-imgix-id
024a367eacfa52a9df663aae0ea8c258bf42d128
cross-origin-resource-policy
cross-origin
content-length
396
x-served-by
cache-sjc10027-SJC, cache-fra-eddf8230137-FRA
x-imgix-render-farm
01.9032
last-modified
Wed, 06 Jun 2018 15:48:46 GMT
server
imgix
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2628000
accept-ranges
bytes
timing-allow-origin
*
insta.png
img.covers.com/covers/header/ 		408 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.covers.com/covers/header/insta.png
Requested by
Host: accounts2.covers.com
URL: https://accounts2.covers.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
9b405f7036a08d1687f1a1da0449e1f5408382910cdbf07e86450e1def46fd85
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts2.covers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 08 Apr 2023 15:04:42 GMT
x-content-type-options
nosniff
age
1495577
x-cache
HIT, HIT
x-imgix-id
09dd15e1c5f0404d4aab80783bbc8a699664bc88
cross-origin-resource-policy
cross-origin
content-length
408
x-served-by
cache-sjc10071-SJC, cache-fra-eddf8230137-FRA
x-imgix-render-farm
01.0
last-modified
Mon, 26 Nov 2018 15:18:30 GMT
server
imgix
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2628000
accept-ranges
bytes
timing-allow-origin
*
linkedin.png
img.covers.com/covers/header/ 		502 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.covers.com/covers/header/linkedin.png
Requested by
Host: accounts2.covers.com
URL: https://accounts2.covers.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
432744dcccc52c2c56491013748e40af1f7f7a324be5ecb4257517c0cdfe6bc7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts2.covers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 08 Apr 2023 15:04:42 GMT
x-content-type-options
nosniff
age
1404760
x-cache
HIT, HIT
x-imgix-id
8ee3f93eebb9540de5289e50d806eacf6150837a
cross-origin-resource-policy
cross-origin
content-length
502
x-served-by
cache-sjc10067-SJC, cache-fra-eddf8230137-FRA
x-imgix-render-farm
01.9544
last-modified
Thu, 24 Oct 2019 14:00:56 GMT
server
imgix
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2628000
accept-ranges
bytes
timing-allow-origin
*
evalon.png
img.covers.com/covers/footer/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.covers.com/covers/footer/evalon.png
Requested by
Host: accounts2.covers.com
URL: https://accounts2.covers.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
cb068e1e84ba2e68c0d311ea3f0a0484652b067e5b2ea8ffef3314cd379a7459
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts2.covers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 08 Apr 2023 15:04:42 GMT
x-content-type-options
nosniff
age
1869342
x-cache
HIT, HIT
x-imgix-id
09800066352b75f6e5d436e1a1c68084a75a40d8
cross-origin-resource-policy
cross-origin
content-length
2372
x-served-by
cache-sjc10054-SJC, cache-fra-eddf8230137-FRA
x-imgix-render-farm
01.9544
last-modified
Mon, 30 Mar 2020 13:19:11 GMT
server
imgix
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2628000
accept-ranges
bytes
timing-allow-origin
*
gpwa.png
img.covers.com/covers/footer/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.covers.com/covers/footer/gpwa.png
Requested by
Host: accounts2.covers.com
URL: https://accounts2.covers.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
e56bf8e0a44d8ee030eb49988c6b14ba35aba663792389104df8e1548bf91fa6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts2.covers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 08 Apr 2023 15:04:42 GMT
x-content-type-options
nosniff
age
502294
x-cache
HIT, HIT
x-imgix-id
8ed674af58f927e2b70d7b79960bfd66df447e8f
cross-origin-resource-policy
cross-origin
content-length
3546
x-served-by
cache-sjc10054-SJC, cache-fra-eddf8230137-FRA
x-imgix-render-farm
01.9032
last-modified
Mon, 05 Oct 2020 15:23:07 GMT
server
imgix
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2628000
accept-ranges
bytes
timing-allow-origin
*
gdpr.png
img.covers.com/covers/footer/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.covers.com/covers/footer/gdpr.png
Requested by
Host: accounts2.covers.com
URL: https://accounts2.covers.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
c45964cd087cdf4f6595b22cf4849b9dd5ab866f42260f01ec97fec1b9732bf4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts2.covers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 08 Apr 2023 15:04:42 GMT
x-content-type-options
nosniff
age
2166362
x-cache
HIT, HIT
x-imgix-id
d58ccf54d0ce68250434806e15ae14b3b5ddf3af
cross-origin-resource-policy
cross-origin
content-length
2232
x-served-by
cache-sjc10077-SJC, cache-fra-eddf8230137-FRA
x-imgix-render-farm
01.9544
last-modified
Mon, 30 Mar 2020 13:19:11 GMT
server
imgix
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2628000
accept-ranges
bytes
timing-allow-origin
*
geo-trust.png
img.covers.com/covers/footer/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.covers.com/covers/footer/geo-trust.png
Requested by
Host: accounts2.covers.com
URL: https://accounts2.covers.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
3f04ef0d82bf795769cdca5cf2b4145f738034bc1dfcbb71f9e61c048c9cca0f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts2.covers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 08 Apr 2023 15:04:42 GMT
x-content-type-options
nosniff
age
1072363
x-cache
HIT, HIT
x-imgix-id
1a149161a5bd95150481fd25ed18192bfd34a0bc
cross-origin-resource-policy
cross-origin
content-length
3148
x-served-by
cache-sjc10040-SJC, cache-fra-eddf8230137-FRA
x-imgix-render-farm
01.9544
last-modified
Mon, 30 Mar 2020 13:19:09 GMT
server
imgix
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2628000
accept-ranges
bytes
timing-allow-origin
*
pci.png
img.covers.com/covers/footer/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.covers.com/covers/footer/pci.png
Requested by
Host: accounts2.covers.com
URL: https://accounts2.covers.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
097a075f19a255caffd287db283a8aebdee98ea2b6b2cae3ed66b26ab0c8b52b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts2.covers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 08 Apr 2023 15:04:42 GMT
x-content-type-options
nosniff
age
498706
x-cache
HIT, HIT
x-imgix-id
549d1322b82bd06e972d5d0dd00d036f00dc5d0a
cross-origin-resource-policy
cross-origin
content-length
2576
x-served-by
cache-sjc10054-SJC, cache-fra-eddf8230137-FRA
x-imgix-render-farm
01.9544
last-modified
Mon, 30 Mar 2020 13:19:11 GMT
server
imgix
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2628000
accept-ranges
bytes
timing-allow-origin
*
covers-logo-new.svg
headers.covers.com/content/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://headers.covers.com/content/images/covers-logo-new.svg
Requested by
Host: accounts2.covers.com
URL: https://accounts2.covers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-128.fra56.r.cloudfront.net
Software
Microsoft-IIS/10.0 / covers.com
Resource Hash
c75a5b891af4081d0c9ef70dc21e4512a2118d1a743729e5ca45ef298b952180
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts2.covers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 00:16:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
6446896
x-powered-by
covers.com
x-cache
Hit from cloudfront
last-modified
Thu, 12 Jan 2023 15:28:36 GMT
server
Microsoft-IIS/10.0
etag
W/"02aa1899a26d91:0"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public,max-age=31536000
access-control-allow-headers
Content-Type
x-amz-cf-id
lGOGhZ0ptyd32AjjSbln_dGd8qLDQ9TOTtPBbP-f0Rk-3xne0KG-yA==
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts2.covers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 08 Apr 2023 15:04:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 08 Apr 2023 16:04:06 GMT
js
www.google-analytics.com/gtm/ 		113 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-WS5FMXM&cid=560608635.1680966282
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ac636e5c18c5e51ef2c463cf0f9915a63c162a2ac939c3527d7a7df45da30fac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts2.covers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 08 Apr 2023 15:04:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
45261
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 08 Apr 2023 15:04:42 GMT
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=161051&d=accounts2.covers.com&u=D127991732919A7F549E0CBAA432758F3&h=ec10a2cc16c214f348a4effda0dcb641&t=false&r=0.134308876830751
Requested by
Host: accounts2.covers.com
URL: https://accounts2.covers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv3c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts2.covers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 Apr 2023 15:04:41 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv3c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
fbevents.js
connect.facebook.net/en_US/ 		107 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: accounts2.covers.com
URL: https://accounts2.covers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dbf060c555e91a539d9cb849f4aa0c656db9b0a1da32c99aafb12d7c508c6849
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts2.covers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 08 Apr 2023 15:04:42 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27909
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
XAwkZHOMkdiJJsvizlHxHAikZK8QziaTq2+YKHe6Ozt3g7nHQ6DxJx2Y3ctxCI+4ONgfPf4xtHEXBD9CQx2lbg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel.js
www.redditstatic.com/ads/ 		0
0
ResponsiveUserHeader
accounts2.covers.com/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts2.covers.com/ResponsiveUserHeader?callback=jQuery351007347963358756959_1680966281844&returnUrl=https%3A%2F%2Faccounts2.covers.com%2F&_=1680966281845
Requested by
Host: headers.covers.com
URL: https://headers.covers.com/Scripts/AllExternal.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.149.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-149-154.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
740f0096bec060385cf4e9b4ca418a64cfc7e2a905c1eb7d568142115c9d66e4
Security Headers
Name Value
Content-Security-Policy default-src http://localhost:44383 https://localhost:44383 https://*.covers.com http://*.covers.com; img-src data: https://www.facebook.com/tr/ https://pixel.mathtag.com https://*.covers.com https://www.google-analytics.com https://triathlon.sc.omtrdc.net https://cdn.brid.tv https://stats-dev.brid.tv https://dev.visualwebsiteoptimizer.com https://dpm.demdex.net https://ajax.googleapis.com https://userimages-covers-s3.s3.amazonaws.com https://images-covers-s3.s3.amazonaws.com; media-src https://cdn.brid.tv; script-src https://static.hotjar.com https://triathlon.sc.omtrdc.net 'unsafe-inline' 'unsafe-eval' https://*.covers.com https://connect.facebook.net https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://dev.visualwebsiteoptimizer.com https://assets.adobedtm.com https://ajax.googleapis.com; style-src 'self' 'unsafe-inline' http://*.covers.com https://*.covers.com https://ajax.googleapis.com;style-src-elem 'unsafe-inline' http://*.covers.com https://*.covers.com https://localhost:44383 https://fonts.googleapis.com https://fonts.gstatic.co https://ajax.googleapis.co https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://ajax.googleapis.com https://c.brid.tv;script-src-elem 'unsafe-inline' https://pixel.mathtag.com https://*.covers.com https://www.google-analytics.com https://cdn.cookielaw.org https://www.googletagmanager.com https://assets.adobedtm.com https://cdnjs.cloudflare.com https://*.hotjar.com https://ajax.googleapis.com https://connect.facebook.net https://*.brid.tv https://platform.twitter.com https://static.zdassets.com https://dev.visualwebsiteoptimizer.com https://www.google.com https://www.gstatic.com https://cdn.onesignal.com; connect-src http://*.covers.com https://*.covers.com https://www.google-analytics.com https://cdn.cookielaw.org https://*.hotjar.com https://covers.zendesk.com https://vc.hotjar.io https://dpm.demdex.net https://triathlon.sc.omtrdc.net; font-src https://*.covers.com https://fonts.gstatic.com;frame-src https://pixel.mathtag.com https://*.twitter.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.covers.com;
X-Frame-Options sameorigin

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://accounts2.covers.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 08 Apr 2023 15:04:42 GMT
content-encoding
gzip
content-security-policy
default-src http://localhost:44383 https://localhost:44383 https://*.covers.com http://*.covers.com; img-src data: https://www.facebook.com/tr/ https://pixel.mathtag.com https://*.covers.com https://www.google-analytics.com https://triathlon.sc.omtrdc.net https://cdn.brid.tv https://stats-dev.brid.tv https://dev.visualwebsiteoptimizer.com https://dpm.demdex.net https://ajax.googleapis.com https://userimages-covers-s3.s3.amazonaws.com https://images-covers-s3.s3.amazonaws.com; media-src https://cdn.brid.tv; script-src https://static.hotjar.com https://triathlon.sc.omtrdc.net 'unsafe-inline' 'unsafe-eval' https://*.covers.com https://connect.facebook.net https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://dev.visualwebsiteoptimizer.com https://assets.adobedtm.com https://ajax.googleapis.com; style-src 'self' 'unsafe-inline' http://*.covers.com https://*.covers.com https://ajax.googleapis.com;style-src-elem 'unsafe-inline' http://*.covers.com https://*.covers.com https://localhost:44383 https://fonts.googleapis.com https://fonts.gstatic.co https://ajax.googleapis.co https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://ajax.googleapis.com https://c.brid.tv;script-src-elem 'unsafe-inline' https://pixel.mathtag.com https://*.covers.com https://www.google-analytics.com https://cdn.cookielaw.org https://www.googletagmanager.com https://assets.adobedtm.com https://cdnjs.cloudflare.com https://*.hotjar.com https://ajax.googleapis.com https://connect.facebook.net https://*.brid.tv https://platform.twitter.com https://static.zdassets.com https://dev.visualwebsiteoptimizer.com https://www.google.com https://www.gstatic.com https://cdn.onesignal.com; connect-src http://*.covers.com https://*.covers.com https://www.google-analytics.com https://cdn.cookielaw.org https://*.hotjar.com https://covers.zendesk.com https://vc.hotjar.io https://dpm.demdex.net https://triathlon.sc.omtrdc.net; font-src https://*.covers.com https://fonts.gstatic.com;frame-src https://pixel.mathtag.com https://*.twitter.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.covers.com;
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
sameorigin
content-type
application/javascript; charset=utf-8
cache-control
private
content-length
1200
collect
www.google-analytics.com/j/ 		3 B
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=1513387513&t=pageview&_s=1&dl=https%3A%2F%2Faccounts2.covers.com%2F&ul=en-us&de=UTF-8&dt=Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEAjQAAAACAAI~&jid=876409497&gjid=124808407&cid=560608635.1680966282&tid=UA-3281509-5&_gid=133558651.1680966282&_r=1&_slc=1&z=1282496856
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://accounts2.covers.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 08 Apr 2023 15:04:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://accounts2.covers.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&aip=1&a=1513387513&t=pageview&_s=2&dl=https%3A%2F%2Faccounts2.covers.com%2F&ul=en-us&de=UTF-8&dt=Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEAjQAAAACAAI~&jid=&gjid=&cid=560608635.1680966282&tid=UA-3281509-5&_gid=133558651.1680966282&z=727222985
Requested by
Host: accounts2.covers.com
URL: https://accounts2.covers.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts2.covers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Apr 2023 18:05:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
75570
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ResponsiveUserHeader
accounts2.covers.com/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts2.covers.com/ResponsiveUserHeader?callback=jQuery351007347963358756959_1680966281846&_=1680966281847
Requested by
Host: headers.covers.com
URL: https://headers.covers.com/Scripts/AllExternal.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.149.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-149-154.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4446fa1f9f31ae221589da278739dd7d9d1f3044619c277976f5ca5eac9297de
Security Headers
Name Value
Content-Security-Policy default-src http://localhost:44383 https://localhost:44383 https://*.covers.com http://*.covers.com; img-src data: https://www.facebook.com/tr/ https://pixel.mathtag.com https://*.covers.com https://www.google-analytics.com https://triathlon.sc.omtrdc.net https://cdn.brid.tv https://stats-dev.brid.tv https://dev.visualwebsiteoptimizer.com https://dpm.demdex.net https://ajax.googleapis.com https://userimages-covers-s3.s3.amazonaws.com https://images-covers-s3.s3.amazonaws.com; media-src https://cdn.brid.tv; script-src https://static.hotjar.com https://triathlon.sc.omtrdc.net 'unsafe-inline' 'unsafe-eval' https://*.covers.com https://connect.facebook.net https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://dev.visualwebsiteoptimizer.com https://assets.adobedtm.com https://ajax.googleapis.com; style-src 'self' 'unsafe-inline' http://*.covers.com https://*.covers.com https://ajax.googleapis.com;style-src-elem 'unsafe-inline' http://*.covers.com https://*.covers.com https://localhost:44383 https://fonts.googleapis.com https://fonts.gstatic.co https://ajax.googleapis.co https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://ajax.googleapis.com https://c.brid.tv;script-src-elem 'unsafe-inline' https://pixel.mathtag.com https://*.covers.com https://www.google-analytics.com https://cdn.cookielaw.org https://www.googletagmanager.com https://assets.adobedtm.com https://cdnjs.cloudflare.com https://*.hotjar.com https://ajax.googleapis.com https://connect.facebook.net https://*.brid.tv https://platform.twitter.com https://static.zdassets.com https://dev.visualwebsiteoptimizer.com https://www.google.com https://www.gstatic.com https://cdn.onesignal.com; connect-src http://*.covers.com https://*.covers.com https://www.google-analytics.com https://cdn.cookielaw.org https://*.hotjar.com https://covers.zendesk.com https://vc.hotjar.io https://dpm.demdex.net https://triathlon.sc.omtrdc.net; font-src https://*.covers.com https://fonts.gstatic.com;frame-src https://pixel.mathtag.com https://*.twitter.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.covers.com;
X-Frame-Options sameorigin

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://accounts2.covers.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 08 Apr 2023 15:04:42 GMT
content-encoding
gzip
content-security-policy
default-src http://localhost:44383 https://localhost:44383 https://*.covers.com http://*.covers.com; img-src data: https://www.facebook.com/tr/ https://pixel.mathtag.com https://*.covers.com https://www.google-analytics.com https://triathlon.sc.omtrdc.net https://cdn.brid.tv https://stats-dev.brid.tv https://dev.visualwebsiteoptimizer.com https://dpm.demdex.net https://ajax.googleapis.com https://userimages-covers-s3.s3.amazonaws.com https://images-covers-s3.s3.amazonaws.com; media-src https://cdn.brid.tv; script-src https://static.hotjar.com https://triathlon.sc.omtrdc.net 'unsafe-inline' 'unsafe-eval' https://*.covers.com https://connect.facebook.net https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://dev.visualwebsiteoptimizer.com https://assets.adobedtm.com https://ajax.googleapis.com; style-src 'self' 'unsafe-inline' http://*.covers.com https://*.covers.com https://ajax.googleapis.com;style-src-elem 'unsafe-inline' http://*.covers.com https://*.covers.com https://localhost:44383 https://fonts.googleapis.com https://fonts.gstatic.co https://ajax.googleapis.co https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://ajax.googleapis.com https://c.brid.tv;script-src-elem 'unsafe-inline' https://pixel.mathtag.com https://*.covers.com https://www.google-analytics.com https://cdn.cookielaw.org https://www.googletagmanager.com https://assets.adobedtm.com https://cdnjs.cloudflare.com https://*.hotjar.com https://ajax.googleapis.com https://connect.facebook.net https://*.brid.tv https://platform.twitter.com https://static.zdassets.com https://dev.visualwebsiteoptimizer.com https://www.google.com https://www.gstatic.com https://cdn.onesignal.com; connect-src http://*.covers.com https://*.covers.com https://www.google-analytics.com https://cdn.cookielaw.org https://*.hotjar.com https://covers.zendesk.com https://vc.hotjar.io https://dpm.demdex.net https://triathlon.sc.omtrdc.net; font-src https://*.covers.com https://fonts.gstatic.com;frame-src https://pixel.mathtag.com https://*.twitter.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.covers.com;
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
sameorigin
content-type
application/javascript; charset=utf-8
cache-control
private
content-length
1201
ResponsiveUserHeader
accounts2.covers.com/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts2.covers.com/ResponsiveUserHeader?callback=jQuery351007347963358756959_1680966281848&_=1680966281849
Requested by
Host: headers.covers.com
URL: https://headers.covers.com/Scripts/AllExternal.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.149.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-149-154.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
baa0efad66695b4e0015e8b8d9288621e077c71795b1c39e8552ecb165060a1c
Security Headers
Name Value
Content-Security-Policy default-src http://localhost:44383 https://localhost:44383 https://*.covers.com http://*.covers.com; img-src data: https://www.facebook.com/tr/ https://pixel.mathtag.com https://*.covers.com https://www.google-analytics.com https://triathlon.sc.omtrdc.net https://cdn.brid.tv https://stats-dev.brid.tv https://dev.visualwebsiteoptimizer.com https://dpm.demdex.net https://ajax.googleapis.com https://userimages-covers-s3.s3.amazonaws.com https://images-covers-s3.s3.amazonaws.com; media-src https://cdn.brid.tv; script-src https://static.hotjar.com https://triathlon.sc.omtrdc.net 'unsafe-inline' 'unsafe-eval' https://*.covers.com https://connect.facebook.net https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://dev.visualwebsiteoptimizer.com https://assets.adobedtm.com https://ajax.googleapis.com; style-src 'self' 'unsafe-inline' http://*.covers.com https://*.covers.com https://ajax.googleapis.com;style-src-elem 'unsafe-inline' http://*.covers.com https://*.covers.com https://localhost:44383 https://fonts.googleapis.com https://fonts.gstatic.co https://ajax.googleapis.co https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://ajax.googleapis.com https://c.brid.tv;script-src-elem 'unsafe-inline' https://pixel.mathtag.com https://*.covers.com https://www.google-analytics.com https://cdn.cookielaw.org https://www.googletagmanager.com https://assets.adobedtm.com https://cdnjs.cloudflare.com https://*.hotjar.com https://ajax.googleapis.com https://connect.facebook.net https://*.brid.tv https://platform.twitter.com https://static.zdassets.com https://dev.visualwebsiteoptimizer.com https://www.google.com https://www.gstatic.com https://cdn.onesignal.com; connect-src http://*.covers.com https://*.covers.com https://www.google-analytics.com https://cdn.cookielaw.org https://*.hotjar.com https://covers.zendesk.com https://vc.hotjar.io https://dpm.demdex.net https://triathlon.sc.omtrdc.net; font-src https://*.covers.com https://fonts.gstatic.com;frame-src https://pixel.mathtag.com https://*.twitter.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.covers.com;
X-Frame-Options sameorigin

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://accounts2.covers.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 08 Apr 2023 15:04:42 GMT
content-encoding
gzip
content-security-policy
default-src http://localhost:44383 https://localhost:44383 https://*.covers.com http://*.covers.com; img-src data: https://www.facebook.com/tr/ https://pixel.mathtag.com https://*.covers.com https://www.google-analytics.com https://triathlon.sc.omtrdc.net https://cdn.brid.tv https://stats-dev.brid.tv https://dev.visualwebsiteoptimizer.com https://dpm.demdex.net https://ajax.googleapis.com https://userimages-covers-s3.s3.amazonaws.com https://images-covers-s3.s3.amazonaws.com; media-src https://cdn.brid.tv; script-src https://static.hotjar.com https://triathlon.sc.omtrdc.net 'unsafe-inline' 'unsafe-eval' https://*.covers.com https://connect.facebook.net https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://dev.visualwebsiteoptimizer.com https://assets.adobedtm.com https://ajax.googleapis.com; style-src 'self' 'unsafe-inline' http://*.covers.com https://*.covers.com https://ajax.googleapis.com;style-src-elem 'unsafe-inline' http://*.covers.com https://*.covers.com https://localhost:44383 https://fonts.googleapis.com https://fonts.gstatic.co https://ajax.googleapis.co https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://ajax.googleapis.com https://c.brid.tv;script-src-elem 'unsafe-inline' https://pixel.mathtag.com https://*.covers.com https://www.google-analytics.com https://cdn.cookielaw.org https://www.googletagmanager.com https://assets.adobedtm.com https://cdnjs.cloudflare.com https://*.hotjar.com https://ajax.googleapis.com https://connect.facebook.net https://*.brid.tv https://platform.twitter.com https://static.zdassets.com https://dev.visualwebsiteoptimizer.com https://www.google.com https://www.gstatic.com https://cdn.onesignal.com; connect-src http://*.covers.com https://*.covers.com https://www.google-analytics.com https://cdn.cookielaw.org https://*.hotjar.com https://covers.zendesk.com https://vc.hotjar.io https://dpm.demdex.net https://triathlon.sc.omtrdc.net; font-src https://*.covers.com https://fonts.gstatic.com;frame-src https://pixel.mathtag.com https://*.twitter.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.covers.com;
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
sameorigin
content-type
application/javascript; charset=utf-8
cache-control
private
content-length
1200
1642804996058680
connect.facebook.net/signals/config/ 		377 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1642804996058680?v=2.9.100&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bc3b4bea16253d59df9c5a076d48fcefcb71f74333b69019eb0e85f515cbe3e1
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts2.covers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 08 Apr 2023 15:04:42 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
110229
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
PWJrcflFMljBRZA6oeLMDbcY+ecNJcnPWKeplYXcuNiEU9e2peLcF3WBbx2CPJxXRLaSzwydKSgLwLIEpN4xNw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
custom-data-v1.js
img.covers.com/scripts/analytics/ 		97 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.covers.com/scripts/analytics/custom-data-v1.js
Requested by
Host: headers.covers.com
URL: https://headers.covers.com/Scripts/AdobeConnectorMini.js?v=1.3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
6fa005fc22348d76ebb7d0d49368ac47af2b8d2b471b2f550a0f3c5a49ce6a80
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts2.covers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 08 Apr 2023 15:04:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2705042
x-cache
HIT, HIT
x-imgix-id
5ac5ff780c08238f84055b284456d9e98224ff32
cross-origin-resource-policy
cross-origin
content-length
32568
x-served-by
cache-sjc10052-SJC, cache-fra-eddf8230137-FRA
x-imgix-render-farm
01.9544
last-modified
Mon, 24 Jan 2022 20:00:15 GMT
server
imgix
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1642804996058680&ev=PageView&dl=https%3A%2F%2Faccounts2.covers.com%2F&rl=&if=false&ts=1680966282360&sw=1600&sh=1200&v=2.9.100&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1680966282358.677717000&it=1680966282303&coo=false&rqm=GET
Requested by
Host: accounts2.covers.com
URL: https://accounts2.covers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts2.covers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 08 Apr 2023 15:04:42 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
id
dpm.demdex.net/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=9CE579FD5DCD8B590A495E09%40AdobeOrg&d_nsid=0&ts=1680966282371
Requested by
Host: img.covers.com
URL: https://img.covers.com/scripts/analytics/custom-data-v1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.88.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-88-82.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
faea7c3038e515c77732710ea5a4b8969ffcfcca8a4739808af072669fa3948b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://accounts2.covers.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-2-v046-0dc39c7af.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
fFVKRG2GTE8=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://accounts2.covers.com
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
893
Expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
Requested by
Host: img.covers.com
URL: https://img.covers.com/scripts/analytics/custom-data-v1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:7a9::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts2.covers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 08 Apr 2023 15:04:42 GMT
content-encoding
gzip
last-modified
Wed, 12 Aug 2020 22:09:52 GMT
server
AkamaiNetStorage
etag
"f259ee6445c19c2ce3c64a1b117a4f35:1597270192.577101"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://accounts2.covers.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12184
expires
Sat, 08 Apr 2023 16:04:42 GMT
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: img.covers.com
URL: https://img.covers.com/scripts/analytics/custom-data-v1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:7a9::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts2.covers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 08 Apr 2023 15:04:42 GMT
content-encoding
gzip
last-modified
Wed, 12 Aug 2020 22:09:52 GMT
server
AkamaiNetStorage
etag
"5dedcda2c8a6c3a51fd419d306427010:1597270192.857753"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://accounts2.covers.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
1594
expires
Sat, 08 Apr 2023 16:04:42 GMT
last-event-tag-latest.min.js
www.everestjs.net/static/le/ 		0
0
covers-c-white.svg
img.covers.com/covers/icons/global-icons/brand/ 		1 KB
818 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.covers.com/covers/icons/global-icons/brand/covers-c-white.svg
Requested by
Host: accounts2.covers.com
URL: https://accounts2.covers.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
94d2518360998ef64179d47add44ad134bf25a7f3a04bba03b99c1862119fe6a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts2.covers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 08 Apr 2023 15:04:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2705043
x-cache
HIT, HIT
x-imgix-id
30c270090a32da06cc09ed9e4076ba1846359b7f
cross-origin-resource-policy
cross-origin
content-length
705
x-served-by
cache-sjc10052-SJC, cache-fra-eddf8230137-FRA
x-imgix-render-farm
01.9544
last-modified
Wed, 09 Jun 2021 15:50:57 GMT
server
imgix
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
LoginJson
accounts2.covers.com/ 		67 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts2.covers.com/LoginJson?callback=jQuery351007347963358756959_1680966281848&_=1680966281850
Requested by
Host: headers.covers.com
URL: https://headers.covers.com/Scripts/AllExternal.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.149.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-149-154.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c6dd1034e0a614b598979bc2ae5798e847c4f521615f104e4e761707a1761452
Security Headers
Name Value
Content-Security-Policy default-src http://localhost:44383 https://localhost:44383 https://*.covers.com http://*.covers.com; img-src data: https://www.facebook.com/tr/ https://pixel.mathtag.com https://*.covers.com https://www.google-analytics.com https://triathlon.sc.omtrdc.net https://cdn.brid.tv https://stats-dev.brid.tv https://dev.visualwebsiteoptimizer.com https://dpm.demdex.net https://ajax.googleapis.com https://userimages-covers-s3.s3.amazonaws.com https://images-covers-s3.s3.amazonaws.com; media-src https://cdn.brid.tv; script-src https://static.hotjar.com https://triathlon.sc.omtrdc.net 'unsafe-inline' 'unsafe-eval' https://*.covers.com https://connect.facebook.net https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://dev.visualwebsiteoptimizer.com https://assets.adobedtm.com https://ajax.googleapis.com; style-src 'self' 'unsafe-inline' http://*.covers.com https://*.covers.com https://ajax.googleapis.com;style-src-elem 'unsafe-inline' http://*.covers.com https://*.covers.com https://localhost:44383 https://fonts.googleapis.com https://fonts.gstatic.co https://ajax.googleapis.co https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://ajax.googleapis.com https://c.brid.tv;script-src-elem 'unsafe-inline' https://pixel.mathtag.com https://*.covers.com https://www.google-analytics.com https://cdn.cookielaw.org https://www.googletagmanager.com https://assets.adobedtm.com https://cdnjs.cloudflare.com https://*.hotjar.com https://ajax.googleapis.com https://connect.facebook.net https://*.brid.tv https://platform.twitter.com https://static.zdassets.com https://dev.visualwebsiteoptimizer.com https://www.google.com https://www.gstatic.com https://cdn.onesignal.com; connect-src http://*.covers.com https://*.covers.com https://www.google-analytics.com https://cdn.cookielaw.org https://*.hotjar.com https://covers.zendesk.com https://vc.hotjar.io https://dpm.demdex.net https://triathlon.sc.omtrdc.net; font-src https://*.covers.com https://fonts.gstatic.com;frame-src https://pixel.mathtag.com https://*.twitter.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.covers.com;
X-Frame-Options sameorigin

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://accounts2.covers.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 08 Apr 2023 15:04:42 GMT
content-encoding
gzip
content-security-policy
default-src http://localhost:44383 https://localhost:44383 https://*.covers.com http://*.covers.com; img-src data: https://www.facebook.com/tr/ https://pixel.mathtag.com https://*.covers.com https://www.google-analytics.com https://triathlon.sc.omtrdc.net https://cdn.brid.tv https://stats-dev.brid.tv https://dev.visualwebsiteoptimizer.com https://dpm.demdex.net https://ajax.googleapis.com https://userimages-covers-s3.s3.amazonaws.com https://images-covers-s3.s3.amazonaws.com; media-src https://cdn.brid.tv; script-src https://static.hotjar.com https://triathlon.sc.omtrdc.net 'unsafe-inline' 'unsafe-eval' https://*.covers.com https://connect.facebook.net https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://dev.visualwebsiteoptimizer.com https://assets.adobedtm.com https://ajax.googleapis.com; style-src 'self' 'unsafe-inline' http://*.covers.com https://*.covers.com https://ajax.googleapis.com;style-src-elem 'unsafe-inline' http://*.covers.com https://*.covers.com https://localhost:44383 https://fonts.googleapis.com https://fonts.gstatic.co https://ajax.googleapis.co https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://ajax.googleapis.com https://c.brid.tv;script-src-elem 'unsafe-inline' https://pixel.mathtag.com https://*.covers.com https://www.google-analytics.com https://cdn.cookielaw.org https://www.googletagmanager.com https://assets.adobedtm.com https://cdnjs.cloudflare.com https://*.hotjar.com https://ajax.googleapis.com https://connect.facebook.net https://*.brid.tv https://platform.twitter.com https://static.zdassets.com https://dev.visualwebsiteoptimizer.com https://www.google.com https://www.gstatic.com https://cdn.onesignal.com; connect-src http://*.covers.com https://*.covers.com https://www.google-analytics.com https://cdn.cookielaw.org https://*.hotjar.com https://covers.zendesk.com https://vc.hotjar.io https://dpm.demdex.net https://triathlon.sc.omtrdc.net; font-src https://*.covers.com https://fonts.gstatic.com;frame-src https://pixel.mathtag.com https://*.twitter.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.covers.com;
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
sameorigin
content-type
text/javascript; charset=utf-8
cache-control
private
content-length
189
hotjar-1022261.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1022261.js?sv=6
Requested by
Host: accounts2.covers.com
URL: https://accounts2.covers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-53.fra56.r.cloudfront.net
Software
/
Resource Hash
cea0b9b45c689fdd54555abe80d881351d5c14def90e300cb833b4b873b82767
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts2.covers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Sat, 08 Apr 2023 15:04:42 GMT
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
16
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/a19b925d82f2239f30a1c089d96188c9
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
BUjiXyI9aYCDgpHK91oQEQrlhHk1lmttit2-dErf_Wt7x-rzlYlpiA==
modules.69d367ac7af64e17f043.js
script.hotjar.com/ 		263 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.69d367ac7af64e17f043.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1022261.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-91.prg50.r.cloudfront.net
Software
/
Resource Hash
0b5f60f812c72089312d5a443a3b9165bf3c5f15db67cbd09946a5bcff7f3c58
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts2.covers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 07 Apr 2023 11:07:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 9ed2eeec8748ea461af0d1cbf998da0e.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
100655
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
68692
last-modified
Fri, 07 Apr 2023 11:06:19 GMT
etag
"651be8c2e059394adc426f9d403421d8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
T0wtGTkDh5zr9kRNTkoYBOYL1kgTZivGyTQqAZgwbL6OyBgp3wL8tw==
dd
cm.everesttech.net/cm/ 		0
0
s59372789770087
triathlon.sc.omtrdc.net/b/ss/trillioncoverscom/1/JS-2.22.0-LBWB/ 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://triathlon.sc.omtrdc.net/b/ss/trillioncoverscom/1/JS-2.22.0-LBWB/s59372789770087?AQB=1&ndh=1&pf=1&t=8%2F3%2F2023%2015%3A4%3A42%206%200&mid=32492747399286985990831560263172436067&aamlh=6&ce=UTF-8&ns=covers.com&cdp=2&fpCookieDomainPeriods=2&cl=SESSION&pageName=https%3A%2F%2Faccounts2.covers.com%2F&g=https%3A%2F%2Faccounts2.covers.com%2F&cc=USD&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c2=Login&v2=https%3A%2F%2Faccounts2.covers.com%2F&v3=Category%3Anull&v4=Vertical%3Anull&v23=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F111.0.5563.146%20Safari%2F537.36&v24=D%3Dmid&v32=en-US&v53=1167.6000003814697&v54=428.69999980926514&v199=4.3.0&v200=https%3A%2F%2Faccounts2.covers.com&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=9CE579FD5DCD8B590A495E09%40AdobeOrg&AQE=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.236.125.10 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-125-10.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts2.covers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 Apr 2023 15:04:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 09 Apr 2023 15:04:42 GMT
server
jag
etag
3609847603808174080-4619370626141133104
vary
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
*
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 07 Apr 2023 15:04:42 GMT
covers-c-white.svg
img.covers.com/covers/icons/global-icons/brand/ 		1 KB
747 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.covers.com/covers/icons/global-icons/brand/covers-c-white.svg
Requested by
Host: headers.covers.com
URL: https://headers.covers.com/Scripts/AllExternal.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
94d2518360998ef64179d47add44ad134bf25a7f3a04bba03b99c1862119fe6a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts2.covers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 08 Apr 2023 15:04:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2705043
x-cache
HIT, HIT
x-imgix-id
30c270090a32da06cc09ed9e4076ba1846359b7f
cross-origin-resource-policy
cross-origin
content-length
705
x-served-by
cache-sjc10052-SJC, cache-fra-eddf8230137-FRA
x-imgix-render-farm
01.9544
last-modified
Wed, 09 Jun 2021 15:50:57 GMT
server
imgix
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
inter_semi_bold.woff2
img.covers.com/covers/fonts/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://img.covers.com/covers/fonts/inter_semi_bold.woff2
Requested by
Host: headers.covers.com
URL: https://headers.covers.com/content/css/critical-css.css?v=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
acdc8f60059cbf557957869f544dce756689a499c506856522204b3ea06be8c7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://headers.covers.com/
Origin
https://accounts2.covers.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 08 Apr 2023 15:04:42 GMT
x-content-type-options
nosniff
age
4000950
x-cache
HIT, HIT
x-imgix-id
ba52561005cef216e76777868da959e32b8e0764
cross-origin-resource-policy
cross-origin
content-length
37780
x-served-by
cache-sjc10035-SJC, cache-fra-eddf8230113-FRA
x-imgix-render-farm
01.0
last-modified
Fri, 04 Feb 2022 16:12:36 GMT
server
imgix
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
/
www.facebook.com/tr/ 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1642804996058680&ev=Microdata&dl=https%3A%2F%2Faccounts2.covers.com%2F&rl=&if=false&ts=1680966283863&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Login%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.100&r=stable&ec=1&o=30&fbp=fb.1.1680966282358.677717000&it=1680966282303&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts2.covers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 08 Apr 2023 15:04:43 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
consent.cookiebot.com
URL
https://consent.cookiebot.com/uc.js
Domain
www.datadoghq-browser-agent.com
URL
https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Domain
www.covers.com
URL
https://www.covers.com/betting/GetUserCountryCode
Domain
www.redditstatic.com
URL
https://www.redditstatic.com/ads/pixel.js
Domain
www.everestjs.net
URL
https://www.everestjs.net/static/le/last-event-tag-latest.min.js
Domain
cm.everesttech.net
URL
https://cm.everesttech.net/cm/dd?d_uuid=26059088828604925540195899832828688782

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless object| DD_RUM function| bsTooltip function| bsButton function| $ function| jQuery object| CMG function| MvcAjaxError function| QueryString object| html5 object| Modernizr function| yepnope object| dataLayer string| GoogleAnalyticsObject function| ga number| settings_timer number| _vwo_settings_timer object| _vwo_code function| engagement function| change_login_button function| check_login_status function| SetAdobeDefaults function| CMG_HEADER object| google_tag_data object| gaplugins object| gaGlobal object| gaData undefined| vwo_e number| _vwo_j_e string| _vwo_mt string| _vwo_tm string| g object| vwo_iehack_queue object| google_tag_manager function| fbq function| _fbq function| rdt object| CMG_ACCT object| google_optimize string| show function| adobeConnector object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in string| returnUrl string| regUrlHref function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| s function| hj object| _hjSettings object| _wq object| initForms object| completedForms object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| s_i_trillioncoverscom

19 Cookies

Domain/Path Name / Value
accounts2.covers.com/ Name: ASP.NET_SessionId
Value: hayi1dpcsjnosppvq2tmw3g5
.covers.com/ Name: _ga
Value: GA1.2.560608635.1680966282
.covers.com/ Name: _gid
Value: GA1.2.133558651.1680966282
.accounts2.covers.com/ Name: _vwo_uuid_v2
Value: D127991732919A7F549E0CBAA432758F3|ec10a2cc16c214f348a4effda0dcb641
.covers.com/ Name: PageCount
Value: 1
.covers.com/ Name: _gat
Value: 1
.covers.com/ Name: _fbp
Value: fb.1.1680966282358.677717000
accounts2.covers.com/ Name: loggedIn
Value: false
.demdex.net/ Name: demdex
Value: 26059088828604925540195899832828688782
.covers.com/ Name: AMCVS_9CE579FD5DCD8B590A495E09%40AdobeOrg
Value: 1
.covers.com/ Name: AMCV_9CE579FD5DCD8B590A495E09%40AdobeOrg
Value: -1124106680%7CMCIDTS%7C19456%7CMCMID%7C32492747399286985990831560263172436067%7CMCAAMLH-1681571082%7C6%7CMCAAMB-1681571082%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1680973482s%7CNONE%7CvVersion%7C5.2.0
.covers.com/ Name: s_cc
Value: true
.covers.com/ Name: _hjSessionUser_1022261
Value: eyJpZCI6IjliZjZhYjMwLTg3Y2UtNTc2MC1iNjVhLTYwOWZkMTQ3ODcwZiIsImNyZWF0ZWQiOjE2ODA5NjYyODI1OTUsImV4aXN0aW5nIjpmYWxzZX0=
.covers.com/ Name: _hjFirstSeen
Value: 1
.covers.com/ Name: _hjIncludedInSessionSample_1022261
Value: 0
.covers.com/ Name: _hjSession_1022261
Value: eyJpZCI6ImRjM2Q3MmM5LTk1MWItNDE0ZS1hOWMzLTQwZjIwODlhY2Y1YiIsImNyZWF0ZWQiOjE2ODA5NjYyODI2MDUsImluU2FtcGxlIjpmYWxzZX0=
.covers.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
accounts2.covers.com/ Name: AWSALB
Value: WoMyMKqGBw73qjemSCAcWBwpLjmS2Wcn6cencKncjAdXkKBZuFymHtRaA1hrk+4biFF3JN7WUmkGCwVZtnyfGWZSUKP68xpBudy3tmbRbq+DZetqBMLvlHM+FXpJ
accounts2.covers.com/ Name: AWSALBCORS
Value: WoMyMKqGBw73qjemSCAcWBwpLjmS2Wcn6cencKncjAdXkKBZuFymHtRaA1hrk+4biFF3JN7WUmkGCwVZtnyfGWZSUKP68xpBudy3tmbRbq+DZetqBMLvlHM+FXpJ

9 Console Messages

Source Level URL
Text
security error URL: https://accounts2.covers.com/
Message:
Refused to load the script 'https://consent.cookiebot.com/uc.js' because it violates the following Content Security Policy directive: "script-src-elem 'unsafe-inline' https://pixel.mathtag.com https://*.covers.com https://www.google-analytics.com https://cdn.cookielaw.org https://www.googletagmanager.com https://assets.adobedtm.com https://cdnjs.cloudflare.com https://*.hotjar.com https://ajax.googleapis.com https://connect.facebook.net https://*.brid.tv https://platform.twitter.com https://static.zdassets.com https://dev.visualwebsiteoptimizer.com https://www.google.com https://www.gstatic.com https://cdn.onesignal.com".
security error URL: https://accounts2.covers.com/(Line 30)
Message:
Refused to load the script 'https://www.datadoghq-browser-agent.com/datadog-rum-v3.js' because it violates the following Content Security Policy directive: "script-src-elem 'unsafe-inline' https://pixel.mathtag.com https://*.covers.com https://www.google-analytics.com https://cdn.cookielaw.org https://www.googletagmanager.com https://assets.adobedtm.com https://cdnjs.cloudflare.com https://*.hotjar.com https://ajax.googleapis.com https://connect.facebook.net https://*.brid.tv https://platform.twitter.com https://static.zdassets.com https://dev.visualwebsiteoptimizer.com https://www.google.com https://www.gstatic.com https://cdn.onesignal.com".
security error
Message:
Refused to load the script 'https://www.redditstatic.com/ads/pixel.js' because it violates the following Content Security Policy directive: "script-src-elem 'unsafe-inline' https://pixel.mathtag.com https://*.covers.com https://www.google-analytics.com https://cdn.cookielaw.org https://www.googletagmanager.com https://assets.adobedtm.com https://cdnjs.cloudflare.com https://*.hotjar.com https://ajax.googleapis.com https://connect.facebook.net https://*.brid.tv https://platform.twitter.com https://static.zdassets.com https://dev.visualwebsiteoptimizer.com https://www.google.com https://www.gstatic.com https://cdn.onesignal.com".
security error URL: https://headers.covers.com/Scripts/AdobeConnectorMini.js?v=1.3(Line 2143)
Message:
Refused to load the script 'https://www.everestjs.net/static/le/last-event-tag-latest.min.js' because it violates the following Content Security Policy directive: "script-src-elem 'unsafe-inline' https://pixel.mathtag.com https://*.covers.com https://www.google-analytics.com https://cdn.cookielaw.org https://www.googletagmanager.com https://assets.adobedtm.com https://cdnjs.cloudflare.com https://*.hotjar.com https://ajax.googleapis.com https://connect.facebook.net https://*.brid.tv https://platform.twitter.com https://static.zdassets.com https://dev.visualwebsiteoptimizer.com https://www.google.com https://www.gstatic.com https://cdn.onesignal.com".
security error URL: https://accounts2.covers.com/
Message:
Refused to load the image 'https://cm.everesttech.net/cm/dd?d_uuid=26059088828604925540195899832828688782' because it violates the following Content Security Policy directive: "img-src data: https://www.facebook.com/tr/ https://pixel.mathtag.com https://*.covers.com https://www.google-analytics.com https://triathlon.sc.omtrdc.net https://cdn.brid.tv https://stats-dev.brid.tv https://dev.visualwebsiteoptimizer.com https://dpm.demdex.net https://ajax.googleapis.com https://userimages-covers-s3.s3.amazonaws.com https://images-covers-s3.s3.amazonaws.com".
security error URL: https://img.covers.com/
Message:
Refused to frame 'https://tri.demdex.net/' because it violates the following Content Security Policy directive: "frame-src https://pixel.mathtag.com https://*.twitter.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.covers.com".
security error URL: https://img.covers.com/scripts/analytics/custom-data-v1.js(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://tri.demdex.net') does not match the recipient window's origin ('null').
javascript error URL: https://accounts2.covers.com/
Message:
Access to XMLHttpRequest at 'https://www.covers.com/betting/GetUserCountryCode' from origin 'https://accounts2.covers.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.covers.com/betting/GetUserCountryCode
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src http://localhost:44383 https://localhost:44383 https://*.covers.com http://*.covers.com; img-src data: https://www.facebook.com/tr/ https://pixel.mathtag.com https://*.covers.com https://www.google-analytics.com https://triathlon.sc.omtrdc.net https://cdn.brid.tv https://stats-dev.brid.tv https://dev.visualwebsiteoptimizer.com https://dpm.demdex.net https://ajax.googleapis.com https://userimages-covers-s3.s3.amazonaws.com https://images-covers-s3.s3.amazonaws.com; media-src https://cdn.brid.tv; script-src https://static.hotjar.com https://triathlon.sc.omtrdc.net 'unsafe-inline' 'unsafe-eval' https://*.covers.com https://connect.facebook.net https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://dev.visualwebsiteoptimizer.com https://assets.adobedtm.com https://ajax.googleapis.com; style-src 'self' 'unsafe-inline' http://*.covers.com https://*.covers.com https://ajax.googleapis.com;style-src-elem 'unsafe-inline' http://*.covers.com https://*.covers.com https://localhost:44383 https://fonts.googleapis.com https://fonts.gstatic.co https://ajax.googleapis.co https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://ajax.googleapis.com https://c.brid.tv;script-src-elem 'unsafe-inline' https://pixel.mathtag.com https://*.covers.com https://www.google-analytics.com https://cdn.cookielaw.org https://www.googletagmanager.com https://assets.adobedtm.com https://cdnjs.cloudflare.com https://*.hotjar.com https://ajax.googleapis.com https://connect.facebook.net https://*.brid.tv https://platform.twitter.com https://static.zdassets.com https://dev.visualwebsiteoptimizer.com https://www.google.com https://www.gstatic.com https://cdn.onesignal.com; connect-src http://*.covers.com https://*.covers.com https://www.google-analytics.com https://cdn.cookielaw.org https://*.hotjar.com https://covers.zendesk.com https://vc.hotjar.io https://dpm.demdex.net https://triathlon.sc.omtrdc.net; font-src https://*.covers.com https://fonts.gstatic.com;frame-src https://pixel.mathtag.com https://*.twitter.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.covers.com;
X-Frame-Options sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts2.covers.com
ajax.googleapis.com
assets.adobedtm.com
cm.everesttech.net
connect.facebook.net
consent.cookiebot.com
dev.visualwebsiteoptimizer.com
dpm.demdex.net
headers.covers.com
img.covers.com
script.hotjar.com
static.hotjar.com
triathlon.sc.omtrdc.net
www.covers.com
www.datadoghq-browser-agent.com
www.everestjs.net
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.redditstatic.com
cm.everesttech.net
consent.cookiebot.com
www.covers.com
www.datadoghq-browser-agent.com
www.everestjs.net
www.redditstatic.com
15.236.125.10
18.66.97.128
18.66.97.53
2a00:1450:4001:80e::200a
2a00:1450:4001:828::2008
2a00:1450:4001:82a::200e
2a02:26f0:480:7a9::1e80
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:8d::720
3.225.149.154
34.96.102.137
52.31.88.82
65.9.95.91
025a375f79bd91e31998f1f7f9b697683f5a96941a242349673a04c96471a15f
02cf5509eecee41969df838549c7ff6bbd0d2010fa4559b9c7f13f16d1403f73
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2
097a075f19a255caffd287db283a8aebdee98ea2b6b2cae3ed66b26ab0c8b52b
0b5f60f812c72089312d5a443a3b9165bf3c5f15db67cbd09946a5bcff7f3c58
125b6b268c7662f295b841038ca5f594ae1cd5adf116cfdf867f529dcf535a38
185063a0bca1d0e2a8e04dfd804b6cf98c934f75e8a37b94ab94636161b1dcde
1c2f91afa93553355f86abfb0aa9ca7516c4a877efd4a0a333c558ecf5045604
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
240eda595f1f6a45a60ac21d243da288833d6a8e2a028646e5bc720b531c36f1
371a2b4ef8afb5f5ea08672fd03f0e548398001f66a142a8179a7b2ffc9e8de6
3f04ef0d82bf795769cdca5cf2b4145f738034bc1dfcbb71f9e61c048c9cca0f
42a209502af65f817241bc59e1457a9826cea242071ea916a9ed2a6e0816f841
432744dcccc52c2c56491013748e40af1f7f7a324be5ecb4257517c0cdfe6bc7
4446fa1f9f31ae221589da278739dd7d9d1f3044619c277976f5ca5eac9297de
4970ceae713369b74c3adc1c51d906f161b2a91f3bbcfd4dabd4309042488ac9
4f1925bd88c9b072b47369a705e8611dabba9175f90e7df2b5503bd2ec273d61
5689b47e0763d87c4887618bae600c817e009ee628c8b7254a1f3ebee2561339
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5bde3a0d230a1163e8c278b015679ed5319640fdc401c326d0b72be8bd1d13f3
5e47be016386e1dd9e7e44b201a4340805f7c9d120e44101187596a851130cfb
6c3ca80c56e793591e0e338545c2deb20526cf1249a150e7cf823ebfa3da4e59
6fa005fc22348d76ebb7d0d49368ac47af2b8d2b471b2f550a0f3c5a49ce6a80
740f0096bec060385cf4e9b4ca418a64cfc7e2a905c1eb7d568142115c9d66e4
7dd97ab4b18c7fdf67a643bfbff120862414cd270c3f908c01c4a1e03921f4a1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84d212a088e94381c9c0be33918e86ab2045c33eda23b6aeb83fc3258bd27df6
8832dadd1eea938404355c5cdbb48860b97554f78f6a4c107cce22c82ced2379
8ad811ffd3365458a48877f7f2f6e56e4f0856f4a49c485264616d2dd7b1524b
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
94d2518360998ef64179d47add44ad134bf25a7f3a04bba03b99c1862119fe6a
96c81e533bd1bb1106a8f254b90128451bd204d1c9554480b696d7569ca2a55f
9a5b5aa40b2a4566db16c664b16d9d0bb8ef19fe93a31824e6750b2768d2a4d2
9b405f7036a08d1687f1a1da0449e1f5408382910cdbf07e86450e1def46fd85
9cd030ddd4128015d8e55488f90f2b52c5fe5766ff905485259b998a9c1ccc46
9d9b75e6bf99296f7797ed12f73137f52966dbb02180ff054c6c01680c7bdb1d
a0cf6c41ddbe65700b915fdb963e1cc78210d7beadb6fde72e19a07824426dd7
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
ac636e5c18c5e51ef2c463cf0f9915a63c162a2ac939c3527d7a7df45da30fac
acdc8f60059cbf557957869f544dce756689a499c506856522204b3ea06be8c7
b73422069c8e262b55ba170a45d0cbcf158103e2fb4085c41baa8b37b49f65f5
baa0efad66695b4e0015e8b8d9288621e077c71795b1c39e8552ecb165060a1c
bc3b4bea16253d59df9c5a076d48fcefcb71f74333b69019eb0e85f515cbe3e1
c0db0558ed6640b0cae3df4184d4875dbdc07e12789351f48fb970e7ce938f36
c45964cd087cdf4f6595b22cf4849b9dd5ab866f42260f01ec97fec1b9732bf4
c6dd1034e0a614b598979bc2ae5798e847c4f521615f104e4e761707a1761452
c75a5b891af4081d0c9ef70dc21e4512a2118d1a743729e5ca45ef298b952180
c8c2157918c9fed0bb9dcc56c96b52dc7af70b05ca0228e467eaf91777751ad7
cb068e1e84ba2e68c0d311ea3f0a0484652b067e5b2ea8ffef3314cd379a7459
cbea044ef8062ae67c1fdbde17c5661038013594c86e49d638befb8a3597de37
cea0b9b45c689fdd54555abe80d881351d5c14def90e300cb833b4b873b82767
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
dbf060c555e91a539d9cb849f4aa0c656db9b0a1da32c99aafb12d7c508c6849
e2614b5d3564c4adcc14dc9f58a6021e5b33e58d2e748adf2c7ed779d02c9fda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e56bf8e0a44d8ee030eb49988c6b14ba35aba663792389104df8e1548bf91fa6
ebde597f5b1788ce1a2011772560e8b32166d6b7d1f72ecbec992fb5f0c70dcc
f46c9ca499e58948c90d50ea3f4504bbf6ec9bd53eddd9d0507f3edd6d74be46
faea7c3038e515c77732710ea5a4b8969ffcfcca8a4739808af072669fa3948b