r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5ceaca9fd4ad000cb435820812fc69c8
8168397aaf7b572c89a9c83f46c0b65e4ac509f2
9c4e52e7e17158307d752db0bc3d1fbedae4f305cc301fd73b260f73ab796492
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11057
Expires: Wed, 07 Dec 2022 04:10:03 GMT
Date: Wed, 07 Dec 2022 01:05:46 GMT
Connection: keep-alive
click.et.covermymeds.com/?qs=f0bf8382e2c0398d0225a34fb3d10b14656df8039cdd543b70589942c974941d482a39b35893f4f685fe70a76f4d1e1271f3ca88174a57b9
13.111.131.188301 Moved Permanently 0 B URL HTTP/1.1 click.et.covermymeds.com/?qs=f0bf8382e2c0398d0225a34fb3d10b14656df8039cdd543b70589942c974941d482a39b35893f4f685fe70a76f4d1e1271f3ca88174a57b9
IP 13.111.131.188:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?qs=f0bf8382e2c0398d0225a34fb3d10b14656df8039cdd543b70589942c974941d482a39b35893f4f685fe70a76f4d1e1271f3ca88174a57b9 HTTP/1.1
Host: click.et.covermymeds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://click.et.covermymeds.com/?qs=f0bf8382e2c0398d0225a34fb3d10b14656df8039cdd543b70589942c974941d482a39b35893f4f685fe70a76f4d1e1271f3ca88174a57b9
Connection: Keep-Alive
Content-Length: 0
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f83c5e33ba42e312ee398848bbb711f5
caa1fd23b1fbbe883292ded04404c1cfd861eb09
106d08fba45f1e13f85b4b5abc456594878494238933e54b6a06e21ed8a52bc9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5626
Cache-Control: max-age=125958
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 01:05:46 GMT
Etag: "638f19f6-1d7"
Expires: Thu, 08 Dec 2022 12:05:04 GMT
Last-Modified: Tue, 06 Dec 2022 10:31:18 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 07 Dec 2022 00:20:26 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2720
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a0abf10fb7e96c1c98dacf2f013a68b4
acdd839bce85eadc78a8e821e32e00a958d5c0c8
b85d98f8df05431777d96c767ce4c152302ec3f653cdf6e61c8c3fa9574f3255
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B85D98F8DF05431777D96C767CE4C152302EC3F653CDF6E61C8C3FA9574F3255"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7750
Expires: Wed, 07 Dec 2022 03:14:56 GMT
Date: Wed, 07 Dec 2022 01:05:46 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: oAiQKoJhYX5m1KFeJEzy9avuBraxVp7x7UFW5Fn3HpoJE1i11+PqVu0Cac4ZvAS8J78hHpM5U+CT2XLXY18e2Q==
x-amz-request-id: ZF7GPW31VJ4GCRTW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 07 Dec 2022 00:47:18 GMT
age: 1108
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 01:05:46 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 07 Dec 2022 00:08:58 GMT
cache-control: public,max-age=3600
age: 3409
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cce219422d64e6867ff5fdd620108ad0
2aa0d54ac227d4fe8ee3c7115ca309c967470a5b
c0caaf9d694459dbb56f21146e35331634482719ddc19fc26eb13cc218dad943
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 01:05:47 GMT
Server: ECS (amb/6BA0)
Content-Length: 471
click.et.covermymeds.com/?qs=f0bf8382e2c0398d0225a34fb3d10b14656df8039cdd543b70589942c974941d482a39b35893f4f685fe70a76f4d1e1271f3ca88174a57b9
13.111.131.188302 Found 290 B URL HTTP/1.1 click.et.covermymeds.com/?qs=f0bf8382e2c0398d0225a34fb3d10b14656df8039cdd543b70589942c974941d482a39b35893f4f685fe70a76f4d1e1271f3ca88174a57b9
IP 13.111.131.188:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f118b5cc9908d171ae468942f493ce4
b71f841f7e0044e6ce78dd24e6d1f27ceb838bf8
63f22b64c1712b0fa8cc92140834e0b7aedc227fc33fce19cc21ee25fab587dc
GET /?qs=f0bf8382e2c0398d0225a34fb3d10b14656df8039cdd543b70589942c974941d482a39b35893f4f685fe70a76f4d1e1271f3ca88174a57b9 HTTP/1.1
Host: click.et.covermymeds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://account.covermymeds.com/?utm_medium=email&utm_source=sfmc_provider&utm_campaign=epa-provider-panotify&utm_content=signin-em1&utm_term=cta-text-link-3
Date: Wed, 07 Dec 2022 01:05:47 GMT
Connection: close
Content-Length: 290
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0f7dcaa590e32cfd1c075255188d5f06
d4bb4954fefdb3b59560b54adf500e806e252e39
195795c2511b31519134f5eb4442d8708918ecaff72f8e821a5473ad7c97c448
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5609
Cache-Control: max-age=120872
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 01:05:47 GMT
Etag: "638f062a-1d7"
Expires: Thu, 08 Dec 2022 10:40:19 GMT
Last-Modified: Tue, 06 Dec 2022 09:06:50 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.70.239.215101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.70.239.215:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: fnWl47CXHTDOaYNsPBS64A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lkRMZClXN1+VBw6Yi39ICyfSPd0=
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash ddada8fa464598ffd489e5155eb33e14
fd8b117b2ce1855708a233538305ce8177f1056d
2ad4472d9c15bf4ab7eb030badb4498442b9999e3a27a26c4d34a53487b1705e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 01:05:47 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 19:23:38 GMT
Expires: Sun, 11 Dec 2022 19:23:37 GMT
Etag: "fd8b117b2ce1855708a233538305ce8177f1056d"
Cache-Control: max-age=410869,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77595ae11a0f1c16-OSL
account.covermymeds.com/?utm_medium=email&utm_source=sfmc_provider&utm_campaign=epa-provider-panotify&utm_content=signin-em1&utm_term=cta-text-link-3
66.97.160.55200 OK 4.6 kB URL HTTP/1.1 account.covermymeds.com/?utm_medium=email&utm_source=sfmc_provider&utm_campaign=epa-provider-panotify&utm_content=signin-em1&utm_term=cta-text-link-3
IP 66.97.160.55:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (558)
Hash 71d9e1ae44e70c0dc3899350ee1a24ce
dec8b8680b4ac8821a8fe11288bedd2778559d31
03e4c134734f62783ec59399fe343a67a471aab8b5c1368cc28d1f604196a2fb
GET /?utm_medium=email&utm_source=sfmc_provider&utm_campaign=epa-provider-panotify&utm_content=signin-em1&utm_term=cta-text-link-3 HTTP/1.1
Host: account.covermymeds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 01:05:47 GMT
Server: nginx/1.16.1
Content-Type: text/html; charset=utf-8
Cache-Control: max-age=0, private, must-revalidate
Etag: W/"8581195c88ce326c5803be4913f8f723"
Link: </packs/css/application-a6d37888.css>; rel=preload; as=style; nopush,</assets/application-c5c2cc28ceef3694214de1dceab1258b5d0ad808a1ed4351fa20b77f9454d1c0.js>; rel=preload; as=script; nopush,</assets/sessions-06476b71903e77ea185d3ea871b40fcbb6a91e41bc2639234a8454f055b5f2b7.js>; rel=preload; as=script; nopush,</assets/selectivizr-4c171f0f930a9c8edcea83448f77c77ca7d8ef507a216ed16cbd5efb8e24fe02.js>; rel=preload; as=script; nopush,</packs/js/application-895ab4b7684ac7b8892b.js>; rel=preload; as=script; nopush
Referrer-Policy: strict-origin-when-cross-origin
Status: 200 OK
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff, nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: Phusion Passenger(R) 6.0.14
X-Prisma-Event-Id: f5bce3ee-ec23-c5b1-33dc-5da6cb28abd8
X-Request-Id: 2a864941-9e48-4b3b-a684-9716146584e3
X-Runtime: 0.017782
X-Xss-Protection: 1; mode=block
Via: 1.1 account.covermymeds.com
Vary: Accept-Encoding
X-Cnection: close
Content-Encoding: gzip
Content-Length: 4569
Connection: Keep-Alive
Set-Cookie: _account_session=2s5jhB6dRYERzwqtS10kMLBfHE%2FzuZIt92%2BZM2SFI7q6dwKqHwqRRmViRSP1D%2FIhjalxZ7X4udK46I07gmV1MiLwszumBSKltvIhBqPcdcMhPEOf1RHBziARK7w2p3LpYjBAOBBauQVILNEndEJpkxxRpOOe%2FDKAVvVtF%2BcywXsxbf3r6iCPsQZ%2BnN99UwkCV%2B%2Bxr8gCV7m57iMtlDZGeg%2FUqha6IgmBlQMoc33NXPaN%2Fg5N8mKFCBBlsje2N24xm8hGgPDAiWGjHoW3dA4AcI%2Fsb8pUvYBh--qhld1zT7n7sl%2Bu%2Fm--lVj7gIWjsqZaW%2F0srKWriQ%3D%3D; path=/; secure; HttpOnly; SameSite=Lax
cookiesession1=678B286DBE21302F9F8EF3E3181CB620;Expires=Thu, 07 Dec 2023 01:05:47 GMT;Path=/;HttpOnly
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 3ba864a4daffd79d4639e98e35cf5a8f
4e2dfdbff3ce773c1c39031bdf854e2b0a31131c
73a684466e34cc6ab4250dbab0c6afb73a92c4239e37076020b9e1c446b69b7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 01:05:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-WDWQ49P
142.250.74.168200 OK 103 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-WDWQ49P
IP 142.250.74.168:0
File type Unicode text, UTF-8 text, with very long lines (53573)
Size 103 kB (102947 bytes)
Hash b67ee4fd3fc64871f3bfc7f297ec19b3
fae56e1fe2ef401143389502fb5686cd6d8932f3
3eb8153e5f59e650e667069edfd7567fa5bbd1a4cea22e9d64efeddf73b925f8
GET /gtm.js?id=GTM-WDWQ49P HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://account.covermymeds.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 07 Dec 2022 01:05:48 GMT
expires: Wed, 07 Dec 2022 01:05:48 GMT
cache-control: private, max-age=900
last-modified: Wed, 07 Dec 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 102947
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 3ba864a4daffd79d4639e98e35cf5a8f
4e2dfdbff3ce773c1c39031bdf854e2b0a31131c
73a684466e34cc6ab4250dbab0c6afb73a92c4239e37076020b9e1c446b69b7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 01:05:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
account.covermymeds.com/assets/sessions-06476b71903e77ea185d3ea871b40fcbb6a91e41bc2639234a8454f055b5f2b7.js
66.97.160.55200 OK 927 B URL HTTP/1.1 account.covermymeds.com/assets/sessions-06476b71903e77ea185d3ea871b40fcbb6a91e41bc2639234a8454f055b5f2b7.js
IP 66.97.160.55:0
Hash 562636ce1052f1b78ff08319eb2c15bc
77a6fb90105e0f90c3d2f51a553c61643f03fb79
54e29182f8926ee1c4cc9ad7b0a4920d9f0bd0cfd4aed90fb77265e8aeab82e6
GET /assets/sessions-06476b71903e77ea185d3ea871b40fcbb6a91e41bc2639234a8454f055b5f2b7.js HTTP/1.1
Host: account.covermymeds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://account.covermymeds.com/?utm_medium=email&utm_source=sfmc_provider&utm_campaign=epa-provider-panotify&utm_content=signin-em1&utm_term=cta-text-link-3
Connection: keep-alive
Cookie: _account_session=2s5jhB6dRYERzwqtS10kMLBfHE%2FzuZIt92%2BZM2SFI7q6dwKqHwqRRmViRSP1D%2FIhjalxZ7X4udK46I07gmV1MiLwszumBSKltvIhBqPcdcMhPEOf1RHBziARK7w2p3LpYjBAOBBauQVILNEndEJpkxxRpOOe%2FDKAVvVtF%2BcywXsxbf3r6iCPsQZ%2BnN99UwkCV%2B%2Bxr8gCV7m57iMtlDZGeg%2FUqha6IgmBlQMoc33NXPaN%2Fg5N8mKFCBBlsje2N24xm8hGgPDAiWGjHoW3dA4AcI%2Fsb8pUvYBh--qhld1zT7n7sl%2Bu%2Fm--lVj7gIWjsqZaW%2F0srKWriQ%3D%3D; cookiesession1=678B286DBE21302F9F8EF3E3181CB620
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 01:05:48 GMT
Server: nginx/1.16.1
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Content-Length: 927
Last-Modified: Mon, 10 Oct 2022 22:58:22 GMT
ETag: "6344a38e-39f"
Expires: Thu, 08 Dec 2022 01:05:48 GMT
Cache-Control: max-age=86400, public
Accept-Ranges: bytes
Via: 1.1 account.covermymeds.com
Vary: Accept-Encoding
X-Cnection: close
Strict-Transport-Security: max-age=31536000
account.covermymeds.com/packs/css/application-a6d37888.css
66.97.160.55200 OK 43 kB URL HTTP/1.1 account.covermymeds.com/packs/css/application-a6d37888.css
IP 66.97.160.55:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 92ba35b947f1ea4c9b59c9edcbfc1d68
23d948646797283713b71698508b331daadf33a3
3cd6e364244a2590676948f6ea26212b7398fe746d46c1acaf8bf118e2c0915f
GET /packs/css/application-a6d37888.css HTTP/1.1
Host: account.covermymeds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://account.covermymeds.com/?utm_medium=email&utm_source=sfmc_provider&utm_campaign=epa-provider-panotify&utm_content=signin-em1&utm_term=cta-text-link-3
Connection: keep-alive
Cookie: _account_session=2s5jhB6dRYERzwqtS10kMLBfHE%2FzuZIt92%2BZM2SFI7q6dwKqHwqRRmViRSP1D%2FIhjalxZ7X4udK46I07gmV1MiLwszumBSKltvIhBqPcdcMhPEOf1RHBziARK7w2p3LpYjBAOBBauQVILNEndEJpkxxRpOOe%2FDKAVvVtF%2BcywXsxbf3r6iCPsQZ%2BnN99UwkCV%2B%2Bxr8gCV7m57iMtlDZGeg%2FUqha6IgmBlQMoc33NXPaN%2Fg5N8mKFCBBlsje2N24xm8hGgPDAiWGjHoW3dA4AcI%2Fsb8pUvYBh--qhld1zT7n7sl%2Bu%2Fm--lVj7gIWjsqZaW%2F0srKWriQ%3D%3D; cookiesession1=678B286DBE21302F9F8EF3E3181CB620
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 01:05:48 GMT
Server: nginx/1.16.1
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Content-Length: 43236
Last-Modified: Fri, 02 Dec 2022 21:12:30 GMT
ETag: "638a6a3e-31857"
Accept-Ranges: bytes
Via: 1.1 account.covermymeds.com
Vary: Accept-Encoding
X-Cnection: close
Content-Encoding: gzip
Connection: Keep-Alive
Strict-Transport-Security: max-age=31536000
account.covermymeds.com/assets/selectivizr-4c171f0f930a9c8edcea83448f77c77ca7d8ef507a216ed16cbd5efb8e24fe02.js
66.97.160.55200 OK 3.2 kB URL HTTP/1.1 account.covermymeds.com/assets/selectivizr-4c171f0f930a9c8edcea83448f77c77ca7d8ef507a216ed16cbd5efb8e24fe02.js
IP 66.97.160.55:0
File type ASCII text, with very long lines (4711)
Hash fd34492d117308d57b39f698e525e45c
f7c93d02dffde0c568dbf627527ef34478ddb71b
4d15093091403b1930b842ce17ac00d74b5731a7e58b3c272f2e4e5af3cb09fd
GET /assets/selectivizr-4c171f0f930a9c8edcea83448f77c77ca7d8ef507a216ed16cbd5efb8e24fe02.js HTTP/1.1
Host: account.covermymeds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://account.covermymeds.com/?utm_medium=email&utm_source=sfmc_provider&utm_campaign=epa-provider-panotify&utm_content=signin-em1&utm_term=cta-text-link-3
Connection: keep-alive
Cookie: _account_session=2s5jhB6dRYERzwqtS10kMLBfHE%2FzuZIt92%2BZM2SFI7q6dwKqHwqRRmViRSP1D%2FIhjalxZ7X4udK46I07gmV1MiLwszumBSKltvIhBqPcdcMhPEOf1RHBziARK7w2p3LpYjBAOBBauQVILNEndEJpkxxRpOOe%2FDKAVvVtF%2BcywXsxbf3r6iCPsQZ%2BnN99UwkCV%2B%2Bxr8gCV7m57iMtlDZGeg%2FUqha6IgmBlQMoc33NXPaN%2Fg5N8mKFCBBlsje2N24xm8hGgPDAiWGjHoW3dA4AcI%2Fsb8pUvYBh--qhld1zT7n7sl%2Bu%2Fm--lVj7gIWjsqZaW%2F0srKWriQ%3D%3D; cookiesession1=678B286DBE21302F9F8EF3E3181CB620
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 01:05:48 GMT
Server: nginx/1.16.1
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Content-Length: 3158
Last-Modified: Mon, 10 Oct 2022 22:58:22 GMT
ETag: "6344a38e-12e5"
Expires: Thu, 08 Dec 2022 01:05:48 GMT
Cache-Control: max-age=86400, public
Accept-Ranges: bytes
Via: 1.1 account.covermymeds.com
Vary: Accept-Encoding
X-Cnection: close
Content-Encoding: gzip
Connection: Keep-Alive
Strict-Transport-Security: max-age=31536000
www.covermymeds.com/styles_r2/fonts/nunito_sans.css
66.97.160.55200 OK 627 B URL HTTP/1.1 www.covermymeds.com/styles_r2/fonts/nunito_sans.css
IP 66.97.160.55:0
Hash 1fbef135d2ee114344a36303e66755db
d7f45145016e620a3017585aa53ace5619f2cbb8
39885372ed35e0d4b1be9d5636082a60b327f405e0c7467a3f53e8a37e78b851
GET /styles_r2/fonts/nunito_sans.css HTTP/1.1
Host: www.covermymeds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://account.covermymeds.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 01:05:48 GMT
Server: nginx/1.20.1
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Content-Type: text/css
Content-Length: 627
Last-Modified: Mon, 28 Nov 2022 18:05:59 GMT
ETag: "6384f887-f9b"
Accept-Ranges: bytes
Via: 1.1 www.covermymeds.com
Vary: Accept-Encoding
Cache-Control: max-age=31536000
Expires: Thu, 07 Dec 2023 01:05:48 GMT
X-Cnection: close
Content-Encoding: gzip
Connection: Keep-Alive
Set-Cookie: cookiesession1=678B286E6EA944FA16FF534ACB72496E;Expires=Thu, 07 Dec 2023 01:05:48 GMT;Path=/;HttpOnly
Strict-Transport-Security: max-age=31536000
account.covermymeds.com/packs/js/application-895ab4b7684ac7b8892b.js
66.97.160.55200 OK 67 kB URL HTTP/1.1 account.covermymeds.com/packs/js/application-895ab4b7684ac7b8892b.js
IP 66.97.160.55:0
File type ASCII text, with very long lines (65446)
Hash d6830405767096ab30138c598141a2b5
b66ab69e458fbcdde76b17bf6cd80accd121332f
e10b6118973530dd03336c8ed8ac870cfbd4627023982ede0feb4ba38b28f74e
GET /packs/js/application-895ab4b7684ac7b8892b.js HTTP/1.1
Host: account.covermymeds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://account.covermymeds.com/?utm_medium=email&utm_source=sfmc_provider&utm_campaign=epa-provider-panotify&utm_content=signin-em1&utm_term=cta-text-link-3
Connection: keep-alive
Cookie: _account_session=2s5jhB6dRYERzwqtS10kMLBfHE%2FzuZIt92%2BZM2SFI7q6dwKqHwqRRmViRSP1D%2FIhjalxZ7X4udK46I07gmV1MiLwszumBSKltvIhBqPcdcMhPEOf1RHBziARK7w2p3LpYjBAOBBauQVILNEndEJpkxxRpOOe%2FDKAVvVtF%2BcywXsxbf3r6iCPsQZ%2BnN99UwkCV%2B%2Bxr8gCV7m57iMtlDZGeg%2FUqha6IgmBlQMoc33NXPaN%2Fg5N8mKFCBBlsje2N24xm8hGgPDAiWGjHoW3dA4AcI%2Fsb8pUvYBh--qhld1zT7n7sl%2Bu%2Fm--lVj7gIWjsqZaW%2F0srKWriQ%3D%3D; cookiesession1=678B286DBE21302F9F8EF3E3181CB620
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 01:05:48 GMT
Server: nginx/1.16.1
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Content-Length: 66761
Last-Modified: Fri, 02 Dec 2022 21:12:30 GMT
ETag: "638a6a3e-47a36"
Accept-Ranges: bytes
Via: 1.1 account.covermymeds.com
Vary: Accept-Encoding
X-Cnection: close
Content-Encoding: gzip
Connection: Keep-Alive
Strict-Transport-Security: max-age=31536000
account.covermymeds.com/assets/cmm_header_logo-4858b71569d822440d03155dd45b0388848f8e409e969ca946661cc8b2005f04.png
66.97.160.55200 OK 17 kB URL HTTP/1.1 account.covermymeds.com/assets/cmm_header_logo-4858b71569d822440d03155dd45b0388848f8e409e969ca946661cc8b2005f04.png
IP 66.97.160.55:0
File type PNG image data, 1359 x 225, 8-bit/color RGBA, non-interlaced\012- data
Hash 3414fb1c38528895ef660b67b1e90666
93712c121dd8e1a8ca399fa041c4fe517e9d36c0
f891e2ac0fa3c5131f5bed8ad7a69f587f8f49a41ec59514ec76d73b5802cf1d
GET /assets/cmm_header_logo-4858b71569d822440d03155dd45b0388848f8e409e969ca946661cc8b2005f04.png HTTP/1.1
Host: account.covermymeds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://account.covermymeds.com/?utm_medium=email&utm_source=sfmc_provider&utm_campaign=epa-provider-panotify&utm_content=signin-em1&utm_term=cta-text-link-3
Connection: keep-alive
Cookie: _account_session=2s5jhB6dRYERzwqtS10kMLBfHE%2FzuZIt92%2BZM2SFI7q6dwKqHwqRRmViRSP1D%2FIhjalxZ7X4udK46I07gmV1MiLwszumBSKltvIhBqPcdcMhPEOf1RHBziARK7w2p3LpYjBAOBBauQVILNEndEJpkxxRpOOe%2FDKAVvVtF%2BcywXsxbf3r6iCPsQZ%2BnN99UwkCV%2B%2Bxr8gCV7m57iMtlDZGeg%2FUqha6IgmBlQMoc33NXPaN%2Fg5N8mKFCBBlsje2N24xm8hGgPDAiWGjHoW3dA4AcI%2Fsb8pUvYBh--qhld1zT7n7sl%2Bu%2Fm--lVj7gIWjsqZaW%2F0srKWriQ%3D%3D; cookiesession1=678B286DBE21302F9F8EF3E3181CB620
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 01:05:48 GMT
Server: nginx/1.16.1
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Content-Type: image/png
Content-Length: 17285
Last-Modified: Mon, 10 Oct 2022 22:58:22 GMT
ETag: "6344a38e-4385"
Expires: Thu, 08 Dec 2022 01:05:48 GMT
Cache-Control: max-age=86400, public
Accept-Ranges: bytes
Via: 1.1 account.covermymeds.com
X-Cnection: close
Strict-Transport-Security: max-age=31536000
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2676
Expires: Wed, 07 Dec 2022 01:50:24 GMT
Date: Wed, 07 Dec 2022 01:05:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2676
Expires: Wed, 07 Dec 2022 01:50:24 GMT
Date: Wed, 07 Dec 2022 01:05:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2676
Expires: Wed, 07 Dec 2022 01:50:24 GMT
Date: Wed, 07 Dec 2022 01:05:48 GMT
Connection: keep-alive
account.covermymeds.com/assets/application-c5c2cc28ceef3694214de1dceab1258b5d0ad808a1ed4351fa20b77f9454d1c0.js
66.97.160.55200 OK 172 kB URL HTTP/1.1 account.covermymeds.com/assets/application-c5c2cc28ceef3694214de1dceab1258b5d0ad808a1ed4351fa20b77f9454d1c0.js
IP 66.97.160.55:0
Size 172 kB (171825 bytes)
Hash 1bb93bc8732fac00f686f44f4ef0e4fc
3a2d0ea58b47a21a25e8d18c95b8306047ab17cb
3bd83dfef1efb500f7ac9dde9b28fd184e2c2332291e570ace46c6bccea8f95f
GET /assets/application-c5c2cc28ceef3694214de1dceab1258b5d0ad808a1ed4351fa20b77f9454d1c0.js HTTP/1.1
Host: account.covermymeds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://account.covermymeds.com/?utm_medium=email&utm_source=sfmc_provider&utm_campaign=epa-provider-panotify&utm_content=signin-em1&utm_term=cta-text-link-3
Connection: keep-alive
Cookie: _account_session=2s5jhB6dRYERzwqtS10kMLBfHE%2FzuZIt92%2BZM2SFI7q6dwKqHwqRRmViRSP1D%2FIhjalxZ7X4udK46I07gmV1MiLwszumBSKltvIhBqPcdcMhPEOf1RHBziARK7w2p3LpYjBAOBBauQVILNEndEJpkxxRpOOe%2FDKAVvVtF%2BcywXsxbf3r6iCPsQZ%2BnN99UwkCV%2B%2Bxr8gCV7m57iMtlDZGeg%2FUqha6IgmBlQMoc33NXPaN%2Fg5N8mKFCBBlsje2N24xm8hGgPDAiWGjHoW3dA4AcI%2Fsb8pUvYBh--qhld1zT7n7sl%2Bu%2Fm--lVj7gIWjsqZaW%2F0srKWriQ%3D%3D; cookiesession1=678B286DBE21302F9F8EF3E3181CB620
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 01:05:48 GMT
Server: nginx/1.16.1
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Content-Length: 171825
Last-Modified: Mon, 10 Oct 2022 22:58:22 GMT
ETag: "6344a38e-60a01"
Expires: Thu, 08 Dec 2022 01:05:48 GMT
Cache-Control: max-age=86400, public
Accept-Ranges: bytes
Via: 1.1 account.covermymeds.com
Vary: Accept-Encoding
X-Cnection: close
Content-Encoding: gzip
Connection: Keep-Alive
Strict-Transport-Security: max-age=31536000
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd933687b-86e0-407a-9bff-2debb09d5167.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd933687b-86e0-407a-9bff-2debb09d5167.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 550ee57c325ce8d4892400deb24141d3
acece1761a7d4d3926500726c19d528bb204ef4c
7cc68e966362916947e7d6e24d3c001c64298fec2438a97538765d801fa7c92c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd933687b-86e0-407a-9bff-2debb09d5167.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10362
x-amzn-requestid: 7fdd2011-e283-467e-9f04-741946a834ea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpl_1EsooAMFhvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d5065-0cddad1919d984065bd0b03e;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 01:59:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WtZWFmfVSXYRQlYwpBxj8JG_WC91ik_p68HjX7-wCfYb0624CvcBSA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:58:02 GMT
age: 71600
etag: "acece1761a7d4d3926500726c19d528bb204ef4c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2676
Expires: Wed, 07 Dec 2022 01:50:24 GMT
Date: Wed, 07 Dec 2022 01:05:48 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe44b6ac-66fe-4013-a696-460f9692e93e.jpeg
34.120.237.76200 OK 3.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe44b6ac-66fe-4013-a696-460f9692e93e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cefc5a863db79a7a8acd7366322ea34d
ec084f21bd0bcf5c101366e5732421835b3230d3
ee5a022da888181060a9d4ac8ab18fb8e35143b5f046f905d38553b9552f0bbb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe44b6ac-66fe-4013-a696-460f9692e93e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3175
x-amzn-requestid: 3b5ffd5c-a8a5-40d8-b370-c13b0da5f543
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csXJEF0hIAMFZYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6bd3-40d73fc5702a607c4ef71574;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 22:08:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ltw2ovrQ4bRR1LL2qVEls_GK9w7PmSjA44rasHU5PfqroV2-WRWx_w==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 17:22:47 GMT
age: 27781
etag: "ec084f21bd0bcf5c101366e5732421835b3230d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffedaa717-23e2-407d-9833-52d537b9b6c5.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffedaa717-23e2-407d-9833-52d537b9b6c5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2d237b386960b3fbbcfdde0d2f0179ca
46c6733ae3f0c01f1ec1f71790d71cac9797fcd2
4a86ff99f57d9dea3d7f2f22a02f54f3e9bfbdfca07722d1a7c3d25a1dc5160c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffedaa717-23e2-407d-9833-52d537b9b6c5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5704
x-amzn-requestid: 7b87f011-2d7b-41fc-9897-358e5d1a3e5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cc4a2FrvIAMF5tw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63883aab-32ed5f3631606c622938642e;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 05:24:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TdQ61Y7uA27y4OllBFy0cyFxVJ6oD-dOJxL_B2rpmsz0xvN-VD9FhQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:56:55 GMT
age: 11333
etag: "46c6733ae3f0c01f1ec1f71790d71cac9797fcd2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19ffa93b-2002-4f40-ab8b-aa163e9b5939.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19ffa93b-2002-4f40-ab8b-aa163e9b5939.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 535710165275856757bd7d1689f79de3
d51162b7fcba50022482b7130a556f3a7dfe822f
c93e2df13b78cd4b718eb4fe3fe70a9d6d12fd0a0d7f505219ec0d5e6a70653c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19ffa93b-2002-4f40-ab8b-aa163e9b5939.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6186
x-amzn-requestid: 53d1d373-ff6c-4c59-bdeb-fff592bca586
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUsyGOEIAMFwfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e67eb-0156077b52dc07fb124c087b;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:51:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4ORpzqbzQyJz_i3wpxf_07mXK3ovj1JT8kn-M9fdrGRgDVig7hhN5w==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 12:25:50 GMT
age: 45598
etag: "d51162b7fcba50022482b7130a556f3a7dfe822f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F167b7461-ee08-4205-a299-12e7c883b958.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F167b7461-ee08-4205-a299-12e7c883b958.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4884ce2731d3033b12e4792c1bbf453e
63b6efc98cb04228d82ac28fceb97bb1cf8d82fb
8c37704d0e1fd16239e28cbdb88c5ac6a2e9cfb70f8457bfab127202f89d3788
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F167b7461-ee08-4205-a299-12e7c883b958.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14896
x-amzn-requestid: 58d94b15-dce0-44c0-96b1-917f1206a39e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cnA4RFkeoAMFfGQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c4834-7c1667b53795d5c11a3bfdda;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 07:11:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gKrU6wAuRsrr4_VwxjHIsTHjAB_L3xy6VQPRFBTUrK4vd7ycP3kyig==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 07:46:26 GMT
age: 62362
etag: "63b6efc98cb04228d82ac28fceb97bb1cf8d82fb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
chat.covermymeds.com/javascripts/bundle-customer.js
66.97.160.33200 OK 87 kB URL HTTP/1.1 chat.covermymeds.com/javascripts/bundle-customer.js
IP 66.97.160.33:0
File type Unicode text, UTF-8 text, with very long lines (40447), with LF, NEL line terminators
Hash d8794fc9b665aaa49941abfef7753153
fcd9b70a5504197e63174a89bfccf69a340295b1
479f412bacd8d74bf0327c56cb2e3727774d3cece6ed66fc45ecd535bf09df0a
GET /javascripts/bundle-customer.js HTTP/1.1
Host: chat.covermymeds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://account.covermymeds.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 01:05:48 GMT
Server: nginx/1.16.1
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Expires: Sun, 05 Feb 2023 01:05:48 GMT
Cache-Control: max-age=5184000, public
Accept-Ranges: bytes
Via: 1.1 chat.covermymeds.com
Vary: Accept-Encoding
Content-Encoding: gzip
Connection: close
Set-Cookie: cookiesession1=678B28752E1DA5ED0F8ABF439A0CFAD4;Expires=Thu, 07 Dec 2023 01:05:48 GMT;Path=/;HttpOnly
Strict-Transport-Security: max-age=31536000
content-length: 87203
cdn.pendo.io/agent/static/89b77497-23cf-4058-6d78-e33d78245f50/pendo.js
54.230.111.15200 OK 136 kB URL HTTP/2 cdn.pendo.io/agent/static/89b77497-23cf-4058-6d78-e33d78245f50/pendo.js
IP 54.230.111.15:0
File type ASCII text, with very long lines (47462)
Size 136 kB (135534 bytes)
Hash ba3ca6782f3e99d9a44502d83873530c
15339418ac948cc60b55a5eaff809676b487449e
94ffaf8370a3b77e6a141c12b4273770f9bd0a6163feb3e2055759815f8ff913
GET /agent/static/89b77497-23cf-4058-6d78-e33d78245f50/pendo.js HTTP/1.1
Host: cdn.pendo.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://account.covermymeds.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 135534
x-guploader-uploadid: ADPycds3-Fq9JclR3ZIC_m_M1XhJ-7jvqTh3cNsawSP2xxvPlbeALrWOb99r4FmnMIqYn2foOb3F957gKDqt5huRM-mdmw
last-modified: Thu, 01 Dec 2022 19:12:24 GMT
x-goog-generation: 1669921944464169
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 135534
content-encoding: gzip
x-goog-hash: crc32c=dpdesQ==, md5=ujymeC8+mdmkRQLYOHNTDA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: *
server: UploadServer
date: Wed, 07 Dec 2022 01:02:06 GMT
expires: Wed, 07 Dec 2022 01:09:36 GMT
cache-control: max-age=450
etag: "ba3ca6782f3e99d9a44502d83873530c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: iUMaaTNZswkaaLOrwUporxaKwu63Z8o9EUFcriStpaIY-kQyxsqPSQ==
age: 223
X-Firefox-Spdy: h2
account.covermymeds.com/packs/media/images/hero-quarter-orange-e883210dd4516c14d0c65aa998de99eb.jpg
66.97.160.55200 OK 129 kB URL HTTP/1.1 account.covermymeds.com/packs/media/images/hero-quarter-orange-e883210dd4516c14d0c65aa998de99eb.jpg
IP 66.97.160.55:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 2800x1308, components 3\012- data
Size 129 kB (129147 bytes)
Hash e883210dd4516c14d0c65aa998de99eb
9c05b505df85a3efac071454faa51af1c6cb0e03
61e3d312607c01f114ae98393cee089d6884253bbd41936cc8d09f65cb952f49
GET /packs/media/images/hero-quarter-orange-e883210dd4516c14d0c65aa998de99eb.jpg HTTP/1.1
Host: account.covermymeds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://account.covermymeds.com/packs/css/application-a6d37888.css
Cookie: _account_session=2s5jhB6dRYERzwqtS10kMLBfHE%2FzuZIt92%2BZM2SFI7q6dwKqHwqRRmViRSP1D%2FIhjalxZ7X4udK46I07gmV1MiLwszumBSKltvIhBqPcdcMhPEOf1RHBziARK7w2p3LpYjBAOBBauQVILNEndEJpkxxRpOOe%2FDKAVvVtF%2BcywXsxbf3r6iCPsQZ%2BnN99UwkCV%2B%2Bxr8gCV7m57iMtlDZGeg%2FUqha6IgmBlQMoc33NXPaN%2Fg5N8mKFCBBlsje2N24xm8hGgPDAiWGjHoW3dA4AcI%2Fsb8pUvYBh--qhld1zT7n7sl%2Bu%2Fm--lVj7gIWjsqZaW%2F0srKWriQ%3D%3D; cookiesession1=678B286DBE21302F9F8EF3E3181CB620; _gcl_au=1.1.95844840.1670375148; _ga_FNV852Y540=GS1.1.1670375148.1.0.1670375148.0.0.0; _ga=GA1.1.2039578481.1670375148
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 01:05:49 GMT
Server: nginx/1.16.1
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Content-Length: 129147
Last-Modified: Fri, 02 Dec 2022 21:12:30 GMT
ETag: "638a6a3e-1f87b"
Accept-Ranges: bytes
Via: 1.1 account.covermymeds.com
X-Cnection: close
Strict-Transport-Security: max-age=31536000
account.covermymeds.com/packs/media/fonts/2bffef_0_0-a929a8f3dbb466ecf4211ae2b8c5ccc4.woff
66.97.160.55200 OK 30 kB URL HTTP/1.1 account.covermymeds.com/packs/media/fonts/2bffef_0_0-a929a8f3dbb466ecf4211ae2b8c5ccc4.woff
IP 66.97.160.55:0
File type Web Open Font Format, TrueType, length 30469, version 0.0\012- data
Hash a929a8f3dbb466ecf4211ae2b8c5ccc4
75933f898a1aea2a6f644c78f45197e8baf5a727
1243303b5bbae5225a6204024bfb1648bb1f809f0ef4a0ce55f5bd64b41c2352
GET /packs/media/fonts/2bffef_0_0-a929a8f3dbb466ecf4211ae2b8c5ccc4.woff HTTP/1.1
Host: account.covermymeds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://account.covermymeds.com/packs/css/application-a6d37888.css
Cookie: _account_session=2s5jhB6dRYERzwqtS10kMLBfHE%2FzuZIt92%2BZM2SFI7q6dwKqHwqRRmViRSP1D%2FIhjalxZ7X4udK46I07gmV1MiLwszumBSKltvIhBqPcdcMhPEOf1RHBziARK7w2p3LpYjBAOBBauQVILNEndEJpkxxRpOOe%2FDKAVvVtF%2BcywXsxbf3r6iCPsQZ%2BnN99UwkCV%2B%2Bxr8gCV7m57iMtlDZGeg%2FUqha6IgmBlQMoc33NXPaN%2Fg5N8mKFCBBlsje2N24xm8hGgPDAiWGjHoW3dA4AcI%2Fsb8pUvYBh--qhld1zT7n7sl%2Bu%2Fm--lVj7gIWjsqZaW%2F0srKWriQ%3D%3D; cookiesession1=678B286DBE21302F9F8EF3E3181CB620; _gcl_au=1.1.95844840.1670375148; _ga_FNV852Y540=GS1.1.1670375148.1.0.1670375148.0.0.0; _ga=GA1.1.2039578481.1670375148
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 01:05:49 GMT
Server: nginx/1.16.1
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Type: font/woff
Content-Length: 30469
Last-Modified: Fri, 02 Dec 2022 21:12:30 GMT
ETag: "638a6a3e-7705"
Accept-Ranges: bytes
Via: 1.1 account.covermymeds.com
X-Cnection: close
Strict-Transport-Security: max-age=31536000
region1.google-analytics.com/g/collect?v=2&tid=G-FNV852Y540>m=2oebu0&_p=735902494&cid=2039578481.1670375148&ul=en-us&sr=1280x1024&ir=1&_eu=EA&_s=1&sid=1670375148&sct=1&seg=0&dl=https%3A%2F%2Faccount.covermymeds.com%2F%3Futm_medium%3Demail%26utm_source%3Dsfmc_provider%26utm_campaign%3Depa-provider-panotify%26utm_content%3Dsignin-em1%26utm_term%3Dcta-text-link-3&dt=Log%20In%20%7C%20CoverMyMeds%2C%20The%20Leader%20In%20Electronic%20Prior%20Authorization&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-FNV852Y540>m=2oebu0&_p=735902494&cid=2039578481.1670375148&ul=en-us&sr=1280x1024&ir=1&_eu=EA&_s=1&sid=1670375148&sct=1&seg=0&dl=https%3A%2F%2Faccount.covermymeds.com%2F%3Futm_medium%3Demail%26utm_source%3Dsfmc_provider%26utm_campaign%3Depa-provider-panotify%26utm_content%3Dsignin-em1%26utm_term%3Dcta-text-link-3&dt=Log%20In%20%7C%20CoverMyMeds%2C%20The%20Leader%20In%20Electronic%20Prior%20Authorization&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-FNV852Y540>m=2oebu0&_p=735902494&cid=2039578481.1670375148&ul=en-us&sr=1280x1024&ir=1&_eu=EA&_s=1&sid=1670375148&sct=1&seg=0&dl=https%3A%2F%2Faccount.covermymeds.com%2F%3Futm_medium%3Demail%26utm_source%3Dsfmc_provider%26utm_campaign%3Depa-provider-panotify%26utm_content%3Dsignin-em1%26utm_term%3Dcta-text-link-3&dt=Log%20In%20%7C%20CoverMyMeds%2C%20The%20Leader%20In%20Electronic%20Prior%20Authorization&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://account.covermymeds.com/
Origin: https://account.covermymeds.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://account.covermymeds.com
date: Wed, 07 Dec 2022 01:05:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
js.adsrvr.org/up_loader.1.1.0.js
143.204.45.46200 OK 1.9 kB URL HTTP/1.1 js.adsrvr.org/up_loader.1.1.0.js
IP 143.204.45.46:0
File type ASCII text, with very long lines (4593), with no line terminators
Hash 8dc722d27824e60548fd25752623cd07
33d66ad1a4a162e2d6c9ed732d6c9af79635fc4d
14ce9119fe06fb2d363ba3c824e9f5b3f212f1f39dfab38c836fa13a20daec1b
GET /up_loader.1.1.0.js HTTP/1.1
Host: js.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://account.covermymeds.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Tue, 06 Dec 2022 16:19:20 GMT
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vOrOFu2pAqHuCxE_bCCx6pfgHjM2y-HbeoG0sG8Ce_-OPnoRh88Iuw==
Age: 31590
ocsp.pki.goog/s/gts1d4/oGQfcJFPyx4
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/oGQfcJFPyx4
IP 216.58.211.3:0
Hash 803eb4ac4e5b2fcc7e386cc11d741d3c
2b58bd1052a38a1216a0afa3aec472c1ff2c6d2a
fd8adf371ef7deb3fda7463a49e6235f36eb8ddce205028b2cdf80e25bf0dc04
POST /s/gts1d4/oGQfcJFPyx4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 01:05:49 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.pdst.fm/ping.min.js
35.244.142.80200 OK 5.8 kB IP 35.244.142.80:0
File type ASCII text, with very long lines (26948), with no line terminators
Hash d001d1c9f5a942fa5524eeacb047e819
6ebc303d4e3fe71192400673808f37ce1c6a1d25
63882c75983a011c7ae5041061a95babb9e67fa508b0628e1c00f455ccd40b0a
GET /ping.min.js HTTP/1.1
Host: cdn.pdst.fm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://account.covermymeds.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvWhmMT0tGPBZvaDlEbhKeO_m6gNxQSDiUCPAu6J_9qnQY3zZa1UPjLT2H4-DfrBNSCTyUeIFQ_dBlHDkQ5ne-20uihIiSQ
x-goog-generation: 1622234043862937
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 5774
content-encoding: gzip
x-goog-hash: crc32c=oKoi/w==, md5=0AHRyfWpQvpVJO6ssEfoGQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
content-length: 5774
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
date: Wed, 07 Dec 2022 00:26:44 GMT
expires: Wed, 07 Dec 2022 01:26:44 GMT
cache-control: public, max-age=3600
age: 2345
last-modified: Fri, 28 May 2021 20:34:03 GMT
etag: "d001d1c9f5a942fa5524eeacb047e819"
content-type: application/javascript;
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/oGQfcJFPyx4
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/oGQfcJFPyx4
IP 216.58.211.3:0
Hash 803eb4ac4e5b2fcc7e386cc11d741d3c
2b58bd1052a38a1216a0afa3aec472c1ff2c6d2a
fd8adf371ef7deb3fda7463a49e6235f36eb8ddce205028b2cdf80e25bf0dc04
POST /s/gts1d4/oGQfcJFPyx4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 01:05:49 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
vidassets.terminus.services/7d5a230c-32d3-49ee-9b04-fcdd1b9a7cc4/t.js
143.204.55.50404 Not Found 0 B URL HTTP/2 vidassets.terminus.services/7d5a230c-32d3-49ee-9b04-fcdd1b9a7cc4/t.js
IP 143.204.55.50:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /7d5a230c-32d3-49ee-9b04-fcdd1b9a7cc4/t.js HTTP/1.1
Host: vidassets.terminus.services
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://account.covermymeds.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
content-type: application/json
content-length: 0
date: Wed, 07 Dec 2022 01:02:09 GMT
cache-control: public, s-maxage=900
server: nginx/1.10.3 (Ubuntu)
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-cache: Error from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: JccFUKCwGuMq5bTktJOaXCNqcO4NZZ5D6j9-D-bOi-bfJPC9lYIIRg==
age: 220
X-Firefox-Spdy: h2
www.covermymeds.com/fonts/nunitosans/pe03MImSLYBIv1o4X1M8cc8GBs5tU1ECVZl_.woff2
66.97.160.55200 OK 11 kB URL HTTP/1.1 www.covermymeds.com/fonts/nunitosans/pe03MImSLYBIv1o4X1M8cc8GBs5tU1ECVZl_.woff2
IP 66.97.160.55:0
File type Web Open Font Format (Version 2), TrueType, length 11332, version 1.0\012- data
Hash 006eb7906bf35f39332baab54b56cb5e
ad1f00418b70b25d410849f328127e7692bdb848
98bf460214a592d28141740a065d561a43fd31c00bcc84c4c7da2c84741de619
GET /fonts/nunitosans/pe03MImSLYBIv1o4X1M8cc8GBs5tU1ECVZl_.woff2 HTTP/1.1
Host: www.covermymeds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://account.covermymeds.com
Connection: keep-alive
Referer: https://www.covermymeds.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 01:05:49 GMT
Server: nginx/1.16.1
X-Frame-Options: SAMEORIGIN
Content-Type: font/woff2
Content-Length: 11332
Last-Modified: Mon, 28 Nov 2022 18:05:58 GMT
ETag: "6384f886-2c44"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Via: 1.1 www.covermymeds.com
X-Cnection: close
Set-Cookie: cookiesession1=678B286E98999B8DD95B52B90E6468BA;Expires=Thu, 07 Dec 2023 01:05:49 GMT;Path=/;HttpOnly
Strict-Transport-Security: max-age=31536000
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 7dd924224d42f3fefccbe2fa927588ac
94aec3a1364b64633b63f7466f8dbce528bb957d
6187a818ee154da94010b49684b301578538e5046a2cddd9557c6c77f7afea51
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 01:05:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.covermymeds.com/fonts/nunitosans/pe03MImSLYBIv1o4X1M8cc8WAc5tU1ECVZl_.woff2
66.97.160.55200 OK 11 kB URL HTTP/1.1 www.covermymeds.com/fonts/nunitosans/pe03MImSLYBIv1o4X1M8cc8WAc5tU1ECVZl_.woff2
IP 66.97.160.55:0
File type Web Open Font Format (Version 2), TrueType, length 11164, version 1.0\012- data
Hash d1e4dccba539dc8dc7e698b07339c545
cb364f8b4ef631f1bb58d943ad34b6e1afa79094
ea8d599e63bb7e05af49012adc8e7be9f807f8376b3a6141165fbb4431b92dd5
GET /fonts/nunitosans/pe03MImSLYBIv1o4X1M8cc8WAc5tU1ECVZl_.woff2 HTTP/1.1
Host: www.covermymeds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://account.covermymeds.com
Connection: keep-alive
Referer: https://www.covermymeds.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 01:05:49 GMT
Server: nginx/1.20.1
X-Frame-Options: SAMEORIGIN
Content-Type: font/woff2
Content-Length: 11164
Last-Modified: Mon, 28 Nov 2022 18:05:58 GMT
ETag: "6384f886-2b9c"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Via: 1.1 www.covermymeds.com
X-Cnection: close
Set-Cookie: cookiesession1=678B286DBE9FFA0B6F267A98725F3202;Expires=Thu, 07 Dec 2023 01:05:49 GMT;Path=/;HttpOnly
Strict-Transport-Security: max-age=31536000
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash bfb222775c38b54c883143597b30d44b
18630b7b62353275a42954968c729ec57f94dbb4
66849c84124f70d99900285dccec22d795da491d48b4fb0fb76532733cac2e56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 01:05:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.covermymeds.com/fonts/nunitosans/pe0qMImSLYBIv1o4X1M8cce9I9tAcVwo.woff2
66.97.160.55200 OK 11 kB URL HTTP/1.1 www.covermymeds.com/fonts/nunitosans/pe0qMImSLYBIv1o4X1M8cce9I9tAcVwo.woff2
IP 66.97.160.55:0
File type Web Open Font Format (Version 2), TrueType, length 11208, version 1.0\012- data
Hash 0b029f05281e910cce59140f519f33ee
2fcfd3dfad432c0f0bc392f4b9cd07fa1ef80995
09c3f39acdd3ecdaf2d3a17efb700d07fe2691b5524c2aea19c10c9deb662dd5
GET /fonts/nunitosans/pe0qMImSLYBIv1o4X1M8cce9I9tAcVwo.woff2 HTTP/1.1
Host: www.covermymeds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://account.covermymeds.com
Connection: keep-alive
Referer: https://www.covermymeds.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 01:05:49 GMT
Server: nginx/1.16.1
X-Frame-Options: SAMEORIGIN
Content-Type: font/woff2
Content-Length: 11208
Last-Modified: Mon, 28 Nov 2022 18:05:58 GMT
ETag: "6384f886-2bc8"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Via: 1.1 www.covermymeds.com
X-Cnection: close
Set-Cookie: cookiesession1=678B286E71D345A981D4B72E100C60F9;Expires=Thu, 07 Dec 2023 01:05:49 GMT;Path=/;HttpOnly
Strict-Transport-Security: max-age=31536000
us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
216.239.36.54200 OK 22 B URL HTTP/2 us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
IP 216.239.36.54:0
File type ASCII text, with no line terminators
Hash 8e7120c76040a47f820e8c87b95dddce
0ae6d0d5578537f5011e44f97e812069362ac7b2
e64c6bbbdbf2cc009eeb259cfb5f877274d073ea0ef1770008344cdf7d640c3c
OPTIONS /pdst-events-prod-sink HTTP/1.1
Host: us-central1-adaptive-growth.cloudfunctions.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://account.covermymeds.com/
Origin: https://account.covermymeds.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-type: text/html; charset=utf-8
etag: W/"2-ROqGvmcGDXooyAXFZHZ+i4au1yQ"
function-execution-id: ke8y9fk9brxw
x-powered-by: Express
x-cloud-trace-context: 5084641f996a04b56ea22dbc2ddb9de2
content-encoding: gzip
date: Wed, 07 Dec 2022 01:05:49 GMT
server: Google Frontend
cache-control: private
content-length: 22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
chat.covermymeds.com/api_v2/customer/revision?callback=jQuery33108422719486251447_1670375148923&_=1670375148924
66.97.160.33200 OK 101 B URL HTTP/1.1 chat.covermymeds.com/api_v2/customer/revision?callback=jQuery33108422719486251447_1670375148923&_=1670375148924
IP 66.97.160.33:0
File type ASCII text, with no line terminators
Hash 6c21398b1cf0d2e79e4036b706678bfd
4cedc34db879ff94fc9a5b4cd0af8ffaf3964aff
2806948589f753bbe2f1988a6846dcc9b493c2cb658af4aeef0fc8ab9a29cb98
GET /api_v2/customer/revision?callback=jQuery33108422719486251447_1670375148923&_=1670375148924 HTTP/1.1
Host: chat.covermymeds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://account.covermymeds.com/
Connection: keep-alive
Cookie: _gcl_au=1.1.95844840.1670375148; _ga_FNV852Y540=GS1.1.1670375148.1.0.1670375148.0.0.0; _ga=GA1.1.2039578481.1670375148; cookiesession1=678B28752E1DA5ED0F8ABF439A0CFAD4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 01:05:49 GMT
Server: nginx/1.16.1
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0, private, must-revalidate
Etag: W/"2806948589f753bbe2f1988a6846dcc9"
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000
Vary: Accept
X-Content-Type-Options: nosniff, nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Prisma-Event-Id: bb0f215b-39a8-40b8-832c-2bd8996b477e
X-Request-Id: 28a2636f-5579-4762-a701-59ba956b7668
X-Runtime: 0.003374
X-Xss-Protection: 1; mode=block
Via: 1.1 chat.covermymeds.com
Connection: close
content-length: 101
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash bfb222775c38b54c883143597b30d44b
18630b7b62353275a42954968c729ec57f94dbb4
66849c84124f70d99900285dccec22d795da491d48b4fb0fb76532733cac2e56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 01:05:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
216.239.36.54204 No Content 0 B URL HTTP/2 us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
IP 216.239.36.54:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /pdst-events-prod-sink HTTP/1.1
Host: us-central1-adaptive-growth.cloudfunctions.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://account.covermymeds.com/
Content-Type: application/json
Origin: https://account.covermymeds.com
Content-Length: 601
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
function-execution-id: ja1lyjzjb4mf
x-powered-by: Express
x-cloud-trace-context: 8f09503a092a0165660c09658eeb19c8
date: Wed, 07 Dec 2022 01:05:49 GMT
content-type: text/html
server: Google Frontend
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
snap.licdn.com/li.lms-analytics/insight.min.js
23.36.76.210200 OK 4.6 kB URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP 23.36.76.210:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (12961)
Hash c1a25b303b61b25e995516f5559bcdea
3c16a6fa3a2a6dc59d57a9ea1588c4f259884688
2063d2d1415ce9437e9331cb9a798714a5b2e106a65d6dc0ef0d426a5a4c30f2
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://account.covermymeds.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 17 Nov 2022 18:52:45 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=56036
date: Wed, 07 Dec 2022 01:05:50 GMT
content-length: 4581
x-cdn: AKAM
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash d9339bfb0393ef6575db48a0481f2556
351fa573fc3ea6626f3258061743cad65e0c4fce
5890254c4fac81ab169d788b9e5f9100f36e1ea2a2a6fe9036c45122aff062b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 01:05:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://account.covermymeds.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 07 Dec 2022 00:41:08 GMT
expires: Wed, 07 Dec 2022 02:41:08 GMT
cache-control: public, max-age=7200
age: 1482
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d44205a852cedc47da2373b3542f2ca0
884e5d2d7ef372a86e7edc3f8c1dc63a3b4fbe82
f2adb5b3e4b05ad953d43f483497243ae66c148f2af8f39473ddc6fcf2623bb9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6450
Cache-Control: max-age=135054
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 01:05:50 GMT
Etag: "638f3a4a-1d7"
Expires: Thu, 08 Dec 2022 14:36:44 GMT
Last-Modified: Tue, 06 Dec 2022 12:49:14 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/gtm/optimize.js?id=GTM-5LW6Q86
142.250.74.110200 OK 47 kB URL HTTP/2 www.google-analytics.com/gtm/optimize.js?id=GTM-5LW6Q86
IP 142.250.74.110:0
File type ASCII text, with very long lines (3490)
Hash fa5af7d47752783bc1b684d38d29e3f7
1362d8cde88d8bae031fc14ca81c5198fcaf97f5
004154a66aa8cd4dbfa62a842cc8c0be362f8f57cb117aeb57db6dc7f20827fa
GET /gtm/optimize.js?id=GTM-5LW6Q86 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://account.covermymeds.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 07 Dec 2022 01:05:50 GMT
expires: Wed, 07 Dec 2022 01:05:50 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 47272
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/856736550/?random=1670375148155&cv=11&fst=1670375148155&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Faccount.covermymeds.com%2F%3Futm_medium%3Demail%26utm_source%3Dsfmc_provider%26utm_campaign%3Depa-provider-panotify%26utm_content%3Dsignin-em1%26utm_term%3Dcta-text-link-3&tiba=Log%20In%20%7C%20CoverMyMeds%2C%20The%20Leader%20In%20Electronic%20Prior%20Authorization&auid=95844840.1670375148&rfmt=3&fmt=4
216.58.211.2200 OK 978 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/856736550/?random=1670375148155&cv=11&fst=1670375148155&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Faccount.covermymeds.com%2F%3Futm_medium%3Demail%26utm_source%3Dsfmc_provider%26utm_campaign%3Depa-provider-panotify%26utm_content%3Dsignin-em1%26utm_term%3Dcta-text-link-3&tiba=Log%20In%20%7C%20CoverMyMeds%2C%20The%20Leader%20In%20Electronic%20Prior%20Authorization&auid=95844840.1670375148&rfmt=3&fmt=4
IP 216.58.211.2:0
File type ASCII text, with very long lines (2219), with no line terminators
Hash 6ec783f88eabb4414609a6d629e723a8
7634dfce172e756e90c6481558a97ce3ba2436a0
aa6721c3327837b3099f245e15f25fd051ce850c0cfe6eec7fca8128e545b090
GET /pagead/viewthroughconversion/856736550/?random=1670375148155&cv=11&fst=1670375148155&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Faccount.covermymeds.com%2F%3Futm_medium%3Demail%26utm_source%3Dsfmc_provider%26utm_campaign%3Depa-provider-panotify%26utm_content%3Dsignin-em1%26utm_term%3Dcta-text-link-3&tiba=Log%20In%20%7C%20CoverMyMeds%2C%20The%20Leader%20In%20Electronic%20Prior%20Authorization&auid=95844840.1670375148&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://account.covermymeds.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 01:05:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 978
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 07-Dec-2022 01:20:50 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
account.covermymeds.com/assets/favicon-96x96-6ec4da6ac3cf152bd928ca4d89c1ec5dff27128377439eb8d53f0fb9ef03a480.png
66.97.160.55200 OK 5.5 kB URL HTTP/1.1 account.covermymeds.com/assets/favicon-96x96-6ec4da6ac3cf152bd928ca4d89c1ec5dff27128377439eb8d53f0fb9ef03a480.png
IP 66.97.160.55:0
File type PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced\012- data
Hash 216455ea4abeb3f98bb66e88ffb3ec79
ebea5a30b0208a5a8c57006ae603eac296d18dcc
2dc5ad1c3ea6e16f17fa62afe98adc79838502bc33fc2b49f095e802d2847702
GET /assets/favicon-96x96-6ec4da6ac3cf152bd928ca4d89c1ec5dff27128377439eb8d53f0fb9ef03a480.png HTTP/1.1
Host: account.covermymeds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://account.covermymeds.com/?utm_medium=email&utm_source=sfmc_provider&utm_campaign=epa-provider-panotify&utm_content=signin-em1&utm_term=cta-text-link-3
Connection: keep-alive
Cookie: _account_session=2s5jhB6dRYERzwqtS10kMLBfHE%2FzuZIt92%2BZM2SFI7q6dwKqHwqRRmViRSP1D%2FIhjalxZ7X4udK46I07gmV1MiLwszumBSKltvIhBqPcdcMhPEOf1RHBziARK7w2p3LpYjBAOBBauQVILNEndEJpkxxRpOOe%2FDKAVvVtF%2BcywXsxbf3r6iCPsQZ%2BnN99UwkCV%2B%2Bxr8gCV7m57iMtlDZGeg%2FUqha6IgmBlQMoc33NXPaN%2Fg5N8mKFCBBlsje2N24xm8hGgPDAiWGjHoW3dA4AcI%2Fsb8pUvYBh--qhld1zT7n7sl%2Bu%2Fm--lVj7gIWjsqZaW%2F0srKWriQ%3D%3D; cookiesession1=678B286DBE21302F9F8EF3E3181CB620; _gcl_au=1.1.95844840.1670375148; _ga_FNV852Y540=GS1.1.1670375148.1.0.1670375148.0.0.0; _ga=GA1.1.2039578481.1670375148; __pdst=467eaac36a374da8aa315cc346558572
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 01:05:50 GMT
Server: nginx/1.16.1
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Content-Type: image/png
Content-Length: 5505
Last-Modified: Mon, 10 Oct 2022 22:58:22 GMT
ETag: "6344a38e-1581"
Expires: Thu, 08 Dec 2022 01:05:50 GMT
Cache-Control: max-age=86400, public
Accept-Ranges: bytes
Via: 1.1 account.covermymeds.com
X-Cnection: close
Strict-Transport-Security: max-age=31536000
secure.adnxs.com/px?id=1613182&t=2
185.89.210.212307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/px?id=1613182&t=2
IP 185.89.210.212:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px?id=1613182&t=2 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://account.covermymeds.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 07 Dec 2022 01:05:50 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1613182%26t%3D2
AN-X-Request-Uuid: be1ec9ec-0d32-4b9c-a37f-e7b972ef47fc
Set-Cookie: uuid2=5090373863164017013; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 07-Mar-2023 01:05:50 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
connect.facebook.net/en_US/fbevents.js
157.240.200.14200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://account.covermymeds.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 3ihc+rB1WZ0S7tJFQLTeqrMCbM6UlK6qf/aSDfcKnY8Efhttw90qm8l8r4eIjRllkf8Knrkpv+SK6syZy0n92g==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 1679558926
date: Wed, 07 Dec 2022 01:05:50 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash d9339bfb0393ef6575db48a0481f2556
351fa573fc3ea6626f3258061743cad65e0c4fce
5890254c4fac81ab169d788b9e5f9100f36e1ea2a2a6fe9036c45122aff062b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 01:05:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d44205a852cedc47da2373b3542f2ca0
884e5d2d7ef372a86e7edc3f8c1dc63a3b4fbe82
f2adb5b3e4b05ad953d43f483497243ae66c148f2af8f39473ddc6fcf2623bb9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6450
Cache-Control: max-age=135054
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 01:05:50 GMT
Etag: "638f3a4a-1d7"
Expires: Thu, 08 Dec 2022 14:36:44 GMT
Last-Modified: Tue, 06 Dec 2022 12:49:14 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
account.covermymeds.com/assets/favicon-16x16-708d9aa9c457a21b290dcab2b3971ba9959021cd5652174c77cf2a52367b6ba0.png
66.97.160.55200 OK 675 B URL HTTP/1.1 account.covermymeds.com/assets/favicon-16x16-708d9aa9c457a21b290dcab2b3971ba9959021cd5652174c77cf2a52367b6ba0.png
IP 66.97.160.55:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 9cec3d0b7ef72ef8c07d591974337fb5
a75c3dd56fe0818ea19a786e32edeca6cb38b4b3
e8980b2171b79af618dc8464ccd59536c7be835f64ecd956352fe6d8b15aa825
GET /assets/favicon-16x16-708d9aa9c457a21b290dcab2b3971ba9959021cd5652174c77cf2a52367b6ba0.png HTTP/1.1
Host: account.covermymeds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://account.covermymeds.com/?utm_medium=email&utm_source=sfmc_provider&utm_campaign=epa-provider-panotify&utm_content=signin-em1&utm_term=cta-text-link-3
Connection: keep-alive
Cookie: _account_session=2s5jhB6dRYERzwqtS10kMLBfHE%2FzuZIt92%2BZM2SFI7q6dwKqHwqRRmViRSP1D%2FIhjalxZ7X4udK46I07gmV1MiLwszumBSKltvIhBqPcdcMhPEOf1RHBziARK7w2p3LpYjBAOBBauQVILNEndEJpkxxRpOOe%2FDKAVvVtF%2BcywXsxbf3r6iCPsQZ%2BnN99UwkCV%2B%2Bxr8gCV7m57iMtlDZGeg%2FUqha6IgmBlQMoc33NXPaN%2Fg5N8mKFCBBlsje2N24xm8hGgPDAiWGjHoW3dA4AcI%2Fsb8pUvYBh--qhld1zT7n7sl%2Bu%2Fm--lVj7gIWjsqZaW%2F0srKWriQ%3D%3D; cookiesession1=678B286DBE21302F9F8EF3E3181CB620; _gcl_au=1.1.95844840.1670375148; _ga_FNV852Y540=GS1.1.1670375148.1.0.1670375148.0.0.0; _ga=GA1.1.2039578481.1670375148; __pdst=467eaac36a374da8aa315cc346558572
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 01:05:50 GMT
Server: nginx/1.16.1
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Content-Type: image/png
Content-Length: 675
Last-Modified: Mon, 10 Oct 2022 22:58:22 GMT
ETag: "6344a38e-2a3"
Expires: Thu, 08 Dec 2022 01:05:50 GMT
Cache-Control: max-age=86400, public
Accept-Ranges: bytes
Via: 1.1 account.covermymeds.com
X-Cnection: close
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
ocsp.godaddy.com/
192.124.249.23200 OK 1.7 kB IP 192.124.249.23:0
Hash 7e2791837237dfc2167a0e4882728b96
becca33d6722aa811d9cf56bc0302d3f2814bc6a
7e8da085d2e9c84b03a5b5dff9147156e0772d853e1c27484987a0e36acb960c
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 68
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 07 Dec 2022 01:05:50 GMT
Content-Type: application/ocsp-response
Content-Length: 1731
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 06 Dec 2022 19:22:29 GMT
Expires: Wed, 07 Dec 2022 19:22:29 GMT
ETag: "becca33d6722aa811d9cf56bc0302d3f2814bc6a"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
secure.adnxs.com/bounce?%2Fpx%3Fid%3D1613182%26t%3D2
185.89.210.212200 OK 43 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fpx%3Fid%3D1613182%26t%3D2
IP 185.89.210.212:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fpx%3Fid%3D1613182%26t%3D2 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://account.covermymeds.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 07 Dec 2022 01:05:50 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 823c4568-2641-4094-8be8-34642bfecd25
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
bat.bing.com/action/0?ti=26055177&tm=gtm002&Ver=2&mid=0796233d-0da8-4322-959d-136d06d43e00&sid=4a031e2075cb11edacef6fa77f900aa7&vid=4a03503075cb11edb20bd587197f31d6&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Log%20In%20%7C%20CoverMyMeds,%20The%20Leader%20In%20Electronic%20Prior%20Authorization&p=https%3A%2F%2Faccount.covermymeds.com%2F%3Futm_medium%3Demail%26utm_source%3Dsfmc_provider%26utm_campaign%3Depa-provider-panotify%26utm_content%3Dsignin-em1%26utm_term%3Dcta-text-link-3&r=<=2688&evt=pageLoad&sv=1&rn=498002
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=26055177&tm=gtm002&Ver=2&mid=0796233d-0da8-4322-959d-136d06d43e00&sid=4a031e2075cb11edacef6fa77f900aa7&vid=4a03503075cb11edb20bd587197f31d6&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Log%20In%20%7C%20CoverMyMeds,%20The%20Leader%20In%20Electronic%20Prior%20Authorization&p=https%3A%2F%2Faccount.covermymeds.com%2F%3Futm_medium%3Demail%26utm_source%3Dsfmc_provider%26utm_campaign%3Depa-provider-panotify%26utm_content%3Dsignin-em1%26utm_term%3Dcta-text-link-3&r=<=2688&evt=pageLoad&sv=1&rn=498002
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=26055177&tm=gtm002&Ver=2&mid=0796233d-0da8-4322-959d-136d06d43e00&sid=4a031e2075cb11edacef6fa77f900aa7&vid=4a03503075cb11edb20bd587197f31d6&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Log%20In%20%7C%20CoverMyMeds,%20The%20Leader%20In%20Electronic%20Prior%20Authorization&p=https%3A%2F%2Faccount.covermymeds.com%2F%3Futm_medium%3Demail%26utm_source%3Dsfmc_provider%26utm_campaign%3Depa-provider-panotify%26utm_content%3Dsignin-em1%26utm_term%3Dcta-text-link-3&r=<=2688&evt=pageLoad&sv=1&rn=498002 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://account.covermymeds.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=1F0FC401395664560587D67238A3650C; domain=.bing.com; expires=Mon, 01-Jan-2024 01:05:50 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 68A8886F9C394772BC8113ECA9793C97 Ref B: OSL30EDGE0213 Ref C: 2022-12-07T01:05:50Z
date: Wed, 07 Dec 2022 01:05:49 GMT
X-Firefox-Spdy: h2
cdn.linkedin.oribi.io/partner/34915/domain/account.covermymeds.com/token
54.230.111.112200 OK 0 B URL HTTP/2 cdn.linkedin.oribi.io/partner/34915/domain/account.covermymeds.com/token
IP 54.230.111.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /partner/34915/domain/account.covermymeds.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://account.covermymeds.com/
Origin: https://account.covermymeds.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
date: Tue, 06 Dec 2022 02:17:24 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: content-type
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rfnJZgRN4G8MrTktog7w9Ui9QY2uhnqF_62IW5qx00fCB9pc4L01jw==
age: 82106
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 013b65c5b52bb7855158194ff2024fb8
94eae308d8338735898e90536fc6ba076ff28cdd
bb5ab17efd81056c5f0ab03312011b63acb099c0e249364464391af52428098e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 01:05:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 5006b8e985c5838b7fd2f2b558a65bc4
183ff15e0faedf346305fd6fe1c70c9c7a1eef4a
fcbfec9f5fd0e10d44778c1df64d8612281cd39881cdfd0aa8ca30d13655655a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 01:05:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-7780355-10&cid=2039578481.1670375148&jid=574016617&gjid=373856793&_gid=1913538233.1670375150&_u=aCDAgEABQAAAAEAEK~&z=1235530150
64.233.164.157200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-7780355-10&cid=2039578481.1670375148&jid=574016617&gjid=373856793&_gid=1913538233.1670375150&_u=aCDAgEABQAAAAEAEK~&z=1235530150
IP 64.233.164.157:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-7780355-10&cid=2039578481.1670375148&jid=574016617&gjid=373856793&_gid=1913538233.1670375150&_u=aCDAgEABQAAAAEAEK~&z=1235530150 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://account.covermymeds.com/
Content-Type: text/plain
Content-Length: 0
Origin: https://account.covermymeds.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://account.covermymeds.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 07 Dec 2022 01:05:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/856736550/?random=1670375148155&cv=11&fst=1670374800000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Faccount.covermymeds.com%2F%3Futm_medium%3Demail%26utm_source%3Dsfmc_provider%26utm_campaign%3Depa-provider-panotify%26utm_content%3Dsignin-em1%26utm_term%3Dcta-text-link-3&tiba=Log%20In%20%7C%20CoverMyMeds%2C%20The%20Leader%20In%20Electronic%20Prior%20Authorization&fmt=3&is_vtc=1&random=1745102287&rmt_tld=1&ipr=y
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/856736550/?random=1670375148155&cv=11&fst=1670374800000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Faccount.covermymeds.com%2F%3Futm_medium%3Demail%26utm_source%3Dsfmc_provider%26utm_campaign%3Depa-provider-panotify%26utm_content%3Dsignin-em1%26utm_term%3Dcta-text-link-3&tiba=Log%20In%20%7C%20CoverMyMeds%2C%20The%20Leader%20In%20Electronic%20Prior%20Authorization&fmt=3&is_vtc=1&random=1745102287&rmt_tld=1&ipr=y
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/856736550/?random=1670375148155&cv=11&fst=1670374800000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Faccount.covermymeds.com%2F%3Futm_medium%3Demail%26utm_source%3Dsfmc_provider%26utm_campaign%3Depa-provider-panotify%26utm_content%3Dsignin-em1%26utm_term%3Dcta-text-link-3&tiba=Log%20In%20%7C%20CoverMyMeds%2C%20The%20Leader%20In%20Electronic%20Prior%20Authorization&fmt=3&is_vtc=1&random=1745102287&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://account.covermymeds.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 01:05:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/856736550/?random=1670375148155&cv=11&fst=1670374800000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Faccount.covermymeds.com%2F%3Futm_medium%3Demail%26utm_source%3Dsfmc_provider%26utm_campaign%3Depa-provider-panotify%26utm_content%3Dsignin-em1%26utm_term%3Dcta-text-link-3&tiba=Log%20In%20%7C%20CoverMyMeds%2C%20The%20Leader%20In%20Electronic%20Prior%20Authorization&fmt=3&is_vtc=1&random=1745102287&rmt_tld=0&ipr=y
142.250.74.132200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/856736550/?random=1670375148155&cv=11&fst=1670374800000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Faccount.covermymeds.com%2F%3Futm_medium%3Demail%26utm_source%3Dsfmc_provider%26utm_campaign%3Depa-provider-panotify%26utm_content%3Dsignin-em1%26utm_term%3Dcta-text-link-3&tiba=Log%20In%20%7C%20CoverMyMeds%2C%20The%20Leader%20In%20Electronic%20Prior%20Authorization&fmt=3&is_vtc=1&random=1745102287&rmt_tld=0&ipr=y
IP 142.250.74.132:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/856736550/?random=1670375148155&cv=11&fst=1670374800000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Faccount.covermymeds.com%2F%3Futm_medium%3Demail%26utm_source%3Dsfmc_provider%26utm_campaign%3Depa-provider-panotify%26utm_content%3Dsignin-em1%26utm_term%3Dcta-text-link-3&tiba=Log%20In%20%7C%20CoverMyMeds%2C%20The%20Leader%20In%20Electronic%20Prior%20Authorization&fmt=3&is_vtc=1&random=1745102287&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://account.covermymeds.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 01:05:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bat.bing.com/p/action/26055177.js
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/26055177.js
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/26055177.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://account.covermymeds.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=3A329B087C3E6140069B897B7DCB608B; domain=.bing.com; expires=Mon, 01-Jan-2024 01:05:50 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DBC05B69281749B8A95AC788FCA9317D Ref B: OSL30EDGE0213 Ref C: 2022-12-07T01:05:50Z
date: Wed, 07 Dec 2022 01:05:49 GMT
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash 7060883c19d89e05aa8daa071bae5b7b
391aae451d93d08996c1237c59c993d9e0882f7a
98c8033d6fc10a6ee8d99bff80e580035b1e6cfa3fdbe3091bd627f8c475a077
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 07 Dec 2022 01:05:50 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 06 Dec 2022 20:22:19 GMT
Expires: Wed, 07 Dec 2022 20:22:19 GMT
ETag: "391aae451d93d08996c1237c59c993d9e0882f7a"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 013b65c5b52bb7855158194ff2024fb8
94eae308d8338735898e90536fc6ba076ff28cdd
bb5ab17efd81056c5f0ab03312011b63acb099c0e249364464391af52428098e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 01:05:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash cd6dabd083ee1c237c8ea3ba38cc48d5
bbe4420bf1c0fe0d5621336865563418d2f16f39
c9314cdac13bc2ea94505f473538ab4d5c0a940dfbc2f5447e6f22a5af580572
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 01:05:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
px.ads.linkedin.com/collect?v=2&fmt=js&pid=34915&time=1670375149811&url=https%3A%2F%2Faccount.covermymeds.com%2F%3Futm_medium%3Demail%26utm_source%3Dsfmc_provider%26utm_campaign%3Depa-provider-panotify%26utm_content%3Dsignin-em1%26utm_term%3Dcta-text-link-3
13.107.42.14302 Found 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=34915&time=1670375149811&url=https%3A%2F%2Faccount.covermymeds.com%2F%3Futm_medium%3Demail%26utm_source%3Dsfmc_provider%26utm_campaign%3Depa-provider-panotify%26utm_content%3Dsignin-em1%26utm_term%3Dcta-text-link-3
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=34915&time=1670375149811&url=https%3A%2F%2Faccount.covermymeds.com%2F%3Futm_medium%3Demail%26utm_source%3Dsfmc_provider%26utm_campaign%3Depa-provider-panotify%26utm_content%3Dsignin-em1%26utm_term%3Dcta-text-link-3 HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://account.covermymeds.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D34915%26time%3D1670375149811%26url%3Dhttps%253A%252F%252Faccount.covermymeds.com%252F%253Futm_medium%253Demail%2526utm_source%253Dsfmc_provider%2526utm_campaign%253Depa-provider-panotify%2526utm_content%253Dsignin-em1%2526utm_term%253Dcta-text-link-3%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQKu5wnTmaTzHQAAAYTqHhMjMcuW5le62cmAEcHbJj_VwarpuUexVTGHBLaMZxjuiOoxxD5rzKiddg; Max-Age=2592000; Expires=Fri, 06 Jan 2023 01:05:50 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQJHQMgKhrdWowAAAYTqHhMjx1bc_8lf3aFABMANF3-buyzIpFKULPc4Day0fYfK194_APGD4cLwMmzCm1sClg; Max-Age=2592000; Expires=Fri, 06 Jan 2023 01:05:50 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&1a4da154-6c61-4887-81b3-f23f26d7ef7b"; domain=.linkedin.com; Path=/; Secure; Expires=Thu, 07-Dec-2023 01:05:50 GMT; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2429:u=1:x=1:i=1670375150:t=1670461550:v=2:sig=AQFkJZ10NOLnNgsTiqymYARiQNMRaYbK"; Expires=Thu, 08 Dec 2022 01:05:50 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXvMoV6nq5M6ZmlB+f9hA==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: DB30CE09A2C84C9B9B29AF8F661F53B4 Ref B: OSL30EDGE0218 Ref C: 2022-12-07T01:05:50Z
date: Wed, 07 Dec 2022 01:05:49 GMT
content-length: 0
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=282700338735046&ev=PageView&dl=https%3A%2F%2Faccount.covermymeds.com%2F%3Futm_medium%3Demail%26utm_source%3Dsfmc_provider%26utm_campaign%3Depa-provider-panotify%26utm_content%3Dsignin-em1%26utm_term%3Dcta-text-link-3&rl=&if=false&ts=1670375150138&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=28&fbp=fb.1.1670375150132.441318967&it=1670375149944&coo=false&rqm=GET
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=282700338735046&ev=PageView&dl=https%3A%2F%2Faccount.covermymeds.com%2F%3Futm_medium%3Demail%26utm_source%3Dsfmc_provider%26utm_campaign%3Depa-provider-panotify%26utm_content%3Dsignin-em1%26utm_term%3Dcta-text-link-3&rl=&if=false&ts=1670375150138&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=28&fbp=fb.1.1670375150132.441318967&it=1670375149944&coo=false&rqm=GET
IP 157.240.200.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=282700338735046&ev=PageView&dl=https%3A%2F%2Faccount.covermymeds.com%2F%3Futm_medium%3Demail%26utm_source%3Dsfmc_provider%26utm_campaign%3Depa-provider-panotify%26utm_content%3Dsignin-em1%26utm_term%3Dcta-text-link-3&rl=&if=false&ts=1670375150138&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=28&fbp=fb.1.1670375150132.441318967&it=1670375149944&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://account.covermymeds.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Wed, 07 Dec 2022 01:05:50 GMT
X-Firefox-Spdy: h2
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D34915%26time%3D1670375149811%26url%3Dhttps%253A%252F%252Faccount.covermymeds.com%252F%253Futm_medium%253Demail%2526utm_source%253Dsfmc_provider%2526utm_campaign%253Depa-provider-panotify%2526utm_content%253Dsignin-em1%2526utm_term%253Dcta-text-link-3%26liSync%3Dtrue
13.107.42.14302 Found 0 B URL HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D34915%26time%3D1670375149811%26url%3Dhttps%253A%252F%252Faccount.covermymeds.com%252F%253Futm_medium%253Demail%2526utm_source%253Dsfmc_provider%2526utm_campaign%253Depa-provider-panotify%2526utm_content%253Dsignin-em1%2526utm_term%253Dcta-text-link-3%26liSync%3Dtrue
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D34915%26time%3D1670375149811%26url%3Dhttps%253A%252F%252Faccount.covermymeds.com%252F%253Futm_medium%253Demail%2526utm_source%253Dsfmc_provider%2526utm_campaign%253Depa-provider-panotify%2526utm_content%253Dsignin-em1%2526utm_term%253Dcta-text-link-3%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://account.covermymeds.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=34915&time=1670375149811&url=https%3A%2F%2Faccount.covermymeds.com%2F%3Futm_medium%3Demail%26utm_source%3Dsfmc_provider%26utm_campaign%3Depa-provider-panotify%26utm_content%3Dsignin-em1%26utm_term%3Dcta-text-link-3&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&18a0ede2-9750-4717-877a-80b03927ef95"; Domain=.linkedin.com; Expires=Thu, 07-Dec-2023 01:05:50 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&20221207010550dffc3bb8-1e0f-40a7-8452-6c90baaca36bAQFhwmTYXxx3lGsqFv-KbfdbhhRQZjlI"; Domain=.www.linkedin.com; Expires=Thu, 07-Dec-2023 01:05:50 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NzAzNzUxNTA7MjswMjF4nJLLSRuB92RhZmJJR4mVX7u179CGOa709nTdY7k0Cw==; Domain=.linkedin.com; Expires=Mon, 05 Jun 2023 01:05:50 GMT; Path=/; Secure; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2447:u=1:x=1:i=1670375150:t=1670461550:v=2:sig=AQGbFBkNGhFr57zhmvC2rrtdIIzxtZ-p"; Expires=Thu, 08 Dec 2022 01:05:50 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' *.licdn.com *.linkedin.com wss://*.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/status linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; worker-src blob: 'self'; frame-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' teams.microsoft.com client.learningapp.microsoft.com onyx.www.linkedin.com; report-uri /security/csp?e=p&f=t
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXvMoV82K0o+NZQrvZz9Q==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: E2ADEB08DCAD47C98939A08AC662ACF5 Ref B: OSL30EDGE0218 Ref C: 2022-12-07T01:05:50Z
date: Wed, 07 Dec 2022 01:05:49 GMT
content-length: 0
X-Firefox-Spdy: h2
chat.covermymeds.com/javascripts/bundle-customer-widget.js?v=726b4ea297e54d063be1333a1b1a14236ea3563a&_=1670375148925
66.97.160.33200 OK 519 kB URL HTTP/1.1 chat.covermymeds.com/javascripts/bundle-customer-widget.js?v=726b4ea297e54d063be1333a1b1a14236ea3563a&_=1670375148925
IP 66.97.160.33:0
File type Unicode text, UTF-8 text, with very long lines (60238)
Size 519 kB (518550 bytes)
Hash 7116485768c211ff7b616ea1b1da1f24
2d5014be845fdf1f94f18d2f95b41a37f923763c
2f9a7d8ab5edc09be5eb850534fbd55b66cb2f09ff4085ed6e3b06a6b5c744fb
GET /javascripts/bundle-customer-widget.js?v=726b4ea297e54d063be1333a1b1a14236ea3563a&_=1670375148925 HTTP/1.1
Host: chat.covermymeds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://account.covermymeds.com/
Connection: keep-alive
Cookie: _gcl_au=1.1.95844840.1670375148; _ga_FNV852Y540=GS1.1.1670375148.1.0.1670375148.0.0.0; _ga=GA1.1.2039578481.1670375148; cookiesession1=678B28752E1DA5ED0F8ABF439A0CFAD4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 01:05:49 GMT
Server: nginx/1.16.1
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Expires: Sun, 05 Feb 2023 01:05:49 GMT
Cache-Control: max-age=5184000, public
Accept-Ranges: bytes
Via: 1.1 chat.covermymeds.com
Vary: Accept-Encoding
Content-Encoding: gzip
Connection: close
Strict-Transport-Security: max-age=31536000
content-length: 518550
px.ads.linkedin.com/collect?v=2&fmt=js&pid=34915&time=1670375149811&url=https%3A%2F%2Faccount.covermymeds.com%2F%3Futm_medium%3Demail%26utm_source%3Dsfmc_provider%26utm_campaign%3Depa-provider-panotify%26utm_content%3Dsignin-em1%26utm_term%3Dcta-text-link-3&liSync=true
13.107.42.14200 OK 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=34915&time=1670375149811&url=https%3A%2F%2Faccount.covermymeds.com%2F%3Futm_medium%3Demail%26utm_source%3Dsfmc_provider%26utm_campaign%3Depa-provider-panotify%26utm_content%3Dsignin-em1%26utm_term%3Dcta-text-link-3&liSync=true
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=34915&time=1670375149811&url=https%3A%2F%2Faccount.covermymeds.com%2F%3Futm_medium%3Demail%26utm_source%3Dsfmc_provider%26utm_campaign%3Depa-provider-panotify%26utm_content%3Dsignin-em1%26utm_term%3Dcta-text-link-3&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://account.covermymeds.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&d301d3f9-8576-49f5-8edd-80b651336339"; domain=.linkedin.com; Path=/; Secure; Expires=Thu, 07-Dec-2023 01:05:50 GMT; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2447:u=1:x=1:i=1670375150:t=1670461550:v=2:sig=AQGbFBkNGhFr57zhmvC2rrtdIIzxtZ-p"; Expires=Thu, 08 Dec 2022 01:05:50 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXvMoV+4/wWyVacfusl9A==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 2423CB2C9B4241D38502B4B658B7776C Ref B: OSL30EDGE0218 Ref C: 2022-12-07T01:05:50Z
date: Wed, 07 Dec 2022 01:05:49 GMT
content-length: 0
X-Firefox-Spdy: h2
chat.covermymeds.com/api_v2/customer/status?callback=jQuery331014786549375437097_1670375150570&_=1670375150571
66.97.160.33200 OK 94 B URL HTTP/1.1 chat.covermymeds.com/api_v2/customer/status?callback=jQuery331014786549375437097_1670375150570&_=1670375150571
IP 66.97.160.33:0
File type ASCII text, with no line terminators
Hash e99801e3bc3fdecd9a7daa44f8101ed1
118517f5e2a70e7c758194fb4e29ca217bab9004
1084b193e7f9826abb4418c1733306d7bb1c8cd8ddb29fcf05cb7107441b620b
GET /api_v2/customer/status?callback=jQuery331014786549375437097_1670375150570&_=1670375150571 HTTP/1.1
Host: chat.covermymeds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://account.covermymeds.com/
Connection: keep-alive
Cookie: _gcl_au=1.1.95844840.1670375148; _ga_FNV852Y540=GS1.1.1670375148.1.0.1670375148.0.0.0; _ga=GA1.2.2039578481.1670375148; cookiesession1=678B28752E1DA5ED0F8ABF439A0CFAD4; _uetsid=4a031e2075cb11edacef6fa77f900aa7; _uetvid=4a03503075cb11edb20bd587197f31d6; _gid=GA1.2.1913538233.1670375150; _dc_gtm_UA-7780355-10=1; _fbp=fb.1.1670375150132.441318967
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 01:05:51 GMT
Server: nginx/1.16.1
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0, private, must-revalidate
Etag: W/"1084b193e7f9826abb4418c1733306d7"
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000
Vary: Accept
X-Content-Type-Options: nosniff, nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Prisma-Event-Id: de3cbc78-ee39-c235-c6b5-7e02b9a650aa
X-Request-Id: 0506a4a8-37ff-429c-8db0-fca2676d7b30
X-Runtime: 0.008442
X-Xss-Protection: 1; mode=block
Via: 1.1 chat.covermymeds.com
Connection: close
content-length: 94
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash ab86a19f3c358b230a1dfc06b2c95d77
fa54a0832b444649f5f58b275ed615c4fd6fa714
7302d676a89510f59007d058c359fda7d213a9fd859a2e608caf2405cc15cd7c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 01:05:51 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 23:26:22 GMT
Expires: Mon, 12 Dec 2022 23:26:21 GMT
Etag: "fa54a0832b444649f5f58b275ed615c4fd6fa714"
Cache-Control: max-age=511829,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77595af5ea0f1c16-OSL
ocsp.pki.goog/s/gts1d4/S_oXU3H4Jpc
216.58.211.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/S_oXU3H4Jpc
IP 216.58.211.3:0
Hash ebb5e9b38045832c2b2bf804b7ddc07a
2b6a47e41a2625fd1a8e5be3ddbd8e55d78fc6d0
d82a106d0b9f4f8db8efa53d4ba305347541c5b43d836e69e863ee58137cde64
POST /s/gts1d4/S_oXU3H4Jpc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 01:05:51 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/S_oXU3H4Jpc
216.58.211.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/S_oXU3H4Jpc
IP 216.58.211.3:0
Hash ebb5e9b38045832c2b2bf804b7ddc07a
2b6a47e41a2625fd1a8e5be3ddbd8e55d78fc6d0
d82a106d0b9f4f8db8efa53d4ba305347541c5b43d836e69e863ee58137cde64
POST /s/gts1d4/S_oXU3H4Jpc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 01:05:51 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/S_oXU3H4Jpc
216.58.211.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/S_oXU3H4Jpc
IP 216.58.211.3:0
Hash ebb5e9b38045832c2b2bf804b7ddc07a
2b6a47e41a2625fd1a8e5be3ddbd8e55d78fc6d0
d82a106d0b9f4f8db8efa53d4ba305347541c5b43d836e69e863ee58137cde64
POST /s/gts1d4/S_oXU3H4Jpc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 01:05:51 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
100.20.58.101/is
100.20.58.101200 OK 32 B IP 100.20.58.101:0
File type ASCII text, with no line terminators
Hash 30bc967f60821e25345342a0e2f2df10
a2740db54d476372961acd5d22a2bec3cc29e53a
57f7bbacee1628826d1aea10d1032531dba6f6dfc4e6e006ee5f338316011e8d
Analyzer Verdict Alert quad9 Sinkholed
GET /is HTTP/1.1
Host: 100.20.58.101
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://account.covermymeds.com/
Origin: https://account.covermymeds.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Wed, 07 Dec 2022 01:05:50 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
x-application-context: application:prod:8080
content-type: text/plain;charset=utf-8
content-length: 32
x-envoy-upstream-service-time: 0
server: istio-envoy
connection: close
cdn.linkedin.oribi.io/partner/34915/domain/account.covermymeds.com/token
54.230.111.112200 OK 104 B URL HTTP/2 cdn.linkedin.oribi.io/partner/34915/domain/account.covermymeds.com/token
IP 54.230.111.112:0
Hash f300e2a4e2aa8ab2dbe3727e273fe4dd
5aa7e29e67ba7e1c003ea9902d9e407e9ed1de33
aad40f368d389709abeef0de0ac56af4c39ef25c8a5aa91bc851e6088a4366a6
GET /partner/34915/domain/account.covermymeds.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://account.covermymeds.com/
Content-Type: application/json
Origin: https://account.covermymeds.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Wed, 07 Dec 2022 00:38:16 GMT
access-control-allow-origin: *
cache-control: public, max-age=12937
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5KpPIYNlVk7vnsH6V2MN8qQ1e3945Ft6w0mA3IQH7AyaYZEyFs9stQ==
age: 1654
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/S_oXU3H4Jpc
216.58.211.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/S_oXU3H4Jpc
IP 216.58.211.3:0
Hash ebb5e9b38045832c2b2bf804b7ddc07a
2b6a47e41a2625fd1a8e5be3ddbd8e55d78fc6d0
d82a106d0b9f4f8db8efa53d4ba305347541c5b43d836e69e863ee58137cde64
POST /s/gts1d4/S_oXU3H4Jpc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 01:05:51 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
data.pendo.io/data/ptm.gif/89b77497-23cf-4058-6d78-e33d78245f50?v=2.163.1_prod&ct=1670375151077&jzb=eJy9UU1vwjAM_S85V7RNV6Jy27QKbRL7EB3sQ1MU2oyFtUmXuEUI8d9xB3Q3btvN79l-frbftgQ2tSQjUkkQxCMLa9ZOWg6qQjYcsiBicRgHScI80iqnwFiuCmzgD-nd9T3P-EsrZ9nXVT2PYxQQeW4aDYeaI0C6sSXiT4DajXz_yA9y00pbbSpZOIwrHwtra2pHRtvTsC48N68UetmIZbeC1PxpSna9h771hDFVCys1XPYFSBUCuu6A-SH1aUApqqItp4xGmg7CYTQIOfoqfgUysbhBZd2UpUfgAMhk4lLxuPpO1yrT4-cV6nxYUcmfJJvObJpAHtyOVTp_bbtbb0DiqhFLdl7_h9KI4uwfkn_-Q2foaCNiLP6TE9CL4e59D1700vo
34.107.204.85200 OK 42 B URL HTTP/2 data.pendo.io/data/ptm.gif/89b77497-23cf-4058-6d78-e33d78245f50?v=2.163.1_prod&ct=1670375151077&jzb=eJy9UU1vwjAM_S85V7RNV6Jy27QKbRL7EB3sQ1MU2oyFtUmXuEUI8d9xB3Q3btvN79l-frbftgQ2tSQjUkkQxCMLa9ZOWg6qQjYcsiBicRgHScI80iqnwFiuCmzgD-nd9T3P-EsrZ9nXVT2PYxQQeW4aDYeaI0C6sSXiT4DajXz_yA9y00pbbSpZOIwrHwtra2pHRtvTsC48N68UetmIZbeC1PxpSna9h771hDFVCys1XPYFSBUCuu6A-SH1aUApqqItp4xGmg7CYTQIOfoqfgUysbhBZd2UpUfgAMhk4lLxuPpO1yrT4-cV6nxYUcmfJJvObJpAHtyOVTp_bbtbb0DiqhFLdl7_h9KI4uwfkn_-Q2foaCNiLP6TE9CL4e59D1700vo
IP 34.107.204.85:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /data/ptm.gif/89b77497-23cf-4058-6d78-e33d78245f50?v=2.163.1_prod&ct=1670375151077&jzb=eJy9UU1vwjAM_S85V7RNV6Jy27QKbRL7EB3sQ1MU2oyFtUmXuEUI8d9xB3Q3btvN79l-frbftgQ2tSQjUkkQxCMLa9ZOWg6qQjYcsiBicRgHScI80iqnwFiuCmzgD-nd9T3P-EsrZ9nXVT2PYxQQeW4aDYeaI0C6sSXiT4DajXz_yA9y00pbbSpZOIwrHwtra2pHRtvTsC48N68UetmIZbeC1PxpSna9h771hDFVCys1XPYFSBUCuu6A-SH1aUApqqItp4xGmg7CYTQIOfoqfgUysbhBZd2UpUfgAMhk4lLxuPpO1yrT4-cV6nxYUcmfJJvObJpAHtyOVTp_bbtbb0DiqhFLdl7_h9KI4uwfkn_-Q2foaCNiLP6TE9CL4e59D1700vo HTTP/1.1
Host: data.pendo.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://account.covermymeds.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 01:05:51 GMT
content-type: image/gif
content-length: 42
access-control-allow-credentials: false
access-control-allow-headers: Origin,Accept,Content-Type,Authorization
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-max-age: 600
x-content-type-options: nosniff
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ww.steelhousemedia.com/gs
44.238.130.186200 OK 144 B URL HTTP/1.1 ww.steelhousemedia.com/gs
IP 44.238.130.186:0
File type ASCII text, with no line terminators
Hash ae930bcf61fe75408bb3611e21bc9740
c9f1a6e5d8e82019f62f5f45f8d432391732d841
49b53cea7fb60bd894737ff1aad18868e1beb4b4a82f92390b43396055d92c44
GET /gs HTTP/1.1
Host: ww.steelhousemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://account.covermymeds.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Wed, 07 Dec 2022 01:05:52 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
x-application-context: application:prod:8080
content-type: application/javascript;charset=utf-8
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
cache-control: public, max-age=31536000
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 144
x-envoy-upstream-service-time: 1
server: istio-envoy
connection: close
px.steelhousemedia.com/st?ga_tracking_id=UA-7780355-10&ga_client_id=2039578481.1670375148&shpt=Log%20In%20%7C%20CoverMyMeds%20The%20Leader%20In%20Electronic%20Prior%20Authorization&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-7780355-10%22%2C%22ga_client_id%22%3A%222039578481.1670375148%22%2C%22shpt%22%3A%22Log%20In%20%7C%20CoverMyMeds%20The%20Leader%20In%20Electronic%20Prior%20Authorization%22%2C%22dcm_cid%22%3A%221670375148.1%22%2C%22dcm_gid%22%3A%221913538233.1670375150%22%2C%22ga_utm_campaign%22%3A%22epa-provider-panotify%22%2C%22ga_utm_source%22%3A%22sfmc_provider%22%2C%22ga_utm_medium%22%3A%22email%22%2C%22mntnis%22%3A%22PEN8fDSEnO7LxOhTSA8d5Xa1z5XL6elb%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A7%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%2C%22ga_utm_campaign%22%3A%22OK%22%2C%22ga_utm_source%22%3A%22OK%22%2C%22ga_utm_medium%22%3A%22OK%22%7D%7D&dcm_cid=1670375148.1&dcm_gid=1913538233.1670375150&dxver=4.0.0&shaid=32045&plh=https%3A%2F%2Faccount.covermymeds.com%2F%3Futm_medium%3Demail%26utm_source%3Dsfmc_provider%26utm_campaign%3Depa-provider-panotify%26utm_content%3Dsignin-em1%26utm_term%3Dcta-text-link-3&shoid=2039578481.1670375148&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue%2Cappnexus%3Dtrue&cb=1670375152179561&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1670375152920
54.244.159.189200 OK 1.4 kB URL HTTP/1.1 px.steelhousemedia.com/st?ga_tracking_id=UA-7780355-10&ga_client_id=2039578481.1670375148&shpt=Log%20In%20%7C%20CoverMyMeds%20The%20Leader%20In%20Electronic%20Prior%20Authorization&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-7780355-10%22%2C%22ga_client_id%22%3A%222039578481.1670375148%22%2C%22shpt%22%3A%22Log%20In%20%7C%20CoverMyMeds%20The%20Leader%20In%20Electronic%20Prior%20Authorization%22%2C%22dcm_cid%22%3A%221670375148.1%22%2C%22dcm_gid%22%3A%221913538233.1670375150%22%2C%22ga_utm_campaign%22%3A%22epa-provider-panotify%22%2C%22ga_utm_source%22%3A%22sfmc_provider%22%2C%22ga_utm_medium%22%3A%22email%22%2C%22mntnis%22%3A%22PEN8fDSEnO7LxOhTSA8d5Xa1z5XL6elb%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A7%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%2C%22ga_utm_campaign%22%3A%22OK%22%2C%22ga_utm_source%22%3A%22OK%22%2C%22ga_utm_medium%22%3A%22OK%22%7D%7D&dcm_cid=1670375148.1&dcm_gid=1913538233.1670375150&dxver=4.0.0&shaid=32045&plh=https%3A%2F%2Faccount.covermymeds.com%2F%3Futm_medium%3Demail%26utm_source%3Dsfmc_provider%26utm_campaign%3Depa-provider-panotify%26utm_content%3Dsignin-em1%26utm_term%3Dcta-text-link-3&shoid=2039578481.1670375148&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue%2Cappnexus%3Dtrue&cb=1670375152179561&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1670375152920
IP 54.244.159.189:0
Hash 85acd3713a6c51597a6dcf2c6001609b
18837a496ba91d1a22dafbdb1349345ae7c9dec6
330c441b19f8dd839f937e0ba72f16f569bd37817cae4ecffe7232478bc568f9
GET /st?ga_tracking_id=UA-7780355-10&ga_client_id=2039578481.1670375148&shpt=Log%20In%20%7C%20CoverMyMeds%20The%20Leader%20In%20Electronic%20Prior%20Authorization&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-7780355-10%22%2C%22ga_client_id%22%3A%222039578481.1670375148%22%2C%22shpt%22%3A%22Log%20In%20%7C%20CoverMyMeds%20The%20Leader%20In%20Electronic%20Prior%20Authorization%22%2C%22dcm_cid%22%3A%221670375148.1%22%2C%22dcm_gid%22%3A%221913538233.1670375150%22%2C%22ga_utm_campaign%22%3A%22epa-provider-panotify%22%2C%22ga_utm_source%22%3A%22sfmc_provider%22%2C%22ga_utm_medium%22%3A%22email%22%2C%22mntnis%22%3A%22PEN8fDSEnO7LxOhTSA8d5Xa1z5XL6elb%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A7%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%2C%22ga_utm_campaign%22%3A%22OK%22%2C%22ga_utm_source%22%3A%22OK%22%2C%22ga_utm_medium%22%3A%22OK%22%7D%7D&dcm_cid=1670375148.1&dcm_gid=1913538233.1670375150&dxver=4.0.0&shaid=32045&plh=https%3A%2F%2Faccount.covermymeds.com%2F%3Futm_medium%3Demail%26utm_source%3Dsfmc_provider%26utm_campaign%3Depa-provider-panotify%26utm_content%3Dsignin-em1%26utm_term%3Dcta-text-link-3&shoid=2039578481.1670375148&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue%2Cappnexus%3Dtrue&cb=1670375152179561&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1670375152920 HTTP/1.1
Host: px.steelhousemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://account.covermymeds.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Wed, 07 Dec 2022 01:05:53 GMT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
set-cookie: rt=MzIxMzE6MTY3MDM2ODY2MiwzMzg3NjoxNjcwMjkzODk4LDMwOTQ4OjE2NzAzMTQ3NTAsMzA5Mzc6MTY3MDM1MzEzNywzMTIyODoxNjcwMzM5NzE4LDMyMDQ1OjE2NzAzNzUxNTMsMzE5NTA6MTY3MDI5OTU4MiwzMjE3NDoxNjcwMzUzNjA0;Domain=steelhousemedia.com;Max-Age=63113852;Path=/;SameSite=None;Secure
guid=35b0bce9-d250-329d-b012-c0426f88d0bd;Domain=steelhousemedia.com;Max-Age=63113852;Path=/;SameSite=None;Secure
content-encoding: gzip
connection: close
px.steelhousemedia.com/st?ga_tracking_id=UA-7780355-10&ga_client_id=2039578481.1670375148&shpt=Log%20In%20%7C%20CoverMyMeds%20The%20Leader%20In%20Electronic%20Prior%20Authorization&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-7780355-10%22%2C%22ga_client_id%22%3A%222039578481.1670375148%22%2C%22shpt%22%3A%22Log%20In%20%7C%20CoverMyMeds%20The%20Leader%20In%20Electronic%20Prior%20Authorization%22%2C%22dcm_cid%22%3A%221670375148.1%22%2C%22dcm_gid%22%3A%221913538233.1670375150%22%2C%22ga_utm_campaign%22%3A%22epa-provider-panotify%22%2C%22ga_utm_source%22%3A%22sfmc_provider%22%2C%22ga_utm_medium%22%3A%22email%22%2C%22mntnis%22%3A%22PEN8fDSEnO7LxOhTSA8d5Xa1z5XL6elb%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A7%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%2C%22ga_utm_campaign%22%3A%22OK%22%2C%22ga_utm_source%22%3A%22OK%22%2C%22ga_utm_medium%22%3A%22OK%22%7D%7D&dcm_cid=1670375148.1&dcm_gid=1913538233.1670375150&dxver=4.0.0&shaid=32045&plh=https%3A%2F%2Faccount.covermymeds.com%2F%3Futm_medium%3Demail%26utm_source%3Dsfmc_provider%26utm_campaign%3Depa-provider-panotify%26utm_content%3Dsignin-em1%26utm_term%3Dcta-text-link-3&cb=31249703414409556term%3Dvalue&shoid=2039578481.1670375148&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue%2Cappnexus%3Dtrue
54.244.159.189200 OK 1.3 kB URL HTTP/1.1 px.steelhousemedia.com/st?ga_tracking_id=UA-7780355-10&ga_client_id=2039578481.1670375148&shpt=Log%20In%20%7C%20CoverMyMeds%20The%20Leader%20In%20Electronic%20Prior%20Authorization&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-7780355-10%22%2C%22ga_client_id%22%3A%222039578481.1670375148%22%2C%22shpt%22%3A%22Log%20In%20%7C%20CoverMyMeds%20The%20Leader%20In%20Electronic%20Prior%20Authorization%22%2C%22dcm_cid%22%3A%221670375148.1%22%2C%22dcm_gid%22%3A%221913538233.1670375150%22%2C%22ga_utm_campaign%22%3A%22epa-provider-panotify%22%2C%22ga_utm_source%22%3A%22sfmc_provider%22%2C%22ga_utm_medium%22%3A%22email%22%2C%22mntnis%22%3A%22PEN8fDSEnO7LxOhTSA8d5Xa1z5XL6elb%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A7%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%2C%22ga_utm_campaign%22%3A%22OK%22%2C%22ga_utm_source%22%3A%22OK%22%2C%22ga_utm_medium%22%3A%22OK%22%7D%7D&dcm_cid=1670375148.1&dcm_gid=1913538233.1670375150&dxver=4.0.0&shaid=32045&plh=https%3A%2F%2Faccount.covermymeds.com%2F%3Futm_medium%3Demail%26utm_source%3Dsfmc_provider%26utm_campaign%3Depa-provider-panotify%26utm_content%3Dsignin-em1%26utm_term%3Dcta-text-link-3&cb=31249703414409556term%3Dvalue&shoid=2039578481.1670375148&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue%2Cappnexus%3Dtrue
IP 54.244.159.189:0
Hash 048718fb4c137cf70ea9cccfef1da21c
ceb36db85a63c306baa92098ea3b6ec8051cd03b
a1278a29d95ce9535e7970d5bf5898d7ea61dc2fecc32b84c729043f3240f70c
GET /st?ga_tracking_id=UA-7780355-10&ga_client_id=2039578481.1670375148&shpt=Log%20In%20%7C%20CoverMyMeds%20The%20Leader%20In%20Electronic%20Prior%20Authorization&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-7780355-10%22%2C%22ga_client_id%22%3A%222039578481.1670375148%22%2C%22shpt%22%3A%22Log%20In%20%7C%20CoverMyMeds%20The%20Leader%20In%20Electronic%20Prior%20Authorization%22%2C%22dcm_cid%22%3A%221670375148.1%22%2C%22dcm_gid%22%3A%221913538233.1670375150%22%2C%22ga_utm_campaign%22%3A%22epa-provider-panotify%22%2C%22ga_utm_source%22%3A%22sfmc_provider%22%2C%22ga_utm_medium%22%3A%22email%22%2C%22mntnis%22%3A%22PEN8fDSEnO7LxOhTSA8d5Xa1z5XL6elb%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A7%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%2C%22ga_utm_campaign%22%3A%22OK%22%2C%22ga_utm_source%22%3A%22OK%22%2C%22ga_utm_medium%22%3A%22OK%22%7D%7D&dcm_cid=1670375148.1&dcm_gid=1913538233.1670375150&dxver=4.0.0&shaid=32045&plh=https%3A%2F%2Faccount.covermymeds.com%2F%3Futm_medium%3Demail%26utm_source%3Dsfmc_provider%26utm_campaign%3Depa-provider-panotify%26utm_content%3Dsignin-em1%26utm_term%3Dcta-text-link-3&cb=31249703414409556term%3Dvalue&shoid=2039578481.1670375148&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue%2Cappnexus%3Dtrue HTTP/1.1
Host: px.steelhousemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://account.covermymeds.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Wed, 07 Dec 2022 01:05:52 GMT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
set-cookie: guid=4b60a902-75cb-11ed-b1ba-df4546bd72e0;Domain=steelhousemedia.com;Max-Age=63113852;Path=/;SameSite=None;Secure
content-encoding: gzip
connection: close
api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Faccount.covermymeds.com%2F%3Futm_medium%3Demail%26utm_source%3Dsfmc_provider%26utm_campaign%3Depa-provider-panotify%26utm_content%3Dsignin-em1%26utm_term%3Dcta-text-link-3&page_title=Log%20In%20%7C%20CoverMyMeds%2C%20The%20Leader%20In%20Electronic%20Prior%20Authorization
54.230.111.46200 OK 0 B URL HTTP/2 api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Faccount.covermymeds.com%2F%3Futm_medium%3Demail%26utm_source%3Dsfmc_provider%26utm_campaign%3Depa-provider-panotify%26utm_content%3Dsignin-em1%26utm_term%3Dcta-text-link-3&page_title=Log%20In%20%7C%20CoverMyMeds%2C%20The%20Leader%20In%20Electronic%20Prior%20Authorization
IP 54.230.111.46:0
POST /api/v2/ip.json?referrer=&page=https%3A%2F%2Faccount.covermymeds.com%2F%3Futm_medium%3Demail%26utm_source%3Dsfmc_provider%26utm_campaign%3Depa-provider-panotify%26utm_content%3Dsignin-em1%26utm_term%3Dcta-text-link-3&page_title=Log%20In%20%7C%20CoverMyMeds%2C%20The%20Leader%20In%20Electronic%20Prior%20Authorization HTTP/1.1
Host: api.company-target.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://account.covermymeds.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 63
Origin: https://account.covermymeds.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json;charset=utf-8
date: Wed, 07 Dec 2022 01:05:50 GMT
server: nginx
access-control-allow-origin: https://account.covermymeds.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers:
access-control-max-age: 7200
access-control-allow-credentials: true
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
identification-source: CENTRAL
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Tue, 06 Dec 2022 01:05:50 GMT
vary: Accept-Encoding, Origin
content-encoding: gzip
request-id: c82b46cd-ac38-4834-8b33-0a53c3481416
x-cache: Miss from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VPchDlRgfyPtetZeWLF8UyTx5coc9qlNxWtwU4iYo4NGlC2wlxXyyQ==
X-Firefox-Spdy: h2
dx.steelhousemedia.com/spx?dxver=4.0.0&shaid=32045&tdr=&plh=https%3A%2F%2Faccount.covermymeds.com%2F%3Futm_medium%3Demail%26utm_source%3Dsfmc_provider%26utm_campaign%3Depa-provider-panotify%26utm_content%3Dsignin-em1%26utm_term%3Dcta-text-link-3&cb=31249703414409556term=value
52.11.37.91200 0 B URL HTTP/1.1 dx.steelhousemedia.com/spx?dxver=4.0.0&shaid=32045&tdr=&plh=https%3A%2F%2Faccount.covermymeds.com%2F%3Futm_medium%3Demail%26utm_source%3Dsfmc_provider%26utm_campaign%3Depa-provider-panotify%26utm_content%3Dsignin-em1%26utm_term%3Dcta-text-link-3&cb=31249703414409556term=value
IP 52.11.37.91:0
GET /spx?dxver=4.0.0&shaid=32045&tdr=&plh=https%3A%2F%2Faccount.covermymeds.com%2F%3Futm_medium%3Demail%26utm_source%3Dsfmc_provider%26utm_campaign%3Depa-provider-panotify%26utm_content%3Dsignin-em1%26utm_term%3Dcta-text-link-3&cb=31249703414409556term=value HTTP/1.1
Host: dx.steelhousemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://account.covermymeds.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-encoding: gzip
content-type: application/javascript;charset=utf-8
date: Wed, 07 Dec 2022 01:05:50 GMT
connection: close
data.pendo.io/data/guide.js/89b77497-23cf-4058-6d78-e33d78245f50?id=4&jzb=eJx9jk2LwjAQhv_LnKVpI1XozcU9eHGFrYqnEJpQg80HSVoQ6X_vVGqO3t558kzeecGggorWHwRUwE6_x_0fq9ltkJf68eOuZQkr4E1jexPfypKR9r7D-R6jCxUhC88aO0ivn1qKgFkTFLWMXPDIoUptc1RfGjtu2p63Eg1p2PkfxnRFWv3M-OS4lybukoAIC-ftfEsKSmhOKf6KlwVlDWKaFZt1VjDnrYBxnAAKPFWH&v=2.163.1_prod&ct=1670375151086
34.107.204.85200 OK 0 B URL HTTP/2 data.pendo.io/data/guide.js/89b77497-23cf-4058-6d78-e33d78245f50?id=4&jzb=eJx9jk2LwjAQhv_LnKVpI1XozcU9eHGFrYqnEJpQg80HSVoQ6X_vVGqO3t558kzeecGggorWHwRUwE6_x_0fq9ltkJf68eOuZQkr4E1jexPfypKR9r7D-R6jCxUhC88aO0ivn1qKgFkTFLWMXPDIoUptc1RfGjtu2p63Eg1p2PkfxnRFWv3M-OS4lybukoAIC-ftfEsKSmhOKf6KlwVlDWKaFZt1VjDnrYBxnAAKPFWH&v=2.163.1_prod&ct=1670375151086
IP 34.107.204.85:0
GET /data/guide.js/89b77497-23cf-4058-6d78-e33d78245f50?id=4&jzb=eJx9jk2LwjAQhv_LnKVpI1XozcU9eHGFrYqnEJpQg80HSVoQ6X_vVGqO3t558kzeecGggorWHwRUwE6_x_0fq9ltkJf68eOuZQkr4E1jexPfypKR9r7D-R6jCxUhC88aO0ivn1qKgFkTFLWMXPDIoUptc1RfGjtu2p63Eg1p2PkfxnRFWv3M-OS4lybukoAIC-ftfEsKSmhOKf6KlwVlDWKaFZt1VjDnrYBxnAAKPFWH&v=2.163.1_prod&ct=1670375151086 HTTP/1.1
Host: data.pendo.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://account.covermymeds.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 01:05:51 GMT
content-type: application/javascript
vary: Accept-Encoding
access-control-allow-credentials: false
access-control-allow-headers: Origin,Accept,Content-Type,Authorization
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-max-age: 600
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
scripts.demandbase.com/9oP2Og47.min.js
143.204.55.88200 OK 0 B URL HTTP/2 scripts.demandbase.com/9oP2Og47.min.js
IP 143.204.55.88:0
GET /9oP2Og47.min.js HTTP/1.1
Host: scripts.demandbase.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://account.covermymeds.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
last-modified: Fri, 02 Dec 2022 21:42:07 GMT
x-amz-version-id: O0slYFbZTdiKXVpjy4YlnbFihnl0tmFH
server: AmazonS3
content-encoding: gzip
date: Wed, 07 Dec 2022 00:22:16 GMT
cache-control: public, max-age=3600
etag: W/"8526fd6885b182ddb2473922482be5d2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: QENyITKa0malF0tt6TvLtVPExknqwSZOI8n04fujK-lUJAEyWaYsqQ==
age: 2615
strict-transport-security: max-age=63072000; includeSubDomains; preload
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
X-Firefox-Spdy: h2
insight.adsrvr.org/track/up?adv=yi9xlz1&ref=https%3A%2F%2Faccount.covermymeds.com%2F%3Futm_medium%3Demail%26utm_source%3Dsfmc_provider%26utm_campaign%3Depa-provider-panotify%26utm_content%3Dsignin-em1%26utm_term%3Dcta-text-link-3&upid=c7xdx7r&upv=1.1.0
52.223.40.198200 OK 0 B URL HTTP/2 insight.adsrvr.org/track/up?adv=yi9xlz1&ref=https%3A%2F%2Faccount.covermymeds.com%2F%3Futm_medium%3Demail%26utm_source%3Dsfmc_provider%26utm_campaign%3Depa-provider-panotify%26utm_content%3Dsignin-em1%26utm_term%3Dcta-text-link-3&upid=c7xdx7r&upv=1.1.0
IP 52.223.40.198:0
GET /track/up?adv=yi9xlz1&ref=https%3A%2F%2Faccount.covermymeds.com%2F%3Futm_medium%3Demail%26utm_source%3Dsfmc_provider%26utm_campaign%3Depa-provider-panotify%26utm_content%3Dsignin-em1%26utm_term%3Dcta-text-link-3&upid=c7xdx7r&upv=1.1.0 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://account.covermymeds.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 01:05:51 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2