urlscan.io logo urlscan.io
SecurityTrails logo

www.express-scripts.com Open in urlscan Pro
167.211.52.57  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.express-scripts.com/art/email/Aeonik-Regular.woff'
Submission: On August 22 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 9 domains to perform 50 HTTP transactions. The main IP is 167.211.52.57, located in United States and belongs to EXPRES, US. The main domain is www.express-scripts.com. The Cisco Umbrella rank of the primary domain is 78155.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on August 17th 2022. Valid for: a year.
This is the only time www.express-scripts.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 167.211.52.57 5696 (EXPRES)
11 2600:9000:21f... 16509 (AMAZON-02)
5 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 34.248.26.113 16509 (AMAZON-02)
1 13.225.78.23 16509 (AMAZON-02)
1 151.101.130.137 54113 (FASTLY)
16 104.17.209.240 13335 (CLOUDFLAR...)
1 104.17.208.240 13335 (CLOUDFLAR...)
1 107.22.99.124 14618 (AMAZON-AES)
50 10
9    167.211.52.57 (United States)

ASN5696 (EXPRES, US)
www.express-scripts.com
11    2600:9000:21f3:2800:8:7fec:8380:21 (United States)

ASN16509 (AMAZON-02, US)
d1sasz49lqpqtq.cloudfront.net
5    2a02:26f0:3500:592::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
1    34.248.26.113 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-26-113.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    13.225.78.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-23.fra2.r.cloudfront.net
cdn.branch.io
1    151.101.130.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
16    104.17.209.240 (None, )

ASN13335 (CLOUDFLARENET, US)
zn7qchny5hadksvmv-expressscriptscx.siteintercept.qualtrics.com
siteintercept.qualtrics.com
1    104.17.208.240 (None, )

ASN13335 (CLOUDFLARENET, US)
zn3etdzvv330bnajr-expressscriptscx.siteintercept.qualtrics.com
1    107.22.99.124 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-22-99-124.compute-1.amazonaws.com
expressscriptsholdin.tt.omtrdc.net
Apex Domain
Subdomains		 Transfer
17 qualtrics.com
zn7qchny5hadksvmv-expressscriptscx.siteintercept.qualtrics.com — Cisco Umbrella Rank: 142452
zn3etdzvv330bnajr-expressscriptscx.siteintercept.qualtrics.com — Cisco Umbrella Rank: 149386
siteintercept.qualtrics.com — Cisco Umbrella Rank: 864
101 KB
11 cloudfront.net
d1sasz49lqpqtq.cloudfront.net
318 KB
9 express-scripts.com
www.express-scripts.com — Cisco Umbrella Rank: 78155
smetrics.express-scripts.com Failed
196 KB
5 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 445
181 KB
1 omtrdc.net
expressscriptsholdin.tt.omtrdc.net — Cisco Umbrella Rank: 140195
686 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 365
18 KB
1 branch.io
cdn.branch.io — Cisco Umbrella Rank: 1004
23 KB
1 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 201
expressscriptsholdingcompany.demdex.net Failed
1 KB
0 nr-data.net Failed
bam.nr-data.net Failed
50 9
Domain Requested by
15 siteintercept.qualtrics.com www.express-scripts.com
11 d1sasz49lqpqtq.cloudfront.net www.express-scripts.com
d1sasz49lqpqtq.cloudfront.net
9 www.express-scripts.com www.express-scripts.com
5 assets.adobedtm.com www.express-scripts.com
1 expressscriptsholdin.tt.omtrdc.net www.express-scripts.com
1 zn3etdzvv330bnajr-expressscriptscx.siteintercept.qualtrics.com www.express-scripts.com
1 zn7qchny5hadksvmv-expressscriptscx.siteintercept.qualtrics.com www.express-scripts.com
1 js-agent.newrelic.com www.express-scripts.com
1 cdn.branch.io www.express-scripts.com
1 dpm.demdex.net www.express-scripts.com
0 smetrics.express-scripts.com Failed www.express-scripts.com
0 expressscriptsholdingcompany.demdex.net Failed www.express-scripts.com
0 bam.nr-data.net Failed www.express-scripts.com
50 13
Subject Issuer Validity Valid
www.express-scripts.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2022-08-17 -
2023-09-17		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-19 -
2023-08-19		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
*.branch.io
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-07-10 -
2023-08-11		 a year crt.sh
*.qualtrics.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-04 -
2023-05-04		 a year crt.sh
*.tt.omtrdc.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-11 -
2022-10-12		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.express-scripts.com/art/email/Aeonik-Regular.woff'
Frame ID: 3BF11FA9B1AAB6BEFE593FA4939E5B7C
Requests: 51 HTTP requests in this frame

Frame: https://expressscriptsholdingcompany.demdex.net/dest5.html?d_nsid=0
Frame ID: 159EACA99D7CF588FC8018F5A130CAD9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Page not found | Express Scripts

Detected technologies

Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Page Statistics

50
Requests

92 %
HTTPS

22 %
IPv6

9
Domains

13
Subdomains

10
IPs

4
Countries

840 kB
Transfer

2572 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50
  • https://cm.everesttech.net/cm/dd?d_uuid=49362246829889477671409928394825765590 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YwNxpgAAAHSA3gN6

50 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Aeonik-Regular.woff'
www.express-scripts.com/art/email/ 		56 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.express-scripts.com/art/email/Aeonik-Regular.woff'
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.211.52.57 , United States, ASN5696 (EXPRES, US),
Reverse DNS
Software
/
Resource Hash
52d12cc497a7bb55d3249c02418e25fc171cbbbff6740eb96dbf88a1c8e639dd
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *.express-scripts.com d1sasz49lqpqtq.cloudfront.net *.qualtrics.com *.omtrdc.net *.demdex.net *.googlesyndication.com *.instagram.com *.linkedin.com px.ads.linkedin.com snap.licdn.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' d1sasz49lqpqtq.cloudfront.net *.adobedtm.com *.fontawesome.com *.qualtrics.com *.everestjs.net *.omtrdc.net *.marketo.net *.demdex.net *.google.com *.gstatic.com *.facebook.net *.ads-twitter.com *.twitter.com *.brightcove.com *.brightcove.net vjs.zencdn.net *.s3.amazonaws.com snap.licdn.com *.googletagmanager.com *.express-scripts.com activitymap.adobe.com *.branch.io app.link js-agent.newrelic.com bam-cell.nr-data.net insight.adsrvr.org *.facebook.com *.twitter.com *.linkedin.com px.ads.linkedin.com snap.licdn.com; object-src 'self' *.s3.amazonaws.com *.brightcove.net d1sasz49lqpqtq.cloudfront.net; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.express-scripts.com *.cloudflare.com *.fontawesome.com *.s3.amazonaws.com d1sasz49lqpqtq.cloudfront.net app.launchdarkly.com clientstream.launchdarkly.com events.launchdarkly.com; img-src 'self' data: *.qualtrics.com *.omtrdc.net expressscripts.sc.omtrdc.net *.everesttech.net *.demdex.net *.facebook.com t.co *.s3.amazonaws.com *.brightcove.com *.prod.boltdns.net *.google.com openbadges.blob.core.windows.net d1sasz49lqpqtq.cloudfront.net *.express-scripts.com *.llnwd.net *.linkedin.com *.doubleclick.net *.branch.io *.adsrvr.org *.googletagmanager.com *.addthis.com *.pinsightmedia.com *.mookie1.com *.advertising.com *.scorecardresearch.com *.linksynergy.com *.casalemedia.com *.insightexpressai.com *.media6degrees.com *.analytics.yahoo.com mid.rkdms.com match.sync.ad.cpe.dotomi.com aa.agkn.com ib.adnxs.com io.narrative.io cm.pos.baidu.com x.bidswitch.net tags.bluekai.com cs.adingo.jp ml314.com loadm.exelator.com global.ib-ibi.com ckm.iqiyi.com usermatch.krxd.net i.liadm.com idsync.rlcdn.com simage2.pubmatic.com e.nexac.com cm.mediav.com pixel.rubiconproject.com uipglob.semasio.net match.sharethrough.com s.thebrighttag.com eb2.3lift.com pixel.tapad.com cm.l.qq.com dmp.truoptik.com c.yes.youku.com; media-src 'self' blob: *.express-scripts.com *.s3.amazonaws.com *.brightcove.com *.prod.boltdns.net d1sasz49lqpqtq.cloudfront.net *.akamaihd.net; frame-src 'self' *.s3.amazonaws.com *.qualtrics.com *.youtube.com *.omtrdc.net *.demdex.net *.google.com d1sasz49lqpqtq.cloudfront.net *.fls.doubleclick.net activitymap.adobe.com *.omniture.com *.facebook.com; child-src 'self' blob: *.express-scripts.com *.s3.amazonaws.com *.youtube.com d1sasz49lqpqtq.cloudfront.net; font-src * 'self' data: *.express-scripts.com fonts.googleapis.com fonts.gstatic.com *.s3.amazonaws.com *.amazonaws.com d1sasz49lqpqtq.cloudfront.net; connect-src 'self' *.express-scripts.com *.qualtrics.com *.adobedtm.com *.everestjs.net *.omtrdc.net *.marketo.net *.demdex.net *.brightcove.com *.prod.boltdns.net *.akamaihd.net d1sasz49lqpqtq.cloudfront.net app.launchdarkly.com clientstream.launchdarkly.com events.launchdarkly.com *.llnwd.net *.mktoresp.com di-tag.express-scripts.com *.branch.io app.link wss://*.express-scripts.com bam-cell.nr-data.net *.cigna.com default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob: default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=231537, public, s-maxage=0
Content-Encoding
gzip
Content-Language
en
Content-Security-Policy
default-src 'self' data: *.express-scripts.com d1sasz49lqpqtq.cloudfront.net *.qualtrics.com *.omtrdc.net *.demdex.net *.googlesyndication.com *.instagram.com *.linkedin.com px.ads.linkedin.com snap.licdn.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' d1sasz49lqpqtq.cloudfront.net *.adobedtm.com *.fontawesome.com *.qualtrics.com *.everestjs.net *.omtrdc.net *.marketo.net *.demdex.net *.google.com *.gstatic.com *.facebook.net *.ads-twitter.com *.twitter.com *.brightcove.com *.brightcove.net vjs.zencdn.net *.s3.amazonaws.com snap.licdn.com *.googletagmanager.com *.express-scripts.com activitymap.adobe.com *.branch.io app.link js-agent.newrelic.com bam-cell.nr-data.net insight.adsrvr.org *.facebook.com *.twitter.com *.linkedin.com px.ads.linkedin.com snap.licdn.com; object-src 'self' *.s3.amazonaws.com *.brightcove.net d1sasz49lqpqtq.cloudfront.net; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.express-scripts.com *.cloudflare.com *.fontawesome.com *.s3.amazonaws.com d1sasz49lqpqtq.cloudfront.net app.launchdarkly.com clientstream.launchdarkly.com events.launchdarkly.com; img-src 'self' data: *.qualtrics.com *.omtrdc.net expressscripts.sc.omtrdc.net *.everesttech.net *.demdex.net *.facebook.com t.co *.s3.amazonaws.com *.brightcove.com *.prod.boltdns.net *.google.com openbadges.blob.core.windows.net d1sasz49lqpqtq.cloudfront.net *.express-scripts.com *.llnwd.net *.linkedin.com *.doubleclick.net *.branch.io *.adsrvr.org *.googletagmanager.com *.addthis.com *.pinsightmedia.com *.mookie1.com *.advertising.com *.scorecardresearch.com *.linksynergy.com *.casalemedia.com *.insightexpressai.com *.media6degrees.com *.analytics.yahoo.com mid.rkdms.com match.sync.ad.cpe.dotomi.com aa.agkn.com ib.adnxs.com io.narrative.io cm.pos.baidu.com x.bidswitch.net tags.bluekai.com cs.adingo.jp ml314.com loadm.exelator.com global.ib-ibi.com ckm.iqiyi.com usermatch.krxd.net i.liadm.com idsync.rlcdn.com simage2.pubmatic.com e.nexac.com cm.mediav.com pixel.rubiconproject.com uipglob.semasio.net match.sharethrough.com s.thebrighttag.com eb2.3lift.com pixel.tapad.com cm.l.qq.com dmp.truoptik.com c.yes.youku.com; media-src 'self' blob: *.express-scripts.com *.s3.amazonaws.com *.brightcove.com *.prod.boltdns.net d1sasz49lqpqtq.cloudfront.net *.akamaihd.net; frame-src 'self' *.s3.amazonaws.com *.qualtrics.com *.youtube.com *.omtrdc.net *.demdex.net *.google.com d1sasz49lqpqtq.cloudfront.net *.fls.doubleclick.net activitymap.adobe.com *.omniture.com *.facebook.com; child-src 'self' blob: *.express-scripts.com *.s3.amazonaws.com *.youtube.com d1sasz49lqpqtq.cloudfront.net; font-src * 'self' data: *.express-scripts.com fonts.googleapis.com fonts.gstatic.com *.s3.amazonaws.com *.amazonaws.com d1sasz49lqpqtq.cloudfront.net; connect-src 'self' *.express-scripts.com *.qualtrics.com *.adobedtm.com *.everestjs.net *.omtrdc.net *.marketo.net *.demdex.net *.brightcove.com *.prod.boltdns.net *.akamaihd.net d1sasz49lqpqtq.cloudfront.net app.launchdarkly.com clientstream.launchdarkly.com events.launchdarkly.com *.llnwd.net *.mktoresp.com di-tag.express-scripts.com *.branch.io app.link wss://*.express-scripts.com bam-cell.nr-data.net *.cigna.com default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob: default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob:
Content-Type
text/html; charset=UTF-8
Date
Mon, 22 Aug 2022 12:08:01 GMT
Etag
"1661167946"
Expires
Sun, 19 Nov 1978 05:00:00 GMT
From-Origin
same
Last-Modified
Mon, 22 Aug 2022 11:32:26 GMT
Link
<https://www.express-scripts.com/>; rel="canonical", <https://www.express-scripts.com/>; rel="shortlink" <https://www.express-scripts.com/>; rel="canonical", <https://www.express-scripts.com/>; rel="shortlink"
Permissions-Policy
interest-cohort=()
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Ua-Compatible
IE=edge
X-Vcap-Request-Id
90144ccb-d974-4949-5c11-f568f50894df
X-Xss-Protection
1; mode=block
css_V853NkyNfE1rWmgG4zjTrLkwOIEHvM9hRXnK1OJu480.css
d1sasz49lqpqtq.cloudfront.net/s3fs-public/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1sasz49lqpqtq.cloudfront.net/s3fs-public/css/css_V853NkyNfE1rWmgG4zjTrLkwOIEHvM9hRXnK1OJu480.css?VersionId=E1Wpv4UrhUxl9iWWX7ivCrCQSRIMr_b6
Requested by
Host: www.express-scripts.com
URL: https://www.express-scripts.com/art/email/Aeonik-Regular.woff'
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:2800:8:7fec:8380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
57ce77364c8d7c4d6b5a6806e338d3acb930388107bccf614579cad4e26ee3cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.express-scripts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id
E1Wpv4UrhUxl9iWWX7ivCrCQSRIMr_b6
content-encoding
gzip
last-modified
Mon, 20 Jun 2022 18:41:30 GMT
server
AmazonS3
age
29
etag
W/"808c230b4aee92a3eb88c6d7b59a8b11"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
date
Mon, 22 Aug 2022 12:08:01 GMT
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
Zbeby8X7vNzt_rGb8ecJioHhwnuMrY4786CtsTtWw1ugONmx6UTMAA==
css_2cVtfEIV9B2SSGiz7IbAV6LW1n2J-jqrbeSDrGKoeSQ.css
d1sasz49lqpqtq.cloudfront.net/s3fs-public/css/ 		492 KB
58 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1sasz49lqpqtq.cloudfront.net/s3fs-public/css/css_2cVtfEIV9B2SSGiz7IbAV6LW1n2J-jqrbeSDrGKoeSQ.css?VersionId=KxYBHCBHAbEwBwE4yO_2kdC0CnPCcHLX
Requested by
Host: www.express-scripts.com
URL: https://www.express-scripts.com/art/email/Aeonik-Regular.woff'
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:2800:8:7fec:8380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d9c56d7c4215f41d924868b3ec86c057a2d6d67d89fa3aab6de483ac62a87924

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.express-scripts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id
KxYBHCBHAbEwBwE4yO_2kdC0CnPCcHLX
content-encoding
gzip
last-modified
Wed, 06 Jul 2022 18:07:13 GMT
server
AmazonS3
age
32345
etag
W/"03af79c1b6c49977b25cb9c7f99e1cdc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
date
Mon, 22 Aug 2022 03:08:57 GMT
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
ItafsF62AeoyoetrwhPjb6AuWOg4LVgwrHKa9DI86ylVLn6kZpfV2w==
redirect_login_overpanel.js
www.express-scripts.com/themes/custom/dsf/js/dist/ 		533 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.express-scripts.com/themes/custom/dsf/js/dist/redirect_login_overpanel.js?rem2oh
Requested by
Host: www.express-scripts.com
URL: https://www.express-scripts.com/art/email/Aeonik-Regular.woff'
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.211.52.57 , United States, ASN5696 (EXPRES, US),
Reverse DNS
Software
/
Resource Hash
d81f286a9e6132bbcabbfb9551eae08b1783da9b4ca6a242ab5f8a93a2da8f06
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob:, default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob:, default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.express-scripts.com/art/email/Aeonik-Regular.woff'
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Security-Policy
default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob:, default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob:, default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob:
X-Content-Type-Options
nosniff
Content-Security-Policy-Report-Only
default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob:; report-uri /r/violation
Vary
Accept-Encoding
Content-Length
533
X-Xss-Protection
1; mode=block
Last-Modified
Wed, 11 May 2022 19:16:35 GMT
X-Frame-Options
SAMEORIGIN
Date
Mon, 22 Aug 2022 12:08:01 GMT
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript; charset=utf-8
X-Vcap-Request-Id
ebdb1fac-15e7-42f8-4306-87e83bf069b0
Cache-Control
max-age=315360000
Etag
"627c0b93-215"
Accept-Ranges
bytes
Expires
Thu, 31 Dec 2037 23:55:55 GMT
modernizr.min.js
www.express-scripts.com/core/assets/vendor/modernizr/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.express-scripts.com/core/assets/vendor/modernizr/modernizr.min.js?v=3.11.7
Requested by
Host: www.express-scripts.com
URL: https://www.express-scripts.com/art/email/Aeonik-Regular.woff'
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.211.52.57 , United States, ASN5696 (EXPRES, US),
Reverse DNS
Software
/
Resource Hash
939fe220ac3999512e38ecd5397d7334210c1568e7aec55eb6c6f4d1316c8353
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob:, default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob:, default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.express-scripts.com/art/email/Aeonik-Regular.woff'
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Security-Policy
default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob:, default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob:, default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob:
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy-Report-Only
default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob:; report-uri /r/violation
Connection
Keep-Alive
Vary
Accept-Encoding, Accept-Encoding
Content-Length
3564
X-Xss-Protection
1; mode=block
Last-Modified
Wed, 11 May 2022 19:16:31 GMT
X-Frame-Options
SAMEORIGIN
Date
Mon, 22 Aug 2022 12:08:01 GMT
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript; charset=utf-8
X-Vcap-Request-Id
708cd3d6-3bd9-438a-790e-0087e803462e
Cache-Control
max-age=315360000
Etag
"627c0b8f-1c42"
Accept-Ranges
bytes
Expires
Thu, 31 Dec 2037 23:55:55 GMT
modernizr-additional-tests.js
www.express-scripts.com/core/misc/ 		652 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.express-scripts.com/core/misc/modernizr-additional-tests.js?v=3.11.7
Requested by
Host: www.express-scripts.com
URL: https://www.express-scripts.com/art/email/Aeonik-Regular.woff'
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.211.52.57 , United States, ASN5696 (EXPRES, US),
Reverse DNS
Software
/
Resource Hash
9b7b5d56054f5bab6ea5dfd9472ceb900f406a8a35a3df5b17b606521a411a35
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob:, default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob:, default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.express-scripts.com/art/email/Aeonik-Regular.woff'
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Security-Policy
default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob:, default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob:, default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob:
X-Content-Type-Options
nosniff
Content-Security-Policy-Report-Only
default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob:; report-uri /r/violation
Vary
Accept-Encoding
Content-Length
652
X-Xss-Protection
1; mode=block
Last-Modified
Wed, 11 May 2022 19:16:31 GMT
X-Frame-Options
SAMEORIGIN
Date
Mon, 22 Aug 2022 12:08:01 GMT
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript; charset=utf-8
X-Vcap-Request-Id
8a3cea1f-9a79-4c8d-40a9-e84a66006c82
Cache-Control
max-age=315360000
Etag
"627c0b8f-28c"
Accept-Ranges
bytes
Expires
Thu, 31 Dec 2037 23:55:55 GMT
esi_ddl_schema_header.js
www.express-scripts.com/modules/shared/esi_ddl_schema/dist/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.express-scripts.com/modules/shared/esi_ddl_schema/dist/js/esi_ddl_schema_header.js?v=2.3
Requested by
Host: www.express-scripts.com
URL: https://www.express-scripts.com/art/email/Aeonik-Regular.woff'
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.211.52.57 , United States, ASN5696 (EXPRES, US),
Reverse DNS
Software
/
Resource Hash
b30ac9164fcafdb91f5bdc13895d25e694e01d213887b792833fdc00bbfbcd2e
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob:, default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob:, default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.express-scripts.com/art/email/Aeonik-Regular.woff'
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Security-Policy
default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob:, default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob:, default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob:
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy-Report-Only
default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob:; report-uri /r/violation
Connection
Keep-Alive
Vary
Accept-Encoding, Accept-Encoding
Content-Length
4633
X-Xss-Protection
1; mode=block
Last-Modified
Wed, 11 May 2022 19:16:35 GMT
X-Frame-Options
SAMEORIGIN
Date
Mon, 22 Aug 2022 12:08:01 GMT
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript; charset=utf-8
X-Vcap-Request-Id
666b4b8a-8fbb-4a5e-5489-3eedc26508a1
Cache-Control
max-age=315360000
Etag
"627c0b93-33ab"
Accept-Ranges
bytes
Expires
Thu, 31 Dec 2037 23:55:55 GMT
launch-eab74f075d95.min.js
assets.adobedtm.com/75c13ef9d9d6/3a8fdc81b7df/ 		465 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/75c13ef9d9d6/3a8fdc81b7df/launch-eab74f075d95.min.js
Requested by
Host: www.express-scripts.com
URL: https://www.express-scripts.com/art/email/Aeonik-Regular.woff'
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:592::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
5926b886819628db26d1039e88c062fed6c77f34d22955ca1e04c596c79180ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.express-scripts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 12:08:01 GMT
content-encoding
gzip
last-modified
Fri, 19 Aug 2022 17:50:18 GMT
server
AkamaiNetStorage
etag
"608b5c0f10b577f107f2e53f11aef6e4:1660931418.449321"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.express-scripts.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
122560
expires
Mon, 22 Aug 2022 13:08:01 GMT
js_54Z_ih2zwnH7CC60A5nu1fcuLfHAnnklNchdaZSH4ws.js
d1sasz49lqpqtq.cloudfront.net/s3fs-public/js/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1sasz49lqpqtq.cloudfront.net/s3fs-public/js/js_54Z_ih2zwnH7CC60A5nu1fcuLfHAnnklNchdaZSH4ws.js?VersionId=omcaNmXupNxyr4.ztJvQNNp5v4.w7co2
Requested by
Host: www.express-scripts.com
URL: https://www.express-scripts.com/art/email/Aeonik-Regular.woff'
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:2800:8:7fec:8380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e7867f8a1db3c271fb082eb40399eed5f72e2df1c09e792535c85d699487e30b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.express-scripts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id
omcaNmXupNxyr4.ztJvQNNp5v4.w7co2
content-encoding
gzip
last-modified
Mon, 20 Jun 2022 18:10:07 GMT
server
AmazonS3
age
27544
etag
W/"1514c0ae9e089379182abf21120e3efa"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
date
Mon, 22 Aug 2022 04:38:57 GMT
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
767Jsy9F50dPHtssMkq7mh4HLxm6mnvMQnrjhdx8ppAKZb8ZshKe5g==
js_cORkaD7gFG-1JPMHP2KoUus_mPl9_ov51tB-2ZLHQmE.js
d1sasz49lqpqtq.cloudfront.net/s3fs-public/js/ 		145 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1sasz49lqpqtq.cloudfront.net/s3fs-public/js/js_cORkaD7gFG-1JPMHP2KoUus_mPl9_ov51tB-2ZLHQmE.js?VersionId=b6fRZpXHh_eICAsUQTQoR7UT0Utkv3YF
Requested by
Host: www.express-scripts.com
URL: https://www.express-scripts.com/art/email/Aeonik-Regular.woff'
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:2800:8:7fec:8380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
70e464683ee0146fb524f3073f62a852eb3f98f97dfe8bf9d6d07ed992c74261

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.express-scripts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id
b6fRZpXHh_eICAsUQTQoR7UT0Utkv3YF
content-encoding
gzip
last-modified
Wed, 06 Jul 2022 18:08:22 GMT
server
AmazonS3
age
84296
etag
W/"1a6f9c39630132c37c37a8adccc281a0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
date
Sun, 21 Aug 2022 12:43:06 GMT
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
EGEUfl7Gu4srMI2idrm3hXGc_Wd5oV6Jo5uOh3b0po2BFqWQDnxYUA==
esi_ddl_schema_footer.js
www.express-scripts.com/modules/shared/esi_ddl_schema/dist/js/ 		372 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.express-scripts.com/modules/shared/esi_ddl_schema/dist/js/esi_ddl_schema_footer.js?v=2.3
Requested by
Host: www.express-scripts.com
URL: https://www.express-scripts.com/art/email/Aeonik-Regular.woff'
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.211.52.57 , United States, ASN5696 (EXPRES, US),
Reverse DNS
Software
/
Resource Hash
107bfc17e5d3b3d3226bad6c056b25bef80450863c6a4b7cbe71059217650d7a
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob:, default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob:, default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.express-scripts.com/art/email/Aeonik-Regular.woff'
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Security-Policy
default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob:, default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob:, default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob:
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy-Report-Only
default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob:; report-uri /r/violation
Vary
Accept-Encoding, Accept-Encoding
X-Xss-Protection
1; mode=block
Last-Modified
Wed, 11 May 2022 19:17:12 GMT
X-Frame-Options
SAMEORIGIN
Date
Mon, 22 Aug 2022 12:08:01 GMT
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript; charset=utf-8
X-Vcap-Request-Id
d8a698e9-3d3e-4485-6664-23deb8f9ca7e
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Etag
"627c0bb8-5ce4d"
Accept-Ranges
bytes
Expires
Thu, 31 Dec 2037 23:55:55 GMT
satellite.js
www.express-scripts.com/modules/shared/esi_ddl_schema/js/ 		25 B
930 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.express-scripts.com/modules/shared/esi_ddl_schema/js/satellite.js?v=1.x
Requested by
Host: www.express-scripts.com
URL: https://www.express-scripts.com/art/email/Aeonik-Regular.woff'
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.211.52.57 , United States, ASN5696 (EXPRES, US),
Reverse DNS
Software
/
Resource Hash
f83561d28369539e28ed8b4527479118dbd6af4b302ab2c7caca4fbf1f535381
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob:, default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob:, default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.express-scripts.com/art/email/Aeonik-Regular.woff'
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Security-Policy
default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob:, default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob:, default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob:
X-Content-Type-Options
nosniff
Content-Security-Policy-Report-Only
default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob:; report-uri /r/violation
Vary
Accept-Encoding
Content-Length
25
X-Xss-Protection
1; mode=block
Last-Modified
Wed, 11 May 2022 19:16:35 GMT
X-Frame-Options
SAMEORIGIN
Date
Mon, 22 Aug 2022 12:08:01 GMT
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript; charset=utf-8
X-Vcap-Request-Id
001b7388-db42-4278-7371-83bcffc55c39
Cache-Control
max-age=315360000
Etag
"627c0b93-19"
Accept-Ranges
bytes
Expires
Thu, 31 Dec 2037 23:55:55 GMT
js_cjVehE7VZnn7XHcL4zxGrN83M5JagMsNlX37mXknlxw.js
d1sasz49lqpqtq.cloudfront.net/s3fs-public/js/ 		101 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1sasz49lqpqtq.cloudfront.net/s3fs-public/js/js_cjVehE7VZnn7XHcL4zxGrN83M5JagMsNlX37mXknlxw.js?VersionId=vs3ajYaCE4L63wPX2w9d4v1jGeUfPbuz
Requested by
Host: www.express-scripts.com
URL: https://www.express-scripts.com/art/email/Aeonik-Regular.woff'
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:2800:8:7fec:8380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72355e844ed56679fb5c770be33c46acdf3733925a80cb0d957dfb997927971c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.express-scripts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id
vs3ajYaCE4L63wPX2w9d4v1jGeUfPbuz
content-encoding
gzip
last-modified
Wed, 06 Jul 2022 18:08:24 GMT
server
AmazonS3
age
84296
etag
W/"8c6b621c6c14731d533f4c39a89aa27c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
date
Sun, 21 Aug 2022 12:43:06 GMT
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
jLT5BPmDI-3dklqJkBWOzablIdP8Q5ZBHz6zmJlGH20zqup62w293w==
Aeonik-Regular.woff2
d1sasz49lqpqtq.cloudfront.net/fonts/ 		40 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d1sasz49lqpqtq.cloudfront.net/fonts/Aeonik-Regular.woff2
Requested by
Host: d1sasz49lqpqtq.cloudfront.net
URL: https://d1sasz49lqpqtq.cloudfront.net/s3fs-public/css/css_2cVtfEIV9B2SSGiz7IbAV6LW1n2J-jqrbeSDrGKoeSQ.css?VersionId=KxYBHCBHAbEwBwE4yO_2kdC0CnPCcHLX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:2800:8:7fec:8380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8bcbd3709fe25c33e7ad8dba87149fede59cd5c3fa29c4a82a3e58a60eaaf59d

Request headers

Referer
https://d1sasz49lqpqtq.cloudfront.net/s3fs-public/css/css_2cVtfEIV9B2SSGiz7IbAV6LW1n2J-jqrbeSDrGKoeSQ.css?VersionId=KxYBHCBHAbEwBwE4yO_2kdC0CnPCcHLX
Origin
https://www.express-scripts.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
etag
"58a0efb1adc429288deeb6d4ef6eeff4"
age
29613
x-cache
Hit from cloudfront
content-length
41176
last-modified
Tue, 04 Aug 2020 21:08:32 GMT
server
AmazonS3
date
Mon, 22 Aug 2022 03:54:29 GMT
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
binary/octet-stream
access-control-allow-origin
https://www.express-scripts.com
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
G8jyQlWOq6VQaBgsSkB38U1b-5Y7apCzgyVbyWDkk-y0bNI8S8nTow==
id
dpm.demdex.net/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=BCDA9CC055686E397F000101%40AdobeOrg&d_nsid=0&ts=1661170081845
Requested by
Host: www.express-scripts.com
URL: https://www.express-scripts.com/art/email/Aeonik-Regular.woff'
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.26.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-26-113.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2fcabbba07f20f7906636d32249163af808cd915bf6525c9c9de33912871cfce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.express-scripts.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-2-v038-0f7693ade.edge-irl1.demdex.com 26 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
RsOnkO8HQRE=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.express-scripts.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
689
Expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js
Requested by
Host: www.express-scripts.com
URL: https://www.express-scripts.com/art/email/Aeonik-Regular.woff'
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:592::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.express-scripts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 12:08:01 GMT
content-encoding
gzip
last-modified
Mon, 14 Feb 2022 16:35:31 GMT
server
AkamaiNetStorage
etag
"d860c16ac938f7d839f0ec158d02d0f0:1644856531.418573"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.express-scripts.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12163
expires
Mon, 22 Aug 2022 13:08:01 GMT
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: www.express-scripts.com
URL: https://www.express-scripts.com/art/email/Aeonik-Regular.woff'
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:592::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.express-scripts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 12:08:01 GMT
content-encoding
gzip
last-modified
Mon, 14 Feb 2022 16:35:31 GMT
server
AkamaiNetStorage
etag
"2d1382c349d480b6b41574ac0c1af066:1644856531.739514"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.express-scripts.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
1597
expires
Mon, 22 Aug 2022 13:08:01 GMT
branch-latest.min.js
cdn.branch.io/ 		76 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.branch.io/branch-latest.min.js
Requested by
Host: www.express-scripts.com
URL: https://www.express-scripts.com/art/email/Aeonik-Regular.woff'
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-23.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3f39b863af13e4947632922f698a345a33f45f618e25cbdda80fecdb029c1d8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.express-scripts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id
TYUFb0ZW1v2KsNT79quwkf.N0GdhhUX6
content-encoding
gzip
last-modified
Thu, 11 Aug 2022 19:34:23 GMT
server
AmazonS3
age
190
etag
"6002812647adfb5e20a34acdfe3de9f2"
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 0d94766f433ae64cf30c40acb74fc43e.cloudfront.net (CloudFront)
cache-control
max-age=300
date
Mon, 22 Aug 2022 12:04:52 GMT
x-amz-cf-pop
FRA2-C2
content-length
23151
x-amz-cf-id
VdpVbCbn99zrKPJwwoIIWyR5j5M_3vorj35nZJrp0LTOgSLmy6h9eg==
truncated
/ 		504 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c6709a4059947a46d4aabbf16f872f84de523ae708e362431daf29cd17d77b0c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
85ae621f97ae0e47dc5409c1ce197505bbfe6021b6381d1686463084a13913ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
Aeonik-Bold.woff2
d1sasz49lqpqtq.cloudfront.net/fonts/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d1sasz49lqpqtq.cloudfront.net/fonts/Aeonik-Bold.woff2
Requested by
Host: d1sasz49lqpqtq.cloudfront.net
URL: https://d1sasz49lqpqtq.cloudfront.net/s3fs-public/css/css_2cVtfEIV9B2SSGiz7IbAV6LW1n2J-jqrbeSDrGKoeSQ.css?VersionId=KxYBHCBHAbEwBwE4yO_2kdC0CnPCcHLX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:2800:8:7fec:8380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7f88bb4ae82fff4b28375830a7d42e979b29ae75f6e8c9c8e819ead0ff9a3ae3

Request headers

Referer
https://d1sasz49lqpqtq.cloudfront.net/s3fs-public/css/css_2cVtfEIV9B2SSGiz7IbAV6LW1n2J-jqrbeSDrGKoeSQ.css?VersionId=KxYBHCBHAbEwBwE4yO_2kdC0CnPCcHLX
Origin
https://www.express-scripts.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id
KDkoE3rrXXiKeYRNTKKKjUzzyc.gPNY7
via
1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
etag
"fef183222112e123e20a57b1de7e6d3b"
age
27826
x-cache
Hit from cloudfront
content-length
36736
last-modified
Tue, 26 Apr 2022 22:59:58 GMT
server
AmazonS3
date
Mon, 22 Aug 2022 04:24:16 GMT
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
binary/octet-stream
access-control-allow-origin
https://www.express-scripts.com
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
l_kZUnBaSX5LnNPBUT54xEn-iHMkremxoefx6It7XdmoRlnjTD5Y4w==
Aeonik-Medium.woff2
d1sasz49lqpqtq.cloudfront.net/fonts/ 		42 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d1sasz49lqpqtq.cloudfront.net/fonts/Aeonik-Medium.woff2
Requested by
Host: d1sasz49lqpqtq.cloudfront.net
URL: https://d1sasz49lqpqtq.cloudfront.net/s3fs-public/css/css_2cVtfEIV9B2SSGiz7IbAV6LW1n2J-jqrbeSDrGKoeSQ.css?VersionId=KxYBHCBHAbEwBwE4yO_2kdC0CnPCcHLX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:2800:8:7fec:8380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9b0dc405c6049e34bac12def1f1a69c8ceb07731ebff9138faa3c369435f56b3

Request headers

Referer
https://d1sasz49lqpqtq.cloudfront.net/s3fs-public/css/css_2cVtfEIV9B2SSGiz7IbAV6LW1n2J-jqrbeSDrGKoeSQ.css?VersionId=KxYBHCBHAbEwBwE4yO_2kdC0CnPCcHLX
Origin
https://www.express-scripts.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
etag
"7ab1af37690d4056a6bb3b7b4ba32239"
age
27826
x-cache
Hit from cloudfront
content-length
43136
last-modified
Tue, 04 Aug 2020 21:08:32 GMT
server
AmazonS3
date
Mon, 22 Aug 2022 04:24:16 GMT
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
binary/octet-stream
access-control-allow-origin
https://www.express-scripts.com
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
paTnCMs5w3x6bW3LgxDr9Drbt5EyR9I4VWiMjnFqsNehIG0YMpk-2A==
esmd-logo-blue-reversed-rgbsvg.svg
d1sasz49lqpqtq.cloudfront.net/s3fs-public/2022-03/ 		53 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1sasz49lqpqtq.cloudfront.net/s3fs-public/2022-03/esmd-logo-blue-reversed-rgbsvg.svg?VersionId=ubrf7HpoTqkpvOsTfGjpkQBwDPEdtpdJ
Requested by
Host: www.express-scripts.com
URL: https://www.express-scripts.com/art/email/Aeonik-Regular.woff'
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:2800:8:7fec:8380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1d1b81a582522f87aa2d576b3243a1ca498bdec90dfc37161504b95972e36027

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.express-scripts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id
ubrf7HpoTqkpvOsTfGjpkQBwDPEdtpdJ
content-encoding
gzip
last-modified
Fri, 04 Mar 2022 21:22:56 GMT
server
AmazonS3
age
84295
etag
W/"22760613a71ce18d5b239dbb42f71e36"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
date
Sun, 21 Aug 2022 12:43:07 GMT
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
zzORcXLD4KhSN15mbhtnacp7zMVwNx9EJzkX7NvtcaHG0UkMJzOaUw==
accredo-white-logo.svg
d1sasz49lqpqtq.cloudfront.net/s3fs-public/2022-03/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1sasz49lqpqtq.cloudfront.net/s3fs-public/2022-03/accredo-white-logo.svg?VersionId=gakpw0fNpfP1xBLujhN3Y7HI6On66PMr
Requested by
Host: www.express-scripts.com
URL: https://www.express-scripts.com/art/email/Aeonik-Regular.woff'
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:2800:8:7fec:8380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2185f4a56db742800d52e4f2ea49982c95d8a7f5905e08b7b781cce0bf136ed4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.express-scripts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id
gakpw0fNpfP1xBLujhN3Y7HI6On66PMr
content-encoding
gzip
last-modified
Fri, 04 Mar 2022 21:22:05 GMT
server
AmazonS3
age
76083
etag
W/"8146407b9ec2f20113b7f9f671ece657"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
date
Sun, 21 Aug 2022 14:59:59 GMT
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
Ud1TnxmZ_o-FkVl2lzcv24PQ321AEtKs5Wl1Rn2GL5VjM5ypQgN9Ng==
insiderx-reverse.svg
d1sasz49lqpqtq.cloudfront.net/s3fs-public/2022-03/ 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1sasz49lqpqtq.cloudfront.net/s3fs-public/2022-03/insiderx-reverse.svg?VersionId=ZhaHmSMhcPZWuY5bzfB.FPknBiFfM4EX
Requested by
Host: www.express-scripts.com
URL: https://www.express-scripts.com/art/email/Aeonik-Regular.woff'
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:2800:8:7fec:8380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
34b7f03c8bdd03cf7782b0c76b913c3468ba7686da212687000b1c7f053d2914

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.express-scripts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id
ZhaHmSMhcPZWuY5bzfB.FPknBiFfM4EX
content-encoding
gzip
last-modified
Fri, 04 Mar 2022 21:21:06 GMT
server
AmazonS3
age
84295
etag
W/"8e049d062d4a90ffd76f47a80e42d604"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
date
Sun, 21 Aug 2022 12:43:07 GMT
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
s8wNkYKq0C0ZMJLLIYID1XKWt9-4PrsWj51ucw0rqBwC7ZsWsaMwZw==
RCd55d98cff0884f0ca569243d3ca661fd-source.min.js
assets.adobedtm.com/75c13ef9d9d6/3a8fdc81b7df/579149c99711/ 		534 B
581 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/75c13ef9d9d6/3a8fdc81b7df/579149c99711/RCd55d98cff0884f0ca569243d3ca661fd-source.min.js
Requested by
Host: www.express-scripts.com
URL: https://www.express-scripts.com/art/email/Aeonik-Regular.woff'
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:592::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
ab7f7905eb86c5afe976f175ea6de37c921b339f936db5dfa70e66f92e7dff83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.express-scripts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 12:08:02 GMT
content-encoding
gzip
last-modified
Fri, 19 Aug 2022 17:50:19 GMT
server
AkamaiNetStorage
etag
"3760f34ed05feaed15e5a375887c6002:1660931419.310176"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.express-scripts.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
311
expires
Mon, 22 Aug 2022 13:08:02 GMT
lazysizes.min.js
www.express-scripts.com/libraries/lazysizes/ 		8 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.express-scripts.com/libraries/lazysizes/lazysizes.min.js
Requested by
Host: www.express-scripts.com
URL: https://www.express-scripts.com/art/email/Aeonik-Regular.woff'
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.211.52.57 , United States, ASN5696 (EXPRES, US),
Reverse DNS
Software
/
Resource Hash
6e61be2f374a0122510025578940baf7ef8dbbcaf3ecc5f5535cfc81bd1cfd39
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob:, default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob:, default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.express-scripts.com/art/email/Aeonik-Regular.woff'
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Security-Policy
default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob:, default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob:, default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob:
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy-Report-Only
default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob:; report-uri /r/violation
Connection
Keep-Alive
Vary
Accept-Encoding, Accept-Encoding
Content-Length
4088
X-Xss-Protection
1; mode=block
Last-Modified
Wed, 11 May 2022 19:16:34 GMT
X-Frame-Options
SAMEORIGIN
Date
Mon, 22 Aug 2022 12:08:02 GMT
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript; charset=utf-8
X-Vcap-Request-Id
f304bc42-56c0-4c2a-4820-d8d048dc6120
Cache-Control
max-age=315360000
Etag
"627c0b92-1ed1"
Accept-Ranges
bytes
Expires
Thu, 31 Dec 2037 23:55:55 GMT
RCd81541e431924a2b8a22a4f176a084af-source.min.js
assets.adobedtm.com/75c13ef9d9d6/3a8fdc81b7df/579149c99711/ 		143 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/75c13ef9d9d6/3a8fdc81b7df/579149c99711/RCd81541e431924a2b8a22a4f176a084af-source.min.js
Requested by
Host: www.express-scripts.com
URL: https://www.express-scripts.com/art/email/Aeonik-Regular.woff'
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:592::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
35edb431905a086744c2d95882d591982e293dc02e92b47d93e4bafc738d416f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.express-scripts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 12:08:02 GMT
content-encoding
gzip
last-modified
Fri, 19 Aug 2022 17:50:19 GMT
server
AkamaiNetStorage
etag
"3760f34ed05feaed15e5a375887c6002:1660931419.310176"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.express-scripts.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
47179
expires
Mon, 22 Aug 2022 13:08:02 GMT
tltWorker.6.1.min.js
www.express-scripts.com/libraries/tealeaf/ 		44 KB
17 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.express-scripts.com/libraries/tealeaf/tltWorker.6.1.min.js
Requested by
Host: www.express-scripts.com
URL: https://www.express-scripts.com/art/email/Aeonik-Regular.woff'
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.211.52.57 , United States, ASN5696 (EXPRES, US),
Reverse DNS
Software
/
Resource Hash
b4b9f60fbccd11e8adf92a30487264b81a5b5ccdb258acd8cc02857fbc58b678
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob:, default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob:, default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.express-scripts.com/art/email/Aeonik-Regular.woff'
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Security-Policy
default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob:, default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob:, default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob:
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy-Report-Only
default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob:; report-uri /r/violation
Connection
Keep-Alive
Vary
Accept-Encoding, Accept-Encoding
Content-Length
16457
X-Xss-Protection
1; mode=block
Last-Modified
Wed, 11 May 2022 19:16:34 GMT
X-Frame-Options
SAMEORIGIN
Date
Mon, 22 Aug 2022 12:08:02 GMT
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript; charset=utf-8
X-Vcap-Request-Id
0d231b8f-81c2-4513-5b6b-47a44520635a
Cache-Control
max-age=315360000
Etag
"627c0b92-b143"
Accept-Ranges
bytes
Expires
Thu, 31 Dec 2037 23:55:55 GMT
nr-spa-1216.min.js
js-agent.newrelic.com/ 		49 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1216.min.js
Requested by
Host: www.express-scripts.com
URL: https://www.express-scripts.com/art/email/Aeonik-Regular.woff'
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.express-scripts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id
UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-encoding
gzip
etag
"63e2df852d15ab21d7ff8fc4363222e8"
x-amz-request-id
DBY21TCSYTTK7C8E
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
18216
x-amz-id-2
q9Qdef4B7bO73MtYeg42DHT4II81uH8UYhjE+YHC3Cyx4Jb84NjnELpIHZu/BLuyrBTAFfSMTAE=
x-served-by
cache-hhn4042-HHN
last-modified
Thu, 14 Apr 2022 16:45:57 GMT
server
AmazonS3
x-timer
S1661170083.517045,VS0,VE0
date
Mon, 22 Aug 2022 12:08:02 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
13033
/
zn7qchny5hadksvmv-expressscriptscx.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zn7qchny5hadksvmv-expressscriptscx.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_7QCHNY5hadKsvMV&Q_LOC=https%3A%2F%2Fwww.express-scripts.com%2Fart%2Femail%2FAeonik-Regular.woff%27&t=1661170082469
Requested by
Host: www.express-scripts.com
URL: https://www.express-scripts.com/art/email/Aeonik-Regular.woff'
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed533ca6555ef42788a41ac2120d653d70732483409fd1aa3dd55711b2a0846b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.express-scripts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 12:08:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
557587
cf-polished
origSize=8435
cf-ray
73eb7dd7ccbf917a-FRA
edge-control
max-age=604800
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"20f3-UxvEth1FaN3FGDdPDG5xPxy3fRU"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
/
zn3etdzvv330bnajr-expressscriptscx.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zn3etdzvv330bnajr-expressscriptscx.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_3EtDzVv330Bnajr&Q_LOC=https%3A%2F%2Fwww.express-scripts.com%2Fart%2Femail%2FAeonik-Regular.woff%27&t=1661170082469
Requested by
Host: www.express-scripts.com
URL: https://www.express-scripts.com/art/email/Aeonik-Regular.woff'
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec02e5a97f350de8394b263b94f32c411c1301c3374de08900732664ea7541b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.express-scripts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 12:08:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
556380
cf-polished
origSize=8435
cf-ray
73eb7dd7c9169a0c-FRA
edge-control
max-age=604800
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"20f3-sVY5iOhcD++RR8SEoFH5E+WfNWo"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
a73afcb621
bam.nr-data.net/1/ 		0
0
11.43a1a428a12277de24be.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ 		60 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/11.43a1a428a12277de24be.chunk.js?Q_CLIENTVERSION=1.75.0&Q_CLIENTTYPE=web&Q_BRANDID=www.express-scripts.com
Requested by
Host: www.express-scripts.com
URL: https://www.express-scripts.com/art/email/Aeonik-Regular.woff'
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2faace9efc06ad6a3279c4ea7da78bd51d6ccbdc405caa789f63caec34a2696
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.express-scripts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 12:08:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
553161
cf-polished
origSize=62687
cf-ray
73eb7dd81d2f917a-FRA
edge-control
max-age=604800
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 25 Jul 2022 21:26:54 GMT
server
cloudflare
etag
W/"f4df-18237417930"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
Targeting.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		11 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_7QCHNY5hadKsvMV&Q_CLIENTVERSION=1.75.0&Q_CLIENTTYPE=web
Requested by
Host: www.express-scripts.com
URL: https://www.express-scripts.com/art/email/Aeonik-Regular.woff'
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7abf2ec7fba097f1ce02a098afa06cebbcfda5eb94ee162de0294f2d2691ec77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.express-scripts.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 22 Aug 2022 12:08:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains; preload
timing-allow-origin
*
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.express-scripts.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
permissions-policy
camera=(), geolocation=(), microphone=()
trace-id
d71c3c4e79453c96
cf-ray
73eb7dd85dcd917a-FRA
Targeting.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		5 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_3EtDzVv330Bnajr&Q_CLIENTVERSION=1.75.0&Q_CLIENTTYPE=web
Requested by
Host: www.express-scripts.com
URL: https://www.express-scripts.com/art/email/Aeonik-Regular.woff'
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d0521b22ed88dcd64e6469768bc28b1a58f67a179594aefe661d5117da02755
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.express-scripts.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 22 Aug 2022 12:08:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains; preload
timing-allow-origin
*
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.express-scripts.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
permissions-policy
camera=(), geolocation=(), microphone=()
trace-id
5579ae6b3a04fbfb
cf-ray
73eb7dd86dd7917a-FRA
CoreModule.js
siteintercept.qualtrics.com/dxjsmodule/ 		102 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.75.0&Q_CLIENTTYPE=web&Q_BRANDID=expressscriptscx
Requested by
Host: www.express-scripts.com
URL: https://www.express-scripts.com/art/email/Aeonik-Regular.woff'
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2ca8ecaeb278f382026638d391665f9bd64e573ca091482efc1c41ebe857754
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.express-scripts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 12:08:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
553161
cf-polished
origSize=105087
cf-ray
73eb7dd9f8c5917a-FRA
edge-control
max-age=604800
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 25 Jul 2022 21:26:54 GMT
server
cloudflare
etag
W/"19a7f-18237417930"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
4.c4c4311e93af68a7390f.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ 		2 KB
916 B 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/4.c4c4311e93af68a7390f.chunk.js?Q_CLIENTVERSION=1.75.0&Q_CLIENTTYPE=web&Q_BRANDID=expressscriptscx
Requested by
Host: www.express-scripts.com
URL: https://www.express-scripts.com/art/email/Aeonik-Regular.woff'
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78540a28cea0abc67cbbd820fd2571c463f71a5b14fa6921e46b7e2658cec4f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.express-scripts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 12:08:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
553161
cf-polished
origSize=2539
cf-ray
73eb7ddabacb917a-FRA
edge-control
max-age=604800
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 25 Jul 2022 21:26:54 GMT
server
cloudflare
etag
W/"9eb-18237417930"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
1.04bbbcfbec571d58289d.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/1.04bbbcfbec571d58289d.chunk.js?Q_CLIENTVERSION=1.75.0&Q_CLIENTTYPE=web&Q_BRANDID=expressscriptscx
Requested by
Host: www.express-scripts.com
URL: https://www.express-scripts.com/art/email/Aeonik-Regular.woff'
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
438c07b22e07ff3cf4c6407d502886d52378440c7ba2678254d134d843b0d03c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.express-scripts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 12:08:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
553161
cf-polished
origSize=29269
cf-ray
73eb7ddabacd917a-FRA
edge-control
max-age=604800
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 25 Jul 2022 21:26:54 GMT
server
cloudflare
etag
W/"7255-18237417930"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
FeedbackButtonModule.js
siteintercept.qualtrics.com/dxjsmodule/ 		64 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/FeedbackButtonModule.js?Q_CLIENTVERSION=1.75.0&Q_CLIENTTYPE=web&Q_BRANDID=expressscriptscx
Requested by
Host: www.express-scripts.com
URL: https://www.express-scripts.com/art/email/Aeonik-Regular.woff'
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
182e7f0425e10acf894089ac8109d990c34341cf50357f4336a229a0fb4722ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.express-scripts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 12:08:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
553158
cf-polished
origSize=66436
cf-ray
73eb7ddabacf917a-FRA
edge-control
max-age=604800
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 25 Jul 2022 21:26:54 GMT
server
cloudflare
etag
W/"10384-18237417930"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
EmbeddedTargetModule.js
siteintercept.qualtrics.com/dxjsmodule/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/EmbeddedTargetModule.js?Q_CLIENTVERSION=1.75.0&Q_CLIENTTYPE=web&Q_BRANDID=expressscriptscx
Requested by
Host: www.express-scripts.com
URL: https://www.express-scripts.com/art/email/Aeonik-Regular.woff'
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a68d55d5edf25c0baea3cd150e155c1c64eadbdc52a44ec5f239b8f27e250c8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.express-scripts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 12:08:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
553158
cf-polished
origSize=8462
cf-ray
73eb7ddabad2917a-FRA
edge-control
max-age=604800
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 25 Jul 2022 21:26:54 GMT
server
cloudflare
etag
W/"210e-18237417930"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
LinkModule.js
siteintercept.qualtrics.com/dxjsmodule/ 		2 KB
903 B 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/LinkModule.js?Q_CLIENTVERSION=1.75.0&Q_CLIENTTYPE=web&Q_BRANDID=expressscriptscx
Requested by
Host: www.express-scripts.com
URL: https://www.express-scripts.com/art/email/Aeonik-Regular.woff'
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d4fe612fa43bdcfc05db6234a824a87d806a83ab61a9f8f05dff12c2b253c95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.express-scripts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 12:08:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
553158
cf-polished
origSize=2547
cf-ray
73eb7ddabad5917a-FRA
edge-control
max-age=604800
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 25 Jul 2022 21:26:54 GMT
server
cloudflare
etag
W/"9f3-18237417930"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		9 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_87gv7D6QVcbj04B&Version=20&Q_ORIGIN=https://www.express-scripts.com&Q_CLIENTVERSION=1.75.0&Q_CLIENTTYPE=web
Requested by
Host: www.express-scripts.com
URL: https://www.express-scripts.com/art/email/Aeonik-Regular.woff'
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4492723d5570668274cf06f2120b7e464fb8b45db65b018543c5708773e97640
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.express-scripts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 12:08:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
325265
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control
max-age=604800
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 18 Aug 2022 17:46:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
expires
Sun, 15 Aug 2032 17:46:58 GMT
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
false
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
73eb7ddb1a2bbba9-FRA
servershortname
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		2 KB
717 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_aXGRHT9deChbnUO&Version=7&Q_InterceptID=SI_87gv7D6QVcbj04B&Q_ORIGIN=https://www.express-scripts.com&Q_CLIENTVERSION=1.75.0&Q_CLIENTTYPE=web
Requested by
Host: www.express-scripts.com
URL: https://www.express-scripts.com/art/email/Aeonik-Regular.woff'
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac6769aeda5a8b002e699c70ac13539a4d32ba0ed1736f7cfff0d863e6f5fe04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.express-scripts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 12:08:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
2145
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control
max-age=604800
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 22 Aug 2022 11:32:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
expires
Thu, 19 Aug 2032 11:32:18 GMT
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
false
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
73eb7ddb1a2dbba9-FRA
servershortname
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		16 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_eznJ7JJ2gtxcty5&Version=10&Q_ORIGIN=https://www.express-scripts.com&Q_CLIENTVERSION=1.75.0&Q_CLIENTTYPE=web
Requested by
Host: www.express-scripts.com
URL: https://www.express-scripts.com/art/email/Aeonik-Regular.woff'
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d46e798195132ee4e4145d53f9c8c50eb06d4d5fb2aa32c1963d7d43e488194
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.express-scripts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 12:08:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
372542
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control
max-age=604800
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 18 Aug 2022 04:39:01 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
expires
Sun, 15 Aug 2032 04:39:01 GMT
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
false
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
73eb7ddb1a2fbba9-FRA
servershortname
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		220 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_7aEyhXOE6dHOF8x&Version=4&Q_InterceptID=SI_eznJ7JJ2gtxcty5&Q_ORIGIN=https://www.express-scripts.com&Q_CLIENTVERSION=1.75.0&Q_CLIENTTYPE=web
Requested by
Host: www.express-scripts.com
URL: https://www.express-scripts.com/art/email/Aeonik-Regular.woff'
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1afdfe6ce4ad01e843007105d64d70468158c7a43c6944718922ffb7dc6169eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.express-scripts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 12:08:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
325265
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control
max-age=604800
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 18 Aug 2022 17:46:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
expires
Sun, 15 Aug 2032 17:46:58 GMT
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
false
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
73eb7ddb1a31bba9-FRA
servershortname
/
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		45 B
223 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_aXGRHT9deChbnUO&Q_SIID=SI_87gv7D6QVcbj04B&Q_ASID=AS_3KIqEDWJ9XmKaix&Q_CLIENTVERSION=1.75.0&Q_CLIENTTYPE=web&r=1661170083142
Requested by
Host: www.express-scripts.com
URL: https://www.express-scripts.com/art/email/Aeonik-Regular.woff'
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.express-scripts.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 22 Aug 2022 12:08:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains; preload
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.express-scripts.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
permissions-policy
camera=(), geolocation=(), microphone=()
trace-id
6d5d3499fbd55eb4
cf-ray
73eb7ddbbb2ebba9-FRA
wr-dialog-close-btn-white.png
siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/ 		254 B
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/wr-dialog-close-btn-white.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd5496f75a7c1029bc681f639794b83f034d5ecd884e8514ae12b13eee9eec70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.express-scripts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 12:08:03 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
15110964
cf-polished
origSize=759
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
x-envoy-upstream-service-time
5
cf-bgj
imgq:85,h2pri
vary
Accept-Encoding
content-length
254
accept-ranges
bytes
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 23 Feb 2022 00:33:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/png
cache-control
max-age=315360000, public
trace-id
7777a296f941d072
cf-ray
73eb7ddbbcb0917a-FRA
servershortname
expires
Thu, 26 Feb 2032 14:38:39 GMT
delivery
expressscriptsholdin.tt.omtrdc.net/rest/v1/ 		296 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://expressscriptsholdin.tt.omtrdc.net/rest/v1/delivery?client=expressscriptsholdin&sessionId=a0583b4df8f549b6a55c33a3d78488c6&version=2.8.2
Requested by
Host: www.express-scripts.com
URL: https://www.express-scripts.com/art/email/Aeonik-Regular.woff'
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.99.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-99-124.compute-1.amazonaws.com
Software
/
Resource Hash
b208fcc022e08bd5c0a972b2977c767e97bb8d81499edd6e699f20b7cd35fee0

Request headers

Referer
https://www.express-scripts.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 22 Aug 2022 12:08:04 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.express-scripts.com
access-control-allow-credentials
true
timing-allow-origin
*
x-request-id
b8d5f037c393ee8aa5d9cfc355ce2622
dest5.html
expressscriptsholdingcompany.demdex.net/ Frame 159E 		0
0
id
smetrics.express-scripts.com/ 		0
0
ibs:dpid=411&dpuuid=YwNxpgAAAHSA3gN6
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=49362246829889477671409928394825765590
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YwNxpgAAAHSA3gN6
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bam.nr-data.net
URL
https://bam.nr-data.net/1/a73afcb621?a=1033945909&v=1216.487a282&to=ZFQGYRZTXUoEUUJRDl0eJVYQW1xXSkJXXwRsUgVWDFc%3D&rst=1741&ck=1&ref=https://www.express-scripts.com/art/email/Aeonik-Regular.woff%27&qt=26&ap=39&be=695&fe=1680&dc=1555&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1661170080787,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:136,%22c%22:136,%22s%22:238,%22ce%22:448,%22rq%22:448,%22rp%22:573,%22rpe%22:691,%22dl%22:590,%22di%22:1554,%22ds%22:1554,%22de%22:1557,%22dc%22:1680,%22l%22:1680,%22le%22:1683%7D,%22navigation%22:%7B%7D%7D&fp=1105&fcp=1105&at=SBMFF15JTkQ%3D&jsonp=NREUM.setToken
Domain
expressscriptsholdingcompany.demdex.net
URL
https://expressscriptsholdingcompany.demdex.net/dest5.html?d_nsid=0
Domain
smetrics.express-scripts.com
URL
https://smetrics.express-scripts.com/id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=BCDA9CC055686E397F000101%40AdobeOrg&mid=49401263725705598701413908828236983967&ts=1661170086590
Domain
dpm.demdex.net
URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YwNxpgAAAHSA3gN6

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| NREUM object| newrelic function| __nr_require undefined| queryString string| url string| path object| params function| startsWith object| Modernizr object| digitalData number| inHeadTS string| pageInstanceId string| pageName string| primaryCategory string| pageType object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in object| branch function| ES6Promise object| LDClient function| once function| $ function| jQuery function| _ object| drupalSettings object| Drupal object| tabbable object| DXTools object| DXAnalytics object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate object| __target_telemetry function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| regeneratorRuntime number| s_loadT undefined| dismissedAlerts object| _window object| cookies function| getParent function| obliterate function| unwrap function| moveFootnotes function| backToTop object| $body function| toggle function| oncreate object| options function| dialog function| dismiss object| languageLinks string| language string| langcode undefined| hasSelected object| Cookies object| lazySizesConfig object| ESIERA object| pako object| TLT object| lazySizes object| QSI object| WAFQualtricsWebpackJsonP-cloud-1.75.0 object| _qsie function| parseQueryString function| parseHash function| parseUrl string| account object| AdobeAnalytics

7 Cookies

Domain/Path Name / Value
.express-scripts.com/ Name: at_check
Value: true
www.express-scripts.com/ Name: has_selected_language
Value: 1
www.express-scripts.com/ Name: TLTSID
Value: 64939320382676565151740054927202
.express-scripts.com/ Name: mbox
Value: session#a0583b4df8f549b6a55c33a3d78488c6#1661171945|PC#a0583b4df8f549b6a55c33a3d78488c6.34_0#1724414885
.demdex.net/ Name: demdex
Value: 49362246829889477671409928394825765590
.express-scripts.com/ Name: AMCVS_BCDA9CC055686E397F000101%40AdobeOrg
Value: 1
.express-scripts.com/ Name: AMCV_BCDA9CC055686E397F000101%40AdobeOrg
Value: 1176715910%7CMCIDTS%7C19227%7CMCMID%7C49401263725705598701413908828236983967%7CMCAAMLH-1661774886%7C6%7CMCAAMB-1661774886%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1661177286s%7CNONE%7CvVersion%7C5.4.0

3 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://www.express-scripts.com/art/email/Aeonik-Regular.woff'
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
security error URL: https://www.express-scripts.com/art/email/Aeonik-Regular.woff'
Message:
Refused to load the script 'https://bam.nr-data.net/1/a73afcb621?a=1033945909&v=1216.487a282&to=ZFQGYRZTXUoEUUJRDl0eJVYQW1xXSkJXXwRsUgVWDFc%3D&rst=1741&ck=1&ref=https://www.express-scripts.com/art/email/Aeonik-Regular.woff%27&qt=26&ap=39&be=695&fe=1680&dc=1555&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1661170080787,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:136,%22c%22:136,%22s%22:238,%22ce%22:448,%22rq%22:448,%22rp%22:573,%22rpe%22:691,%22dl%22:590,%22di%22:1554,%22ds%22:1554,%22de%22:1557,%22dc%22:1680,%22l%22:1680,%22le%22:1683%7D,%22navigation%22:%7B%7D%7D&fp=1105&fcp=1105&at=SBMFF15JTkQ%3D&jsonp=NREUM.setToken' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' 'unsafe-inline' d1sasz49lqpqtq.cloudfront.net *.adobedtm.com *.fontawesome.com *.qualtrics.com *.everestjs.net *.omtrdc.net *.marketo.net *.demdex.net *.google.com *.gstatic.com *.facebook.net *.ads-twitter.com *.twitter.com *.brightcove.com *.brightcove.net vjs.zencdn.net *.s3.amazonaws.com snap.licdn.com *.googletagmanager.com *.express-scripts.com activitymap.adobe.com *.branch.io app.link js-agent.newrelic.com bam-cell.nr-data.net insight.adsrvr.org *.facebook.com *.twitter.com *.linkedin.com px.ads.linkedin.com snap.licdn.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' data: *.express-scripts.com d1sasz49lqpqtq.cloudfront.net *.qualtrics.com *.omtrdc.net *.demdex.net *.googlesyndication.com *.instagram.com *.linkedin.com px.ads.linkedin.com snap.licdn.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' d1sasz49lqpqtq.cloudfront.net *.adobedtm.com *.fontawesome.com *.qualtrics.com *.everestjs.net *.omtrdc.net *.marketo.net *.demdex.net *.google.com *.gstatic.com *.facebook.net *.ads-twitter.com *.twitter.com *.brightcove.com *.brightcove.net vjs.zencdn.net *.s3.amazonaws.com snap.licdn.com *.googletagmanager.com *.express-scripts.com activitymap.adobe.com *.branch.io app.link js-agent.newrelic.com bam-cell.nr-data.net insight.adsrvr.org *.facebook.com *.twitter.com *.linkedin.com px.ads.linkedin.com snap.licdn.com; object-src 'self' *.s3.amazonaws.com *.brightcove.net d1sasz49lqpqtq.cloudfront.net; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.express-scripts.com *.cloudflare.com *.fontawesome.com *.s3.amazonaws.com d1sasz49lqpqtq.cloudfront.net app.launchdarkly.com clientstream.launchdarkly.com events.launchdarkly.com; img-src 'self' data: *.qualtrics.com *.omtrdc.net expressscripts.sc.omtrdc.net *.everesttech.net *.demdex.net *.facebook.com t.co *.s3.amazonaws.com *.brightcove.com *.prod.boltdns.net *.google.com openbadges.blob.core.windows.net d1sasz49lqpqtq.cloudfront.net *.express-scripts.com *.llnwd.net *.linkedin.com *.doubleclick.net *.branch.io *.adsrvr.org *.googletagmanager.com *.addthis.com *.pinsightmedia.com *.mookie1.com *.advertising.com *.scorecardresearch.com *.linksynergy.com *.casalemedia.com *.insightexpressai.com *.media6degrees.com *.analytics.yahoo.com mid.rkdms.com match.sync.ad.cpe.dotomi.com aa.agkn.com ib.adnxs.com io.narrative.io cm.pos.baidu.com x.bidswitch.net tags.bluekai.com cs.adingo.jp ml314.com loadm.exelator.com global.ib-ibi.com ckm.iqiyi.com usermatch.krxd.net i.liadm.com idsync.rlcdn.com simage2.pubmatic.com e.nexac.com cm.mediav.com pixel.rubiconproject.com uipglob.semasio.net match.sharethrough.com s.thebrighttag.com eb2.3lift.com pixel.tapad.com cm.l.qq.com dmp.truoptik.com c.yes.youku.com; media-src 'self' blob: *.express-scripts.com *.s3.amazonaws.com *.brightcove.com *.prod.boltdns.net d1sasz49lqpqtq.cloudfront.net *.akamaihd.net; frame-src 'self' *.s3.amazonaws.com *.qualtrics.com *.youtube.com *.omtrdc.net *.demdex.net *.google.com d1sasz49lqpqtq.cloudfront.net *.fls.doubleclick.net activitymap.adobe.com *.omniture.com *.facebook.com; child-src 'self' blob: *.express-scripts.com *.s3.amazonaws.com *.youtube.com d1sasz49lqpqtq.cloudfront.net; font-src * 'self' data: *.express-scripts.com fonts.googleapis.com fonts.gstatic.com *.s3.amazonaws.com *.amazonaws.com d1sasz49lqpqtq.cloudfront.net; connect-src 'self' *.express-scripts.com *.qualtrics.com *.adobedtm.com *.everestjs.net *.omtrdc.net *.marketo.net *.demdex.net *.brightcove.com *.prod.boltdns.net *.akamaihd.net d1sasz49lqpqtq.cloudfront.net app.launchdarkly.com clientstream.launchdarkly.com events.launchdarkly.com *.llnwd.net *.mktoresp.com di-tag.express-scripts.com *.branch.io app.link wss://*.express-scripts.com bam-cell.nr-data.net *.cigna.com default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob: default-src 'unsafe-inline' 'unsafe-eval' * 'self' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
bam.nr-data.net
cdn.branch.io
d1sasz49lqpqtq.cloudfront.net
dpm.demdex.net
expressscriptsholdin.tt.omtrdc.net
expressscriptsholdingcompany.demdex.net
js-agent.newrelic.com
siteintercept.qualtrics.com
smetrics.express-scripts.com
www.express-scripts.com
zn3etdzvv330bnajr-expressscriptscx.siteintercept.qualtrics.com
zn7qchny5hadksvmv-expressscriptscx.siteintercept.qualtrics.com
bam.nr-data.net
dpm.demdex.net
expressscriptsholdingcompany.demdex.net
smetrics.express-scripts.com
104.17.208.240
104.17.209.240
107.22.99.124
13.225.78.23
151.101.130.137
167.211.52.57
2600:9000:21f3:2800:8:7fec:8380:21
2a02:26f0:3500:592::1e80
34.248.26.113
107bfc17e5d3b3d3226bad6c056b25bef80450863c6a4b7cbe71059217650d7a
182e7f0425e10acf894089ac8109d990c34341cf50357f4336a229a0fb4722ff
1afdfe6ce4ad01e843007105d64d70468158c7a43c6944718922ffb7dc6169eb
1d1b81a582522f87aa2d576b3243a1ca498bdec90dfc37161504b95972e36027
2185f4a56db742800d52e4f2ea49982c95d8a7f5905e08b7b781cce0bf136ed4
2d46e798195132ee4e4145d53f9c8c50eb06d4d5fb2aa32c1963d7d43e488194
2fcabbba07f20f7906636d32249163af808cd915bf6525c9c9de33912871cfce
34b7f03c8bdd03cf7782b0c76b913c3468ba7686da212687000b1c7f053d2914
35edb431905a086744c2d95882d591982e293dc02e92b47d93e4bafc738d416f
3f39b863af13e4947632922f698a345a33f45f618e25cbdda80fecdb029c1d8f
438c07b22e07ff3cf4c6407d502886d52378440c7ba2678254d134d843b0d03c
4492723d5570668274cf06f2120b7e464fb8b45db65b018543c5708773e97640
462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575
4d4fe612fa43bdcfc05db6234a824a87d806a83ab61a9f8f05dff12c2b253c95
52d12cc497a7bb55d3249c02418e25fc171cbbbff6740eb96dbf88a1c8e639dd
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe
57ce77364c8d7c4d6b5a6806e338d3acb930388107bccf614579cad4e26ee3cd
5926b886819628db26d1039e88c062fed6c77f34d22955ca1e04c596c79180ae
6e61be2f374a0122510025578940baf7ef8dbbcaf3ecc5f5535cfc81bd1cfd39
70e464683ee0146fb524f3073f62a852eb3f98f97dfe8bf9d6d07ed992c74261
72355e844ed56679fb5c770be33c46acdf3733925a80cb0d957dfb997927971c
78540a28cea0abc67cbbd820fd2571c463f71a5b14fa6921e46b7e2658cec4f0
7abf2ec7fba097f1ce02a098afa06cebbcfda5eb94ee162de0294f2d2691ec77
7f88bb4ae82fff4b28375830a7d42e979b29ae75f6e8c9c8e819ead0ff9a3ae3
85ae621f97ae0e47dc5409c1ce197505bbfe6021b6381d1686463084a13913ce
8bcbd3709fe25c33e7ad8dba87149fede59cd5c3fa29c4a82a3e58a60eaaf59d
9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c
939fe220ac3999512e38ecd5397d7334210c1568e7aec55eb6c6f4d1316c8353
9b0dc405c6049e34bac12def1f1a69c8ceb07731ebff9138faa3c369435f56b3
9b7b5d56054f5bab6ea5dfd9472ceb900f406a8a35a3df5b17b606521a411a35
9d0521b22ed88dcd64e6469768bc28b1a58f67a179594aefe661d5117da02755
a68d55d5edf25c0baea3cd150e155c1c64eadbdc52a44ec5f239b8f27e250c8e
ab7f7905eb86c5afe976f175ea6de37c921b339f936db5dfa70e66f92e7dff83
ac6769aeda5a8b002e699c70ac13539a4d32ba0ed1736f7cfff0d863e6f5fe04
b208fcc022e08bd5c0a972b2977c767e97bb8d81499edd6e699f20b7cd35fee0
b2faace9efc06ad6a3279c4ea7da78bd51d6ccbdc405caa789f63caec34a2696
b30ac9164fcafdb91f5bdc13895d25e694e01d213887b792833fdc00bbfbcd2e
b4b9f60fbccd11e8adf92a30487264b81a5b5ccdb258acd8cc02857fbc58b678
c2ca8ecaeb278f382026638d391665f9bd64e573ca091482efc1c41ebe857754
c6709a4059947a46d4aabbf16f872f84de523ae708e362431daf29cd17d77b0c
cd5496f75a7c1029bc681f639794b83f034d5ecd884e8514ae12b13eee9eec70
d81f286a9e6132bbcabbfb9551eae08b1783da9b4ca6a242ab5f8a93a2da8f06
d9c56d7c4215f41d924868b3ec86c057a2d6d67d89fa3aab6de483ac62a87924
e7867f8a1db3c271fb082eb40399eed5f72e2df1c09e792535c85d699487e30b
ec02e5a97f350de8394b263b94f32c411c1301c3374de08900732664ea7541b6
ed533ca6555ef42788a41ac2120d653d70732483409fd1aa3dd55711b2a0846b
f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9
f83561d28369539e28ed8b4527479118dbd6af4b302ab2c7caca4fbf1f535381