urlscan.io logo urlscan.io
SecurityTrails logo

account.covermymeds.com Open in urlscan Pro
66.97.160.55  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://secure-web.cisco.com/1gMtiW77JTVLzxK-jo2ZVXLhZJ4Fz7d4QQl3Bd2NjRGiet36Nsw64U-WrsAfRbqusOfljT854RXwtmZDm8u5aTghz1Ot6LD9...
Effective URL: https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FAXVCXEE6
Submission: On August 13 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 5 countries across 17 domains to perform 45 HTTP transactions. The main IP is 66.97.160.55, located in United States and belongs to CMM-ATL, US. The main domain is account.covermymeds.com.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on February 7th 2020. Valid for: 2 years.
This is the only time account.covermymeds.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2620:101:2002... 16417 (IRONPORT-...)
2 14 66.97.160.55 396458 (CMM-ATL)
4 66.97.160.33 396458 (CMM-ATL)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.226.155.115 16509 (AMAZON-02)
1 8 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:10c... 20940 (AKAMAI-ASN1)
1 172.217.18.2 15169 (GOOGLE)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 13.226.146.155 16509 (AMAZON-02)
2 2 2a00:1450:400... 15169 (GOOGLE)
2 3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2 2a05:f500:10:... 14413 (LINKEDIN)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f11... 32934 (FACEBOOK)
1 151.101.14.110 54113 (FASTLY)
1 99.81.228.121 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 162.247.242.19 23467 (NEWRELIC-...)
45 20
1    2620:101:2002:11f0::1001 (United States)

ASN16417 (IRONPORT-SYSTEMS-INC, US)
secure-web.cisco.com
14    66.97.160.55 (United States)

ASN396458 (CMM-ATL, US)
www.covermymeds.com
account.covermymeds.com
4    66.97.160.33 (United States)

ASN396458 (CMM-ATL, US)
chat.covermymeds.com
1    2a00:1450:4001:815::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    13.226.155.115 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-115.dus51.r.cloudfront.net
cdn.pendo.io
8    2a00:1450:4001:814::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a02:26f0:10c:382::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
snap.licdn.com
1    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net
www.googleadservices.com
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    13.226.146.155 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-146-155.dus51.r.cloudfront.net
js.adsrvr.org
2    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:81a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a05:f500:10:101::b93f:9105 (Ireland)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.linkedin.com
1    2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    151.101.14.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    99.81.228.121 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-228-121.eu-west-1.compute.amazonaws.com
insight.adsrvr.org
2    2a00:1450:4001:81f::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
data.pendo.io
2    162.247.242.19 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-7.nr-data.net
bam.nr-data.net
Domain Requested by
8 www.google-analytics.com 1 redirects www.googletagmanager.com
account.covermymeds.com
8 account.covermymeds.com account.covermymeds.com
6 www.covermymeds.com 2 redirects account.covermymeds.com
4 chat.covermymeds.com account.covermymeds.com
chat.covermymeds.com
3 www.google.de account.covermymeds.com
3 www.google.com 2 redirects account.covermymeds.com
2 bam.nr-data.net js-agent.newrelic.com
2 data.pendo.io cdn.pendo.io
2 px.ads.linkedin.com 1 redirects account.covermymeds.com
2 stats.g.doubleclick.net 2 redirects
2 connect.facebook.net account.covermymeds.com
connect.facebook.net
2 bat.bing.com www.googletagmanager.com
account.covermymeds.com
1 insight.adsrvr.org js.adsrvr.org
1 js-agent.newrelic.com account.covermymeds.com
1 www.facebook.com account.covermymeds.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.linkedin.com 1 redirects
1 js.adsrvr.org www.googletagmanager.com
1 www.googleadservices.com www.googletagmanager.com
1 snap.licdn.com www.googletagmanager.com
1 cdn.pendo.io account.covermymeds.com
1 www.googletagmanager.com account.covermymeds.com
1 secure-web.cisco.com 1 redirects
45 23

This site contains links to these domains. Also see Links.

Domain
www.covermymeds.com
Subject Issuer Validity Valid
*.covermymeds.com
Sectigo RSA Organization Validation Secure Server CA		 2020-02-07 -
2022-02-06		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-07-15 -
2020-10-07		 3 months crt.sh
cdn.pendo.io
DigiCert SHA2 Extended Validation Server CA		 2019-06-04 -
2021-09-02		 2 years crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2019-04-01 -
2021-05-07		 2 years crt.sh
www.googleadservices.com
GTS CA 1O1		 2020-07-15 -
2020-10-07		 3 months crt.sh
www.bing.com
Microsoft IT TLS CA 2		 2019-04-30 -
2021-04-30		 2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-07-21 -
2020-10-12		 3 months crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1		 2019-03-07 -
2021-04-19		 2 years crt.sh
www.google.de
GTS CA 1O1		 2020-07-15 -
2020-10-07		 3 months crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2020-08-05 -
2021-02-05		 6 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-07-15 -
2020-10-07		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-07-15 -
2020-10-07		 3 months crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-07-22 -
2021-05-07		 10 months crt.sh
data.pendo.io
GTS CA 1D2		 2020-08-04 -
2020-11-02		 3 months crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh

This page contains 2 frames:

Primary Page: https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FAXVCXEE6
Frame ID: E0255EAE919CC12DA90F878EE150E432
Requests: 45 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=yi9xlz1&ref=https%3A%2F%2Faccount.covermymeds.com%2F%3Fdestination_url%3Dhttps%253A%252F%252Fwww.covermymeds.com%252Frequest%252Fview%252FAXVCXEE6&upid=c7xdx7r&upv=1.1.0
Frame ID: 7AE3B80C5905EAA9B8CF8AFE30A8D7AD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://secure-web.cisco.com/1gMtiW77JTVLzxK-jo2ZVXLhZJ4Fz7d4QQl3Bd2NjRGiet36Nsw64U-WrsAfRbqusOfljT854RXw... HTTP 302
    https://www.covermymeds.com/request/view/AXVCXEE6?utm_source=pharmacyhasstartedaPA&utm_medium=email&utm_... HTTP 302
    https://www.covermymeds.com/user/login HTTP 302
    https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FAXVCXEE6 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

45
Requests

100 %
HTTPS

64 %
IPv6

17
Domains

23
Subdomains

20
IPs

5
Countries

1343 kB
Transfer

3244 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://secure-web.cisco.com/1gMtiW77JTVLzxK-jo2ZVXLhZJ4Fz7d4QQl3Bd2NjRGiet36Nsw64U-WrsAfRbqusOfljT854RXwtmZDm8u5aTghz1Ot6LD9SxMK6x3cX1SglNBTW1nt3UZum76PGX7RKUHemLGWPPenc32hx9uTPJJM1rjBs8x8MuEe6yz3Eh0xWAY-uRvfpa7hU_85h9Qv6wmInos-M-3Jz7eHga_-NPR5lxh-dhakpKKYn-FQs8ngWLLiBV-pdDdtW5tw4n2dW/https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FAXVCXEE6%3Futm_source%3DpharmacyhasstartedaPA%26utm_medium%3Demail%26utm_campaign%3Dprescribers HTTP 302
    https://www.covermymeds.com/request/view/AXVCXEE6?utm_source=pharmacyhasstartedaPA&utm_medium=email&utm_campaign=prescribers HTTP 302
    https://www.covermymeds.com/user/login HTTP 302
    https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FAXVCXEE6 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j83&tid=UA-7780355-10&cid=284418177.1597350320&jid=246114427&gjid=582209986&_gid=1893394731.1597350320&_u=YGBAgEAB~&z=387270774 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-7780355-10&cid=284418177.1597350320&jid=246114427&_v=j83&z=387270774 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-7780355-10&cid=284418177.1597350320&jid=246114427&_v=j83&z=387270774&slf_rd=1&random=2543360383
Request Chain 22
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=34915&url=https%3A%2F%2Faccount.covermymeds.com%2F%3Fdestination_url%3Dhttps%253A%252F%252Fwww.covermymeds.com%252Frequest%252Fview%252FAXVCXEE6&time=1597350319723 HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D34915%26url%3Dhttps%253A%252F%252Faccount.covermymeds.com%252F%253Fdestination_url%253Dhttps%25253A%25252F%25252Fwww.covermymeds.com%25252Frequest%25252Fview%25252FAXVCXEE6%26time%3D1597350319723%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=34915&url=https%3A%2F%2Faccount.covermymeds.com%2F%3Fdestination_url%3Dhttps%253A%252F%252Fwww.covermymeds.com%252Frequest%252Fview%252FAXVCXEE6&time=1597350319723&liSync=true
Request Chain 32
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1295326554&t=event&ni=1&_s=1&dl=https%3A%2F%2Faccount.covermymeds.com%2F%3Fdestination_url%3Dhttps%253A%252F%252Fwww.covermymeds.com%252Frequest%252Fview%252FAXVCXEE6&ul=en-us&de=UTF-8&dt=Log%20In%20%7C%20CoverMyMeds%2C%20The%20Leader%20In%20Electronic%20Prior%20Authorization&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=vertical&el=10%20percent&_u=aGDAAEAB~&jid=1232584943&gjid=743988312&cid=284418177.1597350320&tid=UA-7780355-10&_gid=1893394731.1597350320&_r=1&gtm=2wg871WDWQ49P&cd12=null&cd15=null&z=2092276995 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-7780355-10&cid=284418177.1597350320&jid=1232584943&_gid=1893394731.1597350320&gjid=743988312&_v=j83&z=2092276995 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-7780355-10&cid=284418177.1597350320&jid=1232584943&_v=j83&z=2092276995 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-7780355-10&cid=284418177.1597350320&jid=1232584943&_v=j83&z=2092276995&slf_rd=1&random=3029859087

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
account.covermymeds.com/
Redirect Chain
  • https://secure-web.cisco.com/1gMtiW77JTVLzxK-jo2ZVXLhZJ4Fz7d4QQl3Bd2NjRGiet36Nsw64U-WrsAfRbqusOfljT854RXwtmZDm8u5aTghz1Ot6LD9SxMK6x3cX1SglNBTW1nt3UZum76PGX7RKUHemLGWPPenc32hx9uTPJJM1rjBs8x8MuEe6yz3...
  • https://www.covermymeds.com/request/view/AXVCXEE6?utm_source=pharmacyhasstartedaPA&utm_medium=email&utm_campaign=prescribers
  • https://www.covermymeds.com/user/login
  • https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FAXVCXEE6
17 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FAXVCXEE6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.97.160.55 , United States, ASN396458 (CMM-ATL, US),
Reverse DNS
Software
Apache /
Resource Hash
1e1088985643e44c9ff3943964dbb844f988230f2c06986860dff3ce4194678e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
account.covermymeds.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 13 Aug 2020 20:25:19 GMT
Server
Apache
Cache-Control
max-age=0, private, must-revalidate
Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
strict-origin-when-cross-origin
X-Permitted-Cross-Domain-Policies
none
X-XSS-Protection
1; mode=block
X-Request-Id
5b4cdb78-82ef-4304-998d-28d081c2196e
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Content-Type-Options
nosniff
Set-Cookie
_account_session=RkhheUdHTVBMbXB3RGlpbHFGQS9nQnNSd1hwV3lHTVdGRXpOYmZCQStpUzYwTkQ4S2krMjV3bjJQbEMvSEFXUE5sY0pvWG5iR1VzRmw1MHV3eGNQeDA0Q2NwQlNEcTd2blh5QURxOVQ1NjRCUGh2cy9OUndnSkdIU3d1bXphUW9CMVlnUlJLcXlsMjYzTGk5dDJIbzY4TW0rdTFFOTlqMGVHcGIxM1ZUMWl6L1BFRitQb2d3b3BGeS83Z2NIdUQxY3ZmWlBIUnF6TVhyaUdTdW1ORXozZUgrTjBNcUhKdEJ0ODBtZURVMkRZQ3I2RGxXRGFMbkZGQk1Ob3lXK2h0US0tV0I4VDhWQlpoSGppWm9yVjlTK3gvQT09--e0a653267e183c5214a6051f6123879d6d211b1e; path=/; secure; HttpOnly;HttpOnly;Secure cookiesession1=4D510D7BC4DOY2PCPCMYLBBJLRVNDD68;Path=/;HttpOnly
ETag
W/"1e1088985643e44c9ff3943964dbb844"
Content-Length
7529
Status
200 OK
Vary
Accept-Encoding
X-Cnection
close
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Connection
Keep-Alive

Redirect headers

Date
Thu, 13 Aug 2020 20:25:18 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Location
https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FAXVCXEE6
Content-Length
0
X-Cnection
close
Content-Type
text/html; charset=UTF-8
Strict-Transport-Security
max-age=31536000
application-ca554caab5e60ee149dbb70c1e7c62f3.css
account.covermymeds.com/packs/ 		249 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://account.covermymeds.com/packs/application-ca554caab5e60ee149dbb70c1e7c62f3.css
Requested by
Host: account.covermymeds.com
URL: https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FAXVCXEE6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.97.160.55 , United States, ASN396458 (CMM-ATL, US),
Reverse DNS
Software
Apache /
Resource Hash
c85308c87728122f024dc8bb97b75cc5aaaa8a3943162162c17c042d5c864164
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FAXVCXEE6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 13 Aug 2020 20:25:19 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 06 Aug 2020 22:12:10 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Connection
Keep-Alive
Content-Type
text/css
X-Cnection
close
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
45474
nunito_sans.css
www.covermymeds.com/styles_r2/fonts/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.covermymeds.com/styles_r2/fonts/nunito_sans.css
Requested by
Host: account.covermymeds.com
URL: https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FAXVCXEE6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.97.160.55 , United States, ASN396458 (CMM-ATL, US),
Reverse DNS
Software
Apache /
Resource Hash
d029481a0ca774bbe6a6290b02616327bf1c22711a3e26e050031b8494f051d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 13 Aug 2020 20:25:19 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-Cnection
close
Connection
Keep-Alive
Content-Length
600
Last-Modified
Tue, 27 Nov 2018 13:29:25 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000
Access-Control-Allow-Methods
GET
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Expires
Fri, 13 Aug 2021 20:25:19 GMT
application-fb895427df575d8c85ee42c5ae6185f87fb2ee596f847173992f82df29d54895.js
account.covermymeds.com/assets/ 		141 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://account.covermymeds.com/assets/application-fb895427df575d8c85ee42c5ae6185f87fb2ee596f847173992f82df29d54895.js
Requested by
Host: account.covermymeds.com
URL: https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FAXVCXEE6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.97.160.55 , United States, ASN396458 (CMM-ATL, US),
Reverse DNS
Software
Apache /
Resource Hash
fb895427df575d8c85ee42c5ae6185f87fb2ee596f847173992f82df29d54895
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FAXVCXEE6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 13 Aug 2020 20:25:19 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Cnection
close
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
62426
Last-Modified
Thu, 18 Jun 2020 15:01:04 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Expires
Fri, 13 Aug 2021 20:25:19 GMT
sessions-4ea937141d5315397b9fda9eb3b6b2e5c51bf9a20b4f51a71203a4ac8e6ec0ff.js
account.covermymeds.com/assets/ 		593 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://account.covermymeds.com/assets/sessions-4ea937141d5315397b9fda9eb3b6b2e5c51bf9a20b4f51a71203a4ac8e6ec0ff.js
Requested by
Host: account.covermymeds.com
URL: https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FAXVCXEE6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.97.160.55 , United States, ASN396458 (CMM-ATL, US),
Reverse DNS
Software
Apache /
Resource Hash
4ea937141d5315397b9fda9eb3b6b2e5c51bf9a20b4f51a71203a4ac8e6ec0ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FAXVCXEE6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 13 Aug 2020 20:25:19 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 28 Jan 2020 22:22:09 GMT
Server
Apache
Cache-Control
max-age=31536000
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-Cnection
close
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
593
Expires
Fri, 13 Aug 2021 20:25:19 GMT
cmm_header_logo-f891e2ac0fa3c5131f5bed8ad7a69f587f8f49a41ec59514ec76d73b5802cf1d.png
account.covermymeds.com/assets/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://account.covermymeds.com/assets/cmm_header_logo-f891e2ac0fa3c5131f5bed8ad7a69f587f8f49a41ec59514ec76d73b5802cf1d.png
Requested by
Host: account.covermymeds.com
URL: https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FAXVCXEE6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.97.160.55 , United States, ASN396458 (CMM-ATL, US),
Reverse DNS
Software
Apache /
Resource Hash
f891e2ac0fa3c5131f5bed8ad7a69f587f8f49a41ec59514ec76d73b5802cf1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FAXVCXEE6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 13 Aug 2020 20:25:19 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 28 Jan 2020 22:22:09 GMT
Server
Apache
Cache-Control
max-age=31536000
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-Cnection
close
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Content-Length
17285
Expires
Fri, 13 Aug 2021 20:25:19 GMT
application-4e6fe9f92923a08c05a1.js
account.covermymeds.com/packs/ 		320 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://account.covermymeds.com/packs/application-4e6fe9f92923a08c05a1.js
Requested by
Host: account.covermymeds.com
URL: https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FAXVCXEE6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.97.160.55 , United States, ASN396458 (CMM-ATL, US),
Reverse DNS
Software
Apache /
Resource Hash
1cb601bbc622cf386c6e9fb613f8ca6aac9be9cbbcbe02abfd334d26d555b624
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FAXVCXEE6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 13 Aug 2020 20:25:19 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 06 Aug 2020 22:12:09 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Connection
Keep-Alive
Content-Type
application/javascript
X-Cnection
close
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
89000
bundle-customer.js
chat.covermymeds.com/javascripts/ 		177 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chat.covermymeds.com/javascripts/bundle-customer.js
Requested by
Host: account.covermymeds.com
URL: https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FAXVCXEE6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.97.160.33 , United States, ASN396458 (CMM-ATL, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
9458cd8a47ba42ebc0641fe9e50278ab1649b8e593f58a52b9fadfa854f1f657
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 13 Aug 2020 20:25:20 GMT
Via
1.1 chat.covermymeds.com
X-Content-Type-Options
nosniff
Server
nginx/1.16.1
X-Frame-Options
SAMEORIGIN
Connection
close
Content-Type
application/javascript
Cache-Control
max-age=5184000, public
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Content-Encoding
gzip
Vary
Accept-Encoding
content-length
61226
Expires
Mon, 12 Oct 2020 20:25:20 GMT
gtm.js
www.googletagmanager.com/ 		209 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WDWQ49P
Requested by
Host: account.covermymeds.com
URL: https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FAXVCXEE6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
41d5e5cb0c042909ed566490a7a284b7a981b74f65f7888da204ef13bf26f885
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 13 Aug 2020 20:25:19 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56348
x-xss-protection
0
last-modified
Thu, 13 Aug 2020 18:59:02 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 13 Aug 2020 20:25:19 GMT
hero-quarter-orange-e883210dd4516c14d0c65aa998de99eb.jpg
account.covermymeds.com/packs/images/ 		126 KB
126 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://account.covermymeds.com/packs/images/hero-quarter-orange-e883210dd4516c14d0c65aa998de99eb.jpg
Requested by
Host: account.covermymeds.com
URL: https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FAXVCXEE6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.97.160.55 , United States, ASN396458 (CMM-ATL, US),
Reverse DNS
Software
Apache /
Resource Hash
61e3d312607c01f114ae98393cee089d6884253bbd41936cc8d09f65cb952f49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://account.covermymeds.com/packs/application-ca554caab5e60ee149dbb70c1e7c62f3.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 13 Aug 2020 20:25:19 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 06 Aug 2020 22:12:09 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
X-Cnection
close
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Content-Length
129147
pe0qMImSLYBIv1o4X1M8cce9I9tAcVwo.woff2
www.covermymeds.com/fonts/nunitosans/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.covermymeds.com/fonts/nunitosans/pe0qMImSLYBIv1o4X1M8cce9I9tAcVwo.woff2
Requested by
Host: account.covermymeds.com
URL: https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FAXVCXEE6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.97.160.55 , United States, ASN396458 (CMM-ATL, US),
Reverse DNS
Software
Apache /
Resource Hash
09c3f39acdd3ecdaf2d3a17efb700d07fe2691b5524c2aea19c10c9deb662dd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.covermymeds.com/styles_r2/fonts/nunito_sans.css
Origin
https://account.covermymeds.com

Response headers

Date
Thu, 13 Aug 2020 20:25:19 GMT
Content-Encoding
gzip
Last-Modified
Tue, 27 Nov 2018 13:29:25 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Connection
Keep-Alive
Access-Control-Allow-Origin
*
X-Cnection
close
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Content-Length
11256
pe03MImSLYBIv1o4X1M8cc8GBs5tU1ECVZl_.woff2
www.covermymeds.com/fonts/nunitosans/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.covermymeds.com/fonts/nunitosans/pe03MImSLYBIv1o4X1M8cc8GBs5tU1ECVZl_.woff2
Requested by
Host: account.covermymeds.com
URL: https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FAXVCXEE6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.97.160.55 , United States, ASN396458 (CMM-ATL, US),
Reverse DNS
Software
Apache /
Resource Hash
98bf460214a592d28141740a065d561a43fd31c00bcc84c4c7da2c84741de619
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.covermymeds.com/styles_r2/fonts/nunito_sans.css
Origin
https://account.covermymeds.com

Response headers

Date
Thu, 13 Aug 2020 20:25:19 GMT
Content-Encoding
gzip
Last-Modified
Tue, 27 Nov 2018 13:29:25 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Connection
Keep-Alive
Access-Control-Allow-Origin
*
X-Cnection
close
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Content-Length
11380
2bffef_0_0-a929a8f3dbb466ecf4211ae2b8c5ccc4.woff
account.covermymeds.com/packs/fonts/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://account.covermymeds.com/packs/fonts/2bffef_0_0-a929a8f3dbb466ecf4211ae2b8c5ccc4.woff
Requested by
Host: account.covermymeds.com
URL: https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FAXVCXEE6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.97.160.55 , United States, ASN396458 (CMM-ATL, US),
Reverse DNS
Software
Apache /
Resource Hash
1243303b5bbae5225a6204024bfb1648bb1f809f0ef4a0ce55f5bd64b41c2352
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://account.covermymeds.com/packs/application-ca554caab5e60ee149dbb70c1e7c62f3.css
Origin
https://account.covermymeds.com

Response headers

Date
Thu, 13 Aug 2020 20:25:19 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 06 Aug 2020 22:12:09 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff
X-Cnection
close
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Content-Length
30469
pe03MImSLYBIv1o4X1M8cc8WAc5tU1ECVZl_.woff2
www.covermymeds.com/fonts/nunitosans/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.covermymeds.com/fonts/nunitosans/pe03MImSLYBIv1o4X1M8cc8WAc5tU1ECVZl_.woff2
Requested by
Host: account.covermymeds.com
URL: https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FAXVCXEE6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.97.160.55 , United States, ASN396458 (CMM-ATL, US),
Reverse DNS
Software
Apache /
Resource Hash
ea8d599e63bb7e05af49012adc8e7be9f807f8376b3a6141165fbb4431b92dd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.covermymeds.com/styles_r2/fonts/nunito_sans.css
Origin
https://account.covermymeds.com

Response headers

Date
Thu, 13 Aug 2020 20:25:19 GMT
Content-Encoding
gzip
Last-Modified
Tue, 27 Nov 2018 13:29:25 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Connection
Keep-Alive
Access-Control-Allow-Origin
*
X-Cnection
close
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Content-Length
11212
pendo.js
cdn.pendo.io/agent/static/89b77497-23cf-4058-6d78-e33d78245f50/ 		365 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pendo.io/agent/static/89b77497-23cf-4058-6d78-e33d78245f50/pendo.js
Requested by
Host: account.covermymeds.com
URL: https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FAXVCXEE6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.155.115 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-115.dus51.r.cloudfront.net
Software
UploadServer /
Resource Hash
2d40823764b163eac64bd9e7fd12c3a0e4f0ce28e605f5ddf6cabedff19db3e6

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 13 Aug 2020 20:23:12 GMT
Content-Encoding
gzip
Content-Type
application/javascript
Age
320
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Alt-Svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin
*
Last-Modified
Mon, 10 Aug 2020 18:08:16 GMT
Server
UploadServer
ETag
"517a31357dbc5a07b0cb069283344bee"
Vary
Accept-Encoding
x-goog-hash
crc32c=gD8gpA==, md5=UXoxNX28WgewywaSgzRL7g==
x-goog-generation
1597082896142985
Via
1.1 8033f9c6b87a03b2eca7c2db5157e10e.cloudfront.net (CloudFront)
Access-Control-Expose-Headers
*
Cache-Control
max-age=450
x-goog-stored-content-length
114999
X-Amz-Cf-Pop
DUS51-C1
Accept-Ranges
bytes
X-GUploader-UploadID
AAANsUkzdqQlr6ivouBQet3ko8ngTl6w3LerTmEWwLoohqhMwkLlOEQsNnBbDePf-3z2DgE_48bLmq7J8Y6HSC9GbPWzIOklyg
X-Amz-Cf-Id
-88W2D8q6Ep1uWg7JmFmXFI0ZMLNTFkeNVzvNcgGWwEr1xrOT0418A==
Expires
Thu, 13 Aug 2020 20:27:29 GMT
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDWQ49P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
6698
date
Thu, 13 Aug 2020 18:33:41 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Thu, 13 Aug 2020 20:33:41 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDWQ49P
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:382::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 13 Aug 2020 20:25:19 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Oct 2019 16:41:31 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=18321
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1576
conversion_async.js
www.googleadservices.com/pagead/ 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDWQ49P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
92f410985c0233c9abcba33b98f05b3e24d5ea3e80f5083466d545e94d49ec43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 13 Aug 2020 20:25:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
11332
x-xss-protection
0
server
cafe
etag
5272426352805486351
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 13 Aug 2020 20:25:19 GMT
bat.js
bat.bing.com/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDWQ49P
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5c622f5433cbb6ea1df5c0dd8671e55ef7d1464366074730473c453de50a579b

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 13 Aug 2020 20:25:19 GMT
content-encoding
gzip
last-modified
Thu, 16 Jul 2020 20:00:00 GMT
x-msedge-ref
Ref A: 22881B2739BD49818C9D0E0FAB381943 Ref B: FRAEDGE1420 Ref C: 2020-08-13T20:25:19Z
status
200
etag
"0e0bdafab5bd61:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
8022
fbevents.js
connect.facebook.net/en_US/ 		134 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: account.covermymeds.com
URL: https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FAXVCXEE6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
893df2b9ceb653f94333139d561d363bf4c365e651a0a3ade839d96200942e37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
34269
x-xss-protection
0
pragma
public
x-fb-debug
pekzUL48OzXtc1fX42xRaixLpr1tjWmlru+WuEW36+4sxwe8OAFsJ3UiiZkh+Jmvj7ffrncAot6/YmvOeBtWpA==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Thu, 13 Aug 2020 20:25:19 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
up_loader.1.1.0.js
js.adsrvr.org/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDWQ49P
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.146.155 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-146-155.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0615974c40d602afdbf9759533e352bc17b0458c85aad6694b1a1ad20659625b

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 13 Aug 2020 13:51:16 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 Jan 2020 19:16:48 GMT
Server
AmazonS3
Age
23644
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
DUS51-C1
X-Amz-Cf-Id
idJi0EB6myubqfJmDfe4LnZ37Poz-mogJtDUCnjzP7R0z_d6K3woHg==
collect
www.google-analytics.com/ 		35 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j83&a=1295326554&t=pageview&_s=1&dl=https%3A%2F%2Faccount.covermymeds.com%2F%3Fdestination_url%3Dhttps%253A%252F%252Fwww.covermymeds.com%252Frequest%252Fview%252FAXVCXEE6&ul=en-us&de=UTF-8&dt=Log%20In%20%7C%20CoverMyMeds%2C%20The%20Leader%20In%20Electronic%20Prior%20Authorization&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=246114427&gjid=582209986&cid=284418177.1597350320&tid=UA-7780355-10&_gid=1893394731.1597350320&gtm=2wg871WDWQ49P&cd12=null&cd15=null&z=1811063562
Requested by
Host: account.covermymeds.com
URL: https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FAXVCXEE6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Aug 2020 08:40:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
560711
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j83&tid=UA-7780355-10&cid=284418177.1597350320&jid=246114427&gjid=582209986&_gid=1893394731.1597350320&_u=YGBAgEAB~&z=387270774
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-7780355-10&cid=284418177.1597350320&jid=246114427&_v=j83&z=387270774
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-7780355-10&cid=284418177.1597350320&jid=246114427&_v=j83&z=387270774&slf_rd=1&random=2543360383
42 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-7780355-10&cid=284418177.1597350320&jid=246114427&_v=j83&z=387270774&slf_rd=1&random=2543360383
Requested by
Host: account.covermymeds.com
URL: https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FAXVCXEE6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Aug 2020 20:25:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 13 Aug 2020 20:25:19 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-7780355-10&cid=284418177.1597350320&jid=246114427&_v=j83&z=387270774&slf_rd=1&random=2543360383
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=34915&url=https%3A%2F%2Faccount.covermymeds.com%2F%3Fdestination_url%3Dhttps%253A%252F%252Fwww.covermymeds.com%252Frequest%252Fview%252FAXVCXEE6&t...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D34915%26url%3Dhttps%253A%252F%252Faccount.covermymeds.com%252F%253Fdestination_ur...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=34915&url=https%3A%2F%2Faccount.covermymeds.com%2F%3Fdestination_url%3Dhttps%253A%252F%252Fwww.covermymeds.com%252Frequest%252Fview%252FAXVCXEE6&t...
0
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=34915&url=https%3A%2F%2Faccount.covermymeds.com%2F%3Fdestination_url%3Dhttps%253A%252F%252Fwww.covermymeds.com%252Frequest%252Fview%252FAXVCXEE6&time=1597350319723&liSync=true
Requested by
Host: account.covermymeds.com
URL: https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FAXVCXEE6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 13 Aug 2020 20:25:20 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lva1
status
200
x-li-proto
http/2
x-li-pop
prod-efr5
content-type
application/javascript
content-length
0
x-li-uuid
gd42I6ftKhagCez0cCsAAA==

Redirect headers

content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-content-type-options
nosniff
linkedin-action
1
status
302
content-length
0
x-li-uuid
Asv+HqftKhYAFuePGisAAA==
pragma
no-cache
x-li-pop
afd-prod-edc2
x-msedge-ref
Ref A: 505E42C1D50C45E59C2C4937B499F4FB Ref B: FRAEDGE1315 Ref C: 2020-08-13T20:25:19Z
x-frame-options
sameorigin
date
Thu, 13 Aug 2020 20:25:19 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security
max-age=2592000
x-li-fabric
prod-lva1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=34915&url=https%3A%2F%2Faccount.covermymeds.com%2F%3Fdestination_url%3Dhttps%253A%252F%252Fwww.covermymeds.com%252Frequest%252Fview%252FAXVCXEE6&time=1597350319723&liSync=true
x-xss-protection
1; mode=block
cache-control
no-cache, no-store
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
282700338735046
connect.facebook.net/signals/config/ 		151 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/282700338735046?v=2.9.23&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d3014ceea5476b1600f35f37af6f05cb011cef49b9a2776345edae24bb57bcf8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
38310
x-xss-protection
0
pragma
private
x-fb-debug
pv7/VT06FWawnV8JFwt2YVljV8pXWt7dXpXKhXZvw40jG0APohGu2+jWKZ2FtCJeyiIYVsZOzk8Kilwc4nmy+A==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Thu, 13 Aug 2020 20:25:19 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
private
expires
Sat, 01 Jan 2000 00:00:00 GMT
0
bat.bing.com/action/ 		0
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=26055177&Ver=2&mid=f580a84a-c6a4-a086-ff7a-244b0ae1a73d&sid=82c1401a42be59c3b4510e4320eb71bf&vid=c0e307a3fbf1a19a85ea6a663dd848a2&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Log%20In%20%7C%20CoverMyMeds,%20The%20Leader%20In%20Electronic%20Prior%20Authorization&p=https%3A%2F%2Faccount.covermymeds.com%2F%3Fdestination_url%3Dhttps%253A%252F%252Fwww.covermymeds.com%252Frequest%252Fview%252FAXVCXEE6&r=&evt=pageLoad&msclkid=N&sv=1&rn=731447
Requested by
Host: account.covermymeds.com
URL: https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FAXVCXEE6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
204
pragma
no-cache
date
Thu, 13 Aug 2020 20:25:19 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: BAE84F9FA897479A94C1C6697E45CFD9 Ref B: FRAEDGE1420 Ref C: 2020-08-13T20:25:19Z
access-control-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/856736550/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/856736550/?random=1597350319752&cv=9&fst=1597350319752&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg871&sendb=1&ig=1&frm=0&url=https%3A%2F%2Faccount.covermymeds.com%2F%3Fdestination_url%3Dhttps%253A%252F%252Fwww.covermymeds.com%252Frequest%252Fview%252FAXVCXEE6&tiba=Log%20In%20%7C%20CoverMyMeds%2C%20The%20Leader%20In%20Electronic%20Prior%20Authorization&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9d7ea4d073f28fa36c979433028199fa50ad851edd2cdfaba90f791d1bad04f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Aug 2020 20:25:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1091
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=282700338735046&ev=PageView&dl=https%3A%2F%2Faccount.covermymeds.com%2F%3Fdestination_url%3Dhttps%253A%252F%252Fwww.covermymeds.com%252Frequest%252Fview%252FAXVCXEE6&rl=&if=false&ts=1597350319779&sw=1600&sh=1200&v=2.9.23&r=stable&ec=0&o=28&fbp=fb.1.1597350319778.1143179366&it=1597350319735&coo=false&rqm=GET
Requested by
Host: account.covermymeds.com
URL: https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FAXVCXEE6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 13 Aug 2020 20:25:19 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 13 Aug 2020 20:25:19 GMT
/
www.google.com/pagead/1p-user-list/856736550/ 		42 B
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/856736550/?random=1597350319752&cv=9&fst=1597348800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg871&sendb=1&frm=0&url=https%3A%2F%2Faccount.covermymeds.com%2F%3Fdestination_url%3Dhttps%253A%252F%252Fwww.covermymeds.com%252Frequest%252Fview%252FAXVCXEE6&tiba=Log%20In%20%7C%20CoverMyMeds%2C%20The%20Leader%20In%20Electronic%20Prior%20Authorization&async=1&fmt=3&is_vtc=1&random=72097983&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: account.covermymeds.com
URL: https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FAXVCXEE6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Aug 2020 20:25:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/856736550/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/856736550/?random=1597350319752&cv=9&fst=1597348800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg871&sendb=1&frm=0&url=https%3A%2F%2Faccount.covermymeds.com%2F%3Fdestination_url%3Dhttps%253A%252F%252Fwww.covermymeds.com%252Frequest%252Fview%252FAXVCXEE6&tiba=Log%20In%20%7C%20CoverMyMeds%2C%20The%20Leader%20In%20Electronic%20Prior%20Authorization&async=1&fmt=3&is_vtc=1&random=72097983&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: account.covermymeds.com
URL: https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FAXVCXEE6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Aug 2020 20:25:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
nr-1173.min.js
js-agent.newrelic.com/ 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1173.min.js
Requested by
Host: account.covermymeds.com
URL: https://account.covermymeds.com/?destination_url=https%3A%2F%2Fwww.covermymeds.com%2Frequest%2Fview%2FAXVCXEE6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9666c4b4ff8494ef844a31d46f0e436e10c5914a28dcf78e43f880c7dfcd7c36

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 13 Aug 2020 20:25:20 GMT
content-encoding
gzip
x-amz-request-id
10D15C54AD147787
x-cache
HIT
status
200
content-length
10274
x-amz-id-2
jFTXkE2RbyFmwuo+b69aaJDIQN5OepQFMbt5rICr+VYU94b9advuVgvy7pB0Byx+hC840cpOdw0=
x-served-by
cache-fra19172-FRA
last-modified
Fri, 10 Jul 2020 18:42:03 GMT
server
AmazonS3
x-timer
S1597350320.419755,VS0,VE0
etag
"b92d3dbf75d13116d7a4d0e6e3e30a00"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
17772
up
insight.adsrvr.org/track/ Frame 7AE3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=yi9xlz1&ref=https%3A%2F%2Faccount.covermymeds.com%2F%3Fdestination_url%3Dhttps%253A%252F%252Fwww.covermymeds.com%252Frequest%252Fview%252FAXVCXEE6&upid=c7xdx7r&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.228.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-228-121.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

:method
GET
:authority
insight.adsrvr.org
:scheme
https
:path
/track/up?adv=yi9xlz1&ref=https%3A%2F%2Faccount.covermymeds.com%2F%3Fdestination_url%3Dhttps%253A%252F%252Fwww.covermymeds.com%252Frequest%252Fview%252FAXVCXEE6&upid=c7xdx7r&upv=1.1.0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://account.covermymeds.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://account.covermymeds.com/

Response headers

status
200
date
Thu, 13 Aug 2020 20:25:20 GMT
content-type
text/html
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
revision
chat.covermymeds.com/api_v2/customer/ 		101 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chat.covermymeds.com/api_v2/customer/revision?callback=jQuery33105581948506559196_1597350320391&_=1597350320392
Requested by
Host: chat.covermymeds.com
URL: https://chat.covermymeds.com/javascripts/bundle-customer.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.97.160.33 , United States, ASN396458 (CMM-ATL, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
dc3d8c1de66f65256e17b4b66f4de2f931fe79b59971f0780812d34a6ce09e1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 13 Aug 2020 20:25:20 GMT
Via
1.1 chat.covermymeds.com
X-Content-Type-Options
nosniff, nosniff
X-Permitted-Cross-Domain-Policies
none
P3P
CP="CoverMyMeds does not support p3p."
Connection
close
Content-Length
101
X-XSS-Protection
1; mode=block
X-Request-Id
cd746e49-c163-4a4e-b12a-5102d793ac1d
X-Runtime
0.010156
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx/1.16.1
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
ETag
W/"dc3d8c1de66f65256e17b4b66f4de2f9"
X-Download-Options
noopen
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0, private, must-revalidate
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1295326554&t=event&ni=1&_s=1&dl=https%3A%2F%2Faccount.covermymeds.com%2F%3Fdestination_url%3Dhttps%253A%252F%252Fwww.covermymeds.com%252Frequ...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-7780355-10&cid=284418177.1597350320&jid=1232584943&_gid=1893394731.1597350320&gjid=743988312&_v=j83&z=2092276995
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-7780355-10&cid=284418177.1597350320&jid=1232584943&_v=j83&z=2092276995
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-7780355-10&cid=284418177.1597350320&jid=1232584943&_v=j83&z=2092276995&slf_rd=1&random=3029859087
42 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-7780355-10&cid=284418177.1597350320&jid=1232584943&_v=j83&z=2092276995&slf_rd=1&random=3029859087
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Aug 2020 20:25:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 13 Aug 2020 20:25:20 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-7780355-10&cid=284418177.1597350320&jid=1232584943&_v=j83&z=2092276995&slf_rd=1&random=3029859087
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j83&a=1295326554&t=event&ni=1&_s=1&dl=https%3A%2F%2Faccount.covermymeds.com%2F%3Fdestination_url%3Dhttps%253A%252F%252Fwww.covermymeds.com%252Frequest%252Fview%252FAXVCXEE6&ul=en-us&de=UTF-8&dt=Log%20In%20%7C%20CoverMyMeds%2C%20The%20Leader%20In%20Electronic%20Prior%20Authorization&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=vertical&el=25%20percent&_u=aGDAAEAB~&jid=&gjid=&cid=284418177.1597350320&tid=UA-7780355-10&_gid=1893394731.1597350320&gtm=2wg871WDWQ49P&cd12=null&cd15=null&z=903664019
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Aug 2020 08:40:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
560712
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j83&a=1295326554&t=event&ni=1&_s=1&dl=https%3A%2F%2Faccount.covermymeds.com%2F%3Fdestination_url%3Dhttps%253A%252F%252Fwww.covermymeds.com%252Frequest%252Fview%252FAXVCXEE6&ul=en-us&de=UTF-8&dt=Log%20In%20%7C%20CoverMyMeds%2C%20The%20Leader%20In%20Electronic%20Prior%20Authorization&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=vertical&el=50%20percent&_u=aGDAAEAB~&jid=&gjid=&cid=284418177.1597350320&tid=UA-7780355-10&_gid=1893394731.1597350320&gtm=2wg871WDWQ49P&cd12=null&cd15=null&z=1935435109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Aug 2020 08:40:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
560712
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j83&a=1295326554&t=event&ni=1&_s=1&dl=https%3A%2F%2Faccount.covermymeds.com%2F%3Fdestination_url%3Dhttps%253A%252F%252Fwww.covermymeds.com%252Frequest%252Fview%252FAXVCXEE6&ul=en-us&de=UTF-8&dt=Log%20In%20%7C%20CoverMyMeds%2C%20The%20Leader%20In%20Electronic%20Prior%20Authorization&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=vertical&el=75%20percent&_u=aGDAAEAB~&jid=&gjid=&cid=284418177.1597350320&tid=UA-7780355-10&_gid=1893394731.1597350320&gtm=2wg871WDWQ49P&cd12=null&cd15=null&z=515569241
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Aug 2020 08:40:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
560712
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j83&a=1295326554&t=event&ni=1&_s=1&dl=https%3A%2F%2Faccount.covermymeds.com%2F%3Fdestination_url%3Dhttps%253A%252F%252Fwww.covermymeds.com%252Frequest%252Fview%252FAXVCXEE6&ul=en-us&de=UTF-8&dt=Log%20In%20%7C%20CoverMyMeds%2C%20The%20Leader%20In%20Electronic%20Prior%20Authorization&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=vertical&el=90%20percent&_u=aGDAAEAB~&jid=&gjid=&cid=284418177.1597350320&tid=UA-7780355-10&_gid=1893394731.1597350320&gtm=2wg871WDWQ49P&cd12=null&cd15=null&z=311751328
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Aug 2020 08:40:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
560712
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j83&a=1295326554&t=event&ni=1&_s=1&dl=https%3A%2F%2Faccount.covermymeds.com%2F%3Fdestination_url%3Dhttps%253A%252F%252Fwww.covermymeds.com%252Frequest%252Fview%252FAXVCXEE6&ul=en-us&de=UTF-8&dt=Log%20In%20%7C%20CoverMyMeds%2C%20The%20Leader%20In%20Electronic%20Prior%20Authorization&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=vertical&el=100%20percent&_u=aGDAAEAB~&jid=&gjid=&cid=284418177.1597350320&tid=UA-7780355-10&_gid=1893394731.1597350320&gtm=2wg871WDWQ49P&cd12=null&cd15=null&z=608289414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Aug 2020 08:40:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
560712
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
89b77497-23cf-4058-6d78-e33d78245f50
data.pendo.io/data/ptm.gif/ 		42 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.pendo.io/data/ptm.gif/89b77497-23cf-4058-6d78-e33d78245f50?v=2.61.3_prod&ct=1597350320456&jzb=eJy9UE1v6jAQ_C8-I-I4zQfc-kFLqwKVoCJtVVkGu9QSjo3tpALEf2fdBzlyeVJvu7Mzu7PzsUd-awTqIyU8Qx20sPrHCUu9VIDGaS9PUpwQfBUXHdRIJ722VHIQ0JfB-G5CZ3TERvP5W03MewkL2HKp68r_45wagGu7hv7be-P6UXTCu0vdCKu2SnAHtYqAaKw2DvX352OhvHRvzapVzVbhBVHR1yk6tB5a6bmHkWFWVP66JQDEmQ_qOIlwERFMMGwFW07qCmDSzeJuQsEWD3rPFo9h5X0z2zykK7nJy2xU3gxB82WZEr_D8fNgV8ppsxveZnySPYVct17AW0naO3TazNea8UuZE_zHmQdDZxt5Ufz_v4Tkh88j2q3EXA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 13 Aug 2020 20:25:20 GMT
via
1.1 google
x-content-type-options
nosniff
status
200
access-control-max-age
600
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
false
access-control-allow-headers
Origin,Accept,Content-Type,Authorization
content-length
42
89b77497-23cf-4058-6d78-e33d78245f50
data.pendo.io/data/guide.js/ 		1003 B
984 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.pendo.io/data/guide.js/89b77497-23cf-4058-6d78-e33d78245f50?jzb=eJx9jk1LxDAQhv_LnKVpUxDpbUEPHqoL7tLVSxiaUAPNB_koiPS_dyrdHL298-SZvPMLi446ufAqoQNxfnl7fhcX0WM_DJ-Z-68bPACOo8s2_SlHJprDTPN3Sj52jB28Gt2igvkxSkbKhpFoVEKJCaErbXvU_zTOaKeMkyJDWXH9gLVcUVbvMz15DMqmUxEIUeG-3bSsfmK85jX9SpdF7SxhXj02VSt8cBLWdQPGv1V0&v=2.61.3_prod&ct=1597350320461
Requested by
Host: cdn.pendo.io
URL: https://cdn.pendo.io/agent/static/89b77497-23cf-4058-6d78-e33d78245f50/pendo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
4211bb03636d528b120e898653ec4e6b1eeca6354c111064b33dc28f3278349e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 13 Aug 2020 20:25:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
600
access-control-allow-credentials
false
access-control-allow-headers
Origin,Accept,Content-Type,Authorization
via
1.1 google
347fee45ab
bam.nr-data.net/1/ 		57 B
275 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/347fee45ab?a=17345133&v=1173.01dd3ba&to=dV4PQUFbWg4HR0wRAEVCCFpdRxkMB0I%3D&rst=3145&ck=1&ref=https://account.covermymeds.com/&ap=11&be=1801&fe=3017&dc=3008&perf=%7B%22timing%22:%7B%22of%22:1597350317386,%22n%22:0,%22f%22:1229,%22dn%22:1230,%22dne%22:1454,%22c%22:1454,%22s%22:1465,%22ce%22:1665,%22rq%22:1665,%22rp%22:1794,%22rpe%22:1794,%22dl%22:1797,%22di%22:3007,%22ds%22:3007,%22de%22:3016,%22dc%22:3017,%22l%22:3017,%22le%22:3019%7D,%22navigation%22:%7B%7D%7D&fp=2293&fcp=2293&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1173.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.19 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-7.nr-data.net
Software
/
Resource Hash
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
57
Content-Type
text/javascript;charset=ISO-8859-1
bundle-customer-widget.js
chat.covermymeds.com/javascripts/ 		1 MB
572 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chat.covermymeds.com/javascripts/bundle-customer-widget.js?v=1f63e1a548f88ee9dd6291844fc2a00b892d40e5&_=1597350320393
Requested by
Host: chat.covermymeds.com
URL: https://chat.covermymeds.com/javascripts/bundle-customer.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.97.160.33 , United States, ASN396458 (CMM-ATL, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
0644287df7fea41ad83fe9199c853eb978fa20e890c479df6f5070b96e702496
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 13 Aug 2020 20:25:21 GMT
Via
1.1 chat.covermymeds.com
X-Content-Type-Options
nosniff
Server
nginx/1.16.1
X-Frame-Options
SAMEORIGIN
Connection
close
Content-Type
application/javascript
Cache-Control
max-age=5184000, public
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Content-Encoding
gzip
Vary
Accept-Encoding
Expires
Mon, 12 Oct 2020 20:25:21 GMT
status
chat.covermymeds.com/api_v2/customer/ 		93 B
918 B 		Script
General
Check archive.org
Download Go to
Full URL
https://chat.covermymeds.com/api_v2/customer/status?callback=jQuery33103378737998528021_1597350322503&_=1597350322504
Requested by
Host: chat.covermymeds.com
URL: https://chat.covermymeds.com/javascripts/bundle-customer-widget.js?v=1f63e1a548f88ee9dd6291844fc2a00b892d40e5&_=1597350320393
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.97.160.33 , United States, ASN396458 (CMM-ATL, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
034d60024e3163b0fe475c4cbb6d3f2c532a27937f2de0cba363f30682a661fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 13 Aug 2020 20:25:22 GMT
Via
1.1 chat.covermymeds.com
X-Content-Type-Options
nosniff, nosniff
X-Permitted-Cross-Domain-Policies
none
P3P
CP="CoverMyMeds does not support p3p."
Connection
close
Content-Length
93
X-XSS-Protection
1; mode=block
X-Request-Id
0576a018-f08a-47e7-a637-56d73488f71b
X-Runtime
0.005380
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx/1.16.1
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
ETag
W/"034d60024e3163b0fe475c4cbb6d3f2c"
X-Download-Options
noopen
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0, private, must-revalidate
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
06e1b92ee9b3198194c7541e9c434e9df864039a1e75e15f5d706140f15c7c76

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/gif
347fee45ab
bam.nr-data.net/events/1/ 		24 B
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/347fee45ab?a=17345133&v=1173.01dd3ba&to=dV4PQUFbWg4HR0wRAEVCCFpdRxkMB0I%3D&rst=13144&ck=1&ref=https://account.covermymeds.com/
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1173.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.19 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-7.nr-data.net
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://account.covermymeds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://account.covermymeds.com
Access-Control-Allow-Credentials
true
Content-Length
24
Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| NREUM object| newrelic function| __nr_require object| dataLayer function| ValidatedField function| ValidatedPasswordField function| debounce function| $ function| jQuery object| jQuery112405524382823370633 object| pendo object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga string| _linkedin_data_partner_id object| uetq function| fbq function| _fbq object| gaplugins object| gaGlobal object| gaData function| lintrk boolean| _already_called_lintrk function| UET function| GetCustomEvent function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| ttd_dom_ready function| TTDUniversalPixelApi object| core object| __core-js_shared__ function| setImmediate function| clearImmediate object| regeneratorRuntime object| mdc object| Chat object| global object| System function| asap function| Observable boolean| _babelPolyfill object| ChatWidget object| JSON3

10 Cookies

Domain/Path Name / Value
.covermymeds.com/ Name: _uetvid
Value: c0e307a3fbf1a19a85ea6a663dd848a2
.covermymeds.com/ Name: _dc_gtm_UA-7780355-10
Value: 1
.covermymeds.com/ Name: _fbp
Value: fb.1.1597350319778.1143179366
.covermymeds.com/ Name: _gid
Value: GA1.2.1893394731.1597350320
.covermymeds.com/ Name: _gat_UA-7780355-10
Value: 1
.covermymeds.com/ Name: _ga
Value: GA1.2.284418177.1597350320
.covermymeds.com/ Name: _gcl_au
Value: 1.1.1742438907.1597350320
.covermymeds.com/ Name: _uetsid
Value: 82c1401a42be59c3b4510e4320eb71bf
account.covermymeds.com/ Name: cookiesession1
Value: 4D510D7BC4DOY2PCPCMYLBBJLRVNDD68
account.covermymeds.com/ Name: _account_session
Value: RkhheUdHTVBMbXB3RGlpbHFGQS9nQnNSd1hwV3lHTVdGRXpOYmZCQStpUzYwTkQ4S2krMjV3bjJQbEMvSEFXUE5sY0pvWG5iR1VzRmw1MHV3eGNQeDA0Q2NwQlNEcTd2blh5QURxOVQ1NjRCUGh2cy9OUndnSkdIU3d1bXphUW9CMVlnUlJLcXlsMjYzTGk5dDJIbzY4TW0rdTFFOTlqMGVHcGIxM1ZUMWl6L1BFRitQb2d3b3BGeS83Z2NIdUQxY3ZmWlBIUnF6TVhyaUdTdW1ORXozZUgrTjBNcUhKdEJ0ODBtZURVMkRZQ3I2RGxXRGFMbkZGQk1Ob3lXK2h0US0tV0I4VDhWQlpoSGppWm9yVjlTK3gvQT09--e0a653267e183c5214a6051f6123879d6d211b1e

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

account.covermymeds.com
bam.nr-data.net
bat.bing.com
cdn.pendo.io
chat.covermymeds.com
connect.facebook.net
data.pendo.io
googleads.g.doubleclick.net
insight.adsrvr.org
js-agent.newrelic.com
js.adsrvr.org
px.ads.linkedin.com
secure-web.cisco.com
snap.licdn.com
stats.g.doubleclick.net
www.covermymeds.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
13.226.146.155
13.226.155.115
151.101.14.110
162.247.242.19
172.217.18.2
2620:101:2002:11f0::1001
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:814::200e
2a00:1450:4001:815::2008
2a00:1450:4001:81a::2003
2a00:1450:4001:81c::2004
2a00:1450:4001:81f::2013
2a00:1450:4001:821::2002
2a00:1450:400c:c00::9d
2a02:26f0:10c:382::25ea
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:f500:10:101::b93f:9105
66.97.160.33
66.97.160.55
99.81.228.121
034d60024e3163b0fe475c4cbb6d3f2c532a27937f2de0cba363f30682a661fd
0615974c40d602afdbf9759533e352bc17b0458c85aad6694b1a1ad20659625b
0644287df7fea41ad83fe9199c853eb978fa20e890c479df6f5070b96e702496
06e1b92ee9b3198194c7541e9c434e9df864039a1e75e15f5d706140f15c7c76
09c3f39acdd3ecdaf2d3a17efb700d07fe2691b5524c2aea19c10c9deb662dd5
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1243303b5bbae5225a6204024bfb1648bb1f809f0ef4a0ce55f5bd64b41c2352
1cb601bbc622cf386c6e9fb613f8ca6aac9be9cbbcbe02abfd334d26d555b624
1e1088985643e44c9ff3943964dbb844f988230f2c06986860dff3ce4194678e
2d40823764b163eac64bd9e7fd12c3a0e4f0ce28e605f5ddf6cabedff19db3e6
41d5e5cb0c042909ed566490a7a284b7a981b74f65f7888da204ef13bf26f885
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
4211bb03636d528b120e898653ec4e6b1eeca6354c111064b33dc28f3278349e
4ea937141d5315397b9fda9eb3b6b2e5c51bf9a20b4f51a71203a4ac8e6ec0ff
5c622f5433cbb6ea1df5c0dd8671e55ef7d1464366074730473c453de50a579b
61e3d312607c01f114ae98393cee089d6884253bbd41936cc8d09f65cb952f49
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
893df2b9ceb653f94333139d561d363bf4c365e651a0a3ade839d96200942e37
92f410985c0233c9abcba33b98f05b3e24d5ea3e80f5083466d545e94d49ec43
9458cd8a47ba42ebc0641fe9e50278ab1649b8e593f58a52b9fadfa854f1f657
9666c4b4ff8494ef844a31d46f0e436e10c5914a28dcf78e43f880c7dfcd7c36
98bf460214a592d28141740a065d561a43fd31c00bcc84c4c7da2c84741de619
9d7ea4d073f28fa36c979433028199fa50ad851edd2cdfaba90f791d1bad04f3
c85308c87728122f024dc8bb97b75cc5aaaa8a3943162162c17c042d5c864164
d029481a0ca774bbe6a6290b02616327bf1c22711a3e26e050031b8494f051d3
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
d3014ceea5476b1600f35f37af6f05cb011cef49b9a2776345edae24bb57bcf8
dc3d8c1de66f65256e17b4b66f4de2f931fe79b59971f0780812d34a6ce09e1b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea8d599e63bb7e05af49012adc8e7be9f807f8376b3a6141165fbb4431b92dd5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f891e2ac0fa3c5131f5bed8ad7a69f587f8f49a41ec59514ec76d73b5802cf1d
fb895427df575d8c85ee42c5ae6185f87fb2ee596f847173992f82df29d54895
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955