account.covermymeds.com Open in urlscan Pro
66.97.160.55  Public Scan

7 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=34915&time=1648822418152&url=https%3A%2F%2Faccount.covermymeds.com%2Fforgot HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=34915&time=1648822418152&url=https%3A%2F%2Faccount.covermymeds.com%2Fforgot&cookiesTest=true HTTP 302
• https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D34915%26time%3D1648822418152%26url%3Dhttps%253A%252F%252Faccount.covermymeds.com%252Fforgot%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=34915&time=1648822418152&url=https%3A%2F%2Faccount.covermymeds.com%2Fforgot&cookiesTest=true&liSync=true HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=34915&time=1648822418152&url=https%3A%2F%2Faccount.covermymeds.com%2Fforgot&cookiesTest=true&liSync=true&e_ipv6=AQJvqO6ovEeVKgAAAX_leXzEhLzITRIH0VW-cJ-S_eYn305BqXeVnM7lR6ApTR8RnKQkS9Q HTTP 302
• https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=3d3245bb-9c63-48a0-9e85-a6ef4f719e1d HTTP 302
• https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=3d3245bb-9c63-48a0-9e85-a6ef4f719e1d&_expected_cookie=2e45d0a1f707f245e8629c1bb1e17ef6

Request Chain 33

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=id17evj&ttd_tpi=1&ttd_puid=7d5a230c-32d3-49ee-9b04-fcdd1b9a7cc4|dcef484c-c89c-4a82-b19d-b78916dc59db HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=id17evj&ttd_tpi=1&ttd_puid=7d5a230c-32d3-49ee-9b04-fcdd1b9a7cc4|dcef484c-c89c-4a82-b19d-b78916dc59db HTTP 302
• https://wec-assets.terminus.services/s.gif?d=7d5a230c-32d3-49ee-9b04-fcdd1b9a7cc4|dcef484c-c89c-4a82-b19d-b78916dc59db&t=44d2caf9-51da-466e-a7f7-aa31c3de1d00 HTTP 301
• https://wec-assets-api.terminus.services/v1/s.gif

Request Chain 34

• https://wec-assets.terminus.services/7d5a230c-32d3-49ee-9b04-fcdd1b9a7cc4/t.gif?d=dcef484c-c89c-4a82-b19d-b78916dc59db&s=9dac3773-d555-4935-8718-0cc74c437e51&p=https%3A%2F%2Faccount.covermymeds.com%2Fforgot&cb=1648822418224&t=Forgot%20Password%20%7C%20CoverMyMeds%2C%20The%20Leader%20In%20Electronic%20Prior%20Authorization&r=&e=page_viewed&u=1d706e6b-adff-4ca7-982f-ea92d2179e99-1648822418224 HTTP 301
• https://wec-assets-api.terminus.services/v1/7d5a230c-32d3-49ee-9b04-fcdd1b9a7cc4/t.gif

Request Chain 43

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=ed2d3821-b1c5-11ec-a887-adefde2cc4bf&gdpr=&gdpr_consent= HTTP 302
• https://px.steelhousemedia.com/tdsync?tdid=44d2caf9-51da-466e-a7f7-aa31c3de1d00&shguid=ed2d3821-b1c5-11ec-a887-adefde2cc4bf

Request Chain 44

• https://insight.adsrvr.org/track/evnt/?adv=rexdccs&ct=0:bf6omly&fmt=3 HTTP 302
• https://dpm.demdex.net/ibs:dpid=903&dpuuid=44d2caf9-51da-466e-a7f7-aa31c3de1d00&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
• https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=44d2caf9-51da-466e-a7f7-aa31c3de1d00&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
• https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam HTTP 302
• https://ups.analytics.yahoo.com/ups/55953/sync?uid=44d2caf9-51da-466e-a7f7-aa31c3de1d00&_origin=1&gdpr=0&gdpr_consent= HTTP 302
• https://ups.analytics.yahoo.com/ups/55953/sync?uid=44d2caf9-51da-466e-a7f7-aa31c3de1d00&_origin=1&gdpr=0&gdpr_consent=&verify=true

Request Chain 55

• https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=44d2caf9-51da-466e-a7f7-aa31c3de1d00 HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3D44d2caf9-51da-466e-a7f7-aa31c3de1d00 HTTP 302
• https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=7504649525642407631&ttd_tdid=44d2caf9-51da-466e-a7f7-aa31c3de1d00

Request Chain 56

• https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=44d2caf9-51da-466e-a7f7-aa31c3de1d00&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
• https://match.adsrvr.org/track/cmf/rubicon?gdpr=0

Request Chain 57

• https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=NDRkMmNhZjktNTFkYS00NjZlLWE3ZjctYWEzMWMzZGUxZDAw&gdpr=0&gdpr_consent=&ttd_tdid=44d2caf9-51da-466e-a7f7-aa31c3de1d00 HTTP 302
• https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=44d2caf9-51da-466e-a7f7-aa31c3de1d00&google_gid=CAESEMoUaZmVvNgHrzKdXTMKots&google_cver=1

59 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request forgot Show response account.covermymeds.com/	7 KB 5 KB	154ms 61ms	Document text/html	66.97.160.55 CMM-CMH
General Check archive.org Show headers Download Go to Full URL https://account.covermymeds.com/forgot Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 66.97.160.55 , United States, ASN396455 (CMM-CMH, US), Reverse DNS Software nginx/1.16.1 / Phusion Passenger 6.0.7 Resource Hash d13ec562fd8107a5381e78bce8847e7a4a9606a9ae6d62ac146235893da8b599 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff nosniff X-Frame-Options SAMEORIGIN SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language en-US,en;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Cache-Control max-age=0, private, must-revalidate Connection Keep-Alive Content-Encoding gzip Content-Length 3915 Content-Type text/html; charset=utf-8 Date Fri, 01 Apr 2022 14:13:37 GMT ETag W/"d13ec562fd8107a5381e78bce8847e7a" Referrer-Policy strict-origin-when-cross-origin Server nginx/1.16.1 Status 200 OK Strict-Transport-Security max-age=31536000; includeSubDomains Vary Accept-Encoding Via 1.1 account.covermymeds.com X-Cnection close X-Content-Type-Options nosniff nosniff X-Download-Options noopen X-Frame-Options SAMEORIGIN SAMEORIGIN X-Permitted-Cross-Domain-Policies none X-Powered-By Phusion Passenger 6.0.7 X-Request-Id 43ee775a-66ac-4361-80f3-30c0aebcfd75 X-Runtime 0.006055 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	application-d1e87046c4f03f1315b636a1c4093e1c.css account.covermymeds.com/packs/	250 KB 47 KB	63ms 63ms	Stylesheet text/css	66.97.160.55 CMM-CMH
General Check archive.org Show headers Download Go to Full URL https://account.covermymeds.com/packs/application-d1e87046c4f03f1315b636a1c4093e1c.css Requested by Host: account.covermymeds.com URL: https://account.covermymeds.com/forgot Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 66.97.160.55 , United States, ASN396455 (CMM-CMH, US), Reverse DNS Software nginx/1.16.1 / Resource Hash 3e20b760a4e3a95be04fdb5035fc19539aca992452eb5e651198139ad68d098a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept-Language en-US,en;q=0.9 Referer https://account.covermymeds.com/forgot User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Date Fri, 01 Apr 2022 14:13:37 GMT Via 1.1 account.covermymeds.com X-Content-Type-Options nosniff Last-Modified Thu, 17 Feb 2022 16:05:40 GMT Server nginx/1.16.1 ETag "620e7254-3e9ec" X-Frame-Options SAMEORIGIN Connection Keep-Alive Content-Type text/css X-Cnection close Strict-Transport-Security max-age=31536000 Accept-Ranges bytes Content-Encoding gzip Vary Accept-Encoding Content-Length 48041
GET H/1.1	200 OK	nunito_sans.css www.covermymeds.com/styles_r2/fonts/	4 KB 1 KB	146ms 46ms	Stylesheet text/css	66.97.160.55 CMM-CMH
General Check archive.org Show headers Download Go to Full URL https://www.covermymeds.com/styles_r2/fonts/nunito_sans.css Requested by Host: account.covermymeds.com URL: https://account.covermymeds.com/forgot Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 66.97.160.55 , United States, ASN396455 (CMM-CMH, US), Reverse DNS Software nginx/1.16.1 / Resource Hash d029481a0ca774bbe6a6290b02616327bf1c22711a3e26e050031b8494f051d3 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Frame-Options SAMEORIGIN Request headers Accept-Language en-US,en;q=0.9 Referer https://account.covermymeds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Date Fri, 01 Apr 2022 14:13:37 GMT Via 1.1 www.covermymeds.com Vary Accept-Encoding X-Cnection close Connection Keep-Alive Content-Encoding gzip Content-Length 627 Last-Modified Wed, 30 Mar 2022 15:32:56 GMT Server nginx/1.16.1 X-Frame-Options SAMEORIGIN ETag "62447828-f9b" Strict-Transport-Security max-age=31536000 Access-Control-Allow-Methods GET Content-Type text/css Access-Control-Allow-Origin * Cache-Control max-age=31536000 Accept-Ranges bytes Expires Sat, 01 Apr 2023 14:13:37 GMT
GET H/1.1	200 OK	application-a246904966e6965a9347896624eedef2fed41285ebe260a32b046fc20db0d3ee.js Show response account.covermymeds.com/assets/	396 KB 168 KB	250ms 173ms	Script application/javascript	66.97.160.55 CMM-CMH
General Check archive.org Show headers Download Go to Full URL https://account.covermymeds.com/assets/application-a246904966e6965a9347896624eedef2fed41285ebe260a32b046fc20db0d3ee.js Requested by Host: account.covermymeds.com URL: https://account.covermymeds.com/forgot Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 66.97.160.55 , United States, ASN396455 (CMM-CMH, US), Reverse DNS Software nginx/1.16.1 / Resource Hash a246904966e6965a9347896624eedef2fed41285ebe260a32b046fc20db0d3ee Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept-Language en-US,en;q=0.9 Referer https://account.covermymeds.com/forgot User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Date Fri, 01 Apr 2022 14:13:37 GMT Via 1.1 account.covermymeds.com X-Content-Type-Options nosniff X-Cnection close Content-Encoding gzip Vary Accept-Encoding content-length 171532 Last-Modified Thu, 17 Feb 2022 16:03:40 GMT Server nginx/1.16.1 X-Frame-Options SAMEORIGIN ETag "620e71dc-6300c" Strict-Transport-Security max-age=31536000 Access-Control-Allow-Methods GET Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=86400, public Accept-Ranges bytes Expires Sat, 02 Apr 2022 14:13:37 GMT
GET H/1.1	200 OK	forgot-e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855.js Show response account.covermymeds.com/assets/	0 543 B	121ms 45ms	Script application/javascript	66.97.160.55 CMM-CMH
General Check archive.org Show headers Download Go to Full URL https://account.covermymeds.com/assets/forgot-e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855.js Requested by Host: account.covermymeds.com URL: https://account.covermymeds.com/forgot Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 66.97.160.55 , United States, ASN396455 (CMM-CMH, US), Reverse DNS Software nginx/1.16.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept-Language en-US,en;q=0.9 Referer https://account.covermymeds.com/forgot User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Date Fri, 01 Apr 2022 14:13:37 GMT Via 1.1 account.covermymeds.com X-Content-Type-Options nosniff X-Cnection close Content-Length 0 Last-Modified Thu, 17 Feb 2022 16:00:13 GMT Server nginx/1.16.1 X-Frame-Options SAMEORIGIN ETag "620e710d-0" Strict-Transport-Security max-age=31536000 Access-Control-Allow-Methods GET Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=86400, public Accept-Ranges bytes Expires Sat, 02 Apr 2022 14:13:37 GMT
GET H/1.1	200 OK	cmm_header_logo-f891e2ac0fa3c5131f5bed8ad7a69f587f8f49a41ec59514ec76d73b5802cf1d.png account.covermymeds.com/assets/	17 KB 17 KB	42ms 42ms	Image image/png	66.97.160.55 CMM-CMH
General Check archive.org Show headers Download Go to Show image Full URL https://account.covermymeds.com/assets/cmm_header_logo-f891e2ac0fa3c5131f5bed8ad7a69f587f8f49a41ec59514ec76d73b5802cf1d.png Requested by Host: account.covermymeds.com URL: https://account.covermymeds.com/forgot Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 66.97.160.55 , United States, ASN396455 (CMM-CMH, US), Reverse DNS Software nginx/1.16.1 / Resource Hash f891e2ac0fa3c5131f5bed8ad7a69f587f8f49a41ec59514ec76d73b5802cf1d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept-Language en-US,en;q=0.9 Referer https://account.covermymeds.com/forgot User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Date Fri, 01 Apr 2022 14:13:37 GMT Via 1.1 account.covermymeds.com X-Content-Type-Options nosniff X-Cnection close Content-Length 17285 Last-Modified Thu, 17 Feb 2022 16:00:13 GMT Server nginx/1.16.1 X-Frame-Options SAMEORIGIN ETag "620e710d-4385" Strict-Transport-Security max-age=31536000 Access-Control-Allow-Methods GET Content-Type image/png Access-Control-Allow-Origin * Cache-Control max-age=86400, public Accept-Ranges bytes Expires Sat, 02 Apr 2022 14:13:37 GMT
GET H/1.1	200 OK	forgot-password-3ef0a3c58e3aac95100ab538102899657a67adc45f1971830a0fa2d12a55cf0c.png account.covermymeds.com/assets/	124 KB 125 KB	42ms 42ms	Image image/png	66.97.160.55 CMM-CMH
General Check archive.org Show headers Download Go to Show image Full URL https://account.covermymeds.com/assets/forgot-password-3ef0a3c58e3aac95100ab538102899657a67adc45f1971830a0fa2d12a55cf0c.png Requested by Host: account.covermymeds.com URL: https://account.covermymeds.com/forgot Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 66.97.160.55 , United States, ASN396455 (CMM-CMH, US), Reverse DNS Software nginx/1.16.1 / Resource Hash 3ef0a3c58e3aac95100ab538102899657a67adc45f1971830a0fa2d12a55cf0c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept-Language en-US,en;q=0.9 Referer https://account.covermymeds.com/forgot User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Date Fri, 01 Apr 2022 14:13:37 GMT Via 1.1 account.covermymeds.com X-Content-Type-Options nosniff X-Cnection close Content-Length 127163 Last-Modified Thu, 17 Feb 2022 16:00:13 GMT Server nginx/1.16.1 X-Frame-Options SAMEORIGIN ETag "620e710d-1f0bb" Strict-Transport-Security max-age=31536000 Access-Control-Allow-Methods GET Content-Type image/png Access-Control-Allow-Origin * Cache-Control max-age=86400, public Accept-Ranges bytes Expires Sat, 02 Apr 2022 14:13:37 GMT
GET H/1.1	200 OK	application-b81ada65bf2c8b11476b.js Show response account.covermymeds.com/packs/	321 KB 91 KB	67ms 67ms	Script application/javascript	66.97.160.55 CMM-CMH
General Check archive.org Show headers Download Go to Full URL https://account.covermymeds.com/packs/application-b81ada65bf2c8b11476b.js Requested by Host: account.covermymeds.com URL: https://account.covermymeds.com/forgot Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 66.97.160.55 , United States, ASN396455 (CMM-CMH, US), Reverse DNS Software nginx/1.16.1 / Resource Hash 09818be7ceb101e61bbba9408732cd02be895e65d10f5545be7b46943ff46662 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept-Language en-US,en;q=0.9 Referer https://account.covermymeds.com/forgot User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Date Fri, 01 Apr 2022 14:13:37 GMT Via 1.1 account.covermymeds.com X-Content-Type-Options nosniff Last-Modified Thu, 17 Feb 2022 16:05:40 GMT Server nginx/1.16.1 ETag "620e7254-505f0" X-Frame-Options SAMEORIGIN Connection Keep-Alive Content-Type application/javascript X-Cnection close Strict-Transport-Security max-age=31536000 Accept-Ranges bytes Content-Encoding gzip Vary Accept-Encoding Content-Length 92358
GET H/1.1	200 OK	bundle-customer.js Show response chat.covermymeds.com/javascripts/	177 KB 86 KB	163ms 69ms	Script application/javascript	66.97.160.33 CMM-ATL
General Check archive.org Show headers Download Go to Full URL https://chat.covermymeds.com/javascripts/bundle-customer.js Requested by Host: account.covermymeds.com URL: https://account.covermymeds.com/forgot Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 66.97.160.33 , United States, ASN396458 (CMM-ATL, US), Reverse DNS Software nginx/1.16.1 / Resource Hash 9458cd8a47ba42ebc0641fe9e50278ab1649b8e593f58a52b9fadfa854f1f657 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept-Language en-US,en;q=0.9 Referer https://account.covermymeds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Date Fri, 01 Apr 2022 14:13:37 GMT Via 1.1 chat.covermymeds.com X-Content-Type-Options nosniff Server nginx/1.16.1 X-Frame-Options SAMEORIGIN Connection close Content-Type application/javascript Cache-Control max-age=5184000, public Strict-Transport-Security max-age=31536000 Accept-Ranges bytes Content-Encoding gzip Vary Accept-Encoding content-length 87203 Expires Tue, 31 May 2022 14:13:37 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	293 KB 85 KB	98ms 50ms	Script application/javascript	2607:f8b0:4006:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-WDWQ49P Requested by Host: account.covermymeds.com URL: https://account.covermymeds.com/forgot Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash d0b0f9a75072a286b8a62f56283bdbd96a4ea438481d9c159aa729d49b3ed552 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language en-US,en;q=0.9 Referer https://account.covermymeds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Fri, 01 Apr 2022 14:13:37 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 86506 x-xss-protection 0 last-modified Fri, 01 Apr 2022 12:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 01 Apr 2022 14:13:37 GMT
GET H/1.1	200 OK	pendo.js Show response cdn.pendo.io/agent/static/89b77497-23cf-4058-6d78-e33d78245f50/	473 KB 145 KB	140ms 28ms	Script application/javascript	2600:9000:21da:400:1f:aa31:7740:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.pendo.io/agent/static/89b77497-23cf-4058-6d78-e33d78245f50/pendo.js Requested by Host: account.covermymeds.com URL: https://account.covermymeds.com/forgot Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21da:400:1f:aa31:7740:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software UploadServer / Resource Hash f9374c58af5044acd7db7fa45e64254078c5670124fcdae778b7269dd810cdcb Request headers Accept-Language en-US,en;q=0.9 Referer https://account.covermymeds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Date Fri, 01 Apr 2022 14:11:44 GMT Content-Encoding gzip Age 113 X-GUploader-UploadID ADPycdsMQeiMFjGxgZDN8ArL7ZOEMBHFEXK0pYn_g14TEshGMghfxlT3_ggYonO9Ra-FLAJDfuxaRr7egShY77rLcmMppJ1I6Q X-Cache Hit from cloudfront x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding gzip Connection keep-alive Content-Length 147416 Access-Control-Allow-Origin * Last-Modified Thu, 31 Mar 2022 18:17:05 GMT Server UploadServer ETag "ec44c0780b297f98948b2dcfe9a4865d" Vary Accept-Encoding x-goog-hash crc32c=+BXJuw==, md5=7ETAeAspf5iUiy3P6aSGXQ== x-goog-generation 1648750625581571 Via 1.1 5ec6b37107376867228d2ed46a794602.cloudfront.net (CloudFront) Access-Control-Expose-Headers * Cache-Control max-age=450 x-goog-stored-content-length 147416 X-Amz-Cf-Pop EWR53-C1 Accept-Ranges bytes Content-Type application/javascript X-Amz-Cf-Id NgYPw_9Qh8XXYyVTYA7S3aI4bNgwMUFzp68ZIexcyq1oVZw7jnNBhg== Expires Fri, 01 Apr 2022 14:19:14 GMT
GET H/1.1	200 OK	pe0qMImSLYBIv1o4X1M8cce9I9tAcVwo.woff2 www.covermymeds.com/fonts/nunitosans/	11 KB 11 KB	133ms 50ms	Font font/woff2	66.97.160.55 CMM-CMH
General Check archive.org Show headers Download Go to Full URL https://www.covermymeds.com/fonts/nunitosans/pe0qMImSLYBIv1o4X1M8cce9I9tAcVwo.woff2 Requested by Host: www.covermymeds.com URL: https://www.covermymeds.com/styles_r2/fonts/nunito_sans.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 66.97.160.55 , United States, ASN396455 (CMM-CMH, US), Reverse DNS Software nginx/1.16.1 / Resource Hash 09c3f39acdd3ecdaf2d3a17efb700d07fe2691b5524c2aea19c10c9deb662dd5 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Frame-Options SAMEORIGIN Request headers Referer https://www.covermymeds.com/styles_r2/fonts/nunito_sans.css Origin https://account.covermymeds.com Accept-Language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Date Fri, 01 Apr 2022 14:13:38 GMT Via 1.1 www.covermymeds.com Last-Modified Wed, 30 Mar 2022 15:32:56 GMT Server nginx/1.16.1 ETag "62447828-2bc8" X-Frame-Options SAMEORIGIN Content-Type font/woff2 Access-Control-Allow-Origin * X-Cnection close Strict-Transport-Security max-age=31536000 Accept-Ranges bytes Content-Length 11208
GET H/1.1	200 OK	pe03MImSLYBIv1o4X1M8cc8GBs5tU1ECVZl_.woff2 www.covermymeds.com/fonts/nunitosans/	11 KB 12 KB	128ms 48ms	Font font/woff2	66.97.160.55 CMM-CMH
General Check archive.org Show headers Download Go to Full URL https://www.covermymeds.com/fonts/nunitosans/pe03MImSLYBIv1o4X1M8cc8GBs5tU1ECVZl_.woff2 Requested by Host: www.covermymeds.com URL: https://www.covermymeds.com/styles_r2/fonts/nunito_sans.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 66.97.160.55 , United States, ASN396455 (CMM-CMH, US), Reverse DNS Software nginx/1.16.1 / Resource Hash 98bf460214a592d28141740a065d561a43fd31c00bcc84c4c7da2c84741de619 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Frame-Options SAMEORIGIN Request headers Referer https://www.covermymeds.com/styles_r2/fonts/nunito_sans.css Origin https://account.covermymeds.com Accept-Language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Date Fri, 01 Apr 2022 14:13:38 GMT Via 1.1 www.covermymeds.com Last-Modified Wed, 30 Mar 2022 15:32:56 GMT Server nginx/1.16.1 ETag "62447828-2c44" X-Frame-Options SAMEORIGIN Content-Type font/woff2 Access-Control-Allow-Origin * X-Cnection close Strict-Transport-Security max-age=31536000 Accept-Ranges bytes Content-Length 11332
GET H/1.1	200 OK	pe03MImSLYBIv1o4X1M8cc8WAc5tU1ECVZl_.woff2 www.covermymeds.com/fonts/nunitosans/	11 KB 11 KB	134ms 54ms	Font font/woff2	66.97.160.55 CMM-CMH
General Check archive.org Show headers Download Go to Full URL https://www.covermymeds.com/fonts/nunitosans/pe03MImSLYBIv1o4X1M8cc8WAc5tU1ECVZl_.woff2 Requested by Host: www.covermymeds.com URL: https://www.covermymeds.com/styles_r2/fonts/nunito_sans.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 66.97.160.55 , United States, ASN396455 (CMM-CMH, US), Reverse DNS Software nginx/1.20.1 / Resource Hash ea8d599e63bb7e05af49012adc8e7be9f807f8376b3a6141165fbb4431b92dd5 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Frame-Options SAMEORIGIN Request headers Referer https://www.covermymeds.com/styles_r2/fonts/nunito_sans.css Origin https://account.covermymeds.com Accept-Language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Date Fri, 01 Apr 2022 14:13:38 GMT Via 1.1 www.covermymeds.com Last-Modified Wed, 30 Mar 2022 15:32:56 GMT Server nginx/1.20.1 ETag "62447828-2b9c" X-Frame-Options SAMEORIGIN Content-Type font/woff2 Access-Control-Allow-Origin * X-Cnection close Strict-Transport-Security max-age=31536000 Accept-Ranges bytes Content-Length 11164
GET H/1.1	200 OK	revision Show response chat.covermymeds.com/api_v2/customer/	101 B 819 B	130ms 55ms	Script text/javascript	66.97.160.33 CMM-ATL
General Check archive.org Show headers Download Go to Full URL https://chat.covermymeds.com/api_v2/customer/revision?callback=jQuery33104037931034566504_1648822417966&_=1648822417967 Requested by Host: chat.covermymeds.com URL: https://chat.covermymeds.com/javascripts/bundle-customer.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 66.97.160.33 , United States, ASN396458 (CMM-ATL, US), Reverse DNS Software nginx/1.16.1 / Resource Hash 3eadae70751c70f7238dd723bb8836f8aed1a3193549cc49f3bdf129768105db Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff, nosniff X-Frame-Options SAMEORIGIN, SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language en-US,en;q=0.9 Referer https://account.covermymeds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Date Fri, 01 Apr 2022 14:13:38 GMT Via 1.1 chat.covermymeds.com X-Content-Type-Options nosniff, nosniff X-Permitted-Cross-Domain-Policies none Connection close content-length 101 X-XSS-Protection 1; mode=block X-Request-Id cf76b3f6-e006-4a74-ac5e-e7527dff4d1b X-Runtime 0.002935 Referrer-Policy strict-origin-when-cross-origin Server nginx/1.16.1 X-Frame-Options SAMEORIGIN, SAMEORIGIN ETag W/"3eadae70751c70f7238dd723bb8836f8" X-Download-Options noopen Vary Accept Strict-Transport-Security max-age=63072000; includeSubDomains Content-Type text/javascript; charset=utf-8 Cache-Control max-age=0, private, must-revalidate
GET H2	200	optimize.js Show response www.google-analytics.com/gtm/	114 KB 40 KB	100ms 50ms	Script application/javascript	2607:f8b0:4006:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/gtm/optimize.js?id=GTM-5LW6Q86 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDWQ49P Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash a9a2ab5735feb4cc2b1fa2386b211d0e8af01379311f9c73e3e9fce9a20618ba Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language en-US,en;q=0.9 Referer https://account.covermymeds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Fri, 01 Apr 2022 14:13:38 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 40758 x-xss-protection 0 expires Fri, 01 Apr 2022 14:13:38 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	78ms 30ms	Script text/javascript	2607:f8b0:4006:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDWQ49P Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language en-US,en;q=0.9 Referer https://account.covermymeds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 5176 date Fri, 01 Apr 2022 12:47:22 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Fri, 01 Apr 2022 14:47:22 GMT
GET H/1.1	200 OK	insight.min.js Show response snap.licdn.com/li.lms-analytics/	8 KB 3 KB	78ms 28ms	Script application/x-javascript	2600:141b:13::17d7:82d1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDWQ49P Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2600:141b:13::17d7:82d1 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 5d5cf5a4a5b7c02915bc261dca0c755d29beda0c0c3a005c78c1682c9934bb3c Request headers Accept-Language en-US,en;q=0.9 Referer https://account.covermymeds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Date Fri, 01 Apr 2022 14:13:38 GMT Content-Encoding gzip Last-Modified Fri, 18 Mar 2022 23:45:34 GMT X-CDN AKAM Vary Accept-Encoding Content-Type application/x-javascript;charset=utf-8 Cache-Control max-age=77634 Connection keep-alive Accept-Ranges bytes Content-Length 3104
GET H2	200	conversion_async.js Show response www.googleadservices.com/pagead/	39 KB 15 KB	90ms 42ms	Script text/javascript	142.251.40.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion_async.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDWQ49P Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.40.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s38-in-f2.1e100.net Software cafe / Resource Hash 3ec8f9d39a014eeea30b42452cb299f24a4dd2a4f66ec3709d724458b0fb81eb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-US,en;q=0.9 Referer https://account.covermymeds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Fri, 01 Apr 2022 14:13:38 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14888 x-xss-protection 0 server cafe etag 7602692432759945649 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Fri, 01 Apr 2022 14:13:38 GMT
GET H2	200	bat.js Show response bat.bing.com/	38 KB 12 KB	82ms 33ms	Script application/javascript	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDWQ49P Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept-Language en-US,en;q=0.9 Referer https://account.covermymeds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip last-modified Wed, 09 Feb 2022 23:54:49 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 2C614EBDC2214CE8AD37F85DAEE00F1A Ref B: NYCEDGE1310 Ref C: 2022-04-01T14:13:38Z etag "806a236c101ed81:0" vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript access-control-allow-origin * cache-control private,max-age=1800 date Fri, 01 Apr 2022 14:13:37 GMT accept-ranges bytes content-length 11333
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	99 KB 27 KB	70ms 27ms	Script application/x-javascript	2a03:2880:f012:10c:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: account.covermymeds.com URL: https://account.covermymeds.com/forgot Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash c8d70946c3b971f61a3a24a011463ea1fd30a1490a34eed4a58b8685441172f4 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language en-US,en;q=0.9 Referer https://account.covermymeds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 26313 x-xss-protection 0 pragma public x-fb-debug OCNqjfRU1Nh1jc3OpIOOelkdRuqH9WwsoaJP2J1rzsIZq9zkTJta+pe79Axte4ykAJU1jx7TkgXCjCnPUxc3EA== x-fb-trip-id 1512268381 x-frame-options DENY date Fri, 01 Apr 2022 14:13:38 GMT strict-transport-security max-age=31536000; preload; includeSubDomains content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H/1.1	200 OK	up_loader.1.1.0.js Show response js.adsrvr.org/	4 KB 5 KB	111ms 21ms	Script application/x-javascript	54.230.160.114 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.adsrvr.org/up_loader.1.1.0.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDWQ49P Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.230.160.114 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-230-160-114.ewr53.r.cloudfront.net Software AmazonS3 / Resource Hash ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9 Request headers Accept-Language en-US,en;q=0.9 Referer https://account.covermymeds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Date Fri, 01 Apr 2022 04:46:34 GMT Via 1.1 eeb9901be16f95d3dbfe25d7cb1e1efe.cloudfront.net (CloudFront) Last-Modified Thu, 24 Sep 2020 15:15:34 GMT Server AmazonS3 Age 34024 ETag "98d98b3499058b76d58073cf8ede2f10" X-Cache Hit from cloudfront Content-Type application/x-javascript Connection keep-alive X-Amz-Cf-Pop EWR53-C3 Accept-Ranges bytes Content-Length 4593 X-Amz-Cf-Id f_LIis-GZZ1kguE2OO9c3nrAdN5qPLhKLMsM4qcm5HJlnPA6MlZ3Wg==
GET H/1.1	200	spx Show response dx.steelhousemedia.com/	13 KB 4 KB	310ms 78ms	Script application/javascript	44.241.10.203 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dx.steelhousemedia.com/spx?dxver=4.0.0&shaid=32045&tdr=&plh=https%3A%2F%2Faccount.covermymeds.com%2Fforgot&cb=40677593233439200term=value Requested by Host: account.covermymeds.com URL: https://account.covermymeds.com/forgot Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 44.241.10.203 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-241-10-203.us-west-2.compute.amazonaws.com Software / Resource Hash 9955dd760ea6d728042900b29142cf2a37bdd278a54e4fe6dc96f1bc647ea244 Request headers Accept-Language en-US,en;q=0.9 Referer https://account.covermymeds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Fri, 01 Apr 2022 14:13:38 GMT content-encoding gzip connection close content-type application/javascript;charset=utf-8 vary accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	9oP2Og47.min.js Show response scripts.demandbase.com/	59 KB 16 KB	189ms 25ms	Script application/javascript	13.226.26.56 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://scripts.demandbase.com/9oP2Og47.min.js Requested by Host: account.covermymeds.com URL: https://account.covermymeds.com/forgot Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.226.26.56 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-26-56.ewr53.r.cloudfront.net Software AmazonS3 / Resource Hash 8a09ca6c061c0ea0f5cbd157363e8a1cfbc787d8262e0e1d791f76d936f9bf29 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Accept-Language en-US,en;q=0.9 Referer https://account.covermymeds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers x-amz-version-id QGs4qiwwdbeFlpPCUc6gigux8qwjmDM. content-encoding gzip etag W/"88d07e956ab8bcce6d74aacf5b298717" age 3158 x-cache Hit from cloudfront vary Accept-Encoding last-modified Mon, 13 Dec 2021 15:36:18 GMT server AmazonS3 date Fri, 01 Apr 2022 13:21:01 GMT strict-transport-security max-age=63072000; includeSubDomains; preload content-type application/javascript; charset=utf-8 via 1.1 98ff52bb9a3187350f3ea674f4110afa.cloudfront.net (CloudFront) cache-control public, max-age=3600 permissions-policy accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=() x-amz-cf-pop EWR53-C2 x-amz-cf-id bf49LTYk9pAqm1a-bTBQNt6B3JjhbdqD5BAtY73XMFvyFESwzU0fmg==
GET H2	200	t.js Show response vidassets.terminus.services/7d5a230c-32d3-49ee-9b04-fcdd1b9a7cc4/	35 KB 11 KB	86ms 25ms	Script application/javascript	13.225.71.2 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://vidassets.terminus.services/7d5a230c-32d3-49ee-9b04-fcdd1b9a7cc4/t.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDWQ49P Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.71.2 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-71-2.ewr53.r.cloudfront.net Software nginx/1.10.3 (Ubuntu) / Resource Hash 9178d19c46b5a36fc8d4de24aa7fef3b62e7f69c259f4e81ee3f2d5aba263216 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language en-US,en;q=0.9 Referer https://account.covermymeds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Fri, 01 Apr 2022 14:07:56 GMT content-encoding gzip x-content-type-options nosniff age 343 x-cache Hit from cloudfront access-control-allow-origin * last-modified Tue, 15 Feb 2022 20:49:04 GMT server nginx/1.10.3 (Ubuntu) vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript;charset=utf-8 via 1.1 988ebab315003cc8902437cbdd7de09e.cloudfront.net (CloudFront) access-control-expose-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Authorization cache-control public, s-maxage=2700 x-amz-cf-pop EWR53-C1 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Authorization x-amz-cf-id V6SPE-aczVRgUhovYlqsaaK3BRKkUHUVsa76nWxFYRrVlU9Ox4gD5Q==
GET H2	200	/ p.adsymptotic.com/d/px/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=34915&time=1648822418152&url=https%3A%2F%2Faccount.covermymeds.com%2Fforgot https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=34915&time=1648822418152&url=https%3A%2F%2Faccount.covermymeds.com%2Fforgot&cookiesTest=true https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D34915%26time%3D1648822418152%26url%3Dhttps%253A%252F%252Faccount.covermymeds.com%... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=34915&time=1648822418152&url=https%3A%2F%2Faccount.covermymeds.com%2Fforgot&cookiesTest=true&liSync=true https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=34915&time=1648822418152&url=https%3A%2F%2Faccount.covermymeds.com%2Fforgot&cookiesTest=true&liSync=true&e_ipv6=AQJvqO6ovEeVKgAAAX_leXzEhLzITRIH0... https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=3d3245bb-9c63-48a0-9e85-a6ef4f719e1d https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=3d3245bb-9c63-48a0-9e85-a6ef4f719e1d&_expected_cookie=2e45d0a1f707f245e8629c1b...	43 B 142 B	45ms 44ms	Image image/gif	104.18.101.194 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=3d3245bb-9c63-48a0-9e85-a6ef4f719e1d&_expected_cookie=2e45d0a1f707f245e8629c1bb1e17ef6 Requested by Host: account.covermymeds.com URL: https://account.covermymeds.com/forgot Protocol H2 Server 104.18.101.194 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language en-US,en;q=0.9 Referer https://account.covermymeds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Fri, 01 Apr 2022 14:13:39 GMT cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 6f51ed374aa318b4-EWR p3p CP='NON DSP COR CONi OUR BUS CNT' content-type image/gif content-length 43 Redirect headers location https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=3d3245bb-9c63-48a0-9e85-a6ef4f719e1d&_expected_cookie=2e45d0a1f707f245e8629c1bb1e17ef6 date Fri, 01 Apr 2022 14:13:39 GMT cf-cache-status DYNAMIC server cloudflare cf-ray 6f51ed36e9b318b4-EWR content-length 0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
GET H/1.1	200 OK	bundle-customer-widget.js Show response chat.covermymeds.com/javascripts/	876 KB 507 KB	162ms 86ms	Script application/javascript	66.97.160.33 CMM-ATL
General Check archive.org Show headers Download Go to Full URL https://chat.covermymeds.com/javascripts/bundle-customer-widget.js?v=7bf036b77f0c30f0fbe6ba71ec6c54cd6ad4f1ed&_=1648822417968 Requested by Host: chat.covermymeds.com URL: https://chat.covermymeds.com/javascripts/bundle-customer.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 66.97.160.33 , United States, ASN396458 (CMM-ATL, US), Reverse DNS Software nginx/1.16.1 / Resource Hash 9925e6befdd942ab397856ad4e719b5da008c0fdcbe5f593876075128527ad30 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept-Language en-US,en;q=0.9 Referer https://account.covermymeds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Date Fri, 01 Apr 2022 14:13:38 GMT Via 1.1 chat.covermymeds.com X-Content-Type-Options nosniff Server nginx/1.16.1 X-Frame-Options SAMEORIGIN Connection close Content-Type application/javascript Cache-Control max-age=5184000, public Strict-Transport-Security max-age=31536000 Accept-Ranges bytes Content-Encoding gzip Vary Accept-Encoding content-length 518550 Expires Tue, 31 May 2022 14:13:38 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/856736550/	2 KB 2 KB	92ms 37ms	Script text/javascript	2607:f8b0:4006:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/856736550/?random=1648822418159&cv=9&fst=1648822418159&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3u0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Faccount.covermymeds.com%2Fforgot&tiba=Forgot%20Password%20%7C%20CoverMyMeds%2C%20The%20Leader%20In%20Electronic%20Prior%20Authorization&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 799c867992c352189f78bf648f3a3d39e901b4343d3499795caa4bff8c4cb402 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-US,en;q=0.9 Referer https://account.covermymeds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers pragma no-cache date Fri, 01 Apr 2022 14:13:38 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1041 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	26055177.js Show response bat.bing.com/p/action/	0 116 B	36ms 35ms	Script text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/26055177.js Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept-Language en-US,en;q=0.9 Referer https://account.covermymeds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers access-control-allow-origin * strict-transport-security max-age=31536000; includeSubDomains; preload cache-control private,max-age=1800 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 5DB643B22A8341309125E41F4077D1D9 Ref B: NYCEDGE1310 Ref C: 2022-04-01T14:13:38Z date Fri, 01 Apr 2022 14:13:37 GMT x-cache CONFIG_NOCACHE
GET H2	204	0 bat.bing.com/action/	0 176 B	90ms 90ms	Image text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=26055177&tm=gtm002&Ver=2&mid=e6d6c472-36e7-4c5e-a60a-f867210e08f2&sid=ecd48ed0b1c511ec86e0b7f36df4a879&vid=ecd4a1b0b1c511ecaf9361e2f0a70421&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Forgot%20Password%20%7C%20CoverMyMeds,%20The%20Leader%20In%20Electronic%20Prior%20Authorization&p=https%3A%2F%2Faccount.covermymeds.com%2Fforgot&r=&lt=759&evt=pageLoad&msclkid=N&sv=1&rn=199589 Requested by Host: account.covermymeds.com URL: https://account.covermymeds.com/forgot Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept-Language en-US,en;q=0.9 Referer https://account.covermymeds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: AB923AE690A54BC483FF148E4C8FEDCC Ref B: NYCEDGE1310 Ref C: 2022-04-01T14:13:38Z date Fri, 01 Apr 2022 14:13:37 GMT x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	282700338735046 Show response connect.facebook.net/signals/config/	42 KB 12 KB	22ms 21ms	Script application/x-javascript	2a03:2880:f012:10c:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/282700338735046?v=2.9.57&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa67d0519dd3d1e99c5009c6db03de696304a0db666dab7a9120f02c12261453 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language en-US,en;q=0.9 Referer https://account.covermymeds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 11518 x-xss-protection 0 pragma public x-fb-debug 3vFiqOVdTF/HAAOfg8bvDSGYu+DPNOu4g23l6aAqq6yk6ooflnL9ulU8FMUTnpDsD7jOEmUT0UNdonM3O8EIaA== x-fb-trip-id 1512268381 x-frame-options DENY cross-origin-opener-policy same-origin-allow-popups cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" date Fri, 01 Apr 2022 14:13:38 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	2 B 445 B	93ms 34ms	XHR text/plain	2607:f8b0:4004:c08::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-7780355-10&cid=1237934436.1648822418&jid=1843343085&gjid=705501564&_gid=1826410623.1648822418&_u=aGBAgEABQAAAAE~&z=829101549 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://account.covermymeds.com/ Accept-Language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Fri, 01 Apr 2022 14:13:38 GMT content-type text/plain access-control-allow-origin https://account.covermymeds.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	47ms 20ms	Image image/gif	2607:f8b0:4006:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j96&a=2044144313&t=pageview&_s=1&dl=https%3A%2F%2Faccount.covermymeds.com%2Fforgot&ul=en-us&de=UTF-8&dt=Forgot%20Password%20%7C%20CoverMyMeds%2C%20The%20Leader%20In%20Electronic%20Prior%20Authorization&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEABQ~&jid=1843343085&gjid=705501564&cid=1237934436.1648822418&tid=UA-7780355-10&_gid=1826410623.1648822418&gtm=2wg3u0WDWQ49P&cd12=null&z=1245790583 Requested by Host: account.covermymeds.com URL: https://account.covermymeds.com/forgot Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language en-US,en;q=0.9 Referer https://account.covermymeds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers pragma no-cache date Fri, 01 Apr 2022 02:34:10 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 41968 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 411 B	63ms 20ms	Image image/gif	2a03:2880:f112:182:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=282700338735046&ev=PageView&dl=https%3A%2F%2Faccount.covermymeds.com%2Fforgot&rl=&if=false&ts=1648822418218&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=28&fbp=fb.1.1648822418217.1032394908&it=1648822418176&coo=false&exp=p1&rqm=GET Requested by Host: account.covermymeds.com URL: https://account.covermymeds.com/forgot Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language en-US,en;q=0.9 Referer https://account.covermymeds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Fri, 01 Apr 2022 14:13:38 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 44 expires Fri, 01 Apr 2022 14:13:38 GMT
GET H2	200	s.gif wec-assets-api.terminus.services/v1/ Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=id17evj&ttd_tpi=1&ttd_puid=7d5a230c-32d3-49ee-9b04-fcdd1b9a7cc4|dcef484c-c89c-4a82-b19d-b78916dc59db https://match.adsrvr.org/track/cmb/generic?ttd_pid=id17evj&ttd_tpi=1&ttd_puid=7d5a230c-32d3-49ee-9b04-fcdd1b9a7cc4|dcef484c-c89c-4a82-b19d-b78916dc59db https://wec-assets.terminus.services/s.gif?d=7d5a230c-32d3-49ee-9b04-fcdd1b9a7cc4|dcef484c-c89c-4a82-b19d-b78916dc59db&t=44d2caf9-51da-466e-a7f7-aa31c3de1d00 https://wec-assets-api.terminus.services/v1/s.gif	43 B 161 B	26ms 26ms	Image image/gif	54.173.254.241 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://wec-assets-api.terminus.services/v1/s.gif Requested by Host: account.covermymeds.com URL: https://account.covermymeds.com/forgot Protocol H2 Server 54.173.254.241 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-173-254-241.compute-1.amazonaws.com Software istio-envoy / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language en-US,en;q=0.9 Referer https://account.covermymeds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Fri, 01 Apr 2022 14:13:38 GMT x-envoy-upstream-service-time 0 server istio-envoy content-length 43 vary Origin content-type image/gif Redirect headers date Fri, 01 Apr 2022 14:07:37 GMT via 1.1 b8508a82603ebd452aecb2900fb8eef0.cloudfront.net (CloudFront) server awselb/2.0 age 361 x-cache Hit from cloudfront content-type text/html location https://wec-assets-api.terminus.services:443/v1/s.gif x-amz-cf-pop EWR53-C1 content-length 134 x-amz-cf-id P1tXRYQDvZgyb3TdPGYNBFrs1Oospm0SYsVxDR9hoxxpSfz49bC95w==
GET H2	200	t.gif wec-assets-api.terminus.services/v1/7d5a230c-32d3-49ee-9b04-fcdd1b9a7cc4/ Redirect Chain https://wec-assets.terminus.services/7d5a230c-32d3-49ee-9b04-fcdd1b9a7cc4/t.gif?d=dcef484c-c89c-4a82-b19d-b78916dc59db&s=9dac3773-d555-4935-8718-0cc74c437e51&p=https%3A%2F%2Faccount.covermymeds.com... https://wec-assets-api.terminus.services/v1/7d5a230c-32d3-49ee-9b04-fcdd1b9a7cc4/t.gif	43 B 162 B	89ms 26ms	Image image/gif	54.173.254.241 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://wec-assets-api.terminus.services/v1/7d5a230c-32d3-49ee-9b04-fcdd1b9a7cc4/t.gif Requested by Host: account.covermymeds.com URL: https://account.covermymeds.com/forgot Protocol H2 Server 54.173.254.241 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-173-254-241.compute-1.amazonaws.com Software istio-envoy / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language en-US,en;q=0.9 Referer https://account.covermymeds.com/forgot User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Fri, 01 Apr 2022 14:13:38 GMT x-envoy-upstream-service-time 0 server istio-envoy content-length 43 vary Origin content-type image/gif Redirect headers date Fri, 01 Apr 2022 14:06:04 GMT via 1.1 b8508a82603ebd452aecb2900fb8eef0.cloudfront.net (CloudFront) server awselb/2.0 age 454 x-cache Hit from cloudfront content-type text/html location https://wec-assets-api.terminus.services:443/v1/7d5a230c-32d3-49ee-9b04-fcdd1b9a7cc4/t.gif x-amz-cf-pop EWR53-C1 content-length 134 x-amz-cf-id jWR_huqoq5DKQuPLfk1IFdQNaIlnInADntokx0JtIqnXadeQw3wjHA==
GET H2	200	ip.json Show response api.company-target.com/api/v2/	431 B 947 B	117ms 45ms	XHR application/json	13.226.26.14 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Faccount.covermymeds.com%2Fforgot&page_title=Forgot%20Password%20%7C%20CoverMyMeds%2C%20The%20Leader%20In%20Electronic%20Prior%20Authorization&src=tag&key=1c1206dd1760b2dda637ba407e2b35f1 Requested by Host: scripts.demandbase.com URL: https://scripts.demandbase.com/9oP2Og47.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.226.26.14 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-26-14.ewr53.r.cloudfront.net Software nginx / Resource Hash f3b18971ce59aedd0dba22e3b6fed2d7f05501150af9deab06ad174c49bc289d Request headers Accept-Language en-US,en;q=0.9 Referer https://account.covermymeds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Fri, 01 Apr 2022 14:13:38 GMT identification-source CENTRAL vary Accept-Encoding, Origin x-amz-cf-pop EWR53-C2 x-cache Miss from cloudfront request-id aad91ec4-eaa8-40f0-aaa4-ffaa1613917e content-encoding gzip pragma no-cache access-control-allow-origin https://account.covermymeds.com server nginx access-control-max-age 7200 access-control-allow-methods GET, POST, OPTIONS content-type application/json;charset=utf-8 via 1.1 5301cc544de32ec737d1069c11f7df30.cloudfront.net (CloudFront) access-control-expose-headers cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true api-version v2 access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id eC8ITvLVYuscFagImfIr0FPYKM2GvpxTfmzv4QcC1p9SaeoxkmcQpA== expires Thu, 31 Mar 2022 14:13:38 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/856736550/	42 B 154 B	87ms 40ms	Image image/gif	2607:f8b0:4006:822::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/856736550/?random=1648822418159&cv=9&fst=1648821600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3u0&sendb=1&frm=0&url=https%3A%2F%2Faccount.covermymeds.com%2Fforgot&tiba=Forgot%20Password%20%7C%20CoverMyMeds%2C%20The%20Leader%20In%20Electronic%20Prior%20Authorization&async=1&fmt=3&is_vtc=1&random=738349700&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: account.covermymeds.com URL: https://account.covermymeds.com/forgot Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:822::2004 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-US,en;q=0.9 Referer https://account.covermymeds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers pragma no-cache date Fri, 01 Apr 2022 14:13:38 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 501 B	52ms 39ms	Image image/gif	2607:f8b0:4006:822::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-7780355-10&cid=1237934436.1648822418&jid=1843343085&_u=aGBAgEABQAAAAE~&z=1122549427 Requested by Host: account.covermymeds.com URL: https://account.covermymeds.com/forgot Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:822::2004 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-US,en;q=0.9 Referer https://account.covermymeds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers pragma no-cache date Fri, 01 Apr 2022 14:13:38 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	24ms 23ms	Image image/gif	2607:f8b0:4006:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j96&a=2044144313&t=event&ni=1&_s=2&dl=https%3A%2F%2Faccount.covermymeds.com%2Fforgot&ul=en-us&de=UTF-8&dt=Forgot%20Password%20%7C%20CoverMyMeds%2C%20The%20Leader%20In%20Electronic%20Prior%20Authorization&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Demandbase&ea=API%20Resolution&el=IP%20API&_u=aHBAgEABQAAAAE~&jid=&gjid=&cid=1237934436.1648822418&tid=UA-7780355-10&_gid=1826410623.1648822418&gtm=2wg3u0WDWQ49P&cd12=null&cd15=(Non-Company%20Visitor)&cd16=(Non-Company%20Visitor)&cd17=Buffalo&cd18=NY&cd8=(Non-Company%20Visitor)&cd9=Bot&cd10=(Non-Company%20Visitor)&cd11=(Non-Company%20Visitor)&cd13=(Non-Company%20Visitor)&cd14=(Non-Company%20Visitor)&cd19=United%20States&cd20=(Non-Company%20Visitor)&cd21=(Non-Company%20Visitor)&cd22=(Non-Company%20Visitor)&cd23=(Non-Company%20Visitor)&cd24=(Non-Company%20Visitor)&cd25=(Non-Company%20Visitor)&cd26=(Non-Company%20Visitor)&cd27=(Non-Company%20Visitor)&cd28=(Non-Company%20Visitor)&cd29=(Non-Company%20Visitor)&cd30=(Non-Company%20Visitor)&cd31=(Non-Company%20Visitor)&cd32=(Non-Company%20Visitor)&cd37=(Non-Company%20Visitor)&cd109=(Non-Company%20Visitor)&cd112=(Non-Company%20Visitor)&cd113=(Non-Company%20Visitor)&cd114=(Non-Company%20Visitor)&cd115=(Non-Company%20Visitor)&cd116=(Non-Company%20Visitor)&cd117=(Non-Company%20Visitor)&cd118=NEXEON&cd124=(Non-Company%20Visitor)&z=417495848 Requested by Host: account.covermymeds.com URL: https://account.covermymeds.com/forgot Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language en-US,en;q=0.9 Referer https://account.covermymeds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers pragma no-cache date Fri, 01 Apr 2022 02:34:10 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 41968 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	st Show response px.steelhousemedia.com/	2 KB 1 KB	314ms 74ms	Script application/javascript	52.10.121.135 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://px.steelhousemedia.com/st?ga_tracking_id=UA-7780355-10&ga_client_id=1237934436.1648822418&shpt=Forgot%20Password%20%7C%20CoverMyMeds%20The%20Leader%20In%20Electronic%20Prior%20Authorization&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-7780355-10%22%2C%22ga_client_id%22%3A%221237934436.1648822418%22%2C%22shpt%22%3A%22Forgot%20Password%20%7C%20CoverMyMeds%20The%20Leader%20In%20Electronic%20Prior%20Authorization%22%2C%22dcm_cid%22%3A%221237934436.1648822418%22%2C%22dcm_gid%22%3A%221826410623.1648822418%22%2C%22ga_gclid%22%3A%221237934436.1648822418%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A1%2C%22getClientIdByGA%22%3A%22OK%22%2C%22ga_gclid%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=1237934436.1648822418&dcm_gid=1826410623.1648822418&dxver=4.0.0&shaid=32045&plh=https%3A%2F%2Faccount.covermymeds.com%2Fforgot&cb=40677593233439200term%3Dvalue&shadditional=googletagmanager%3Dtrue%2C&shoid=1237934436.1648822418 Requested by Host: dx.steelhousemedia.com URL: https://dx.steelhousemedia.com/spx?dxver=4.0.0&shaid=32045&tdr=&plh=https%3A%2F%2Faccount.covermymeds.com%2Fforgot&cb=40677593233439200term=value Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.10.121.135 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-10-121-135.us-west-2.compute.amazonaws.com Software / Resource Hash 1871ce0171a94d04ecebac7274d332c7a4979ed3bd32bacfbbae22143beb93a7 Request headers Accept-Language en-US,en;q=0.9 Referer https://account.covermymeds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers access-control-allow-origin * date Fri, 01 Apr 2022 14:13:38 GMT content-encoding gzip connection close p3p CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE" content-type application/javascript;charset=utf-8
GET H/1.1	200 OK	gs Show response ww.steelhousemedia.com/	144 B 733 B	305ms 76ms	Script application/javascript	44.238.130.186 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ww.steelhousemedia.com/gs Requested by Host: account.covermymeds.com URL: https://account.covermymeds.com/forgot Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 44.238.130.186 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-238-130-186.us-west-2.compute.amazonaws.com Software istio-envoy / Resource Hash ed287b1937cf2fdb475fe291d56c937b00a6748b601ba3353ea0850027a94d2a Request headers Accept-Language en-US,en;q=0.9 Referer https://account.covermymeds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Fri, 01 Apr 2022 14:13:39 GMT last-modified Thu, 01 Jan 1970 00:00:00 GMT server istio-envoy access-control-allow-methods GET, POST, OPTIONS p3p CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE" access-control-allow-origin * cache-control public, max-age=31536000 x-envoy-upstream-service-time 1 connection close content-type application/javascript;charset=utf-8 access-control-allow-headers Accept, Content-Type, x-requested-with, X-Custom-Header content-length 144 x-application-context application:prod:8080
GET H/1.1	200 OK	status Show response chat.covermymeds.com/api_v2/customer/	93 B 810 B	146ms 56ms	Script text/javascript	66.97.160.33 CMM-ATL
General Check archive.org Show headers Download Go to Full URL https://chat.covermymeds.com/api_v2/customer/status?callback=jQuery33106056521076478294_1648822418900&_=1648822418901 Requested by Host: chat.covermymeds.com URL: https://chat.covermymeds.com/javascripts/bundle-customer-widget.js?v=7bf036b77f0c30f0fbe6ba71ec6c54cd6ad4f1ed&_=1648822417968 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 66.97.160.33 , United States, ASN396458 (CMM-ATL, US), Reverse DNS Software nginx/1.16.1 / Resource Hash 27c57ca50ff9fd6cba96f2b006e85313a4696241203790613a92d2202ced9297 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff, nosniff X-Frame-Options SAMEORIGIN, SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language en-US,en;q=0.9 Referer https://account.covermymeds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Date Fri, 01 Apr 2022 14:13:39 GMT Via 1.1 chat.covermymeds.com X-Content-Type-Options nosniff, nosniff X-Permitted-Cross-Domain-Policies none Connection close content-length 93 X-XSS-Protection 1; mode=block X-Request-Id 78ef24f1-c2a1-4e71-8b78-741ea1eef099 X-Runtime 0.007527 Referrer-Policy strict-origin-when-cross-origin Server nginx/1.16.1 X-Frame-Options SAMEORIGIN, SAMEORIGIN ETag W/"27c57ca50ff9fd6cba96f2b006e85313" X-Download-Options noopen Vary Accept Strict-Transport-Security max-age=63072000; includeSubDomains Content-Type text/javascript; charset=utf-8 Cache-Control max-age=0, private, must-revalidate
GET H/1.1	200 OK	st Show response px.steelhousemedia.com/	4 KB 2 KB	239ms 93ms	Script application/javascript	52.10.121.135 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://px.steelhousemedia.com/st?ga_tracking_id=UA-7780355-10&ga_client_id=1237934436.1648822418&shpt=Forgot%20Password%20%7C%20CoverMyMeds%20The%20Leader%20In%20Electronic%20Prior%20Authorization&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-7780355-10%22%2C%22ga_client_id%22%3A%221237934436.1648822418%22%2C%22shpt%22%3A%22Forgot%20Password%20%7C%20CoverMyMeds%20The%20Leader%20In%20Electronic%20Prior%20Authorization%22%2C%22dcm_cid%22%3A%221237934436.1648822418%22%2C%22dcm_gid%22%3A%221826410623.1648822418%22%2C%22ga_gclid%22%3A%221237934436.1648822418%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A1%2C%22getClientIdByGA%22%3A%22OK%22%2C%22ga_gclid%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=1237934436.1648822418&dcm_gid=1826410623.1648822418&dxver=4.0.0&shaid=32045&plh=https%3A%2F%2Faccount.covermymeds.com%2Fforgot&shadditional=googletagmanager%3Dtrue%2C&shoid=1237934436.1648822418&cb=1648822418748446&shguid=ba85542b-9ec7-3057-94ea-7e053c5795f3&shgts=1648822419054 Requested by Host: account.covermymeds.com URL: https://account.covermymeds.com/forgot Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.10.121.135 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-10-121-135.us-west-2.compute.amazonaws.com Software / Resource Hash 1235bf86091d1ef2788df8f67fca25ecf2a32aa38a270f14a4f5cd5bbb37f009 Request headers Accept-Language en-US,en;q=0.9 Referer https://account.covermymeds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers access-control-allow-origin * date Fri, 01 Apr 2022 14:13:39 GMT content-encoding gzip connection close p3p CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE" content-type application/javascript;charset=utf-8
GET H/1.1	200 OK	tdsync px.steelhousemedia.com/ Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=ed2d3821-b1c5-11ec-a887-adefde2cc4bf&gdpr=&gdpr_consent= https://px.steelhousemedia.com/tdsync?tdid=44d2caf9-51da-466e-a7f7-aa31c3de1d00&shguid=ed2d3821-b1c5-11ec-a887-adefde2cc4bf	0 303 B	222ms 81ms	Image text/plain	52.10.121.135 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://px.steelhousemedia.com/tdsync?tdid=44d2caf9-51da-466e-a7f7-aa31c3de1d00&shguid=ed2d3821-b1c5-11ec-a887-adefde2cc4bf Requested by Host: account.covermymeds.com URL: https://account.covermymeds.com/forgot Protocol HTTP/1.1 Server 52.10.121.135 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-10-121-135.us-west-2.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-US,en;q=0.9 Referer https://account.covermymeds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers access-control-allow-origin * date Fri, 01 Apr 2022 14:13:39 GMT connection close access-control-allow-headers Accept, Content-Type, x-requested-with, X-Custom-Header access-control-allow-methods GET, POST, OPTIONS x-application-context application:awsprod,confluent:9025 Redirect headers pragma no-cache date Fri, 01 Apr 2022 14:13:39 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://px.steelhousemedia.com/tdsync?tdid=44d2caf9-51da-466e-a7f7-aa31c3de1d00&shguid=ed2d3821-b1c5-11ec-a887-adefde2cc4bf cache-control private,no-cache, must-revalidate content-type text/html content-length 277
GET H2	204	sync ups.analytics.yahoo.com/ups/55953/ Redirect Chain https://insight.adsrvr.org/track/evnt/?adv=rexdccs&ct=0:bf6omly&fmt=3 https://dpm.demdex.net/ibs:dpid=903&dpuuid=44d2caf9-51da-466e-a7f7-aa31c3de1d00&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=44d2caf9-51da-466e-a7f7-aa31c3de1d00&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam https://ups.analytics.yahoo.com/ups/55953/sync?uid=44d2caf9-51da-466e-a7f7-aa31c3de1d00&_origin=1&gdpr=0&gdpr_consent= https://ups.analytics.yahoo.com/ups/55953/sync?uid=44d2caf9-51da-466e-a7f7-aa31c3de1d00&_origin=1&gdpr=0&gdpr_consent=&verify=true	0 122 B	31ms 31ms	Image text/plain	54.175.87.114 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ups.analytics.yahoo.com/ups/55953/sync?uid=44d2caf9-51da-466e-a7f7-aa31c3de1d00&_origin=1&gdpr=0&gdpr_consent=&verify=true Requested by Host: account.covermymeds.com URL: https://account.covermymeds.com/forgot Protocol H2 Server 54.175.87.114 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-175-87-114.compute-1.amazonaws.com Software ATS/9.1.0.33 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language en-US,en;q=0.9 Referer https://account.covermymeds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Fri, 01 Apr 2022 14:13:39 GMT server ATS/9.1.0.33 age 0 strict-transport-security max-age=31536000 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Redirect headers location https://ups.analytics.yahoo.com/ups/55953/sync?uid=44d2caf9-51da-466e-a7f7-aa31c3de1d00&_origin=1&gdpr=0&gdpr_consent=&verify=true date Fri, 01 Apr 2022 14:13:39 GMT server ATS/9.1.0.33 age 0 content-length 0 strict-transport-security max-age=31536000 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H2	200	up Show response insight.adsrvr.org/track/ Frame 1AE2	953 B 1 KB	30ms 30ms	Document text/html	3.33.220.150 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://insight.adsrvr.org/track/up?adv=yi9xlz1&ref=https%3A%2F%2Faccount.covermymeds.com%2Fforgot&upid=c7xdx7r&upv=1.1.0 Requested by Host: js.adsrvr.org URL: https://js.adsrvr.org/up_loader.1.1.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.33.220.150 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a12b7a488abeaa9e4.awsglobalaccelerator.com Software / Resource Hash 44c6d1eec1c24bd51dbdbe0d40deea420bd8a006d6cb198e4d276b2f47a4b9be Request headers Accept-Language en-US,en;q=0.9 Referer https://account.covermymeds.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers cache-control private,no-cache, must-revalidate content-type text/html; charset=utf-8 date Fri, 01 Apr 2022 14:13:39 GMT p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" pragma no-cache x-aspnet-version 4.0.30319
GET H3	200	collect www.google-analytics.com/	35 B 55 B	20ms 20ms	Image image/gif	2607:f8b0:4006:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j96&a=2044144313&t=event&ni=1&_s=1&dl=https%3A%2F%2Faccount.covermymeds.com%2Fforgot&ul=en-us&de=UTF-8&dt=Forgot%20Password%20%7C%20CoverMyMeds%2C%20The%20Leader%20In%20Electronic%20Prior%20Authorization&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=vertical&el=10%20percent&_u=aHDAgEABQAAAAE~&jid=&gjid=&cid=1237934436.1648822418&tid=UA-7780355-10&_gid=1826410623.1648822418&gtm=2wg3u0WDWQ49P&cd12=null&z=1462182470 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language en-US,en;q=0.9 Referer https://account.covermymeds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers pragma no-cache date Fri, 01 Apr 2022 02:34:10 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 41969 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	21ms 20ms	Image image/gif	2607:f8b0:4006:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j96&a=2044144313&t=event&ni=1&_s=1&dl=https%3A%2F%2Faccount.covermymeds.com%2Fforgot&ul=en-us&de=UTF-8&dt=Forgot%20Password%20%7C%20CoverMyMeds%2C%20The%20Leader%20In%20Electronic%20Prior%20Authorization&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=vertical&el=25%20percent&_u=aHDAgEABQAAAAE~&jid=&gjid=&cid=1237934436.1648822418&tid=UA-7780355-10&_gid=1826410623.1648822418&gtm=2wg3u0WDWQ49P&cd12=null&z=2062705245 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language en-US,en;q=0.9 Referer https://account.covermymeds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers pragma no-cache date Fri, 01 Apr 2022 02:34:10 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 41969 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	21ms 21ms	Image image/gif	2607:f8b0:4006:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j96&a=2044144313&t=event&ni=1&_s=1&dl=https%3A%2F%2Faccount.covermymeds.com%2Fforgot&ul=en-us&de=UTF-8&dt=Forgot%20Password%20%7C%20CoverMyMeds%2C%20The%20Leader%20In%20Electronic%20Prior%20Authorization&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=vertical&el=50%20percent&_u=aHDAgEABQAAAAE~&jid=&gjid=&cid=1237934436.1648822418&tid=UA-7780355-10&_gid=1826410623.1648822418&gtm=2wg3u0WDWQ49P&cd12=null&z=1765421010 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language en-US,en;q=0.9 Referer https://account.covermymeds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers pragma no-cache date Fri, 01 Apr 2022 02:34:10 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 41969 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	21ms 21ms	Image image/gif	2607:f8b0:4006:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j96&a=2044144313&t=event&ni=1&_s=1&dl=https%3A%2F%2Faccount.covermymeds.com%2Fforgot&ul=en-us&de=UTF-8&dt=Forgot%20Password%20%7C%20CoverMyMeds%2C%20The%20Leader%20In%20Electronic%20Prior%20Authorization&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=vertical&el=75%20percent&_u=aHDAgEABQAAAAE~&jid=&gjid=&cid=1237934436.1648822418&tid=UA-7780355-10&_gid=1826410623.1648822418&gtm=2wg3u0WDWQ49P&cd12=null&z=267777318 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language en-US,en;q=0.9 Referer https://account.covermymeds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers pragma no-cache date Fri, 01 Apr 2022 02:34:10 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 41969 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	22ms 21ms	Image image/gif	2607:f8b0:4006:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j96&a=2044144313&t=event&ni=1&_s=1&dl=https%3A%2F%2Faccount.covermymeds.com%2Fforgot&ul=en-us&de=UTF-8&dt=Forgot%20Password%20%7C%20CoverMyMeds%2C%20The%20Leader%20In%20Electronic%20Prior%20Authorization&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=vertical&el=90%20percent&_u=aHDAgEABQAAAAE~&jid=&gjid=&cid=1237934436.1648822418&tid=UA-7780355-10&_gid=1826410623.1648822418&gtm=2wg3u0WDWQ49P&cd12=null&z=962921843 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language en-US,en;q=0.9 Referer https://account.covermymeds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers pragma no-cache date Fri, 01 Apr 2022 02:34:10 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 41969 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	22ms 21ms	Image image/gif	2607:f8b0:4006:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j96&a=2044144313&t=event&ni=1&_s=1&dl=https%3A%2F%2Faccount.covermymeds.com%2Fforgot&ul=en-us&de=UTF-8&dt=Forgot%20Password%20%7C%20CoverMyMeds%2C%20The%20Leader%20In%20Electronic%20Prior%20Authorization&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=vertical&el=100%20percent&_u=aHDAgEABQAAAAE~&jid=&gjid=&cid=1237934436.1648822418&tid=UA-7780355-10&_gid=1826410623.1648822418&gtm=2wg3u0WDWQ49P&cd12=null&z=479253531 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language en-US,en;q=0.9 Referer https://account.covermymeds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers pragma no-cache date Fri, 01 Apr 2022 02:34:10 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 41969 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	89b77497-23cf-4058-6d78-e33d78245f50 data.pendo.io/data/ptm.gif/	42 B 115 B	193ms 123ms	Image image/gif	2607:f8b0:4006:808::2013 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://data.pendo.io/data/ptm.gif/89b77497-23cf-4058-6d78-e33d78245f50?v=2.130.0_prod&ct=1648822419788&jzb=eJzFUU1PwzAM_S85V2uataPbDWkgOOwDGBMfQlHWZiUiTarUHZRp_30O28ptN8TN79l-frZftwTaSpIRKSUIEpCVs5-1dBxUiWw0iNOUsTgaXsRRQDaqVmAdVzk28PnVdDzjC_4xXhb3ayEnc4YCIstsY-BQcwRIN04jfgeo6lEYHvleZjfSlW0p8xrjMlxbV1hfXjlb1WS0PY304bmpWpiiEYVfRBr--EB2nZOu9YQxVQknDVx2BUjlAnw3jUIah4wyr4rmamUN0qwX9WmPcvSV_wosxOoWlU2jdUDgAMhsNr5eTM3dZNXeaKq8ztqJUv4ks6fvIn1OIBlUL8MvWPqLtyBx1X6a7ILuG9qK_Ow3-v_yDW_raIYldPgnh2AJ273tATtN10k Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:808::2013 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language en-US,en;q=0.9 Referer https://account.covermymeds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Fri, 01 Apr 2022 14:13:39 GMT via 1.1 google x-content-type-options nosniff access-control-max-age 600 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin * access-control-allow-credentials false access-control-allow-headers Origin,Accept,Content-Type,Authorization content-length 42
GET H2	200	89b77497-23cf-4058-6d78-e33d78245f50 Show response data.pendo.io/data/guide.js/	2 KB 2 KB	99ms 59ms	Script application/javascript	2607:f8b0:4006:808::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://data.pendo.io/data/guide.js/89b77497-23cf-4058-6d78-e33d78245f50?jzb=eJx9jsFOxSAQRf9l1qZQfKvuXlIXLtRGfW7JpFAkFmiANjGm_97BVJbu7hzOcOcHNptsDvFRQQdyeHjuX-S7_Oo_zOuE-mkQcAc4jmH1-Vc5M9E1zjR_5rykjrGTN2PYdHTfTqtE2bEpRBOK7nRGhRmhq50l2n96Z_RmRaPJ0F7e3mCvt9TVv5meFoza52sVCFFh2eYt4xcmuCi_0n3JBk9YNO09b7hcYlCw7wd8MFgG&v=2.130.0_prod&ct=1648822419791 Requested by Host: cdn.pendo.io URL: https://cdn.pendo.io/agent/static/89b77497-23cf-4058-6d78-e33d78245f50/pendo.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:808::2013 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash 7a7830c8e75efc3e956f94eb56d32088b09c089a815d3887b89ba9d32fb0b9b8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language en-US,en;q=0.9 Referer https://account.covermymeds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Fri, 01 Apr 2022 14:13:39 GMT content-encoding gzip x-content-type-options nosniff access-control-allow-origin * vary Accept-Encoding access-control-allow-methods GET,POST content-type application/javascript via 1.1 google access-control-max-age 600 access-control-allow-credentials false access-control-allow-headers Origin,Accept,Content-Type,Authorization
GET H/1.1	200 OK	universal_pixel.1.1.0.js Show response js.adsrvr.org/ Frame 1AE2	487 B 964 B	21ms 21ms	Script application/x-javascript	54.230.160.114 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.adsrvr.org/universal_pixel.1.1.0.js Requested by Host: insight.adsrvr.org URL: https://insight.adsrvr.org/track/up?adv=yi9xlz1&ref=https%3A%2F%2Faccount.covermymeds.com%2Fforgot&upid=c7xdx7r&upv=1.1.0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.230.160.114 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-230-160-114.ewr53.r.cloudfront.net Software AmazonS3 / Resource Hash f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc Request headers Accept-Language en-US,en;q=0.9 Referer https://insight.adsrvr.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Date Fri, 01 Apr 2022 07:07:29 GMT Via 1.1 eeb9901be16f95d3dbfe25d7cb1e1efe.cloudfront.net (CloudFront) Last-Modified Thu, 24 Sep 2020 15:15:32 GMT Server AmazonS3 Age 25571 ETag "f0a7a3296da7382ce6bc1a3b6769e927" X-Cache Hit from cloudfront Content-Type application/x-javascript Connection keep-alive X-Amz-Cf-Pop EWR53-C3 Accept-Ranges bytes Content-Length 487 X-Amz-Cf-Id r6xjWQYl8JGKyYOmI9V2cnO6djokSHNsIIbHXvnmInFXGM2ROfiycg==
GET H2	200	appnexus Show response match.adsrvr.org/track/cmf/ Frame 00E0 Redirect Chain https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=44d2caf9-51da-466e-a7f7-aa31c3de1d00 https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3D44d2caf9-51da-466e-a7f7-aa31c3de1d00 https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=7504649525642407631&ttd_tdid=44d2caf9-51da-466e-a7f7-aa31c3de1d00	70 B 644 B	29ms 29ms	Document image/gif	3.33.220.150 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=7504649525642407631&ttd_tdid=44d2caf9-51da-466e-a7f7-aa31c3de1d00 Requested by Host: js.adsrvr.org URL: https://js.adsrvr.org/universal_pixel.1.1.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.33.220.150 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a12b7a488abeaa9e4.awsglobalaccelerator.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers Accept-Language en-US,en;q=0.9 Referer https://insight.adsrvr.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers cache-control private,no-cache, must-revalidate content-length 70 content-type image/gif date Fri, 01 Apr 2022 14:13:40 GMT p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" pragma no-cache x-aspnet-version 4.0.30319 Redirect headers AN-X-Request-Uuid 3485c792-d254-4dfd-9088-23217ea6baf1 Access-Control-Allow-Credentials true Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Connection keep-alive Content-Length 0 Content-Type text/html; charset=utf-8 Date Fri, 01 Apr 2022 14:13:39 GMT Expires Sat, 15 Nov 2008 16:00:00 GMT Location https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=7504649525642407631&ttd_tdid=44d2caf9-51da-466e-a7f7-aa31c3de1d00 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Pragma no-cache Server nginx/1.21.3 X-Proxy-Origin 96.9.246.194; 96.9.246.194; 572.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com X-XSS-Protection 0
GET H2	200	rubicon Show response match.adsrvr.org/track/cmf/ Frame 182D Redirect Chain https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=44d2caf9-51da-466e-a7f7-aa31c3de1d00&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon https://match.adsrvr.org/track/cmf/rubicon?gdpr=0	70 B 644 B	29ms 29ms	Document image/gif	3.33.220.150 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 Requested by Host: js.adsrvr.org URL: https://js.adsrvr.org/universal_pixel.1.1.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.33.220.150 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a12b7a488abeaa9e4.awsglobalaccelerator.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers Accept-Language en-US,en;q=0.9 Referer https://insight.adsrvr.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers cache-control private,no-cache, must-revalidate content-length 70 content-type image/gif date Fri, 01 Apr 2022 14:13:40 GMT p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" pragma no-cache x-aspnet-version 4.0.30319 Redirect headers Cache-Control no-cache,no-store,must-revalidate Content-Type text/html Expires 0 Location https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Pragma no-cache X-RPHost 6734403d2cb3625dc1fef1bbd4a17cf3 content-length 0
GET H2	200	google Show response match.adsrvr.org/track/cmf/ Frame 308C Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=NDRkMmNhZjktNTFkYS00NjZlLWE3ZjctYWEzMWMzZGUxZDAw&gdpr=0&gdpr_consent=&ttd_tdid=44d2caf9-51da-466e-a7f7-aa31c... https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=44d2caf9-51da-466e-a7f7-aa31c3de1d00&google_gid=CAESEMoUaZmVvNgHrzKdXTMKots&google_cver=1	70 B 644 B	29ms 29ms	Document image/gif	3.33.220.150 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=44d2caf9-51da-466e-a7f7-aa31c3de1d00&google_gid=CAESEMoUaZmVvNgHrzKdXTMKots&google_cver=1 Requested by Host: js.adsrvr.org URL: https://js.adsrvr.org/universal_pixel.1.1.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.33.220.150 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a12b7a488abeaa9e4.awsglobalaccelerator.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers Accept-Language en-US,en;q=0.9 Referer https://insight.adsrvr.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers cache-control private,no-cache, must-revalidate content-length 70 content-type image/gif date Fri, 01 Apr 2022 14:13:40 GMT p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" pragma no-cache x-aspnet-version 4.0.30319 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control no-cache, must-revalidate content-length 386 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 01 Apr 2022 14:13:39 GMT expires Fri, 01 Jan 1990 00:00:00 GMT location https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=44d2caf9-51da-466e-a7f7-aa31c3de1d00&google_gid=CAESEMoUaZmVvNgHrzKdXTMKots&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server HTTP server (unknown) x-xss-protection 0