militaryrx.express-scripts.com Open in urlscan Pro
167.211.52.197 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://dl.orders.express-scripts.com/rts/go2.aspx?h=78095&tp=i-16EB-GX-zU-1C9HeI-1q-15PJdy-1c-26Y2-l9hKaUczCu-T1bmj&x=ecms.express-sc...
Effective URL:
https://militaryrx.express-scripts.com/contact-us?%24web_only=true&om_mid=3812&om_rid=1095661662&CID=eml%3ABOB%3AAR_Communication%3A25%...
Submission: On November 21 via manual (November 21st 2023, 12:40:47 pm UTC) from US — Scanned from DE

Summary HTTP 67 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 20 domains to perform 67 HTTP transactions. The main IP is 167.211.52.197, located in United States and belongs to EXPRES, US. The main domain is militaryrx.express-scripts.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on October 4th 2023. Valid for: a year.

This is the only time militaryrx.express-scripts.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.52.10.67 52.52.10.67	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:9000:206... 2600:9000:206f:5c00:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	143.204.215.48 143.204.215.48	16509 (AMAZON-02) (AMAZON-02)
1 9	167.211.52.197 167.211.52.197	5696 (EXPRES) (EXPRES)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
14	2600:9000:249... 2600:9000:2490:a800:0:a4a7:7b40:21	16509 (AMAZON-02) (AMAZON-02)
3	2a02:26f0:350... 2a02:26f0:3500:591::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.239.137.228 52.239.137.228	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.245.86.13 18.245.86.13	16509 (AMAZON-02) (AMAZON-02)
3	34.243.60.84 34.243.60.84	16509 (AMAZON-02) (AMAZON-02)
9	2606:4700::68... 2606:4700::6812:82ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	63.140.62.214 63.140.62.214	15224 (OMNITURE) (OMNITURE)
7 7	54.155.181.236 54.155.181.236	16509 (AMAZON-02) (AMAZON-02)
1	66.235.152.126 66.235.152.126	15224 (OMNITURE) (OMNITURE)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:244... 2600:9000:2449:e600:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02)
6 12	52.214.98.45 52.214.98.45	16509 (AMAZON-02) (AMAZON-02)
8 8	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2600:9000:223... 2600:9000:223f:fa00:11:f728:3040:93a1	16509 (AMAZON-02) (AMAZON-02)
6	104.17.208.240 104.17.208.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
67	21

1 52.52.10.67 (San Jose, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-52-10-67.us-west-1.compute.amazonaws.com

dl.orders.express-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:5c00:19:9934:6a80:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

esrx-web.app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.48 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-48.fra53.r.cloudfront.net

ecms.express-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 167.211.52.197 (United States) 1 redirects

ASN5696 (EXPRES, US)
PTR: militaryrx.esrx.com

militaryrx.express-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2600:9000:2490:a800:0:a4a7:7b40:21 (United States)

ASN16509 (AMAZON-02, US)

d2n5rjkrf34tm5.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:3500:591::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.239.137.228 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

openbadges.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.86.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-13.fra60.r.cloudfront.net

cdn.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.243.60.84 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-60-84.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
expressscriptsholdingcompany.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6812:82ec (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.62.214 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-214.data.adobedc.net

smetrics.express-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 54.155.181.236 (Dublin, Ireland) 7 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-181-236.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.235.152.126 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-66-235-152-126.data.adobedc.net

expressscriptsholdin.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2449:e600:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 52.214.98.45 (Dublin, Ireland) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-98-45.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.162 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223f:fa00:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02, US)

api2.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.17.208.240 (None, )

ASN13335 (CLOUDFLARENET, US)

zn7qchny5hadksvmv-expressscriptscx.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	everesttech.net 13 redirects cm.everesttech.net — Cisco Umbrella Rank: 1275 pixel.everesttech.net — Cisco Umbrella Rank: 5429	9 KB
14	cloudfront.net d2n5rjkrf34tm5.cloudfront.net	361 KB
13	express-scripts.com 3 redirects dl.orders.express-scripts.com — Cisco Umbrella Rank: 370570 ecms.express-scripts.com — Cisco Umbrella Rank: 591186 militaryrx.express-scripts.com smetrics.express-scripts.com — Cisco Umbrella Rank: 142294	58 KB
9	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 342	166 KB
8	doubleclick.net 8 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 245	2 KB
6	qualtrics.com zn7qchny5hadksvmv-expressscriptscx.siteintercept.qualtrics.com — Cisco Umbrella Rank: 145817 siteintercept.qualtrics.com — Cisco Umbrella Rank: 985	66 KB
3	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 228 expressscriptsholdingcompany.demdex.net — Cisco Umbrella Rank: 74164	5 KB
3	branch.io cdn.branch.io — Cisco Umbrella Rank: 1117 api2.branch.io — Cisco Umbrella Rank: 738	24 KB
3	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 466	126 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	86 KB
2	gstatic.com fonts.gstatic.com	47 KB
2	app.link 1 redirects esrx-web.app.link — Cisco Umbrella Rank: 749672 app.link — Cisco Umbrella Rank: 2540	2 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	185 B
1	t.co t.co — Cisco Umbrella Rank: 607	377 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 590	303 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 713	15 KB
1	omtrdc.net expressscriptsholdin.tt.omtrdc.net — Cisco Umbrella Rank: 139489	864 B
1	windows.net openbadges.blob.core.windows.net — Cisco Umbrella Rank: 135333	18 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	1 KB
0	twitter.com Failed analytics.twitter.com Failed
67	20

	Domain	Requested by
14	d2n5rjkrf34tm5.cloudfront.net	militaryrx.express-scripts.com d2n5rjkrf34tm5.cloudfront.net
12	pixel.everesttech.net	6 redirects
9	cdn.cookielaw.org	assets.adobedtm.com cdn.cookielaw.org militaryrx.express-scripts.com
9	militaryrx.express-scripts.com	1 redirects militaryrx.express-scripts.com
8	cm.g.doubleclick.net	8 redirects
7	cm.everesttech.net	7 redirects
5	siteintercept.qualtrics.com	zn7qchny5hadksvmv-expressscriptscx.siteintercept.qualtrics.com siteintercept.qualtrics.com
3	assets.adobedtm.com	militaryrx.express-scripts.com assets.adobedtm.com
2	api2.branch.io	cdn.branch.io
2	connect.facebook.net	militaryrx.express-scripts.com connect.facebook.net
2	smetrics.express-scripts.com	assets.adobedtm.com militaryrx.express-scripts.com
2	fonts.gstatic.com	fonts.googleapis.com
2	dpm.demdex.net	assets.adobedtm.com militaryrx.express-scripts.com
1	zn7qchny5hadksvmv-expressscriptscx.siteintercept.qualtrics.com	assets.adobedtm.com
1	www.facebook.com	militaryrx.express-scripts.com
1	t.co	militaryrx.express-scripts.com
1	app.link	cdn.branch.io
1	geolocation.onetrust.com	cdn.cookielaw.org
1	static.ads-twitter.com	militaryrx.express-scripts.com
1	expressscriptsholdin.tt.omtrdc.net	assets.adobedtm.com
1	expressscriptsholdingcompany.demdex.net	assets.adobedtm.com
1	cdn.branch.io	assets.adobedtm.com
1	openbadges.blob.core.windows.net	militaryrx.express-scripts.com
1	fonts.googleapis.com	militaryrx.express-scripts.com
1	ecms.express-scripts.com	1 redirects
1	esrx-web.app.link	1 redirects
1	dl.orders.express-scripts.com	1 redirects
0	analytics.twitter.com Failed	militaryrx.express-scripts.com
67	28

This site contains links to these domains. Also see Links.

Domain
www.express-scripts.com
accreditnet.urac.org
accreditnet2.urac.org
reportcards.ncqa.org
mybadges.us.openbadges.me
www.tricare.mil
www.accredo.com
www.tricare-east.com
www.tricare-west.com
twitter.com
www.facebook.com
instagram.com
www.fda.gov
lab.express-scripts.com
jobs.cigna.com
insiderx.com
www.onetrust.com

Subject Issuer	Validity	Valid
militaryrx.express-scripts.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-04` - `2024-10-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-11` - `2024-08-10`	a year	crt.sh
*.blob.core.windows.net Microsoft RSA TLS CA 01	`2023-09-28` - `2024-09-28`	a year	crt.sh
*.branch.io Amazon RSA 2048 M01	`2023-09-11` - `2024-10-09`	a year	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-10-26`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
smetrics.express-scripts.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-04` - `2024-10-04`	a year	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2023-08-22` - `2024-09-21`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-30` - `2023-11-28`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
appipv4.link Amazon RSA 2048 M02	`2023-04-25` - `2024-05-23`	a year	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-16` - `2024-10-14`	a year	crt.sh
*.qualtrics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-27` - `2024-03-26`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://militaryrx.express-scripts.com/contact-us?%24web_only=true&om_mid=3812&om_rid=1095661662&CID=eml%3ABOB%3AAR_Communication%3A25%3APHI%3A3812&%243p=e_cm&_branch_match_id=1255490296040059369&_branch_referrer=H4sIAAAAAAAAAyWO2wrCMBBEv6a%2BmdrEBhWK9ILYJ0XwOcQ02GBuJCnWv3ersAw7Z5lhx5R8POS5jGFG3HuklX3lxB8zvCW%2BkkyYFawuqKeyXLMp6GpcMhmpM3yCkcJEJGcfZIzrKILyKSLhDJwGN4C2ziYu0v1PCWQoNL7lgzmrPxnpUpgkQGeYUQN4sivw34efLzb7ktKC0oW2fQdIGg0PNJcGtL6x1hkzWSV4Us4CwiXI9dyDLmVf7m%2Bv2%2BUAAAA%3D
Frame ID: 19DF5BE70F46C2EB2F02EBDB91C25676
Requests: 64 HTTP requests in this frame

Frame: https://expressscriptsholdingcompany.demdex.net/dest5.html?d_nsid=0
Frame ID: 8F3CCC6AC345B969E41D4E3DFA4CA3CF
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Contact Us | TRICARE Pharmacy Program | Express ScriptsExpress Scripts LogoClose iconGlobe iconBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

http://dl.orders.express-scripts.com/rts/go2.aspx?h=78095&tp=i-16EB-GX-zU-1C9HeI-1q-15PJdy-1c-26Y2-l9hKaUczCu-T1b... HTTP 302
https://esrx-web.app.link/3p?$3p=e_cm&$original_url=https%3A%2F%2Fecms%2Eexpress%2Dscripts%2Ecom%2Fdod... HTTP 307
https://ecms.express-scripts.com/dod/ContactUs.com?%24web_only=true&om_mid=3812&om_rid=1095661662&CID=eml%3AB... HTTP 301
https://militaryrx.express-scripts.com/contact-us/?%24web_only=true&om_mid=3812&om_rid=1095661662&CID=eml%3ABOB%3AA... HTTP 301
https://militaryrx.express-scripts.com/contact-us?%24web_only=true&om_mid=3812&om_rid=1095661662&CID=eml%3ABOB%3AAR... Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

67
Requests

88 %
HTTPS

44 %
IPv6

20
Domains

28
Subdomains

21
IPs

4
Countries

976 kB
Transfer

3041 kB
Size

19
Cookies

25 Outgoing links

These are links going to different origins than the main page.

URL: https://www.express-scripts.com/login/tricare
Title: Log In

Search URL Search Domain Scan URL

URL: https://www.express-scripts.com/register?partner=DOD&accessLink=TRICARE
Title: Register

Search URL Search Domain Scan URL

URL: https://www.express-scripts.com/frontend/open-enrollment/tricare/fst/
Title: Covered Medication (FST)

Search URL Search Domain Scan URL

URL: https://accreditnet.urac.org/directory/#/accreditation/PBM-19/info
Title: URAC Accredited Pharmacy Benefit Management, Expires 11/01/2025

Search URL Search Domain Scan URL

URL: https://accreditnet2.urac.org//uracportal/Directory/CompanyView/14132
Title: Image URAC Accredited Mail Service Pharmacy Expires 11/01/2023

Search URL Search Domain Scan URL

URL: https://reportcards.ncqa.org/#/other-health-care-organization/Other_001G000001uwszfIAA
Title: The National Committee for Quality Assurance

Search URL Search Domain Scan URL

URL: https://mybadges.us.openbadges.me/api/badgeitem/94baa5ff-b8f7-49aa-9657-e8ec9ec49a4f/metadata
Title: NABP Accredited Digital Pharmacy

Search URL Search Domain Scan URL

URL: https://www.tricare.mil/
Title: TRICARE

Search URL Search Domain Scan URL

URL: https://www.accredo.com/
Title: Accredo Health Group Inc.

Search URL Search Domain Scan URL

URL: http://www.tricare-east.com/
Title: East Region - Humana Military

Search URL Search Domain Scan URL

URL: https://www.tricare-west.com/
Title: West Region - Health Net

Search URL Search Domain Scan URL

URL: https://twitter.com/MilitaryRx
Title: Follow ourTwitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/MilitaryRx/
Title: Follow our Facebook

Search URL Search Domain Scan URL

URL: https://instagram.com/military_rx
Title: Follow our Instagram

Search URL Search Domain Scan URL

URL: https://www.express-scripts.com/frontend/consumer-legal-ui/#/legal?type=TermsOfUse
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.express-scripts.com/frontend/consumer-legal-ui/#/legal?type=Privacy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.express-scripts.com/frontend/consumer-legal-ui/#/legal?type=Practices
Title: Notice of Privacy Practices

Search URL Search Domain Scan URL

URL: https://www.fda.gov/ForConsumers/ConsumerUpdates/ucm101653.htm
Title: Disposal of Medications

Search URL Search Domain Scan URL

URL: https://lab.express-scripts.com/about/
Title: About Express Scripts

Search URL Search Domain Scan URL

URL: https://jobs.cigna.com/us/en
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.express-scripts.com/
Title: Express-Scripts.com

Search URL Search Domain Scan URL

URL: https://www.express-scripts.com/es/accessibility
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.express-scripts.com/pdf/notices/ExpressScriptsCaliforniaConsumerPrivacyNotice.pdf
Title: California Consumer Privacy Notice

Search URL Search Domain Scan URL

URL: https://insiderx.com/statelawprivacy
Title: Learn more by visiting our Privacy Policy.

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://dl.orders.express-scripts.com/rts/go2.aspx?h=78095&tp=i-16EB-GX-zU-1C9HeI-1q-15PJdy-1c-26Y2-l9hKaUczCu-T1bmj&x=ecms.express-scripts.com/%7cdod/%7c3812%7c1095661662%7cBOB%7cAR_Communication%7c25%7cPHI%7c3812 HTTP 302
https://esrx-web.app.link/3p?$3p=e_cm&$original_url=https%3A%2F%2Fecms%2Eexpress%2Dscripts%2Ecom%2Fdod%2FContactUs%2Ecom%3F%26%24web%5Fonly%3Dtrue%26om%5Fmid%3D3812%26om%5Frid%3D1095661662%26CID%3Deml%3ABOB%3AAR%5FCommunication%3A25%3APHI%3A3812 HTTP 307
https://ecms.express-scripts.com/dod/ContactUs.com?%24web_only=true&om_mid=3812&om_rid=1095661662&CID=eml%3ABOB%3AAR_Communication%3A25%3APHI%3A3812&%243p=e_cm&_branch_match_id=1255490296040059369&utm_medium=Email%20Cheetah%20Digital%20Marketing%20Suite&_branch_referrer=H4sIAAAAAAAAAyWO2wrCMBBEv6a%2BmdrEBhWK9ILYJ0XwOcQ02GBuJCnWv3ersAw7Z5lhx5R8POS5jGFG3HuklX3lxB8zvCW%2BkkyYFawuqKeyXLMp6GpcMhmpM3yCkcJEJGcfZIzrKILyKSLhDJwGN4C2ziYu0v1PCWQoNL7lgzmrPxnpUpgkQGeYUQN4sivw34efLzb7ktKC0oW2fQdIGg0PNJcGtL6x1hkzWSV4Us4CwiXI9dyDLmVf7m%2Bv2%2BUAAAA%3D HTTP 301
https://militaryrx.express-scripts.com/contact-us/?%24web_only=true&om_mid=3812&om_rid=1095661662&CID=eml%3ABOB%3AAR_Communication%3A25%3APHI%3A3812&%243p=e_cm&_branch_match_id=1255490296040059369&_branch_referrer=H4sIAAAAAAAAAyWO2wrCMBBEv6a%2BmdrEBhWK9ILYJ0XwOcQ02GBuJCnWv3ersAw7Z5lhx5R8POS5jGFG3HuklX3lxB8zvCW%2BkkyYFawuqKeyXLMp6GpcMhmpM3yCkcJEJGcfZIzrKILyKSLhDJwGN4C2ziYu0v1PCWQoNL7lgzmrPxnpUpgkQGeYUQN4sivw34efLzb7ktKC0oW2fQdIGg0PNJcGtL6x1hkzWSV4Us4CwiXI9dyDLmVf7m%2Bv2%2BUAAAA%3D HTTP 301
https://militaryrx.express-scripts.com/contact-us?%24web_only=true&om_mid=3812&om_rid=1095661662&CID=eml%3ABOB%3AAR_Communication%3A25%3APHI%3A3812&%243p=e_cm&_branch_match_id=1255490296040059369&_branch_referrer=H4sIAAAAAAAAAyWO2wrCMBBEv6a%2BmdrEBhWK9ILYJ0XwOcQ02GBuJCnWv3ersAw7Z5lhx5R8POS5jGFG3HuklX3lxB8zvCW%2BkkyYFawuqKeyXLMp6GpcMhmpM3yCkcJEJGcfZIzrKILyKSLhDJwGN4C2ziYu0v1PCWQoNL7lgzmrPxnpUpgkQGeYUQN4sivw34efLzb7ktKC0oW2fQdIGg0PNJcGtL6x1hkzWSV4Us4CwiXI9dyDLmVf7m%2Bv2%2BUAAAA%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

https://cm.everesttech.net/cm/dd?d_uuid=82230982487271860310079057063603046847 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZVylSQAAAMLlzgN6

Request Chain 44

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.everesttech.net%2F1x1%3F HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WlZ5bFNRQUFCRFRWZW5BMw&url=/1/gr%3furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm=&google_sc=&ev_rs=1&google_hm=WlZ5bFNRQUFCRFRWZW5BMw&url=/1/gr%3Furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F&google_tc= HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F&google_gid=CAESEESxOJry5Rw9kC9AEnC3Wj8&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 51

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072980%26val%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WlZ5bFNRQUFBTUxsemdONg&url=/1/gr%3furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm=&google_sc=&ev_rs=1&google_hm=WlZ5bFNRQUFBTUxsemdONg&url=/1/gr%3Furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__&google_tc= HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEPMB6poHcpkDEBM6P0-ANiE&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 59

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fib.adnxs.com%2Fpxj%3Faction%3Dsetuid(%27__EFGSURFER__.__EFGCK__%27)%26bidder%3D51%26seg%3D2634060der%3D51%26seg%3D2634060 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WlZ5bFNRQUFBTUxsemdONg&url=/1/gr%3furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D2634060der%253D51%2526seg%253D2634060 HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D2634060der%253D51%2526seg%253D2634060&google_gid=CAESEESxOJry5Rw9kC9AEnC3Wj8&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 61

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fexpires%3D30%26nid%3D2181%26put%3D__EFGSURFER__.__EFGCK__%26v%3D11782 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WlZ5bFNRQUFBTUxsemdONg&url=/1/gr%3furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2526v%253D11782 HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2526v%253D11782&google_gid=CAESEPMB6poHcpkDEBM6P0-ANiE&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 64

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%3D%26piggybackCookie%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WlZ5bFNRQUFBTUxsemdONg&url=/1/gr%3furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggybackCookie%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggybackCookie%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEPMB6poHcpkDEBM6P0-ANiE&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 65

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D71%26external_user_id%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WlZ5bFNRQUFBTUxsemdONg&url=/1/gr%3furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEPMB6poHcpkDEBM6P0-ANiE&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

67 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request contact-us Show response
militaryrx.express-scripts.com/
Redirect Chain

http://dl.orders.express-scripts.com/rts/go2.aspx?h=78095&tp=i-16EB-GX-zU-1C9HeI-1q-15PJdy-1c-26Y2-l9hKaUczCu-T1bmj&x=ecms.express-scripts.com/%7cdod/%7c3812%7c1095661662%7cBOB%7cAR_Communication%7...
https://esrx-web.app.link/3p?$3p=e_cm&$original_url=https%3A%2F%2Fecms%2Eexpress%2Dscripts%2Ecom%2Fdod%2FContactUs%2Ecom%3F%26%24web%5Fonly%3Dtrue%26om%5Fmid%3D3812%26om%5Frid%3D1095661662%26CID%3D...
https://ecms.express-scripts.com/dod/ContactUs.com?%24web_only=true&om_mid=3812&om_rid=1095661662&CID=eml%3ABOB%3AAR_Communication%3A25%3APHI%3A3812&%243p=e_cm&_branch_match_id=1255490296040059369&...
https://militaryrx.express-scripts.com/contact-us/?%24web_only=true&om_mid=3812&om_rid=1095661662&CID=eml%3ABOB%3AAR_Communication%3A25%3APHI%3A3812&%243p=e_cm&_branch_match_id=1255490296040059369&...
https://militaryrx.express-scripts.com/contact-us?%24web_only=true&om_mid=3812&om_rid=1095661662&CID=eml%3ABOB%3AAR_Communication%3A25%3APHI%3A3812&%243p=e_cm&_branch_match_id=1255490296040059369&_...

91 KB
29 KB

318ms
317ms

Document
text/html

167.211.52.197
EXPRES

General

Check archive.org

Show headers Download Go to

Full URL

https://militaryrx.express-scripts.com/contact-us?%24web_only=true&om_mid=3812&om_rid=1095661662&CID=eml%3ABOB%3AAR_Communication%3A25%3APHI%3A3812&%243p=e_cm&_branch_match_id=1255490296040059369&_branch_referrer=H4sIAAAAAAAAAyWO2wrCMBBEv6a%2BmdrEBhWK9ILYJ0XwOcQ02GBuJCnWv3ersAw7Z5lhx5R8POS5jGFG3HuklX3lxB8zvCW%2BkkyYFawuqKeyXLMp6GpcMhmpM3yCkcJEJGcfZIzrKILyKSLhDJwGN4C2ziYu0v1PCWQoNL7lgzmrPxnpUpgkQGeYUQN4sivw34efLzb7ktKC0oW2fQdIGg0PNJcGtL6x1hkzWSV4Us4CwiXI9dyDLmVf7m%2Bv2%2BUAAAA%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

167.211.52.197 , United States, ASN5696 (EXPRES, US),

Reverse DNS

militaryrx.esrx.com

Software

Resource Hash

d5ae142c1d6e2a0e9bb21076b0940720288f2b87abfe928a6b10330542d621b6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: .express-scripts.com .cloudfront.net xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net cdn.cookielaw.org .onetrust.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net .cloudfront.net .adobedtm.com .fontawesome.com .qualtrics.com .everestjs.net .omtrdc.net .marketo.net .demdex.net .google.com .gstatic.com .facebook.net .ads-twitter.com .twitter.com .brightcove.com .brightcove.net vjs.zencdn.net app.link ad.doubleclick.net .googletagmanager.com .simpli.fi .branch.io .youtube.com cdn.cookielaw.org .onetrust.com; object-src 'self' xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net .brightcove.net; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .express-scripts.com .cloudflare.com xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net .fontawesome.com; img-src 'self' data: xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net .qualtrics.com .omtrdc.net expressscripts.sc.omtrdc.net .everesttech.net .demdex.net .facebook.com t.co openbadges.blob.core.windows.net .brightcove.com .prod.boltdns.net insight.adsrvr.org .fls.doubleclick.net .doubleclick.net adservice.google.com eb2.3lift.com i.liadm.com match.adsrvr.org pixel.rubiconproject.com ib.adnxs.com tags.bluekai.com ups.analytics.yahoo.com pixel.tapad.com aa.agkn.com .addthis.com dsum-sec.casalemedia.com tags.rd.linksynergy.com io.narrative.io match.sync.ad.cpe.dotomi.com .adingo.jp mid.rkdms.com usermatch.krxd.net match.sharethrough.com .express-scripts.com ib.adnxs.com su.addthis.com e.nexac.com uipglob.semasio.net .adsrvr.org .branch.io .simpli.fi i.ytimg.com .googleadservices.com cdn.cookielaw.org .onetrust.com; media-src 'self' blob: .express-scripts.com xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net .brightcove.com .prod.boltdns.net .akamaihd.net; frame-src 'self' xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net .qualtrics.com .youtube.com .demdex.net .google.com; child-src 'self' blob: .express-scripts.com xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net .youtube.com; font-src * 'self' data: .express-scripts.com fonts.googleapis.com fonts.gstatic.com .s3.amazonaws.com .amazonaws.com xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net; connect-src 'self' .express-scripts.com .qualtrics.com .adobedtm.com .everestjs.net .omtrdc.net .marketo.net .demdex.net .launchdarkly.com .brightcove.com .prod.boltdns.net .akamaihd.net .mktoresp.com api2.branch.io xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net .branch.io app.link cdn.cookielaw.org *.onetrust.com; report-uri /report-csp-violation
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=300, public
Content-Encoding: gzip
Content-Language: en
Content-Length: 25928
Content-Security-Policy: default-src 'self' data: *.express-scripts.com *.cloudfront.net xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net cdn.cookielaw.org *.onetrust.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net *.cloudfront.net *.adobedtm.com *.fontawesome.com *.qualtrics.com *.everestjs.net *.omtrdc.net *.marketo.net *.demdex.net *.google.com *.gstatic.com *.facebook.net *.ads-twitter.com *.twitter.com *.brightcove.com *.brightcove.net vjs.zencdn.net app.link ad.doubleclick.net *.googletagmanager.com *.simpli.fi *.branch.io *.youtube.com cdn.cookielaw.org *.onetrust.com; object-src 'self' xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net *.brightcove.net; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.express-scripts.com *.cloudflare.com xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net *.fontawesome.com; img-src 'self' data: xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net *.qualtrics.com *.omtrdc.net expressscripts.sc.omtrdc.net *.everesttech.net *.demdex.net *.facebook.com t.co openbadges.blob.core.windows.net *.brightcove.com *.prod.boltdns.net insight.adsrvr.org *.fls.doubleclick.net *.doubleclick.net adservice.google.com eb2.3lift.com i.liadm.com match.adsrvr.org pixel.rubiconproject.com ib.adnxs.com tags.bluekai.com ups.analytics.yahoo.com pixel.tapad.com aa.agkn.com *.addthis.com dsum-sec.casalemedia.com tags.rd.linksynergy.com io.narrative.io match.sync.ad.cpe.dotomi.com *.adingo.jp mid.rkdms.com usermatch.krxd.net match.sharethrough.com *.express-scripts.com ib.adnxs.com su.addthis.com e.nexac.com uipglob.semasio.net *.adsrvr.org *.branch.io *.simpli.fi i.ytimg.com *.googleadservices.com cdn.cookielaw.org *.onetrust.com; media-src 'self' blob: *.express-scripts.com xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net *.brightcove.com *.prod.boltdns.net *.akamaihd.net; frame-src 'self' xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net *.qualtrics.com *.youtube.com *.demdex.net *.google.com; child-src 'self' blob: *.express-scripts.com xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net *.youtube.com; font-src * 'self' data: *.express-scripts.com fonts.googleapis.com fonts.gstatic.com *.s3.amazonaws.com *.amazonaws.com xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net; connect-src 'self' *.express-scripts.com *.qualtrics.com *.adobedtm.com *.everestjs.net *.omtrdc.net *.marketo.net *.demdex.net *.launchdarkly.com *.brightcove.com *.prod.boltdns.net *.akamaihd.net *.mktoresp.com api2.branch.io xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net *.branch.io app.link cdn.cookielaw.org *.onetrust.com; report-uri /report-csp-violation
Content-Type: text/html; charset=UTF-8
Date: Tue, 21 Nov 2023 01:34:30 GMT
Etag: "1700570440-gzip"
Expires: Sun, 19 Nov 1978 05:00:00 GMT
From-Origin: same
Last-Modified: Tue, 21 Nov 2023 12:40:40 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Ua-Compatible: IE=edge
X-Vcap-Request-Id: e2ff0172-87c5-4647-4e9d-6a8fbda64925
X-Xss-Protection: 1; mode=block

Redirect headers

Content-Language: en
Content-Security-Policy: default-src 'self' data: *.express-scripts.com *.cloudfront.net xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net cdn.cookielaw.org *.onetrust.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net *.cloudfront.net *.adobedtm.com *.fontawesome.com *.qualtrics.com *.everestjs.net *.omtrdc.net *.marketo.net *.demdex.net *.google.com *.gstatic.com *.facebook.net *.ads-twitter.com *.twitter.com *.brightcove.com *.brightcove.net vjs.zencdn.net app.link ad.doubleclick.net *.googletagmanager.com *.simpli.fi *.branch.io *.youtube.com cdn.cookielaw.org *.onetrust.com; object-src 'self' xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net *.brightcove.net; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.express-scripts.com *.cloudflare.com xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net *.fontawesome.com; img-src 'self' data: xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net *.qualtrics.com *.omtrdc.net expressscripts.sc.omtrdc.net *.everesttech.net *.demdex.net *.facebook.com t.co openbadges.blob.core.windows.net *.brightcove.com *.prod.boltdns.net insight.adsrvr.org *.fls.doubleclick.net *.doubleclick.net adservice.google.com eb2.3lift.com i.liadm.com match.adsrvr.org pixel.rubiconproject.com ib.adnxs.com tags.bluekai.com ups.analytics.yahoo.com pixel.tapad.com aa.agkn.com *.addthis.com dsum-sec.casalemedia.com tags.rd.linksynergy.com io.narrative.io match.sync.ad.cpe.dotomi.com *.adingo.jp mid.rkdms.com usermatch.krxd.net match.sharethrough.com *.express-scripts.com ib.adnxs.com su.addthis.com e.nexac.com uipglob.semasio.net *.adsrvr.org *.branch.io *.simpli.fi i.ytimg.com *.googleadservices.com cdn.cookielaw.org *.onetrust.com; media-src 'self' blob: *.express-scripts.com xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net *.brightcove.com *.prod.boltdns.net *.akamaihd.net; frame-src 'self' xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net *.qualtrics.com *.youtube.com *.demdex.net *.google.com; child-src 'self' blob: *.express-scripts.com xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net *.youtube.com; font-src * 'self' data: *.express-scripts.com fonts.googleapis.com fonts.gstatic.com *.s3.amazonaws.com *.amazonaws.com xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net; connect-src 'self' *.express-scripts.com *.qualtrics.com *.adobedtm.com *.everestjs.net *.omtrdc.net *.marketo.net *.demdex.net *.launchdarkly.com *.brightcove.com *.prod.boltdns.net *.akamaihd.net *.mktoresp.com api2.branch.io xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net *.branch.io app.link cdn.cookielaw.org *.onetrust.com; report-uri /report-csp-violation
Content-Type: text/html; charset=UTF-8
Date: Tue, 21 Nov 2023 12:40:40 GMT
From-Origin: same
Location: https://militaryrx.express-scripts.com/contact-us?%24web_only=true&om_mid=3812&om_rid=1095661662&CID=eml%3ABOB%3AAR_Communication%3A25%3APHI%3A3812&%243p=e_cm&_branch_match_id=1255490296040059369&_branch_referrer=H4sIAAAAAAAAAyWO2wrCMBBEv6a%2BmdrEBhWK9ILYJ0XwOcQ02GBuJCnWv3ersAw7Z5lhx5R8POS5jGFG3HuklX3lxB8zvCW%2BkkyYFawuqKeyXLMp6GpcMhmpM3yCkcJEJGcfZIzrKILyKSLhDJwGN4C2ziYu0v1PCWQoNL7lgzmrPxnpUpgkQGeYUQN4sivw34efLzb7ktKC0oW2fQdIGg0PNJcGtL6x1hkzWSV4Us4CwiXI9dyDLmVf7m%2Bv2%2BUAAAA%3D
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Drupal-Route-Normalizer: 1
X-Frame-Options: SAMEORIGIN
X-Ua-Compatible: IE=edge
X-Vcap-Request-Id: 4d6574ba-524c-4577-6613-b43eadd80828
X-Xss-Protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 12 KB
1 KB 45ms
15ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Rubik:300,300i,400,400i,500,700&display=swap

Requested by

Host: militaryrx.express-scripts.com
URL: https://militaryrx.express-scripts.com/contact-us?%24web_only=true&om_mid=3812&om_rid=1095661662&CID=eml%3ABOB%3AAR_Communication%3A25%3APHI%3A3812&%243p=e_cm&_branch_match_id=1255490296040059369&_branch_referrer=H4sIAAAAAAAAAyWO2wrCMBBEv6a%2BmdrEBhWK9ILYJ0XwOcQ02GBuJCnWv3ersAw7Z5lhx5R8POS5jGFG3HuklX3lxB8zvCW%2BkkyYFawuqKeyXLMp6GpcMhmpM3yCkcJEJGcfZIzrKILyKSLhDJwGN4C2ziYu0v1PCWQoNL7lgzmrPxnpUpgkQGeYUQN4sivw34efLzb7ktKC0oW2fQdIGg0PNJcGtL6x1hkzWSV4Us4CwiXI9dyDLmVf7m%2Bv2%2BUAAAA%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4de2ff50cccba8f16d039e5e169b14eca2d4eaeb0cbe4c7b83a6f99c29ff6e1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://militaryrx.express-scripts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 21 Nov 2023 12:40:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 21 Nov 2023 12:38:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 21 Nov 2023 12:40:41 GMT

GET
H2 200 css_N3Vw9SZBry1iTKjn2AN0cgcoPG5hwiZ6_WImNfE2hqY.css
d2n5rjkrf34tm5.cloudfront.net/s3fs-public/css/ 20 KB
4 KB 77ms
25ms Stylesheet
text/css 2600:9000:2490:a800:0:a4a7:7b40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2n5rjkrf34tm5.cloudfront.net/s3fs-public/css/css_N3Vw9SZBry1iTKjn2AN0cgcoPG5hwiZ6_WImNfE2hqY.css
Requested by: Host: militaryrx.express-scripts.com
URL: https://militaryrx.express-scripts.com/contact-us?%24web_only=true&om_mid=3812&om_rid=1095661662&CID=eml%3ABOB%3AAR_Communication%3A25%3APHI%3A3812&%243p=e_cm&_branch_match_id=1255490296040059369&_branch_referrer=H4sIAAAAAAAAAyWO2wrCMBBEv6a%2BmdrEBhWK9ILYJ0XwOcQ02GBuJCnWv3ersAw7Z5lhx5R8POS5jGFG3HuklX3lxB8zvCW%2BkkyYFawuqKeyXLMp6GpcMhmpM3yCkcJEJGcfZIzrKILyKSLhDJwGN4C2ziYu0v1PCWQoNL7lgzmrPxnpUpgkQGeYUQN4sivw34efLzb7ktKC0oW2fQdIGg0PNJcGtL6x1hkzWSV4Us4CwiXI9dyDLmVf7m%2Bv2%2BUAAAA%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:a800:0:a4a7:7b40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 377570f52641af2d624ca8e7d803747207283c6e61c2267afd622635f13686a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://militaryrx.express-scripts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 05:45:40 GMT
content-encoding: gzip
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
last-modified: Fri, 27 Oct 2023 17:14:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 24901
x-amz-server-side-encryption: AES256
etag: W/"51893644ec8f969a556d68b92ecce657"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: yvFFBJ_5LL4cUNELdBWQLnceZbEkIFfZSiapjBWmn1-Wya8EUsCeFg==

GET
H2 200 css_eACkQ03WM074y-mtltx72f40ybr9Kqz7MGgIoG-_0JI.css
d2n5rjkrf34tm5.cloudfront.net/s3fs-public/css/ 500 KB
60 KB 63ms
11ms Stylesheet
text/css 2600:9000:2490:a800:0:a4a7:7b40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2n5rjkrf34tm5.cloudfront.net/s3fs-public/css/css_eACkQ03WM074y-mtltx72f40ybr9Kqz7MGgIoG-_0JI.css
Requested by: Host: militaryrx.express-scripts.com
URL: https://militaryrx.express-scripts.com/contact-us?%24web_only=true&om_mid=3812&om_rid=1095661662&CID=eml%3ABOB%3AAR_Communication%3A25%3APHI%3A3812&%243p=e_cm&_branch_match_id=1255490296040059369&_branch_referrer=H4sIAAAAAAAAAyWO2wrCMBBEv6a%2BmdrEBhWK9ILYJ0XwOcQ02GBuJCnWv3ersAw7Z5lhx5R8POS5jGFG3HuklX3lxB8zvCW%2BkkyYFawuqKeyXLMp6GpcMhmpM3yCkcJEJGcfZIzrKILyKSLhDJwGN4C2ziYu0v1PCWQoNL7lgzmrPxnpUpgkQGeYUQN4sivw34efLzb7ktKC0oW2fQdIGg0PNJcGtL6x1hkzWSV4Us4CwiXI9dyDLmVf7m%2Bv2%2BUAAAA%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:a800:0:a4a7:7b40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7800a4434dd6334ef8cbe9ad96dc7bd9fe34c9bafd2aacfb306808a06fbfd092

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://militaryrx.express-scripts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 13:11:32 GMT
content-encoding: gzip
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
last-modified: Fri, 27 Oct 2023 17:14:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 84550
x-amz-server-side-encryption: AES256
etag: W/"cd2d6329ce09bc035f59ec4cbb4c8ee9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: JzJbjxwcqM0tIupfmRs_c-BOWrWj2Oxr-5y2QJdd69o5CML7Wporug==

GET
H/1.1 200
OK redirect_login_overpanel.js Show response
militaryrx.express-scripts.com/themes/custom/tricare/js/dist/ 459 B
722 B 190ms
102ms Script
application/javascript 167.211.52.197
EXPRES

General

Check archive.org

Show headers Download Go to

Full URL

https://militaryrx.express-scripts.com/themes/custom/tricare/js/dist/redirect_login_overpanel.js?s3ctmw

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

167.211.52.197 , United States, ASN5696 (EXPRES, US),

Reverse DNS

militaryrx.esrx.com

Software

Resource Hash

f2557fa86e42360b205c4b227b48db591a7137792f9f856c04015fc7526754b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://militaryrx.express-scripts.com/contact-us?%24web_only=true&om_mid=3812&om_rid=1095661662&CID=eml%3ABOB%3AAR_Communication%3A25%3APHI%3A3812&%243p=e_cm&_branch_match_id=1255490296040059369&_branch_referrer=H4sIAAAAAAAAAyWO2wrCMBBEv6a%2BmdrEBhWK9ILYJ0XwOcQ02GBuJCnWv3ersAw7Z5lhx5R8POS5jGFG3HuklX3lxB8zvCW%2BkkyYFawuqKeyXLMp6GpcMhmpM3yCkcJEJGcfZIzrKILyKSLhDJwGN4C2ziYu0v1PCWQoNL7lgzmrPxnpUpgkQGeYUQN4sivw34efLzb7ktKC0oW2fQdIGg0PNJcGtL6x1hkzWSV4Us4CwiXI9dyDLmVf7m%2Bv2%2BUAAAA%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Tue, 21 Nov 2023 12:40:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Mon, 28 Aug 2023 22:15:23 GMT
Etag: "1cb-6040307d3d4c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
X-Vcap-Request-Id: a459324c-dae0-4b86-518b-635953285acf
Accept-Ranges: bytes
Content-Length: 297

GET
H/1.1 200
OK modernizr.min.js Show response
militaryrx.express-scripts.com/core/assets/vendor/modernizr/ 7 KB
3 KB 297ms
107ms Script
application/javascript 167.211.52.197
EXPRES

General

Check archive.org

Show headers Download Go to

Full URL

https://militaryrx.express-scripts.com/core/assets/vendor/modernizr/modernizr.min.js?v=3.11.7

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

167.211.52.197 , United States, ASN5696 (EXPRES, US),

Reverse DNS

militaryrx.esrx.com

Software

Resource Hash

939fe220ac3999512e38ecd5397d7334210c1568e7aec55eb6c6f4d1316c8353

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://militaryrx.express-scripts.com/contact-us?%24web_only=true&om_mid=3812&om_rid=1095661662&CID=eml%3ABOB%3AAR_Communication%3A25%3APHI%3A3812&%243p=e_cm&_branch_match_id=1255490296040059369&_branch_referrer=H4sIAAAAAAAAAyWO2wrCMBBEv6a%2BmdrEBhWK9ILYJ0XwOcQ02GBuJCnWv3ersAw7Z5lhx5R8POS5jGFG3HuklX3lxB8zvCW%2BkkyYFawuqKeyXLMp6GpcMhmpM3yCkcJEJGcfZIzrKILyKSLhDJwGN4C2ziYu0v1PCWQoNL7lgzmrPxnpUpgkQGeYUQN4sivw34efLzb7ktKC0oW2fQdIGg0PNJcGtL6x1hkzWSV4Us4CwiXI9dyDLmVf7m%2Bv2%2BUAAAA%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Tue, 21 Nov 2023 12:40:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Mon, 28 Aug 2023 22:15:17 GMT
Etag: "1c42-6040307784740-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
X-Vcap-Request-Id: aa86a6eb-c450-4468-575e-aa27a4398b99
Accept-Ranges: bytes
Content-Length: 3090

GET
H/1.1 200
OK modernizr-additional-tests.js Show response
militaryrx.express-scripts.com/core/misc/ 2 KB
1 KB 297ms
106ms Script
application/javascript 167.211.52.197
EXPRES

General

Check archive.org

Show headers Download Go to

Full URL

https://militaryrx.express-scripts.com/core/misc/modernizr-additional-tests.js?v=3.11.7

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

167.211.52.197 , United States, ASN5696 (EXPRES, US),

Reverse DNS

militaryrx.esrx.com

Software

Resource Hash

1e398d7e1be8e034e06112d41c1ddf1ec9881665fe923c28f7c2037dc35449e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://militaryrx.express-scripts.com/contact-us?%24web_only=true&om_mid=3812&om_rid=1095661662&CID=eml%3ABOB%3AAR_Communication%3A25%3APHI%3A3812&%243p=e_cm&_branch_match_id=1255490296040059369&_branch_referrer=H4sIAAAAAAAAAyWO2wrCMBBEv6a%2BmdrEBhWK9ILYJ0XwOcQ02GBuJCnWv3ersAw7Z5lhx5R8POS5jGFG3HuklX3lxB8zvCW%2BkkyYFawuqKeyXLMp6GpcMhmpM3yCkcJEJGcfZIzrKILyKSLhDJwGN4C2ziYu0v1PCWQoNL7lgzmrPxnpUpgkQGeYUQN4sivw34efLzb7ktKC0oW2fQdIGg0PNJcGtL6x1hkzWSV4Us4CwiXI9dyDLmVf7m%2Bv2%2BUAAAA%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Tue, 21 Nov 2023 12:40:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Mon, 28 Aug 2023 22:15:18 GMT
Etag: "948-6040307878980-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
X-Vcap-Request-Id: 52a7fdad-55a2-4bb2-5e04-f22bd9822df1
Accept-Ranges: bytes
Content-Length: 966

GET
H/1.1 200
OK esi_ddl_schema_header.js Show response
militaryrx.express-scripts.com/modules/shared/esi_ddl_schema/js/dist/ 447 B
604 B 298ms
108ms Script
application/javascript 167.211.52.197
EXPRES

General

Check archive.org

Show headers Download Go to

Full URL

https://militaryrx.express-scripts.com/modules/shared/esi_ddl_schema/js/dist/esi_ddl_schema_header.js?v=2.3

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

167.211.52.197 , United States, ASN5696 (EXPRES, US),

Reverse DNS

militaryrx.esrx.com

Software

Resource Hash

fb5ec15bd84740064d76fc919738557851a3ee1eba231c37091d0a8d0d231298

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://militaryrx.express-scripts.com/contact-us?%24web_only=true&om_mid=3812&om_rid=1095661662&CID=eml%3ABOB%3AAR_Communication%3A25%3APHI%3A3812&%243p=e_cm&_branch_match_id=1255490296040059369&_branch_referrer=H4sIAAAAAAAAAyWO2wrCMBBEv6a%2BmdrEBhWK9ILYJ0XwOcQ02GBuJCnWv3ersAw7Z5lhx5R8POS5jGFG3HuklX3lxB8zvCW%2BkkyYFawuqKeyXLMp6GpcMhmpM3yCkcJEJGcfZIzrKILyKSLhDJwGN4C2ziYu0v1PCWQoNL7lgzmrPxnpUpgkQGeYUQN4sivw34efLzb7ktKC0oW2fQdIGg0PNJcGtL6x1hkzWSV4Us4CwiXI9dyDLmVf7m%2Bv2%2BUAAAA%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Tue, 21 Nov 2023 12:40:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Mon, 28 Aug 2023 22:15:23 GMT
Etag: "1bf-6040307d3d4c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
X-Vcap-Request-Id: df620ebd-cc4f-4550-7381-78170500971e
Accept-Ranges: bytes
Content-Length: 179

GET
H2 200 launch-ENf5923c8c838040a0a01915336f9e58e6.min.js Show response
assets.adobedtm.com/ 444 KB
112 KB 99ms
25ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-ENf5923c8c838040a0a01915336f9e58e6.min.js
Requested by: Host: militaryrx.express-scripts.com
URL: https://militaryrx.express-scripts.com/contact-us?%24web_only=true&om_mid=3812&om_rid=1095661662&CID=eml%3ABOB%3AAR_Communication%3A25%3APHI%3A3812&%243p=e_cm&_branch_match_id=1255490296040059369&_branch_referrer=H4sIAAAAAAAAAyWO2wrCMBBEv6a%2BmdrEBhWK9ILYJ0XwOcQ02GBuJCnWv3ersAw7Z5lhx5R8POS5jGFG3HuklX3lxB8zvCW%2BkkyYFawuqKeyXLMp6GpcMhmpM3yCkcJEJGcfZIzrKILyKSLhDJwGN4C2ziYu0v1PCWQoNL7lgzmrPxnpUpgkQGeYUQN4sivw34efLzb7ktKC0oW2fQdIGg0PNJcGtL6x1hkzWSV4Us4CwiXI9dyDLmVf7m%2Bv2%2BUAAAA%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: f930c6208dcb9b44c2f4c7890e932654db2069d4d870bbb42ec42a29ea63c18b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://militaryrx.express-scripts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 12:40:41 GMT
content-encoding: gzip
last-modified: Fri, 27 Oct 2023 17:20:23 GMT
server: AkamaiNetStorage
etag: "07e6ebeb06122721df231f5372394296:1698427223.182943"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://militaryrx.express-scripts.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 114539
expires: Tue, 21 Nov 2023 13:40:41 GMT

GET
H/1.1 200
OK f279c890-aa1f-43bc-822d-c78c619a148e-d9cbf0fb-4869-44ed-97d9-79f3d40440dd.png
openbadges.blob.core.windows.net/bakedbadges-us/ 17 KB
18 KB 210ms
40ms Image
application/octet-stream 52.239.137.228
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://openbadges.blob.core.windows.net/bakedbadges-us/f279c890-aa1f-43bc-822d-c78c619a148e-d9cbf0fb-4869-44ed-97d9-79f3d40440dd.png
Requested by: Host: militaryrx.express-scripts.com
URL: https://militaryrx.express-scripts.com/contact-us?%24web_only=true&om_mid=3812&om_rid=1095661662&CID=eml%3ABOB%3AAR_Communication%3A25%3APHI%3A3812&%243p=e_cm&_branch_match_id=1255490296040059369&_branch_referrer=H4sIAAAAAAAAAyWO2wrCMBBEv6a%2BmdrEBhWK9ILYJ0XwOcQ02GBuJCnWv3ersAw7Z5lhx5R8POS5jGFG3HuklX3lxB8zvCW%2BkkyYFawuqKeyXLMp6GpcMhmpM3yCkcJEJGcfZIzrKILyKSLhDJwGN4C2ziYu0v1PCWQoNL7lgzmrPxnpUpgkQGeYUQN4sivw34efLzb7ktKC0oW2fQdIGg0PNJcGtL6x1hkzWSV4Us4CwiXI9dyDLmVf7m%2Bv2%2BUAAAA%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.137.228 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: eb6472e9ae91e487958bbe8d5045bf09e0efb9f6ba19ed0388ed680be2b50133

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://militaryrx.express-scripts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 21 Nov 2023 12:40:41 GMT
Last-Modified: Fri, 27 Mar 2020 21:20:00 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: YIaNhms2v28wVjI7Q6EZgA==
ETag: 0x8D7D2949B8FD29F
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
x-ms-request-id: b09c81f3-701e-0011-5577-1cbaa9000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 17474

GET
H2 200 onetrust-hotfix.css
d2n5rjkrf34tm5.cloudfront.net/ 179 B
541 B 8ms
8ms Stylesheet
text/css 2600:9000:2490:a800:0:a4a7:7b40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2n5rjkrf34tm5.cloudfront.net/onetrust-hotfix.css
Requested by: Host: militaryrx.express-scripts.com
URL: https://militaryrx.express-scripts.com/contact-us?%24web_only=true&om_mid=3812&om_rid=1095661662&CID=eml%3ABOB%3AAR_Communication%3A25%3APHI%3A3812&%243p=e_cm&_branch_match_id=1255490296040059369&_branch_referrer=H4sIAAAAAAAAAyWO2wrCMBBEv6a%2BmdrEBhWK9ILYJ0XwOcQ02GBuJCnWv3ersAw7Z5lhx5R8POS5jGFG3HuklX3lxB8zvCW%2BkkyYFawuqKeyXLMp6GpcMhmpM3yCkcJEJGcfZIzrKILyKSLhDJwGN4C2ziYu0v1PCWQoNL7lgzmrPxnpUpgkQGeYUQN4sivw34efLzb7ktKC0oW2fQdIGg0PNJcGtL6x1hkzWSV4Us4CwiXI9dyDLmVf7m%2Bv2%2BUAAAA%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:a800:0:a4a7:7b40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d7978925dd91498b46c32c379065f5ddde155cfd7f92b10d4e59dc1d2b59fbf7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://militaryrx.express-scripts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 12:43:26 GMT
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
last-modified: Tue, 17 Oct 2023 18:55:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 86236
x-amz-server-side-encryption: AES256
etag: "006594ee5ebee8d3c9f006036d7ca9a2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 179
x-amz-cf-id: QfbEHd54bMCVY1P9HDLQwTrYfdybSiKYzMLzMgmHX9ZLDoek57rmqw==

GET
H2 200 js_wQMfaiE4UTl4bFL74_dqwBLY7Ngw3GIp3I1pEIw0Vfs.js Show response
d2n5rjkrf34tm5.cloudfront.net/s3fs-public/js/ 217 KB
66 KB 9ms
8ms Script
application/javascript 2600:9000:2490:a800:0:a4a7:7b40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2n5rjkrf34tm5.cloudfront.net/s3fs-public/js/js_wQMfaiE4UTl4bFL74_dqwBLY7Ngw3GIp3I1pEIw0Vfs.js
Requested by: Host: militaryrx.express-scripts.com
URL: https://militaryrx.express-scripts.com/contact-us?%24web_only=true&om_mid=3812&om_rid=1095661662&CID=eml%3ABOB%3AAR_Communication%3A25%3APHI%3A3812&%243p=e_cm&_branch_match_id=1255490296040059369&_branch_referrer=H4sIAAAAAAAAAyWO2wrCMBBEv6a%2BmdrEBhWK9ILYJ0XwOcQ02GBuJCnWv3ersAw7Z5lhx5R8POS5jGFG3HuklX3lxB8zvCW%2BkkyYFawuqKeyXLMp6GpcMhmpM3yCkcJEJGcfZIzrKILyKSLhDJwGN4C2ziYu0v1PCWQoNL7lgzmrPxnpUpgkQGeYUQN4sivw34efLzb7ktKC0oW2fQdIGg0PNJcGtL6x1hkzWSV4Us4CwiXI9dyDLmVf7m%2Bv2%2BUAAAA%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:a800:0:a4a7:7b40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1031f6a21385139786c52fbe3f76ac012d8ecd830dc6229dc8d69108c3455fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://militaryrx.express-scripts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 09:05:35 GMT
content-encoding: gzip
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
last-modified: Fri, 27 Oct 2023 17:18:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 12907
x-amz-server-side-encryption: AES256
etag: W/"c05be00cf1872b8d649bdb04c9807805"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: w4rxCn_pB8PvEiW4bdeYEl1EO1nKt-dtPu0MFzC5QoOIlG7I9wSu6Q==

GET
H/1.1 200
OK esi_ddl_schema_footer.bundle.js Show response
militaryrx.express-scripts.com/modules/shared/esi_ddl_schema/js/dist/ 49 KB
14 KB 203ms
105ms Script
application/javascript 167.211.52.197
EXPRES

General

Check archive.org

Show headers Download Go to

Full URL

https://militaryrx.express-scripts.com/modules/shared/esi_ddl_schema/js/dist/esi_ddl_schema_footer.bundle.js?v=2.3

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

167.211.52.197 , United States, ASN5696 (EXPRES, US),

Reverse DNS

militaryrx.esrx.com

Software

Resource Hash

9778f10a8a3eb38bca1500c124b6ab794e1fef582786de3ea4db50668880d8b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://militaryrx.express-scripts.com/contact-us?%24web_only=true&om_mid=3812&om_rid=1095661662&CID=eml%3ABOB%3AAR_Communication%3A25%3APHI%3A3812&%243p=e_cm&_branch_match_id=1255490296040059369&_branch_referrer=H4sIAAAAAAAAAyWO2wrCMBBEv6a%2BmdrEBhWK9ILYJ0XwOcQ02GBuJCnWv3ersAw7Z5lhx5R8POS5jGFG3HuklX3lxB8zvCW%2BkkyYFawuqKeyXLMp6GpcMhmpM3yCkcJEJGcfZIzrKILyKSLhDJwGN4C2ziYu0v1PCWQoNL7lgzmrPxnpUpgkQGeYUQN4sivw34efLzb7ktKC0oW2fQdIGg0PNJcGtL6x1hkzWSV4Us4CwiXI9dyDLmVf7m%2Bv2%2BUAAAA%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Tue, 21 Nov 2023 12:40:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Mon, 28 Aug 2023 22:15:23 GMT
Etag: "c330-6040307d3d4c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
X-Vcap-Request-Id: a6b6dc55-6e2f-463c-6994-e37b5704575e
Accept-Ranges: bytes
Content-Length: 13546

GET
H/1.1 200
OK satellite.js Show response
militaryrx.express-scripts.com/modules/shared/esi_ddl_schema/js/dist/ 37 B
408 B 178ms
103ms Script
application/javascript 167.211.52.197
EXPRES

General

Check archive.org

Show headers Download Go to

Full URL

https://militaryrx.express-scripts.com/modules/shared/esi_ddl_schema/js/dist/satellite.js?v=1.x

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

167.211.52.197 , United States, ASN5696 (EXPRES, US),

Reverse DNS

militaryrx.esrx.com

Software

Resource Hash

3bdcd0c08698a8c925f8d49a720cfee9d3c733b650bbdd6697ac928ca2e6bb14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://militaryrx.express-scripts.com/contact-us?%24web_only=true&om_mid=3812&om_rid=1095661662&CID=eml%3ABOB%3AAR_Communication%3A25%3APHI%3A3812&%243p=e_cm&_branch_match_id=1255490296040059369&_branch_referrer=H4sIAAAAAAAAAyWO2wrCMBBEv6a%2BmdrEBhWK9ILYJ0XwOcQ02GBuJCnWv3ersAw7Z5lhx5R8POS5jGFG3HuklX3lxB8zvCW%2BkkyYFawuqKeyXLMp6GpcMhmpM3yCkcJEJGcfZIzrKILyKSLhDJwGN4C2ziYu0v1PCWQoNL7lgzmrPxnpUpgkQGeYUQN4sivw34efLzb7ktKC0oW2fQdIGg0PNJcGtL6x1hkzWSV4Us4CwiXI9dyDLmVf7m%2Bv2%2BUAAAA%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Tue, 21 Nov 2023 12:40:41 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Aug 2023 22:15:23 GMT
Etag: "25-6040307d3d4c0"
Content-Type: application/javascript
X-Vcap-Request-Id: 4d6450c6-25e3-45f0-7e90-8dcd947f1243
Accept-Ranges: bytes
Content-Length: 37

GET
H2 200 js_gzV_LSzb1sDbUQOv1Z3fjt9ytpybSIEbXXhPJPiGg-0.js Show response
d2n5rjkrf34tm5.cloudfront.net/s3fs-public/js/ 12 KB
4 KB 8ms
7ms Script
application/javascript 2600:9000:2490:a800:0:a4a7:7b40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2n5rjkrf34tm5.cloudfront.net/s3fs-public/js/js_gzV_LSzb1sDbUQOv1Z3fjt9ytpybSIEbXXhPJPiGg-0.js
Requested by: Host: militaryrx.express-scripts.com
URL: https://militaryrx.express-scripts.com/contact-us?%24web_only=true&om_mid=3812&om_rid=1095661662&CID=eml%3ABOB%3AAR_Communication%3A25%3APHI%3A3812&%243p=e_cm&_branch_match_id=1255490296040059369&_branch_referrer=H4sIAAAAAAAAAyWO2wrCMBBEv6a%2BmdrEBhWK9ILYJ0XwOcQ02GBuJCnWv3ersAw7Z5lhx5R8POS5jGFG3HuklX3lxB8zvCW%2BkkyYFawuqKeyXLMp6GpcMhmpM3yCkcJEJGcfZIzrKILyKSLhDJwGN4C2ziYu0v1PCWQoNL7lgzmrPxnpUpgkQGeYUQN4sivw34efLzb7ktKC0oW2fQdIGg0PNJcGtL6x1hkzWSV4Us4CwiXI9dyDLmVf7m%2Bv2%2BUAAAA%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:a800:0:a4a7:7b40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 83357f2d2cdbd6c0db5103afd59ddf8edf72b69c9b48811b5d784f24f88683ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://militaryrx.express-scripts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 13:11:33 GMT
content-encoding: gzip
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
last-modified: Fri, 27 Oct 2023 17:16:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 84549
x-amz-server-side-encryption: AES256
etag: W/"9c4311323b1924837d17e5b50559f159"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: tzsxdCFYcsoW5KN7vEWm2THIuy5OUdx9RG4aqlTd3cbI5VqeBXghrQ==

GET
H2 200 Aeonik-Regular.woff2
d2n5rjkrf34tm5.cloudfront.net/fonts/ 40 KB
41 KB 25ms
9ms Font
binary/octet-stream 2600:9000:2490:a800:0:a4a7:7b40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2n5rjkrf34tm5.cloudfront.net/fonts/Aeonik-Regular.woff2
Requested by: Host: d2n5rjkrf34tm5.cloudfront.net
URL: https://d2n5rjkrf34tm5.cloudfront.net/s3fs-public/css/css_eACkQ03WM074y-mtltx72f40ybr9Kqz7MGgIoG-_0JI.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:a800:0:a4a7:7b40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8bcbd3709fe25c33e7ad8dba87149fede59cd5c3fa29c4a82a3e58a60eaaf59d

Request headers

Referer: https://d2n5rjkrf34tm5.cloudfront.net/s3fs-public/css/css_eACkQ03WM074y-mtltx72f40ybr9Kqz7MGgIoG-_0JI.css
Origin: https://militaryrx.express-scripts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 12:43:25 GMT
via: 1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 86236
x-cache: Hit from cloudfront
content-length: 41176
last-modified: Tue, 14 Jun 2022 14:42:03 GMT
server: AmazonS3
etag: "58a0efb1adc429288deeb6d4ef6eeff4"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: binary/octet-stream
access-control-allow-origin: https://militaryrx.express-scripts.com
access-control-allow-credentials: true
accept-ranges: bytes
x-amz-cf-id: S_f4stT_XBtmK7dql3_7x7J-MIW4eB52H_QS3-51GzcuBQu-r_uHQA==

GET
H2 200 branch-latest.min.js Show response
cdn.branch.io/ 71 KB
22 KB 43ms
8ms Script
text/javascript 18.245.86.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.branch.io/branch-latest.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENf5923c8c838040a0a01915336f9e58e6.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-13.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6b3106a5a411804e9ee3be2158fb491408aa4dc923e03a0c74376f30bc323333

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://militaryrx.express-scripts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: UkfElG6yIzo.BOEWL6zP4sMZe23_jxRr
content-encoding: gzip
via: 1.1 a2ce61e5ddc66736c9e2bfb6581fa2da.cloudfront.net (CloudFront)
date: Tue, 21 Nov 2023 12:38:46 GMT
last-modified: Thu, 14 Sep 2023 19:53:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
age: 116
etag: "17a75c4dd4a7b15a4695cb6822521c62"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=300
content-length: 22162
x-amz-cf-id: kLVFVs0cFUCCzukC2g5t-qf3fr_F8hsPgfwZxjnzW7SlUIUZRZfO4g==

GET
H2 200 id Show response
dpm.demdex.net/ 2 KB
1 KB 105ms
34ms XHR
application/json 34.243.60.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=BCDA9CC055686E397F000101%40AdobeOrg&d_nsid=0&ts=1700570441528

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENf5923c8c838040a0a01915336f9e58e6.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.243.60.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-243-60-84.eu-west-1.compute.amazonaws.com

Software

Resource Hash

0c0165891934be409e1d54a330234e00155fe734bba106e2a84fd3c1bb87aad6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://militaryrx.express-scripts.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

dcs: dcs-prod-irl1-2-v054-07bf84699.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Tue, 21 Nov 2023 12:40:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-tid: vBm59XNwTzA=
vary: Origin
content-type: application/json;charset=utf-8
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin: https://militaryrx.express-scripts.com
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 688
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 34 KB
12 KB 21ms
20ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENf5923c8c838040a0a01915336f9e58e6.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://militaryrx.express-scripts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 12:40:41 GMT
content-encoding: gzip
last-modified: Thu, 22 Sep 2022 16:16:49 GMT
server: AkamaiNetStorage
etag: "dfdd9e1f988805f0c2fbb10cd6b8f034:1663863409.614694"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://militaryrx.express-scripts.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12384
expires: Tue, 21 Nov 2023 13:40:41 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 3 KB
2 KB 18ms
18ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENf5923c8c838040a0a01915336f9e58e6.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://militaryrx.express-scripts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 12:40:41 GMT
content-encoding: gzip
last-modified: Thu, 22 Sep 2022 16:16:49 GMT
server: AkamaiNetStorage
etag: "b89fcb8870ac40eecb6d3cc844d35389:1663863409.92483"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://militaryrx.express-scripts.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1598
expires: Tue, 21 Nov 2023 13:40:41 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 51ms
18ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENf5923c8c838040a0a01915336f9e58e6.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ea1823078c462969eaa59d6ef62623c19d77b72e25a103105b043aefaa0769a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://militaryrx.express-scripts.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 21 Nov 2023 12:40:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: /EzX6ku1+i8ak28m1WuIrw==
age: 36226
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6841
x-ms-lease-status: unlocked
last-modified: Mon, 20 Nov 2023 21:15:15 GMT
server: cloudflare
etag: 0x8DBEA0DCA84310B
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 633f9b9a-f01e-0004-2b1f-1cb484000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 829900abdb482c61-FRA

GET
H2 200 5d00b9be-2d2f-4075-88f7-31807a7639f2.json Show response
cdn.cookielaw.org/consent/5d00b9be-2d2f-4075-88f7-31807a7639f2/ 5 KB
2 KB 41ms
25ms XHR
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/5d00b9be-2d2f-4075-88f7-31807a7639f2/5d00b9be-2d2f-4075-88f7-31807a7639f2.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce36e3e83c453925a9fb9065486f99d41b183ce2cb99319599d80b3355ca222e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://militaryrx.express-scripts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 21 Nov 2023 12:40:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 70899
content-md5: ORFgZn6Zla0G23TvmM2m1Q==
content-length: 1702
x-ms-lease-status: unlocked
last-modified: Wed, 11 Oct 2023 18:55:02 GMT
server: cloudflare
etag: 0x8DBCA8B93AA61CE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 3b573dc0-801e-00a7-3cc1-12d141000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 829900ac1d442bf6-FRA
expires: Wed, 22 Nov 2023 12:40:41 GMT

GET
DATA 200
OK truncated
/ 504 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c6709a4059947a46d4aabbf16f872f84de523ae708e362431daf29cd17d77b0c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 989 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d070a59346269db17df98fb6d45feda01af862bf7d05702d066b76154a79e811

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fbb704018238f3c3666401f540c02b06ce0dc15f03bc05fe328fcd1a454e50f7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 Aeonik-Medium.woff2
d2n5rjkrf34tm5.cloudfront.net/fonts/ 42 KB
43 KB 11ms
11ms Font
binary/octet-stream 2600:9000:2490:a800:0:a4a7:7b40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2n5rjkrf34tm5.cloudfront.net/fonts/Aeonik-Medium.woff2
Requested by: Host: d2n5rjkrf34tm5.cloudfront.net
URL: https://d2n5rjkrf34tm5.cloudfront.net/s3fs-public/css/css_eACkQ03WM074y-mtltx72f40ybr9Kqz7MGgIoG-_0JI.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:a800:0:a4a7:7b40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9b0dc405c6049e34bac12def1f1a69c8ceb07731ebff9138faa3c369435f56b3

Request headers

Referer: https://d2n5rjkrf34tm5.cloudfront.net/s3fs-public/css/css_eACkQ03WM074y-mtltx72f40ybr9Kqz7MGgIoG-_0JI.css
Origin: https://militaryrx.express-scripts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 12:43:26 GMT
via: 1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 86236
x-cache: Hit from cloudfront
content-length: 43136
last-modified: Tue, 14 Jun 2022 14:42:03 GMT
server: AmazonS3
etag: "7ab1af37690d4056a6bb3b7b4ba32239"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: binary/octet-stream
access-control-allow-origin: https://militaryrx.express-scripts.com
access-control-allow-credentials: true
accept-ranges: bytes
x-amz-cf-id: sVFAwHFjFOtIY0hTMb401_XqnxqEeHpKjS67krT342C0kz6X7DUkvQ==

GET
H2 200 Aeonik-Bold.woff2
d2n5rjkrf34tm5.cloudfront.net/fonts/ 36 KB
36 KB 9ms
9ms Font
binary/octet-stream 2600:9000:2490:a800:0:a4a7:7b40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2n5rjkrf34tm5.cloudfront.net/fonts/Aeonik-Bold.woff2
Requested by: Host: d2n5rjkrf34tm5.cloudfront.net
URL: https://d2n5rjkrf34tm5.cloudfront.net/s3fs-public/css/css_eACkQ03WM074y-mtltx72f40ybr9Kqz7MGgIoG-_0JI.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:a800:0:a4a7:7b40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7f88bb4ae82fff4b28375830a7d42e979b29ae75f6e8c9c8e819ead0ff9a3ae3

Request headers

Referer: https://d2n5rjkrf34tm5.cloudfront.net/s3fs-public/css/css_eACkQ03WM074y-mtltx72f40ybr9Kqz7MGgIoG-_0JI.css
Origin: https://militaryrx.express-scripts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 02:20:43 GMT
via: 1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 37199
x-cache: Hit from cloudfront
content-length: 36736
last-modified: Tue, 14 Jun 2022 14:42:03 GMT
server: AmazonS3
etag: "fef183222112e123e20a57b1de7e6d3b"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: binary/octet-stream
access-control-allow-origin: https://militaryrx.express-scripts.com
access-control-allow-credentials: true
accept-ranges: bytes
x-amz-cf-id: Ml4KE86aT59XAx4FHwEQctmwEozuc6BrskEJwIYybg3D0i37wCobwA==

GET
H2 200 iJWKBXyIfDnIV7nErXyi0A.woff2
fonts.gstatic.com/s/rubik/v28/ 32 KB
32 KB 31ms
9ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nErXyi0A.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rubik:300,300i,400,400i,500,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc857679ff68c3bd3687b79772b031af4e4c645cbf61600974883f4ff0dc332d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://militaryrx.express-scripts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:17:01 GMT
x-content-type-options: nosniff
age: 393820
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32372
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 16:26:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Nov 2024 23:17:01 GMT

GET
H2 200 iJWKBXyIfDnIV7nFrXyi0A.woff2
fonts.gstatic.com/s/rubik/v28/ 15 KB
15 KB 26ms
7ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nFrXyi0A.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rubik:300,300i,400,400i,500,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7ad9db12275b6bcaa57a392d98122c99c0f7a80416da0edde9897e4330af8eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://militaryrx.express-scripts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 12:09:17 GMT
x-content-type-options: nosniff
age: 1884
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15076
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 16:30:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Nov 2024 12:09:17 GMT

GET
H2 200 email_0.svg
d2n5rjkrf34tm5.cloudfront.net/s3fs-public/2019-10/ 3 KB
2 KB 444ms
442ms Image
image/svg+xml 2600:9000:2490:a800:0:a4a7:7b40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2n5rjkrf34tm5.cloudfront.net/s3fs-public/2019-10/email_0.svg
Requested by: Host: militaryrx.express-scripts.com
URL: https://militaryrx.express-scripts.com/contact-us?%24web_only=true&om_mid=3812&om_rid=1095661662&CID=eml%3ABOB%3AAR_Communication%3A25%3APHI%3A3812&%243p=e_cm&_branch_match_id=1255490296040059369&_branch_referrer=H4sIAAAAAAAAAyWO2wrCMBBEv6a%2BmdrEBhWK9ILYJ0XwOcQ02GBuJCnWv3ersAw7Z5lhx5R8POS5jGFG3HuklX3lxB8zvCW%2BkkyYFawuqKeyXLMp6GpcMhmpM3yCkcJEJGcfZIzrKILyKSLhDJwGN4C2ziYu0v1PCWQoNL7lgzmrPxnpUpgkQGeYUQN4sivw34efLzb7ktKC0oW2fQdIGg0PNJcGtL6x1hkzWSV4Us4CwiXI9dyDLmVf7m%2Bv2%2BUAAAA%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:a800:0:a4a7:7b40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5244f441c00bf4c0af56f23ab217d52452b69a572e243873663946fa2b3df6aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://militaryrx.express-scripts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 12:40:42 GMT
content-encoding: gzip
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
last-modified: Fri, 18 Oct 2019 16:26:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
etag: W/"8cfe92688c161a49b6ccead5cd3ef407"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
x-amz-cf-id: -OhyGVwaxfGskSENp4m_9asLSZlkeFVR1Yu2iSlN_-3oYBOizhjlFA==

GET
H2 200 phone_0.svg
d2n5rjkrf34tm5.cloudfront.net/s3fs-public/2019-10/ 3 KB
2 KB 28ms
26ms Image
image/svg+xml 2600:9000:2490:a800:0:a4a7:7b40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2n5rjkrf34tm5.cloudfront.net/s3fs-public/2019-10/phone_0.svg
Requested by: Host: militaryrx.express-scripts.com
URL: https://militaryrx.express-scripts.com/contact-us?%24web_only=true&om_mid=3812&om_rid=1095661662&CID=eml%3ABOB%3AAR_Communication%3A25%3APHI%3A3812&%243p=e_cm&_branch_match_id=1255490296040059369&_branch_referrer=H4sIAAAAAAAAAyWO2wrCMBBEv6a%2BmdrEBhWK9ILYJ0XwOcQ02GBuJCnWv3ersAw7Z5lhx5R8POS5jGFG3HuklX3lxB8zvCW%2BkkyYFawuqKeyXLMp6GpcMhmpM3yCkcJEJGcfZIzrKILyKSLhDJwGN4C2ziYu0v1PCWQoNL7lgzmrPxnpUpgkQGeYUQN4sivw34efLzb7ktKC0oW2fQdIGg0PNJcGtL6x1hkzWSV4Us4CwiXI9dyDLmVf7m%2Bv2%2BUAAAA%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:a800:0:a4a7:7b40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 45ff32398cb33749753c925dd48822914d4f7e29715848dc29f3a95a9ad7a562

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://militaryrx.express-scripts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 09:05:35 GMT
content-encoding: gzip
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
last-modified: Fri, 18 Oct 2019 16:26:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 12907
etag: W/"50f3592209e5109150f02ef207cd45c5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: ocW4hVrKPxs3GKYWpJ75l9N14PwaTV7VxMdh4KGoBQK7P5DYzTaWBQ==

GET
H2 200 shield.svg
d2n5rjkrf34tm5.cloudfront.net/s3fs-public/2019-10/ 3 KB
2 KB 434ms
433ms Image
image/svg+xml 2600:9000:2490:a800:0:a4a7:7b40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2n5rjkrf34tm5.cloudfront.net/s3fs-public/2019-10/shield.svg
Requested by: Host: militaryrx.express-scripts.com
URL: https://militaryrx.express-scripts.com/contact-us?%24web_only=true&om_mid=3812&om_rid=1095661662&CID=eml%3ABOB%3AAR_Communication%3A25%3APHI%3A3812&%243p=e_cm&_branch_match_id=1255490296040059369&_branch_referrer=H4sIAAAAAAAAAyWO2wrCMBBEv6a%2BmdrEBhWK9ILYJ0XwOcQ02GBuJCnWv3ersAw7Z5lhx5R8POS5jGFG3HuklX3lxB8zvCW%2BkkyYFawuqKeyXLMp6GpcMhmpM3yCkcJEJGcfZIzrKILyKSLhDJwGN4C2ziYu0v1PCWQoNL7lgzmrPxnpUpgkQGeYUQN4sivw34efLzb7ktKC0oW2fQdIGg0PNJcGtL6x1hkzWSV4Us4CwiXI9dyDLmVf7m%2Bv2%2BUAAAA%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:a800:0:a4a7:7b40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb58abded97f2de35828ff8b0b7199a57664449eeb5cdc28c24a9d1e6782b1b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://militaryrx.express-scripts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 12:40:43 GMT
content-encoding: gzip
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
last-modified: Fri, 18 Oct 2019 16:26:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
etag: W/"35a074fff0f685f8d7b698a240492dbb"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
x-amz-cf-id: CYWlvL2KE9Gl4_8imXn7LYtTRLCPQQ4fmIhvNjULiR0QQ3CLB-4aXA==

GET
H2 200 urac-pbm-2025_0.png
d2n5rjkrf34tm5.cloudfront.net/s3fs-public/2022-12/ 17 KB
17 KB 12ms
11ms Image
image/png 2600:9000:2490:a800:0:a4a7:7b40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2n5rjkrf34tm5.cloudfront.net/s3fs-public/2022-12/urac-pbm-2025_0.png
Requested by: Host: militaryrx.express-scripts.com
URL: https://militaryrx.express-scripts.com/contact-us?%24web_only=true&om_mid=3812&om_rid=1095661662&CID=eml%3ABOB%3AAR_Communication%3A25%3APHI%3A3812&%243p=e_cm&_branch_match_id=1255490296040059369&_branch_referrer=H4sIAAAAAAAAAyWO2wrCMBBEv6a%2BmdrEBhWK9ILYJ0XwOcQ02GBuJCnWv3ersAw7Z5lhx5R8POS5jGFG3HuklX3lxB8zvCW%2BkkyYFawuqKeyXLMp6GpcMhmpM3yCkcJEJGcfZIzrKILyKSLhDJwGN4C2ziYu0v1PCWQoNL7lgzmrPxnpUpgkQGeYUQN4sivw34efLzb7ktKC0oW2fQdIGg0PNJcGtL6x1hkzWSV4Us4CwiXI9dyDLmVf7m%2Bv2%2BUAAAA%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:a800:0:a4a7:7b40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2cc6f92cffc1b849b032be8a159b38ce138b25dd2f6fc4a52ab44dfab32fcc04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://militaryrx.express-scripts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 05:11:09 GMT
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
last-modified: Wed, 07 Dec 2022 21:49:00 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 26973
etag: "7e3f6bb28d714824b8d952dabcb7044e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 17291
x-amz-cf-id: EDNAaWpWaNz44tKTKfZMLrH2PxWjP0jmkZhXnhlPY6FQFc34GU4CbA==

GET
H2 200 urac-accredited-MSP-2023.svg
d2n5rjkrf34tm5.cloudfront.net/s3fs-public/2022-12/ 38 KB
13 KB 12ms
11ms Image
image/svg+xml 2600:9000:2490:a800:0:a4a7:7b40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2n5rjkrf34tm5.cloudfront.net/s3fs-public/2022-12/urac-accredited-MSP-2023.svg
Requested by: Host: militaryrx.express-scripts.com
URL: https://militaryrx.express-scripts.com/contact-us?%24web_only=true&om_mid=3812&om_rid=1095661662&CID=eml%3ABOB%3AAR_Communication%3A25%3APHI%3A3812&%243p=e_cm&_branch_match_id=1255490296040059369&_branch_referrer=H4sIAAAAAAAAAyWO2wrCMBBEv6a%2BmdrEBhWK9ILYJ0XwOcQ02GBuJCnWv3ersAw7Z5lhx5R8POS5jGFG3HuklX3lxB8zvCW%2BkkyYFawuqKeyXLMp6GpcMhmpM3yCkcJEJGcfZIzrKILyKSLhDJwGN4C2ziYu0v1PCWQoNL7lgzmrPxnpUpgkQGeYUQN4sivw34efLzb7ktKC0oW2fQdIGg0PNJcGtL6x1hkzWSV4Us4CwiXI9dyDLmVf7m%2Bv2%2BUAAAA%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:a800:0:a4a7:7b40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eddfd03feee7012ed1ba1634cfc33b17ee510bb72d9881b107019eece2c6c626

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://militaryrx.express-scripts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 12:43:27 GMT
content-encoding: gzip
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
last-modified: Tue, 06 Dec 2022 15:54:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 86235
etag: W/"976dd06586743b23fc28bfd275882d3e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: FoSY4y_KHl_Ehl65WBdcEqh2jCC1HuNvfG-agQ1as9xtHcC8yeuJ1Q==

GET
H2 200 ncqa_0.jpg
d2n5rjkrf34tm5.cloudfront.net/s3fs-public/2019-07/ 72 KB
72 KB 12ms
12ms Image
image/jpeg 2600:9000:2490:a800:0:a4a7:7b40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2n5rjkrf34tm5.cloudfront.net/s3fs-public/2019-07/ncqa_0.jpg
Requested by: Host: militaryrx.express-scripts.com
URL: https://militaryrx.express-scripts.com/contact-us?%24web_only=true&om_mid=3812&om_rid=1095661662&CID=eml%3ABOB%3AAR_Communication%3A25%3APHI%3A3812&%243p=e_cm&_branch_match_id=1255490296040059369&_branch_referrer=H4sIAAAAAAAAAyWO2wrCMBBEv6a%2BmdrEBhWK9ILYJ0XwOcQ02GBuJCnWv3ersAw7Z5lhx5R8POS5jGFG3HuklX3lxB8zvCW%2BkkyYFawuqKeyXLMp6GpcMhmpM3yCkcJEJGcfZIzrKILyKSLhDJwGN4C2ziYu0v1PCWQoNL7lgzmrPxnpUpgkQGeYUQN4sivw34efLzb7ktKC0oW2fQdIGg0PNJcGtL6x1hkzWSV4Us4CwiXI9dyDLmVf7m%2Bv2%2BUAAAA%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:a800:0:a4a7:7b40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 63e141b8260e3f1c7b4d85cdfa57ecfecaef816caa7a0128994967face41baea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://militaryrx.express-scripts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 12:43:27 GMT
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
last-modified: Fri, 18 Oct 2019 16:26:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 86235
etag: "0626f29b35846d7354d61625b97fe976"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 73235
x-amz-cf-id: CHgNPkUBODR5Z4VRa0uQKLeLXgbxeoXSq9b2dVGDf7wb32u0AiW-wA==

GET
H2 200 dest5.html Show response
expressscriptsholdingcompany.demdex.net/ Frame 8F3C 7 KB
3 KB 54ms
31ms Document
text/html 34.243.60.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://expressscriptsholdingcompany.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENf5923c8c838040a0a01915336f9e58e6.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.243.60.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-243-60-84.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://militaryrx.express-scripts.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Tue, 21 Nov 2023 12:40:41 GMT
dcs: dcs-prod-irl1-1-v054-0a80e641c.edge-irl1.demdex.com 0 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Wed, 8 Nov 2023 21:01:21 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: dI4hyHbLQ6E=

GET
H2 200 id Show response
smetrics.express-scripts.com/ 48 B
473 B 204ms
20ms XHR
application/x-javascript 63.140.62.214
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.express-scripts.com/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=BCDA9CC055686E397F000101%40AdobeOrg&mid=82191976673153162620078523865516652022&ts=1700570441678

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENf5923c8c838040a0a01915336f9e58e6.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.214 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-62-214.data.adobedc.net

Software

jag /

Resource Hash

881cf3190781a769b089056bf9ba1c779745489ea30d9978d63feeac62be76fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://militaryrx.express-scripts.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 21 Nov 2023 12:40:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://militaryrx.express-scripts.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

GET
H2

200

ibs:dpid=411&dpuuid=ZVylSQAAAMLlzgN6
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=82230982487271860310079057063603046847
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZVylSQAAAMLlzgN6

42 B
717 B

37ms
36ms

Image
image/gif

34.243.60.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZVylSQAAAMLlzgN6

Requested by

Protocol

Server

34.243.60.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-243-60-84.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://militaryrx.express-scripts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v054-01242649c.edge-irl1.demdex.com 4 ms
pragma: no-cache
date: Tue, 21 Nov 2023 12:40:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: 2n2u2wMYTkQ=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZVylSQAAAMLlzgN6
Date: Tue, 21 Nov 2023 12:40:41 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H2 200 delivery Show response
expressscriptsholdin.tt.omtrdc.net/rest/v1/ 363 B
864 B 116ms
39ms XHR
application/json 66.235.152.126
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://expressscriptsholdin.tt.omtrdc.net/rest/v1/delivery?client=expressscriptsholdin&sessionId=0e8e693169f8475a9a01cc334f9f06f9&version=2.10.0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENf5923c8c838040a0a01915336f9e58e6.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.235.152.126 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-66-235-152-126.data.adobedc.net

Software

jag /

Resource Hash

4d981c38cbe83e53d196ae6b881537cd8d524693ddf274671f75a37b0601d5a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://militaryrx.express-scripts.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 21 Nov 2023 12:40:41 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
server: jag
x-content-type-options: nosniff
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://militaryrx.express-scripts.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
x-request-id: 20378788-8c02-4ec3-bd39-9e1e9bb952fa

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 26ms
8ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://militaryrx.express-scripts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 21 Nov 2023 12:40:41 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: /gojIdVF3ypZNsk6VIfarzuaDgm/FfjmFQtyv0/Px6wJcwTh2zccMMbpZ7eosaxch55QPMlUiP2UKOLvEdYr1A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 60ms
7ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: militaryrx.express-scripts.com
URL: https://militaryrx.express-scripts.com/contact-us?%24web_only=true&om_mid=3812&om_rid=1095661662&CID=eml%3ABOB%3AAR_Communication%3A25%3APHI%3A3812&%243p=e_cm&_branch_match_id=1255490296040059369&_branch_referrer=H4sIAAAAAAAAAyWO2wrCMBBEv6a%2BmdrEBhWK9ILYJ0XwOcQ02GBuJCnWv3ersAw7Z5lhx5R8POS5jGFG3HuklX3lxB8zvCW%2BkkyYFawuqKeyXLMp6GpcMhmpM3yCkcJEJGcfZIzrKILyKSLhDJwGN4C2ziYu0v1PCWQoNL7lgzmrPxnpUpgkQGeYUQN4sivw34efLzb7ktKC0oW2fQdIGg0PNJcGtL6x1hkzWSV4Us4CwiXI9dyDLmVf7m%2Bv2%2BUAAAA%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://militaryrx.express-scripts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 12:40:41 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230046-FRA

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 66 B
303 B 54ms
32ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://militaryrx.express-scripts.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 12:40:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 829900accb60367e-FRA
access-control-allow-headers: Content-Type

GET
H2 200 _r Show response
app.link/ 91 B
639 B 226ms
168ms Script
text/javascript 2600:9000:2449:e600:19:9934:6a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.80.0&branch_key=key_live_dfVw03CXmLQcfIS5O37JIipmszgfbimL&callback=branch_callback__0

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2449:e600:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

4868dea075d0e46297664e1df2db337d7780ec81fe7c446bbb383273f62e9b46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://militaryrx.express-scripts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 12:40:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 9c7ba0aaf8652834e3f6b51b901da726.cloudfront.net (CloudFront)
server: openresty
accept-ch: Sec-CH-UA-Platform-Version,Sec-CH-UA-Model
x-amz-cf-pop: AMS58-P6
etag: W/"5b-njwtCg3U3y7nEdy8vlvMrwN+vug"
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
content-length: 91
x-amz-cf-id: MoytxQEVdNbF-ehPGXlwcqRTs38mSKp-5XqZeXLDpTW8ZUQBCx3zQg==

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202308.2.0/ 421 KB
101 KB 18ms
18ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202308.2.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee39d0cbc9e9cd88b7dac8ebca680b89e8879081f855152f21772c7834474437

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://militaryrx.express-scripts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 21 Nov 2023 12:40:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: B7RJGeSCnZZuAb1NQkB81w==
age: 36179
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 103637
x-ms-lease-status: unlocked
last-modified: Wed, 20 Sep 2023 06:26:02 GMT
server: cloudflare
etag: 0x8DBB9A2763B37CA
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 21d158e6-101e-007e-2a3b-eca9c4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 829900ad0c5a2c61-FRA

GET
H2 200 180164963300380 Show response
connect.facebook.net/signals/config/ 117 KB
32 KB 74ms
73ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/180164963300380?v=2.9.138&r=stable&domain=militaryrx.express-scripts.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

be82bff2875a3af4e6a828f2e0872662e0e9080f20aee60e18e5721da801e7d0

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://militaryrx.express-scripts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 21 Nov 2023 12:40:41 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: bRQv22tRHEcoYTIeWRkXTXDtKN/oZezB066x8gfxAq5M4XqFg10U6Awsn2u34kOB6rr+VDNTezPfef7oiLr3ww==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 8F3C
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.everesttech.net%2F1x1%3F
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WlZ5bFNRQUFCRFRWZW5BMw&url=/1/gr%3furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm=&google_sc=&ev_rs=1&google_hm=WlZ5bFNRQUFCRFRWZW5BMw&url=/1/gr%3Furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F&google_tc=
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F&google_gid=CAESEESxOJry5Rw9kC9AEnC3Wj8&google_cver=1
https://pixel.everesttech.net/1x1

128 B
796 B

33ms
32ms

Image
image/png

52.214.98.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 52.214.98.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-98-45.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://expressscriptsholdingcompany.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Tue, 21 Nov 2023 12:40:42 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type: image/png
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Tue, 21 Nov 2023 12:40:42 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 adsct
t.co/i/ 43 B
377 B 197ms
124ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=8b6518ee-930f-4035-b4cc-cd44566b8355&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=5a36ae50-05f5-4bc1-8f29-4a0974239279&tw_document_href=https%3A%2F%2Fmilitaryrx.express-scripts.com%2Fcontact-us%3F%2524web_only%3Dtrue%26om_mid%3D3812%26om_rid%3D1095661662%26CID%3Deml%253ABOB%253AAR_Communication%253A25%253APHI%253A3812%26%25243p%3De_cm%26_branch_match_id%3D1255490296040059369%26_branch_referrer%3DH4sIAAAAAAAAAyWO2wrCMBBEv6a%252BmdrEBhWK9ILYJ0XwOcQ02GBuJCnWv3ersAw7Z5lhx5R8POS5jGFG3HuklX3lxB8zvCW%252BkkyYFawuqKeyXLMp6GpcMhmpM3yCkcJEJGcfZIzrKILyKSLhDJwGN4C2ziYu0v1PCWQoNL7lgzmrPxnpUpgkQGeYUQN4sivw34efLzb7ktKC0oW2fQdIGg0PNJcGtL6x1hkzWSV4Us4CwiXI9dyDLmVf7m%252Bv2%252BUAAAA%253D&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o5dsy&type=javascript&version=2.3.29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://militaryrx.express-scripts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-response-time: 104
date: Tue, 21 Nov 2023 12:40:40 GMT
strict-transport-security: max-age=0
server: tsa_f
content-type: image/gif;charset=utf-8
x-transaction-id: 9bfbb16a2702c9f1
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 7ac271b76ea6383f53ee22dceb5b42967d4416d3044ca2c665a60515e39af55d
content-length: 43

POST
H/1.1 200
OK report-csp-violation
militaryrx.express-scripts.com/ 0
3 KB 175ms
174ms Other
text/html 167.211.52.197
EXPRES

General

Check archive.org

Show headers Download Go to

Full URL

https://militaryrx.express-scripts.com/report-csp-violation

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

167.211.52.197 , United States, ASN5696 (EXPRES, US),

Reverse DNS

militaryrx.esrx.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: .express-scripts.com .cloudfront.net xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net cdn.cookielaw.org .onetrust.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net .cloudfront.net .adobedtm.com .fontawesome.com .qualtrics.com .everestjs.net .omtrdc.net .marketo.net .demdex.net .google.com .gstatic.com .facebook.net .ads-twitter.com .twitter.com .brightcove.com .brightcove.net vjs.zencdn.net app.link ad.doubleclick.net .googletagmanager.com .simpli.fi .branch.io .youtube.com cdn.cookielaw.org .onetrust.com; object-src 'self' xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net .brightcove.net; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .express-scripts.com .cloudflare.com xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net .fontawesome.com; img-src 'self' data: xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net .qualtrics.com .omtrdc.net expressscripts.sc.omtrdc.net .everesttech.net .demdex.net .facebook.com t.co openbadges.blob.core.windows.net .brightcove.com .prod.boltdns.net insight.adsrvr.org .fls.doubleclick.net .doubleclick.net adservice.google.com eb2.3lift.com i.liadm.com match.adsrvr.org pixel.rubiconproject.com ib.adnxs.com tags.bluekai.com ups.analytics.yahoo.com pixel.tapad.com aa.agkn.com .addthis.com dsum-sec.casalemedia.com tags.rd.linksynergy.com io.narrative.io match.sync.ad.cpe.dotomi.com .adingo.jp mid.rkdms.com usermatch.krxd.net match.sharethrough.com .express-scripts.com ib.adnxs.com su.addthis.com e.nexac.com uipglob.semasio.net .adsrvr.org .branch.io .simpli.fi i.ytimg.com .googleadservices.com cdn.cookielaw.org .onetrust.com; media-src 'self' blob: .express-scripts.com xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net .brightcove.com .prod.boltdns.net .akamaihd.net; frame-src 'self' xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net .qualtrics.com .youtube.com .demdex.net .google.com; child-src 'self' blob: .express-scripts.com xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net .youtube.com; font-src * 'self' data: .express-scripts.com fonts.googleapis.com fonts.gstatic.com .s3.amazonaws.com .amazonaws.com xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net; connect-src 'self' .express-scripts.com .qualtrics.com .adobedtm.com .everestjs.net .omtrdc.net .marketo.net .demdex.net .launchdarkly.com .brightcove.com .prod.boltdns.net .akamaihd.net .mktoresp.com api2.branch.io xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net .branch.io app.link cdn.cookielaw.org *.onetrust.com; report-uri /report-csp-violation
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://militaryrx.express-scripts.com/contact-us?%24web_only=true&om_mid=3812&om_rid=1095661662&CID=eml%3ABOB%3AAR_Communication%3A25%3APHI%3A3812&%243p=e_cm&_branch_match_id=1255490296040059369&_branch_referrer=H4sIAAAAAAAAAyWO2wrCMBBEv6a%2BmdrEBhWK9ILYJ0XwOcQ02GBuJCnWv3ersAw7Z5lhx5R8POS5jGFG3HuklX3lxB8zvCW%2BkkyYFawuqKeyXLMp6GpcMhmpM3yCkcJEJGcfZIzrKILyKSLhDJwGN4C2ziYu0v1PCWQoNL7lgzmrPxnpUpgkQGeYUQN4sivw34efLzb7ktKC0oW2fQdIGg0PNJcGtL6x1hkzWSV4Us4CwiXI9dyDLmVf7m%2Bv2%2BUAAAA%3D
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/csp-report

Response headers

Expires: Sun, 19 Nov 1978 05:00:00 GMT
Content-Security-Policy: default-src 'self' data: *.express-scripts.com *.cloudfront.net xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net cdn.cookielaw.org *.onetrust.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net *.cloudfront.net *.adobedtm.com *.fontawesome.com *.qualtrics.com *.everestjs.net *.omtrdc.net *.marketo.net *.demdex.net *.google.com *.gstatic.com *.facebook.net *.ads-twitter.com *.twitter.com *.brightcove.com *.brightcove.net vjs.zencdn.net app.link ad.doubleclick.net *.googletagmanager.com *.simpli.fi *.branch.io *.youtube.com cdn.cookielaw.org *.onetrust.com; object-src 'self' xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net *.brightcove.net; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.express-scripts.com *.cloudflare.com xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net *.fontawesome.com; img-src 'self' data: xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net *.qualtrics.com *.omtrdc.net expressscripts.sc.omtrdc.net *.everesttech.net *.demdex.net *.facebook.com t.co openbadges.blob.core.windows.net *.brightcove.com *.prod.boltdns.net insight.adsrvr.org *.fls.doubleclick.net *.doubleclick.net adservice.google.com eb2.3lift.com i.liadm.com match.adsrvr.org pixel.rubiconproject.com ib.adnxs.com tags.bluekai.com ups.analytics.yahoo.com pixel.tapad.com aa.agkn.com *.addthis.com dsum-sec.casalemedia.com tags.rd.linksynergy.com io.narrative.io match.sync.ad.cpe.dotomi.com *.adingo.jp mid.rkdms.com usermatch.krxd.net match.sharethrough.com *.express-scripts.com ib.adnxs.com su.addthis.com e.nexac.com uipglob.semasio.net *.adsrvr.org *.branch.io *.simpli.fi i.ytimg.com *.googleadservices.com cdn.cookielaw.org *.onetrust.com; media-src 'self' blob: *.express-scripts.com xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net *.brightcove.com *.prod.boltdns.net *.akamaihd.net; frame-src 'self' xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net *.qualtrics.com *.youtube.com *.demdex.net *.google.com; child-src 'self' blob: *.express-scripts.com xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net *.youtube.com; font-src * 'self' data: *.express-scripts.com fonts.googleapis.com fonts.gstatic.com *.s3.amazonaws.com *.amazonaws.com xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net; connect-src 'self' *.express-scripts.com *.qualtrics.com *.adobedtm.com *.everestjs.net *.omtrdc.net *.marketo.net *.demdex.net *.launchdarkly.com *.brightcove.com *.prod.boltdns.net *.akamaihd.net *.mktoresp.com api2.branch.io xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net *.branch.io app.link cdn.cookielaw.org *.onetrust.com; report-uri /report-csp-violation
Date: Tue, 21 Nov 2023 12:40:41 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Content-Language: en
X-Vcap-Request-Id: 6722415f-7b91-4f22-4739-093dcadd490a
From-Origin: same
Cache-Control: must-revalidate, no-cache, private
Content-Length: 0
X-Xss-Protection: 1; mode=block
X-Ua-Compatible: IE=edge

GET adsct
analytics.twitter.com/i/ 0
0

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/5d00b9be-2d2f-4075-88f7-31807a7639f2/a562e9bf-e82b-4b00-8947-69aaadf4b78e/ 95 KB
18 KB 25ms
24ms Fetch
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/5d00b9be-2d2f-4075-88f7-31807a7639f2/a562e9bf-e82b-4b00-8947-69aaadf4b78e/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202308.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5522275a7d62bf4ee851fb2ad88052d27afac459a6e887c1abebe6a0273a70bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://militaryrx.express-scripts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 21 Nov 2023 12:40:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 70898
content-md5: MPegliT5Lz+z6dzODtbFBw==
content-length: 17739
x-ms-lease-status: unlocked
last-modified: Wed, 11 Oct 2023 18:55:09 GMT
server: cloudflare
etag: 0x8DBCA8B9784EAD7
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 96999985-301e-0046-3d1e-150d04000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 829900ad7ef12bf6-FRA
expires: Wed, 22 Nov 2023 12:40:41 GMT

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/202308.2.0/assets/v2/ 62 KB
13 KB 18ms
18ms Fetch
application/json 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202308.2.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202308.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b0a210e89ac35b54a9b4ccb0336ea91c561e6dc5f8bda49574da98d40799c6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://militaryrx.express-scripts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 21 Nov 2023 12:40:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 3yHA5F3oKJDlMPXEHc+wYA==
age: 70898
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12708
x-ms-lease-status: unlocked
last-modified: Wed, 20 Sep 2023 06:25:57 GMT
server: cloudflare
etag: 0x8DBB9A2735C2A8F
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: d2e3f247-a01e-0044-737c-14b3bc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 829900addf812bf6-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202308.2.0/assets/ 21 KB
4 KB 20ms
20ms Fetch
text/css 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202308.2.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202308.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://militaryrx.express-scripts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 21 Nov 2023 12:40:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: c7xAZ9MSGAobGaTYg/Qtag==
age: 70898
x-ms-lease-status: unlocked
last-modified: Wed, 20 Sep 2023 06:26:05 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: d34a7502-801e-0043-7a64-0ddfdf000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 829900addf822bf6-FRA

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 8F3C
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072980%26val%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WlZ5bFNRQUFBTUxsemdONg&url=/1/gr%3furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm=&google_sc=&ev_rs=1&google_hm=WlZ5bFNRQUFBTUxsemdONg&url=/1/gr%3Furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%2...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEP...
https://pixel.everesttech.net/1x1

128 B
796 B

38ms
37ms

Image
image/png

52.214.98.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 52.214.98.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-98-45.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://expressscriptsholdingcompany.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Tue, 21 Nov 2023 12:40:42 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b51c-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type: image/png
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Tue, 21 Nov 2023 12:40:42 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 24ms
7ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=180164963300380&ev=PageView&dl=https%3A%2F%2Fmilitaryrx.express-scripts.com&rl=&if=false&ts=1700570441914&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4124&fbp=fb.1.1700570441908.628537935&pm=1&hrl=c68859&ler=empty&it=1700570441780&coo=false&cs_cc=1&cas=6648216785205270%2C5361925467165102&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://militaryrx.express-scripts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 21 Nov 2023 12:40:41 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
494 B 20ms
20ms Fetch
image/svg+xml 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202308.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://militaryrx.express-scripts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 21 Nov 2023 12:40:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 70897
x-ms-lease-status: unlocked
last-modified: Mon, 20 Nov 2023 06:50:46 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: c73b50f4-a01e-0019-709b-1bb938000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 829900ae1fe32bf6-FRA

GET
H2 200 Inside_Rx_logo_standard_RG_yztTr69jy.png
cdn.cookielaw.org/logos/33942db4-005c-450a-a0e5-a16f93ecaa7f/75dce3de-bd1c-4ffd-84a9-15995d4d0464/c3a25e51-4f87-4771-bd5c-16c4da137e8c/ 18 KB
18 KB 20ms
18ms Image
image/png 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/33942db4-005c-450a-a0e5-a16f93ecaa7f/75dce3de-bd1c-4ffd-84a9-15995d4d0464/c3a25e51-4f87-4771-bd5c-16c4da137e8c/Inside_Rx_logo_standard_RG_yztTr69jy.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f729f403677779e0a1e05189be6774c90783d6b8682e004a75db9a2aa54a5df7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://militaryrx.express-scripts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 21 Nov 2023 12:40:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: wMMz/2YohyhnMawSrSBuvw==
age: 65744
content-length: 18344
x-ms-lease-status: unlocked
last-modified: Thu, 13 Apr 2023 16:19:35 GMT
server: cloudflare
etag: 0x8DB3C3ADF3280E7
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: bd6a29b0-901e-0002-6bc1-0b873b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 829900ae2d7d2c61-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 18ms
17ms Image
image/svg+xml 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://militaryrx.express-scripts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 21 Nov 2023 12:40:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 23862
x-ms-lease-status: unlocked
last-modified: Mon, 20 Nov 2023 21:15:22 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 32f180fb-b01e-0093-2a2e-1ce289000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 829900ae2d7e2c61-FRA

GET
H2 200 s0257511398253
smetrics.express-scripts.com/b/ss/expresscomprod/1/JS-2.23.0-LDQM/ 43 B
312 B 21ms
20ms Image
image/gif 63.140.62.214
OMNITURE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://smetrics.express-scripts.com/b/ss/expresscomprod/1/JS-2.23.0-LDQM/s0257511398253?AQB=1&ndh=1&pf=1&t=21%2F10%2F2023%2013%3A40%3A41%202%20-60&sdid=755188887465F64C-76CE428C4325C862&mid=82191976673153162620078523865516652022&aamlh=6&ce=UTF-8&pageName=Tricare%3AContactUs&g=https%3A%2F%2Fmilitaryrx.express-scripts.com%2Fcontact-us%3F%2524web_only%3Dtrue%26om_mid%3D3812%26om_rid%3D1095661662%26CID%3Deml%253ABOB%253AAR_Communication%253A25%253APHI%253A3812%26%25243p%3De_cm%26_branch_match_id%3D1255490296040059369%26_branch_referrer%3DH4sIAAAAAAAAAyWO2wrCMBBEv6a%252BmdrEBhWK9ILY&cc=USD&ch=Tricare%20Pre-Login%20Landing%20Page&v0=eml%3Abob%3Aar_communication%3A25%3Aphi%3A3812&events=event1&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=D%3Dv1&v1=Tricare%3AContactUs&c23=Tricare&c37=D%3Dv37&v37=militaryrx.express-scripts.com%2Fcontact-us&c48=Tricare%20MilitaryRx&c49=Drupal&c50=Help&v50=militaryrx.express-scripts.com%2Fcontact-us%3F%2524web_only%3Dtrue%26om_mid%3D3812%26om_rid%3D1095661662%26CID%3Deml%253ABOB%253AAR_Communication%253A25%253APHI%253A3812%26%25243p%3De_cm%26_branch_match_id%3D1255490296040059369%26_branch_referrer%3DH4sIAAAAAAAAAyWO2wrCMBBEv6a%252BmdrEBhWK9ILYJ0XwOcQ02GBuJCnWv3ersAw7Z5lhx5R8POS5jGFG3HuklX3lxB8zvCW%252BkkyYFawuqKeyXLMp6GpcMhmpM3yCkcJEJGcfZIzrKILyKSLhDJwGN4C2ziYu0v1PCWQoNL7lgzmrPxnpUpgkQGeYUQN4sivw34efLzb7ktKC0oW2fQdIGg0PNJcGtL6x1hkzWSV4Us4CwiXI9dyDLmVf7m%252Bv2%252BUAAAA%253D&v68=82191976673153162620078523865516652022&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&-g=J0XwOcQ02GBuJCnWv3ersAw7Z5lhx5R8POS5jGFG3HuklX3lxB8zvCW%252BkkyYFawuqKeyXLMp6GpcMhmpM3yCkcJEJGcfZIzrKILyKSLhDJwGN4C2ziYu0v1PCWQoNL7lgzmrPxnpUpgkQGeYUQN4sivw34efLzb7ktKC0oW2fQdIGg0PNJcGtL6x1hkzWSV4Us4CwiXI9dyDLmVf7m%252Bv2%252BUAAAA%253D&mcorgid=BCDA9CC055686E397F000101%40AdobeOrg&AQE=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.214 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-62-214.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://militaryrx.express-scripts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 12:40:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 22 Nov 2023 12:40:41 GMT
server: jag
etag: 3651947216176775168-4617913002169288473
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 20 Nov 2023 12:40:41 GMT

POST
H2 200 open Show response
api2.branch.io/v1/ 1 KB
2 KB 439ms
369ms XHR
application/json 2600:9000:223f:fa00:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/open

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

218b124794cea01e0364c0bf440923cf785f4d12efe1ec209a351ec9f06f989d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://militaryrx.express-scripts.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 21 Nov 2023 12:40:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
x-branch-request-id: b908d80f-1cfa-444b-bae8-e3729a918082-2023112112
content-length: 1504
x-amz-cf-id: xG-hdVgeQiW9pW3akeyRf58mDJmN8dbeuP_y2PmZfIAIIOFGC_KSGw==

GET
H2 200 / Show response
zn7qchny5hadksvmv-expressscriptscx.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 8 KB
4 KB 93ms
27ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zn7qchny5hadksvmv-expressscriptscx.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_7QCHNY5hadKsvMV

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENf5923c8c838040a0a01915336f9e58e6.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4e9055c8626415454b366bf04474264bb008c22e3b9878afda7b72d6fec6bb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://militaryrx.express-scripts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 12:40:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 366358
cf-polished: origSize=9155
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"23c3-5Yv7qmK5ojQ9gE23FXv1vBjuOMo"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 829900aeec562be2-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 8F3C
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fib.adnxs.com%2Fpxj%3Faction%3Dsetuid(%27__EFGSURFER__.__EFGCK__%27)%26bidder%3D51%26seg%3D2634060der%3D51%26seg%3D2634060
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WlZ5bFNRQUFBTUxsemdONg&url=/1/gr%3furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%25...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D26...
https://pixel.everesttech.net/1x1

128 B
691 B

41ms
40ms

Image
image/png

52.214.98.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 52.214.98.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-98-45.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://expressscriptsholdingcompany.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Tue, 21 Nov 2023 12:40:42 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type: image/png
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Tue, 21 Nov 2023 12:40:42 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 12.20b1d36d36c1dfbe70fa.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 70 KB
21 KB 29ms
27ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/12.20b1d36d36c1dfbe70fa.chunk.js?Q_CLIENTVERSION=1.103.0&Q_CLIENTTYPE=web&Q_BRANDID=militaryrx.express-scripts.com

Requested by

Host: zn7qchny5hadksvmv-expressscriptscx.siteintercept.qualtrics.com
URL: https://zn7qchny5hadksvmv-expressscriptscx.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_7QCHNY5hadKsvMV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5b5c93f6affe076aa846f63596819be1a4b6ca73e58baf41f4b01db979fdb4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://militaryrx.express-scripts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 12:40:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 493791
cf-polished: origSize=72939
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 08 Nov 2023 02:23:30 GMT
cf-bgj: minify
server: cloudflare
etag: W/"11ceb-18bacbdecd0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 829900af1c9c2be2-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 8F3C
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fexpires%3D30%26nid%3D2181%26put%3D__EFGSURFER__.__EFGCK__%26v%3D11782
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WlZ5bFNRQUFBTUxsemdONg&url=/1/gr%3furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpir...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2...
https://pixel.everesttech.net/1x1

128 B
691 B

32ms
31ms

Image
image/png

52.214.98.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 52.214.98.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-98-45.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://expressscriptsholdingcompany.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Tue, 21 Nov 2023 12:40:42 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type: image/png
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Tue, 21 Nov 2023 12:40:42 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H2 200 Targeting.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 14 KB
3 KB 219ms
219ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_7QCHNY5hadKsvMV&Q_CLIENTVERSION=1.103.0&Q_CLIENTTYPE=webAdobeLaunch

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.20b1d36d36c1dfbe70fa.chunk.js?Q_CLIENTVERSION=1.103.0&Q_CLIENTTYPE=web&Q_BRANDID=militaryrx.express-scripts.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f19d03ffa928431e5d6a0954cf3ca7107f0a8df7e70c0985992fb9e2abbe3489

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://militaryrx.express-scripts.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 21 Nov 2023 12:40:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://militaryrx.express-scripts.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: f58fdf50fab91e47
cf-ray: 829900af6cda2be2-FRA
timing-allow-origin: *

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c1364af6743ffe21b20e013c1c65ae7d1b33b39ed427086a75ae5f6a74c82c63

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 8F3C
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%3D%26piggybackCookie%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WlZ5bFNRQUFBTUxsemdONg&url=/1/gr%3furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fv...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggyb...
https://pixel.everesttech.net/1x1

128 B
691 B

31ms
30ms

Image
image/png

52.214.98.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 52.214.98.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-98-45.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://expressscriptsholdingcompany.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Tue, 21 Nov 2023 12:40:42 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type: image/png
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Tue, 21 Nov 2023 12:40:42 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 8F3C
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D71%26external_user_id%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WlZ5bFNRQUFBTUxsemdONg&url=/1/gr%3furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_...
https://pixel.everesttech.net/1x1

128 B
691 B

32ms
32ms

Image
image/png

52.214.98.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 52.214.98.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-98-45.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://expressscriptsholdingcompany.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Tue, 21 Nov 2023 12:40:42 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "36b516-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type: image/png
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Tue, 21 Nov 2023 12:40:42 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 CoreModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 99 KB
31 KB 29ms
28ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.103.0&Q_CLIENTTYPE=webAdobeLaunch&Q_BRANDID=expressscriptscx

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ca3b492e58624d30201bfe06213e6a513c37f56ba433d9bae00e5513d5576b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://militaryrx.express-scripts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 12:40:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 491210
cf-polished: origSize=102574
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 08 Nov 2023 02:23:30 GMT
cf-bgj: minify
server: cloudflare
etag: W/"190ae-18bacbdecd0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 829900b0cea32be2-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
434 B 204ms
204ms XHR
application/json 2600:9000:223f:fa00:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/pageview

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://militaryrx.express-scripts.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 21 Nov 2023 12:40:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-powered-by: Express
etag: W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: 4214d94f08104876a9438a803dc9e462-2023112112
content-length: 28
x-amz-cf-id: y4vYGYJn6wlyxSaDiMvhwHylJVSTtKSbprDS8p-vqnfb5EeE5Qiejw==

GET
H2 200 7.61eadfb61701cbba3995.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 2 KB
1 KB 32ms
31ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/7.61eadfb61701cbba3995.chunk.js?Q_CLIENTVERSION=1.103.0&Q_CLIENTTYPE=web&Q_BRANDID=expressscriptscx

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d33eafe7c71aa27415b3fe0254b6e1c4be7cfccdb32fec684bf876f52b291cbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://militaryrx.express-scripts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 12:40:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 493764
cf-polished: origSize=2904
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 08 Nov 2023 02:23:30 GMT
cf-bgj: minify
server: cloudflare
etag: W/"b58-18bacbdecd0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 829900b1dfc92be2-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 1.b6ed8c4fe4b3f457815a.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 28 KB
7 KB 32ms
32ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/1.b6ed8c4fe4b3f457815a.chunk.js?Q_CLIENTVERSION=1.103.0&Q_CLIENTTYPE=web&Q_BRANDID=expressscriptscx

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d420011478b9237ee35799a2ad0c8ec8dd01cb9d5cfc7295fdb48556c240c7b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://militaryrx.express-scripts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 12:40:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 493764
cf-polished: origSize=29402
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 08 Nov 2023 02:23:30 GMT
cf-bgj: minify
server: cloudflare
etag: W/"72da-18bacbdecd0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 829900b1dfcb2be2-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: analytics.twitter.com
URL: https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=8b6518ee-930f-4035-b4cc-cd44566b8355&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=5a36ae50-05f5-4bc1-8f29-4a0974239279&tw_document_href=https%3A%2F%2Fmilitaryrx.express-scripts.com%2Fcontact-us%3F%2524web_only%3Dtrue%26om_mid%3D3812%26om_rid%3D1095661662%26CID%3Deml%253ABOB%253AAR_Communication%253A25%253APHI%253A3812%26%25243p%3De_cm%26_branch_match_id%3D1255490296040059369%26_branch_referrer%3DH4sIAAAAAAAAAyWO2wrCMBBEv6a%252BmdrEBhWK9ILYJ0XwOcQ02GBuJCnWv3ersAw7Z5lhx5R8POS5jGFG3HuklX3lxB8zvCW%252BkkyYFawuqKeyXLMp6GpcMhmpM3yCkcJEJGcfZIzrKILyKSLhDJwGN4C2ziYu0v1PCWQoNL7lgzmrPxnpUpgkQGeYUQN4sivw34efLzb7ktKC0oW2fQdIGg0PNJcGtL6x1hkzWSV4Us4CwiXI9dyDLmVf7m%252Bv2%252BUAAAA%253D&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o5dsy&type=javascript&version=2.3.29

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
dl.orders.express-scripts.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: iji2cagmrxaop53oo1aplv3y
.app.link/	1970-01-20 20:44:55	Name: _s Value: hrPW6%2BinJJm1Tixc%2FPchC2Skyvuu%2F8AER%2FTjU2eUQXCi5fhH5iX5o5w4WhsqcHRt
.express-scripts.com/	1969-12-31 23:59:59	Name: at_check Value: true
.demdex.net/	1970-01-20 20:42:02	Name: demdex Value: 82230982487271860310079057063603046847
.express-scripts.com/	1969-12-31 23:59:59	Name: AMCVS_BCDA9CC055686E397F000101%40AdobeOrg Value: 1
.express-scripts.com/	1970-01-21 01:58:50	Name: mbox Value: session#0e8e693169f8475a9a01cc334f9f06f9#1700572302\|PC#0e8e693169f8475a9a01cc334f9f06f9.37_0#1763815242
.everesttech.net/	1970-01-21 01:08:26	Name: everest_g_v2 Value: g_surferid~ZVylSQAAAMLlzgN6
.dpm.demdex.net/	1970-01-20 20:42:02	Name: dpm Value: 82230982487271860310079057063603046847
.express-scripts.com/	1970-01-21 01:58:50	Name: s_ecid Value: MCMID%7C82191976673153162620078523865516652022
.express-scripts.com/	1970-01-21 01:58:50	Name: AMCV_BCDA9CC055686E397F000101%40AdobeOrg Value: 179643557%7CMCIDTS%7C19683%7CMCMID%7C82191976673153162620078523865516652022%7CMCAAMLH-1701175241%7C6%7CMCAAMB-1701175241%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1700577641s%7CNONE%7CMCSYNCSOP%7C411-19690%7CMCAID%7CNONE%7CvVersion%7C5.5.0
.express-scripts.com/	1970-01-20 18:32:26	Name: _fbp Value: fb.1.1700570441908.628537935
.express-scripts.com/	1970-01-21 01:08:26	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Tue+Nov+21+2023+13%3A40%3A41+GMT%2B0100+(Central+European+Standard+Time)&version=202308.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fmilitaryrx.express-scripts.com%2Fcontact-us%3F%2524web_only%3Dtrue%26om_mid%3D3812%26om_rid%3D1095661662%26CID%3Deml%253ABOB%253AAR_Communication%253A25%253APHI%253A3812%26%25243p%3De_cm%26_branch_match_id%3D1255490296040059369%26_branch_referrer%3DH4sIAAAAAAAAAyWO2wrCMBBEv6a%252BmdrEBhWK9ILYJ0XwOcQ02GBuJCnWv3ersAw7Z5lhx5R8POS5jGFG3HuklX3lxB8zvCW%252BkkyYFawuqKeyXLMp6GpcMhmpM3yCkcJEJGcfZIzrKILyKSLhDJwGN4C2ziYu0v1PCWQoNL7lgzmrPxnpUpgkQGeYUQN4sivw34efLzb7ktKC0oW2fQdIGg0PNJcGtL6x1hkzWSV4Us4CwiXI9dyDLmVf7m%252Bv2%252BUAAAA%253D&groups=C0001%3A1%2CC0003%3A1%2CBG400%3A1%2CC0002%3A1%2CBG401%3A1%2CC0004%3A1
.express-scripts.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.t.co/	1970-01-21 01:58:50	Name: muc_ads Value: 494c198a-d93b-4942-9059-c7521d8d7d42
.doubleclick.net/	1970-01-21 01:44:26	Name: IDE Value: AHWqTUkqt8TDvsHyIk5Qe4rFYFoYhEraeTftZO6CL1I5X24oJoCooMJ-9ukaKIelmWY
.everesttech.net/	1970-01-20 17:07:28	Name: ev_sync_ax Value: 20231121
.everesttech.net/	1969-12-31 23:59:59	Name: everest_session_v2 Value: ZVylSgAAAP1yi3TB
.demdex.net/	1970-01-20 20:42:02	Name: dextp Value: 1083-1-1700570441783\|1085-1-1700570441901\|1086-1-1700570442002\|1087-1-1700570442102\|1088-1-1700570442203\|19913-1-1700570442304
militaryrx.express-scripts.com/	1969-12-31 23:59:59	Name: QSI_HistorySession Value:

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://assets.adobedtm.com/launch-ENf5923c8c838040a0a01915336f9e58e6.min.js(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.cookielaw.org/scripttemplates/otSDKStub.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://assets.adobedtm.com/launch-ENf5923c8c838040a0a01915336f9e58e6.min.js(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.cookielaw.org/scripttemplates/otSDKStub.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	error	URL: https://militaryrx.express-scripts.com/contact-us?%24web_only=true&om_mid=3812&om_rid=1095661662&CID=eml%3ABOB%3AAR_Communication%3A25%3APHI%3A3812&%243p=e_cm&_branch_match_id=1255490296040059369&_branch_referrer=H4sIAAAAAAAAAyWO2wrCMBBEv6a%2BmdrEBhWK9ILYJ0XwOcQ02GBuJCnWv3ersAw7Z5lhx5R8POS5jGFG3HuklX3lxB8zvCW%2BkkyYFawuqKeyXLMp6GpcMhmpM3yCkcJEJGcfZIzrKILyKSLhDJwGN4C2ziYu0v1PCWQoNL7lgzmrPxnpUpgkQGeYUQN4sivw34efLzb7ktKC0oW2fQdIGg0PNJcGtL6x1hkzWSV4Us4CwiXI9dyDLmVf7m%2Bv2%2BUAAAA%3D Message: Refused to load the image 'https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=8b6518ee-930f-4035-b4cc-cd44566b8355&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=5a36ae50-05f5-4bc1-8f29-4a0974239279&tw_document_href=https%3A%2F%2Fmilitaryrx.express-scripts.com%2Fcontact-us%3F%2524web_only%3Dtrue%26om_mid%3D3812%26om_rid%3D1095661662%26CID%3Deml%253ABOB%253AAR_Communication%253A25%253APHI%253A3812%26%25243p%3De_cm%26_branch_match_id%3D1255490296040059369%26_branch_referrer%3DH4sIAAAAAAAAAyWO2wrCMBBEv6a%252BmdrEBhWK9ILYJ0XwOcQ02GBuJCnWv3ersAw7Z5lhx5R8POS5jGFG3HuklX3lxB8zvCW%252BkkyYFawuqKeyXLMp6GpcMhmpM3yCkcJEJGcfZIzrKILyKSLhDJwGN4C2ziYu0v1PCWQoNL7lgzmrPxnpUpgkQGeYUQN4sivw34efLzb7ktKC0oW2fQdIGg0PNJcGtL6x1hkzWSV4Us4CwiXI9dyDLmVf7m%252Bv2%252BUAAAA%253D&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o5dsy&type=javascript&version=2.3.29' because it violates the following Content Security Policy directive: "img-src 'self' data: xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net .qualtrics.com .omtrdc.net expressscripts.sc.omtrdc.net .everesttech.net .demdex.net .facebook.com t.co openbadges.blob.core.windows.net .brightcove.com .prod.boltdns.net insight.adsrvr.org .fls.doubleclick.net .doubleclick.net adservice.google.com eb2.3lift.com i.liadm.com match.adsrvr.org pixel.rubiconproject.com ib.adnxs.com tags.bluekai.com ups.analytics.yahoo.com pixel.tapad.com aa.agkn.com .addthis.com dsum-sec.casalemedia.com tags.rd.linksynergy.com io.narrative.io match.sync.ad.cpe.dotomi.com .adingo.jp mid.rkdms.com usermatch.krxd.net match.sharethrough.com .express-scripts.com ib.adnxs.com su.addthis.com e.nexac.com uipglob.semasio.net .adsrvr.org .branch.io .simpli.fi i.ytimg.com .googleadservices.com cdn.cookielaw.org *.onetrust.com".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' data: .express-scripts.com .cloudfront.net xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net cdn.cookielaw.org .onetrust.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net .cloudfront.net .adobedtm.com .fontawesome.com .qualtrics.com .everestjs.net .omtrdc.net .marketo.net .demdex.net .google.com .gstatic.com .facebook.net .ads-twitter.com .twitter.com .brightcove.com .brightcove.net vjs.zencdn.net app.link ad.doubleclick.net .googletagmanager.com .simpli.fi .branch.io .youtube.com cdn.cookielaw.org .onetrust.com; object-src 'self' xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net .brightcove.net; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .express-scripts.com .cloudflare.com xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net .fontawesome.com; img-src 'self' data: xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net .qualtrics.com .omtrdc.net expressscripts.sc.omtrdc.net .everesttech.net .demdex.net .facebook.com t.co openbadges.blob.core.windows.net .brightcove.com .prod.boltdns.net insight.adsrvr.org .fls.doubleclick.net .doubleclick.net adservice.google.com eb2.3lift.com i.liadm.com match.adsrvr.org pixel.rubiconproject.com ib.adnxs.com tags.bluekai.com ups.analytics.yahoo.com pixel.tapad.com aa.agkn.com .addthis.com dsum-sec.casalemedia.com tags.rd.linksynergy.com io.narrative.io match.sync.ad.cpe.dotomi.com .adingo.jp mid.rkdms.com usermatch.krxd.net match.sharethrough.com .express-scripts.com ib.adnxs.com su.addthis.com e.nexac.com uipglob.semasio.net .adsrvr.org .branch.io .simpli.fi i.ytimg.com .googleadservices.com cdn.cookielaw.org .onetrust.com; media-src 'self' blob: .express-scripts.com xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net .brightcove.com .prod.boltdns.net .akamaihd.net; frame-src 'self' xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net .qualtrics.com .youtube.com .demdex.net .google.com; child-src 'self' blob: .express-scripts.com xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net .youtube.com; font-src * 'self' data: .express-scripts.com fonts.googleapis.com fonts.gstatic.com .s3.amazonaws.com .amazonaws.com xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net; connect-src 'self' .express-scripts.com .qualtrics.com .adobedtm.com .everestjs.net .omtrdc.net .marketo.net .demdex.net .launchdarkly.com .brightcove.com .prod.boltdns.net .akamaihd.net .mktoresp.com api2.branch.io xforce-tricare-prod.s3.amazonaws.com d2n5rjkrf34tm5.cloudfront.net .branch.io app.link cdn.cookielaw.org *.onetrust.com; report-uri /report-csp-violation
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
api2.branch.io
app.link
assets.adobedtm.com
cdn.branch.io
cdn.cookielaw.org
cm.everesttech.net
cm.g.doubleclick.net
connect.facebook.net
d2n5rjkrf34tm5.cloudfront.net
dl.orders.express-scripts.com
dpm.demdex.net
ecms.express-scripts.com
esrx-web.app.link
expressscriptsholdin.tt.omtrdc.net
expressscriptsholdingcompany.demdex.net
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
militaryrx.express-scripts.com
openbadges.blob.core.windows.net
pixel.everesttech.net
siteintercept.qualtrics.com
smetrics.express-scripts.com
static.ads-twitter.com
t.co
www.facebook.com
zn7qchny5hadksvmv-expressscriptscx.siteintercept.qualtrics.com
analytics.twitter.com
104.17.208.240
104.244.42.133
142.250.186.162
143.204.215.48
146.75.116.157
167.211.52.197
18.245.86.13
2600:9000:206f:5c00:19:9934:6a80:93a1
2600:9000:223f:fa00:11:f728:3040:93a1
2600:9000:2449:e600:19:9934:6a80:93a1
2600:9000:2490:a800:0:a4a7:7b40:21
2606:4700:4400::ac40:9b77
2606:4700::6812:82ec
2a00:1450:4001:80f::2003
2a00:1450:4001:828::200a
2a02:26f0:3500:591::1e80
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
34.243.60.84
52.214.98.45
52.239.137.228
52.52.10.67
54.155.181.236
63.140.62.214
66.235.152.126
0b0a210e89ac35b54a9b4ccb0336ea91c561e6dc5f8bda49574da98d40799c6e
0c0165891934be409e1d54a330234e00155fe734bba106e2a84fd3c1bb87aad6
1e398d7e1be8e034e06112d41c1ddf1ec9881665fe923c28f7c2037dc35449e1
218b124794cea01e0364c0bf440923cf785f4d12efe1ec209a351ec9f06f989d
2ca3b492e58624d30201bfe06213e6a513c37f56ba433d9bae00e5513d5576b3
2cc6f92cffc1b849b032be8a159b38ce138b25dd2f6fc4a52ab44dfab32fcc04
377570f52641af2d624ca8e7d803747207283c6e61c2267afd622635f13686a6
3bdcd0c08698a8c925f8d49a720cfee9d3c733b650bbdd6697ac928ca2e6bb14
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
45ff32398cb33749753c925dd48822914d4f7e29715848dc29f3a95a9ad7a562
4868dea075d0e46297664e1df2db337d7780ec81fe7c446bbb383273f62e9b46
4d981c38cbe83e53d196ae6b881537cd8d524693ddf274671f75a37b0601d5a3
4de2ff50cccba8f16d039e5e169b14eca2d4eaeb0cbe4c7b83a6f99c29ff6e1b
5244f441c00bf4c0af56f23ab217d52452b69a572e243873663946fa2b3df6aa
5522275a7d62bf4ee851fb2ad88052d27afac459a6e887c1abebe6a0273a70bf
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
63e141b8260e3f1c7b4d85cdfa57ecfecaef816caa7a0128994967face41baea
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6b3106a5a411804e9ee3be2158fb491408aa4dc923e03a0c74376f30bc323333
7800a4434dd6334ef8cbe9ad96dc7bd9fe34c9bafd2aacfb306808a06fbfd092
78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7f88bb4ae82fff4b28375830a7d42e979b29ae75f6e8c9c8e819ead0ff9a3ae3
83357f2d2cdbd6c0db5103afd59ddf8edf72b69c9b48811b5d784f24f88683ed
881cf3190781a769b089056bf9ba1c779745489ea30d9978d63feeac62be76fa
8bcbd3709fe25c33e7ad8dba87149fede59cd5c3fa29c4a82a3e58a60eaaf59d
939fe220ac3999512e38ecd5397d7334210c1568e7aec55eb6c6f4d1316c8353
9778f10a8a3eb38bca1500c124b6ab794e1fef582786de3ea4db50668880d8b6
9b0dc405c6049e34bac12def1f1a69c8ceb07731ebff9138faa3c369435f56b3
9ea1823078c462969eaa59d6ef62623c19d77b72e25a103105b043aefaa0769a
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a7ad9db12275b6bcaa57a392d98122c99c0f7a80416da0edde9897e4330af8eb
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b4e9055c8626415454b366bf04474264bb008c22e3b9878afda7b72d6fec6bb8
bc857679ff68c3bd3687b79772b031af4e4c645cbf61600974883f4ff0dc332d
be82bff2875a3af4e6a828f2e0872662e0e9080f20aee60e18e5721da801e7d0
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f
c1031f6a21385139786c52fbe3f76ac012d8ecd830dc6229dc8d69108c3455fb
c1364af6743ffe21b20e013c1c65ae7d1b33b39ed427086a75ae5f6a74c82c63
c5b5c93f6affe076aa846f63596819be1a4b6ca73e58baf41f4b01db979fdb4f
c6709a4059947a46d4aabbf16f872f84de523ae708e362431daf29cd17d77b0c
ce36e3e83c453925a9fb9065486f99d41b183ce2cb99319599d80b3355ca222e
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d070a59346269db17df98fb6d45feda01af862bf7d05702d066b76154a79e811
d33eafe7c71aa27415b3fe0254b6e1c4be7cfccdb32fec684bf876f52b291cbe
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d420011478b9237ee35799a2ad0c8ec8dd01cb9d5cfc7295fdb48556c240c7b0
d5ae142c1d6e2a0e9bb21076b0940720288f2b87abfe928a6b10330542d621b6
d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf
d7978925dd91498b46c32c379065f5ddde155cfd7f92b10d4e59dc1d2b59fbf7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb6472e9ae91e487958bbe8d5045bf09e0efb9f6ba19ed0388ed680be2b50133
eddfd03feee7012ed1ba1634cfc33b17ee510bb72d9881b107019eece2c6c626
ee39d0cbc9e9cd88b7dac8ebca680b89e8879081f855152f21772c7834474437
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f19d03ffa928431e5d6a0954cf3ca7107f0a8df7e70c0985992fb9e2abbe3489
f2557fa86e42360b205c4b227b48db591a7137792f9f856c04015fc7526754b1
f729f403677779e0a1e05189be6774c90783d6b8682e004a75db9a2aa54a5df7
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
f930c6208dcb9b44c2f4c7890e932654db2069d4d870bbb42ec42a29ea63c18b
fb58abded97f2de35828ff8b0b7199a57664449eeb5cdc28c24a9d1e6782b1b5
fb5ec15bd84740064d76fc919738557851a3ee1eba231c37091d0a8d0d231298
fbb704018238f3c3666401f540c02b06ce0dc15f03bc05fe328fcd1a454e50f7

militaryrx.express-scripts.com Open in urlscan Pro 167.211.52.197 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

67 Requests

88 %HTTPS

44 %IPv6

20 Domains

28 Subdomains

21 IPs

4 Countries

976 kBTransfer

3041 kBSize

19 Cookies

25 Outgoing links

Page URL History

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

militaryrx.express-scripts.com Open in urlscan Pro
167.211.52.197 Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

88 %
HTTPS

44 %
IPv6

20
Domains

28
Subdomains

21
IPs

4
Countries

976 kB
Transfer

3041 kB
Size

19
Cookies

67 HTTP transactions
4 data transactions