indexo.dev

cvsspecialty.com

.com crawl

First seen 2026-04-19 · Last seen 2026-05-13 · ok HTTP/1.1 200 8019 ms crawled 2026-05-13

DE · 72.246.30.67 · AS16625 Akamai Technologies, Inc.

Reputation 100/100

Classifying

HTML metadata

Title
Specialty Pharmacy, Medication & Support – CVS Specialty
Language
en

Open Graph

url
https://www.cvsspecialty.com/
title
Home
site name
cvsspecialty

Technology

CDN
Fastly

Third-party hosts loaded (1)

  • tags.tiqcdn.com×1

Registration

Registrar
MarkMonitor Inc.
Created
2014-03-20
Expires
2027-03-20 303 days left
Updated
2026-02-16
Name servers
  • a1-84.akam.net
  • a13-65.akam.net
  • a14-66.akam.net
  • a18-67.akam.net
  • a7-64.akam.net
  • a8-65.akam.net

DNS records live

NS
  • a1-226.akam.net
  • a1-84.akam.net
  • a13-65.akam.net
  • a14-66.akam.net
  • a18-67.akam.net
  • a7-64.akam.net
  • a8-65.akam.net
  • eazshdcdnsextdns.cvshealth.com
MX
  • 10 usb-smtp-inbound-1.mimecast.com
  • 10 usb-smtp-inbound-2.mimecast.com
TXT
  • spf-cvs.egain.net
  • _stxfvn1setvmx0bd5nfotn5e9pztrby
  • _xnspp8jyvkfp4fn3b0i06u4pwaj9cqc
Verified for
  • GlobalSign
  • Google
  • Microsoft 365

Email authentication strong

SPF
v=spf1 include:%{d}.4e.spf-protect.agari.com exists:%{i}._i.%{d}._d.espf.agari.com ~all
softfail (~all)
DMARC
v=DMARC1; p=reject; fo=1; ri=3600; rua=mailto:aetna@rua.agari.com,mailto:e2133a63-86e3-4be6-8067-4a0049bf44b9@rep.usb.mimecastdmarcanalyzer.com; ruf=mailto:aetna@ruf.agari.com
policy: reject (enforced)
DKIM
no key found at common selectors

Certificate (current)

DigiCert EV RSA CA G2
from 2025-09-11 to 2026-09-11
Expires in 113 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.cvsspecialty.com/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-hashes' data: ws: wss: blob: 'unsafe-inline' 'unsafe-eval' *.cvs.com *.googleapis.com *.cvs.com:* *.caremark.com rxhealthalerts.com *.rxhealthalerts.com *.caremark.com:* cvshealth.com *.cvshealth.com *.cvsspecialty.com *.bluecore.com *.ctfassets.net *.impactradius-event.com *.eum-appdynamics.com *.cvscaremark.com *.cvscaremark.com:* *.foresee.com *.flippenterprise.net *.monetate.net *.go-mpulse.net *.bing.com *.virtualearth.net *.demdex.net healthlibrary.epnet.com druginfo.goldstandard.com *.akstat.io *.akamaihd.net *.everesttech.net *.bootstrapcdn.com *.distilnetworks.com cdnjs.com *.cloudflare.com *.vantivprelive.com *.jquery.com *.4seeresults.com *.webtrendslive.com *.youtube.com *.fontawesome.com *.tiqcdn.com *.adobe.com *.fepblue.org *.fepblue.org:* *.aetna.com *.aetna.com:* *.qualtrics.com *.googletagmanager.com *.quantummetric.com widget.medsoncue.com *.lpsnmedia.net lpsnmedia.net liveperson.com liveperson.net *.liveperson.net *.liveper.sn liveper.sn l
strict-transport-security
max-age=31536000 ; includeSubDomains

Links to (2)

Linked from (1)