HTTP/1.1 403 Forbidden
Connection: close
Content-Length: 5533
Server: Varnish
Retry-After: 0
Content-Type: text/html
Accept-Ranges: bytes
Date: Thu, 01 May 2025 04:43:21 GMT
Via: 1.1 varnish
Set-Cookie: _pxhd=-A67AOpfUGIITEF7LDg33Bcb1Gq4dALR9Htn8RddXUCJw6Sq40wcRPkfWAMqkNDrYnpb15XW4CFmBR4RmNbGFA==:3Gkwm5fjju9JDcwVzE5HZMEkCqhYZFMTxrg2tscGveMLiXL7tMtw8YSaLiol1NNduShphmZZD82tuCHCaDnShsf8JeoQEeQ9/2r1LCUEe28=; Max-Age=31536000; path=/; SameSite=Lax
X-Served-By: cache-sjc10076-SJC
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1746074602.751021,VS0,VE82
X-Fastly-Unique-Id: 2e41b03171824900827b80eb62273b29
X-Is-Bot: false
X-Grx-Origin: nweb
X-Location-State: CA
Set-Cookie: fastly_unique_id=2e41b03171824900827b80eb62273b29; expires=Mon, 19-Aug-2019 00:00:00 GMT; Path=/; secure
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Headers: x-px-cookies
Content-Security-Policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' data: blob: mediastream: android-webview-video-poster: goodrx.com *.goodrx.com *.goodrx.com. *.grxstatic.com *.grxweb.com *.heydoctor.com wss://api.positional.ai; block-all-mixed-content ; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: blob: mediastream: *.goodrx.com *.goodrx.com. *.grxstatic.com *.grxweb.com healthination.com *.heydoctor.com *.scorecardresearch.com unpkg.com assets.positional-bucket.com s3.amazonaws.com descopecdn.com static.descope.com *.px-cdn.net *.videoamp.com gx9e.app.link app.link *.px-cloud.net rampjs-cdn.system1.com *.trustpilot.com *.riddle.com *.sentry-cdn.com *.affirm.com static.legitscript.com *.osano.com *.doubleverify.com *.googletagservices.com *.2mdn.net *.adsafeprotected.com *.parsely.com www.datadoghq-browser-agent.com trc.lhmos.com *.adnxs.com *.adnxs-simple.com *.segment.io *.segment.com js.stripe.com *.branch.io *.adtrafficquality.google *.googleadservices.com *.googletagmanager.com *.quantummetric.com *.qualtrics.com sync.graph.bluecava.com *.hcn.health www.medtargetsystem.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.gstatic.com *.google.com *.jwpcdn.com *.jwplayer.com *.jwplatform.com *.jwpltx.com *.jwpsrv.com videos-fms.jwpsrv.com videos-cloudflare.jwpsrv.com *.optimizely.com *.google-analytics.com; style-src data: 'self' 'unsafe-inline' *.goodrx.com *.goodrx.com. *.grxstatic.com *.gstatic.com *.google.com *.googleapis.com s3.amazonaws.com assets.positional-bucket.com static.descope.com content.app.descope.com *.innovid.com; img-src data: blob: android-webview-video-poster: 'self' *.goodrx.com *.goodrx.com. *.grxstatic.com www.hellogoodrx.com *.heydoctor.com static.dwcdn.net *.scorecardresearch.com match.prod.bidr.io static.star2.descope.app static.descope.com *.insightexpressai.com bat.bing.com *.googleusercontent.com content.app.descope.com *.evidon.com *.doubleverify.com *.google-analytics.com *.innovid.com *.adsafeprotected.com goodrx-web-assets.s3.us-west-2.amazonaws.com sync.graph.bluecava.com s3.amazonaws.com *.ctfassets.net www.medtargetsystem.com *.adtrafficquality.google syndicatedsearch.goog *.hcn.health trc.lhmos.com *.adnxs.com *.adnxs-simple.com p.alcmpn.com *.adsrvr.org *.googleapis.com *.googleadservices.com *.gstatic.com *.googlesyndication.com *.google.com *.doubleclick.net *.googletagmanager.com *.jwpcdn.com *.jwplayer.com *.jwplatform.com *.jwpltx.com *.jwpsrv.com videos-fms.jwpsrv.com videos-cloudflare.jwpsrv.com static.legitscript.com *.parsely.com *.qualtrics.com *.2mdn.net *.riddle.com *.easyvax.com d4fuqqd5l3dbz.cloudfront.net; connect-src data: blob: 'self' goodrx.com *.goodrx.com *.goodrx.com. *.grxstatic.com *.grxweb.com *.heydoctor.com *.zapier.com *.scorecardresearch.com *.rlcdn.com *.adsafeprotected.com *.affirm.com gx9e.app.link app.link api.positional.ai wss://api.positional.ai cdn.contentful.com www.medtargetsystem.com soflopxl.com bat.bing.com static.star2.descope.app api.descope.com content.app.descope.com p.alcmpn.com *.googleadservices.com static.legitscript.com *.segment.com *.segment.io *.perimeterx.net *.pxchk.net *.perimeterx.net *.px-cdn.net *.parsely.com rampjs-cdn.system1.com trc.lhmos.com *.ctfassets.net rum.browser-intake-us5-datadoghq.com browser-intake-datadoghq.com *.browser-intake-datadoghq.com *.datadoghq.com *.googleadservices.com *.doubleverify.com *.sentry-cdn.com sentry.io *.ingest.sentry.io *.ingest.us.sentry.io *.optimizely.com *.px-cloud.net *.px-client.net *.doubleclick.net *.hcn.health *.gstatic.com *.googletagmanager.com *.google-analytics.com *.google.com *.googleapis.com *.googlesyndication.com *.googletagservices.com *.qualtrics.com sync.graph.bluecava.com *.quantummetric.com *.jwpcdn.com *.jwplayer.com *.jwplatform.com *.jwpltx.com *.jwpsrv.com videos-fms.jwpsrv.com videos-cloudflare.jwpsrv.com *.branch.io *.osano.com *.adtrafficquality.google globalsiteanalytics.com; font-src data: *.goodrx.com *.goodrx.com. *.heydoctor.com *.grxstatic.com *.gstatic.com cdnjs.cloudflare.com *.innovid.com *.typekit.net *.googleapis.com *.googleusercontent.com descopecdn.com static.descope.com content.app.descope.com maxcdn.bootstrapcdn.com; media-src data: blob: *.goodrx.com *.goodrx.com. *.grxstatic.com *.gstatic.com *.googlevideo.com *.gvt1.com *.2mdn.net *.innovid.com *.jwpcdn.com *.jwplayer.com *.jwplatform.com *.jwpltx.com *.jwpsrv.com videos-fms.jwpsrv.com videos-cloudflare.jwpsrv.com; frame-ancestors 'self' data: blob: mediastream: android-webview-video-poster: *.goodrx.com *.goodrx.com. *.grxstatic.com *.osano.com *.rlcdn.com hcpverify.com *.hcpverify.com iassist.com *.iassist.com *.contentful.com adzerk-preview.com; child-src blob: *.goodrx.com *.goodrx.com. *.grxstatic.com *.osano.com *.scorecardresearch.com *.googletagmanager.com *.qualtrics.com www.medtargetsystem.com *.hcn.health *.doubleclick.net *.googleapis.com *.googlesyndication.com syndicatedsearch.goog *.google.com *.googleadservices.com *.2mdn.net js.stripe.com datawrapper.dwcdn.net *.riddle.com *.trustpilot.com; worker-src blob: chrome: *.goodrx.com *.goodrx.com.; frame-src 'self' *.goodrx.com *.goodrx.com. *.grxstatic.com *.osano.com *.scorecardresearch.com scores.securityscorecard.io *.rlcdn.com *.affirm.com *.adsrvr.org bat.bing.com js.stripe.com assets.positional-bucket.com *.jwplayer.com www.youtube.com *.quantummetric.com partners-medicare.askchapter.org *.googletagservices.com *.adtrafficquality.google datawrapper.dwcdn.net *.hcn.health google.com *.google.com *.googletagmanager.com *.googleadservices.com *.googleapis.com *.doubleclick.net *.trustpilot.com syndicatedsearch.goog *.googlesyndication.com *.riddle.com *.2mdn.net *.qualtrics.com *.innovid.com *.medtargetsystem.com; script-src-elem blob: data: 'unsafe-inline' *.goodrx.com *.goodrx.com. *.grxstatic.com *.heydoctor.com *.scorecardresearch.com cdnjs.cloudflare.com unpkg.com bat.bing.com s3.amazonaws.com js.stripe.com *.jwpcdn.com *.adnxs.com trc.lhmos.com *.osano.com *.px-cloud.net *.px-cdn.net descopecdn.com static.descope.com content.app.descope.com rampjs-cdn.system1.com *.parsely.com *.segment.com *.segment.io gx9e.app.link app.link *.evidon.com *.quantummetric.com *.trustpilot.com *.doubleclick.net *.doubleverify.com *.googlesyndication.com *.google.com *.qualtrics.com *.hcn.health *.sentry-cdn.com *.videoamp.com *.adtrafficquality.google *.gstatic.com *.adsafeprotected.com choices.truste.com choices.trustarc.com *.innovid.com *.googleapis.com *.googleadservices.com *.googletagservices.com *.google-analytics.com *.googletagmanager.com *.affirm.com static.legitscript.com *.branch.io *.optimizely.com sync.graph.bluecava.com *.datadoghq-browser-agent.com *.2mdn.net *.riddle.com *.jwplatform.com *.jwplayer.com *.jwpcdn.co assets.positional-bucket.com healthination.com; style-src-elem blob: data: 'unsafe-inline' *.goodrx.com *.goodrx.com. *.grxstatic.com *.evidon.com assets.positional-bucket.com *.innovid.com s3.amazonaws.com *.gstatic.com *.google.com *.googleapis.com static.descope.com content.app.descope.com; object-src sync.graph.bluecava.com; report-uri https://sentry.io/api/5148329/security/?sentry_key=b77e90b1f5654f2e83a0238f4cf07987
X-Xss-Protection: 1; mode=block
Set-Cookie: grx_unique_id=f367a93815e44b7095bf208a3fd3e360; Expires=Fri, 01 May 2026 04:43:21 GMT; Path=/; Domain=.goodrx.com; Secure
Set-Cookie: optimizelyEndUserId=f367a93815e44b7095bf208a3fd3e360; Expires=Fri, 01 May 2026 04:43:21 GMT; Path=/; Domain=.goodrx.com; Secure
Set-Cookie: isVisitedHomepage=true; Expires=Fri, 01 May 2026 04:43:21 GMT; Path=/; Domain=.goodrx.com; Secure
Set-Cookie: grx_visit_start=1746074602; Expires=Fri, 01 May 2026 04:43:21 GMT; Path=/; Domain=.goodrx.com; Secure
Set-Cookie: grx_sa=false; Path=/; Domain=.goodrx.com; Secure
Set-Cookie: grx_location={"location":{"state":"CA","postalCode":"95051","city":"santa clara","country":"US"}}; Path=/; Domain=.goodrx.com; Secure
Strict-Transport-Security: max-age=31557600
SSL Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:d5:12:14:10:92:99:1f:6e:3f:3a:67:b5:b7:32:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign Atlas R3 DV TLS CA 2024 Q4
Validity
Not Before: Nov 14 05:05:10 2024 GMT
Not After : Dec 16 05:05:09 2025 GMT
Subject: CN=c.sni-561-default.ssl.fastly.net
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:bf:e6:a1:97:2b:e8:db:28:e9:f3:22:12:cd:b9:
8a:4a:43:08:ef:c2:68:5e:a4:ac:02:42:dd:73:ba:
3f:e4:33:92:14:81:3b:dc:e2:fa:d8:a3:9a:b0:30:
89:1e:c9:e3:ae:87:46:e8:6b:a0:ab:60:3a:df:ca:
79:ed:4e:3b:23:26:43:1f:1c:18:0c:29:c4:a4:7a:
3c:16:3b:67:ae:a1:5e:7a:4d:6d:fe:f6:81:2b:69:
c1:43:4a:b7:45:44:45:8c:77:ac:63:ea:1e:ad:44:
7a:80:5d:67:88:a5:8e:b2:e9:ce:2c:61:dc:ea:dd:
d6:45:02:ed:10:23:e2:db:3b:33:b5:4d:81:55:80:
58:0f:9e:24:ef:c4:95:7d:3d:1e:2d:62:1a:c2:3e:
b1:a2:fb:f1:13:8d:a4:99:5b:ed:cb:d1:fd:d3:f5:
97:1a:71:25:08:fa:f6:8e:40:ac:6b:f1:7b:49:f8:
f3:f5:f1:c8:ce:ad:34:63:d7:0a:95:16:f6:48:76:
7d:26:5b:16:5f:fc:7b:a8:b5:2c:0c:01:bc:26:48:
de:f6:e5:f8:f5:10:f7:b2:2d:23:2e:3c:35:1a:5f:
23:8c:4f:8b:3a:ae:a6:b3:a3:5e:68:98:53:76:dc:
96:f1:dc:f6:5e:a0:14:74:4d:b7:3a:a2:95:75:fb:
1e:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Alternative Name:
DNS:c.sni-561-default.ssl.fastly.net
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Subject Key Identifier:
BD:D6:7D:17:19:00:92:2B:16:9F:7E:86:13:09:B3:B4:AC:E1:A3:97
X509v3 Certificate Policies:
Policy: 2.23.140.1.2.1
Policy: 1.3.6.1.4.1.4146.10.1.3
CPS: https://www.globalsign.com/repository/
X509v3 Basic Constraints: critical
CA:FALSE
Authority Information Access:
OCSP - URI:http://ocsp.globalsign.com/ca/gsatlasr3dvtlsca2024q4
CA Issuers - URI:http://secure.globalsign.com/cacert/gsatlasr3dvtlsca2024q4.crt
X509v3 Authority Key Identifier:
60:91:EC:1C:02:F2:0E:FE:63:4F:65:CB:62:B0:02:2A:03:58:E9:B3
X509v3 CRL Distribution Points:
Full Name:
URI:http://crl.globalsign.com/ca/gsatlasr3dvtlsca2024q4.crl
CT Precertificate SCTs:
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 12:F1:4E:34:BD:53:72:4C:84:06:19:C3:8F:3F:7A:13:
F8:E7:B5:62:87:88:9C:6D:30:05:84:EB:E5:86:26:3A
Timestamp : Nov 14 05:05:10.316 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:21:00:B1:55:8A:2C:3C:8E:71:8B:A4:35:FD:
E0:1A:7F:2B:99:15:32:FA:24:58:A3:E5:9E:4F:49:49:
FF:18:A4:F7:79:02:20:0C:16:34:98:F3:33:20:E7:F1:
93:09:DA:C3:BB:8F:40:7F:7C:21:51:33:E5:AB:15:CA:
5C:BC:B1:79:ED:B5:A8
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 0D:E1:F2:30:2B:D3:0D:C1:40:62:12:09:EA:55:2E:FC:
47:74:7C:B1:D7:E9:30:EF:0E:42:1E:B4:7E:4E:AA:34
Timestamp : Nov 14 05:05:10.478 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:25:7C:EC:9A:D9:6A:07:0F:3B:DD:04:68:
65:7A:40:DC:B0:EC:23:F5:2E:BF:08:18:F8:1E:50:9B:
17:90:9D:E1:02:20:6B:15:E4:10:2D:4F:00:F4:D8:E4:
D6:53:D4:B0:A1:3C:91:CF:08:EF:0D:04:69:46:4E:B6:
65:1C:9D:B7:F0:87
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 7D:59:1E:12:E1:78:2A:7B:1C:61:67:7C:5E:FD:F8:D0:
87:5C:14:A0:4E:95:9E:B9:03:2F:D9:0E:8C:2E:79:B8
Timestamp : Nov 14 05:05:10.775 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:20:20:30:62:F8:46:A3:11:2A:89:BF:7F:DF:
36:32:E2:4C:10:E8:64:E4:43:C6:45:F0:62:11:CF:51:
76:DE:09:29:02:21:00:B9:F8:39:48:52:25:A6:C1:8E:
3E:95:67:16:5F:D7:EE:68:E6:CE:66:A8:12:45:C8:31:
CE:AD:10:14:43:93:A6
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
d1:c4:64:65:17:dd:cd:8f:e9:5e:87:59:08:3b:a2:7d:1c:a6:
67:1b:fe:66:67:37:c6:02:8e:e2:57:39:38:cf:68:0a:43:a7:
ac:02:89:d6:77:a5:37:24:45:eb:cd:04:c7:f6:31:06:0f:82:
39:d6:10:a3:4d:a9:b6:60:d4:97:fb:c3:c1:de:d6:52:c3:84:
c1:5f:b2:e7:fe:e5:50:28:ce:4f:75:59:88:16:11:9a:8e:3f:
8e:c2:75:39:f0:75:b5:54:8c:c8:03:95:bf:66:40:95:55:65:
78:f3:70:8f:28:6c:86:44:eb:66:39:08:ad:18:c9:48:87:de:
05:b8:39:58:2a:a6:69:50:82:70:66:ed:c7:52:34:70:bf:81:
db:09:4d:58:66:38:95:b3:2b:b6:ec:01:8c:6f:eb:e0:23:e6:
96:b9:62:7f:ce:d8:f4:89:d3:93:36:26:05:21:2e:87:14:c1:
83:91:80:db:ae:c9:ed:36:cb:b2:57:03:1a:9c:fb:ae:dd:cc:
6d:45:40:77:41:2b:7e:bd:64:df:08:8e:10:2b:f2:d1:5e:4c:
f1:1d:5d:02:d0:25:42:5d:7b:3f:de:72:9a:38:8e:5e:ee:45:
6a:f6:80:c2:0b:9f:d3:f5:df:10:be:62:24:ed:5e:71:79:51:
42:05:a5:59
