www.welcometoxarelto.com Open in urlscan Pro
2606:4700::6812:11e4 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://email.itsm.jnj.com/c/eJx9UE1PxCAU_DXtTcJHKeXAAV0PNW5MTDReKaBtQ6FhWenPl11NsyffYfKSmfdmMkaQhpAG1pPAECNIcYsQooQDBAiBsm...
Effective URL:
https://www.welcometoxarelto.com/
Submission: On May 26 via manual (May 26th 2021, 12:23:18 pm UTC) from US

Summary HTTP 29 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 8 domains to perform 29 HTTP transactions. The main IP is 2606:4700::6812:11e4, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.welcometoxarelto.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 10th 2021. Valid for: a year.

This is the only time www.welcometoxarelto.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.36.78.216 52.36.78.216	16509 (AMAZON-02) (AMAZON-02)
1 15	2606:4700::68... 2606:4700::6812:11e4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2.20.20.244 2.20.20.244	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	13.32.21.4 13.32.21.4	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	13.32.21.5 13.32.21.5	16509 (AMAZON-02) (AMAZON-02)
1	143.204.202.71 143.204.202.71	16509 (AMAZON-02) (AMAZON-02)
29	11

1 52.36.78.216 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-36-78-216.us-west-2.compute.amazonaws.com

email.itsm.jnj.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700::6812:11e4 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.welcometoxarelto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.20.20.244 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-20-244.deploy.static.akamaitechnologies.com

sadmin.brightcove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.21.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-21-4.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.21.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-21-5.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.202.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-71.fra53.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	welcometoxarelto.com 1 redirects www.welcometoxarelto.com	339 KB
5	google-analytics.com www.google-analytics.com	19 KB
4	gstatic.com fonts.gstatic.com	91 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	62 KB
1	googletagmanager.com www.googletagmanager.com	51 KB
1	brightcove.com sadmin.brightcove.com	12 KB
1	googleapis.com fonts.googleapis.com	539 B
1	jnj.com 1 redirects email.itsm.jnj.com	202 B
29	8

	Domain	Requested by
15	www.welcometoxarelto.com	1 redirects www.welcometoxarelto.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	fonts.gstatic.com	fonts.googleapis.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	www.googletagmanager.com
1	www.googletagmanager.com	www.welcometoxarelto.com
1	sadmin.brightcove.com	www.welcometoxarelto.com
1	fonts.googleapis.com	www.welcometoxarelto.com
1	email.itsm.jnj.com	1 redirects
29	10

This site contains links to these domains. Also see Links.

Domain
www.janssenlabels.com
www.janssen.com
www.xareltohcp.com
www.xarelto.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-05-10` - `2022-05-09`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
sadmin.brightcove.com DigiCert SHA2 Secure Server CA	`2021-02-18` - `2022-02-22`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.welcometoxarelto.com/
Frame ID: D419DF34AE0D1FD4503B1EA0721A7FB8
Requests: 29 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-21ccaa45726c0f3c8c458f7a87eb2298.html
Frame ID: 7BCD620C2687482A833CBD5D68E8F211
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://email.itsm.jnj.com/c/eJx9UE1PxCAU_DXtTcJHKeXAAV0PNW5MTDReKaBtQ6FhWenPl11NsyffYfKSmfdmMkaQhpAG1p... HTTP 302
http://www.welcometoxarelto.com/ HTTP 301
https://www.welcometoxarelto.com/ Page URL

Detected technologies

Drupal (CMS) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Drupal(?:\s([\d.]+))?/i
headers expires /19 Nov 1978/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Drupal(?:\s([\d.]+))?/i
headers expires /19 Nov 1978/i

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

29
Requests

100 %
HTTPS

55 %
IPv6

8
Domains

10
Subdomains

11
IPs

2
Countries

573 kB
Transfer

1175 kB
Size

9
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: http://www.janssenlabels.com/package-insert/product-monograph/prescribing-information/XARELTO-pi.pdf
Title: Prescribing Information

Search URL Search Domain Scan URL

URL: http://www.janssenlabels.com/package-insert/product-patient-information/XARELTO-medication-guide.pdf
Title: Medication Guide

Search URL Search Domain Scan URL

URL: https://www.janssen.com/us/privacy-request
Title: Do not sell my personal information

Search URL Search Domain Scan URL

URL: https://www.janssen.com/

Search URL Search Domain Scan URL

URL: https://www.xareltohcp.com/
Title: For Healthcare Professionals

Search URL Search Domain Scan URL

URL: http://www.xarelto.com/?WHGGeoIP=off
Title: For Non-US Visitors

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://email.itsm.jnj.com/c/eJx9UE1PxCAU_DXtTcJHKeXAAV0PNW5MTDReKaBtQ6FhWenPl11NsyffYfKSmfdmMkaQhpAG1pPAECNIcYsQooQDBAiBsmWSo5YTzqisGjil0wJmPwMdlnoUWmvbsqYbiKbKMMI7PlClcUc0RwPt6o-7ZzVYJyp2X2G8xmDOOvWm7BWRBRWEb_A6rOFH18v-QuGHgtHqaZ2sT7t4Dl6lUXmgY8jGxpIn6PHkbQQhfu2Hai0-39Y8Lmpyt154az-vXnJ7WV6lfN9P7JZs9GpX-7Nzv0x5fPMCwsNfXPgEx3yUF0nFDrUTOWeQrSu92BQ2Fa1L4dpSFP_n_gGe1XDd HTTP 302
http://www.welcometoxarelto.com/ HTTP 301
https://www.welcometoxarelto.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.welcometoxarelto.com/
Redirect Chain

http://email.itsm.jnj.com/c/eJx9UE1PxCAU_DXtTcJHKeXAAV0PNW5MTDReKaBtQ6FhWenPl11NsyffYfKSmfdmMkaQhpAG1pPAECNIcYsQooQDBAiBsmWSo5YTzqisGjil0wJmPwMdlnoUWmvbsqYbiKbKMMI7PlClcUc0RwPt6o-7ZzVYJyp2X2G8xmDOO...
http://www.welcometoxarelto.com/
https://www.welcometoxarelto.com/

44 KB
12 KB

802ms
784ms

Document
text/html

2606:4700::6812:11e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.welcometoxarelto.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:11e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5b607855592438b1985c6cadcf58338dd1d71ffa08ae762cf7007bb9ce84deb

Security Headers

Name	Value
Content-Security-Policy	default-src ; script-src 'unsafe-eval' 'self' 'unsafe-inline' https:; object-src 'self' .youtube.com youtube.com; style-src * 'unsafe-inline'; img-src * data:; frame-src ; font-src data:; connect-src ; media-src blob:; worker-src 'self' blob:;
Strict-Transport-Security	max-age=600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.welcometoxarelto.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: JJCFGEOCC=de
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 12:23:00 GMT
content-type: text/html; charset=utf-8
x-drupal-cache: MISS
x-content-type-options: nosniff
content-security-policy: default-src *; script-src 'unsafe-eval' 'self' 'unsafe-inline' https:; object-src 'self' *.youtube.com youtube.com; style-src * 'unsafe-inline'; img-src * data:; frame-src *; font-src * data:; connect-src *; media-src * blob:; worker-src 'self' blob:;
strict-transport-security: max-age=600
content-language: en
x-frame-options: SAMEORIGIN
x-ua-compatible: IE=edge
x-generator: Drupal 7 (http://drupal.org)
link: <https://www.welcometoxarelto.com/>; rel="canonical",<https://www.welcometoxarelto.com/node/301>; rel="shortlink"
cache-control: public, max-age=21600
last-modified: Wed, 26 May 2021 12:22:59 GMT
expires: Sun, 19 Nov 1978 05:00:00 GMT
vary: Cookie,Accept-Encoding
x-request-id: v-1be951b8-be1d-11eb-8a0b-3f0ab68b9189
x-ah-environment: prod
via: varnish
x-cache: MISS
cf-cache-status: EXPIRED
cf-request-id: 0a4a39ddce00004e320bb47000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6556f8dc780c4e32-FRA
content-encoding: gzip

Redirect headers

Date: Wed, 26 May 2021 12:22:59 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
X-Content-Type-Options: nosniff
Location: https://www.welcometoxarelto.com/
Cache-Control: max-age=1209600
Expires: Sun, 06 Jun 2021 17:46:33 GMT
X-Request-ID: v-d07e09ce-bbee-11eb-9e51-afdfebc3acda
Via: varnish
X-Cache: HIT
X-Cache-Hits: 23
CF-Cache-Status: MISS
cf-request-id: 0a4a39dcc400004a97ef84a000000001
Set-Cookie: JJCFGEOCC=de; Max-Age=3600; Path=/; Domain=.welcometoxarelto.com;=nil
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6556f8dad9af4a97-FRA

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
539 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&display=swap

Requested by

Host: www.welcometoxarelto.com
URL: https://www.welcometoxarelto.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b2bf60cdc865727e1d99a2c149a5154192363d65c6d9441a3c30c90694422904

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.welcometoxarelto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 26 May 2021 11:54:03 GMT
server: ESF
date: Wed, 26 May 2021 12:23:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 May 2021 12:23:00 GMT

GET
H2 200 css__aszfDxxuYjbVIbN2mlgk4x0D6rwHUJywbYEqSCEmPG4__ahWGVKeQ86NHpHOmvyZokkSrQ-LsEyqNpXoTPwFCay8__-b8vIkQzuquGfa4Q34rKIVQP3LeR8jPZv6n3_NB7zSw.css
www.welcometoxarelto.com/sites/www.welcometoxarelto.com/files/advagg_css/ 30 KB
6 KB 28ms
28ms Stylesheet
text/css 2606:4700::6812:11e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.welcometoxarelto.com/sites/www.welcometoxarelto.com/files/advagg_css/css__aszfDxxuYjbVIbN2mlgk4x0D6rwHUJywbYEqSCEmPG4__ahWGVKeQ86NHpHOmvyZokkSrQ-LsEyqNpXoTPwFCay8__-b8vIkQzuquGfa4Q34rKIVQP3LeR8jPZv6n3_NB7zSw.css

Requested by

Host: www.welcometoxarelto.com
URL: https://www.welcometoxarelto.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:11e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6d1d90a9383b7bcc4cf285c02ae31817eb3b8c84e7f4c0b2d6dc0e74a83d57a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /sites/www.welcometoxarelto.com/files/advagg_css/css__aszfDxxuYjbVIbN2mlgk4x0D6rwHUJywbYEqSCEmPG4__ahWGVKeQ86NHpHOmvyZokkSrQ-LsEyqNpXoTPwFCay8__-b8vIkQzuquGfa4Q34rKIVQP3LeR8jPZv6n3_NB7zSw.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.welcometoxarelto.com
referer: https://www.welcometoxarelto.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.welcometoxarelto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 12:23:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 10098
x-cache: HIT
x-cache-hits: 582
x-ah-environment: prod
content-length: 5932
cf-request-id: 0a4a39e0e600004e32e6b03000000001
x-request-id: v-5d2114ce-b0ba-11eb-b477-9b1e228229db
last-modified: Thu, 03 Dec 2020 12:06:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
via: varnish
cache-control: max-age=31449600, no-transform, public, immutable
set-cookie: JJCFGEOCC=de; Max-Age=3600; Path=/; Domain=.welcometoxarelto.com;=nil
accept-ranges: bytes
cf-ray: 6556f8e17be14e32-FRA
expires: Sun, 08 May 2022 11:33:23 GMT

GET
H2 200 css__ztMd2i08i6gz6wXHau57SMO5lYizZDmapSe25RHHpIU__Z5PqgCvAikfEsbo6rDhrl985J3WINmfGRMmke_5bFSs__-b8vIkQzuquGfa4Q34rKIVQP3LeR8jPZv6n3_NB7zSw.css
www.welcometoxarelto.com/sites/www.welcometoxarelto.com/files/advagg_css/ 263 KB
41 KB 14ms
14ms Stylesheet
text/css 2606:4700::6812:11e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.welcometoxarelto.com/sites/www.welcometoxarelto.com/files/advagg_css/css__ztMd2i08i6gz6wXHau57SMO5lYizZDmapSe25RHHpIU__Z5PqgCvAikfEsbo6rDhrl985J3WINmfGRMmke_5bFSs__-b8vIkQzuquGfa4Q34rKIVQP3LeR8jPZv6n3_NB7zSw.css

Requested by

Host: www.welcometoxarelto.com
URL: https://www.welcometoxarelto.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:11e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ad2c34055d5add40ab64d0a5ff154f9d869e35348e90ce7cb6b2588aa5dae06

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /sites/www.welcometoxarelto.com/files/advagg_css/css__ztMd2i08i6gz6wXHau57SMO5lYizZDmapSe25RHHpIU__Z5PqgCvAikfEsbo6rDhrl985J3WINmfGRMmke_5bFSs__-b8vIkQzuquGfa4Q34rKIVQP3LeR8jPZv6n3_NB7zSw.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.welcometoxarelto.com
referer: https://www.welcometoxarelto.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.welcometoxarelto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 12:23:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 10098
x-cache: HIT
x-cache-hits: 576
x-ah-environment: prod
content-length: 41428
cf-request-id: 0a4a39e0e600004e3233255000000001
x-request-id: v-5d24068e-b0ba-11eb-bc7f-9b3e4fb73ed2
last-modified: Thu, 01 Apr 2021 05:53:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
via: varnish
cache-control: max-age=31449600, no-transform, public, immutable
set-cookie: JJCFGEOCC=de; Max-Age=3600; Path=/; Domain=.welcometoxarelto.com;=nil
accept-ranges: bytes
cf-ray: 6556f8e17be44e32-FRA
expires: Sun, 08 May 2022 11:33:23 GMT

GET
H/1.1 200
OK BrightcoveExperiences.js Show response
sadmin.brightcove.com/js/ 48 KB
12 KB 87ms
26ms Script
application/x-javascript 2.20.20.244
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sadmin.brightcove.com/js/BrightcoveExperiences.js

Requested by

Host: www.welcometoxarelto.com
URL: https://www.welcometoxarelto.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.20.20.244 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-20-20-244.deploy.static.akamaitechnologies.com

Software

AkamaiNetStorage /

Resource Hash

c9408cf5d8e0d12fb2b1d5ad6b4489be392384a4687962a0fc2a2877a57775c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=3156000

Request headers

Referer: https://www.welcometoxarelto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 26 May 2021 12:23:00 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 Jun 2018 15:36:45 GMT
Server: AkamaiNetStorage
ETag: "08117b928b93481e76c055da3748401b:1528299406"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/x-javascript
Cache-Control: max-age=300
Strict-Transport-Security: max-age=3156000
Accept-Ranges: bytes
Content-Length: 12140

GET
H2 200 xarelto_logo_324x90.webp
www.welcometoxarelto.com/sites/www.welcometoxarelto.com/files/ 10 KB
11 KB 26ms
26ms Image
image/webp 2606:4700::6812:11e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.welcometoxarelto.com/sites/www.welcometoxarelto.com/files/xarelto_logo_324x90.webp

Requested by

Host: www.welcometoxarelto.com
URL: https://www.welcometoxarelto.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:11e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf6e5daa83bc4c5479cbe8412fb0dd84dbf0461293dbf36866751238870481cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /sites/www.welcometoxarelto.com/files/xarelto_logo_324x90.webp
pragma: no-cache
cookie: JJCFGEOCC=de
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.welcometoxarelto.com
referer: https://www.welcometoxarelto.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.welcometoxarelto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 12:23:00 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 10097
x-cache: HIT
x-cache-hits: 28
x-ah-environment: prod
content-length: 10568
cf-request-id: 0a4a39e10200004e32ec226000000001
x-request-id: v-9b293ae2-bbcf-11eb-b283-cfb305b5349a
last-modified: Thu, 19 Nov 2020 10:25:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 6556f8e19c524e32-FRA
expires: Sun, 06 Jun 2021 14:03:10 GMT

GET
H2 200 gateway_started_desktop.webp
www.welcometoxarelto.com/sites/www.welcometoxarelto.com/files/ 24 KB
24 KB 558ms
558ms Image
image/webp 2606:4700::6812:11e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.welcometoxarelto.com/sites/www.welcometoxarelto.com/files/gateway_started_desktop.webp

Requested by

Host: www.welcometoxarelto.com
URL: https://www.welcometoxarelto.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:11e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b46b5ae0feb3769b206b678188e371f0656e8c815f3bb5b4dd01e12c6758bcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /sites/www.welcometoxarelto.com/files/gateway_started_desktop.webp
pragma: no-cache
cookie: JJCFGEOCC=de
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.welcometoxarelto.com
referer: https://www.welcometoxarelto.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.welcometoxarelto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 12:23:00 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
x-cache-hits: 18
x-ah-environment: prod
content-length: 24326
cf-request-id: 0a4a39e10600004e32e6b07000000001
x-request-id: v-9b5f43fa-bc59-11eb-b251-0f3ab68f3d31
last-modified: Thu, 19 Nov 2020 10:25:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 6556f8e1ac644e32-FRA
expires: Mon, 07 Jun 2021 06:31:00 GMT

GET
H2 200 xarelto-logo-white.png
www.welcometoxarelto.com/sites/www.welcometoxarelto.com/files/ 3 KB
3 KB 17ms
17ms Image
image/png 2606:4700::6812:11e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.welcometoxarelto.com/sites/www.welcometoxarelto.com/files/xarelto-logo-white.png

Requested by

Host: www.welcometoxarelto.com
URL: https://www.welcometoxarelto.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:11e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4de528839ba65269998d18bad8b2951e52897a6f3a3a8167937d7ad1f9a2bf47

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /sites/www.welcometoxarelto.com/files/xarelto-logo-white.png
pragma: no-cache
cookie: JJCFGEOCC=de
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.welcometoxarelto.com
referer: https://www.welcometoxarelto.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.welcometoxarelto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 12:23:00 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 10051
cf-polished: origSize=4860
x-cache: HIT
x-cache-hits: 30
x-ah-environment: prod
content-length: 3148
cf-request-id: 0a4a39e10a00004e32ed1ca000000001
x-request-id: v-0968f060-bbc6-11eb-8f3d-f77447c9c152
last-modified: Thu, 19 Nov 2020 10:25:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
expires: Sun, 06 Jun 2021 12:54:40 GMT
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 6556f8e1ac704e32-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 janssen-consumer-logo-transparent-rev.png
www.welcometoxarelto.com/sites/www.welcometoxarelto.com/files/ 2 KB
2 KB 30ms
29ms Image
image/png 2606:4700::6812:11e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.welcometoxarelto.com/sites/www.welcometoxarelto.com/files/janssen-consumer-logo-transparent-rev.png

Requested by

Host: www.welcometoxarelto.com
URL: https://www.welcometoxarelto.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:11e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5ec2fb8ccf34781475dda11cc140847359a90a9623043a3c86b68c4ec898e16

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /sites/www.welcometoxarelto.com/files/janssen-consumer-logo-transparent-rev.png
pragma: no-cache
cookie: JJCFGEOCC=de
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.welcometoxarelto.com
referer: https://www.welcometoxarelto.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.welcometoxarelto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 12:23:00 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 10051
cf-polished: origSize=4079
x-cache: HIT
x-cache-hits: 30
x-ah-environment: prod
content-length: 1938
cf-request-id: 0a4a39e10a00004e32ff369000000001
x-request-id: v-09679b70-bbc6-11eb-ae09-8feba122f8f7
last-modified: Thu, 19 Nov 2020 10:25:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
expires: Sun, 06 Jun 2021 12:54:40 GMT
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 6556f8e1ac764e32-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 js__crAl1nZZUFo5e87TzqNIcNAmIuiWVSNITKcYIZ7NIyw__cayOmDvteLhzTjnfJ27AkvZvzOyhuqB2wV3bSyOeTR4__-b8vIkQzuquGfa4Q34rKIVQP3LeR8jPZv6n3_NB7zSw.js Show response
www.welcometoxarelto.com/sites/www.welcometoxarelto.com/files/advagg_js/ 85 KB
85 KB 27ms
26ms Script
application/javascript 2606:4700::6812:11e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.welcometoxarelto.com/sites/www.welcometoxarelto.com/files/advagg_js/js__crAl1nZZUFo5e87TzqNIcNAmIuiWVSNITKcYIZ7NIyw__cayOmDvteLhzTjnfJ27AkvZvzOyhuqB2wV3bSyOeTR4__-b8vIkQzuquGfa4Q34rKIVQP3LeR8jPZv6n3_NB7zSw.js

Requested by

Host: www.welcometoxarelto.com
URL: https://www.welcometoxarelto.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:11e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

265572ef9c67dbcf70501d39b600b04a44facf16e2be30302e9eeefb04b15be7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /sites/www.welcometoxarelto.com/files/advagg_js/js__crAl1nZZUFo5e87TzqNIcNAmIuiWVSNITKcYIZ7NIyw__cayOmDvteLhzTjnfJ27AkvZvzOyhuqB2wV3bSyOeTR4__-b8vIkQzuquGfa4Q34rKIVQP3LeR8jPZv6n3_NB7zSw.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.welcometoxarelto.com
referer: https://www.welcometoxarelto.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.welcometoxarelto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 12:23:00 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 10097
cf-polished: origSize=87124
x-cache: HIT
x-cache-hits: 37
x-ah-environment: prod
content-length: 87080
cf-request-id: 0a4a39e0eb00004e321a0a0000000001
x-request-id: v-186c9dbe-bbb7-11eb-af35-cbfd5cfb12e3
last-modified: Fri, 04 Dec 2020 00:32:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
expires: Sun, 22 May 2022 11:07:42 GMT
cache-control: max-age=31449600, no-transform, public, immutable
set-cookie: JJCFGEOCC=de; Max-Age=3600; Path=/; Domain=.welcometoxarelto.com;=nil
accept-ranges: bytes
cf-ray: 6556f8e17bec4e32-FRA
cf-bgj: minify

GET
H2 200 js__ghM-BJY4JlUbg3C_npVCZ5eHS9YqcbjTg3GmJM21cms__nDn9Tr1jXJRD0bZPqp-3BNzDHtVDyRDSLvZ3BqiD_xg__-b8vIkQzuquGfa4Q34rKIVQP3LeR8jPZv6n3_NB7zSw.js Show response
www.welcometoxarelto.com/sites/www.welcometoxarelto.com/files/advagg_js/ 47 KB
47 KB 25ms
24ms Script
application/javascript 2606:4700::6812:11e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.welcometoxarelto.com/sites/www.welcometoxarelto.com/files/advagg_js/js__ghM-BJY4JlUbg3C_npVCZ5eHS9YqcbjTg3GmJM21cms__nDn9Tr1jXJRD0bZPqp-3BNzDHtVDyRDSLvZ3BqiD_xg__-b8vIkQzuquGfa4Q34rKIVQP3LeR8jPZv6n3_NB7zSw.js

Requested by

Host: www.welcometoxarelto.com
URL: https://www.welcometoxarelto.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:11e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3047b1c0bb7aee7804eb766d98ccfb91c0b12a650a7d32857c4a856736ff5a77

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /sites/www.welcometoxarelto.com/files/advagg_js/js__ghM-BJY4JlUbg3C_npVCZ5eHS9YqcbjTg3GmJM21cms__nDn9Tr1jXJRD0bZPqp-3BNzDHtVDyRDSLvZ3BqiD_xg__-b8vIkQzuquGfa4Q34rKIVQP3LeR8jPZv6n3_NB7zSw.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.welcometoxarelto.com
referer: https://www.welcometoxarelto.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.welcometoxarelto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 12:23:00 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 10097
cf-polished: origSize=50295
x-cache: HIT
x-cache-hits: 36
x-ah-environment: prod
content-length: 48282
cf-request-id: 0a4a39e0e800004e32069c1000000001
x-request-id: v-18747200-bbb7-11eb-a9ad-530f9414bd35
last-modified: Thu, 03 Dec 2020 16:18:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
expires: Sun, 22 May 2022 11:07:42 GMT
cache-control: max-age=31449600, no-transform, public, immutable
set-cookie: JJCFGEOCC=de; Max-Age=3600; Path=/; Domain=.welcometoxarelto.com;=nil
accept-ranges: bytes
cf-ray: 6556f8e17bf04e32-FRA
cf-bgj: minify

GET
H2 200 js__Yw9TOnr_eaBQ2DgujiRmOUGCeP8d0yNt_VoQoRu3XPE__4FvlcPfcloNzM58W1o5dS3WRPwWkMSF--Lj2XM5VTKc__-b8vIkQzuquGfa4Q34rKIVQP3LeR8jPZv6n3_NB7zSw.js Show response
www.welcometoxarelto.com/sites/www.welcometoxarelto.com/files/advagg_js/ 66 KB
66 KB 19ms
19ms Script
application/javascript 2606:4700::6812:11e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.welcometoxarelto.com/sites/www.welcometoxarelto.com/files/advagg_js/js__Yw9TOnr_eaBQ2DgujiRmOUGCeP8d0yNt_VoQoRu3XPE__4FvlcPfcloNzM58W1o5dS3WRPwWkMSF--Lj2XM5VTKc__-b8vIkQzuquGfa4Q34rKIVQP3LeR8jPZv6n3_NB7zSw.js

Requested by

Host: www.welcometoxarelto.com
URL: https://www.welcometoxarelto.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:11e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6acecc505a394dd1e7b4a9e93acafcd9ea62464ae750564c79ed6b4a66668d6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /sites/www.welcometoxarelto.com/files/advagg_js/js__Yw9TOnr_eaBQ2DgujiRmOUGCeP8d0yNt_VoQoRu3XPE__4FvlcPfcloNzM58W1o5dS3WRPwWkMSF--Lj2XM5VTKc__-b8vIkQzuquGfa4Q34rKIVQP3LeR8jPZv6n3_NB7zSw.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.welcometoxarelto.com
referer: https://www.welcometoxarelto.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.welcometoxarelto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 12:23:00 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 10097
cf-polished: origSize=71785
x-cache: HIT
x-cache-hits: 37
x-ah-environment: prod
content-length: 67228
cf-request-id: 0a4a39e0e900004e32e43b0000000001
x-request-id: v-3db4e2da-bbb6-11eb-8fe7-db22e0bd29b9
last-modified: Fri, 04 Dec 2020 00:32:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
expires: Sun, 22 May 2022 11:01:35 GMT
cache-control: max-age=31449600, no-transform, public, immutable
set-cookie: JJCFGEOCC=de; Max-Age=3600; Path=/; Domain=.welcometoxarelto.com;=nil
accept-ranges: bytes
cf-ray: 6556f8e17bf44e32-FRA
cf-bgj: minify

GET
H2 200 js__E1qqTzPig8GXR7KN2MyHjw6W2XjRE-IsOq5ai2p5TMA__zrmYwa_DvTURfJQz9gkk-4whf89Oqka6AU9Rc-a6Cd0__-b8vIkQzuquGfa4Q34rKIVQP3LeR8jPZv6n3_NB7zSw.js Show response
www.welcometoxarelto.com/sites/www.welcometoxarelto.com/files/advagg_js/ 26 KB
26 KB 26ms
25ms Script
application/javascript 2606:4700::6812:11e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.welcometoxarelto.com/sites/www.welcometoxarelto.com/files/advagg_js/js__E1qqTzPig8GXR7KN2MyHjw6W2XjRE-IsOq5ai2p5TMA__zrmYwa_DvTURfJQz9gkk-4whf89Oqka6AU9Rc-a6Cd0__-b8vIkQzuquGfa4Q34rKIVQP3LeR8jPZv6n3_NB7zSw.js

Requested by

Host: www.welcometoxarelto.com
URL: https://www.welcometoxarelto.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:11e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f57db3d495b32d13118bd8c9dff0f82a9cf70d7e87a07c2125dbb9f79b0a6eac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /sites/www.welcometoxarelto.com/files/advagg_js/js__E1qqTzPig8GXR7KN2MyHjw6W2XjRE-IsOq5ai2p5TMA__zrmYwa_DvTURfJQz9gkk-4whf89Oqka6AU9Rc-a6Cd0__-b8vIkQzuquGfa4Q34rKIVQP3LeR8jPZv6n3_NB7zSw.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.welcometoxarelto.com
referer: https://www.welcometoxarelto.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.welcometoxarelto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 12:23:00 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 10097
cf-polished: origSize=31249
x-cache: HIT
x-cache-hits: 40
x-ah-environment: prod
content-length: 26333
cf-request-id: 0a4a39e0e900004e32f4967000000001
x-request-id: v-72c2bbc2-bba8-11eb-8551-3f99f935d5f8
last-modified: Thu, 03 Dec 2020 16:18:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
expires: Sun, 22 May 2022 09:22:51 GMT
cache-control: max-age=31449600, no-transform, public, immutable
set-cookie: JJCFGEOCC=de; Max-Age=3600; Path=/; Domain=.welcometoxarelto.com;=nil
accept-ranges: bytes
cf-ray: 6556f8e17bf74e32-FRA
cf-bgj: minify

GET
H2 200 js__OJN9SnUH9ympkV1HxywvhDYWbb1NNDGqzMkcKy3U0pk__5Sh3y8Oh_GvFTvoaPOt_VLdrVKrl6mSOq1JYA97gPKw__-b8vIkQzuquGfa4Q34rKIVQP3LeR8jPZv6n3_NB7zSw.js Show response
www.welcometoxarelto.com/sites/www.welcometoxarelto.com/files/advagg_js/ 14 KB
14 KB 22ms
22ms Script
application/javascript 2606:4700::6812:11e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.welcometoxarelto.com/sites/www.welcometoxarelto.com/files/advagg_js/js__OJN9SnUH9ympkV1HxywvhDYWbb1NNDGqzMkcKy3U0pk__5Sh3y8Oh_GvFTvoaPOt_VLdrVKrl6mSOq1JYA97gPKw__-b8vIkQzuquGfa4Q34rKIVQP3LeR8jPZv6n3_NB7zSw.js

Requested by

Host: www.welcometoxarelto.com
URL: https://www.welcometoxarelto.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:11e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d71387b6af09931052d55843e04fcab48da5328209953d2bee1043f0cb376c80

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /sites/www.welcometoxarelto.com/files/advagg_js/js__OJN9SnUH9ympkV1HxywvhDYWbb1NNDGqzMkcKy3U0pk__5Sh3y8Oh_GvFTvoaPOt_VLdrVKrl6mSOq1JYA97gPKw__-b8vIkQzuquGfa4Q34rKIVQP3LeR8jPZv6n3_NB7zSw.js
pragma: no-cache
cookie: JJCFGEOCC=de
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.welcometoxarelto.com
referer: https://www.welcometoxarelto.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.welcometoxarelto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 12:23:00 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 10097
cf-polished: origSize=24496
x-cache: HIT
x-cache-hits: 580
x-ah-environment: prod
content-length: 14056
cf-request-id: 0a4a39e0f600004e322badf000000001
x-request-id: v-5d23de70-b0ba-11eb-9f52-57000a55c0f3
last-modified: Thu, 19 Nov 2020 10:30:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
expires: Sun, 08 May 2022 11:33:23 GMT
cache-control: max-age=31449600, no-transform, public, immutable
accept-ranges: bytes
cf-ray: 6556f8e18c2f4e32-FRA
cf-bgj: minify

GET
H2 200 search.svg
www.welcometoxarelto.com/sites/www.welcometoxarelto.com/themes/welcometoxarelto/images/ 353 B
425 B 23ms
21ms Image
image/svg+xml 2606:4700::6812:11e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.welcometoxarelto.com/sites/www.welcometoxarelto.com/themes/welcometoxarelto/images/search.svg

Requested by

Host: www.welcometoxarelto.com
URL: https://www.welcometoxarelto.com/sites/www.welcometoxarelto.com/files/advagg_css/css__ztMd2i08i6gz6wXHau57SMO5lYizZDmapSe25RHHpIU__Z5PqgCvAikfEsbo6rDhrl985J3WINmfGRMmke_5bFSs__-b8vIkQzuquGfa4Q34rKIVQP3LeR8jPZv6n3_NB7zSw.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:11e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

034d09e3f0127d44b03919a9a09612886d03eef4246273d5f0eea71934102cb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /sites/www.welcometoxarelto.com/themes/welcometoxarelto/images/search.svg
pragma: no-cache
cookie: JJCFGEOCC=de
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.welcometoxarelto.com
referer: https://www.welcometoxarelto.com/sites/www.welcometoxarelto.com/files/advagg_css/css__ztMd2i08i6gz6wXHau57SMO5lYizZDmapSe25RHHpIU__Z5PqgCvAikfEsbo6rDhrl985J3WINmfGRMmke_5bFSs__-b8vIkQzuquGfa4Q34rKIVQP3LeR8jPZv6n3_NB7zSw.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.welcometoxarelto.com/sites/www.welcometoxarelto.com/files/advagg_css/css__ztMd2i08i6gz6wXHau57SMO5lYizZDmapSe25RHHpIU__Z5PqgCvAikfEsbo6rDhrl985J3WINmfGRMmke_5bFSs__-b8vIkQzuquGfa4Q34rKIVQP3LeR8jPZv6n3_NB7zSw.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 12:23:00 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 10097
x-cache: HIT
x-cache-hits: 29
x-ah-environment: prod
content-encoding: gzip
cf-request-id: 0a4a39e11a00004e32ec228000000001
x-request-id: v-0988a720-bbc6-11eb-9d39-a774a67bae31
last-modified: Sun, 03 Jan 2021 10:21:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=1209600
cf-ray: 6556f8e1ccb44e32-FRA
expires: Sun, 06 Jun 2021 12:54:40 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ 23 KB
23 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.welcometoxarelto.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 15:44:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
age: 506333
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
expires: Fri, 20 May 2022 15:44:07 GMT

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ 22 KB
22 KB 12ms
10ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.welcometoxarelto.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 03:51:41 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:30 GMT
server: sffe
age: 289879
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22572
x-xss-protection: 0
expires: Mon, 23 May 2022 03:51:41 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ 22 KB
23 KB 9ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.welcometoxarelto.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 01:32:03 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:12 GMT
server: sffe
age: 125457
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
expires: Wed, 25 May 2022 01:32:03 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ 23 KB
23 KB 10ms
8ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9194059997d722ec01e41980dffbff03ebe00808b1cdd164a7fd18a561bc312a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.welcometoxarelto.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 21:58:12 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:05 GMT
server: sffe
age: 51888
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23248
x-xss-protection: 0
expires: Wed, 25 May 2022 21:58:12 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 147 KB
51 KB 33ms
33ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MCJF98B

Requested by

Host: www.welcometoxarelto.com
URL: https://www.welcometoxarelto.com/sites/www.welcometoxarelto.com/files/advagg_js/js__crAl1nZZUFo5e87TzqNIcNAmIuiWVSNITKcYIZ7NIyw__cayOmDvteLhzTjnfJ27AkvZvzOyhuqB2wV3bSyOeTR4__-b8vIkQzuquGfa4Q34rKIVQP3LeR8jPZv6n3_NB7zSw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b9662fef002fbfbe79a61b99f88e2bd3a5e4e18c416a4a3752cda9c44f69e128

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.welcometoxarelto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 12:23:00 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51898
x-xss-protection: 0
last-modified: Wed, 26 May 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 26 May 2021 12:23:00 GMT

GET
DATA 200
OK truncated
/ 54 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10d7df3af837244603c9fb9b8052934d2dd02eec3e9c1962db8a0fdbd972749e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 notice.json Show response
www.welcometoxarelto.com/jjfusion-notice/ 0
482 B 807ms
807ms XHR
application/json 2606:4700::6812:11e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.welcometoxarelto.com/jjfusion-notice/notice.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:11e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src ; script-src 'unsafe-eval' 'self' 'unsafe-inline' https:; object-src 'self' .youtube.com youtube.com; style-src * 'unsafe-inline'; img-src * data:; frame-src ; font-src data:; connect-src ; media-src blob:; worker-src 'self' blob:;
Strict-Transport-Security	max-age=600
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: JJCFGEOCC=de; has_js=1
:path: /jjfusion-notice/notice.json
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.welcometoxarelto.com
referer: https://www.welcometoxarelto.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: */*
Referer: https://www.welcometoxarelto.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 12:23:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: MISS
strict-transport-security: max-age=600
x-ah-environment: prod
content-length: 25
cf-request-id: 0a4a39e1c200004e32c63eb000000001
x-request-id: v-1c839bd8-be1d-11eb-a131-e7ed89cdd2a3
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
via: varnish
cache-control: public, max-age=0
content-security-policy: default-src *; script-src 'unsafe-eval' 'self' 'unsafe-inline' https:; object-src 'self' *.youtube.com youtube.com; style-src * 'unsafe-inline'; img-src * data:; frame-src *; font-src * data:; connect-src *; media-src * blob:; worker-src 'self' blob:;
accept-ranges: bytes
cf-ray: 6556f8e2df4d4e32-FRA
x-drupal-cache: MISS
expires: Sun, 19 Nov 1978 05:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MCJF98B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.welcometoxarelto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 3184
date: Wed, 26 May 2021 11:29:56 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Wed, 26 May 2021 13:29:56 GMT

GET
H2 200 hotjar-2174115.js Show response
static.hotjar.com/c/ 4 KB
2 KB 106ms
52ms Script
application/javascript 13.32.21.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2174115.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MCJF98B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.4 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-4.fra56.r.cloudfront.net

Software

Resource Hash

219eafdd23c35e517ef5325766d40d88d152b60c5c235e3a92e38a415a6d05a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.welcometoxarelto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 12:23:00 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA56-C2
etag: W/68f11ba79c68d8426be18edf35a7ad72
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
content-length: 1912
via: 1.1 07fbd2276304c86925071791c7032951.cloudfront.net (CloudFront)
x-amz-cf-id: dAAnyE3X3NmRImmslEN0fnB11m4foSpGzEp53T4fIJpCA0W74gNJ-g==

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 13ms
13ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=287276537&t=pageview&_s=1&dl=https%3A%2F%2Fwww.welcometoxarelto.com%2F&ul=en-us&de=UTF-8&dt=Welcome%20Kit%20%7C%20XARELTO%C2%AE%20(rivaroxaban)%20Welcome%20Kit&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=479510856&gjid=498841120&cid=1147008591.1622031780&tid=UA-123301540-5&_gid=691134692.1622031780&_r=1&gtm=2wg5j0MCJF98B&z=1006227234

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.welcometoxarelto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 26 May 2021 12:23:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.welcometoxarelto.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 14ms
13ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=287276537&t=pageview&_s=1&dl=https%3A%2F%2Fwww.welcometoxarelto.com%2F&ul=en-us&de=UTF-8&dt=Welcome%20Kit%20%7C%20XARELTO%C2%AE%20(rivaroxaban)%20Welcome%20Kit&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAAC~&jid=814272194&gjid=637189084&cid=1147008591.1622031780&tid=UA-125247474-1&_gid=691134692.1622031780&_r=1&gtm=2wg5j0MCJF98B&z=588148578

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.welcometoxarelto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 26 May 2021 12:23:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.welcometoxarelto.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.5a9f57d95ecbb1bf1965.js Show response
script.hotjar.com/ 219 KB
58 KB 80ms
29ms Script
application/javascript 13.32.21.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.5a9f57d95ecbb1bf1965.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2174115.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-5.fra56.r.cloudfront.net

Software

Resource Hash

2aaca02e26a6a0624f18176555865824e1adda828dd4e279b041f5d86fcbd897

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.welcometoxarelto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 14:15:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 166075
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 58986
access-control-allow-origin: *
last-modified: Mon, 24 May 2021 14:15:04 GMT
etag: "5ceb8315474bd4c418f908d57285720a"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cbe141923b7469a299306144733821c3.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: zPDuQV9bXs-iXjj2F_U5b97AjViPB3L_uwMZkppYBv0OHXUFZfbf2A==

GET
H2 200 box-21ccaa45726c0f3c8c458f7a87eb2298.html Show response
vars.hotjar.com/ Frame 7BCD 2 KB
1 KB 84ms
28ms Document
text/html 143.204.202.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-21ccaa45726c0f3c8c458f7a87eb2298.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2174115.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.202.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-71.fra53.r.cloudfront.net
Software: /
Resource Hash: c5da2e1eefbe4efd64ec18b775495cf3011d9ae03842917bfe1b0a50e03a7a44

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-21ccaa45726c0f3c8c458f7a87eb2298.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.welcometoxarelto.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.welcometoxarelto.com/

Response headers

content-type: text/html
content-length: 1044
date: Thu, 20 May 2021 13:17:05 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "6a4e2ae376c29011d2e53de65a08d0b7"
last-modified: Thu, 20 May 2021 13:16:24 GMT
x-amz-server-side-encryption: AES256
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: sqLOpfPnxKQrU2areSuXleLfKfZ1-Gy3Yvf8FyoHv8DbtaY-orYp5Q==
age: 515155

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=287276537&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.welcometoxarelto.com%2F&ul=en-us&de=UTF-8&dt=Welcome%20Kit%20%7C%20XARELTO%C2%AE%20(rivaroxaban)%20Welcome%20Kit&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2F&el=10%25&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=1147008591.1622031780&tid=UA-125247474-1&_gid=691134692.1622031780&gtm=2wg5j0MCJF98B&z=1469388905

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.welcometoxarelto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 May 2021 10:32:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 6615
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=287276537&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.welcometoxarelto.com%2F&ul=en-us&de=UTF-8&dt=Welcome%20Kit%20%7C%20XARELTO%C2%AE%20(rivaroxaban)%20Welcome%20Kit&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2F&el=20%25&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=1147008591.1622031780&tid=UA-125247474-1&_gid=691134692.1622031780&gtm=2wg5j0MCJF98B&z=1692712133

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.welcometoxarelto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 May 2021 10:32:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 6615
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.welcometoxarelto.com/	1970-01-20 03:19:27	Name: _hjid Value: 59ebcaa5-4bc1-4671-ba1c-a4477ada4def
.welcometoxarelto.com/	1969-12-31 23:59:59	Name: _hjTLDTest Value: 1
.welcometoxarelto.com/	1970-01-19 18:33:51	Name: _gat_UA-123301540-5 Value: 1
www.welcometoxarelto.com/	1969-12-31 23:59:59	Name: has_js Value: 1
.welcometoxarelto.com/	1970-01-19 18:33:53	Name: _hjFirstSeen Value: 1
.welcometoxarelto.com/	1970-01-19 18:35:18	Name: _gid Value: GA1.2.691134692.1622031780
.welcometoxarelto.com/	1970-01-19 18:33:51	Name: _gat_UA-125247474-1 Value: 1
.welcometoxarelto.com/	1970-01-20 12:05:03	Name: _ga Value: GA1.2.1147008591.1622031780
.welcometoxarelto.com/	1970-01-19 18:33:55	Name: JJCFGEOCC Value: de

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.welcometoxarelto.com/sites/www.welcometoxarelto.com/files/advagg_js/js__ghM-BJY4JlUbg3C_npVCZ5eHS9YqcbjTg3GmJM21cms__nDn9Tr1jXJRD0bZPqp-3BNzDHtVDyRDSLvZ3BqiD_xg__-b8vIkQzuquGfa4Q34rKIVQP3LeR8jPZv6n3_NB7zSw.js(Line 1) Message: JQMIGRATE: Migrate is installed, version 3.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src ; script-src 'unsafe-eval' 'self' 'unsafe-inline' https:; object-src 'self' .youtube.com youtube.com; style-src * 'unsafe-inline'; img-src * data:; frame-src ; font-src data:; connect-src ; media-src blob:; worker-src 'self' blob:;
Strict-Transport-Security	max-age=600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

email.itsm.jnj.com
fonts.googleapis.com
fonts.gstatic.com
sadmin.brightcove.com
script.hotjar.com
static.hotjar.com
vars.hotjar.com
www.google-analytics.com
www.googletagmanager.com
www.welcometoxarelto.com
13.32.21.4
13.32.21.5
143.204.202.71
2.20.20.244
2606:4700::6812:11e4
2a00:1450:4001:802::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:811::2008
2a00:1450:4001:82f::200a
2a00:1450:4001:82f::200e
52.36.78.216
034d09e3f0127d44b03919a9a09612886d03eef4246273d5f0eea71934102cb7
10d7df3af837244603c9fb9b8052934d2dd02eec3e9c1962db8a0fdbd972749e
219eafdd23c35e517ef5325766d40d88d152b60c5c235e3a92e38a415a6d05a3
265572ef9c67dbcf70501d39b600b04a44facf16e2be30302e9eeefb04b15be7
2aaca02e26a6a0624f18176555865824e1adda828dd4e279b041f5d86fcbd897
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
3047b1c0bb7aee7804eb766d98ccfb91c0b12a650a7d32857c4a856736ff5a77
4b46b5ae0feb3769b206b678188e371f0656e8c815f3bb5b4dd01e12c6758bcd
4de528839ba65269998d18bad8b2951e52897a6f3a3a8167937d7ad1f9a2bf47
6acecc505a394dd1e7b4a9e93acafcd9ea62464ae750564c79ed6b4a66668d6e
6ad2c34055d5add40ab64d0a5ff154f9d869e35348e90ce7cb6b2588aa5dae06
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
9194059997d722ec01e41980dffbff03ebe00808b1cdd164a7fd18a561bc312a
b2bf60cdc865727e1d99a2c149a5154192363d65c6d9441a3c30c90694422904
b9662fef002fbfbe79a61b99f88e2bd3a5e4e18c416a4a3752cda9c44f69e128
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c5b607855592438b1985c6cadcf58338dd1d71ffa08ae762cf7007bb9ce84deb
c5da2e1eefbe4efd64ec18b775495cf3011d9ae03842917bfe1b0a50e03a7a44
c9408cf5d8e0d12fb2b1d5ad6b4489be392384a4687962a0fc2a2877a57775c8
cf6e5daa83bc4c5479cbe8412fb0dd84dbf0461293dbf36866751238870481cf
d71387b6af09931052d55843e04fcab48da5328209953d2bee1043f0cb376c80
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f57db3d495b32d13118bd8c9dff0f82a9cf70d7e87a07c2125dbb9f79b0a6eac
f5ec2fb8ccf34781475dda11cc140847359a90a9623043a3c86b68c4ec898e16
f6d1d90a9383b7bcc4cf285c02ae31817eb3b8c84e7f4c0b2d6dc0e74a83d57a

www.welcometoxarelto.com Open in urlscan Pro 2606:4700::6812:11e4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

29 Requests

100 %HTTPS

55 %IPv6

8 Domains

10 Subdomains

11 IPs

2 Countries

573 kBTransfer

1175 kBSize

9 Cookies

6 Outgoing links

Page URL History

Redirected requests

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.welcometoxarelto.com Open in urlscan Pro
2606:4700::6812:11e4 Public Scan

Screenshot
Live screenshot

Full Image

29
Requests

100 %
HTTPS

55 %
IPv6

8
Domains

10
Subdomains

11
IPs

2
Countries

573 kB
Transfer

1175 kB
Size

9
Cookies

29 HTTP transactions
1 data transactions