auth.rxsavingssolutions.com Open in urlscan Pro
2600:9000:2044:be00:15:18e0:a40:93a1  Public Scan

Submitted URL: https://protect-us.mimecast.com/s/rLFVC1wY7VC9B3qkF9yaBg?domain=click.salesforce.rxsavingssolutions.com
Effective URL: https://auth.rxsavingssolutions.com/activate?utm_campaign=Emp-RxRemail-1&utm_content=a&utm_medium=email&utm_source=savings
Submission: On June 28 via api from US — Scanned from US

Summary

This website contacted 12 IPs in 1 countries across 9 domains to perform 23 HTTP transactions. The main IP is 2600:9000:2044:be00:15:18e0:a40:93a1, located in United States and belongs to AMAZON-02, US. The main domain is auth.rxsavingssolutions.com.
TLS certificate: Issued by Amazon on September 13th 2021. Valid for: a year.
This is the only time auth.rxsavingssolutions.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
12 rxsavingssolutions.com
click.salesforce.rxsavingssolutions.com — Cisco Umbrella Rank: 653855
api.rxsavingssolutions.com
auth.rxsavingssolutions.com
580 KB
3 amazonaws.com
login-activation-cms.s3.amazonaws.com
380 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49
20 KB
2 pendo.io
cdn.pendo.io — Cisco Umbrella Rank: 1006
app.pendo.io — Cisco Umbrella Rank: 1367
143 KB
2 lr-ingest.io
cdn.lr-ingest.io — Cisco Umbrella Rank: 11981
r.lr-ingest.io — Cisco Umbrella Rank: 14857
162 KB
2 mimecast.com
protect-us.mimecast.com — Cisco Umbrella Rank: 7862
2 KB
1 rxss.design
assets.rxss.design
5 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 119
447 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 89
39 KB
23 9
Domain Requested by
8 auth.rxsavingssolutions.com auth.rxsavingssolutions.com
3 login-activation-cms.s3.amazonaws.com auth.rxsavingssolutions.com
3 api.rxsavingssolutions.com 1 redirects auth.rxsavingssolutions.com
2 www.google-analytics.com www.googletagmanager.com
auth.rxsavingssolutions.com
2 protect-us.mimecast.com 2 redirects
1 r.lr-ingest.io auth.rxsavingssolutions.com
1 assets.rxss.design
1 app.pendo.io
1 stats.g.doubleclick.net auth.rxsavingssolutions.com
1 cdn.pendo.io auth.rxsavingssolutions.com
1 www.googletagmanager.com auth.rxsavingssolutions.com
1 cdn.lr-ingest.io auth.rxsavingssolutions.com
1 click.salesforce.rxsavingssolutions.com 1 redirects
23 13

This site contains links to these domains. Also see Links.

Domain
rxsavingssolutions.com
Subject Issuer Validity Valid
*.auth.rxsavingssolutions.com
Amazon
2021-09-13 -
2022-10-12
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-05-11 -
2023-05-11
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
cdn.pendo.io
Amazon
2021-08-29 -
2022-09-27
a year crt.sh
api.rxsavingssolutions.com
Amazon
2022-06-22 -
2023-07-21
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
pendo.io
GTS CA 1D4
2022-05-05 -
2022-08-03
3 months crt.sh
*.s3.amazonaws.com
Amazon
2021-12-15 -
2022-12-03
a year crt.sh
rxss.design
Amazon
2022-03-25 -
2023-04-23
a year crt.sh
api.logrocket.com
R3
2022-06-26 -
2022-09-24
3 months crt.sh

This page contains 1 frames:

Primary Page: https://auth.rxsavingssolutions.com/activate?utm_campaign=Emp-RxRemail-1&utm_content=a&utm_medium=email&utm_source=savings
Frame ID: A0905F96F658919BDA39535D09263508
Requests: 23 HTTP requests in this frame

Screenshot

Page Title

Rx Savings Solutions

Page URL History Show full URLs

  1. https://protect-us.mimecast.com/s/rLFVC1wY7VC9B3qkF9yaBg?domain=click.salesforce.rxsavingssolutions.com HTTP 307
    https://protect-us.mimecast.com/redirect/eNqtlttuGzcQhl9FWPTSkodn0ughRoo2KeIAjZurqhB4GFqbaHfV5cpxEvjdO7uSE1t... HTTP 307
    https://click.salesforce.rxsavingssolutions.com/?qs=dfc7980778e92bf195f887837eec62ddbdebf3daa79d533e98e587169b21de78118ec8f3... HTTP 302
    https://api.rxsavingssolutions.com/register?utm_source=savings&utm_medium=email&utm_campaign=Emp-RxRemail-1&utm... HTTP 302
    https://auth.rxsavingssolutions.com/activate?utm_campaign=Emp-RxRemail-1&utm_content=a&utm_medium=email&utm_sour... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • cdn\.lr-ingest\.io

Page Statistics

23
Requests

96 %
HTTPS

54 %
IPv6

9
Domains

13
Subdomains

12
IPs

1
Countries

1330 kB
Transfer

3967 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://protect-us.mimecast.com/s/rLFVC1wY7VC9B3qkF9yaBg?domain=click.salesforce.rxsavingssolutions.com HTTP 307
    https://protect-us.mimecast.com/redirect/eNqtlttuGzcQhl9FWPTSkodn0ughRoo2KeIAjZurqhB4GFqbaHfV5cpxEvjdO7uSE1tNAF_4xjA5nNmZjzM_9bnq43aozqroS6lxkbtSnq2xbrHxbbuIXVOdVJsuVmfspOoxYr0dhrpBWmulpeDcGAAgGwXhJ5UfBh_XdZs7ivl5eVg32A5lWZ39TTu53uBr3yAtl9XQ-7Y0NX26axfYbJbVybIqa88mq-McNAQRuDNotcouoONZOm-lkFnHJC0qm--8uNKTXyY7swmi0lk7brTxPgjPvYfEMQpGKSsPgkc01oogpQawMWMQwLxNU7wmqSmYUlJFBwk9YvKMIQ_oKd6YDCjGpsN91w2XT50AYf7r43YPqsFS_BUuT_scLefzMuxCwP3BUn8aDwkB_PbkmHDo0sfFemiOyGauPCpjlcKUjZURtGJemmS8g4xSmWxiCsdkrWEmpehC9CpypzOVCSloLT1VAAjBOlBZeG0YXVPSCRiYYJGBSHTmAVlJnwHlgmd0u54nSDpkr7LSItM9w7fIPk0C98kOeDMsT4nQ5gFMK5j-Ds2BHB7QZCFbnVDbROkoECpRzwBikCElRlCVlVZKOKapqZWYNSGBQciRJ0_VS0eXYT1zHoU3MljGrWKaesYrFNLmhMYxzRngA5pMJKNipFy0dsg9s44AS5pPp22Q-C2aT5PA_2luN75u7-NkwoK4_eeWxCTVJCOj4rxsabWtU3VmSFu2njSmev728lyKcybI5KdTz9cY379982q_QTJBe-cx0rI0vqxpJUTUVpgIqJ0MQVknfKJhlYaRQEWhA0pNrTW6tKknj1GenhW_wZK7PuKivyn-um6vSuk2u_Eb5SB8ZRfe0fkfGMCsyxn7We67Zjascfbi4sXszc3s4Dgr2F_XEclnaIaLbtdSWdWuDNg3Yy2jyH4VRQJQb-t7mtje9ddvJL8ns-eTFk_8SIbrzWT6rkBP51LXTMjp4JFxTx3LCJo6QwjnNNg9i68pfcmAaro81HR5R-Mok8fhO07rcQ719tDMC8bYwpoF43IyrLsy7JVw8ItHxLrdX8XrLtFbVQFIWtdb-vdBaNpsytWIpvpRWIcmeZiTCsFccm3nXio-5zTQLGdrjE3PUv7ACgNKQoJb3AwLehv95ucxzl6hh0KxOIwvF6fJEeQLkpN912_Ish6GbTlbni5P46aO7x9Ryekv_5afUo7GWaAUSBhDZk5law11PWLUPKWQMGRB42tcUkKgG99F6n8XOKNxtYxZjDYLEnkdI4kuySK9Pz6DAnrRrNdak15aRJ6ssN4Jlgw5Bs651UyNHTRO49UqznG1K8BWpAqr60R_52b1ZWxX-8rJzM3q0P5zgj83ytFvBQ3cUqir3UT8ZR_ixfkn-drWv9b4h2ze_fn72w9kj-TZNdjH_eXdF4Uer_YasO27gXRkviuLUYBoOoZpaG__A_GNqdM HTTP 307
    https://click.salesforce.rxsavingssolutions.com/?qs=dfc7980778e92bf195f887837eec62ddbdebf3daa79d533e98e587169b21de78118ec8f36516cc059d01a03af0501e28a6661498ee2d838a931d7de7b2228615 HTTP 302
    https://api.rxsavingssolutions.com/register?utm_source=savings&utm_medium=email&utm_campaign=Emp-RxRemail-1&utm_content=a HTTP 302
    https://auth.rxsavingssolutions.com/activate?utm_campaign=Emp-RxRemail-1&utm_content=a&utm_medium=email&utm_source=savings Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request activate
auth.rxsavingssolutions.com/
Redirect Chain
  • https://protect-us.mimecast.com/s/rLFVC1wY7VC9B3qkF9yaBg?domain=click.salesforce.rxsavingssolutions.com
  • https://protect-us.mimecast.com/redirect/eNqtlttuGzcQhl9FWPTSkodn0ughRoo2KeIAjZurqhB4GFqbaHfV5cpxEvjdO7uSE1tNAF_4xjA5nNmZjzM_9bnq43aozqroS6lxkbtSnq2xbrHxbbuIXVOdVJsuVmfspOoxYr0dhrpBWmulpeDcGAAgGwXh...
  • https://click.salesforce.rxsavingssolutions.com/?qs=dfc7980778e92bf195f887837eec62ddbdebf3daa79d533e98e587169b21de78118ec8f36516cc059d01a03af0501e28a6661498ee2d838a931d7de7b2228615
  • https://api.rxsavingssolutions.com/register?utm_source=savings&utm_medium=email&utm_campaign=Emp-RxRemail-1&utm_content=a
  • https://auth.rxsavingssolutions.com/activate?utm_campaign=Emp-RxRemail-1&utm_content=a&utm_medium=email&utm_source=savings
1 KB
1 KB
Document
General
Full URL
https://auth.rxsavingssolutions.com/activate?utm_campaign=Emp-RxRemail-1&utm_content=a&utm_medium=email&utm_source=savings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2044:be00:15:18e0:a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
30dbfb44189243f6a649f5c1e3e42836097dbd09dc01ab12c98e3bb3fc38b010
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
public, max-age=0, s-maxage=2
content-encoding
gzip
content-type
text/html
date
Tue, 28 Jun 2022 16:44:02 GMT
etag
W/"5a4ec79b9ed09354c0cfb80b6e29bf16"
last-modified
Wed, 22 Jun 2022 23:02:10 GMT
server
AmazonS3
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 9a422b66005dee194bd3c5edef0ce892.cloudfront.net (CloudFront)
x-amz-cf-id
2HaMr0oBKxqiFawMgc4pSKp4fpwCm10SZDZ7OxO2_0zRC5jgFR5S5w==
x-amz-cf-pop
YTO50-C2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block

Redirect headers

cache-control
max-age=0, must-revalidate, no-cache, no-store, private
content-type
text/html; charset=UTF-8
date
Tue, 28 Jun 2022 16:44:01 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://auth.rxsavingssolutions.com/activate?utm_campaign=Emp-RxRemail-1&utm_content=a&utm_medium=email&utm_source=savings
pragma
no-cache
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains
vary
Origin
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
app.56411a15.css
auth.rxsavingssolutions.com/css/
20 KB
6 KB
Stylesheet
General
Full URL
https://auth.rxsavingssolutions.com/css/app.56411a15.css
Requested by
Host: auth.rxsavingssolutions.com
URL: https://auth.rxsavingssolutions.com/activate?utm_campaign=Emp-RxRemail-1&utm_content=a&utm_medium=email&utm_source=savings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2044:be00:15:18e0:a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dc3bf0431a51fdbc5f9ed6a7f28504276d6ea93d311978324221a30591157549
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://auth.rxsavingssolutions.com/activate?utm_campaign=Emp-RxRemail-1&utm_content=a&utm_medium=email&utm_source=savings
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 16:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
YTO50-C2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Wed, 22 Jun 2022 23:02:10 GMT
server
AmazonS3
x-frame-options
DENY
etag
W/"c938b041358181fd8553fbb2bc083dff"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css
via
1.1 9a422b66005dee194bd3c5edef0ce892.cloudfront.net (CloudFront)
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
xCj58975-YrJvE2vL0CRgXVnDLX7ZqD0tCaD0V_E62daQSvvkcBmzQ==
chunk-vendors.b20c9692.css
auth.rxsavingssolutions.com/css/
220 B
711 B
Stylesheet
General
Full URL
https://auth.rxsavingssolutions.com/css/chunk-vendors.b20c9692.css
Requested by
Host: auth.rxsavingssolutions.com
URL: https://auth.rxsavingssolutions.com/activate?utm_campaign=Emp-RxRemail-1&utm_content=a&utm_medium=email&utm_source=savings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2044:be00:15:18e0:a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3606d07767e5f07bcfc5c353559bdbd7c199af53ce7091b4370fd8f0389f2d49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://auth.rxsavingssolutions.com/activate?utm_campaign=Emp-RxRemail-1&utm_content=a&utm_medium=email&utm_source=savings
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 16:44:03 GMT
via
1.1 9a422b66005dee194bd3c5edef0ce892.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
YTO50-C2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
220
x-xss-protection
1; mode=block
last-modified
Wed, 22 Jun 2022 23:02:10 GMT
server
AmazonS3
x-frame-options
DENY
etag
"798b46d26550385bcd223edb1bd024a6"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
x-amz-cf-id
dHgHsUGFw9iGPRI2nhU8ZB1icYikYEol5iQiVeDlfVExPMXO-0uhWA==
app.91b24b53.js
auth.rxsavingssolutions.com/js/
575 KB
133 KB
Script
General
Full URL
https://auth.rxsavingssolutions.com/js/app.91b24b53.js
Requested by
Host: auth.rxsavingssolutions.com
URL: https://auth.rxsavingssolutions.com/activate?utm_campaign=Emp-RxRemail-1&utm_content=a&utm_medium=email&utm_source=savings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2044:be00:15:18e0:a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2638dc05c39664384271037bffe9052ee83e9ae52bb572002bc56ddf0cec756
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://auth.rxsavingssolutions.com/activate?utm_campaign=Emp-RxRemail-1&utm_content=a&utm_medium=email&utm_source=savings
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 16:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
YTO50-C2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Wed, 22 Jun 2022 23:02:10 GMT
server
AmazonS3
x-frame-options
DENY
etag
W/"2b6f2bc453fae9072d502ae1e8f4a038"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
via
1.1 9a422b66005dee194bd3c5edef0ce892.cloudfront.net (CloudFront)
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
VbY-4CY4u8cVZJGsE2hDfvATTVs6JeTw_c0F6S1o2hIA-aTje8mtrQ==
chunk-vendors.5912da6f.js
auth.rxsavingssolutions.com/js/
1 MB
346 KB
Script
General
Full URL
https://auth.rxsavingssolutions.com/js/chunk-vendors.5912da6f.js
Requested by
Host: auth.rxsavingssolutions.com
URL: https://auth.rxsavingssolutions.com/activate?utm_campaign=Emp-RxRemail-1&utm_content=a&utm_medium=email&utm_source=savings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2044:be00:15:18e0:a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b8f3913ad5874b6c0a6dbdebf962647c8c90651bf39f17b2468889055c0c4705
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://auth.rxsavingssolutions.com/activate?utm_campaign=Emp-RxRemail-1&utm_content=a&utm_medium=email&utm_source=savings
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 16:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
YTO50-C2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Wed, 22 Jun 2022 23:02:10 GMT
server
AmazonS3
x-frame-options
DENY
etag
W/"a0436dec384c6f0b03a6c5cd6712c630"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
via
1.1 9a422b66005dee194bd3c5edef0ce892.cloudfront.net (CloudFront)
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
fGo7KkVh6g5C-wrqyDoLfIwlo93DR9XOyo7PQ6j0eK2lyxz79sTNew==
chunk-48e809d6.8dc57a85.js
auth.rxsavingssolutions.com/js/
0
58 KB
Other
General
Full URL
https://auth.rxsavingssolutions.com/js/chunk-48e809d6.8dc57a85.js
Requested by
Host: auth.rxsavingssolutions.com
URL: https://auth.rxsavingssolutions.com/activate?utm_campaign=Emp-RxRemail-1&utm_content=a&utm_medium=email&utm_source=savings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2044:be00:15:18e0:a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://auth.rxsavingssolutions.com/activate?utm_campaign=Emp-RxRemail-1&utm_content=a&utm_medium=email&utm_source=savings
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 16:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
YTO50-C2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Wed, 22 Jun 2022 23:02:10 GMT
server
AmazonS3
x-frame-options
DENY
etag
W/"0b1efa8ce73cd8ebeff4dc060b24def4"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
via
1.1 9a422b66005dee194bd3c5edef0ce892.cloudfront.net (CloudFront)
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
Tl4iT2VJYgORCJVY1eXDS3KSlwdIcFDED8A79tjGV2PHHgV1AJV1wg==
logger-1.min.js
cdn.lr-ingest.io/
784 KB
162 KB
Script
General
Full URL
https://cdn.lr-ingest.io/logger-1.min.js
Requested by
Host: auth.rxsavingssolutions.com
URL: https://auth.rxsavingssolutions.com/js/chunk-vendors.5912da6f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a339 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3086b7a4b1f746b76f33b74cde21aead03e93ddeadf59548474428e3de4e8da
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
en-US,en;q=0.9
Referer
https://auth.rxsavingssolutions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 16:44:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31556926
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-lga21946-LGA
last-modified
Tue, 28 Jun 2022 14:31:13 GMT
server
cloudflare
x-timer
S1656426802.086792,VS0,VE1
etag
W/"875e76963ad37b11e4c84cc27d4b736a1fe64bac2505c1d26b9dd5151353a1a2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
x-fh-requested-host, accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ev%2F496M6%2Bdnug3P2PBGuZIM9um%2FTDh1CSJLumLt9qzyGvUZH9h7IPG%2FTD96pXrjXMYtj2Z22wsU0SFfiR8ySoWmBXVk5BX6c078UZNOW0elzeYeGJv%2BO3Tes6apgHJbc16M7MIpe3li3kWn83TWI"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
7227e28278208c84-EWR
x-cache-hits
1
js
www.googletagmanager.com/gtag/
101 KB
39 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-32662361-2&l=dataLayer
Requested by
Host: auth.rxsavingssolutions.com
URL: https://auth.rxsavingssolutions.com/js/chunk-vendors.5912da6f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
07fc4b4ce7f2ed61f4bf89ce4086a4deafc89eb8645769209e1486a69338ead2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://auth.rxsavingssolutions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 16:44:02 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39858
x-xss-protection
0
last-modified
Tue, 28 Jun 2022 16:03:43 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 28 Jun 2022 16:44:02 GMT
pendo.js
cdn.pendo.io/agent/static/a1de7355-b6c8-4141-6659-633e90075a43/
461 KB
143 KB
Script
General
Full URL
https://cdn.pendo.io/agent/static/a1de7355-b6c8-4141-6659-633e90075a43/pendo.js
Requested by
Host: auth.rxsavingssolutions.com
URL: https://auth.rxsavingssolutions.com/js/app.91b24b53.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2000:3400:1f:aa31:7740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
UploadServer /
Resource Hash
166e3ce46da87430c275c59511a26d164b6720beb4dffca7642ff7e2973f0f9b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://auth.rxsavingssolutions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 28 Jun 2022 16:42:30 GMT
Content-Encoding
gzip
Age
243
X-GUploader-UploadID
ADPycdsMlStzC2EaXjWccn66eHfANFpYpRQSW3yqkmnhspHEMZZ7M3AVp9J-QlrvKF1zNEsILvBD3SEBlNlzWfPUORtsUA
X-Cache
Hit from cloudfront
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Content-Length
145482
Access-Control-Allow-Origin
*
Last-Modified
Thu, 23 Jun 2022 18:17:43 GMT
Server
UploadServer
ETag
"70e3aa12a8e3988f5bbd436fec7f90c6"
Vary
Accept-Encoding
x-goog-hash
crc32c=y/SJVg==, md5=cOOqEqjjmI9bvUNv7H+Qxg==
x-goog-generation
1656008262989660
Via
1.1 dc9602daec919f7f064fc241167a9a90.cloudfront.net (CloudFront)
Access-Control-Expose-Headers
*
Cache-Control
max-age=450
x-goog-stored-content-length
145482
X-Amz-Cf-Pop
YTO50-C3
Accept-Ranges
bytes
Content-Type
application/javascript
X-Amz-Cf-Id
AF0jld3wlOIkxoJrGc47qNhuyefrZo7k2nZJkXkV-VY_YjtespVrcA==
Expires
Tue, 28 Jun 2022 16:47:29 GMT
status
api.rxsavingssolutions.com/login/
83 B
706 B
XHR
General
Full URL
https://api.rxsavingssolutions.com/login/status
Requested by
Host: auth.rxsavingssolutions.com
URL: https://auth.rxsavingssolutions.com/js/chunk-vendors.5912da6f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.234.252.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-252-4.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e125beaa4af5d40ed00615e975dc3cc07b7ad69f756286fa5f927f00d5d96648
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://auth.rxsavingssolutions.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 16:44:02 GMT
x-content-type-options
nosniff
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://auth.rxsavingssolutions.com
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=63072000; includeSubDomains
x-xss-protection
1; mode=block
ec1b46a8-b514-46d1-9f1b-aeab0ee83361
https://auth.rxsavingssolutions.com/
440 KB
0
Other
General
Full URL
blob:https://auth.rxsavingssolutions.com/ec1b46a8-b514-46d1-9f1b-aeab0ee83361
Requested by
Host: auth.rxsavingssolutions.com
URL: https://auth.rxsavingssolutions.com/activate?utm_campaign=Emp-RxRemail-1&utm_content=a&utm_medium=email&utm_source=savings
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b40bff3e5deaefdd0146026fe1f3b5f72f31637503936ff80739375dca77de90

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Length
450685
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-32662361-2&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://auth.rxsavingssolutions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
11
date
Tue, 28 Jun 2022 16:43:51 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 28 Jun 2022 18:43:51 GMT
collect
www.google-analytics.com/j/
2 B
215 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=615162626&t=pageview&_s=1&dl=https%3A%2F%2Fauth.rxsavingssolutions.com%2Factivate%3Futm_campaign%3DEmp-RxRemail-1%26utm_content%3Da%26utm_medium%3Demail%26utm_source%3Dsavings&dp=%2Factivate&ul=en-us&de=UTF-8&dt=Activation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=2079184330&gjid=1163768372&cid=355613148.1656434642&tid=UA-32662361-2&_gid=814402426.1656434642&_r=1&gtm=2ou6m0&z=96129498
Requested by
Host: auth.rxsavingssolutions.com
URL: https://auth.rxsavingssolutions.com/js/chunk-vendors.5912da6f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://auth.rxsavingssolutions.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 16:44:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://auth.rxsavingssolutions.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
1 B
447 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-32662361-2&cid=355613148.1656434642&jid=2079184330&gjid=1163768372&_gid=814402426.1656434642&_u=YEBAAUAAAAAAAC~&z=1740359601
Requested by
Host: auth.rxsavingssolutions.com
URL: https://auth.rxsavingssolutions.com/js/chunk-vendors.5912da6f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://auth.rxsavingssolutions.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 28 Jun 2022 16:44:02 GMT
content-type
text/plain
access-control-allow-origin
https://auth.rxsavingssolutions.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
a1de7355-b6c8-4141-6659-633e90075a43
app.pendo.io/data/ptm.gif/
42 B
324 B
Image
General
Full URL
https://app.pendo.io/data/ptm.gif/a1de7355-b6c8-4141-6659-633e90075a43?v=2.141.1_prod&ct=1656434642548&jzb=eJzdUctO3TAQ_Rcvugp5PqBXiqo-gloEtKXQLqrKmps4iSW_sMe5UHT_HSfQq67YddOd5_jMmTlzfj4QvDeMbIhkCCQiW6t3jlmKXAY0q6u6LMq6zKviJCIzdxy1pbwPDfRLe_nhM72mlxd8MBe_t7e3uyAAXae9wpWjvBAR8VYE-oRo3CZJwOMU2zsHM1ejc1p45Fq5uNMygQ75DMjeeJS0A2mAj6pppTm6urtiErg4yl6tf1ohU9jAWknWcy-blbACTnvbseZ5RljKWG0c2Tz8cbA8XzIhQI0exuUuTNGbb2R_MBZaQ2HAhvlv_4b6sHjg5ydJWid5mudBZ2bWBXcLHGdlFmc0bNIvak8C17D9dLgTPhVEOq9Op6_vxfTjY3t60wadwYJk6-c7ng_fh7NjC2fnxyWvl8jukQVzZZXuo0OcQkP_Upxl-j_Eubh89vY6q_7JWYsi3f96BFePEqU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.204.85 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
85.204.107.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://auth.rxsavingssolutions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 16:44:02 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Origin,Accept,Content-Type,Authorization
access-control-max-age
600
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
false
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
rxss
api.rxsavingssolutions.com/design-dictionaries/dictionaries/
2 KB
3 KB
XHR
General
Full URL
https://api.rxsavingssolutions.com/design-dictionaries/dictionaries/rxss
Requested by
Host: auth.rxsavingssolutions.com
URL: https://auth.rxsavingssolutions.com/js/chunk-vendors.5912da6f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.234.252.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-252-4.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b16da6e2212598dc252c900023b91ea045c302840776d5be0b03c3844658ecf2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://auth.rxsavingssolutions.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 16:44:03 GMT
x-content-type-options
nosniff
server
nginx
x-frame-options
DENY
vary
Origin
content-type
application/json
access-control-allow-origin
https://auth.rxsavingssolutions.com
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=63072000; includeSubDomains
x-xss-protection
1; mode=block
content_v17.json
login-activation-cms.s3.amazonaws.com/
61 KB
62 KB
XHR
General
Full URL
https://login-activation-cms.s3.amazonaws.com/content_v17.json
Requested by
Host: auth.rxsavingssolutions.com
URL: https://auth.rxsavingssolutions.com/js/chunk-vendors.5912da6f.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.169.123 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
4663c0940d5d0d20c6bb487aebb4af4d867a29dca28567bd2e1e12b29faf512f

Request headers

Accept
application/json, text/plain, */*
Referer
https://auth.rxsavingssolutions.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 28 Jun 2022 16:44:03 GMT
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
3A59VW4X8Q6Q6YHK
x-amz-server-side-encryption
AES256
Content-Length
62903
x-amz-id-2
Opbmnk9MPX3nXNRqCcqYurlqmB50UIn5oXNHLP7J3u0UOPuPOXHETueP0Yv5kx+6qrCJsPgk2wM=
Last-Modified
Fri, 27 May 2022 17:42:00 GMT
Server
AmazonS3
ETag
"795d5832376956f487ab3ac399429d1f"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
HEAD, GET, PUT, POST, DELETE
x-amz-version-id
XNzAr77BZkegsIkbTKTaeXyc7YSh0570
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2
Cache-Control
no-store
Accept-Ranges
bytes
Content-Type
application/json
activation_background.jpg
login-activation-cms.s3.amazonaws.com/rxss/activation/
313 KB
314 KB
Image
General
Full URL
https://login-activation-cms.s3.amazonaws.com/rxss/activation/activation_background.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.169.123 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
15966f72b75944c8294e2f2934826b6ac18b042ec33b5317b92085f5373a842b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://auth.rxsavingssolutions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
Date
Tue, 28 Jun 2022 16:44:04 GMT
Last-Modified
Wed, 18 Aug 2021 16:22:25 GMT
Server
AmazonS3
x-amz-request-id
G05EZ8GX43R8YJFM
ETag
"412173278e843b952c491f0b480e3f43"
x-amz-version-id
tVn.BvAuuk2DGhmTJhavZhVv9jXE5DtT
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
320684
x-amz-id-2
CGWpAL0TNOe1D1d2d1FEUwWgXhRZnC5VrkPYFaY9LU6GFdHN8mCvYyLyI2aGcijhptNYNlZTYdw=
800da3b0-675f-465f-892d-d76cecbdd5b1.aa208d41.woff2
auth.rxsavingssolutions.com/fonts/
28 KB
28 KB
Font
General
Full URL
https://auth.rxsavingssolutions.com/fonts/800da3b0-675f-465f-892d-d76cecbdd5b1.aa208d41.woff2
Requested by
Host: auth.rxsavingssolutions.com
URL: https://auth.rxsavingssolutions.com/css/app.56411a15.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2044:be00:15:18e0:a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f0e377151a40a2121ae37408dccef196d10b6e78036cc7f78aff9a4f2e29fc89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.rxsavingssolutions.com/css/app.56411a15.css
Origin
https://auth.rxsavingssolutions.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 16:44:04 GMT
via
1.1 9a422b66005dee194bd3c5edef0ce892.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
YTO50-C2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
28632
x-xss-protection
1; mode=block
last-modified
Wed, 22 Jun 2022 23:02:10 GMT
server
AmazonS3
x-frame-options
DENY
etag
"aa208d416edf264fed83943d57a68ecf"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
font/woff2
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
x-amz-cf-id
76bpczuv3m8EO0NUfhQg1tTWNBzG27LtAIGETnDbRJRUzjqeO_Gl2Q==
primaryLogo.svg
assets.rxss.design/images/rxss/
15 KB
5 KB
Image
General
Full URL
https://assets.rxss.design/images/rxss/primaryLogo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2000:9800:8:e57f:89c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
551be17882a95ea6af59a68b60ebd32eb93582ecf65775b9611c6956d21eeaaa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://auth.rxsavingssolutions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 16:11:17 GMT
content-encoding
gzip
etag
W/"111cb7312a3f714fe8e06a48982e0b6b"
last-modified
Fri, 25 Mar 2022 22:05:38 GMT
server
AmazonS3
age
9699
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 4d97f94583f1e10ee7186f0faa691d12.cloudfront.net (CloudFront)
x-amz-cf-pop
YTO50-C3
x-amz-cf-id
uYn6CmNHoTKyZtzBefYBwzpPelp0HJdf8L-xtIt7_mK_ZBXE2dXBIQ==
eligibilityStep.svg
login-activation-cms.s3.amazonaws.com/rxss/activation/eligibilityStep/
4 KB
4 KB
Image
General
Full URL
https://login-activation-cms.s3.amazonaws.com/rxss/activation/eligibilityStep/eligibilityStep.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.169.123 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
22f0c8828af6addb4c47a6fbe2acf38a558af4c47afbb9f781c2a1287219a964

Request headers

accept-language
en-US,en;q=0.9
Referer
https://auth.rxsavingssolutions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
Date
Tue, 28 Jun 2022 16:44:04 GMT
Last-Modified
Fri, 16 Jul 2021 03:12:11 GMT
Server
AmazonS3
x-amz-request-id
G052F25RWSMFTKQC
ETag
"296b2d2c18c62cfa6d048e8421c014f8"
x-amz-version-id
gALbIs0vUGwkZUkq8Iu64KkXu7XBfGM6
Accept-Ranges
bytes
Content-Type
image/svg+xml
Content-Length
4111
x-amz-id-2
xHNzbEJjDXOSsYt7Ws0bdXrWTe7t50gvDntfNZlamp6L/9B9uzfeTmkHcVQK4vbuUl+j6+INpck=
footerIcon.599c5c95.svg
auth.rxsavingssolutions.com/img/
3 KB
2 KB
Image
General
Full URL
https://auth.rxsavingssolutions.com/img/footerIcon.599c5c95.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2044:be00:15:18e0:a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d24e7713eee4a554f9bd3298f361834a270625666ae41508cc33cd404d04b400
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://auth.rxsavingssolutions.com/activate?utm_campaign=Emp-RxRemail-1&utm_content=a&utm_medium=email&utm_source=savings
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 16:44:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
YTO50-C2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Wed, 22 Jun 2022 23:02:10 GMT
server
AmazonS3
x-frame-options
DENY
etag
W/"599c5c95bc9f6bff4ff433040d8a2a7c"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/svg+xml
via
1.1 9a422b66005dee194bd3c5edef0ce892.cloudfront.net (CloudFront)
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
jrmiJ_f-KftXQglwRRXfts4DhZJSSSeJZ9B7Gp3OhLXDxkdrYdHdcQ==
i
r.lr-ingest.io/
78 B
362 B
XHR
General
Full URL
https://r.lr-ingest.io/i?a=vj7fnr%2Frx-savings-solutions&r=5-98fb116e-3071-44ba-bace-183654d1d569&t=307ea00f-0d61-4b49-9604-62a67c3d0b83&s=0&rs=0%2Cu
Requested by
Host: auth.rxsavingssolutions.com
URL: https://auth.rxsavingssolutions.com/js/chunk-vendors.5912da6f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.23.205 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
205.23.198.104.bc.googleusercontent.com
Software
/ Express
Resource Hash
0726a1460c479e6771c69b199c50878ab086b6688ee4360232d608a6c18ef142
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://auth.rxsavingssolutions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 16:44:06 GMT
etag
W/"4e-tVpdzeH1qOmgCYkZn233dffv4yA"
x-powered-by
Express
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
content-length
78

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| webpackJsonp object| regeneratorRuntime function| setImmediate function| clearImmediate object| FontAwesomeConfig object| ___FONT_AWESOME___ function| _lrMutationObserver object| __SDKCONFIG__ number| _rollbarStartTime function| rollbar boolean| _rollbarDidLoad function| _rollbarURH object| dataLayer function| gtag function| _lrXMLHttpRequest object| pendo function| _LRLogger boolean| _lr_loaded object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

8 Cookies

Domain/Path Name / Value
.rxsavingssolutions.com/ Name: private_label_name
Value: cnhzcw%3D%3D
.rxsavingssolutions.com/ Name: cnhzYXZpbmdzc29sdXRpb25zLmNvbQ%3D%3D-_lr_tabs_-vj7fnr%2Frx-savings-solutions
Value: {%22sessionID%22:0%2C%22recordingID%22:%225-98fb116e-3071-44ba-bace-183654d1d569%22%2C%22lastActivity%22:1656434642390}
.rxsavingssolutions.com/ Name: cnhzYXZpbmdzc29sdXRpb25zLmNvbQ%3D%3D-_lr_hb_-vj7fnr%2Frx-savings-solutions
Value: {%22heartbeat%22:1656434642390}
.rxsavingssolutions.com/ Name: cnhzYXZpbmdzc29sdXRpb25zLmNvbQ%3D%3D-_lr_uf_-vj7fnr
Value: 81bdc77d-0a2c-4243-8a63-780bb1b0ebe1
.rxsavingssolutions.com/ Name: _ga
Value: GA1.2.355613148.1656434642
.rxsavingssolutions.com/ Name: _gid
Value: GA1.2.814402426.1656434642
.rxsavingssolutions.com/ Name: _gat_gtag_UA_32662361_2
Value: 1
.rxsavingssolutions.com/ Name: laravel_session
Value: eyJpdiI6IkllOTRRZnU4a2xjOFRyWXdVb213T2c9PSIsInZhbHVlIjoiVHFWU29lQlZSelJjaXFjaDFQM2pSdFB2eG9kSi9MRElSeTU0V1ZML1BaOVhCUktxcHFtK2lpZk42R2lpN0txbDA0aFcrbzJpTERFbWtNV3d2SVFMdkg2bXBjZU5kZjhZL09IbWQ1azJWQkIwakRrKysrVitlNEU2clYrd0Q3REkiLCJtYWMiOiIyZjFjNTA4MTkyMjIwYTBhNDM5ODI0MGEwNGMzNzIyYWZkODg2MWM5NWRmYTY5ZjgwNWU2NmFhMDk4OTc5YWM5In0%3D

1 Console Messages

Source Level URL
Text
network error URL: https://api.rxsavingssolutions.com/login/status
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.rxsavingssolutions.com
app.pendo.io
assets.rxss.design
auth.rxsavingssolutions.com
cdn.lr-ingest.io
cdn.pendo.io
click.salesforce.rxsavingssolutions.com
login-activation-cms.s3.amazonaws.com
protect-us.mimecast.com
r.lr-ingest.io
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
104.198.23.205
13.111.48.123
205.139.111.117
2600:9000:2000:3400:1f:aa31:7740:93a1
2600:9000:2000:9800:8:e57f:89c0:93a1
2600:9000:2044:be00:15:18e0:a40:93a1
2606:4700:3033::ac43:a339
2607:f8b0:4004:c09::9c
2607:f8b0:4006:808::200e
2607:f8b0:4006:820::2008
34.107.204.85
34.234.252.4
52.216.169.123
0726a1460c479e6771c69b199c50878ab086b6688ee4360232d608a6c18ef142
07fc4b4ce7f2ed61f4bf89ce4086a4deafc89eb8645769209e1486a69338ead2
15966f72b75944c8294e2f2934826b6ac18b042ec33b5317b92085f5373a842b
166e3ce46da87430c275c59511a26d164b6720beb4dffca7642ff7e2973f0f9b
22f0c8828af6addb4c47a6fbe2acf38a558af4c47afbb9f781c2a1287219a964
30dbfb44189243f6a649f5c1e3e42836097dbd09dc01ab12c98e3bb3fc38b010
3606d07767e5f07bcfc5c353559bdbd7c199af53ce7091b4370fd8f0389f2d49
4663c0940d5d0d20c6bb487aebb4af4d867a29dca28567bd2e1e12b29faf512f
551be17882a95ea6af59a68b60ebd32eb93582ecf65775b9611c6956d21eeaaa
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
b16da6e2212598dc252c900023b91ea045c302840776d5be0b03c3844658ecf2
b40bff3e5deaefdd0146026fe1f3b5f72f31637503936ff80739375dca77de90
b8f3913ad5874b6c0a6dbdebf962647c8c90651bf39f17b2468889055c0c4705
d24e7713eee4a554f9bd3298f361834a270625666ae41508cc33cd404d04b400
dc3bf0431a51fdbc5f9ed6a7f28504276d6ea93d311978324221a30591157549
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e125beaa4af5d40ed00615e975dc3cc07b7ad69f756286fa5f927f00d5d96648
e2638dc05c39664384271037bffe9052ee83e9ae52bb572002bc56ddf0cec756
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e377151a40a2121ae37408dccef196d10b6e78036cc7f78aff9a4f2e29fc89
f3086b7a4b1f746b76f33b74cde21aead03e93ddeadf59548474428e3de4e8da