auth.rxsavingssolutions.com Open in urlscan Pro
2600:9000:2490:8a00:c:187a:d640:93a1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://auth.rxsavingssolutions.com/activate?utm_campaign=Emp-email&utm_content=a&utm_medium=email&utm_source=savings
Submission: On April 06 via api (April 6th 2023, 4:26:35 pm UTC) from US — Scanned from DE

Summary HTTP 28 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 9 domains to perform 28 HTTP transactions. The main IP is 2600:9000:2490:8a00:c:187a:d640:93a1, located in United States and belongs to AMAZON-02, US. The main domain is auth.rxsavingssolutions.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on October 27th 2022. Valid for: a year.

This is the only time auth.rxsavingssolutions.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	2600:9000:249... 2600:9000:2490:8a00:c:187a:d640:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223f:4200:1f:aa31:7740:93a1	16509 (AMAZON-02) (AMAZON-02)
2	52.216.50.153 52.216.50.153	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	34.107.204.85 34.107.204.85	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
4	35.201.81.77 35.201.81.77	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2600:9000:20e... 2600:9000:20eb:800:4:416c:4100:93a1	16509 (AMAZON-02) (AMAZON-02)
1	104.198.23.205 104.198.23.205	15169 (GOOGLE) (GOOGLE)
28	12

8 2600:9000:2490:8a00:c:187a:d640:93a1 (United States)

ASN16509 (AMAZON-02, US)

auth.rxsavingssolutions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.lr-ingest.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:4200:1f:aa31:7740:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.216.50.153 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

login-activation-cms.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.204.85 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 85.204.107.34.bc.googleusercontent.com

app.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.201.81.77 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 77.81.201.35.bc.googleusercontent.com

api.rollbar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:20eb:800:4:416c:4100:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.rxss.design	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.198.23.205 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 205.23.198.104.bc.googleusercontent.com

r.lr-ingest.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	rxsavingssolutions.com auth.rxsavingssolutions.com api.rxsavingssolutions.com Failed	623 KB
4	rollbar.com api.rollbar.com — Cisco Umbrella Rank: 9322	522 B
3	rxss.design assets.rxss.design
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
2	amazonaws.com login-activation-cms.s3.amazonaws.com	58 KB
2	pendo.io cdn.pendo.io — Cisco Umbrella Rank: 1029 app.pendo.io — Cisco Umbrella Rank: 2046	132 KB
2	lr-ingest.io cdn.lr-ingest.io — Cisco Umbrella Rank: 14863 r.lr-ingest.io — Cisco Umbrella Rank: 19557	163 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 100	354 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	44 KB
28	9

	Domain	Requested by
8	auth.rxsavingssolutions.com	auth.rxsavingssolutions.com
4	api.rollbar.com	auth.rxsavingssolutions.com
3	assets.rxss.design
2	www.google-analytics.com	www.googletagmanager.com auth.rxsavingssolutions.com
2	login-activation-cms.s3.amazonaws.com	auth.rxsavingssolutions.com
1	r.lr-ingest.io	auth.rxsavingssolutions.com
1	stats.g.doubleclick.net	auth.rxsavingssolutions.com
1	app.pendo.io
1	cdn.pendo.io	auth.rxsavingssolutions.com
1	www.googletagmanager.com	auth.rxsavingssolutions.com
1	cdn.lr-ingest.io	auth.rxsavingssolutions.com
0	api.rxsavingssolutions.com Failed	auth.rxsavingssolutions.com
28	12

This site contains links to these domains. Also see Links.

Domain
rxsavingssolutions.com

Subject Issuer	Validity	Valid
*.auth.rxsavingssolutions.com Amazon RSA 2048 M01	`2022-10-27` - `2023-11-25`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-11`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
cdn.pendo.io Amazon RSA 2048 M01	`2023-02-20` - `2023-08-28`	6 months	crt.sh
*.s3.amazonaws.com Amazon	`2022-09-21` - `2023-08-26`	a year	crt.sh
pendo.io GTS CA 1D4	`2023-02-21` - `2023-05-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
api.rollbar.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-17` - `2023-11-16`	a year	crt.sh
assets.rxss.design Amazon RSA 2048 M01	`2022-11-08` - `2023-12-07`	a year	crt.sh
api.logrocket.com R3	`2023-03-10` - `2023-06-08`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://auth.rxsavingssolutions.com/activate?utm_campaign=Emp-email&utm_content=a&utm_medium=email&utm_source=savings
Frame ID: 29BAC674829057893870393BA7E2B879
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Rx Savings Solutions

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

LogRocket (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.lr-ingest\.io

Page Statistics

28
Requests

89 %
HTTPS

64 %
IPv6

9
Domains

12
Subdomains

12
IPs

3
Countries

1042 kB
Transfer

3742 kB
Size

6
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://rxsavingssolutions.com/terms-and-conditions
Title: Terms and Conditions

Search URL Search Domain Scan URL

URL: https://rxsavingssolutions.com/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://rxsavingssolutions.com/faq-members
Title: Member FAQ

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request activate Show response
auth.rxsavingssolutions.com/ 1 KB
1 KB 234ms
170ms Document
text/html 2600:9000:2490:8a00:c:187a:d640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.rxsavingssolutions.com/activate?utm_campaign=Emp-email&utm_content=a&utm_medium=email&utm_source=savings

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:8a00:c:187a:d640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

85e5b0aa9297fc84560920ce75c5588fdb803d77e2139b7cef68cf077a66ad32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=0, s-maxage=2
content-encoding: gzip
content-type: text/html
date: Thu, 06 Apr 2023 16:26:30 GMT
etag: W/"ecaa9f08c83246a36ccd0bb9cc087c6a"
last-modified: Thu, 30 Mar 2023 21:39:50 GMT
server: AmazonS3
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront)
x-amz-cf-id: a9GYo2GiXdy_O2h4Os-CUlA1nRSuc8Ve88AChQrorEgTdTg6uQ9dUg==
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 app.774dc686.css
auth.rxsavingssolutions.com/css/ 27 KB
6 KB 188ms
187ms Stylesheet
text/css 2600:9000:2490:8a00:c:187a:d640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.rxsavingssolutions.com/css/app.774dc686.css

Requested by

Host: auth.rxsavingssolutions.com
URL: https://auth.rxsavingssolutions.com/activate?utm_campaign=Emp-email&utm_content=a&utm_medium=email&utm_source=savings

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:8a00:c:187a:d640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

015f2388981ab164090d9d96b09949084cbd1157717d2b8d6228210ad90e3a10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.rxsavingssolutions.com/activate?utm_campaign=Emp-email&utm_content=a&utm_medium=email&utm_source=savings
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 16:26:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
via: 1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
last-modified: Thu, 30 Mar 2023 21:39:50 GMT
server: AmazonS3
etag: W/"8c4201d3b029219913f150a74bb215c7"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: tKG9E2OPEeaxeCfg_WyXPzEI6FmDUzvYMd5xs3rimExpuWxx4_Ke1g==

GET
H2 200 chunk-vendors.3cc7468f.css
auth.rxsavingssolutions.com/css/ 244 B
735 B 241ms
240ms Stylesheet
text/css 2600:9000:2490:8a00:c:187a:d640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.rxsavingssolutions.com/css/chunk-vendors.3cc7468f.css

Requested by

Host: auth.rxsavingssolutions.com
URL: https://auth.rxsavingssolutions.com/activate?utm_campaign=Emp-email&utm_content=a&utm_medium=email&utm_source=savings

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:8a00:c:187a:d640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2709f00d922e2750309155f978d751474fa1204f0461568adea93081e6c0d06c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.rxsavingssolutions.com/activate?utm_campaign=Emp-email&utm_content=a&utm_medium=email&utm_source=savings
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 16:26:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 244
x-xss-protection: 1; mode=block
last-modified: Thu, 30 Mar 2023 21:39:50 GMT
server: AmazonS3
etag: "d707f5adfbe6192fdfa9aea86185bd2c"
x-frame-options: DENY
content-type: text/css
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
x-amz-cf-id: XfJSVmDQ6vsx52N75teUACYK0CH47i3lxlfUjd8f93gHPeQThGTJ8g==

GET
H2 200 app.06eb6104.js Show response
auth.rxsavingssolutions.com/js/ 565 KB
138 KB 186ms
185ms Script
application/javascript 2600:9000:2490:8a00:c:187a:d640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.rxsavingssolutions.com/js/app.06eb6104.js

Requested by

Host: auth.rxsavingssolutions.com
URL: https://auth.rxsavingssolutions.com/activate?utm_campaign=Emp-email&utm_content=a&utm_medium=email&utm_source=savings

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:8a00:c:187a:d640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c09b4254a22b73e46a89432cb1697427568ed6892b6c6768e0726529ce7774d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.rxsavingssolutions.com/activate?utm_campaign=Emp-email&utm_content=a&utm_medium=email&utm_source=savings
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 16:26:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
via: 1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
last-modified: Thu, 30 Mar 2023 21:39:50 GMT
server: AmazonS3
etag: W/"7269ec5e734445085342003ebdea9d23"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: uiHF_EkReDxbvIDTaaE5Pxi1h1g4OMZAbE8BDINWue8WCi1ttelsOQ==

GET
H2 200 chunk-vendors.31dad434.js Show response
auth.rxsavingssolutions.com/js/ 1 MB
388 KB 169ms
168ms Script
application/javascript 2600:9000:2490:8a00:c:187a:d640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.rxsavingssolutions.com/js/chunk-vendors.31dad434.js

Requested by

Host: auth.rxsavingssolutions.com
URL: https://auth.rxsavingssolutions.com/activate?utm_campaign=Emp-email&utm_content=a&utm_medium=email&utm_source=savings

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:8a00:c:187a:d640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

333e44af27ce599f2572513e36666cd601291a7b3161e98d222bfcdd2cc96f20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.rxsavingssolutions.com/activate?utm_campaign=Emp-email&utm_content=a&utm_medium=email&utm_source=savings
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 16:26:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
via: 1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
last-modified: Thu, 30 Mar 2023 21:39:50 GMT
server: AmazonS3
etag: W/"5e7c43bfab43a04d7be89aa2a7e0558e"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: WWuMXhB0ek4TS2GhtnY82hK6GWrYB8m_4Qrne1q0l-zk4mdcWjBQZA==

GET
H2 200 chunk-48e809d6.8dc57a85.js
auth.rxsavingssolutions.com/js/ 0
58 KB 153ms
153ms Other
application/javascript 2600:9000:2490:8a00:c:187a:d640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.rxsavingssolutions.com/js/chunk-48e809d6.8dc57a85.js

Requested by

Host: auth.rxsavingssolutions.com
URL: https://auth.rxsavingssolutions.com/activate?utm_campaign=Emp-email&utm_content=a&utm_medium=email&utm_source=savings

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:8a00:c:187a:d640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.rxsavingssolutions.com/activate?utm_campaign=Emp-email&utm_content=a&utm_medium=email&utm_source=savings
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 16:26:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
via: 1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
last-modified: Thu, 30 Mar 2023 21:39:50 GMT
server: AmazonS3
etag: W/"0b1efa8ce73cd8ebeff4dc060b24def4"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: jnSlu3496UrRtvl5oQdBlLgdeOrZALHW-euC6LMbNNSOxr-K469cng==

GET
H2 200 logger-1.min.js Show response
cdn.lr-ingest.io/ 819 KB
163 KB 68ms
28ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lr-ingest.io/logger-1.min.js

Requested by

Host: auth.rxsavingssolutions.com
URL: https://auth.rxsavingssolutions.com/js/chunk-vendors.31dad434.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07b3a59f28964410a83a54a2849ffdcc36c9a3143b61613eb84e754fc42e211f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.rxsavingssolutions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 16:26:30 GMT
strict-transport-security: max-age=31556926
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 258
x-cache: MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230097-FRA
last-modified: Thu, 06 Apr 2023 15:21:12 GMT
server: cloudflare
x-timer: S1680794505.181311,VS0,VE56
etag: W/"df5951fd3bf89cd1fed1506607f38bb2acee0cc00280c8534cf9b4e6da6dc1ec"
vary: x-fh-requested-host, accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WabcPHvUltIGi0m3WquOHeqH1hapBrd2JnWVvcG%2B%2Ba73Geo04tdLpcTpp2XS8OYSSMEpTyvrrhCun9KObWNq3k684gKpk%2FRwwRDT6FQCJzqloVw9O5kXRRungynfA0TdpzIAFfqjzEX9Z2XrgfqY"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 7b3b6492ac3135f1-FRA
x-cache-hits: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 113 KB
44 KB 45ms
20ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-32662361-2&l=dataLayer

Requested by

Host: auth.rxsavingssolutions.com
URL: https://auth.rxsavingssolutions.com/js/chunk-vendors.31dad434.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

84af026911d14872e1cc8aa175b57b8796462a346d2b4ca892cac3fc8e0d038a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.rxsavingssolutions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 16:26:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44899
x-xss-protection: 0
last-modified: Thu, 06 Apr 2023 16:05:58 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 06 Apr 2023 16:26:30 GMT

GET
H2 200 pendo.js Show response
cdn.pendo.io/agent/static/a1de7355-b6c8-4141-6659-633e90075a43/ 396 KB
132 KB 55ms
8ms Script
application/javascript 2600:9000:223f:4200:1f:aa31:7740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pendo.io/agent/static/a1de7355-b6c8-4141-6659-633e90075a43/pendo.js
Requested by: Host: auth.rxsavingssolutions.com
URL: https://auth.rxsavingssolutions.com/js/app.06eb6104.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4200:1f:aa31:7740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 07af38eaa10ed963c556543f89e2121322bde15568978550da137896cbecca6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.rxsavingssolutions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 16:26:25 GMT
content-encoding: gzip
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 5
x-guploader-uploadid: ADPycdsDQt4c2Xa7yikVmwOmXUFH92ZRcyxrVXX3xeVVP5wMrEtGRaF8xARcHXppibLuygP5QOlhHVV3TUAR1cZVI7pOuQ
x-cache: Hit from cloudfront
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 134224
last-modified: Tue, 04 Apr 2023 16:10:08 GMT
server: UploadServer
etag: "b4a7f69add1c1181a236546a02d45687"
vary: Accept-Encoding
x-goog-generation: 1680624608138536
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=XqnN3g==, md5=tKf2mt0cEYGiNlRqAtRWhw==
access-control-expose-headers: *
cache-control: max-age=450
x-goog-stored-content-length: 134224
accept-ranges: bytes
x-amz-cf-id: u5XqRh8Ym0cOC8mYrxG7hVmfPKogM40z5BcTeQ5V20SHbBvERrz6Tg==
expires: Thu, 06 Apr 2023 16:33:55 GMT

GET status
api.rxsavingssolutions.com/login/ 0
0

GET rxss
api.rxsavingssolutions.com/design-dictionaries/dictionaries/ 0
0

GET
H/1.1 200
OK en-prod_content.json Show response
login-activation-cms.s3.amazonaws.com/content/ 27 KB
28 KB 337ms
133ms XHR
application/json 52.216.50.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login-activation-cms.s3.amazonaws.com/content/en-prod_content.json
Requested by: Host: auth.rxsavingssolutions.com
URL: https://auth.rxsavingssolutions.com/js/chunk-vendors.31dad434.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.50.153 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 07342dbeb085f21a178a5fc67f9294f7133c6e3972670d8eb6e6eb0091b9c4c7

Request headers

Accept: application/json, text/plain, */*
Referer: https://auth.rxsavingssolutions.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 06 Apr 2023 16:26:31 GMT
x-amz-version-id: ci3i3add.pbjufnGn1jj.uZnU2_3pV_2
x-amz-request-id: KRCV3RDXW4YZJR29
x-amz-server-side-encryption: AES256
Content-Length: 27633
x-amz-id-2: 6RN+5yRGws0BXnJby4gMn8msW4/YJjPytk3o2/Ts5QwcJiw5h8Z5iSwxEyQ/MehEPCrHKY3Hk+M=
Last-Modified: Wed, 15 Feb 2023 21:19:34 GMT
Server: AmazonS3
ETag: "9f2669086c90c1b45b464270ea5d0a72"
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: HEAD, GET, PUT, POST, DELETE
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2
Cache-Control: no-store
Content-Type: application/json
Accept-Ranges: bytes

GET
H/1.1 200
OK es-prod_content.json Show response
login-activation-cms.s3.amazonaws.com/content/ 30 KB
30 KB 337ms
134ms XHR
application/json 52.216.50.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login-activation-cms.s3.amazonaws.com/content/es-prod_content.json
Requested by: Host: auth.rxsavingssolutions.com
URL: https://auth.rxsavingssolutions.com/js/chunk-vendors.31dad434.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.50.153 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 509c6eb1b69a0ab1579528a4f518c0d38006970ab5672af2ecf3e3cc5b085c6e

Request headers

Accept: application/json, text/plain, */*
Referer: https://auth.rxsavingssolutions.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 06 Apr 2023 16:26:31 GMT
x-amz-version-id: fZdQG.IPoFgngS39U2anyNVIOSZqJ9y_
x-amz-request-id: KRCPYE9CGHKCTJGF
x-amz-server-side-encryption: AES256
Content-Length: 30417
x-amz-id-2: tA+Gu1pR7Bnf2lYhRODDFV/pcqHvmWxrf667wwA+zooG+Qg0XHFq2WQ36v04L8eE+peDpA+RXb8=
Last-Modified: Wed, 15 Feb 2023 21:19:35 GMT
Server: AmazonS3
ETag: "2fe96335adbcd8159a85fd241e43ec8c"
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: HEAD, GET, PUT, POST, DELETE
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2
Cache-Control: no-store
Content-Type: application/json
Accept-Ranges: bytes

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 35ms
10ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-32662361-2&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.rxsavingssolutions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 06 Apr 2023 16:05:12 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 1278
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 06 Apr 2023 18:05:12 GMT

GET
BLOB 200
OK 50ed1e99-343d-4200-af02-ff82e87610c0
https://auth.rxsavingssolutions.com/ 455 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://auth.rxsavingssolutions.com/50ed1e99-343d-4200-af02-ff82e87610c0
Requested by: Host: auth.rxsavingssolutions.com
URL: https://auth.rxsavingssolutions.com/activate?utm_campaign=Emp-email&utm_content=a&utm_medium=email&utm_source=savings
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e487eff3da6dc9c31e71cdc152fea63765a626bdc3eb1879f8b0468d05a6d1ba

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Length: 465945
Content-Type

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
215 B 14ms
14ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=483736288&t=pageview&_s=1&dl=https%3A%2F%2Fauth.rxsavingssolutions.com%2Factivate%3Futm_campaign%3DEmp-email%26utm_content%3Da%26utm_medium%3Demail%26utm_source%3Dsavings&dp=%2Factivate&ul=en-us&de=UTF-8&dt=ActivationPage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACgCI~&jid=1264161294&gjid=822990541&cid=854152566.1680798390&tid=UA-32662361-2&_gid=1583883886.1680798390&_r=1&gtm=457e3430&jsscut=1&z=1524364320

Requested by

Host: auth.rxsavingssolutions.com
URL: https://auth.rxsavingssolutions.com/js/chunk-vendors.31dad434.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://auth.rxsavingssolutions.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 06 Apr 2023 16:26:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://auth.rxsavingssolutions.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 a1de7355-b6c8-4141-6659-633e90075a43
app.pendo.io/data/ptm.gif/ 42 B
360 B 206ms
160ms Image
image/gif 34.107.204.85
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.pendo.io/data/ptm.gif/a1de7355-b6c8-4141-6659-633e90075a43?v=2.178.1_prod&ct=1680798390293&jzb=eJzVUU1vEzEQ_S8-cAr73XQ30gohmkoVgaC2CARC1mTX2Tryl-xxIKry3zO7LYFTbxy4ed68eX5v5vsjw4MTbMG0QGAztvH2ZxCeo9SE5vM6u2zqssmKupmxvQwSreeypwH-afnxas3v-bfVXWlXu9vaXpMAdJ2NBieOiUrNWPSK6A-ILizSFCI-JP5XgL00QwhWRZTWhKSzOoUO5R5QvImoeQfagRxMu9TutdAg1asJtgaFwRamSoteRt3-aQcbfSfaZ3ny47x1gS0ef5sfny_5V2CGCMO4EmH45zt2PGeiUSocePr_7d9QT56Jn83TrEqLrChJZy98oGAEF0l-WSc5Jyf9qPYkcA-bm_OK8KlgW_m-uP2iRNit11fD6kA6Ww9aTM0iz7ZmuVPXXz-4dzfdaHZzQEHhquriODtfUlnoX7pkk_3nlxwDPseaN9U_2WhZXBx_nAAilA3d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.204.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

85.204.107.34.bc.googleusercontent.com

Software

istio-envoy /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.rxsavingssolutions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 16:26:30 GMT
via: 1.1 google
x-content-type-options: nosniff
server: istio-envoy
access-control-max-age: 600
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: false
x-envoy-upstream-service-time: 40
access-control-allow-headers: Origin,Accept,Content-Type,Authorization
content-length: 42
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
354 B 61ms
20ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-32662361-2&cid=854152566.1680798390&jid=1264161294&gjid=822990541&_gid=1583883886.1680798390&_u=YEBAAUAAAAAAACgCI~&z=2052045055

Requested by

Host: auth.rxsavingssolutions.com
URL: https://auth.rxsavingssolutions.com/js/chunk-vendors.31dad434.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://auth.rxsavingssolutions.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 06 Apr 2023 16:26:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://auth.rxsavingssolutions.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 /
api.rollbar.com/api/1/item/ 0
0 155ms
124ms Preflight 35.201.81.77
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rollbar.com/api/1/item/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.81.77 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 77.81.201.35.bc.googleusercontent.com
Software: nginx/1.17.9 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-rollbar-access-token
Access-Control-Request-Method: POST
Origin: https://auth.rxsavingssolutions.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-rollbar-access-token
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 06 Apr 2023 16:26:30 GMT
server: nginx/1.17.9
via: 1.1 google
x-response-time: 0.140ms

POST
H2 200 / Show response
api.rollbar.com/api/1/item/ 100 B
207 B 423ms
422ms XHR
application/json 35.201.81.77
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rollbar.com/api/1/item/
Requested by: Host: auth.rxsavingssolutions.com
URL: https://auth.rxsavingssolutions.com/js/chunk-vendors.31dad434.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.81.77 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 77.81.201.35.bc.googleusercontent.com
Software: nginx/1.17.9 /
Resource Hash: 5e16844a3f5c3be7cfb717a13ec85a16c56d565e643006a5deb73697a0c8a41d

Request headers

X-Rollbar-Access-Token: 97d66f6236264a5689609ee20f627d2f
Referer: https://auth.rxsavingssolutions.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

x-response-time: 291.737ms
date: Thu, 06 Apr 2023 16:26:30 GMT
via: 1.1 google
x-rate-limit-limit: 50000
x-rate-limit-remaining-seconds: 56
server: nginx/1.17.9
x-rate-limit-remaining: 49997
etag: W/"64-J+KAu8yS/UDNV5aIC9jB6w"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-rate-limit-reset: 1680798446
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100

OPTIONS
H2 204 /
api.rollbar.com/api/1/item/ 0
0 155ms
127ms Preflight 35.201.81.77
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rollbar.com/api/1/item/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.81.77 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 77.81.201.35.bc.googleusercontent.com
Software: nginx/1.17.9 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-rollbar-access-token
Access-Control-Request-Method: POST
Origin: https://auth.rxsavingssolutions.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-rollbar-access-token
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 06 Apr 2023 16:26:30 GMT
server: nginx/1.17.9
via: 1.1 google
x-response-time: 0.331ms

POST
H2 200 / Show response
api.rollbar.com/api/1/item/ 100 B
315 B 202ms
202ms XHR
application/json 35.201.81.77
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rollbar.com/api/1/item/
Requested by: Host: auth.rxsavingssolutions.com
URL: https://auth.rxsavingssolutions.com/js/chunk-vendors.31dad434.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.81.77 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 77.81.201.35.bc.googleusercontent.com
Software: nginx/1.17.9 /
Resource Hash: 94642820ef65adc2196ea5561a4bdf33e2c0163de6aa1feba8ab30b44907c8a2

Request headers

X-Rollbar-Access-Token: 97d66f6236264a5689609ee20f627d2f
Referer: https://auth.rxsavingssolutions.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

x-response-time: 74.681ms
date: Thu, 06 Apr 2023 16:26:30 GMT
via: 1.1 google
x-rate-limit-limit: 50000
x-rate-limit-remaining-seconds: 56
server: nginx/1.17.9
x-rate-limit-remaining: 49996
etag: W/"64-Ve1MtbiOpLX5zwPXY2+KXg"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-rate-limit-reset: 1680798446
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100

GET
H2 403 activation_background.jpg
assets.rxss.design/images/rxss/auth_assets/ 0
0 497ms
403ms Image
application/xml 2600:9000:20eb:800:4:416c:4100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.rxss.design/images/rxss/auth_assets/activation_background.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:800:4:416c:4100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.rxsavingssolutions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 200 800da3b0-675f-465f-892d-d76cecbdd5b1.aa208d41.woff2
auth.rxsavingssolutions.com/fonts/ 28 KB
28 KB 158ms
158ms Font
font/woff2 2600:9000:2490:8a00:c:187a:d640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.rxsavingssolutions.com/fonts/800da3b0-675f-465f-892d-d76cecbdd5b1.aa208d41.woff2

Requested by

Host: auth.rxsavingssolutions.com
URL: https://auth.rxsavingssolutions.com/css/app.774dc686.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:8a00:c:187a:d640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f0e377151a40a2121ae37408dccef196d10b6e78036cc7f78aff9a4f2e29fc89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://auth.rxsavingssolutions.com/css/app.774dc686.css
Origin: https://auth.rxsavingssolutions.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 16:26:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 28632
x-xss-protection: 1; mode=block
last-modified: Thu, 30 Mar 2023 21:39:50 GMT
server: AmazonS3
etag: "aa208d416edf264fed83943d57a68ecf"
x-frame-options: DENY
content-type: font/woff2
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
x-amz-cf-id: jci4U50bhGoIYcUMrpNOXVSprN1Opt-CH6BUR2UOpT2MLked3PjHHw==

GET
H2 403 primaryLogo.svg
assets.rxss.design/images/rxss/ 0
0 485ms
405ms Image
application/xml 2600:9000:20eb:800:4:416c:4100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.rxss.design/images/rxss/primaryLogo.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:800:4:416c:4100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.rxsavingssolutions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 403 eligibilityStep.svg
assets.rxss.design/images/rxss/auth_assets/ 0
0 484ms
404ms Image
application/xml 2600:9000:20eb:800:4:416c:4100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.rxss.design/images/rxss/auth_assets/eligibilityStep.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:800:4:416c:4100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.rxsavingssolutions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 200 footerIcon.599c5c95.svg
auth.rxsavingssolutions.com/img/ 3 KB
2 KB 163ms
162ms Image
image/svg+xml 2600:9000:2490:8a00:c:187a:d640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auth.rxsavingssolutions.com/img/footerIcon.599c5c95.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:8a00:c:187a:d640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d24e7713eee4a554f9bd3298f361834a270625666ae41508cc33cd404d04b400

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.rxsavingssolutions.com/activate?utm_campaign=Emp-email&utm_content=a&utm_medium=email&utm_source=savings
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 16:26:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
via: 1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
last-modified: Thu, 30 Mar 2023 21:39:50 GMT
server: AmazonS3
etag: W/"599c5c95bc9f6bff4ff433040d8a2a7c"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: 6yZmvPWym8Li7CfWDBmujGxRk47U8QLsQXpliSOPY2GfRp6LAKgtlg==

POST
H2 201 i Show response
r.lr-ingest.io/ 78 B
604 B 1275ms
556ms XHR
application/json 104.198.23.205
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r.lr-ingest.io/i?a=vj7fnr%2Frx-savings-solutions&r=5-06126152-194e-450d-a7bd-5ad74bc1ab32&t=69d84452-ed7f-4e43-a15e-9281ee39533e&s=0&rs=0%2Cu&u=3d256155-703b-4bb4-94f8-620fe8ec12b8&is=1

Requested by

Host: auth.rxsavingssolutions.com
URL: https://auth.rxsavingssolutions.com/js/chunk-vendors.31dad434.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.23.205 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

205.23.198.104.bc.googleusercontent.com

Software

/ Express

Resource Hash

0726a1460c479e6771c69b199c50878ab086b6688ee4360232d608a6c18ef142

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.rxsavingssolutions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 16:26:34 GMT
strict-transport-security: max-age=15724800; includeSubDomains
etag: W/"4e-tVpdzeH1qOmgCYkZn233dffv4yA"
x-powered-by: Express
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret,X-LogRocket-ClickHouse-Override,X-LogRocket-ClickHouse-Enabled-Queries
content-length: 78

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.rxsavingssolutions.com
URL: https://api.rxsavingssolutions.com/login/status

Domain: api.rxsavingssolutions.com
URL: https://api.rxsavingssolutions.com/design-dictionaries/dictionaries/rxss

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rxsavingssolutions.com/	1970-01-20 10:54:44	Name: cnhzYXZpbmdzc29sdXRpb25zLmNvbQ%3D%3D-_lr_tabs_-vj7fnr%2Frx-savings-solutions Value: {%22sessionID%22:0%2C%22recordingID%22:%225-06126152-194e-450d-a7bd-5ad74bc1ab32%22%2C%22lastActivity%22:1680798390255}
.rxsavingssolutions.com/	1970-01-20 10:54:44	Name: cnhzYXZpbmdzc29sdXRpb25zLmNvbQ%3D%3D-_lr_hb_-vj7fnr%2Frx-savings-solutions Value: {%22heartbeat%22:1680798390256}
.rxsavingssolutions.com/	1969-12-31 23:59:59	Name: cnhzYXZpbmdzc29sdXRpb25zLmNvbQ%3D%3D-_lr_uf_-vj7fnr Value: a52ddabe-4024-4fa0-851d-6e2a7d396011
.rxsavingssolutions.com/	1970-01-20 20:29:18	Name: _ga Value: GA1.2.854152566.1680798390
.rxsavingssolutions.com/	1970-01-20 10:54:44	Name: _gid Value: GA1.2.1583883886.1680798390
.rxsavingssolutions.com/	1970-01-20 10:53:18	Name: _gat_gtag_UA_32662361_2 Value: 1

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://auth.rxsavingssolutions.com/activate?utm_campaign=Emp-email&utm_content=a&utm_medium=email&utm_source=savings Message: Access to XMLHttpRequest at 'https://api.rxsavingssolutions.com/login/status' from origin 'https://auth.rxsavingssolutions.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rxsavingssolutions.com/login/status Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://auth.rxsavingssolutions.com/activate?utm_campaign=Emp-email&utm_content=a&utm_medium=email&utm_source=savings Message: Access to XMLHttpRequest at 'https://api.rxsavingssolutions.com/design-dictionaries/dictionaries/rxss' from origin 'https://auth.rxsavingssolutions.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rxsavingssolutions.com/design-dictionaries/dictionaries/rxss Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://assets.rxss.design/images/rxss/auth_assets/activation_background.jpg Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://assets.rxss.design/images/rxss/auth_assets/eligibilityStep.svg Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://assets.rxss.design/images/rxss/primaryLogo.svg Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.rollbar.com
api.rxsavingssolutions.com
app.pendo.io
assets.rxss.design
auth.rxsavingssolutions.com
cdn.lr-ingest.io
cdn.pendo.io
login-activation-cms.s3.amazonaws.com
r.lr-ingest.io
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
api.rxsavingssolutions.com
104.198.23.205
2600:9000:20eb:800:4:416c:4100:93a1
2600:9000:223f:4200:1f:aa31:7740:93a1
2600:9000:2490:8a00:c:187a:d640:93a1
2a00:1450:4001:80e::200e
2a00:1450:4001:82a::2008
2a00:1450:400c:c0c::9c
2a06:98c1:3121::3
34.107.204.85
35.201.81.77
52.216.50.153
015f2388981ab164090d9d96b09949084cbd1157717d2b8d6228210ad90e3a10
0726a1460c479e6771c69b199c50878ab086b6688ee4360232d608a6c18ef142
07342dbeb085f21a178a5fc67f9294f7133c6e3972670d8eb6e6eb0091b9c4c7
07af38eaa10ed963c556543f89e2121322bde15568978550da137896cbecca6b
07b3a59f28964410a83a54a2849ffdcc36c9a3143b61613eb84e754fc42e211f
2709f00d922e2750309155f978d751474fa1204f0461568adea93081e6c0d06c
333e44af27ce599f2572513e36666cd601291a7b3161e98d222bfcdd2cc96f20
509c6eb1b69a0ab1579528a4f518c0d38006970ab5672af2ecf3e3cc5b085c6e
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5e16844a3f5c3be7cfb717a13ec85a16c56d565e643006a5deb73697a0c8a41d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
84af026911d14872e1cc8aa175b57b8796462a346d2b4ca892cac3fc8e0d038a
85e5b0aa9297fc84560920ce75c5588fdb803d77e2139b7cef68cf077a66ad32
94642820ef65adc2196ea5561a4bdf33e2c0163de6aa1feba8ab30b44907c8a2
c09b4254a22b73e46a89432cb1697427568ed6892b6c6768e0726529ce7774d7
d24e7713eee4a554f9bd3298f361834a270625666ae41508cc33cd404d04b400
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e487eff3da6dc9c31e71cdc152fea63765a626bdc3eb1879f8b0468d05a6d1ba
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e377151a40a2121ae37408dccef196d10b6e78036cc7f78aff9a4f2e29fc89

auth.rxsavingssolutions.com Open in urlscan Pro 2600:9000:2490:8a00:c:187a:d640:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

28 Requests

89 %HTTPS

64 %IPv6

9 Domains

12 Subdomains

12 IPs

3 Countries

1042 kBTransfer

3742 kBSize

6 Cookies

3 Outgoing links

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

6 Cookies

7 Console Messages

Security Headers

Indicators

auth.rxsavingssolutions.com Open in urlscan Pro
2600:9000:2490:8a00:c:187a:d640:93a1 Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

89 %
HTTPS

64 %
IPv6

9
Domains

12
Subdomains

12
IPs

3
Countries

1042 kB
Transfer

3742 kB
Size

6
Cookies

28 HTTP transactions
0 data transactions