hsarx.com Open in urlscan Pro
54.215.70.247 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bit.ly/HSARxPriceCheck
Effective URL:
https://hsarx.com/?utm_ref_code=MYMEDSAVE1
Submission: On March 22 via manual (March 22nd 2023, 1:51:43 am UTC) from IN — Scanned from DE

Summary HTTP 71 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 24 IPs in 4 countries across 18 domains to perform 71 HTTP transactions. The main IP is 54.215.70.247, located in San Jose, United States and belongs to AMAZON-02, US. The main domain is hsarx.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on February 23rd 2023. Valid for: a year.

This is the only time hsarx.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.11 67.199.248.11	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	54.183.142.203 54.183.142.203	16509 (AMAZON-02) (AMAZON-02)
24	54.215.70.247 54.215.70.247	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3030::6815:41c3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a02:26f0:480... 2a02:26f0:480:e::210:f10f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	141.193.213.10 141.193.213.10	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
2	63.33.186.64 63.33.186.64	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	52.7.151.245 52.7.151.245	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:1495	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5	151.101.64.176 151.101.64.176	54113 (FASTLY) (FASTLY)
1	13.224.189.18 13.224.189.18	16509 (AMAZON-02) (AMAZON-02)
3	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
1	52.35.8.153 52.35.8.153	16509 (AMAZON-02) (AMAZON-02)
2	18.66.147.5 18.66.147.5	16509 (AMAZON-02) (AMAZON-02)
1	104.198.23.205 104.198.23.205	15169 (GOOGLE) (GOOGLE)
1	54.197.128.240 54.197.128.240	14618 (AMAZON-AES) (AMAZON-AES)
2	52.37.218.4 52.37.218.4	16509 (AMAZON-02) (AMAZON-02)
1	34.212.4.35 34.212.4.35	16509 (AMAZON-02) (AMAZON-02)
71	24

1 67.199.248.11 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.183.142.203 (San Jose, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-183-142-203.us-west-1.compute.amazonaws.com

refer.hsarx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 54.215.70.247 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-215-70-247.us-west-1.compute.amazonaws.com

hsarx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3030::6815:41c3 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.lr-in-prod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:480:e::210:f10f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.193.213.10 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

blog.hsarx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

seal-southernnevada.bbb.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.33.186.64 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-186-64.eu-west-1.compute.amazonaws.com

seal.digicert.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.7.151.245 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-151-245.compute-1.amazonaws.com

dx.mountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.64.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-18.fra2.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.35.8.153 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-35-8-153.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.147.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-5.fra60.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.198.23.205 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 205.23.198.104.bc.googleusercontent.com

r.lr-in-prod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.197.128.240 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-128-240.compute-1.amazonaws.com

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.37.218.4 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-37-218-4.us-west-2.compute.amazonaws.com

px.mountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.212.4.35 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-212-4-35.us-west-2.compute.amazonaws.com

gs.mountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	hsarx.com 2 redirects refer.hsarx.com hsarx.com blog.hsarx.com	3 MB
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 955 q.stripe.com — Cisco Umbrella Rank: 6067 m.stripe.com — Cisco Umbrella Rank: 966	125 KB
5	typekit.net use.typekit.net — Cisco Umbrella Rank: 413 p.typekit.net — Cisco Umbrella Rank: 542	150 KB
4	mountain.com dx.mountain.com — Cisco Umbrella Rank: 6958 px.mountain.com — Cisco Umbrella Rank: 7074 gs.mountain.com — Cisco Umbrella Rank: 12376	7 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	270 B
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 147	157 KB
3	lr-in-prod.com cdn.lr-in-prod.com — Cisco Umbrella Rank: 13963 r.lr-in-prod.com — Cisco Umbrella Rank: 13601	174 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	234 KB
2	intercomcdn.com js.intercomcdn.com — Cisco Umbrella Rank: 2536	204 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1034	17 KB
2	intercom.io widget.intercom.io — Cisco Umbrella Rank: 1948 api-iam.intercom.io — Cisco Umbrella Rank: 2364	7 KB
2	gstatic.com fonts.gstatic.com	91 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2388	304 B
2	digicert.com seal.digicert.com — Cisco Umbrella Rank: 8174	10 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	1 KB
1	bbb.org seal-southernnevada.bbb.org — Cisco Umbrella Rank: 417753	6 KB
1	bit.ly 1 redirects bit.ly — Cisco Umbrella Rank: 5069	349 B
0	Failed function sub() { [native code] }. Failed
71	18

	Domain	Requested by
24	hsarx.com	hsarx.com cdn.lr-in-prod.com
4	use.typekit.net	hsarx.com use.typekit.net
3	q.stripe.com	hsarx.com
3	js.stripe.com	hsarx.com js.stripe.com
3	www.facebook.com	hsarx.com
3	connect.facebook.net	www.googletagmanager.com connect.facebook.net
3	blog.hsarx.com	hsarx.com
3	www.googletagmanager.com	hsarx.com www.googletagmanager.com
2	px.mountain.com	dx.mountain.com hsarx.com
2	js.intercomcdn.com	widget.intercom.io
2	m.stripe.network	js.stripe.com m.stripe.network
2	fonts.gstatic.com	fonts.googleapis.com
2	region1.google-analytics.com	www.googletagmanager.com
2	seal.digicert.com	hsarx.com
2	cdn.lr-in-prod.com	hsarx.com cdn.lr-in-prod.com
2	refer.hsarx.com	2 redirects
1	gs.mountain.com	hsarx.com
1	api-iam.intercom.io	js.intercomcdn.com
1	r.lr-in-prod.com	cdn.lr-in-prod.com
1	m.stripe.com	m.stripe.network
1	widget.intercom.io	hsarx.com
1	p.typekit.net	use.typekit.net
1	fonts.googleapis.com	hsarx.com
1	dx.mountain.com	hsarx.com
1	seal-southernnevada.bbb.org	hsarx.com
1	bit.ly	1 redirects
0	3.212.39.155 Failed	cdn.lr-in-prod.com
71	27

This site contains links to these domains. Also see Links.

Domain
refer.hsarx.com
blog.hsarx.com
www.legitscript.com
www.bbb.org
pdfs-public.s3.us-west-1.amazonaws.com

Subject Issuer	Validity	Valid
hsarx.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-02-23` - `2024-02-23`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-13` - `2024-03-12`	a year	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
blog.hsarx.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.bbb.org DigiCert TLS RSA SHA256 2020 CA1	`2022-05-05` - `2023-05-09`	a year	crt.sh
seal.digicert.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-09` - `2023-06-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-10` - `2023-03-29`	3 months	crt.sh
*.mountain.com Go Daddy Secure Certificate Authority - G2	`2022-05-21` - `2023-06-22`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-02-06` - `2023-05-13`	3 months	crt.sh
*.intercom.com Amazon RSA 2048 M02	`2023-02-14` - `2024-03-14`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-14` - `2023-06-13`	4 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-08` - `2023-04-08`	3 months	crt.sh
*.intercomcdn.com Amazon RSA 2048 M01	`2023-02-21` - `2024-01-29`	a year	crt.sh
api.logrocket.com R3	`2023-03-10` - `2023-06-08`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://hsarx.com/?utm_ref_code=MYMEDSAVE1
Frame ID: A980A0168ABE7DBD502845760C081876
Requests: 61 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 6344E1AFBE6C85BFF5BFC3D488F96EF9
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 606AC036F50ABD8B7B88B06650154457
Requests: 4 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.69efdbcb.js
Frame ID: 40F1F80FC65C1C8CD8FC27AA28002EE4
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home - HSARx

Page URL History Show full URLs

http://bit.ly/HSARxPriceCheck HTTP 301
http://refer.hsarx.com/r/MYMEDSAVE1 HTTP 301
https://refer.hsarx.com/r/MYMEDSAVE1 HTTP 301
https://hsarx.com/?utm_ref_code=MYMEDSAVE1 Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

Page Statistics

71
Requests

97 %
HTTPS

40 %
IPv6

18
Domains

27
Subdomains

24
IPs

4
Countries

3865 kB
Transfer

11940 kB
Size

22
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://refer.hsarx.com/
Title: FOR BROKERS

Search URL Search Domain Scan URL

URL: https://blog.hsarx.com/is-an-hsa-right-for-you/
Title: Is An HSA Right For You?

Search URL Search Domain Scan URL

URL: https://blog.hsarx.com/hsa-101/
Title: HSA 101

Search URL Search Domain Scan URL

URL: https://blog.hsarx.com/how-to-save-big-on-your-prescription-drugs/
Title: How to Save Big on Your Prescription Drugs

Search URL Search Domain Scan URL

URL: https://blog.hsarx.com/
Title: View all blog posts

Search URL Search Domain Scan URL

URL: https://blog.hsarx.com/hsarx-website-change-logs/
Title: HSARx.com Website Releases

Search URL Search Domain Scan URL

URL: https://www.legitscript.com/websites/www.hsarx.com

Search URL Search Domain Scan URL

URL: https://www.bbb.org/us/nv/las-vegas/profile/pharmaceutical-consultant/hsarx-llc-1086-90086472/#sealclick

Search URL Search Domain Scan URL

URL: https://pdfs-public.s3.us-west-1.amazonaws.com/formularies/MedImpact-MedPerform-Medium-formulary_short-list_10-1-22.pdf
Title: (Short)

Search URL Search Domain Scan URL

URL: https://pdfs-public.s3.us-west-1.amazonaws.com/formularies/MedImpact-MedPerform-Medium-formulary-long+list-10-1-22.pdf
Title: (Long)

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bit.ly/HSARxPriceCheck HTTP 301
http://refer.hsarx.com/r/MYMEDSAVE1 HTTP 301
https://refer.hsarx.com/r/MYMEDSAVE1 HTTP 301
https://hsarx.com/?utm_ref_code=MYMEDSAVE1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

71 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
hsarx.com/
Redirect Chain

http://bit.ly/HSARxPriceCheck
http://refer.hsarx.com/r/MYMEDSAVE1
https://refer.hsarx.com/r/MYMEDSAVE1
https://hsarx.com/?utm_ref_code=MYMEDSAVE1

28 KB
9 KB

1370ms
984ms

Document
text/html

54.215.70.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://hsarx.com/?utm_ref_code=MYMEDSAVE1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.215.70.247 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-215-70-247.us-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

851bed31d4f43dc72b16fd272891068df0cddaa17801e736d5383b7945ca9f94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 22 Mar 2023 01:51:35 GMT
server: nginx
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

content-type: text/html; charset=UTF-8
date: Wed, 22 Mar 2023 01:51:34 GMT
location: https://hsarx.com?utm_ref_code=MYMEDSAVE1
server: nginx
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 220 KB
77 KB 90ms
37ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PDRG447914

Requested by

Host: hsarx.com
URL: https://hsarx.com/?utm_ref_code=MYMEDSAVE1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

be2520363fbf0798e0bdb8ed737261fe2d4d38a8934a793557f537d73afed285

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hsarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 01:51:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78709
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 22 Mar 2023 01:51:35 GMT

GET
H2 200 LogRocket.min.js Show response
cdn.lr-in-prod.com/ 38 KB
11 KB 109ms
36ms Script
text/javascript 2606:4700:3030::6815:41c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lr-in-prod.com/LogRocket.min.js

Requested by

Host: hsarx.com
URL: https://hsarx.com/?utm_ref_code=MYMEDSAVE1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:41c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

803eca042a9b56aefc4c8fe22251b3ee0a12bb5a03180a0a76ca3d317e8386a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://hsarx.com/
Origin: https://hsarx.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 01:51:35 GMT
strict-transport-security: max-age=31556926
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230106-FRA
last-modified: Tue, 21 Mar 2023 18:12:09 GMT
server: cloudflare
x-timer: S1679449896.645321,VS0,VE0
etag: W/"63946843015ff704c9096ae80ab1c1495d981e6e30309709217c31bc56dbfd7c"
vary: x-fh-requested-host, accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Mv4R5chX2Oka1cdwD6ukcIF4CDhxH6B8dP83OMMsy412Mr%2FWDG6sjIy5Z4mrPejhq0w4NceI7%2FLSbjnAi%2Fwd%2FrQ0S5EOXOr85Aa6jD6zzZiCjNZAM4J77VsfPC7pXKUgnRrwFkthcyq7a1x2sH6WJ8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 7abaca57b8529b8c-FRA
x-cache-hits: 2

GET
H2 200 app.js Show response
hsarx.com/js/ 6 MB
1 MB 253ms
245ms Script
application/javascript 54.215.70.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://hsarx.com/js/app.js

Requested by

Host: hsarx.com
URL: https://hsarx.com/?utm_ref_code=MYMEDSAVE1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.215.70.247 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-215-70-247.us-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

cd828132e6cba8da5d9022730bf30f2ffb8017ea958d5b135067ea7837e3a374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hsarx.com/?utm_ref_code=MYMEDSAVE1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 01:51:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 16 Mar 2023 00:44:23 GMT
server: nginx
etag: W/"64126667-5e9553"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block

GET
H2 200 app.css
hsarx.com/css/ 345 KB
53 KB 187ms
186ms Stylesheet
text/css 54.215.70.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://hsarx.com/css/app.css

Requested by

Host: hsarx.com
URL: https://hsarx.com/?utm_ref_code=MYMEDSAVE1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.215.70.247 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-215-70-247.us-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

0e65bb6aaf17c389be828484c472752eb25eedea9406061ec3afe5aab952088b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hsarx.com/?utm_ref_code=MYMEDSAVE1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 01:51:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 08 Mar 2023 22:46:29 GMT
server: nginx
etag: W/"64091045-562c9"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
x-xss-protection: 1; mode=block

GET
H2 200 zkn8saq.css
use.typekit.net/ 6 KB
1 KB 409ms
321ms Stylesheet
text/css 2a02:26f0:480:e::210:f10f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/zkn8saq.css

Requested by

Host: hsarx.com
URL: https://hsarx.com/?utm_ref_code=MYMEDSAVE1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:e::210:f10f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

3f98e66cbb15415d5b6cb192125e8e9afdeefaa190fca972b2b8463983fb9d06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hsarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Wed, 22 Mar 2023 01:51:35 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 887

GET
H2 200 logo-header.png
hsarx.com/images/ 8 KB
8 KB 254ms
245ms Image
image/png 54.215.70.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hsarx.com/images/logo-header.png

Requested by

Host: hsarx.com
URL: https://hsarx.com/?utm_ref_code=MYMEDSAVE1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.215.70.247 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-215-70-247.us-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

15ddf1c840876a1e031ca9cd350eebedcdcf3937be7763b42ef200c4ba73ae57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hsarx.com/?utm_ref_code=MYMEDSAVE1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 01:51:35 GMT
x-content-type-options: nosniff
last-modified: Wed, 15 Jun 2022 18:38:10 GMT
server: nginx
etag: "62aa2712-1f48"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 8008
x-xss-protection: 1; mode=block

GET
H2 200 signin.svg
hsarx.com/images/icons/ 3 KB
1 KB 254ms
246ms Image
image/svg+xml 54.215.70.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hsarx.com/images/icons/signin.svg

Requested by

Host: hsarx.com
URL: https://hsarx.com/?utm_ref_code=MYMEDSAVE1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.215.70.247 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-215-70-247.us-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

0d8130565d9aa553dc717ec109ef82f1d2dc9c88eaf0da5387cc8c563f605f41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hsarx.com/?utm_ref_code=MYMEDSAVE1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 01:51:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Aug 2022 22:01:34 GMT
server: nginx
etag: W/"62ed933e-aa1"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-xss-protection: 1; mode=block

GET
H2 200 home.png
hsarx.com/images/heros/ 302 KB
303 KB 254ms
246ms Image
image/png 54.215.70.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hsarx.com/images/heros/home.png

Requested by

Host: hsarx.com
URL: https://hsarx.com/?utm_ref_code=MYMEDSAVE1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.215.70.247 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-215-70-247.us-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

4a8e1b8ba84c140aaef46aa360bd70b6bb3c9ec979ebafda15569bb37d16bfcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hsarx.com/?utm_ref_code=MYMEDSAVE1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 01:51:35 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Aug 2022 22:01:34 GMT
server: nginx
etag: "62ed933e-4b9b4"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 309684
x-xss-protection: 1; mode=block

GET
H2 200 pharmacy-logos.png
hsarx.com/images/ 8 KB
8 KB 255ms
246ms Image
image/png 54.215.70.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hsarx.com/images/pharmacy-logos.png

Requested by

Host: hsarx.com
URL: https://hsarx.com/?utm_ref_code=MYMEDSAVE1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.215.70.247 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-215-70-247.us-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

3923442efb1486946af6fbf7698c918dfb1746132c1f9300d8ea744a6c323568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hsarx.com/?utm_ref_code=MYMEDSAVE1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 01:51:35 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Aug 2022 22:01:34 GMT
server: nginx
etag: "62ed933e-20b7"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 8375
x-xss-protection: 1; mode=block

GET
H2 200 webpage.svg
hsarx.com/images/icons/ 5 KB
2 KB 255ms
247ms Image
image/svg+xml 54.215.70.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hsarx.com/images/icons/webpage.svg

Requested by

Host: hsarx.com
URL: https://hsarx.com/?utm_ref_code=MYMEDSAVE1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.215.70.247 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-215-70-247.us-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

8d6c26f6479d64cedd78ad116f5aa6728ba53cab95d35fef25d8af9ad7bf0803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hsarx.com/?utm_ref_code=MYMEDSAVE1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 01:51:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 07 Mar 2023 21:14:30 GMT
server: nginx
etag: W/"6407a936-12b3"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-xss-protection: 1; mode=block

GET
H2 200 hsarx_card.svg
hsarx.com/images/icons/ 8 KB
4 KB 255ms
247ms Image
image/svg+xml 54.215.70.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hsarx.com/images/icons/hsarx_card.svg

Requested by

Host: hsarx.com
URL: https://hsarx.com/?utm_ref_code=MYMEDSAVE1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.215.70.247 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-215-70-247.us-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

9a20db69e87449963f0e927d257410b1b0f0116dd8267d9f9a8d9761383933b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hsarx.com/?utm_ref_code=MYMEDSAVE1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 01:51:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 07 Mar 2023 21:14:30 GMT
server: nginx
etag: W/"6407a936-21e6"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-xss-protection: 1; mode=block

GET
H2 200 pill_bottle.svg
hsarx.com/images/icons/ 3 KB
2 KB 255ms
248ms Image
image/svg+xml 54.215.70.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hsarx.com/images/icons/pill_bottle.svg

Requested by

Host: hsarx.com
URL: https://hsarx.com/?utm_ref_code=MYMEDSAVE1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.215.70.247 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-215-70-247.us-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

457b2f1657bba104a5d4cf0f55b977d018b9b000cad1376649e2053f7f5391cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hsarx.com/?utm_ref_code=MYMEDSAVE1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 01:51:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 07 Mar 2023 21:14:30 GMT
server: nginx
etag: W/"6407a936-d50"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-xss-protection: 1; mode=block

GET
H2 200 mbp_dash.png
hsarx.com/images/ 282 KB
282 KB 256ms
248ms Image
image/png 54.215.70.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hsarx.com/images/mbp_dash.png

Requested by

Host: hsarx.com
URL: https://hsarx.com/?utm_ref_code=MYMEDSAVE1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.215.70.247 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-215-70-247.us-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

d7f9578a1e1cc660a72aeb8550b774a7dae0787bb6bc958095758e9582c0ff0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hsarx.com/?utm_ref_code=MYMEDSAVE1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 01:51:35 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Aug 2022 22:01:34 GMT
server: nginx
etag: "62ed933e-466d9"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 288473
x-xss-protection: 1; mode=block

GET
H2 200 notifications-iphone.png
hsarx.com/images/ 80 KB
81 KB 256ms
249ms Image
image/png 54.215.70.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hsarx.com/images/notifications-iphone.png

Requested by

Host: hsarx.com
URL: https://hsarx.com/?utm_ref_code=MYMEDSAVE1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.215.70.247 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-215-70-247.us-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

0fd0b0708990cb36880a438bfd2433206ba304f6d1a00e0ddfa1fe7172bf4f2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hsarx.com/?utm_ref_code=MYMEDSAVE1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 01:51:35 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Aug 2022 22:01:34 GMT
server: nginx
etag: "62ed933e-1417e"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 82302
x-xss-protection: 1; mode=block

GET
H2 200 sample-hsarx-card.png
hsarx.com/images/ 20 KB
20 KB 256ms
249ms Image
image/png 54.215.70.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hsarx.com/images/sample-hsarx-card.png

Requested by

Host: hsarx.com
URL: https://hsarx.com/?utm_ref_code=MYMEDSAVE1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.215.70.247 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-215-70-247.us-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

943bc57159f56231aa07d88494c993cc97a28b6630cbc6a0a3911781e2f7775e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hsarx.com/?utm_ref_code=MYMEDSAVE1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 01:51:35 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Aug 2022 22:01:34 GMT
server: nginx
etag: "62ed933e-4ed7"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 20183
x-xss-protection: 1; mode=block

GET
H2 200 Is-An-HSA-Right-For-You-539x303.jpg
blog.hsarx.com/wp-content/uploads/2022/08/ 27 KB
28 KB 716ms
615ms Image
image/jpeg 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.hsarx.com/wp-content/uploads/2022/08/Is-An-HSA-Right-For-You-539x303.jpg
Requested by: Host: hsarx.com
URL: https://hsarx.com/?utm_ref_code=MYMEDSAVE1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37e2d14adf43c1b4390abed789f4ba42d5412a0c7cc6ec9a59880a2fccd18c3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hsarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 01:51:36 GMT
cf-cache-status: MISS
last-modified: Tue, 16 Aug 2022 16:03:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62fbbfd5-6d71"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R21JyGpBLw1a9CTIuEueUGzzFT6JMnpk3WWSEbtN75XFxQj1YaLrLLdPPMlg%2B8TVJWZ736D%2B%2BvA1PIfxCx2n33XlNoCHiXG8U5J2yw9H2dN6uBbiuA2g4a0Qe%2FCveLlK"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7abaca58ac3791db-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28017

GET
H2 200 HSA-101-539x303.jpg
blog.hsarx.com/wp-content/uploads/2022/08/ 26 KB
27 KB 691ms
590ms Image
image/jpeg 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.hsarx.com/wp-content/uploads/2022/08/HSA-101-539x303.jpg
Requested by: Host: hsarx.com
URL: https://hsarx.com/?utm_ref_code=MYMEDSAVE1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73d0717db4547ff5d349d09ce83dc9fbdbe65e05158a16e57a585c870aa8e984

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hsarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 01:51:36 GMT
cf-cache-status: MISS
last-modified: Tue, 16 Aug 2022 16:03:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62fbbfda-691d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Aw2PcuGlnhC9V1iiHlS8vn6tK2bA59SawMMFUDj86XRHsGHZ4Tqh5Rf5bFemHVkMknyMHcN6KFuRCeD544NjfEkOsFEbx4y5kd5EoEhn88mIiPEIaIkZWnlk%2F3ikv1f"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7abaca58ac3991db-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26909

GET
H2 200 Save-Big-539x303.jpg
blog.hsarx.com/wp-content/uploads/2022/08/ 17 KB
18 KB 131ms
29ms Image
image/jpeg 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.hsarx.com/wp-content/uploads/2022/08/Save-Big-539x303.jpg
Requested by: Host: hsarx.com
URL: https://hsarx.com/?utm_ref_code=MYMEDSAVE1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4278ebdd5b20cd6e6f0c1a0f726e5f28bfa33771f4f18d6ff52dae3901d69d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hsarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 01:51:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29692
cf-polished: origSize=21351, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17672
cf-bgj: imgq:100,h2pri
last-modified: Tue, 16 Aug 2022 16:03:36 GMT
server: cloudflare
etag: "62fbbfd8-5367"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6SePqU94g7axB2Z5xzy4pbMYAZ6FbdM%2BGJPsN1QIQBvsnMjU1hOcC%2BPlYOx6Rcrif5fY1tPmOj6%2B%2FmyBmsxiSUcOzXQXymVbdiWZ1jP8Ro7jGam3lWnPbRC3agadlL6C"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7abaca58ac3a91db-FRA

GET
H2 200 success.svg
hsarx.com/images/icons/ 623 B
568 B 256ms
249ms Image
image/svg+xml 54.215.70.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hsarx.com/images/icons/success.svg

Requested by

Host: hsarx.com
URL: https://hsarx.com/?utm_ref_code=MYMEDSAVE1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.215.70.247 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-215-70-247.us-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

5239ee8d29140c65816b7e72444226560c84f529e32a8fd6e006639c68139471

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hsarx.com/?utm_ref_code=MYMEDSAVE1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 01:51:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Aug 2022 22:01:34 GMT
server: nginx
etag: W/"62ed933e-26f"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-xss-protection: 1; mode=block

GET
H2 200 danger.svg
hsarx.com/images/icons/ 1 KB
829 B 256ms
250ms Image
image/svg+xml 54.215.70.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hsarx.com/images/icons/danger.svg

Requested by

Host: hsarx.com
URL: https://hsarx.com/?utm_ref_code=MYMEDSAVE1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.215.70.247 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-215-70-247.us-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

b9dfae4712976b13050a745ec245682396cb73c6e9efc9ea157a75e4b0424473

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hsarx.com/?utm_ref_code=MYMEDSAVE1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 01:51:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 15 Jun 2022 18:38:10 GMT
server: nginx
etag: W/"62aa2712-5b3"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-xss-protection: 1; mode=block

GET
H2 200 hsarx-light.svg
hsarx.com/images/ 2 KB
1 KB 256ms
250ms Image
image/svg+xml 54.215.70.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hsarx.com/images/hsarx-light.svg

Requested by

Host: hsarx.com
URL: https://hsarx.com/?utm_ref_code=MYMEDSAVE1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.215.70.247 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-215-70-247.us-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

ffba84ab3ace4331bb094559bc8c1ff2c6451e4902640ad2a34e5914b6f2374d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hsarx.com/?utm_ref_code=MYMEDSAVE1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 01:51:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 07 Mar 2023 21:14:30 GMT
server: nginx
etag: W/"6407a936-91d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-xss-protection: 1; mode=block

GET
H2 200 credit-cards.svg
hsarx.com/images/auth/ 41 KB
21 KB 257ms
251ms Image
image/svg+xml 54.215.70.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hsarx.com/images/auth/credit-cards.svg

Requested by

Host: hsarx.com
URL: https://hsarx.com/?utm_ref_code=MYMEDSAVE1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.215.70.247 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-215-70-247.us-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

ebe76f77519f806d75596c92a59d4fac8a54f319c97b6ee946528429a9b6da82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hsarx.com/?utm_ref_code=MYMEDSAVE1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 01:51:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 05 Feb 2023 15:30:13 GMT
server: nginx
etag: W/"63dfcb85-a41f"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-xss-protection: 1; mode=block

GET
H2 200 legitshield.svg
hsarx.com/images/ 26 KB
17 KB 257ms
251ms Image
image/svg+xml 54.215.70.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hsarx.com/images/legitshield.svg

Requested by

Host: hsarx.com
URL: https://hsarx.com/?utm_ref_code=MYMEDSAVE1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.215.70.247 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-215-70-247.us-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

c72d2edb8cff2968667b8d7707fe923334c49f7e98fc8a39c77727b66384f731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hsarx.com/?utm_ref_code=MYMEDSAVE1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 01:51:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 08 Feb 2023 20:33:20 GMT
server: nginx
etag: W/"63e40710-6774"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-xss-protection: 1; mode=block

GET
H2 200 black-seal-81-171-bbb-90086472.png
seal-southernnevada.bbb.org/seals/ 6 KB
6 KB 446ms
45ms Image
image/png 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://seal-southernnevada.bbb.org/seals/black-seal-81-171-bbb-90086472.png
Requested by: Host: hsarx.com
URL: https://hsarx.com/?utm_ref_code=MYMEDSAVE1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine / ASP.NET
Resource Hash: 172dddad5c9786e8ccfb0aa981b5523b1e8a655859df6930b7a6c96815e19178

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hsarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 01:51:36 GMT
last-modified: Tue, 21 Mar 2023 14:44:05 GMT
server: keycdn-engine
x-aspnet-version: 4.0.30319
x-edge-location: defr
x-powered-by: ASP.NET
x-cache: STALE
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
x-shield: active
content-length: 5737
expires: Wed, 22 Mar 2023 05:51:36 GMT

GET
H2 200 soc2.png
hsarx.com/images/ 212 KB
212 KB 443ms
438ms Image
image/png 54.215.70.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hsarx.com/images/soc2.png

Requested by

Host: hsarx.com
URL: https://hsarx.com/?utm_ref_code=MYMEDSAVE1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.215.70.247 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-215-70-247.us-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

b266d407a1929718e8df9e7658ff6f52c9445bc9195779efb9bb95ad0db6d06d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hsarx.com/?utm_ref_code=MYMEDSAVE1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 01:51:35 GMT
x-content-type-options: nosniff
last-modified: Tue, 07 Mar 2023 21:14:30 GMT
server: nginx
etag: "6407a936-34e41"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 216641
x-xss-protection: 1; mode=block

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 225 KB
77 KB 45ms
40ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PQ3TTTB

Requested by

Host: hsarx.com
URL: https://hsarx.com/?utm_ref_code=MYMEDSAVE1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6ee459491293c729fa3781d5aea26d3740adfcb78d5e518b04b3d7a79c697b4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hsarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 01:51:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78653
x-xss-protection: 0
last-modified: Wed, 22 Mar 2023 01:06:31 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 22 Mar 2023 01:51:35 GMT

GET
H3 200 logger-1.min.js Show response
cdn.lr-in-prod.com/ 815 KB
162 KB 76ms
38ms Script
text/javascript 2606:4700:3030::6815:41c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lr-in-prod.com/logger-1.min.js

Requested by

Host: cdn.lr-in-prod.com
URL: https://cdn.lr-in-prod.com/LogRocket.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:41c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13cf571f92e439cb2bfdbf7059fd8bb9cbeb37319b983ba613a50f0551404127

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hsarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 01:51:35 GMT
strict-transport-security: max-age=31556926
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 191
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230039-FRA
last-modified: Tue, 21 Mar 2023 18:12:09 GMT
server: cloudflare
x-timer: S1679422565.234088,VS0,VE0
etag: W/"27d09955d4f66757390d11e6d4653a47baf79107e7c157d6287bd032d488fab8"
vary: x-fh-requested-host, accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0e%2BaUXknJA1EkBlkJCEIdszHgM8rnytBMM3hwVEVWcARHUKZ7RUWV756NR%2FvxMp%2Ftq%2BeLVCjQ0oyO3AvPpIXgTxh4DdJsgquTHiBx5TVp46Tc6xBzJltiXPVGnm2TzSnyOqGiYJWGbxO1pKoIsIlt2Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 7abaca583e6d9064-FRA
x-cache-hits: 2

GET
H/1.1 200
OK seal.min.js Show response
seal.digicert.com/seals/cascade/ 8 KB
4 KB 668ms
561ms Script
application/javascript 63.33.186.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://seal.digicert.com/seals/cascade/seal.min.js

Requested by

Host: hsarx.com
URL: https://hsarx.com/?utm_ref_code=MYMEDSAVE1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

63.33.186.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-33-186-64.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

81f277888d1ee510668666fb819bcf637e488b613dac15cf78cbe9d1ac41658c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hsarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 22 Mar 2023 01:51:36 GMT
content-encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Strict-Transport-Security: max-age=31536000
last-modified: Fri, 17 Mar 2023 23:46:56 GMT
Server: nginx
etag: W/"1e3d-5f7213142dc00"
Transfer-Encoding: chunked
vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
X-XSS-Protection: 1; mode=block, 1; mode=block

POST
H2 204 collect
region1.google-analytics.com/g/ 0
250 B 85ms
30ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-PDRG447914&gtm=45je33k0&_p=2033185423&cid=2129657048.1679449896&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1679449895&sct=1&seg=0&dl=https%3A%2F%2Fhsarx.com%2F%3Futm_ref_code%3DMYMEDSAVE1&dt=Home%20-%20HSARx&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PDRG447914
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hsarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Mar 2023 01:51:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hsarx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 90ms
21ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQ3TTTB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0a19fce040b8127f3e2e3ed609f7800153be329d6420b53295fb79a4f40012ec

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hsarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 22 Mar 2023 01:51:35 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27907
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: i7QhZ1JadGLrvfLQ1SNcPt02Ks60jP0mDNl8t88A0Eq5arc9v2hyNEfhfEPgV3ugf4dmvZvGoUjVp+qjakax5Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK spx Show response
dx.mountain.com/ 15 KB
4 KB 946ms
114ms Script
application/javascript 52.7.151.245
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=34088&tdr=&plh=https%3A%2F%2Fhsarx.com%2F%3Futm_ref_code%3DMYMEDSAVE1&cb=74892660097097180term=value
Requested by: Host: hsarx.com
URL: https://hsarx.com/?utm_ref_code=MYMEDSAVE1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.7.151.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-151-245.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3a35a38b88539e3396024a7dc32efe24d99caa2bb0d1f77f9ab146062c364db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hsarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 01:51:36 GMT
content-encoding: gzip
server: istio-envoy
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
transfer-encoding: chunked
content-type: application/javascript;charset=utf-8
x-envoy-upstream-service-time: 1
be: spx-prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 233 KB
80 KB 64ms
64ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PCYRHDJ1MP&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQ3TTTB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

04f4b7144c4598e0b19d7b77e041a0952a0293b6b548be34b560e6157571b62f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hsarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 01:51:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81656
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 22 Mar 2023 01:51:35 GMT

GET
BLOB 200
OK d18b9aec-8599-4656-ab95-c3cb206573f5
https://hsarx.com/ 452 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hsarx.com/d18b9aec-8599-4656-ab95-c3cb206573f5
Requested by: Host: hsarx.com
URL: https://hsarx.com/?utm_ref_code=MYMEDSAVE1
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 895563fed16432f207710b0516ad7427d61b72b058205b72fbda10c4b3e74c60

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Length: 462480
Content-Type

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 32ms
31ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-PCYRHDJ1MP&gtm=45je33k0&_p=2033185423&cid=2129657048.1679449896&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1679449895&sct=1&seg=0&dl=https%3A%2F%2Fhsarx.com%2F%3Futm_ref_code%3DMYMEDSAVE1&dt=Home%20-%20HSARx&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PCYRHDJ1MP&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hsarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Mar 2023 01:51:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hsarx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ 28 KB
1 KB 201ms
30ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap

Requested by

Host: hsarx.com
URL: https://hsarx.com/css/app.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

64e4de71a710bbb6b7bc79ec8e2bf2d9b3132e8330d29b6d50479eb95238e8d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hsarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 22 Mar 2023 01:51:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 22 Mar 2023 01:10:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Mar 2023 01:51:36 GMT

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 27ms
26ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.99

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hsarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 22 Mar 2023 01:51:35 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20722
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 0Ry9VK8Ubh45dbcWpMPYCqomUH5VPLtYYEEzRX/8Tw81+JvatAxL06uUsmgCRKjmAmB3knmnZYOmMVM3R8QqWg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 486738746185439 Show response
connect.facebook.net/signals/config/ 379 KB
108 KB 233ms
233ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/486738746185439?v=2.9.99&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

50eff44e1cd724de6b701b4c8c57011263d03110578b4f7ea05f2e0c4b6283da

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hsarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 22 Mar 2023 01:51:36 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: nc8Q6VSE4MWapSnB56TMNgV/L2FM7IQZFW2C/Zr5era4qQzgvnzYTrSHAGdevpDSBuPC/j2EYu73UJw+a5uX1A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
195 B 193ms
36ms Stylesheet
text/css 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=zkn8saq&ht=tk&f=28201.28205.28208.28222.28225.28226.28227.28238&a=85911374&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/zkn8saq.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

unused62: 8096267
date: Wed, 22 Mar 2023 01:51:36 GMT
last-modified: Sat, 16 Oct 2021 08:18:43 GMT
server: nginx
etag: "616a8ae3-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 most-prescribed-bg.jpg
hsarx.com/images/ 195 KB
196 KB 308ms
292ms Image
image/jpeg 54.215.70.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hsarx.com/images/most-prescribed-bg.jpg

Requested by

Host: hsarx.com
URL: https://hsarx.com/css/app.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.215.70.247 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-215-70-247.us-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

da86ed813a873405a46fb494145a44484a9457e568df71edc38ebce1a16e3c70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hsarx.com/css/app.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 01:51:36 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Aug 2022 22:01:34 GMT
server: nginx
etag: "62ed933e-30cac"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
accept-ranges: bytes
content-length: 199852
x-xss-protection: 1; mode=block

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 92ms
25ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hsarx.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:39 GMT
x-content-type-options: nosniff
age: 62037
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:39 GMT

GET
H2 200 l
use.typekit.net/af/2ea16c/00000000000000007735b3da/30/ 49 KB
50 KB 96ms
26ms Font
application/font-woff2 2a02:26f0:480:e::210:f10f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/2ea16c/00000000000000007735b3da/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/zkn8saq.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:e::210:f10f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: ddec2343756571e1855305dcdf7fd89590e720e28825807ea4d26e4d0e5b53f7

Request headers

Referer: https://use.typekit.net/zkn8saq.css
Origin: https://hsarx.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 01:51:36 GMT
server: nginx
etag: "faf4339aa0ff3a1b982c763f72f263041faa315e"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 50508

GET
H2 200 l
use.typekit.net/af/b6ae0d/00000000000000007735b3dc/30/ 50 KB
50 KB 95ms
25ms Font
application/font-woff2 2a02:26f0:480:e::210:f10f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/b6ae0d/00000000000000007735b3dc/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/zkn8saq.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:e::210:f10f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: fbda26eb3fe85cf98a7f9d13e5a872abf779201d95174dc1804de75e9c63d4ad

Request headers

Referer: https://use.typekit.net/zkn8saq.css
Origin: https://hsarx.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 01:51:36 GMT
server: nginx
etag: "b9740c8857d6ea71167ce32d74e7ff315fa6c3d2"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 51312

GET
H2 200 l
use.typekit.net/af/713d1f/00000000000000007735b3cf/30/ 48 KB
48 KB 119ms
51ms Font
application/font-woff2 2a02:26f0:480:e::210:f10f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/713d1f/00000000000000007735b3cf/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n8&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/zkn8saq.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:e::210:f10f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 47e3716f35c0fd29beb91b800e28de73b464009dd444b9a0a3eb68d185c64c69

Request headers

Referer: https://use.typekit.net/zkn8saq.css
Origin: https://hsarx.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 01:51:36 GMT
server: nginx
etag: "21c305f80bb62d89bf5fa7466e25c2770adeac27"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 49164

GET
H2 200 bootstrap-icons.woff2
hsarx.com/fonts/vendor/bootstrap-icons/ 118 KB
119 KB 303ms
292ms Font
application/octet-stream 54.215.70.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://hsarx.com/fonts/vendor/bootstrap-icons/bootstrap-icons.woff2?b2e5aab643c6f0fd2da69dc383322a8f

Requested by

Host: hsarx.com
URL: https://hsarx.com/css/app.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.215.70.247 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-215-70-247.us-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

966620f9e3bec428663687f9e8d67a6b8e35d79adebf6fb204e9b139eada7599

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hsarx.com/css/app.css
Origin: https://hsarx.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 01:51:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 05 Feb 2023 15:30:13 GMT
server: nginx
etag: "63dfcb85-1d9d0"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
accept-ranges: bytes
content-length: 121296
x-xss-protection: 1; mode=block

GET
H2 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v34/ 47 KB
47 KB 95ms
53ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hsarx.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:40 GMT
x-content-type-options: nosniff
age: 62036
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47952
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:22:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:40 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 93ms
24ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=486738746185439&ev=PageView&dl=https%3A%2F%2Fhsarx.com%2F%3Futm_ref_code%3DMYMEDSAVE1&rl=&if=false&ts=1679449896332&sw=1600&sh=1200&v=2.9.99&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&cs_est=true&fbp=fb.1.1679449896327.1256001920&it=1679449895972&coo=false&tm=1&rqm=GET

Requested by

Host: hsarx.com
URL: https://hsarx.com/?utm_ref_code=MYMEDSAVE1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hsarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 22 Mar 2023 01:51:36 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 91ms
22ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=486738746185439&ev=PageView&dl=https%3A%2F%2Fhsarx.com%2F%3Futm_ref_code%3DMYMEDSAVE1&rl=&if=false&ts=1679449896339&sw=1600&sh=1200&v=2.9.99&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&cs_est=true&fbp=fb.1.1679449896327.1256001920&it=1679449895972&coo=false&rqm=GET

Requested by

Host: hsarx.com
URL: https://hsarx.com/?utm_ref_code=MYMEDSAVE1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hsarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 22 Mar 2023 01:51:36 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET is
3.212.39.155/ 0
0

GET
H2 200 most-prescribed Show response
hsarx.com/api/drugs/ 942 B
1 KB 206ms
206ms XHR
application/json 54.215.70.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://hsarx.com/api/drugs/most-prescribed

Requested by

Host: cdn.lr-in-prod.com
URL: https://cdn.lr-in-prod.com/LogRocket.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.215.70.247 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-215-70-247.us-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

2264395e8c14e0c18cbab9c3305026a1d28e5904d336a6cded7e38010a8a2fb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://hsarx.com/?utm_ref_code=MYMEDSAVE1
X-XSRF-TOKEN: eyJpdiI6IktzQXZ4Ry9VOEtHbUh6V2NkN3d3ZFE9PSIsInZhbHVlIjoiM0V5Z3UyV3QwY1Jmdi9PcCtIRlo5QjVHeDdMYlgvRi8rY2tOUVlINldNR3RIck1Oa2twazRPRU9EdzRDYlZEOHJxTExIRWxuVjVQR01XTXAvbC92YkpnRERwWm5pdmRNb2I5NzVRcjh1ZzZ4aGRWMXlRdXR5cDNldGpRcGtPVFgiLCJtYWMiOiIwODc4M2NiNDk1NTQ1MWZlZmE4ZGE4MTM1MGUzNTFiMzQyNzdiN2FjMWUyMmQ3Njg2MGMyYzUxZGRjNmJiNGI3IiwidGFnIjoiIn0=
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 01:51:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 286 B
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98cd8cd3dcfe89d4cf8b98107324d92e17738834eca23d0e24fa0cb89e7501cc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 v3 Show response
js.stripe.com/ 450 KB
122 KB 96ms
22ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: hsarx.com
URL: https://hsarx.com/js/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

61a8acbd936696b1ab5850535748a30b8aa5c979e44b38da0d81dc72cbac7820

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hsarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 22 Mar 2023 01:51:37 GMT
via: 1.1 varnish
age: 10
x-cache: HIT
content-length: 124155
x-request-id: e8ed543d-b6d3-4180-9f55-f4a9a88dd295
x-served-by: cache-hhn-etou8220071-HHN
last-modified: Tue, 21 Mar 2023 20:25:17 GMT
server: Fastly
etag: "2c59758e9400260cedd385b2e533ac26"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1

GET
H/1.1 200
OK /
seal.digicert.com/seals/cascade/ 6 KB
6 KB 578ms
577ms Image
image/png 63.33.186.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seal.digicert.com/seals/cascade/?tag=wc1JKaR-&referer=hsarx.com&format=png&lang=en&seal_number=15&seal_size=l&an=min

Requested by

Host: hsarx.com
URL: https://hsarx.com/?utm_ref_code=MYMEDSAVE1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

63.33.186.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-33-186-64.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e4b0f1af3cac3e2809f971dc080f23c72456fc9e664525dec53bfed7353b9f41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hsarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 22 Mar 2023 01:51:38 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff, nosniff
last-modified: Wed, 22 Mar 2023 00:00:00 +0000
Server: nginx
Content-Type: image/png
cache-control: max-age=86400
Connection: keep-alive
Content-Length: 5681
X-XSS-Protection: 1; mode=block, 1; mode=block
expires: Thu, 23 Mar 2023 01:51:38 +0000

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 21ms
21ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=486738746185439&ev=Microdata&dl=https%3A%2F%2Fhsarx.com%2F%3Futm_ref_code%3DMYMEDSAVE1&rl=&if=false&ts=1679449897960&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Home%20-%20HSARx%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.99&r=stable&a=tmSimo-GTM-WebTemplate&ec=2&o=30&fbp=fb.1.1679449896327.1256001920&it=1679449895972&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: hsarx.com
URL: https://hsarx.com/?utm_ref_code=MYMEDSAVE1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hsarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 22 Mar 2023 01:51:37 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 left-chevron.png
hsarx.com/images/icons/ 842 B
1 KB 182ms
182ms Image
image/png 54.215.70.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hsarx.com/images/icons/left-chevron.png

Requested by

Host: hsarx.com
URL: https://hsarx.com/?utm_ref_code=MYMEDSAVE1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.215.70.247 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-215-70-247.us-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

f9f4d0589101ae50b1a3a610c422c08e73ebd15957898acb9bf5634b297331eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hsarx.com/?utm_ref_code=MYMEDSAVE1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 01:51:38 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Aug 2022 22:01:34 GMT
server: nginx
etag: "62ed933e-34a"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 842
x-xss-protection: 1; mode=block

GET
H2 200 right-chevron.png
hsarx.com/images/icons/ 884 B
1 KB 184ms
183ms Image
image/png 54.215.70.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hsarx.com/images/icons/right-chevron.png

Requested by

Host: hsarx.com
URL: https://hsarx.com/?utm_ref_code=MYMEDSAVE1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.215.70.247 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-215-70-247.us-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

566690b3769dfb862fa57f46649aa7552bb4c837f124c4b0d992c88727f83f4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hsarx.com/?utm_ref_code=MYMEDSAVE1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 01:51:38 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Aug 2022 22:01:34 GMT
server: nginx
etag: "62ed933e-374"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 884
x-xss-protection: 1; mode=block

GET
H2 200 i8xb4tim Show response
widget.intercom.io/widget/ 8 KB
4 KB 476ms
403ms Script
application/javascript 13.224.189.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.intercom.io/widget/i8xb4tim
Requested by: Host: hsarx.com
URL: https://hsarx.com/?utm_ref_code=MYMEDSAVE1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-18.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b36d97e4743b0fb6d4d001c7c7da04a15b0d9ce1d04e3e847e928df1bceb748b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hsarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: YtPj.qUZB5VjYLHrtVu7O_BwIlXYTaxV
content-encoding: gzip
via: 1.1 cb33a7a4640adbb55df3e0d143601558.cloudfront.net (CloudFront)
date: Wed, 22 Mar 2023 01:32:57 GMT
x-amz-cf-pop: FRA2-C1
age: 1138
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 3265
last-modified: Tue, 21 Mar 2023 17:00:58 GMT
server: AmazonS3
etag: "47ec63ab8ad539a0608e0b8aa9367f6c"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=900, s-maxage=900, public
accept-ranges: bytes
x-amz-cf-id: dM9zXsRzwCV0QEEpwk3G-aeZSZPnFm-GbdpA4DUI5msdxqsNUuHRTg==

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame 6344 200 B
809 B 33ms
33ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hsarx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 8984795
cache-control: max-age=31536000
content-encoding: br
content-length: 122
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 22 Mar 2023 01:51:38 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Wed, 07 Dec 2022 23:30:12 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 46411
x-content-type-options: nosniff
x-request-id: 94389777-1a8c-43d6-a53b-b278340c1f0f
x-served-by: cache-hhn-etou8220071-HHN

POST
H2 200 csp-report
q.stripe.com/ Frame 6344 0
640 B 598ms
194ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: hsarx.com
URL: https://hsarx.com/?utm_ref_code=MYMEDSAVE1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 22 Mar 2023 01:51:38 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1679449898947419
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 6344 0
641 B 596ms
192ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: hsarx.com
URL: https://hsarx.com/?utm_ref_code=MYMEDSAVE1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 22 Mar 2023 01:51:38 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1679449898947475
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 6344 631 B
460 B 22ms
22ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 22 Mar 2023 01:51:38 GMT
via: 1.1 varnish
age: 8984795
x-cache: HIT
content-length: 332
x-request-id: 3dde1d9a-9cb6-4758-b7fc-ea1a7c398ff5
x-served-by: cache-hhn-etou8220071-HHN
last-modified: Wed, 07 Dec 2022 23:30:11 GMT
server: Fastly
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 41410

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 606A 930 B
1 KB 29ms
22ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 110
cache-control: max-age=300, public
content-encoding: gzip
content-length: 527
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 22 Mar 2023 01:51:38 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 30
x-content-type-options: nosniff
x-request-id: 154a803c-cadb-4107-a7eb-d36478ec44ee
x-served-by: cache-hhn-etou8220071-HHN
x-timer: S1679449898.487510,VS0,VE0

POST
H2 200 csp-report
q.stripe.com/ Frame 606A 0
414 B 539ms
196ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: hsarx.com
URL: https://hsarx.com/?utm_ref_code=MYMEDSAVE1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/csp-report

Response headers

x-stripe-bg-intended-route-color: green
pragma: no-cache
date: Wed, 22 Mar 2023 01:51:38 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-client-envoy-start-time-us: 1679449898947499
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 5
x-robots-tag: none
content-length: 0
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 606A 86 KB
16 KB 22ms
22ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Wed, 22 Mar 2023 01:51:38 GMT
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 varnish
age: 70
x-cache: HIT
content-length: 16031
x-request-id: 83dcb4a8-1286-493e-904c-3ed82959116c
x-served-by: cache-hhn-etou8220071-HHN
server: Fastly
x-timer: S1679449899.514942,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 18

POST
H2 200 6 Show response
m.stripe.com/ Frame 606A 156 B
631 B 606ms
199ms XHR
application/json 52.35.8.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.35.8.153 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-35-8-153.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

92df96be3b73046802d5da9cab504fb7d572011696dfdc703aeda38fdd0f5299

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 22 Mar 2023 01:51:39 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1679449899089719
server: nginx
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1679449899089459
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 frame-modern.69efdbcb.js Show response
js.intercomcdn.com/ Frame 40F1 493 KB
131 KB 103ms
27ms Script
application/javascript 18.66.147.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/frame-modern.69efdbcb.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/i8xb4tim

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-5.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c5babec9239dfaf4446ca7d3ab9e976763293cf4d553f2e4bb544a630c05b409

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 00:16:09 GMT
content-encoding: gzip
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
x-amz-version-id: q7q4RS4WXsyE6KEwMtmqATcx9DLQ6BMi
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P4
age: 5729
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 133212
last-modified: Tue, 21 Mar 2023 16:58:48 GMT
server: AmazonS3
etag: "fa2f1d2970a935592a0cbc0c98d92924"
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: Ekh1S9Y039Wq9a1ppDC8I1LhTgEen-DbgV5OwuFTeyu1Zz13HeHuAw==

GET
H2 200 vendor-modern.6f3f5c7a.js Show response
js.intercomcdn.com/ Frame 40F1 237 KB
73 KB 150ms
75ms Script
application/javascript 18.66.147.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendor-modern.6f3f5c7a.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/i8xb4tim

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-5.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

6bda7e88374dbc2c640c9d39d76780abbbca290d302ec67bd9710976df55ccea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 01:20:17 GMT
content-encoding: gzip
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
x-amz-version-id: cb9BsUCuo0R9M.2nXwY_FNuSwxTY5eGk
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P4
age: 1882
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 74559
last-modified: Tue, 21 Mar 2023 16:58:48 GMT
server: AmazonS3
etag: "044a439999cf6b9e6e74a9d0305b366a"
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: gJVgJJTAVysbYhiheuR57nDnINQUCB30GXZhMCRE8L6ZuBRixmqzLQ==

POST
H2 201 i Show response
r.lr-in-prod.com/ 104 B
633 B 697ms
402ms XHR
application/json 104.198.23.205
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r.lr-in-prod.com/i?a=yuvyba%2Ffebhsarx&r=5-900f6776-db4a-48dc-87ff-28a489ea3dbc&t=ae27ee73-3ff1-4138-8e01-c93dfd6e25ba&s=0&rs=0%2Cu&u=ce64e986-bc99-4170-960b-a3e0c857aa3c&is=1

Requested by

Host: cdn.lr-in-prod.com
URL: https://cdn.lr-in-prod.com/logger-1.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.23.205 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

205.23.198.104.bc.googleusercontent.com

Software

/ Express

Resource Hash

56c57ddb04140a37df2f0b9ae80dbdd58368da58e2705746420039eeb6a60b90

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hsarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 01:51:39 GMT
strict-transport-security: max-age=15724800; includeSubDomains
etag: W/"68-bKW1I+6ujOEijWzRIER2LWMXtxA"
x-powered-by: Express
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret,X-LogRocket-ClickHouse-Override,X-LogRocket-ClickHouse-Enabled-Queries
content-length: 104

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame 40F1 6 KB
3 KB 714ms
469ms XHR
application/json 54.197.128.240
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.69efdbcb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.197.128.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-197-128-240.compute-1.amazonaws.com

Software

nginx /

Resource Hash

483488da6b9a64f13c93775275a121373a6b6d4427402fb55501783235415325

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 22 Mar 2023 01:51:39 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-087c2d0cb2ae07534
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 000hu21hu70mvobfc1hg
x-runtime: 0.337076
server: nginx
etag: W/"483488da6b9a64f13c93775275a12137"
x-ratelimit-remaining: 13332
vary: Accept,Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://hsarx.com
x-intercom-version: 91bc8b9af7a02f5c6108ad9cb7f6362594f519f5
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-ratelimit-reset: 1679449900
x-ratelimit-limit: 13333
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-frame-options: SAMEORIGIN

GET
H/1.1 200
OK st Show response
px.mountain.com/ 2 KB
2 KB 791ms
191ms Script
application/javascript 52.37.218.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://px.mountain.com/st?shpt=Home%20-%20HSARx&ga_info=%7B%22status%22%3A%22FAILED%22%2C%22shpt%22%3A%22Home%20-%20HSARx%22%2C%22dcm_cid%22%3A%221679449895.1%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A29%2C%22getTrackingIdByGA%22%3A%22FAILED%22%2C%22getTrackingIdByOther1%22%3A%22FAILED%22%2C%22getTrackingIdByOther2%22%3A%22FAILED%22%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%7D%2C%22message%22%3A%22Could%20not%20evaluate%20some%20of%20the%20GA%20parameters%20due%20to%20timeout%20reached%20(3000ms).%20Check%20the%20execution_workflow%20for%20details.%22%7D&dcm_cid=1679449895.1&dxver=4.0.0&shaid=34088&plh=https%3A%2F%2Fhsarx.com%2F%3Futm_ref_code%3DMYMEDSAVE1&cb=74892660097097180term%3Dvalue
Requested by: Host: dx.mountain.com
URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=34088&tdr=&plh=https%3A%2F%2Fhsarx.com%2F%3Futm_ref_code%3DMYMEDSAVE1&cb=74892660097097180term=value
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.37.218.4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-37-218-4.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 2a948901e775a085a24f251d6b38145b652d7a68b2e4b57cae76d543584ec89a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hsarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 01:51:40 GMT
content-encoding: gzip
server: istio-envoy
transfer-encoding: chunked
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
x-envoy-upstream-service-time: 1
connection: close

GET
H/1.1 200
OK gs Show response
gs.mountain.com/ 144 B
733 B 777ms
193ms Script
application/javascript 34.212.4.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gs.mountain.com/gs
Requested by: Host: hsarx.com
URL: https://hsarx.com/?utm_ref_code=MYMEDSAVE1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.212.4.35 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-212-4-35.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 18d21542d8f144e64f88ab32818eb35f64c12058da146810cfbed231f9987569

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hsarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 01:51:41 GMT
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 1
connection: close
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
content-length: 144
x-application-context: application:prod:8080

GET
H/1.1 200
OK st Show response
px.mountain.com/ 2 KB
1 KB 592ms
209ms Script
application/javascript 52.37.218.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://px.mountain.com/st?shpt=Home%20-%20HSARx&ga_info=%7B%22status%22%3A%22FAILED%22%2C%22shpt%22%3A%22Home%20-%20HSARx%22%2C%22dcm_cid%22%3A%221679449895.1%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A29%2C%22getTrackingIdByGA%22%3A%22FAILED%22%2C%22getTrackingIdByOther1%22%3A%22FAILED%22%2C%22getTrackingIdByOther2%22%3A%22FAILED%22%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%7D%2C%22message%22%3A%22Could%20not%20evaluate%20some%20of%20the%20GA%20parameters%20due%20to%20timeout%20reached%20(3000ms).%20Check%20the%20execution_workflow%20for%20details.%22%7D&dcm_cid=1679449895.1&dxver=4.0.0&shaid=34088&plh=https%3A%2F%2Fhsarx.com%2F%3Futm_ref_code%3DMYMEDSAVE1&cb=1679449900813920&shguid=f946ef3a-3360-3216-954e-2f2c28dec133&shgts=1679449901590
Requested by: Host: hsarx.com
URL: https://hsarx.com/?utm_ref_code=MYMEDSAVE1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.37.218.4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-37-218-4.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 422b962aff597c5aca5f9c3aa114fcea7f3fda6abcad9584510b36b3eecd0f09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hsarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 01:51:42 GMT
content-encoding: gzip
server: istio-envoy
transfer-encoding: chunked
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
x-envoy-upstream-service-time: 13
connection: close

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 3.212.39.155
URL: https://3.212.39.155/is

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bit.ly/	1970-01-20 14:50:01	Name: _bit Value: n2m1Pw-6dd19a33d096b59ba9-00a
refer.hsarx.com/	1970-01-20 10:30:57	Name: XSRF-TOKEN Value: eyJpdiI6Inhycjl6Z0U3aUJUa215dmdPODIxMVE9PSIsInZhbHVlIjoiN3hVRGM0c0QyTVBpY2tIU3l1NnQyYXA0a0VZYXFIenFucmFROHNsUk1tbG1aNkw4aTNYN25UK1ppMzQrMS8wSUlCK2Z4Z1k0ZG9LQTVjVTUzM2tkV2dvTFZvNVNESjF1TVpkUzU3MEdxZUM4T0ZocnZQZEVlWnRWYURzeTZrVFoiLCJtYWMiOiI1YzM3ZGZkMTBhYzliODE5ZjYzNDgwYWI1YmQ3NDI1MTUwYzBiZmEyOTM1YjE3NjE0YzQ1NzVjOTMzNWNkNjhjIiwidGFnIjoiIn0%3D
refer.hsarx.com/	1970-01-20 10:30:57	Name: hsarx_broker_referral_program_session Value: eyJpdiI6IkhBSlFoRnR0MkJCbElNNW91RlB1ekE9PSIsInZhbHVlIjoibGt0TlZpd0JZS01nckpWZEVYWVZINURSNUcwNy9ZMjhhbWhEVUczK2RhUERLVlBYSmpDMkRaUHF2RVhKZ2laczZhaUgrcXcvbTk1b0NsajZWek94L0lCaG1EUW5xdFVERTJPU1BPeS9TTWpEZkpBbkpGeXVORnN2ZUFCdDlZZisiLCJtYWMiOiI4MDE2YzgzY2RmN2RmZTZlNjljMWZmYmVkMzM1Njc2N2QyY2VkZjNhZjdkOGZhNGU3MzIwYmM1NTNkOWRjOTNjIiwidGFnIjoiIn0%3D
hsarx.com/	1970-01-20 20:06:49	Name: referral_code Value: MYMEDSAVE1
.hsarx.com/	1970-01-20 20:06:49	Name: _ga_PDRG447914 Value: GS1.1.1679449895.1.0.1679449895.0.0.0
.hsarx.com/	1970-01-20 20:06:49	Name: _ga Value: GA1.1.2129657048.1679449896
.hsarx.com/	1970-01-20 12:40:25	Name: _gcl_au Value: 1.1.1384712615.1679449896
hsarx.com/	1970-01-20 10:32:16	Name: _lr_tabs_-yuvyba%2Ffebhsarx Value: {%22sessionID%22:0%2C%22recordingID%22:%225-900f6776-db4a-48dc-87ff-28a489ea3dbc%22%2C%22lastActivity%22:1679449895879}
hsarx.com/	1970-01-20 10:32:16	Name: _lr_hb_-yuvyba%2Ffebhsarx Value: {%22heartbeat%22:1679449895879}
hsarx.com/	1969-12-31 23:59:59	Name: _lr_uf_-yuvyba Value: 069415cc-da97-45d0-83fd-f3f18d186397
.hsarx.com/	1970-01-20 20:06:49	Name: _ga_PCYRHDJ1MP Value: GS1.1.1679449895.1.0.1679449895.0.0.0
.hsarx.com/	1970-01-20 12:40:25	Name: _fbp Value: fb.1.1679449896327.1256001920
hsarx.com/	1970-01-20 10:30:57	Name: XSRF-TOKEN Value: eyJpdiI6IlJyK3Ntc1pyajREc0xoWDVtNUJoWVE9PSIsInZhbHVlIjoiM3V1aGlpaUhWUy93eW1ndEVNQ2tnenM4a0ZEVmQwMlpHSVg2LzB2bHlkZmlHK05zMVdXRnIxalMwU0VaMkNMS1BQdDBxSkJpellCcGNLZEVHRjVUTnNML1VRVURkUVA2YXU3UE9rSUgyakdmRFNCcEFhK2RqeDZMMnNZM0NGTkUiLCJtYWMiOiIzOTU1YTRhMGJlYjJlNmIyMWNmNTIyMTVjNzY0ODcwMDY5Njg3YzZlOGY3ZGIzODZhYTQ4YjBhMjY1NTVkNmY1IiwidGFnIjoiIn0%3D
hsarx.com/	1970-01-20 10:30:57	Name: hsarx_session Value: eyJpdiI6IlhlR01Sb0k2QjRGYmlSQmpGMUxWMHc9PSIsInZhbHVlIjoiVGR6eXVtTHloR1pxQXU5VmpVemFuL3dDOU1ORlhiYVJVbzgwVlR6cCtsVkV3M0tyQjZPUUJxUlVJemYyUE9EV2VIRkRXOXBmeWhxdHRPV3cwK1k2dVpIQ3Rrc2lNYktjK3BBY01QanlCRytoVGJlSjhsNFlibGdPb2diRXVzRDciLCJtYWMiOiIzYzMxZjFiNmYwZmU2NjZlMzdjNTM5NzkxYmFiMGU1MTcyM2Q0NjI0N2VjM2E3Yzg4MmRlYjI2NjhiYmRkOWQ3IiwidGFnIjoiIn0%3D
m.stripe.com/	1970-01-20 20:06:49	Name: m Value: d2716e08-2692-4ceb-b021-a7729a48f2ae590e39
.hsarx.com/	1970-01-20 19:16:25	Name: __stripe_mid Value: 82e23f4c-6198-4c49-8779-719e7c32729105a731
.hsarx.com/	1970-01-20 10:30:51	Name: __stripe_sid Value: a94d205e-8f3d-4233-a0f6-fb5661d0382985d5d9
.hsarx.com/	1970-01-20 16:59:39	Name: intercom-id-i8xb4tim Value: e136914b-4835-4c05-896d-edb24105106a
.hsarx.com/	1970-01-20 10:40:54	Name: intercom-session-i8xb4tim Value:
.hsarx.com/	1970-01-20 16:59:39	Name: intercom-device-id-i8xb4tim Value: ffd311d4-cbab-4efc-8c2a-8969eef698ba
.mountain.com/	1970-01-20 20:06:49	Name: guid Value: 1710acb9-c854-11ed-9a15-85ac86d6fc09
.px.mountain.com/	1970-01-20 20:06:49	Name: tt Value: H4sIAAAAAAAAAKtWKlOyMqoFAP609q8HAAAA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3.212.39.155
api-iam.intercom.io
bit.ly
blog.hsarx.com
cdn.lr-in-prod.com
connect.facebook.net
dx.mountain.com
fonts.googleapis.com
fonts.gstatic.com
gs.mountain.com
hsarx.com
js.intercomcdn.com
js.stripe.com
m.stripe.com
m.stripe.network
p.typekit.net
px.mountain.com
q.stripe.com
r.lr-in-prod.com
refer.hsarx.com
region1.google-analytics.com
seal-southernnevada.bbb.org
seal.digicert.com
use.typekit.net
widget.intercom.io
www.facebook.com
www.googletagmanager.com
3.212.39.155
104.198.23.205
13.224.189.18
141.193.213.10
151.101.64.176
18.66.147.5
2001:4860:4802:32::36
2606:4700:3030::6815:41c3
2a00:1450:4001:806::2003
2a00:1450:4001:812::200a
2a00:1450:4001:831::2008
2a02:26f0:3500:16::215:1495
2a02:26f0:480:e::210:f10f
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a0b:4d07:101::1
34.212.4.35
52.35.8.153
52.37.218.4
52.7.151.245
54.183.142.203
54.187.119.242
54.197.128.240
54.215.70.247
63.33.186.64
67.199.248.11
04f4b7144c4598e0b19d7b77e041a0952a0293b6b548be34b560e6157571b62f
0a19fce040b8127f3e2e3ed609f7800153be329d6420b53295fb79a4f40012ec
0d8130565d9aa553dc717ec109ef82f1d2dc9c88eaf0da5387cc8c563f605f41
0e65bb6aaf17c389be828484c472752eb25eedea9406061ec3afe5aab952088b
0fd0b0708990cb36880a438bfd2433206ba304f6d1a00e0ddfa1fe7172bf4f2d
13cf571f92e439cb2bfdbf7059fd8bb9cbeb37319b983ba613a50f0551404127
15ddf1c840876a1e031ca9cd350eebedcdcf3937be7763b42ef200c4ba73ae57
172dddad5c9786e8ccfb0aa981b5523b1e8a655859df6930b7a6c96815e19178
18d21542d8f144e64f88ab32818eb35f64c12058da146810cfbed231f9987569
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
2264395e8c14e0c18cbab9c3305026a1d28e5904d336a6cded7e38010a8a2fb0
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
2a948901e775a085a24f251d6b38145b652d7a68b2e4b57cae76d543584ec89a
37e2d14adf43c1b4390abed789f4ba42d5412a0c7cc6ec9a59880a2fccd18c3e
3923442efb1486946af6fbf7698c918dfb1746132c1f9300d8ea744a6c323568
3f98e66cbb15415d5b6cb192125e8e9afdeefaa190fca972b2b8463983fb9d06
422b962aff597c5aca5f9c3aa114fcea7f3fda6abcad9584510b36b3eecd0f09
457b2f1657bba104a5d4cf0f55b977d018b9b000cad1376649e2053f7f5391cf
47e3716f35c0fd29beb91b800e28de73b464009dd444b9a0a3eb68d185c64c69
483488da6b9a64f13c93775275a121373a6b6d4427402fb55501783235415325
4a8e1b8ba84c140aaef46aa360bd70b6bb3c9ec979ebafda15569bb37d16bfcf
50eff44e1cd724de6b701b4c8c57011263d03110578b4f7ea05f2e0c4b6283da
5239ee8d29140c65816b7e72444226560c84f529e32a8fd6e006639c68139471
566690b3769dfb862fa57f46649aa7552bb4c837f124c4b0d992c88727f83f4b
56c57ddb04140a37df2f0b9ae80dbdd58368da58e2705746420039eeb6a60b90
61a8acbd936696b1ab5850535748a30b8aa5c979e44b38da0d81dc72cbac7820
64e4de71a710bbb6b7bc79ec8e2bf2d9b3132e8330d29b6d50479eb95238e8d1
6bda7e88374dbc2c640c9d39d76780abbbca290d302ec67bd9710976df55ccea
6ee459491293c729fa3781d5aea26d3740adfcb78d5e518b04b3d7a79c697b4a
73d0717db4547ff5d349d09ce83dc9fbdbe65e05158a16e57a585c870aa8e984
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
803eca042a9b56aefc4c8fe22251b3ee0a12bb5a03180a0a76ca3d317e8386a4
81f277888d1ee510668666fb819bcf637e488b613dac15cf78cbe9d1ac41658c
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
851bed31d4f43dc72b16fd272891068df0cddaa17801e736d5383b7945ca9f94
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
895563fed16432f207710b0516ad7427d61b72b058205b72fbda10c4b3e74c60
8d6c26f6479d64cedd78ad116f5aa6728ba53cab95d35fef25d8af9ad7bf0803
92df96be3b73046802d5da9cab504fb7d572011696dfdc703aeda38fdd0f5299
943bc57159f56231aa07d88494c993cc97a28b6630cbc6a0a3911781e2f7775e
966620f9e3bec428663687f9e8d67a6b8e35d79adebf6fb204e9b139eada7599
98cd8cd3dcfe89d4cf8b98107324d92e17738834eca23d0e24fa0cb89e7501cc
9a20db69e87449963f0e927d257410b1b0f0116dd8267d9f9a8d9761383933b9
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
b266d407a1929718e8df9e7658ff6f52c9445bc9195779efb9bb95ad0db6d06d
b36d97e4743b0fb6d4d001c7c7da04a15b0d9ce1d04e3e847e928df1bceb748b
b9dfae4712976b13050a745ec245682396cb73c6e9efc9ea157a75e4b0424473
be2520363fbf0798e0bdb8ed737261fe2d4d38a8934a793557f537d73afed285
c4278ebdd5b20cd6e6f0c1a0f726e5f28bfa33771f4f18d6ff52dae3901d69d7
c5babec9239dfaf4446ca7d3ab9e976763293cf4d553f2e4bb544a630c05b409
c72d2edb8cff2968667b8d7707fe923334c49f7e98fc8a39c77727b66384f731
cd828132e6cba8da5d9022730bf30f2ffb8017ea958d5b135067ea7837e3a374
d7f9578a1e1cc660a72aeb8550b774a7dae0787bb6bc958095758e9582c0ff0a
da86ed813a873405a46fb494145a44484a9457e568df71edc38ebce1a16e3c70
ddec2343756571e1855305dcdf7fd89590e720e28825807ea4d26e4d0e5b53f7
e3a35a38b88539e3396024a7dc32efe24d99caa2bb0d1f77f9ab146062c364db
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b0f1af3cac3e2809f971dc080f23c72456fc9e664525dec53bfed7353b9f41
ebe76f77519f806d75596c92a59d4fac8a54f319c97b6ee946528429a9b6da82
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f9f4d0589101ae50b1a3a610c422c08e73ebd15957898acb9bf5634b297331eb
fbda26eb3fe85cf98a7f9d13e5a872abf779201d95174dc1804de75e9c63d4ad
ffba84ab3ace4331bb094559bc8c1ff2c6451e4902640ad2a34e5914b6f2374d

hsarx.com Open in urlscan Pro 54.215.70.247 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

71 Requests

97 %HTTPS

40 %IPv6

18 Domains

27 Subdomains

24 IPs

4 Countries

3865 kBTransfer

11940 kBSize

22 Cookies

10 Outgoing links

Page URL History

Redirected requests

71 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

hsarx.com Open in urlscan Pro
54.215.70.247 Public Scan

Screenshot
Live screenshot

Full Image

71
Requests

97 %
HTTPS

40 %
IPv6

18
Domains

27
Subdomains

24
IPs

4
Countries

3865 kB
Transfer

11940 kB
Size

22
Cookies

71 HTTP transactions
1 data transactions