www.rxbenefits.com Open in urlscan Pro
69.16.196.30 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.rxbenefits.com/prior-authorization-form/
Submission: On July 13 via manual (July 13th 2023, 12:31:00 pm UTC) from US — Scanned from DE

Summary HTTP 78 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 35 IPs in 5 countries across 28 domains to perform 78 HTTP transactions. The main IP is 69.16.196.30, located in United States and belongs to LIQUIDWEB, US. The main domain is www.rxbenefits.com.
TLS certificate: Issued by R3 on June 28th 2023. Valid for: 3 months.

This is the only time www.rxbenefits.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
21	69.16.196.30 69.16.196.30	32244 (LIQUIDWEB) (LIQUIDWEB)
3	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
4	2400:52e0:1e0... 2400:52e0:1e00::1081:1	200325 (BUNNYCDN) (BUNNYCDN)
2	2606:4700:e2:... 2606:4700:e2::ac40:850f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2606:4700::68... 2606:4700::6812:1005	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.222.169.106 52.222.169.106	16509 (AMAZON-02) (AMAZON-02)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	18.66.97.49 18.66.97.49	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:480... 2a02:26f0:480:f::213:7edd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	35.153.195.87 35.153.195.87	14618 (AMAZON-AES) (AMAZON-AES)
1	108.138.17.87 108.138.17.87	16509 (AMAZON-02) (AMAZON-02)
3	2400:52e0:1e0... 2400:52e0:1e00::1082:1	200325 (BUNNYCDN) (BUNNYCDN)
1	34.96.71.22 34.96.71.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	18.66.97.20 18.66.97.20	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:255... 2600:9000:2553:1a00:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.43.14 13.107.43.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.222.236.74 52.222.236.74	16509 (AMAZON-02) (AMAZON-02)
1	18.66.112.67 18.66.112.67	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:249... 2600:9000:2490:c800:1d:8d6d:3b40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	2600:1f18:612... 2600:1f18:612b:4200:b1d8:3816:2eb5:b94e	14618 (AMAZON-AES) (AMAZON-AES)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	18.66.112.126 18.66.112.126	16509 (AMAZON-02) (AMAZON-02)
1	52.30.242.134 52.30.242.134	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	63.35.129.12 63.35.129.12	16509 (AMAZON-02) (AMAZON-02)
1	34.202.194.185 34.202.194.185	14618 (AMAZON-AES) (AMAZON-AES)
1	35.186.247.156 35.186.247.156	15169 (GOOGLE) (GOOGLE)
1	52.217.117.82 52.217.117.82	16509 (AMAZON-02) (AMAZON-02)
78	35

21 69.16.196.30 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: rxbenefits.com

www.rxbenefits.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2400:52e0:1e00::1081:1 (Germany)

ASN200325 (BUNNYCDN, SI)

fonts.bunny.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e2::ac40:850f (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6812:1005 (United States)

ASN13335 (CLOUDFLARENET, US)

js.qualified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.qualified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.169.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-169-106.cdg52.r.cloudfront.net

vidassets.terminus.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-49.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:f::213:7edd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.153.195.87 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-153-195-87.compute-1.amazonaws.com

bidagent.xad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-87.fra56.r.cloudfront.net

tag.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2400:52e0:1e00::1082:1 (Germany)

ASN200325 (BUNNYCDN, SI)

a.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com

s.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-20.fra56.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2553:1a00:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.43.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-74.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.67 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-67.fra56.r.cloudfront.net

api.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2490:c800:1d:8d6d:3b40:93a1 (United States)

ASN16509 (AMAZON-02, US)

tag-logger.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4200:b1d8:3816:2eb5:b94e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-126.fra56.r.cloudfront.net

cdn.brandfolder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.242.134 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-242-134.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.35.129.12 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-129-12.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.202.194.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-194-185.compute-1.amazonaws.com

app.qualified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.247.156 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 156.247.186.35.bc.googleusercontent.com

sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.117.82 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-east-1-r-w.amazonaws.com

qualified-production.s3.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	rxbenefits.com www.rxbenefits.com	513 KB
9	qualified.com js.qualified.com — Cisco Umbrella Rank: 24156 app.qualified.com — Cisco Umbrella Rank: 27638 assets.qualified.com — Cisco Umbrella Rank: 26531	865 KB
5	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 414 www.linkedin.com — Cisco Umbrella Rank: 544 px4.ads.linkedin.com — Cisco Umbrella Rank: 6544	5 KB
4	omappapi.com a.omappapi.com — Cisco Umbrella Rank: 5891 api.omappapi.com — Cisco Umbrella Rank: 6133	28 KB
4	bunny.net fonts.bunny.net — Cisco Umbrella Rank: 14347	50 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 753 script.hotjar.com — Cisco Umbrella Rank: 1081 in.hotjar.com — Cisco Umbrella Rank: 5711	74 KB
3	google.de www.google.de — Cisco Umbrella Rank: 4752	579 B
3	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 130 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57	2 KB
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2556 www.google.com — Cisco Umbrella Rank: 10	765 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	222 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	259 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 635	2 KB
2	company-target.com s.company-target.com — Cisco Umbrella Rank: 1995 api.company-target.com — Cisco Umbrella Rank: 3913	2 KB
2	demandbase.com tag.demandbase.com — Cisco Umbrella Rank: 4924 tag-logger.demandbase.com — Cisco Umbrella Rank: 4700	22 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	134 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 914	6 KB
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1196	171 KB
1	amazonaws.com qualified-production.s3.us-east-1.amazonaws.com — Cisco Umbrella Rank: 41528	9 KB
1	sentry.io sentry.io — Cisco Umbrella Rank: 238	292 B
1	hotjar.io content.hotjar.io — Cisco Umbrella Rank: 6111	161 B
1	brandfolder.com cdn.brandfolder.com — Cisco Umbrella Rank: 241110	3 KB
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 374	239 B
1	tremorhub.com partners.tremorhub.com — Cisco Umbrella Rank: 1248	393 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1623	54 B
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1031	369 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 717	98 B
1	xad.com bidagent.xad.com — Cisco Umbrella Rank: 13235	342 B
1	terminus.services vidassets.terminus.services — Cisco Umbrella Rank: 22585
78	28

	Domain	Requested by
21	www.rxbenefits.com	www.rxbenefits.com
7	assets.qualified.com	app.qualified.com
4	fonts.bunny.net	www.rxbenefits.com fonts.bunny.net
3	px.ads.linkedin.com	3 redirects
3	a.omappapi.com	www.rxbenefits.com a.omappapi.com
3	www.google.de	www.rxbenefits.com
3	www.googletagmanager.com	www.rxbenefits.com www.googletagmanager.com
2	www.facebook.com	www.rxbenefits.com
2	dsum-sec.casalemedia.com	1 redirects s.company-target.com
2	connect.facebook.net	www.rxbenefits.com connect.facebook.net
2	snap.licdn.com	www.rxbenefits.com snap.licdn.com
2	stats.g.doubleclick.net	www.googletagmanager.com
2	region1.analytics.google.com	www.googletagmanager.com
2	use.fontawesome.com	www.rxbenefits.com use.fontawesome.com
1	qualified-production.s3.us-east-1.amazonaws.com
1	sentry.io	assets.qualified.com
1	app.qualified.com	js.qualified.com
1	content.hotjar.io	script.hotjar.com
1	www.google.com	www.rxbenefits.com
1	in.hotjar.com	script.hotjar.com
1	cdn.brandfolder.com	www.rxbenefits.com
1	pixel.rubiconproject.com	s.company-target.com
1	partners.tremorhub.com	s.company-target.com
1	tag-logger.demandbase.com	tag.demandbase.com
1	region1.google-analytics.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	api.omappapi.com	a.omappapi.com
1	script.hotjar.com	static.hotjar.com
1	px4.ads.linkedin.com	www.rxbenefits.com
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	api.company-target.com	tag.demandbase.com
1	id.rlcdn.com	www.rxbenefits.com
1	s.company-target.com	tag.demandbase.com
1	tag.demandbase.com	www.rxbenefits.com
1	bidagent.xad.com	www.rxbenefits.com
1	static.hotjar.com	www.rxbenefits.com
1	vidassets.terminus.services	www.rxbenefits.com
1	js.qualified.com	www.rxbenefits.com
78	39

This site contains links to these domains. Also see Links.

Domain
rxpharmacyassurance.com
employers.rxbenefits.com
rxbene.fit
rxb.promptpa.com

Subject Issuer	Validity	Valid
www.rxbenefits.com R3	`2023-06-28` - `2023-09-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
fonts.bunny.net R3	`2023-06-06` - `2023-09-04`	3 months	crt.sh
use.fontawesome.com GTS CA 1P5	`2023-07-04` - `2023-10-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-11` - `2024-04-10`	a year	crt.sh
*.terminus.services Amazon RSA 2048 M01	`2023-02-22` - `2023-11-14`	9 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-04-21` - `2023-07-20`	3 months	crt.sh
bidagent.xad.com Amazon RSA 2048 M01	`2023-05-03` - `2024-05-31`	a year	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2022-08-17` - `2023-09-18`	a year	crt.sh
a.omappapi.com R3	`2023-07-09` - `2023-10-07`	3 months	crt.sh
*.company-target.com R3	`2023-06-18` - `2023-09-16`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2022-09-16` - `2023-10-18`	a year	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-06-08` - `2024-07-07`	a year	crt.sh
api.opmnstr.com Amazon RSA 2048 M01	`2023-03-01` - `2024-02-08`	a year	crt.sh
*.demandbase.com Amazon RSA 2048 M01	`2023-07-11` - `2024-08-08`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.brandfolder.com Amazon RSA 2048 M02	`2023-02-23` - `2023-10-12`	8 months	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2023-03-02` - `2024-03-30`	a year	crt.sh
app.qualified.com R3	`2023-05-22` - `2023-08-20`	3 months	crt.sh
sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-06` - `2024-07-06`	a year	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2023-04-11` - `2023-12-20`	8 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.rxbenefits.com/prior-authorization-form/
Frame ID: F6A4C943FFB4888A2F9A4E56E1E0ACC5
Requests: 63 HTTP requests in this frame

Frame: https://s.company-target.com/s/sync?exc=lr
Frame ID: 7212001FA175C4495DFDB6B5A633F515
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: C1E24C023FDB231AD8AC96882EDF4B90
Requests: 1 HTTP requests in this frame

Frame: https://app.qualified.com/w/1/7fRq5qnG4SdQfhKS/messenger?uuid=b888a691-d3bc-4559-9329-95e5bb838610
Frame ID: E3102DE4D00D32E1C1ECA80A2E026363
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Prior Authorization Form Download | RxBenefits

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Revslider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/revslider/[/\w-]+/js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

78
Requests

97 %
HTTPS

47 %
IPv6

28
Domains

39
Subdomains

35
IPs

5
Countries

2104 kB
Transfer

6135 kB
Size

31
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://rxpharmacyassurance.com/
Title: RxPharmacy Assurance

Search URL Search Domain Scan URL

URL: https://employers.rxbenefits.com/
Title: Employer Resources

Search URL Search Domain Scan URL

URL: https://rxbene.fit/3f1imik
Title: Download Prior Authorization Form

Search URL Search Domain Scan URL

URL: https://rxb.promptpa.com/viewrequeststatus.aspx?q_=r5zyNG5MDvey19Cf5OgMWg%3d%3d
Title: Check Status on your PA Request

Search URL Search Domain Scan URL

URL: https://rxbene.fit/3saWK6Z
Title: HWMG Members Prior Authorization Form

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1365658&time=1689251455233&url=https%3A%2F%2Fwww.rxbenefits.com%2Fprior-authorization-form%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1365658&time=1689251455233&url=https%3A%2F%2Fwww.rxbenefits.com%2Fprior-authorization-form%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1365658%26time%3D1689251455233%26url%3Dhttps%253A%252F%252Fwww.rxbenefits.com%252Fprior-authorization-form%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1365658&time=1689251455233&url=https%3A%2F%2Fwww.rxbenefits.com%2Fprior-authorization-form%2F&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1365658&time=1689251455233&url=https%3A%2F%2Fwww.rxbenefits.com%2Fprior-authorization-form%2F&cookiesTest=true&liSync=true&e_ipv6=AQJP8rhX7JeBcAAAAYlPO6P0KWFY0odr6EL4b7RZUqR3yC3DN4GChm-Yq1NQvzriSVidAqVoQD1zU55Fp5AfknyKHkg

Request Chain 56

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1705149055&external_user_id=7086c3c3-fcfb-4ed1-969b-7aa9827dde97 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1705149055&external_user_id=7086c3c3-fcfb-4ed1-969b-7aa9827dde97&C=1

78 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.rxbenefits.com/prior-authorization-form/ 92 KB
21 KB 573ms
270ms Document
text/html 69.16.196.30
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rxbenefits.com/prior-authorization-form/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 69.16.196.30 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: rxbenefits.com
Software: nginx /
Resource Hash: 44629a118f76c0e94de4f1582c1fec1d7286382575197c17bf1e40a05b47fb69

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 13 Jul 2023 12:30:53 GMT
expires: Mon, 29 Oct 1923 20:30:00 GMT
last-modified: Fri, 07 Jul 2023 13:01:23 GMT
pragma: no-cache
server: nginx
vary: Accept-Encoding User-Agent,Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 210 KB
75 KB 105ms
51ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GB90MG60DW

Requested by

Host: www.rxbenefits.com
URL: https://www.rxbenefits.com/prior-authorization-form/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bc445fa7ffaf543baec27155a066d63eed31b019bc9dea6117ca837c9f816bc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rxbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 12:30:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76383
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 13 Jul 2023 12:30:54 GMT

GET
H2 200 style.min.css
www.rxbenefits.com/wp-includes/css/dist/block-library/ 95 KB
13 KB 142ms
138ms Stylesheet
text/css 69.16.196.30
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rxbenefits.com/wp-includes/css/dist/block-library/style.min.css?ver=6.2.2
Requested by: Host: www.rxbenefits.com
URL: https://www.rxbenefits.com/prior-authorization-form/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 69.16.196.30 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: rxbenefits.com
Software: nginx /
Resource Hash: aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rxbenefits.com/prior-authorization-form/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 12:30:53 GMT
content-encoding: gzip
last-modified: Thu, 18 May 2023 15:41:47 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=10368000
expires: max-age=A10368000, public

GET
H2 200 style-index.css
www.rxbenefits.com/wp-content/plugins/brandfolder/build/ 1 KB
460 B 157ms
151ms Stylesheet
text/css 69.16.196.30
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rxbenefits.com/wp-content/plugins/brandfolder/build/style-index.css?ver=1671485904
Requested by: Host: www.rxbenefits.com
URL: https://www.rxbenefits.com/prior-authorization-form/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 69.16.196.30 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: rxbenefits.com
Software: nginx /
Resource Hash: 0a74fa5d2d7d9beadb58cfdaabbdbaf23c178ae116361d00eb3d9d3978e2af43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rxbenefits.com/prior-authorization-form/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 12:30:53 GMT
content-encoding: gzip
last-modified: Mon, 19 Dec 2022 21:38:24 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=10368000
expires: max-age=A10368000, public

GET
H2 200 final-sales-calculator-public.css
www.rxbenefits.com/wp-content/plugins/final-sales-calculator/public/css/ 11 KB
2 KB 147ms
142ms Stylesheet
text/css 69.16.196.30
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rxbenefits.com/wp-content/plugins/final-sales-calculator/public/css/final-sales-calculator-public.css?ver=1.0.0
Requested by: Host: www.rxbenefits.com
URL: https://www.rxbenefits.com/prior-authorization-form/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 69.16.196.30 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: rxbenefits.com
Software: nginx /
Resource Hash: 386a0f0018de75f3fe4d91f0ca87a65305abfca3a477f7c7375b90a3ee404518

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rxbenefits.com/prior-authorization-form/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 12:30:53 GMT
content-encoding: gzip
last-modified: Fri, 13 Mar 2020 06:36:44 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=10368000
expires: max-age=A10368000, public

GET
H2 200 css
fonts.bunny.net/ 28 KB
2 KB 125ms
26ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.bunny.net/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap
Requested by: Host: www.rxbenefits.com
URL: https://www.rxbenefits.com/prior-authorization-form/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: be4736ce504821582c42648721827d60662045f22793f4d56933dfc76b20e400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rxbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 12:30:54 GMT
content-encoding: br
cdn-edgestorageid: 1082
x-do-app-origin: 1fb91846-e6b7-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
cdn-cachedat: 07/10/2023 12:20:21
cdn-pullzone: 781720
last-modified: Mon, 10 Jul 2023 12:20:21 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
cdn-requestid: 475b1677255ae1a4623d1b0aaf7f8f90
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 screen.css
www.rxbenefits.com/wp-content/themes/rxbenefits/public/styles/ 150 KB
27 KB 272ms
268ms Stylesheet
text/css 69.16.196.30
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rxbenefits.com/wp-content/themes/rxbenefits/public/styles/screen.css?ver=1688159955
Requested by: Host: www.rxbenefits.com
URL: https://www.rxbenefits.com/prior-authorization-form/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 69.16.196.30 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: rxbenefits.com
Software: nginx /
Resource Hash: 35fb30db5d75d94b4902cb0e643f0f70b4f8477582a813db9e43a3363e97589f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rxbenefits.com/prior-authorization-form/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 12:30:53 GMT
content-encoding: gzip
last-modified: Fri, 30 Jun 2023 21:19:15 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=10368000
expires: max-age=A10368000, public

GET
H2 200 all.css
use.fontawesome.com/releases/v6.4.0/css/ 100 KB
23 KB 85ms
35ms Stylesheet
text/css 2606:4700:e2::ac40:850f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v6.4.0/css/all.css?ver=6.4.0
Requested by: Host: www.rxbenefits.com
URL: https://www.rxbenefits.com/prior-authorization-form/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rxbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 12:30:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: RWR62F99VSH8X33N
age: 1232754
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: jOn3bhzqQI8MbBqB7bRy6PPEnxPn75JLiaY2aPHG03LpT2FRDHDVPH6X8pnKPJTxhRRVezRmQ0Y=
last-modified: Fri, 24 Mar 2023 15:16:17 GMT
server: cloudflare
etag: W/"ded1c367363e8b20bdc6a19b8350a737"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=InB9DPmevlyP9yO7J%2FNODxtj8dTSbj0wg8LqBliAFekYod1fmgK27W%2FNoEwXjhM2Kdq9V2dJHvuVUbme7w9AIWr6iWgsccMM8D%2FoylmPXgJapBhiGPr3j3CfqZ9wlkFjAdbByOw5VcY0B%2F%2FieFPTIcRt"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 7e618a380e1b9950-FRA

GET
H2 200 featherlight.min.css
www.rxbenefits.com/wp-content/themes/rxbenefits/public/styles/ 2 KB
961 B 276ms
272ms Stylesheet
text/css 69.16.196.30
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rxbenefits.com/wp-content/themes/rxbenefits/public/styles/featherlight.min.css?ver=1688159955
Requested by: Host: www.rxbenefits.com
URL: https://www.rxbenefits.com/prior-authorization-form/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 69.16.196.30 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: rxbenefits.com
Software: nginx /
Resource Hash: bc462b8920124b34fffa9f466debcfb0e097317ed6b76b73a547ad39c374fe34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rxbenefits.com/prior-authorization-form/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 12:30:53 GMT
content-encoding: gzip
last-modified: Thu, 18 May 2023 21:48:39 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=10368000
expires: max-age=A10368000, public

GET
H2 200 search-forms.css
www.rxbenefits.com/wp-content/plugins/searchwp/assets/css/frontend/ 5 KB
2 KB 153ms
149ms Stylesheet
text/css 69.16.196.30
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rxbenefits.com/wp-content/plugins/searchwp/assets/css/frontend/search-forms.css?ver=4.3.2
Requested by: Host: www.rxbenefits.com
URL: https://www.rxbenefits.com/prior-authorization-form/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 69.16.196.30 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: rxbenefits.com
Software: nginx /
Resource Hash: 480cbbdaf9ea4afde46d8c47c35a98172d4bdc57232c38fd6c44a514ae1c1a87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rxbenefits.com/prior-authorization-form/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 12:30:53 GMT
content-encoding: gzip
last-modified: Wed, 05 Jul 2023 20:32:55 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=10368000
expires: max-age=A10368000, public

GET
H2 200 frontend-gtag.min.js Show response
www.rxbenefits.com/wp-content/plugins/google-analytics-premium/assets/js/ 11 KB
3 KB 155ms
151ms Script
application/javascript 69.16.196.30
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rxbenefits.com/wp-content/plugins/google-analytics-premium/assets/js/frontend-gtag.min.js?ver=8.17
Requested by: Host: www.rxbenefits.com
URL: https://www.rxbenefits.com/prior-authorization-form/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 69.16.196.30 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: rxbenefits.com
Software: nginx /
Resource Hash: bc7269d642327a2174736fc2b0231d1626e6fff1ca2f57e19c59835e73febe85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rxbenefits.com/prior-authorization-form/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 12:30:53 GMT
content-encoding: gzip
last-modified: Fri, 30 Jun 2023 17:11:27 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=10368000
expires: max-age=A10368000, public

GET
H2 200 jquery.min.js Show response
www.rxbenefits.com/wp-includes/js/jquery/ 88 KB
31 KB 272ms
269ms Script
application/javascript 69.16.196.30
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rxbenefits.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Requested by: Host: www.rxbenefits.com
URL: https://www.rxbenefits.com/prior-authorization-form/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 69.16.196.30 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: rxbenefits.com
Software: nginx /
Resource Hash: afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rxbenefits.com/prior-authorization-form/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 12:30:53 GMT
content-encoding: gzip
last-modified: Thu, 18 May 2023 15:41:47 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=10368000
expires: max-age=A10368000, public

GET
H2 200 jquery-migrate.min.js Show response
www.rxbenefits.com/wp-includes/js/jquery/ 13 KB
5 KB 277ms
274ms Script
application/javascript 69.16.196.30
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rxbenefits.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by: Host: www.rxbenefits.com
URL: https://www.rxbenefits.com/prior-authorization-form/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 69.16.196.30 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: rxbenefits.com
Software: nginx /
Resource Hash: 9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rxbenefits.com/prior-authorization-form/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 12:30:53 GMT
content-encoding: gzip
last-modified: Thu, 18 May 2023 15:41:47 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=10368000
expires: max-age=A10368000, public

GET
H2 200 jquery.animateNumber.min.js Show response
www.rxbenefits.com/wp-content/plugins/final-sales-calculator/public/js/ 1 KB
945 B 278ms
275ms Script
application/javascript 69.16.196.30
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rxbenefits.com/wp-content/plugins/final-sales-calculator/public/js/jquery.animateNumber.min.js?ver=6.2.2
Requested by: Host: www.rxbenefits.com
URL: https://www.rxbenefits.com/prior-authorization-form/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 69.16.196.30 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: rxbenefits.com
Software: nginx /
Resource Hash: 18201e44a097144b4b4d9fa01b548222bb46918ab5cd98cc5e48fe5d414d26aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rxbenefits.com/prior-authorization-form/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 12:30:53 GMT
content-encoding: gzip
last-modified: Tue, 18 Feb 2020 22:41:58 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=10368000
expires: max-age=A10368000, public

GET
H2 200 final-sales-calculator-public.js Show response
www.rxbenefits.com/wp-content/plugins/final-sales-calculator/public/js/ 10 KB
2 KB 298ms
296ms Script
application/javascript 69.16.196.30
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rxbenefits.com/wp-content/plugins/final-sales-calculator/public/js/final-sales-calculator-public.js?ver=1.0.0
Requested by: Host: www.rxbenefits.com
URL: https://www.rxbenefits.com/prior-authorization-form/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 69.16.196.30 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: rxbenefits.com
Software: nginx /
Resource Hash: 52faf53628a79625583b743e3d44a2962fe7aa2552c801e895d1bd5b6bf31e99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rxbenefits.com/prior-authorization-form/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 12:30:53 GMT
content-encoding: gzip
last-modified: Tue, 07 Apr 2020 18:15:33 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=10368000
expires: max-age=A10368000, public

GET
H2 200 qualified.js Show response
js.qualified.com/ 607 KB
148 KB 503ms
443ms Script
text/javascript 2606:4700::6812:1005
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.qualified.com/qualified.js?token=7fRq5qnG4SdQfhKS

Requested by

Host: www.rxbenefits.com
URL: https://www.rxbenefits.com/prior-authorization-form/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1005 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0449bb8c98a0af3cb2431a27c9431fd3be4c905525f6e1f38a78c4752dbcf62

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rxbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 12:30:55 GMT
content-encoding: gzip
via: 1.1 spaces-router (devel)
strict-transport-security: max-age=63072000; includeSubDomains
cf-cache-status: MISS
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 49d6d797-0b2a-6010-e977-b0c3e07218f8
pragma: no-cache
x-runtime: 0.019185
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"f0449bb8c98a0af3cb2431a27c9431fd"
x-download-options: noopen
vary: Accept,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 7e618a3ae9d59a41-FRA
expires: Thu, 13 Jul 2023 16:30:55 GMT

GET
H2 404 t.js
vidassets.terminus.services/4749152a-b768-4dc9-bc3e-6b0dfa4c7e69/ 0
0 432ms
335ms Script
application/json 52.222.169.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vidassets.terminus.services/4749152a-b768-4dc9-bc3e-6b0dfa4c7e69/t.js
Requested by: Host: www.rxbenefits.com
URL: https://www.rxbenefits.com/prior-authorization-form/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.169.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-169-106.cdg52.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rxbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 rxbenefits_logo.svg
www.rxbenefits.com/wp-content/themes/rxbenefits/public/images/ 8 KB
3 KB 179ms
164ms Image
image/svg+xml 69.16.196.30
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rxbenefits.com/wp-content/themes/rxbenefits/public/images/rxbenefits_logo.svg
Requested by: Host: www.rxbenefits.com
URL: https://www.rxbenefits.com/prior-authorization-form/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 69.16.196.30 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: rxbenefits.com
Software: nginx /
Resource Hash: 2484acf4e2559e042f59c44028420cd5193be362d82dc13b04d510337d849fd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rxbenefits.com/prior-authorization-form/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 12:30:54 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 19:35:08 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding,User-Agent
content-type: image/svg+xml
cache-control: max-age=10368000
expires: max-age=A10368000, public

GET
H2 200 rs6.css
www.rxbenefits.com/wp-content/plugins/revslider/public/assets/css/ 58 KB
13 KB 140ms
139ms Stylesheet
text/css 69.16.196.30
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rxbenefits.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.6.14
Requested by: Host: www.rxbenefits.com
URL: https://www.rxbenefits.com/prior-authorization-form/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 69.16.196.30 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: rxbenefits.com
Software: nginx /
Resource Hash: d5b6e53c9833f0ab023135c4e3631a86d714c4b580b26c2ea979973ebb521a2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rxbenefits.com/prior-authorization-form/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 12:30:54 GMT
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 13:29:33 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=10368000
expires: max-age=A10368000, public

GET
H2 200 rbtools.min.js Show response
www.rxbenefits.com/wp-content/plugins/revslider/public/assets/js/ 162 KB
61 KB 257ms
242ms Script
application/javascript 69.16.196.30
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rxbenefits.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.6.14
Requested by: Host: www.rxbenefits.com
URL: https://www.rxbenefits.com/prior-authorization-form/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 69.16.196.30 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: rxbenefits.com
Software: nginx /
Resource Hash: 52984e532d02a87a060764ff400626a1b81cc316284a8ba1feab5d94697119a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rxbenefits.com/prior-authorization-form/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 12:30:54 GMT
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 13:29:33 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=10368000
expires: max-age=A10368000, public

GET
H2 200 rs6.min.js Show response
www.rxbenefits.com/wp-content/plugins/revslider/public/assets/js/ 406 KB
107 KB 280ms
266ms Script
application/javascript 69.16.196.30
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rxbenefits.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.6.14
Requested by: Host: www.rxbenefits.com
URL: https://www.rxbenefits.com/prior-authorization-form/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 69.16.196.30 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: rxbenefits.com
Software: nginx /
Resource Hash: f85a4765ca58d5d6346e9252f8216f7f43740b1a6f7878684e952be7ce7f169f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rxbenefits.com/prior-authorization-form/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 12:30:54 GMT
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 13:29:33 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=10368000
expires: max-age=A10368000, public

GET
H2 200 featherlight.min.js Show response
www.rxbenefits.com/wp-content/themes/rxbenefits/public/scripts/ 9 KB
4 KB 137ms
136ms Script
application/javascript 69.16.196.30
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rxbenefits.com/wp-content/themes/rxbenefits/public/scripts/featherlight.min.js?ver=1688159955
Requested by: Host: www.rxbenefits.com
URL: https://www.rxbenefits.com/prior-authorization-form/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 69.16.196.30 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: rxbenefits.com
Software: nginx /
Resource Hash: fd21104dc97db6fc980c0f12ba157f3cc9fddac84dde4367f02f6f9db05c13d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rxbenefits.com/prior-authorization-form/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 12:30:54 GMT
content-encoding: gzip
last-modified: Thu, 18 May 2023 21:48:39 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=10368000
expires: max-age=A10368000, public

GET
H2 200 site.js Show response
www.rxbenefits.com/wp-content/themes/rxbenefits/public/scripts/ 277 KB
90 KB 147ms
133ms Script
application/javascript 69.16.196.30
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rxbenefits.com/wp-content/themes/rxbenefits/public/scripts/site.js?ver=1688159955
Requested by: Host: www.rxbenefits.com
URL: https://www.rxbenefits.com/prior-authorization-form/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 69.16.196.30 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: rxbenefits.com
Software: nginx /
Resource Hash: f41738738cee22fa0cdd3e98ea4c29587a2200949aa6c2839c1b0392ab034723

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rxbenefits.com/prior-authorization-form/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 12:30:54 GMT
content-encoding: gzip
last-modified: Fri, 30 Jun 2023 14:25:32 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=10368000
expires: max-age=A10368000, public

GET
H2 200 new-tab.js Show response
www.rxbenefits.com/wp-content/plugins/page-links-to/dist/ 24 KB
9 KB 163ms
148ms Script
application/javascript 69.16.196.30
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rxbenefits.com/wp-content/plugins/page-links-to/dist/new-tab.js?ver=3.3.6
Requested by: Host: www.rxbenefits.com
URL: https://www.rxbenefits.com/prior-authorization-form/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 69.16.196.30 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: rxbenefits.com
Software: nginx /
Resource Hash: d455ab882af3a742e6c9680578e6a590681bda99e34847f550f1f41a7d167969

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rxbenefits.com/prior-authorization-form/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 12:30:54 GMT
content-encoding: gzip
last-modified: Tue, 21 Dec 2021 15:45:37 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=10368000
expires: max-age=A10368000, public

GET
H2 200 print.css
www.rxbenefits.com/wp-content/themes/rxbenefits/public/styles/ 73 KB
14 KB 272ms
261ms Stylesheet
text/css 69.16.196.30
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rxbenefits.com/wp-content/themes/rxbenefits/public/styles/print.css?ver=1688159955
Requested by: Host: www.rxbenefits.com
URL: https://www.rxbenefits.com/prior-authorization-form/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 69.16.196.30 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: rxbenefits.com
Software: nginx /
Resource Hash: b30e23825444f92fcac0831097163e660f64091b03d5267afe7789f5aec983d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rxbenefits.com/prior-authorization-form/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 12:30:54 GMT
content-encoding: gzip
last-modified: Fri, 30 Jun 2023 21:19:15 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=10368000
expires: max-age=A10368000, public

POST
H2 204 collect
region1.analytics.google.com/g/ 0
256 B 85ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-GB90MG60DW&gtm=45je37a0&_p=368308344&_gaz=1&gdid=dZGIzZG&cid=260282775.1689251455&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1689251454&sct=1&seg=0&dl=https%3A%2F%2Fwww.rxbenefits.com%2Fprior-authorization-form%2F&dt=Prior%20Authorization%20Form%20Download%20%7C%20RxBenefits&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.anonymize_ip=true&ep.link_attribution=true
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GB90MG60DW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rxbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 12:30:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.rxbenefits.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
256 B 89ms
27ms Ping
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-GB90MG60DW&cid=260282775.1689251455&gtm=45je37a0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GB90MG60DW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rxbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 12:30:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.rxbenefits.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 103ms
43ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GB90MG60DW&cid=260282775.1689251455&gtm=45je37a0&aip=1&z=218872622

Requested by

Host: www.rxbenefits.com
URL: https://www.rxbenefits.com/prior-authorization-form/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rxbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 12:30:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hotjar-1548799.js Show response
static.hotjar.com/c/ 9 KB
4 KB 113ms
53ms Script
application/javascript 18.66.97.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1548799.js?sv=6

Requested by

Host: www.rxbenefits.com
URL: https://www.rxbenefits.com/prior-authorization-form/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-49.fra56.r.cloudfront.net

Software

Resource Hash

fae53d8b4105914aebe95c3997bcb1f5c1a3bab6612636d7a5427f6292338c51

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rxbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 13 Jul 2023 12:30:55 GMT
via: 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/41e9907d76c035ae364eef1bc3b49a3d
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 47H1bJmuDklM0qaLd9CmlNOgbLha3rNiCsTRSNY7MxLp8_QPiy0NfA==

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 1 KB
701 B 81ms
23ms Script
application/x-javascript 2a02:26f0:480:f::213:7edd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.rxbenefits.com
URL: https://www.rxbenefits.com/prior-authorization-form/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

55023db66b5b5211f8416ea69c8786ef0ae48e1dc5a3a065869755dc1a1e2435

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rxbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 12:30:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 11 Jul 2023 13:15:12 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=63456
accept-ranges: bytes
content-length: 490

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 171 KB
47 KB 70ms
20ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.rxbenefits.com
URL: https://www.rxbenefits.com/prior-authorization-form/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2da988427b34614d705adbf808e2e61d91f67bf147db9049e34c99b3624171e8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rxbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 13 Jul 2023 12:30:55 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 46863
x-xss-protection: 0
pragma: public
x-fb-debug: HfZlWXgS5GszJ8BpWopZMwQVkrCQTnLqAomBPcuegoSZwLH6GX/LzP9/D53mzE90yZLC14rp2jy984ohqP+L2A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 120 KB
46 KB 58ms
46ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N62X6D4

Requested by

Host: www.rxbenefits.com
URL: https://www.rxbenefits.com/prior-authorization-form/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5ba3c78c274b6e779386e6f6f042dd973e748b878b91aa76467f9f356ca676a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rxbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 12:30:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46645
x-xss-protection: 0
last-modified: Thu, 13 Jul 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 13 Jul 2023 12:30:55 GMT

GET
H/1.1 200
OK 248440
bidagent.xad.com/conv/ 42 B
342 B 521ms
122ms Image
image/gif 35.153.195.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bidagent.xad.com/conv/248440?ts=1689251455128
Requested by: Host: www.rxbenefits.com
URL: https://www.rxbenefits.com/prior-authorization-form/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.153.195.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-153-195-87.compute-1.amazonaws.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rxbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 13 Jul 2023 12:30:55 GMT
Connection: keep-alive
Content-Length: 42
Content-Type: image/gif

GET
H2 200 ff68dbe882eb8bd5.min.js Show response
tag.demandbase.com/ 79 KB
21 KB 82ms
25ms Script
application/javascript 108.138.17.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.demandbase.com/ff68dbe882eb8bd5.min.js

Requested by

Host: www.rxbenefits.com
URL: https://www.rxbenefits.com/prior-authorization-form/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.87 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-87.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

6ee77884e86892c921ea756f4929eac2c19cca805aaaa65ad036350bdf8c5598

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rxbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: JcgsUCjxjv_d.K0Gv.f51kt66vca7VKo
content-encoding: gzip
via: 1.1 4a95385e61c9df8f5f8de6338a3fe59a.cloudfront.net (CloudFront)
date: Thu, 13 Jul 2023 11:54:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P7
age: 2204
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 26 Jun 2023 22:25:11 GMT
server: AmazonS3
etag: W/"aa2a007357c7fa68829fc38c5b5bccaf"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-id: eCbVNDT5DiuZZeJo8lghc3-2XUUPwTyMO_hCh8x-nfVLu7cS3xYcSQ==

GET
H2 200 api.min.js Show response
a.omappapi.com/app/js/ 49 KB
18 KB 130ms
38ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.js
Requested by: Host: www.rxbenefits.com
URL: https://www.rxbenefits.com/prior-authorization-form/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: b0e1957ef268cbd25ce51dfda7e692ae541e120fd70c2dbf78401cc1f0c00248

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rxbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 12:30:55 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-575
cdn-cachedat: 07/13/2023 04:00:20
cdn-pullzone: 293267
last-modified: Tue, 11 Jul 2023 19:52:54 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 383
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"64adb316-c29e"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: e4d72a54d311ea8d2cd798842e8fab1d
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 roboto-latin-400-normal.woff2
fonts.bunny.net/roboto/files/ 15 KB
16 KB 114ms
56ms Font
font/woff2 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.bunny.net/roboto/files/roboto-latin-400-normal.woff2
Requested by: Host: fonts.bunny.net
URL: https://fonts.bunny.net/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Request headers

Referer: https://fonts.bunny.net/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap
Origin: https://www.rxbenefits.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 12:30:55 GMT
cdn-edgestorageid: 1081
cdn-storageserver: DE-577
cdn-cachedat: 07/10/2023 11:47:06
cdn-pullzone: 781720
content-length: 15744
last-modified: Thu, 06 Jul 2023 08:12:05 GMT
server: BunnyCDN-DE1-1081
cdn-fileserver: 634
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: "64a67755-3d80"
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
cdn-requestid: 03d39012e5717bf8a0da11828a2ba933
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 roboto-latin-700-normal.woff2
fonts.bunny.net/roboto/files/ 15 KB
16 KB 124ms
67ms Font
font/woff2 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.bunny.net/roboto/files/roboto-latin-700-normal.woff2
Requested by: Host: fonts.bunny.net
URL: https://fonts.bunny.net/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Request headers

Referer: https://fonts.bunny.net/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap
Origin: https://www.rxbenefits.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 12:30:55 GMT
cdn-edgestorageid: 1080
cdn-storageserver: DE-574
cdn-cachedat: 07/10/2023 11:47:06
cdn-pullzone: 781720
content-length: 15860
last-modified: Thu, 06 Jul 2023 05:47:15 GMT
server: BunnyCDN-DE1-1081
cdn-fileserver: 650
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: "64a65563-3df4"
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
cdn-requestid: e383ffa35bcfa5975f5fd5510e6ab7dd
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v6.4.0/webfonts/ 147 KB
148 KB 70ms
28ms Font
font/woff2 2606:4700:e2::ac40:850f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v6.4.0/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v6.4.0/css/all.css?ver=6.4.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880

Request headers

Referer: https://use.fontawesome.com/releases/v6.4.0/css/all.css?ver=6.4.0
Origin: https://www.rxbenefits.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 12:30:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: V5ZZCVAPW685CB4J
age: 574784
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 150124
x-amz-id-2: /gzmusn+mgJDDB1KqKeWi78M2cADcrY9/p78mVb1zkDitUdaEfvDnN/cFewxZMrYjgP9H7z5B9o=
last-modified: Fri, 24 Mar 2023 15:16:38 GMT
server: cloudflare
etag: "c64278386c2bbb5e293e11b94ca2f6d1"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Qji9kctgveBj3wlZVEYyj9tYRDOm7%2FVYElgfA34YULbkYsnuV9TWgs1JQNBX9DAwn2o%2F5oQTzmPYv%2B1%2BLwRCUEJzTjnDHTT1hY05KziD7bTrctCTa6e0WXQyue%2FyRd4vJDoUDX%2FpQL7ylqGs18JQ%2FZ5"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7e618a3b1f231e64-FRA

GET
H2 200 roboto-latin-900-normal.woff2
fonts.bunny.net/roboto/files/ 15 KB
16 KB 135ms
78ms Font
font/woff2 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.bunny.net/roboto/files/roboto-latin-900-normal.woff2
Requested by: Host: fonts.bunny.net
URL: https://fonts.bunny.net/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Request headers

Referer: https://fonts.bunny.net/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap
Origin: https://www.rxbenefits.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 12:30:55 GMT
cdn-edgestorageid: 1082
cdn-storageserver: DE-164
cdn-cachedat: 07/10/2023 11:47:06
cdn-pullzone: 781720
content-length: 15752
last-modified: Thu, 06 Jul 2023 09:07:44 GMT
server: BunnyCDN-DE1-1081
cdn-fileserver: 656
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: "64a68460-3d88"
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
cdn-requestid: 9f670a8d24d8996ce276f8d3dd16bee8
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Prompt-PA-status-e1640209990963-1600x637.png
www.rxbenefits.com/wp-content/uploads/2021/12/ 104 KB
104 KB 230ms
230ms Image
image/png 69.16.196.30
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rxbenefits.com/wp-content/uploads/2021/12/Prompt-PA-status-e1640209990963-1600x637.png
Requested by: Host: www.rxbenefits.com
URL: https://www.rxbenefits.com/prior-authorization-form/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 69.16.196.30 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: rxbenefits.com
Software: nginx /
Resource Hash: 3a2dabce19baa347acbf99914a99d2c4d59cb513a0b38774c86131a75c07f8ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rxbenefits.com/prior-authorization-form/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 12:30:54 GMT
last-modified: Fri, 12 May 2023 16:27:15 GMT
server: nginx
content-type: image/png
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 106296
expires: max-age=A10368000, public

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 315 KB
102 KB 52ms
52ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3M0KGH98T2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N62X6D4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

495288ee3200599f4233761ec1e7fac874675d6a7c45fc15b794faed1b99338d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rxbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 12:30:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 103905
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 13 Jul 2023 12:30:55 GMT

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 22ms
22ms Script
application/x-javascript 2a02:26f0:480:f::213:7edd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

87ca2d8adbd10be0e5e89784dbb7aa8bb67f77247471f437e6af535009955f8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rxbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 12:30:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 11 Jul 2023 13:00:15 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=57045
accept-ranges: bytes
content-length: 4807

GET
H2 200 sync Show response
s.company-target.com/s/ Frame 7212 634 B
977 B 160ms
108ms Document
text/html 34.96.71.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.company-target.com/s/sync?exc=lr
Requested by: Host: tag.demandbase.com
URL: https://tag.demandbase.com/ff68dbe882eb8bd5.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.71.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.71.96.34.bc.googleusercontent.com
Software: /
Resource Hash: 72baaf6edb76f99a440fbf3c71768035fa4d551b85d8607a79e6ccc91ea8341b

Request headers

Referer: https://www.rxbenefits.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-methods: GET,OPTIONS
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 634
content-type: text/html; charset=UTF-8
date: Thu, 13 Jul 2023 12:30:55 GMT
via: 1.1 google

GET
H2 451 464526.gif
id.rlcdn.com/ 0
98 B 87ms
29ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/464526.gif
Requested by: Host: www.rxbenefits.com
URL: https://www.rxbenefits.com/prior-authorization-form/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rxbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 12:30:55 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 ip.json Show response
api.company-target.com/api/v2/ 3 KB
1 KB 121ms
66ms XHR
application/json 18.66.97.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fwww.rxbenefits.com%2Fprior-authorization-form%2F&page_title=Prior%20Authorization%20Form%20Download%20%7C%20RxBenefits
Requested by: Host: tag.demandbase.com
URL: https://tag.demandbase.com/ff68dbe882eb8bd5.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-20.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 593a62762efcc4a6707b33b60575853fdadb07bef263a1d1f9ac0fb647acb8e9

Request headers

Referer: https://www.rxbenefits.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 13 Jul 2023 12:30:55 GMT
identification-source: CENTRAL
content-encoding: gzip
via: 1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
request-id: 4127d24b-c170-437b-9f54-6a21023dfd16
pragma: no-cache
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.rxbenefits.com
access-control-expose-headers: x-amz-cf-id
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding, Origin
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: jUY7AtblpK2XD-lnxQ_R9qDorwU8UG3EHww_X3-ACl7J2q0aZzAKWw==
expires: Wed, 12 Jul 2023 12:30:55 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/1365658/domain/rxbenefits.com/ 36 B
369 B 295ms
177ms XHR
application/json 2600:9000:2553:1a00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/1365658/domain/rxbenefits.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2553:1a00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.rxbenefits.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 12:30:55 GMT
content-encoding: gzip
via: 1.1 d19a309213e108dd59feb1e9cce6c160.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P5
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=25427
x-amz-cf-id: SoVV-rxWpFSIobTVhRehrUMw6frLRJu_k2xytSXjBqEKdc3eRc3N4w==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1365658&time=1689251455233&url=https%3A%2F%2Fwww.rxbenefits.com%2Fprior-authorization-form%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1365658&time=1689251455233&url=https%3A%2F%2Fwww.rxbenefits.com%2Fprior-authorization-form%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1365658%26time%3D1689251455233%26url%3Dhttps%253A%252F%252Fwww.rxbenefits.com%252...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1365658&time=1689251455233&url=https%3A%2F%2Fwww.rxbenefits.com%2Fprior-authorization-form%2F&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1365658&time=1689251455233&url=https%3A%2F%2Fwww.rxbenefits.com%2Fprior-authorization-form%2F&cookiesTest=true&liSync=true&e_ipv6=AQJP8rhX7JeBcAA...

0
265 B

260ms
196ms

Image
application/javascript

13.107.43.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1365658&time=1689251455233&url=https%3A%2F%2Fwww.rxbenefits.com%2Fprior-authorization-form%2F&cookiesTest=true&liSync=true&e_ipv6=AQJP8rhX7JeBcAAAAYlPO6P0KWFY0odr6EL4b7RZUqR3yC3DN4GChm-Yq1NQvzriSVidAqVoQD1zU55Fp5AfknyKHkg
Requested by: Host: www.rxbenefits.com
URL: https://www.rxbenefits.com/prior-authorization-form/
Protocol: H2
Server: 13.107.43.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rxbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 12:30:55 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: AFF2DAB74F2548C59CA7F959C1296779 Ref B: VIEEDGE3013 Ref C: 2023-07-13T12:30:56Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYAXYD8FQ8n8isXNsT7KQ==

Redirect headers

date: Thu, 13 Jul 2023 12:30:55 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 8010EFC8E4234D219B14985507FA478C Ref B: FRAEDGE1105 Ref C: 2023-07-13T12:30:55Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1365658&time=1689251455233&url=https%3A%2F%2Fwww.rxbenefits.com%2Fprior-authorization-form%2F&cookiesTest=true&liSync=true&e_ipv6=AQJP8rhX7JeBcAAAAYlPO6P0KWFY0odr6EL4b7RZUqR3yC3DN4GChm-Yq1NQvzriSVidAqVoQD1zU55Fp5AfknyKHkg
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYAXYD4PyIJNhwers76Cw==

GET
H2 200 405508670137564 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 89ms
89ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/405508670137564?v=2.9.111&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9f111958bfed6b75bc2a6919dff15723af54ce70b28278fc7d01b0cb11c7d685

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rxbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 13 Jul 2023 12:30:55 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: I1E+ybML8DJaQsCBoPGi9YneZLzmk6tPiAfQHwBcxbFVLyRqnPlYJMDcxBVYu00PudhK93Bl0bOOjLVIjotgfQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 modules.fba0c9b2e1c5e125e170.js Show response
script.hotjar.com/ 270 KB
69 KB 81ms
23ms Script
application/javascript 52.222.236.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.fba0c9b2e1c5e125e170.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1548799.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.74 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-74.fra56.r.cloudfront.net

Software

Resource Hash

4e930b31445643295bfd2cfaeeaba015e08766fd8b7ff3b61db88003ad6720a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rxbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 07:23:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 bb3ac1595bb014e3b09608a0358d33da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 277668
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 70330
last-modified: Mon, 10 Jul 2023 07:22:19 GMT
etag: "0054d18e8d659772b0e915a12ecd8b15"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: cxRhe5zpF8halsLB1oLuK5qtRmTafKbCfzIYzeFVUPhGoDL5WDIGcw==

GET
H2 200 api.min.css
a.omappapi.com/app/js/ 10 KB
3 KB 46ms
46ms Stylesheet
text/css 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.css
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: e7225ca84f3cd329c5e5a1da414ffcca6cb6074292d03edd97e90157b4998395

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rxbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 12:30:55 GMT
content-encoding: br
cdn-edgestorageid: 1082
perma-cache: HIT
cdn-storageserver: DE-51
cdn-cachedat: 07/13/2023 04:00:20
cdn-pullzone: 293267
last-modified: Tue, 11 Jul 2023 19:53:10 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 382
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"64adb326-2644"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 67dc363180015534eee07ffb82c5e82e
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 256590 Show response
api.omappapi.com/v2/embed/ 227 B
826 B 194ms
113ms XHR
application/json 18.66.112.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.omappapi.com/v2/embed/256590?d=rxbenefits.com
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-67.fra56.r.cloudfront.net
Software: Pagely Gateway/1.5.1 /
Resource Hash: 5aa4142a40b5a1e0cdee8d5416c145c0e3d8b785254a566b5393069dcd2e0de8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rxbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 12:30:55 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-cache-config: 0 0
x-amz-cf-pop: FRA56-P5
x-cache-status: HIT
x-cache: Miss from cloudfront
content-length: 227
x-optinmonster-account: 273954
x-user-agent: standard--
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Pagely Gateway/1.5.1
etag: "b91e5dc54e033e761837b7b846da520f"
vary: Accept-Encoding, User-Agent
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: X-OptinMonster-Account, X-User-Agent
cache-control: public, max-age=30, stale-while-revalidate=1800
access-control-allow-headers: X-CSRF-Token
x-amz-cf-id: xrf0OS6htnif1GfMQ_Xv1F6Jy0on-VPVDhI_3p59w_Cbm1wASkFhTw==
expires: Thu, 13 Jul 2023 12:12:09 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/718052492/ 3 KB
2 KB 115ms
61ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/718052492/?random=1689251455358&cv=11&fst=1689251455358&bg=ffffff&guid=ON&async=1&gtm=45je37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.rxbenefits.com%2Fprior-authorization-form%2F&hn=www.googleadservices.com&frm=0&tiba=Prior%20Authorization%20Form%20Download%20%7C%20RxBenefits&auid=1864281392.1689251455&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3M0KGH98T2&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13e407abff70a40ee618832c0739ef853b55c2f69364b58cf5f00e356601ac5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rxbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 12:30:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1341
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 29ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-3M0KGH98T2&gtm=45je37a0&_p=368308344&_gaz=1&cid=260282775.1689251455&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1689251455&sct=1&seg=0&dl=https%3A%2F%2Fwww.rxbenefits.com%2Fprior-authorization-form%2F&dt=Prior%20Authorization%20Form%20Download%20%7C%20RxBenefits&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3M0KGH98T2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rxbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 12:30:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.rxbenefits.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
45 B 28ms
27ms Ping
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3M0KGH98T2&cid=260282775.1689251455&gtm=45je37a0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3M0KGH98T2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rxbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 12:30:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.rxbenefits.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 29ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-1WFJ0MVYBH&gtm=45je37a0&_p=368308344&cid=260282775.1689251455&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1689251455&sct=1&seg=0&dl=https%3A%2F%2Fwww.rxbenefits.com%2Fprior-authorization-form%2F&dt=Prior%20Authorization%20Form%20Download%20%7C%20RxBenefits&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3M0KGH98T2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rxbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 12:30:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.rxbenefits.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 44ms
43ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3M0KGH98T2&cid=260282775.1689251455&gtm=45je37a0&aip=1&z=1185373980

Requested by

Host: www.rxbenefits.com
URL: https://www.rxbenefits.com/prior-authorization-form/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rxbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 12:30:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bg9s Show response
tag-logger.demandbase.com/ 0
420 B 440ms
395ms XHR
text/html 2600:9000:2490:c800:1d:8d6d:3b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag-logger.demandbase.com/bg9s?x-amz-cf-id=jUY7AtblpK2XD-lnxQ_R9qDorwU8UG3EHww_X3-ACl7J2q0aZzAKWw==&api-version=v2
Requested by: Host: tag.demandbase.com
URL: https://tag.demandbase.com/ff68dbe882eb8bd5.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:c800:1d:8d6d:3b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rxbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: 8SdDCdpJvGjkSiMFPv08XcVSgwOMVVmH
date: Thu, 13 Jul 2023 09:38:23 GMT
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 33650
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
content-length: 0
last-modified: Tue, 07 Mar 2023 20:47:02 GMT
server: AmazonS3
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: KHQHvkZDeRp_gO77Za73Jvja14RlriTLCu3OwNPuAHjklnhO7_eyDg==

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7212
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1705149055&external_user_id=7086c3c3-fcfb-4ed1-969b-7aa9827dde97
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1705149055&external_user_id=7086c3c3-fcfb-4ed1-969b-7aa9827dde97&C=1

43 B
766 B

34ms
34ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1705149055&external_user_id=7086c3c3-fcfb-4ed1-969b-7aa9827dde97&C=1
Requested by: Host: s.company-target.com
URL: https://s.company-target.com/s/sync?exc=lr
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 13 Jul 2023 12:30:55 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 13 Jul 2023 12:30:55 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=18&expiry=1705149055&external_user_id=7086c3c3-fcfb-4ed1-969b-7aa9827dde97&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H2 200 sync
partners.tremorhub.com/ Frame 7212 43 B
393 B 325ms
104ms Image
image/gif 2600:1f18:612b:4200:b1d8:3816:2eb5:b94e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIDM=7086c3c3-fcfb-4ed1-969b-7aa9827dde97
Requested by: Host: s.company-target.com
URL: https://s.company-target.com/s/sync?exc=lr
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:b1d8:3816:2eb5:b94e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Thu, 13 Jul 2023 12:30:55 GMT
server: nginx
content-type: image/gif

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 7212 0
239 B 113ms
23ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?nid=5578&put=7086c3c3-fcfb-4ed1-969b-7aa9827dde97&v=1181926
Requested by: Host: s.company-target.com
URL: https://s.company-target.com/s/sync?exc=lr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 bf.min.js Show response
cdn.brandfolder.com/ 8 KB
3 KB 131ms
20ms Script
text/javascript 18.66.112.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brandfolder.com/bf.min.js
Requested by: Host: www.rxbenefits.com
URL: https://www.rxbenefits.com/prior-authorization-form/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-126.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1689f73e54455e9cc7e976a5c50887309f500b369927b0b6993fc19024dce7ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rxbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 19 May 2023 05:41:35 GMT
content-encoding: gzip
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
last-modified: Sun, 24 Feb 2019 22:33:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 4776561
etag: W/"2f062e481eb0e5cffcfb83593bff74a1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000
x-amz-cf-id: cRujsyJdczDWUsSukesLARO6z2E6s6ndZsv7ggGrWl7rFJpGeod7WA==

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1548799/ 148 B
322 B 156ms
51ms XHR
application/json 52.30.242.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1548799/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.fba0c9b2e1c5e125e170.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.30.242.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-242-134.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 76dd5024f59224f7b30edc12726bcc0fbacb94b75e906d8ca208ce4e827c75f4

Request headers

Referer: https://www.rxbenefits.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Thu, 13 Jul 2023 12:30:55 GMT
content-encoding: br
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 68ms
20ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=405508670137564&ev=PageView&dl=https%3A%2F%2Fwww.rxbenefits.com%2Fprior-authorization-form%2F&rl=&if=false&ts=1689251455505&sw=1600&sh=1200&v=2.9.111&r=stable&ec=0&o=30&fbp=fb.1.1689251455504.534239383&it=1689251455243&coo=false&rqm=GET

Requested by

Host: www.rxbenefits.com
URL: https://www.rxbenefits.com/prior-authorization-form/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rxbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 13 Jul 2023 12:30:55 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 5.9b50a2cb.min.js Show response
a.omappapi.com/app/js/ 14 KB
5 KB 36ms
36ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/5.9b50a2cb.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: b496cf13b59abf96a1cad8d55936efa429b138820e3ff2dcd6c82df558d95efa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rxbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 12:30:55 GMT
content-encoding: br
cdn-edgestorageid: 1081
perma-cache: HIT
cdn-storageserver: DE-570
cdn-cachedat: 07/13/2023 04:00:20
cdn-pullzone: 293267
last-modified: Fri, 07 Jul 2023 21:09:51 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 588
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"64a87f1f-3683"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 8b396313e0f5bad64e01374e0c410faf
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 /
www.google.com/pagead/1p-user-list/718052492/ 42 B
455 B 88ms
38ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/718052492/?random=1689251455358&cv=11&fst=1689249600000&bg=ffffff&guid=ON&async=1&gtm=45je37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.rxbenefits.com%2Fprior-authorization-form%2F&frm=0&tiba=Prior%20Authorization%20Form%20Download%20%7C%20RxBenefits&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1786411464&rmt_tld=0&ipr=y

Requested by

Host: www.rxbenefits.com
URL: https://www.rxbenefits.com/prior-authorization-form/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rxbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 12:30:55 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/718052492/ 42 B
64 B 33ms
33ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/718052492/?random=1689251455358&cv=11&fst=1689249600000&bg=ffffff&guid=ON&async=1&gtm=45je37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.rxbenefits.com%2Fprior-authorization-form%2F&frm=0&tiba=Prior%20Authorization%20Form%20Download%20%7C%20RxBenefits&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1786411464&rmt_tld=1&ipr=y

Requested by

Host: www.rxbenefits.com
URL: https://www.rxbenefits.com/prior-authorization-form/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rxbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 12:30:55 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
content.hotjar.io/ 56 B
161 B 190ms
91ms XHR
application/json 63.35.129.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?gzip=1
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.fba0c9b2e1c5e125e170.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 63.35.129.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-129-12.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6c7902c08e8da746f88e5876bf53e70b0c78dfb9ad556452b45f99bd233c8cb3

Request headers

Referer: https://www.rxbenefits.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 13 Jul 2023 12:30:55 GMT
content-length: 56
vary: Origin
content-type: application/json

POST
H2 200 / Show response
www.facebook.com/tr/ Frame C1E2 0
74 B 20ms
19ms Document
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.rxbenefits.com
URL: https://www.rxbenefits.com/prior-authorization-form/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.rxbenefits.com
Referer: https://www.rxbenefits.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.rxbenefits.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 13 Jul 2023 12:30:56 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H/1.1 200
OK messenger Show response
app.qualified.com/w/1/7fRq5qnG4SdQfhKS/ Frame E310 7 KB
3 KB 425ms
147ms Document
text/html 34.202.194.185
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.qualified.com/w/1/7fRq5qnG4SdQfhKS/messenger?uuid=b888a691-d3bc-4559-9329-95e5bb838610

Requested by

Host: js.qualified.com
URL: https://js.qualified.com/qualified.js?token=7fRq5qnG4SdQfhKS

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.202.194.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-202-194-185.compute-1.amazonaws.com

Software

Resource Hash

f9246fd0fe78f2c2cc0d1cb37943ac906d2be5223c5a8876c27d4f834e125816

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.rxbenefits.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, private, must-revalidate
Content-Encoding: gzip
Content-Length: 1806
Content-Security-Policy
Content-Type: text/html; charset=utf-8
Date: Thu, 13 Jul 2023 12:30:56 GMT
Etag: W/"f9246fd0fe78f2c2cc0d1cb37943ac90"
Link: <https://assets.qualified.com/packs/css/vendors~widget/sandboxed/messenger-94e6eccc.chunk.css>; rel=preload; as=style; nopush,<https://assets.qualified.com/packs/css/widget/sandboxed/messenger-84a66aeb.chunk.css>; rel=preload; as=style; nopush
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=63072000; includeSubDomains
Vary: Accept-Encoding
Via: 1.1 spaces-router (devel)
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: dd8bc6f6-880d-c0a8-6fd8-db6aa5796137
X-Runtime: 0.019594
X-Xss-Protection: 1; mode=block

GET
H2 200 messenger-94e6eccc.chunk.css
assets.qualified.com/packs/css/vendors~widget/sandboxed/ Frame E310 35 KB
7 KB 30ms
29ms Stylesheet
text/css 2606:4700::6812:1005
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/css/vendors~widget/sandboxed/messenger-94e6eccc.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1005 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb3487cae40a55bf31dc6e6191ab0d88ec8c8f85c62bf28ad25ad0a40c16a611

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.qualified.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 12:30:56 GMT
x-amz-version-id: pW4oZk56_cZoM3p5nVORTV5h8aVxMTFP
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: NDXEKETD9CNZTENQ
age: 2908
x-amz-server-side-encryption: AES256
x-amz-id-2: +kRf72J0e7K69t7PvyeMMd3skyMn4hmp4wHftz0eSqf/EFyospAMforJddtxVYA9VHKOMtK+sic=
last-modified: Fri, 07 Apr 2023 23:58:38 GMT
server: cloudflare
etag: W/"a788ecf510f83ee517cbaf79306145dd"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 7e618a462e679a41-FRA
expires: Thu, 13 Jul 2023 16:30:56 GMT

GET
H2 200 messenger-84a66aeb.chunk.css
assets.qualified.com/packs/css/widget/sandboxed/ Frame E310 5 KB
1 KB 28ms
27ms Stylesheet
text/css 2606:4700::6812:1005
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/css/widget/sandboxed/messenger-84a66aeb.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1005 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ec35ab99388f6afab345622a22772619b83b7d63705d98df3c404da782fcabb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.qualified.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 12:30:56 GMT
x-amz-version-id: 5Ydu6k4rPSG3QXcV_n2ryczMueyoFhYW
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Jan 2023 23:05:35 GMT
server: cloudflare
x-amz-request-id: 0H6CRDXNHH647F2N
age: 713
etag: W/"22d5f23e695250d3c5a5b1e76a015c5e"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 7e618a462e659a41-FRA
x-amz-id-2: rgn5P6CR8m+rf3P03WxBD6f0A3s75us0cIGzLusOeSJLRNmmksDkjKFiVjH/czeIIGLM4GOsUqU=
expires: Thu, 13 Jul 2023 16:30:56 GMT

GET
H2 200 messenger~runtime-e5ece6e455ffaf40f1a9.js Show response
assets.qualified.com/packs/js/widget/sandboxed/ Frame E310 2 KB
2 KB 31ms
31ms Script
application/javascript 2606:4700::6812:1005
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/js/widget/sandboxed/messenger~runtime-e5ece6e455ffaf40f1a9.js
Requested by: Host: app.qualified.com
URL: https://app.qualified.com/w/1/7fRq5qnG4SdQfhKS/messenger?uuid=b888a691-d3bc-4559-9329-95e5bb838610
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1005 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 390e77f80d265ef25adeb50719497234ac4229a18ef3f8b89c786e1a2a3a8dde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.qualified.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 12:30:57 GMT
x-amz-version-id: k.SF6ZTw9befHg3KYHppzD1YPPG.IoJI
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: H8N0BZ9YWTZXW7AG
age: 6814
x-amz-server-side-encryption: AES256
x-amz-id-2: FZ6/H5HmEmbjuQ1FRxatMzuvoRwK+hP1C4WUfaRTZ2VZM3Dx0+Uns3f49AF4lDqv1uGEhMiwmek=
last-modified: Thu, 13 Jul 2023 02:32:53 GMT
server: cloudflare
etag: W/"5f696a513e7f7ee09a51111483ed4b59"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 7e618a463e749a41-FRA
expires: Thu, 13 Jul 2023 16:30:57 GMT

GET
H2 200 messenger-dc1faba70b19856e03a0.chunk.js Show response
assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/ Frame E310 1 MB
344 KB 33ms
32ms Script
application/javascript 2606:4700::6812:1005
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-dc1faba70b19856e03a0.chunk.js
Requested by: Host: app.qualified.com
URL: https://app.qualified.com/w/1/7fRq5qnG4SdQfhKS/messenger?uuid=b888a691-d3bc-4559-9329-95e5bb838610
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1005 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a2ebbacda61bb011d94e5e1f8024698a1fd35498813192ead4139ae076db0cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.qualified.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 12:30:57 GMT
x-amz-version-id: lF.IDsqBo9gHbXWwCXNY2C1V4kd5AgLA
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 6WQT58HV6ECWDK0M
age: 2495
x-amz-server-side-encryption: AES256
x-amz-id-2: UQBIEjnw1W8p28L7Vnqs0Y5IrUipo8cMEgNHnuOyNtGgnoML2XLyU19g6uuvb8Ub9q5ICT1I0ck=
last-modified: Mon, 10 Jul 2023 21:38:40 GMT
server: cloudflare
etag: W/"77481157f017949e7717c403aec51bda"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 7e618a463e769a41-FRA
expires: Thu, 13 Jul 2023 16:30:57 GMT

GET
H2 200 messenger-67a46eda59cedfa8bc33.chunk.js Show response
assets.qualified.com/packs/js/widget-sandboxed-chunks/widget/sandboxed/ Frame E310 611 KB
160 KB 31ms
31ms Script
application/javascript 2606:4700::6812:1005
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/widget/sandboxed/messenger-67a46eda59cedfa8bc33.chunk.js
Requested by: Host: app.qualified.com
URL: https://app.qualified.com/w/1/7fRq5qnG4SdQfhKS/messenger?uuid=b888a691-d3bc-4559-9329-95e5bb838610
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1005 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1af27dfc2b017fdef0aedffb2b734c2e9090aec2ab69716a9b75813f9168e5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.qualified.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 12:30:57 GMT
x-amz-version-id: .AWzjwdZHzlBwmps2g_4E17Bbs9WcmLF
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: H8N4J6EA429283V9
age: 6814
x-amz-server-side-encryption: AES256
x-amz-id-2: bzhHarkBFlD45as3m8ime3Smib48Rta15GyrNq+PTJiXzZ/CCB7vqHE+De0gBxcjl2N77GoVEW8=
last-modified: Thu, 13 Jul 2023 02:32:53 GMT
server: cloudflare
etag: W/"84007b60fb9433ff80a30d6f4aacbb51"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 7e618a465e979a41-FRA
expires: Thu, 13 Jul 2023 16:30:57 GMT

GET
H2 200 Inter-Regular-c8ba52b05a9ef10f47584d08ece2ec5c.woff2
assets.qualified.com/packs/media/fonts/inter/ Frame E310 97 KB
97 KB 77ms
28ms Font
font/woff2 2606:4700::6812:1005
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/media/fonts/inter/Inter-Regular-c8ba52b05a9ef10f47584d08ece2ec5c.woff2
Requested by: Host: app.qualified.com
URL: https://app.qualified.com/w/1/7fRq5qnG4SdQfhKS/messenger?uuid=b888a691-d3bc-4559-9329-95e5bb838610
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1005 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6

Request headers

Referer: https://app.qualified.com/
Origin: https://app.qualified.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 12:30:57 GMT
x-amz-version-id: jXsqttV3jbo_lpRq7eMHDLizApyErvrw
cf-cache-status: HIT
x-amz-request-id: 0E5FV3VFDS7EZCD8
age: 16453242
content-length: 98868
x-amz-id-2: dDmi9Fn6O9l4/pM+5qBITuYIwsKCYO1q068fOvCtxUkLyCW+bb5YveaJ1juQKriLnf+k2BZgRYU=
last-modified: Tue, 03 Jan 2023 23:04:40 GMT
server: cloudflare
etag: "dc131113894217b5031000575d9de002"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 7e618a468ee52c37-FRA
expires: Fri, 12 Jul 2024 18:30:57 GMT

GET
H2 200 Inter-SemiBold-b5f0f109bc88052d4000c58ca615671d.woff2
assets.qualified.com/packs/media/fonts/inter/ Frame E310 103 KB
104 KB 101ms
52ms Font
font/woff2 2606:4700::6812:1005
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/media/fonts/inter/Inter-SemiBold-b5f0f109bc88052d4000c58ca615671d.woff2
Requested by: Host: app.qualified.com
URL: https://app.qualified.com/w/1/7fRq5qnG4SdQfhKS/messenger?uuid=b888a691-d3bc-4559-9329-95e5bb838610
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1005 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 152261291c938aa5aad6a56d52b47ffcb893d1c0387e76d7f270a7382ff786d5

Request headers

Referer: https://app.qualified.com/
Origin: https://app.qualified.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 12:30:57 GMT
x-amz-version-id: jLsKP2myAiRxE9JQfLanII2ELZNkCTbI
cf-cache-status: HIT
x-amz-request-id: 0E5BTWQDQJHXFPC5
age: 16453241
content-length: 105804
x-amz-id-2: uAl5uA9DvNORZB9IFn4Yawt71MQinE4Uht450uhi6TEneKStvS9v5kU4DzqNvCM1iAKGmzFYTII=
last-modified: Tue, 03 Jan 2023 23:04:39 GMT
server: cloudflare
etag: "007ad31a53f4ab3f58ee74f2308482ce"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 7e618a468ee82c37-FRA
expires: Fri, 12 Jul 2024 18:30:57 GMT

POST
H2 200 / Show response
sentry.io/api/1332833/envelope/ Frame E310 2 B
292 B 208ms
138ms Fetch
application/json 35.186.247.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1332833/envelope/?sentry_key=b5158ee3382d49b28a864fb2b91bcaaf&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.11.1

Requested by

Host: assets.qualified.com
URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-dc1faba70b19856e03a0.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.247.156 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

156.247.186.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.qualified.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 13 Jul 2023 12:30:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H/1.1 200
OK 376782aff1279706f79543dcbc2f8ef71a448e8b1fec6e22bd68858a9c882fcc.png
qualified-production.s3.us-east-1.amazonaws.com/uploads/ Frame E310 8 KB
9 KB 376ms
125ms Image
image/png 52.217.117.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qualified-production.s3.us-east-1.amazonaws.com/uploads/376782aff1279706f79543dcbc2f8ef71a448e8b1fec6e22bd68858a9c882fcc.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.117.82 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-east-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 77eab169bd2ce45d4eb0aa80a98b7e67c2af64a37ca9dcfc8a7e0c65998c9e2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.qualified.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 13 Jul 2023 12:30:58 GMT
Last-Modified: Wed, 05 Aug 2020 16:47:16 GMT
Server: AmazonS3
x-amz-request-id: WPZCHPEQ833FHYC0
ETag: "e40f1b36510ff37ccfed217c9f6ee0cd"
Content-Type: image/png
Cache-Control: Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Length: 8527
x-amz-id-2: hjdqFBTh8K6QF8M067lYq2GmS4v3Xw1NdzAl0Ydu7ieZOo8U/8aseTtr6+E+jQa0JtrA3ONou1Y=

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rxbenefits.com/	1970-01-20 22:50:11	Name: _ga Value: GA1.1.260282775.1689251455
www.rxbenefits.com/	1970-01-20 22:50:11	Name: _omappvp Value: 51fDLUmgPHUE40DHLlkqHtJzZFM723p08U5LNGSevpsPY5McLcIi2jHxRi5V4dd3OKebsEI9p5bXYwZebqpvZkXgKGEnyVwD
www.rxbenefits.com/	1970-01-20 13:14:12	Name: _omappvs Value: 1689251455325
.rxbenefits.com/	1970-01-20 15:23:47	Name: _gcl_au Value: 1.1.1864281392.1689251455
.rxbenefits.com/	1970-01-20 22:50:11	Name: _ga_1WFJ0MVYBH Value: GS1.1.1689251455.1.0.1689251455.0.0.0
.company-target.com/	1970-01-20 22:50:11	Name: tuuid Value: 7086c3c3-fcfb-4ed1-969b-7aa9827dde97
.company-target.com/	1970-01-20 22:50:11	Name: tuuid_lu Value: 1689251455\|ix:0\|mctv:0\|rp:0
.linkedin.com/	1970-01-20 15:23:47	Name: li_sugr Value: 6e1e278f-d28a-4c19-aa2d-283c2310f092
.linkedin.com/	1970-01-20 21:59:47	Name: bcookie Value: "v=2&d699012b-9b07-49e0-8491-3149135456db"
.linkedin.com/	1970-01-20 13:15:37	Name: lidc Value: "b=TGST01:s=T:r=T:a=T:p=T:g=3091:u=1:x=1:i=1689251455:t=1689337855:v=2:sig=AQFTIo6gLUNX7-GdyCVuDy2zQahFQVlL"
.rxbenefits.com/	1970-01-20 21:59:47	Name: _hjSessionUser_1548799 Value: eyJpZCI6IjExNjdmOGQ2LTNmZGYtNTgyNS05YzAxLTY4YzVkOWMwMDk4NyIsImNyZWF0ZWQiOjE2ODkyNTE0NTU0NjEsImV4aXN0aW5nIjpmYWxzZX0=
.rxbenefits.com/	1970-01-20 13:14:13	Name: _hjFirstSeen Value: 1
.rxbenefits.com/	1970-01-20 13:14:11	Name: _hjIncludedInSessionSample_1548799 Value: 1
.rxbenefits.com/	1970-01-20 13:14:13	Name: _hjSession_1548799 Value: eyJpZCI6IjA4OWYyZGFlLWU2NTEtNDBmZi05NzM0LWVkYWI5NGEwMDM5NiIsImNyZWF0ZWQiOjE2ODkyNTE0NTU0NjksImluU2FtcGxlIjp0cnVlfQ==
.rxbenefits.com/	1970-01-20 13:14:13	Name: _hjAbsoluteSessionInProgress Value: 0
.doubleclick.net/	1970-01-20 13:14:12	Name: test_cookie Value: CheckForPermission
.rxbenefits.com/	1970-01-20 15:23:47	Name: _fbp Value: fb.1.1689251455504.534239383
.casalemedia.com/	1970-01-20 21:59:47	Name: CMID Value: ZK-uf1VsRxX68H.tyBCGagAA
.casalemedia.com/	1970-01-20 15:23:47	Name: CMPS Value: 5261
.casalemedia.com/	1970-01-20 15:23:47	Name: CMPRO Value: 5261
.rxbenefits.com/	1970-01-20 22:50:11	Name: _ga_3M0KGH98T2 Value: GS1.1.1689251455.1.0.1689251455.60.0.0
www.rxbenefits.com/	1970-01-20 13:15:37	Name: ln_or Value: eyIxMzY1NjU4IjoiZCJ9
.rxbenefits.com/	1970-01-20 22:50:11	Name: _ga_GB90MG60DW Value: GS1.1.1689251454.1.0.1689251455.59.0.0
.bidagent.xad.com/	1970-01-20 13:57:23	Name: xad-uid Value: NThkYjNhYWItNzk3Zi00M2E2LThkMjEtZTBlYTE2ZmIxYmQ1
.linkedin.com/	1970-01-20 13:57:23	Name: UserMatchHistory Value: AQIWlxX_DzrNbgAAAYlPO6J1ODRoIO6U3bfdF-QENmZFwJbbxdM6TdmrIolGRy3ZCtTTB2pEc3ywKA
.linkedin.com/	1970-01-20 13:57:23	Name: AnalyticsSyncHistory Value: AQIJkaaUhDI8jQAAAYlPO6J1bVNQYOZiH7Vz-TxWBlM44okvUg4Q5UkT176Ec_7nvgTG7TjxfFuBtT_KFBqkAQ
.tremorhub.com/	1970-01-20 22:00:08	Name: tvid Value: 2b9cceadfdc74b30bd9d204798c94888
.tremorhub.com/	1970-01-20 22:50:11	Name: tv_UIDM Value: 7086c3c3-fcfb-4ed1-969b-7aa9827dde97
.www.linkedin.com/	1970-01-20 21:59:47	Name: bscookie Value: "v=1&202307131230559debbfda-9e2e-425b-881e-f7121e918213AQFetB_xppl-zoGd9s529ppAJaO-ZALp"
.linkedin.com/	1970-01-20 17:33:23	Name: li_gc Value: MTswOzE2ODkyNTE0NTU7MjswMjE2oSmME1/Vt+DYaGtXoyiChwuqFuETmh+d8CIUdbnHEQ==
.rxbenefits.com/	1970-01-20 22:50:11	Name: __q_state_7fRq5qnG4SdQfhKS Value: eyJ1dWlkIjoiYjg4OGE2OTEtZDNiYy00NTU5LTkzMjktOTVlNWJiODM4NjEwIiwiY29va2llRG9tYWluIjoicnhiZW5lZml0cy5jb20iLCJtZXNzZW5nZXJFeHBhbmRlZCI6ZmFsc2UsInByb21wdERpc21pc3NlZCI6ZmFsc2UsImNvbnZlcnNhdGlvbklkIjoiMTE3OTU0NTI0OTIxNzM5NzUyMiJ9

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://vidassets.terminus.services/4749152a-b768-4dc9-bc3e-6b0dfa4c7e69/t.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://id.rlcdn.com/464526.gif Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.omappapi.com
api.company-target.com
api.omappapi.com
app.qualified.com
assets.qualified.com
bidagent.xad.com
cdn.brandfolder.com
cdn.linkedin.oribi.io
connect.facebook.net
content.hotjar.io
dsum-sec.casalemedia.com
fonts.bunny.net
googleads.g.doubleclick.net
id.rlcdn.com
in.hotjar.com
js.qualified.com
partners.tremorhub.com
pixel.rubiconproject.com
px.ads.linkedin.com
px4.ads.linkedin.com
qualified-production.s3.us-east-1.amazonaws.com
region1.analytics.google.com
region1.google-analytics.com
s.company-target.com
script.hotjar.com
sentry.io
snap.licdn.com
static.hotjar.com
stats.g.doubleclick.net
tag-logger.demandbase.com
tag.demandbase.com
use.fontawesome.com
vidassets.terminus.services
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
www.rxbenefits.com
108.138.17.87
13.107.43.14
18.66.112.126
18.66.112.67
18.66.97.20
18.66.97.49
185.80.39.216
2001:4860:4802:32::36
2400:52e0:1e00::1081:1
2400:52e0:1e00::1082:1
2600:1f18:612b:4200:b1d8:3816:2eb5:b94e
2600:9000:2490:c800:1d:8d6d:3b40:93a1
2600:9000:2553:1a00:2:53b2:240:93a1
2606:4700::6812:1005
2606:4700:e2::ac40:850f
2620:1ec:21::14
2a00:1450:4001:806::2002
2a00:1450:4001:827::2004
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2003
2a00:1450:400c:c07::9b
2a02:26f0:480:f::213:7edd
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
34.202.194.185
34.96.71.22
35.153.195.87
35.186.247.156
35.244.174.68
52.217.117.82
52.222.169.106
52.222.236.74
52.30.242.134
63.35.129.12
69.16.196.30
69.173.144.138
0a74fa5d2d7d9beadb58cfdaabbdbaf23c178ae116361d00eb3d9d3978e2af43
13e407abff70a40ee618832c0739ef853b55c2f69364b58cf5f00e356601ac5e
152261291c938aa5aad6a56d52b47ffcb893d1c0387e76d7f270a7382ff786d5
1689f73e54455e9cc7e976a5c50887309f500b369927b0b6993fc19024dce7ec
18201e44a097144b4b4d9fa01b548222bb46918ab5cd98cc5e48fe5d414d26aa
1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf
2484acf4e2559e042f59c44028420cd5193be362d82dc13b04d510337d849fd4
2da988427b34614d705adbf808e2e61d91f67bf147db9049e34c99b3624171e8
35fb30db5d75d94b4902cb0e643f0f70b4f8477582a813db9e43a3363e97589f
386a0f0018de75f3fe4d91f0ca87a65305abfca3a477f7c7375b90a3ee404518
390e77f80d265ef25adeb50719497234ac4229a18ef3f8b89c786e1a2a3a8dde
3a2dabce19baa347acbf99914a99d2c4d59cb513a0b38774c86131a75c07f8ff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44629a118f76c0e94de4f1582c1fec1d7286382575197c17bf1e40a05b47fb69
480cbbdaf9ea4afde46d8c47c35a98172d4bdc57232c38fd6c44a514ae1c1a87
495288ee3200599f4233761ec1e7fac874675d6a7c45fc15b794faed1b99338d
4e930b31445643295bfd2cfaeeaba015e08766fd8b7ff3b61db88003ad6720a0
52984e532d02a87a060764ff400626a1b81cc316284a8ba1feab5d94697119a0
52faf53628a79625583b743e3d44a2962fe7aa2552c801e895d1bd5b6bf31e99
55023db66b5b5211f8416ea69c8786ef0ae48e1dc5a3a065869755dc1a1e2435
593a62762efcc4a6707b33b60575853fdadb07bef263a1d1f9ac0fb647acb8e9
5aa4142a40b5a1e0cdee8d5416c145c0e3d8b785254a566b5393069dcd2e0de8
5ba3c78c274b6e779386e6f6f042dd973e748b878b91aa76467f9f356ca676a4
6c7902c08e8da746f88e5876bf53e70b0c78dfb9ad556452b45f99bd233c8cb3
6ec35ab99388f6afab345622a22772619b83b7d63705d98df3c404da782fcabb
6ee77884e86892c921ea756f4929eac2c19cca805aaaa65ad036350bdf8c5598
7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880
72baaf6edb76f99a440fbf3c71768035fa4d551b85d8607a79e6ccc91ea8341b
76dd5024f59224f7b30edc12726bcc0fbacb94b75e906d8ca208ce4e827c75f4
77eab169bd2ce45d4eb0aa80a98b7e67c2af64a37ca9dcfc8a7e0c65998c9e2d
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
87ca2d8adbd10be0e5e89784dbb7aa8bb67f77247471f437e6af535009955f8c
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
9a2ebbacda61bb011d94e5e1f8024698a1fd35498813192ead4139ae076db0cb
9f111958bfed6b75bc2a6919dff15723af54ce70b28278fc7d01b0cb11c7d685
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b0e1957ef268cbd25ce51dfda7e692ae541e120fd70c2dbf78401cc1f0c00248
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b30e23825444f92fcac0831097163e660f64091b03d5267afe7789f5aec983d7
b496cf13b59abf96a1cad8d55936efa429b138820e3ff2dcd6c82df558d95efa
bc445fa7ffaf543baec27155a066d63eed31b019bc9dea6117ca837c9f816bc0
bc462b8920124b34fffa9f466debcfb0e097317ed6b76b73a547ad39c374fe34
bc7269d642327a2174736fc2b0231d1626e6fff1ca2f57e19c59835e73febe85
be4736ce504821582c42648721827d60662045f22793f4d56933dfc76b20e400
d1af27dfc2b017fdef0aedffb2b734c2e9090aec2ab69716a9b75813f9168e5a
d455ab882af3a742e6c9680578e6a590681bda99e34847f550f1f41a7d167969
d5b6e53c9833f0ab023135c4e3631a86d714c4b580b26c2ea979973ebb521a2c
d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7225ca84f3cd329c5e5a1da414ffcca6cb6074292d03edd97e90157b4998395
eb3487cae40a55bf31dc6e6191ab0d88ec8c8f85c62bf28ad25ad0a40c16a611
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0449bb8c98a0af3cb2431a27c9431fd3be4c905525f6e1f38a78c4752dbcf62
f41738738cee22fa0cdd3e98ea4c29587a2200949aa6c2839c1b0392ab034723
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f85a4765ca58d5d6346e9252f8216f7f43740b1a6f7878684e952be7ce7f169f
f9246fd0fe78f2c2cc0d1cb37943ac906d2be5223c5a8876c27d4f834e125816
fae53d8b4105914aebe95c3997bcb1f5c1a3bab6612636d7a5427f6292338c51
fd21104dc97db6fc980c0f12ba157f3cc9fddac84dde4367f02f6f9db05c13d6

www.rxbenefits.com Open in urlscan Pro 69.16.196.30 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

78 Requests

97 %HTTPS

47 %IPv6

28 Domains

39 Subdomains

35 IPs

5 Countries

2104 kBTransfer

6135 kBSize

31 Cookies

5 Outgoing links

Redirected requests

78 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.rxbenefits.com Open in urlscan Pro
69.16.196.30 Public Scan

Screenshot
Live screenshot

Full Image

78
Requests

97 %
HTTPS

47 %
IPv6

28
Domains

39
Subdomains

35
IPs

5
Countries

2104 kB
Transfer

6135 kB
Size

31
Cookies

78 HTTP transactions
0 data transactions