www.kesimptahcp.com Open in urlscan Pro
2606:4700:4400::ac40:9887 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://msrxoption.com/
Effective URL:
https://www.kesimptahcp.com/
Submission: On March 26 via api (March 26th 2025, 1:12:24 pm UTC) from US — Scanned from DE

Summary HTTP 56 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 20 IPs in 5 countries across 15 domains to perform 56 HTTP transactions. The main IP is 2606:4700:4400::ac40:9887, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.kesimptahcp.com.
TLS certificate: Issued by WE1 on March 18th 2025. Valid for: 3 months.

This is the only time www.kesimptahcp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:440... 2606:4700:4400::ac40:987e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
26	2606:4700:440... 2606:4700:4400::ac40:9887	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	151.101.192.114 151.101.192.114	54113 (FASTLY) (FASTLY)
4	142.250.181.227 142.250.181.227	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	172.217.16.196 172.217.16.196	15169 (GOOGLE) (GOOGLE)
1 2	104.17.249.203 104.17.249.203	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.244.18.60 18.244.18.60	16509 (AMAZON-02) (AMAZON-02)
2	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
1	2.16.252.135 2.16.252.135	16625 (AKAMAI-AS) (AKAMAI-AS)
1	208.93.169.131 208.93.169.131	46244 (WEBMD-IDC...) (WEBMD-IDC1-AS)
1	142.250.185.200 142.250.185.200	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c02::9c	15169 (GOOGLE) (GOOGLE)
1	172.217.16.195 172.217.16.195	15169 (GOOGLE) (GOOGLE)
1	4.207.209.100 4.207.209.100	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 4	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
2	142.250.184.230 142.250.184.230	15169 (GOOGLE) (GOOGLE)
3	52.25.103.135 52.25.103.135	16509 (AMAZON-02) (AMAZON-02)
56	20

1 104.18.19.126 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

msrxoption.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:987e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.msrxoption.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2606:4700:4400::ac40:9887 (United States)

ASN13335 (CLOUDFLARENET, US)

www.kesimptahcp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
usim.beprod.kesimptahcp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.192.114 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.evgnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.249.203 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.244.18.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-60.fra56.r.cloudfront.net

t.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.252.135 (Hamburg, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-252-135.deploy.static.akamaitechnologies.com

servedby.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c02::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 4.207.209.100 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.az.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.166 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

9787805.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.25.103.135 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-25-103-135.us-west-2.compute.amazonaws.com

novartispharmaag.us-7.evergage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	kesimptahcp.com www.kesimptahcp.com usim.beprod.kesimptahcp.com	721 KB
7	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 284 9787805.fls.doubleclick.net — Cisco Umbrella Rank: 357723 ad.doubleclick.net — Cisco Umbrella Rank: 210	2 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 107	372 KB
4	gstatic.com fonts.gstatic.com	29 KB
3	evergage.com novartispharmaag.us-7.evergage.com	2 KB
3	google.com www.google.com — Cisco Umbrella Rank: 10 region1.analytics.google.com — Cisco Umbrella Rank: 3566
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 255	66 KB
2	contentsquare.net t.contentsquare.net — Cisco Umbrella Rank: 3902 c.az.contentsquare.net — Cisco Umbrella Rank: 8681	92 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 1015	3 KB
2	msrxoption.com 2 redirects msrxoption.com www.msrxoption.com	674 B
1	google.de www.google.de — Cisco Umbrella Rank: 7209	63 B
1	contextweb.com bh.contextweb.com — Cisco Umbrella Rank: 1019	542 B
1	flashtalking.com servedby.flashtalking.com — Cisco Umbrella Rank: 1244
1	evgnet.com cdn.evgnet.com — Cisco Umbrella Rank: 6653	63 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 113	923 B
56	15

	Domain	Requested by
20	www.kesimptahcp.com	www.kesimptahcp.com
6	usim.beprod.kesimptahcp.com	www.kesimptahcp.com
4	9787805.fls.doubleclick.net	2 redirects www.googletagmanager.com
4	www.googletagmanager.com	www.kesimptahcp.com www.googletagmanager.com
4	fonts.gstatic.com	fonts.googleapis.com
3	novartispharmaag.us-7.evergage.com	t.contentsquare.net cdn.evgnet.com
2	ad.doubleclick.net	www.kesimptahcp.com
2	region1.analytics.google.com	www.googletagmanager.com t.contentsquare.net
2	connect.facebook.net	www.kesimptahcp.com connect.facebook.net
2	unpkg.com	1 redirects www.kesimptahcp.com
1	c.az.contentsquare.net	www.kesimptahcp.com
1	www.google.de	www.kesimptahcp.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	bh.contextweb.com	www.kesimptahcp.com
1	servedby.flashtalking.com	www.googletagmanager.com
1	t.contentsquare.net	www.googletagmanager.com
1	www.google.com	www.googletagmanager.com
1	cdn.evgnet.com	www.kesimptahcp.com
1	fonts.googleapis.com	www.kesimptahcp.com
1	www.msrxoption.com	1 redirects
1	msrxoption.com	1 redirects
56	21

This site contains links to these domains. Also see Links.

Domain
www.novartis.com
account.covermymeds.com
medinfo.novartispharmaceuticals.com
www.facebook.com
www.youtube.com
www.instagram.com
kesimptahcp.com

Subject Issuer	Validity	Valid
www.kesimptahcp.com WE1	`2025-03-18` - `2025-06-16`	3 months	crt.sh
upload.video.google.com WE2	`2025-03-10` - `2025-06-02`	3 months	crt.sh
usim.beprod.kesimptahcp.com WE1	`2025-03-18` - `2025-06-17`	3 months	crt.sh
cdn.evergage.com DigiCert TLS RSA SHA256 2020 CA1	`2025-01-15` - `2026-01-14`	a year	crt.sh
*.gstatic.com WE2	`2025-03-10` - `2025-06-02`	3 months	crt.sh
*.google-analytics.com WE2	`2025-03-10` - `2025-06-02`	3 months	crt.sh
*.google.com WE2	`2025-03-10` - `2025-06-02`	3 months	crt.sh
t.contentsquare.net Amazon RSA 2048 M03	`2024-08-13` - `2025-09-10`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2025-01-02` - `2025-04-02`	3 months	crt.sh
servedby.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-17` - `2025-07-17`	a year	crt.sh
*.contextweb.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-04-11` - `2025-05-11`	a year	crt.sh
*.g.doubleclick.net WR2	`2025-03-10` - `2025-06-02`	3 months	crt.sh
*.google.de WE2	`2025-03-10` - `2025-06-02`	3 months	crt.sh
dep-argo.aa.contentsquare.net R11	`2025-02-03` - `2025-05-04`	3 months	crt.sh
*.doubleclick.net WE2	`2025-03-10` - `2025-06-02`	3 months	crt.sh
*.us-7.evergage.com Amazon RSA 2048 M02	`2024-07-01` - `2025-07-30`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.kesimptahcp.com/
Frame ID: 632CEA98E133E138D20565C6D953C627
Requests: 52 HTTP requests in this frame

Frame: https://servedby.flashtalking.com/container/18741;121868;13078;iframe/?ftXRef=&ftXValue=&ftXType=&ftXName=&ftXNumItems=&ftXCurrency=&U1=&U2=&U3=&U4=&U5=&U6=&U7=&U8=&U9=&U10=&U11=&U12=&U13=&U14=&U15=&U16=&U17=&U18=&U19=&U20=&ft_referrer=https%3A%2F%2Fwww.kesimptahcp.com%2F%3F~U1%3DU1_VALUE%26U2%3DU2_VALUE%26U3%3DU3_VALUE%26U4%3DU4_VALUE%26U5%3DU5_VALUE%26U6%3DU6_VALUE%26U7%3DU7_VALUE%26U8%3DU8_VALUE%26U9%3DU9_VALUE%26U10%3DU10_VALUE%26U11%3DU11_VALUE%26U12%3DU12_VALUE%26U13%3DU13_VALUE%26U14%3DU14_VALUE%26U15%3DU15_VALUE%26U16%3DU16_VALUE%26U17%3DU17_VALUE%26U18%3DU18_VALUE%26U19%3DU19_VALUE%26U20%3DU20_VALUE&ns=&cb=1474572373
Frame ID: ADBCDD342FB734AA114DD33C8B8B9D27
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/53k0/sw_iframe.html?origin=https%3A%2F%2Fwww.kesimptahcp.com
Frame ID: DDAD73E2771328CECCAF25D23601FEFE
Requests: 1 HTTP requests in this frame

Frame: https://9787805.fls.doubleclick.net/activityi;dc_pre=CIqR6LHpp4wDFbXpEQgdeQ4uCQ;src=9787805;type=2021k003;cat=kesim0;ord=1;num=7107374096873;npa=1;auiddc=34577272.1742994738;ps=1;pcor=1746398663;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KpA;gtm=45fe53o2v9181465264z89103149974za201zb9123481384;gcd=13l3lPl2l1l1;dma_cps=syphamo;dma=1;dc_fmt=1;tag_exp=102482433~102788824~102803279~102813109~102887800~102926327;epver=2;~oref=https%3A%2F%2Fwww.kesimptahcp.com%2F
Frame ID: 79899F49E6C4A2C7E10D9DC8F8FB802A
Requests: 1 HTTP requests in this frame

Frame: https://9787805.fls.doubleclick.net/activityi;dc_pre=CKKZ6LHpp4wDFWDtEQgdtZUtsA;src=9787805;type=kesim000;cat=kesim0;ord=1;num=9459142046472;npa=1;auiddc=34577272.1742994738;ps=1;pcor=1032291929;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KpA;gtm=45fe53o2v9181465264z89103149974za201zb9123481384;gcd=13l3lPl2l1l1;dma_cps=syphamo;dma=1;dc_fmt=1;tag_exp=102482433~102788824~102803279~102813109~102887800~102926327;epver=2;~oref=https%3A%2F%2Fwww.kesimptahcp.com%2F
Frame ID: 768C4203A4D0AC99BFC9B88D152C2421
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Relapsing MS Treatment | KESIMPTA® (ofatumumab) HCP

Page URL History Show full URLs

https://msrxoption.com/ HTTP 301
https://www.msrxoption.com/ HTTP 301
https://www.kesimptahcp.com/ Page URL

Detected technologies

DataTables (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

dataTables.*\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

56
Requests

96 %
HTTPS

29 %
IPv6

15
Domains

21
Subdomains

20
IPs

5
Countries

1350 kB
Transfer

4409 kB
Size

14
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.novartis.com/us-en/contact-hcp
Title: Contact a Rep

Search URL Search Domain Scan URL

URL: https://www.novartis.com/us-en/sites/novartis_us/files/kesimpta.pdf
Title: Prescribing Information

Search URL Search Domain Scan URL

URL: https://www.novartis.com/us-en/sites/novartis_us/files/kesimpta_pmg.pdf
Title: Medication Guide

Search URL Search Domain Scan URL

URL: https://account.covermymeds.com/
Title: VISIT COVERMYMEDS

Search URL Search Domain Scan URL

URL: https://medinfo.novartispharmaceuticals.com/medinfo/s/
Title: Medical Information

Search URL Search Domain Scan URL

URL: https://www.novartis.com/us-en/privacy#interest-based
Title: Interest-Based Ads

Search URL Search Domain Scan URL

URL: https://www.novartis.com/about
Title: Non-US Residents

Search URL Search Domain Scan URL

URL: https://www.novartis.com/us-en/about

Search URL Search Domain Scan URL

URL: https://www.novartis.com/us-en/terms-use
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.novartis.com/us-en/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.facebook.com/KESIMPTA.ofatumumab/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@KesimptaHCP

Search URL Search Domain Scan URL

URL: https://www.instagram.com/KESIMPTA_ofatumumab/

Search URL Search Domain Scan URL

URL: http://kesimptahcp.com/
Title: KesimptaHCP.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://msrxoption.com/ HTTP 301
https://www.msrxoption.com/ HTTP 301
https://www.kesimptahcp.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
https://unpkg.com/web-vitals@4.2.4/dist/web-vitals.iife.js

Request Chain 46

https://9787805.fls.doubleclick.net/activityi;src=9787805;type=2021k003;cat=kesim0;ord=1;num=7107374096873;npa=1;auiddc=34577272.1742994738;ps=1;pcor=1746398663;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KpA;gtm=45fe53o2v9181465264z89103149974za201zb9123481384;gcd=13l3lPl2l1l1;dma_cps=syphamo;dma=1;dc_fmt=1;tag_exp=102482433~102788824~102803279~102813109~102887800~102926327;epver=2;~oref=https%3A%2F%2Fwww.kesimptahcp.com%2F HTTP 302
https://9787805.fls.doubleclick.net/activityi;dc_pre=CIqR6LHpp4wDFbXpEQgdeQ4uCQ;src=9787805;type=2021k003;cat=kesim0;ord=1;num=7107374096873;npa=1;auiddc=34577272.1742994738;ps=1;pcor=1746398663;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KpA;gtm=45fe53o2v9181465264z89103149974za201zb9123481384;gcd=13l3lPl2l1l1;dma_cps=syphamo;dma=1;dc_fmt=1;tag_exp=102482433~102788824~102803279~102813109~102887800~102926327;epver=2;~oref=https%3A%2F%2Fwww.kesimptahcp.com%2F

Request Chain 47

https://9787805.fls.doubleclick.net/activityi;src=9787805;type=kesim000;cat=kesim0;ord=1;num=9459142046472;npa=1;auiddc=34577272.1742994738;ps=1;pcor=1032291929;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KpA;gtm=45fe53o2v9181465264z89103149974za201zb9123481384;gcd=13l3lPl2l1l1;dma_cps=syphamo;dma=1;dc_fmt=1;tag_exp=102482433~102788824~102803279~102813109~102887800~102926327;epver=2;~oref=https%3A%2F%2Fwww.kesimptahcp.com%2F HTTP 302
https://9787805.fls.doubleclick.net/activityi;dc_pre=CKKZ6LHpp4wDFWDtEQgdtZUtsA;src=9787805;type=kesim000;cat=kesim0;ord=1;num=9459142046472;npa=1;auiddc=34577272.1742994738;ps=1;pcor=1032291929;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KpA;gtm=45fe53o2v9181465264z89103149974za201zb9123481384;gcd=13l3lPl2l1l1;dma_cps=syphamo;dma=1;dc_fmt=1;tag_exp=102482433~102788824~102803279~102813109~102887800~102926327;epver=2;~oref=https%3A%2F%2Fwww.kesimptahcp.com%2F

56 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.kesimptahcp.com/
Redirect Chain

https://msrxoption.com/
https://www.msrxoption.com/
https://www.kesimptahcp.com/

129 KB
23 KB

147ms
36ms

Document
text/html

2606:4700:4400::ac40:9887
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://www.kesimptahcp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9887 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3cf1eb20de8abaaf177a6ce3c61a6b289fa1eb1ab5aa9220a56812a03ffcb5bb

Security Headers

Name	Value
Content-Security-Policy	default-src usim.beprod.kesimptahcp.com 'self'; style-src cdn.pullthrough.tools cdn.uat.pullthrough.tools usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com .googleapis.com fonts.gstatic.com 'self' 'unsafe-inline' kms-a.akamaihd.net cfvod.kaltura.com novartispharmaag.us-7.evergage.com; script-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools js-agent.newrelic.com/nr-rum-1.248.0.min.js usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com unpkg.com kaltura.com .kaltura.com contextweb.com .contextweb.com bat.bing.com .doubleclick.net tags.tiqcdn.com ipredictive.com .ipredictive.com 'self' 'unsafe-inline' 'unsafe-eval' blob: .googleapis.com .pmsrv.co t.contentsquare.net app.contentsquare.com static.cloudflareinsights.com .meta.net mediahub.novartis.com match.deepintent.com trc.lhmos.com secure.adnxs.com .facebook.net analytics.google.com .analytics.google.com google-analytics.com .google-analytics.com googletagmanager.com .googletagmanager.com tagmanager.google.com .tagmanager.google.com cdn.evgnet.com .facebook.com novartispharmaag.us-7.evergage.com; child-src blob:; worker-src blob:; object-src 'none'; font-src prod.cz.hcp.novartis.com fonts.gstatic.com .kaltura.com 'self' data: application: novartispharmaag.us-7.evergage.com; img-src .ipredictive.com .contentsquare.net http: https: data: image: 'self'; frame-src contextweb.com .contextweb.com bat.bing.com .doubleclick.net servedby.flashtalking.com di.rlcdn.com 'self' cdnapisec.kaltura.com analytics.google.com .analytics.google.com google-analytics.com .google-analytics.com googletagmanager.com .googletagmanager.com tagmanager.google.com .tagmanager.google.com; connect-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools api.ipstack.com api.pullthrough.tools api.uat.pullthrough.tools usim.beprod.kesimptahcp.com bam.nr-data.net prod.cz.hcp.novartis.com .google.com contextweb.com .contextweb.com bat.bing.com .doubleclick.net .googleadservices.net stats.g.doubleclick.net .contentsquare.net .kaltura.com ws: 'self' .googleapis.com .tiqcdn.com cloudflareinsights.com trc.lhmos.com analytics.google.com .analytics.google.com google-analytics.com .google-analytics.com googletagmanager.com .googletagmanager.com tagmanager.google.com .tagmanager.google.com novartispharmaag.us-7.evergage.com; media-src usim.beprod.kesimptahcp.com kaltura.com .kaltura.com blob: 'self' data:; frame-ancestors usim.beprod.kesimptahcp.com 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	no-sniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36

Response headers

age: 3500
cache-control: public, max-age=3600, s-maxage=2678400, stale-while-revalidate=59
cf-cache-status: HIT
cf-ray: 9266e6140bf19b82-FRA
content-encoding: br
content-security-policy: default-src usim.beprod.kesimptahcp.com 'self'; style-src cdn.pullthrough.tools cdn.uat.pullthrough.tools usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com *.googleapis.com fonts.gstatic.com 'self' 'unsafe-inline' kms-a.akamaihd.net cfvod.kaltura.com novartispharmaag.us-7.evergage.com; script-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools js-agent.newrelic.com/nr-rum-1.248.0.min.js usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com unpkg.com kaltura.com *.kaltura.com contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net tags.tiqcdn.com ipredictive.com *.ipredictive.com 'self' 'unsafe-inline' 'unsafe-eval' blob: *.googleapis.com *.pmsrv.co t.contentsquare.net app.contentsquare.com static.cloudflareinsights.com *.meta.net mediahub.novartis.com match.deepintent.com trc.lhmos.com secure.adnxs.com *.facebook.net analytics.google.com *.analytics.google.com google-analytics.com *.google-analytics.com googletagmanager.com *.googletagmanager.com tagmanager.google.com *.tagmanager.google.com cdn.evgnet.com *.facebook.com novartispharmaag.us-7.evergage.com; child-src blob:; worker-src blob:; object-src 'none'; font-src prod.cz.hcp.novartis.com fonts.gstatic.com *.kaltura.com 'self' data: application: novartispharmaag.us-7.evergage.com; img-src *.ipredictive.com *.contentsquare.net http: https: data: image: 'self'; frame-src contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net servedby.flashtalking.com di.rlcdn.com 'self' cdnapisec.kaltura.com analytics.google.com *.analytics.google.com google-analytics.com *.google-analytics.com googletagmanager.com *.googletagmanager.com tagmanager.google.com *.tagmanager.google.com; connect-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools api.ipstack.com api.pullthrough.tools api.uat.pullthrough.tools usim.beprod.kesimptahcp.com bam.nr-data.net prod.cz.hcp.novartis.com *.google.com contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net *.googleadservices.net stats.g.doubleclick.net *.contentsquare.net *.kaltura.com ws: 'self' *.googleapis.com *.tiqcdn.com cloudflareinsights.com trc.lhmos.com analytics.google.com *.analytics.google.com google-analytics.com *.google-analytics.com googletagmanager.com *.googletagmanager.com tagmanager.google.com *.tagmanager.google.com novartispharmaag.us-7.evergage.com; media-src usim.beprod.kesimptahcp.com kaltura.com *.kaltura.com blob: 'self' data:; frame-ancestors usim.beprod.kesimptahcp.com 'self'
content-type: text/html; charset=utf-8
date: Wed, 26 Mar 2025 13:12:17 GMT
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: no-sniff
x-dns-prefetch-control: on
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

cache-control: max-age=3600
cf-ray: 9266e6131937dbdc-FRA
content-length: 167
content-type: text/html
date: Wed, 26 Mar 2025 13:12:17 GMT
expires: Wed, 26 Mar 2025 14:12:17 GMT
location: https://www.kesimptahcp.com/
server: cloudflare
vary: Accept-Encoding

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
923 B 82ms
36ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap

Requested by

Host: www.kesimptahcp.com
URL: https://www.kesimptahcp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9b24fd64c70ccc6f0d26cf07916db6eaab4a03ad9c5e6010f41bfd76546aa58e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://www.kesimptahcp.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 26 Mar 2025 13:12:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 26 Mar 2025 13:12:17 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 26 Mar 2025 11:56:23 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 variables.css
usim.beprod.kesimptahcp.com/sites/kesimptahcp_com/files/generated_css/ 6 KB
1 KB 205ms
32ms Stylesheet
text/css 2606:4700:4400::ac40:9887
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://usim.beprod.kesimptahcp.com/sites/kesimptahcp_com/files/generated_css/variables.css

Requested by

Host: www.kesimptahcp.com
URL: https://www.kesimptahcp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9887 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1d0ffe1129366b48ac07d5b108c2ec9f7aa89bd0f752bfb92e4d9c140e9b8dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://www.kesimptahcp.com/

Response headers

x-request-id: v-0dd46454-06c2-11f0-a752-cf2b92578edc
content-encoding: gzip
cf-cache-status: HIT
age: 5319
x-content-type-options: nosniff
expires: Sat, 05 Apr 2025 02:04:57 GMT
x-cache: HIT
date: Wed, 26 Mar 2025 13:12:17 GMT
content-type: text/css
last-modified: Tue, 12 Nov 2024 14:16:16 GMT
vary: Accept-Encoding
x-cache-hits: 29
cache-control: max-age=1209600
x-ah-environment: prod
via: varnish
cf-ray: 9266e6157cdc4d28-FRA
accept-ranges: bytes
content-length: 908
server: cloudflare

GET
H2 200 ce1d75b18c7f79a2.css
www.kesimptahcp.com/_next/static/css/ 288 KB
39 KB 23ms
23ms Stylesheet
text/css 2606:4700:4400::ac40:9887
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://www.kesimptahcp.com/_next/static/css/ce1d75b18c7f79a2.css

Requested by

Host: www.kesimptahcp.com
URL: https://www.kesimptahcp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9887 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

048d534a44c7e9aed5965295403c8912d556ad35bb8b3b4a83a4ec0927aa8d2b

Security Headers

Name	Value
Content-Security-Policy	default-src usim.beprod.kesimptahcp.com 'self'; style-src cdn.pullthrough.tools cdn.uat.pullthrough.tools usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com .googleapis.com fonts.gstatic.com 'self' 'unsafe-inline' kms-a.akamaihd.net cfvod.kaltura.com; script-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools js-agent.newrelic.com/nr-rum-1.248.0.min.js usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com unpkg.com kaltura.com .kaltura.com contextweb.com .contextweb.com bat.bing.com .doubleclick.net tags.tiqcdn.com ipredictive.com .ipredictive.com 'self' 'unsafe-inline' 'unsafe-eval' blob: .googleapis.com .pmsrv.co t.contentsquare.net app.contentsquare.com static.cloudflareinsights.com .meta.net mediahub.novartis.com match.deepintent.com trc.lhmos.com secure.adnxs.com .facebook.net; child-src blob:; worker-src blob:; object-src 'none'; font-src prod.cz.hcp.novartis.com fonts.gstatic.com .kaltura.com 'self' data: application:; img-src .ipredictive.com .contentsquare.net http: https: data: image: 'self'; frame-src contextweb.com .contextweb.com bat.bing.com .doubleclick.net servedby.flashtalking.com di.rlcdn.com 'self' cdnapisec.kaltura.com; connect-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools api.ipstack.com api.pullthrough.tools api.uat.pullthrough.tools usim.beprod.kesimptahcp.com bam.nr-data.net prod.cz.hcp.novartis.com .google.com contextweb.com .contextweb.com bat.bing.com .doubleclick.net .googleadservices.net stats.g.doubleclick.net .contentsquare.net .kaltura.com ws: 'self' .googleapis.com .tiqcdn.com cloudflareinsights.com trc.lhmos.com; media-src usim.beprod.kesimptahcp.com kaltura.com *.kaltura.com blob: 'self' data:; frame-ancestors usim.beprod.kesimptahcp.com 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	no-sniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://www.kesimptahcp.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"47e1a-195a9363568"
age: 5320
x-content-type-options: no-sniff
date: Wed, 26 Mar 2025 13:12:17 GMT
content-type: text/css; charset=UTF-8
last-modified: Tue, 18 Mar 2025 12:24:17 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
content-security-policy: default-src usim.beprod.kesimptahcp.com 'self'; style-src cdn.pullthrough.tools cdn.uat.pullthrough.tools usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com *.googleapis.com fonts.gstatic.com 'self' 'unsafe-inline' kms-a.akamaihd.net cfvod.kaltura.com; script-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools js-agent.newrelic.com/nr-rum-1.248.0.min.js usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com unpkg.com kaltura.com *.kaltura.com contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net tags.tiqcdn.com ipredictive.com *.ipredictive.com 'self' 'unsafe-inline' 'unsafe-eval' blob: *.googleapis.com *.pmsrv.co t.contentsquare.net app.contentsquare.com static.cloudflareinsights.com *.meta.net mediahub.novartis.com match.deepintent.com trc.lhmos.com secure.adnxs.com *.facebook.net; child-src blob:; worker-src blob:; object-src 'none'; font-src prod.cz.hcp.novartis.com fonts.gstatic.com *.kaltura.com 'self' data: application:; img-src *.ipredictive.com *.contentsquare.net http: https: data: image: 'self'; frame-src contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net servedby.flashtalking.com di.rlcdn.com 'self' cdnapisec.kaltura.com; connect-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools api.ipstack.com api.pullthrough.tools api.uat.pullthrough.tools usim.beprod.kesimptahcp.com bam.nr-data.net prod.cz.hcp.novartis.com *.google.com contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net *.googleadservices.net stats.g.doubleclick.net *.contentsquare.net *.kaltura.com ws: 'self' *.googleapis.com *.tiqcdn.com cloudflareinsights.com trc.lhmos.com; media-src usim.beprod.kesimptahcp.com kaltura.com *.kaltura.com blob: 'self' data:; frame-ancestors usim.beprod.kesimptahcp.com 'self'
cache-control: public, max-age=31536000, immutable
x-dns-prefetch-control: on
cf-ray: 9266e6146c329b82-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 jquery-3.6.0.min.js Show response
www.kesimptahcp.com/vendor/scripts/ 87 KB
31 KB 29ms
27ms Script
application/javascript 2606:4700:4400::ac40:9887
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://www.kesimptahcp.com/vendor/scripts/jquery-3.6.0.min.js

Requested by

Host: www.kesimptahcp.com
URL: https://www.kesimptahcp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9887 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Content-Security-Policy	default-src usim.beprod.kesimptahcp.com 'self'; style-src cdn.pullthrough.tools cdn.uat.pullthrough.tools usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com .googleapis.com fonts.gstatic.com 'self' 'unsafe-inline' kms-a.akamaihd.net cfvod.kaltura.com; script-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools js-agent.newrelic.com/nr-rum-1.248.0.min.js usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com unpkg.com kaltura.com .kaltura.com contextweb.com .contextweb.com bat.bing.com .doubleclick.net tags.tiqcdn.com ipredictive.com .ipredictive.com 'self' 'unsafe-inline' 'unsafe-eval' blob: .googleapis.com .pmsrv.co t.contentsquare.net app.contentsquare.com static.cloudflareinsights.com .meta.net mediahub.novartis.com match.deepintent.com trc.lhmos.com secure.adnxs.com .facebook.net; child-src blob:; worker-src blob:; object-src 'none'; font-src prod.cz.hcp.novartis.com fonts.gstatic.com .kaltura.com 'self' data: application:; img-src .ipredictive.com .contentsquare.net http: https: data: image: 'self'; frame-src contextweb.com .contextweb.com bat.bing.com .doubleclick.net servedby.flashtalking.com di.rlcdn.com 'self' cdnapisec.kaltura.com; connect-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools api.ipstack.com api.pullthrough.tools api.uat.pullthrough.tools usim.beprod.kesimptahcp.com bam.nr-data.net prod.cz.hcp.novartis.com .google.com contextweb.com .contextweb.com bat.bing.com .doubleclick.net .googleadservices.net stats.g.doubleclick.net .contentsquare.net .kaltura.com ws: 'self' .googleapis.com .tiqcdn.com cloudflareinsights.com trc.lhmos.com; media-src usim.beprod.kesimptahcp.com kaltura.com *.kaltura.com blob: 'self' data:; frame-ancestors usim.beprod.kesimptahcp.com 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	no-sniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://www.kesimptahcp.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"15d9d-195a9366060"
age: 302
x-content-type-options: no-sniff
date: Wed, 26 Mar 2025 13:12:17 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 18 Mar 2025 12:24:28 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
content-security-policy: default-src usim.beprod.kesimptahcp.com 'self'; style-src cdn.pullthrough.tools cdn.uat.pullthrough.tools usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com *.googleapis.com fonts.gstatic.com 'self' 'unsafe-inline' kms-a.akamaihd.net cfvod.kaltura.com; script-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools js-agent.newrelic.com/nr-rum-1.248.0.min.js usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com unpkg.com kaltura.com *.kaltura.com contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net tags.tiqcdn.com ipredictive.com *.ipredictive.com 'self' 'unsafe-inline' 'unsafe-eval' blob: *.googleapis.com *.pmsrv.co t.contentsquare.net app.contentsquare.com static.cloudflareinsights.com *.meta.net mediahub.novartis.com match.deepintent.com trc.lhmos.com secure.adnxs.com *.facebook.net; child-src blob:; worker-src blob:; object-src 'none'; font-src prod.cz.hcp.novartis.com fonts.gstatic.com *.kaltura.com 'self' data: application:; img-src *.ipredictive.com *.contentsquare.net http: https: data: image: 'self'; frame-src contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net servedby.flashtalking.com di.rlcdn.com 'self' cdnapisec.kaltura.com; connect-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools api.ipstack.com api.pullthrough.tools api.uat.pullthrough.tools usim.beprod.kesimptahcp.com bam.nr-data.net prod.cz.hcp.novartis.com *.google.com contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net *.googleadservices.net stats.g.doubleclick.net *.contentsquare.net *.kaltura.com ws: 'self' *.googleapis.com *.tiqcdn.com cloudflareinsights.com trc.lhmos.com; media-src usim.beprod.kesimptahcp.com kaltura.com *.kaltura.com blob: 'self' data:; frame-ancestors usim.beprod.kesimptahcp.com 'self'
cache-control: public, s-maxage=31536000, stale-while-revalidate
x-dns-prefetch-control: on
cf-ray: 9266e6147c3a9b82-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 swiper-bundle.min.js Show response
www.kesimptahcp.com/vendor/scripts/ 142 KB
38 KB 39ms
38ms Script
application/javascript 2606:4700:4400::ac40:9887
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://www.kesimptahcp.com/vendor/scripts/swiper-bundle.min.js

Requested by

Host: www.kesimptahcp.com
URL: https://www.kesimptahcp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9887 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49bdb416c95b403ea89b3d54853b9b6f26000bf66e45e6ff19b1186e8aeeecf9

Security Headers

Name	Value
Content-Security-Policy	default-src usim.beprod.kesimptahcp.com 'self'; style-src cdn.pullthrough.tools cdn.uat.pullthrough.tools usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com .googleapis.com fonts.gstatic.com 'self' 'unsafe-inline' kms-a.akamaihd.net cfvod.kaltura.com; script-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools js-agent.newrelic.com/nr-rum-1.248.0.min.js usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com unpkg.com kaltura.com .kaltura.com contextweb.com .contextweb.com bat.bing.com .doubleclick.net tags.tiqcdn.com ipredictive.com .ipredictive.com 'self' 'unsafe-inline' 'unsafe-eval' blob: .googleapis.com .pmsrv.co t.contentsquare.net app.contentsquare.com static.cloudflareinsights.com .meta.net mediahub.novartis.com match.deepintent.com trc.lhmos.com secure.adnxs.com .facebook.net; child-src blob:; worker-src blob:; object-src 'none'; font-src prod.cz.hcp.novartis.com fonts.gstatic.com .kaltura.com 'self' data: application:; img-src .ipredictive.com .contentsquare.net http: https: data: image: 'self'; frame-src contextweb.com .contextweb.com bat.bing.com .doubleclick.net servedby.flashtalking.com di.rlcdn.com 'self' cdnapisec.kaltura.com; connect-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools api.ipstack.com api.pullthrough.tools api.uat.pullthrough.tools usim.beprod.kesimptahcp.com bam.nr-data.net prod.cz.hcp.novartis.com .google.com contextweb.com .contextweb.com bat.bing.com .doubleclick.net .googleadservices.net stats.g.doubleclick.net .contentsquare.net .kaltura.com ws: 'self' .googleapis.com .tiqcdn.com cloudflareinsights.com trc.lhmos.com; media-src usim.beprod.kesimptahcp.com kaltura.com *.kaltura.com blob: 'self' data:; frame-ancestors usim.beprod.kesimptahcp.com 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	no-sniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://www.kesimptahcp.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"239bf-195a9366060"
age: 5320
x-content-type-options: no-sniff
date: Wed, 26 Mar 2025 13:12:17 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 18 Mar 2025 12:24:28 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
content-security-policy: default-src usim.beprod.kesimptahcp.com 'self'; style-src cdn.pullthrough.tools cdn.uat.pullthrough.tools usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com *.googleapis.com fonts.gstatic.com 'self' 'unsafe-inline' kms-a.akamaihd.net cfvod.kaltura.com; script-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools js-agent.newrelic.com/nr-rum-1.248.0.min.js usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com unpkg.com kaltura.com *.kaltura.com contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net tags.tiqcdn.com ipredictive.com *.ipredictive.com 'self' 'unsafe-inline' 'unsafe-eval' blob: *.googleapis.com *.pmsrv.co t.contentsquare.net app.contentsquare.com static.cloudflareinsights.com *.meta.net mediahub.novartis.com match.deepintent.com trc.lhmos.com secure.adnxs.com *.facebook.net; child-src blob:; worker-src blob:; object-src 'none'; font-src prod.cz.hcp.novartis.com fonts.gstatic.com *.kaltura.com 'self' data: application:; img-src *.ipredictive.com *.contentsquare.net http: https: data: image: 'self'; frame-src contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net servedby.flashtalking.com di.rlcdn.com 'self' cdnapisec.kaltura.com; connect-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools api.ipstack.com api.pullthrough.tools api.uat.pullthrough.tools usim.beprod.kesimptahcp.com bam.nr-data.net prod.cz.hcp.novartis.com *.google.com contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net *.googleadservices.net stats.g.doubleclick.net *.contentsquare.net *.kaltura.com ws: 'self' *.googleapis.com *.tiqcdn.com cloudflareinsights.com trc.lhmos.com; media-src usim.beprod.kesimptahcp.com kaltura.com *.kaltura.com blob: 'self' data:; frame-ancestors usim.beprod.kesimptahcp.com 'self'
cache-control: public, s-maxage=31536000, stale-while-revalidate
x-dns-prefetch-control: on
cf-ray: 9266e6147c3c9b82-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 webpack-42cdea76c8170223.js Show response
www.kesimptahcp.com/_next/static/chunks/ 2 KB
1 KB 43ms
42ms Script
application/javascript 2606:4700:4400::ac40:9887
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://www.kesimptahcp.com/_next/static/chunks/webpack-42cdea76c8170223.js

Requested by

Host: www.kesimptahcp.com
URL: https://www.kesimptahcp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9887 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee5aeb11ca1c2946b0e4501f44497b479a76e49b4e56eeac61332f533390cfb4

Security Headers

Name	Value
Content-Security-Policy	default-src usim.beprod.kesimptahcp.com 'self'; style-src cdn.pullthrough.tools cdn.uat.pullthrough.tools usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com .googleapis.com fonts.gstatic.com 'self' 'unsafe-inline' kms-a.akamaihd.net cfvod.kaltura.com; script-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools js-agent.newrelic.com/nr-rum-1.248.0.min.js usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com unpkg.com kaltura.com .kaltura.com contextweb.com .contextweb.com bat.bing.com .doubleclick.net tags.tiqcdn.com ipredictive.com .ipredictive.com 'self' 'unsafe-inline' 'unsafe-eval' blob: .googleapis.com .pmsrv.co t.contentsquare.net app.contentsquare.com static.cloudflareinsights.com .meta.net mediahub.novartis.com match.deepintent.com trc.lhmos.com secure.adnxs.com .facebook.net; child-src blob:; worker-src blob:; object-src 'none'; font-src prod.cz.hcp.novartis.com fonts.gstatic.com .kaltura.com 'self' data: application:; img-src .ipredictive.com .contentsquare.net http: https: data: image: 'self'; frame-src contextweb.com .contextweb.com bat.bing.com .doubleclick.net servedby.flashtalking.com di.rlcdn.com 'self' cdnapisec.kaltura.com; connect-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools api.ipstack.com api.pullthrough.tools api.uat.pullthrough.tools usim.beprod.kesimptahcp.com bam.nr-data.net prod.cz.hcp.novartis.com .google.com contextweb.com .contextweb.com bat.bing.com .doubleclick.net .googleadservices.net stats.g.doubleclick.net .contentsquare.net .kaltura.com ws: 'self' .googleapis.com .tiqcdn.com cloudflareinsights.com trc.lhmos.com; media-src usim.beprod.kesimptahcp.com kaltura.com *.kaltura.com blob: 'self' data:; frame-ancestors usim.beprod.kesimptahcp.com 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	no-sniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://www.kesimptahcp.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"8ea-195a9363568"
age: 302
x-content-type-options: no-sniff
date: Wed, 26 Mar 2025 13:12:17 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 18 Mar 2025 12:24:17 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
content-security-policy: default-src usim.beprod.kesimptahcp.com 'self'; style-src cdn.pullthrough.tools cdn.uat.pullthrough.tools usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com *.googleapis.com fonts.gstatic.com 'self' 'unsafe-inline' kms-a.akamaihd.net cfvod.kaltura.com; script-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools js-agent.newrelic.com/nr-rum-1.248.0.min.js usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com unpkg.com kaltura.com *.kaltura.com contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net tags.tiqcdn.com ipredictive.com *.ipredictive.com 'self' 'unsafe-inline' 'unsafe-eval' blob: *.googleapis.com *.pmsrv.co t.contentsquare.net app.contentsquare.com static.cloudflareinsights.com *.meta.net mediahub.novartis.com match.deepintent.com trc.lhmos.com secure.adnxs.com *.facebook.net; child-src blob:; worker-src blob:; object-src 'none'; font-src prod.cz.hcp.novartis.com fonts.gstatic.com *.kaltura.com 'self' data: application:; img-src *.ipredictive.com *.contentsquare.net http: https: data: image: 'self'; frame-src contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net servedby.flashtalking.com di.rlcdn.com 'self' cdnapisec.kaltura.com; connect-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools api.ipstack.com api.pullthrough.tools api.uat.pullthrough.tools usim.beprod.kesimptahcp.com bam.nr-data.net prod.cz.hcp.novartis.com *.google.com contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net *.googleadservices.net stats.g.doubleclick.net *.contentsquare.net *.kaltura.com ws: 'self' *.googleapis.com *.tiqcdn.com cloudflareinsights.com trc.lhmos.com; media-src usim.beprod.kesimptahcp.com kaltura.com *.kaltura.com blob: 'self' data:; frame-ancestors usim.beprod.kesimptahcp.com 'self'
cache-control: public, max-age=31536000, immutable
x-dns-prefetch-control: on
cf-ray: 9266e6147c3d9b82-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 framework-5f4595e5518b5600.js Show response
www.kesimptahcp.com/_next/static/chunks/ 127 KB
41 KB 30ms
28ms Script
application/javascript 2606:4700:4400::ac40:9887
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://www.kesimptahcp.com/_next/static/chunks/framework-5f4595e5518b5600.js

Requested by

Host: www.kesimptahcp.com
URL: https://www.kesimptahcp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9887 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e89e1175a6145d737446d673ffa073f4c469c8fe3972f5287b1e7e9b241282b

Security Headers

Name	Value
Content-Security-Policy	default-src usim.beprod.kesimptahcp.com 'self'; style-src cdn.pullthrough.tools cdn.uat.pullthrough.tools usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com .googleapis.com fonts.gstatic.com 'self' 'unsafe-inline' kms-a.akamaihd.net cfvod.kaltura.com; script-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools js-agent.newrelic.com/nr-rum-1.248.0.min.js usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com unpkg.com kaltura.com .kaltura.com contextweb.com .contextweb.com bat.bing.com .doubleclick.net tags.tiqcdn.com ipredictive.com .ipredictive.com 'self' 'unsafe-inline' 'unsafe-eval' blob: .googleapis.com .pmsrv.co t.contentsquare.net app.contentsquare.com static.cloudflareinsights.com .meta.net mediahub.novartis.com match.deepintent.com trc.lhmos.com secure.adnxs.com .facebook.net; child-src blob:; worker-src blob:; object-src 'none'; font-src prod.cz.hcp.novartis.com fonts.gstatic.com .kaltura.com 'self' data: application:; img-src .ipredictive.com .contentsquare.net http: https: data: image: 'self'; frame-src contextweb.com .contextweb.com bat.bing.com .doubleclick.net servedby.flashtalking.com di.rlcdn.com 'self' cdnapisec.kaltura.com; connect-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools api.ipstack.com api.pullthrough.tools api.uat.pullthrough.tools usim.beprod.kesimptahcp.com bam.nr-data.net prod.cz.hcp.novartis.com .google.com contextweb.com .contextweb.com bat.bing.com .doubleclick.net .googleadservices.net stats.g.doubleclick.net .contentsquare.net .kaltura.com ws: 'self' .googleapis.com .tiqcdn.com cloudflareinsights.com trc.lhmos.com; media-src usim.beprod.kesimptahcp.com kaltura.com *.kaltura.com blob: 'self' data:; frame-ancestors usim.beprod.kesimptahcp.com 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	no-sniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://www.kesimptahcp.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"1fbbb-195a9363568"
age: 5320
x-content-type-options: no-sniff
date: Wed, 26 Mar 2025 13:12:17 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 18 Mar 2025 12:24:17 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
content-security-policy: default-src usim.beprod.kesimptahcp.com 'self'; style-src cdn.pullthrough.tools cdn.uat.pullthrough.tools usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com *.googleapis.com fonts.gstatic.com 'self' 'unsafe-inline' kms-a.akamaihd.net cfvod.kaltura.com; script-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools js-agent.newrelic.com/nr-rum-1.248.0.min.js usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com unpkg.com kaltura.com *.kaltura.com contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net tags.tiqcdn.com ipredictive.com *.ipredictive.com 'self' 'unsafe-inline' 'unsafe-eval' blob: *.googleapis.com *.pmsrv.co t.contentsquare.net app.contentsquare.com static.cloudflareinsights.com *.meta.net mediahub.novartis.com match.deepintent.com trc.lhmos.com secure.adnxs.com *.facebook.net; child-src blob:; worker-src blob:; object-src 'none'; font-src prod.cz.hcp.novartis.com fonts.gstatic.com *.kaltura.com 'self' data: application:; img-src *.ipredictive.com *.contentsquare.net http: https: data: image: 'self'; frame-src contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net servedby.flashtalking.com di.rlcdn.com 'self' cdnapisec.kaltura.com; connect-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools api.ipstack.com api.pullthrough.tools api.uat.pullthrough.tools usim.beprod.kesimptahcp.com bam.nr-data.net prod.cz.hcp.novartis.com *.google.com contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net *.googleadservices.net stats.g.doubleclick.net *.contentsquare.net *.kaltura.com ws: 'self' *.googleapis.com *.tiqcdn.com cloudflareinsights.com trc.lhmos.com; media-src usim.beprod.kesimptahcp.com kaltura.com *.kaltura.com blob: 'self' data:; frame-ancestors usim.beprod.kesimptahcp.com 'self'
cache-control: public, max-age=31536000, immutable
x-dns-prefetch-control: on
cf-ray: 9266e6147c3e9b82-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 main-5e177f13910846a1.js Show response
www.kesimptahcp.com/_next/static/chunks/ 104 KB
31 KB 39ms
38ms Script
application/javascript 2606:4700:4400::ac40:9887
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://www.kesimptahcp.com/_next/static/chunks/main-5e177f13910846a1.js

Requested by

Host: www.kesimptahcp.com
URL: https://www.kesimptahcp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9887 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7223369d3fc3576e38cad7a9d2ce15d8d588d898165614b014cbb8814943e517

Security Headers

Name	Value
Content-Security-Policy	default-src usim.beprod.kesimptahcp.com 'self'; style-src cdn.pullthrough.tools cdn.uat.pullthrough.tools usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com .googleapis.com fonts.gstatic.com 'self' 'unsafe-inline' kms-a.akamaihd.net cfvod.kaltura.com; script-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools js-agent.newrelic.com/nr-rum-1.248.0.min.js usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com unpkg.com kaltura.com .kaltura.com contextweb.com .contextweb.com bat.bing.com .doubleclick.net tags.tiqcdn.com ipredictive.com .ipredictive.com 'self' 'unsafe-inline' 'unsafe-eval' blob: .googleapis.com .pmsrv.co t.contentsquare.net app.contentsquare.com static.cloudflareinsights.com .meta.net mediahub.novartis.com match.deepintent.com trc.lhmos.com secure.adnxs.com .facebook.net; child-src blob:; worker-src blob:; object-src 'none'; font-src prod.cz.hcp.novartis.com fonts.gstatic.com .kaltura.com 'self' data: application:; img-src .ipredictive.com .contentsquare.net http: https: data: image: 'self'; frame-src contextweb.com .contextweb.com bat.bing.com .doubleclick.net servedby.flashtalking.com di.rlcdn.com 'self' cdnapisec.kaltura.com; connect-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools api.ipstack.com api.pullthrough.tools api.uat.pullthrough.tools usim.beprod.kesimptahcp.com bam.nr-data.net prod.cz.hcp.novartis.com .google.com contextweb.com .contextweb.com bat.bing.com .doubleclick.net .googleadservices.net stats.g.doubleclick.net .contentsquare.net .kaltura.com ws: 'self' .googleapis.com .tiqcdn.com cloudflareinsights.com trc.lhmos.com; media-src usim.beprod.kesimptahcp.com kaltura.com *.kaltura.com blob: 'self' data:; frame-ancestors usim.beprod.kesimptahcp.com 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	no-sniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://www.kesimptahcp.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"19eff-195a9363568"
age: 302
x-content-type-options: no-sniff
date: Wed, 26 Mar 2025 13:12:17 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 18 Mar 2025 12:24:17 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
content-security-policy: default-src usim.beprod.kesimptahcp.com 'self'; style-src cdn.pullthrough.tools cdn.uat.pullthrough.tools usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com *.googleapis.com fonts.gstatic.com 'self' 'unsafe-inline' kms-a.akamaihd.net cfvod.kaltura.com; script-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools js-agent.newrelic.com/nr-rum-1.248.0.min.js usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com unpkg.com kaltura.com *.kaltura.com contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net tags.tiqcdn.com ipredictive.com *.ipredictive.com 'self' 'unsafe-inline' 'unsafe-eval' blob: *.googleapis.com *.pmsrv.co t.contentsquare.net app.contentsquare.com static.cloudflareinsights.com *.meta.net mediahub.novartis.com match.deepintent.com trc.lhmos.com secure.adnxs.com *.facebook.net; child-src blob:; worker-src blob:; object-src 'none'; font-src prod.cz.hcp.novartis.com fonts.gstatic.com *.kaltura.com 'self' data: application:; img-src *.ipredictive.com *.contentsquare.net http: https: data: image: 'self'; frame-src contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net servedby.flashtalking.com di.rlcdn.com 'self' cdnapisec.kaltura.com; connect-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools api.ipstack.com api.pullthrough.tools api.uat.pullthrough.tools usim.beprod.kesimptahcp.com bam.nr-data.net prod.cz.hcp.novartis.com *.google.com contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net *.googleadservices.net stats.g.doubleclick.net *.contentsquare.net *.kaltura.com ws: 'self' *.googleapis.com *.tiqcdn.com cloudflareinsights.com trc.lhmos.com; media-src usim.beprod.kesimptahcp.com kaltura.com *.kaltura.com blob: 'self' data:; frame-ancestors usim.beprod.kesimptahcp.com 'self'
cache-control: public, max-age=31536000, immutable
x-dns-prefetch-control: on
cf-ray: 9266e6147c3f9b82-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 _app-0392b24b0eedaf79.js Show response
www.kesimptahcp.com/_next/static/chunks/pages/ 358 KB
108 KB 31ms
30ms Script
application/javascript 2606:4700:4400::ac40:9887
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://www.kesimptahcp.com/_next/static/chunks/pages/_app-0392b24b0eedaf79.js

Requested by

Host: www.kesimptahcp.com
URL: https://www.kesimptahcp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9887 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd8f97d58b384ec07dbe0fb3c5fab96c1998f2b251b03237949de8f9502b78d5

Security Headers

Name	Value
Content-Security-Policy	default-src usim.beprod.kesimptahcp.com 'self'; style-src cdn.pullthrough.tools cdn.uat.pullthrough.tools usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com .googleapis.com fonts.gstatic.com 'self' 'unsafe-inline' kms-a.akamaihd.net cfvod.kaltura.com; script-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools js-agent.newrelic.com/nr-rum-1.248.0.min.js usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com unpkg.com kaltura.com .kaltura.com contextweb.com .contextweb.com bat.bing.com .doubleclick.net tags.tiqcdn.com ipredictive.com .ipredictive.com 'self' 'unsafe-inline' 'unsafe-eval' blob: .googleapis.com .pmsrv.co t.contentsquare.net app.contentsquare.com static.cloudflareinsights.com .meta.net mediahub.novartis.com match.deepintent.com trc.lhmos.com secure.adnxs.com .facebook.net; child-src blob:; worker-src blob:; object-src 'none'; font-src prod.cz.hcp.novartis.com fonts.gstatic.com .kaltura.com 'self' data: application:; img-src .ipredictive.com .contentsquare.net http: https: data: image: 'self'; frame-src contextweb.com .contextweb.com bat.bing.com .doubleclick.net servedby.flashtalking.com di.rlcdn.com 'self' cdnapisec.kaltura.com; connect-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools api.ipstack.com api.pullthrough.tools api.uat.pullthrough.tools usim.beprod.kesimptahcp.com bam.nr-data.net prod.cz.hcp.novartis.com .google.com contextweb.com .contextweb.com bat.bing.com .doubleclick.net .googleadservices.net stats.g.doubleclick.net .contentsquare.net .kaltura.com ws: 'self' .googleapis.com .tiqcdn.com cloudflareinsights.com trc.lhmos.com; media-src usim.beprod.kesimptahcp.com kaltura.com *.kaltura.com blob: 'self' data:; frame-ancestors usim.beprod.kesimptahcp.com 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	no-sniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://www.kesimptahcp.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"59632-195a9363568"
age: 302
x-content-type-options: no-sniff
date: Wed, 26 Mar 2025 13:12:17 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 18 Mar 2025 12:24:17 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
content-security-policy: default-src usim.beprod.kesimptahcp.com 'self'; style-src cdn.pullthrough.tools cdn.uat.pullthrough.tools usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com *.googleapis.com fonts.gstatic.com 'self' 'unsafe-inline' kms-a.akamaihd.net cfvod.kaltura.com; script-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools js-agent.newrelic.com/nr-rum-1.248.0.min.js usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com unpkg.com kaltura.com *.kaltura.com contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net tags.tiqcdn.com ipredictive.com *.ipredictive.com 'self' 'unsafe-inline' 'unsafe-eval' blob: *.googleapis.com *.pmsrv.co t.contentsquare.net app.contentsquare.com static.cloudflareinsights.com *.meta.net mediahub.novartis.com match.deepintent.com trc.lhmos.com secure.adnxs.com *.facebook.net; child-src blob:; worker-src blob:; object-src 'none'; font-src prod.cz.hcp.novartis.com fonts.gstatic.com *.kaltura.com 'self' data: application:; img-src *.ipredictive.com *.contentsquare.net http: https: data: image: 'self'; frame-src contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net servedby.flashtalking.com di.rlcdn.com 'self' cdnapisec.kaltura.com; connect-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools api.ipstack.com api.pullthrough.tools api.uat.pullthrough.tools usim.beprod.kesimptahcp.com bam.nr-data.net prod.cz.hcp.novartis.com *.google.com contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net *.googleadservices.net stats.g.doubleclick.net *.contentsquare.net *.kaltura.com ws: 'self' *.googleapis.com *.tiqcdn.com cloudflareinsights.com trc.lhmos.com; media-src usim.beprod.kesimptahcp.com kaltura.com *.kaltura.com blob: 'self' data:; frame-ancestors usim.beprod.kesimptahcp.com 'self'
cache-control: public, max-age=31536000, immutable
x-dns-prefetch-control: on
cf-ray: 9266e6147c409b82-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 252f366e-73d4d2ca5f796f77.js Show response
www.kesimptahcp.com/_next/static/chunks/ 782 B
502 B 43ms
42ms Script
application/javascript 2606:4700:4400::ac40:9887
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://www.kesimptahcp.com/_next/static/chunks/252f366e-73d4d2ca5f796f77.js

Requested by

Host: www.kesimptahcp.com
URL: https://www.kesimptahcp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9887 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

104e10644e86c213148d64cd0141d34c1f769d4f9c97eff0740df6c528e75b58

Security Headers

Name	Value
Content-Security-Policy	default-src usim.beprod.kesimptahcp.com 'self'; style-src cdn.pullthrough.tools cdn.uat.pullthrough.tools usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com .googleapis.com fonts.gstatic.com 'self' 'unsafe-inline' kms-a.akamaihd.net cfvod.kaltura.com; script-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools js-agent.newrelic.com/nr-rum-1.248.0.min.js usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com unpkg.com kaltura.com .kaltura.com contextweb.com .contextweb.com bat.bing.com .doubleclick.net tags.tiqcdn.com ipredictive.com .ipredictive.com 'self' 'unsafe-inline' 'unsafe-eval' blob: .googleapis.com .pmsrv.co t.contentsquare.net app.contentsquare.com static.cloudflareinsights.com .meta.net mediahub.novartis.com match.deepintent.com trc.lhmos.com secure.adnxs.com .facebook.net; child-src blob:; worker-src blob:; object-src 'none'; font-src prod.cz.hcp.novartis.com fonts.gstatic.com .kaltura.com 'self' data: application:; img-src .ipredictive.com .contentsquare.net http: https: data: image: 'self'; frame-src contextweb.com .contextweb.com bat.bing.com .doubleclick.net servedby.flashtalking.com di.rlcdn.com 'self' cdnapisec.kaltura.com; connect-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools api.ipstack.com api.pullthrough.tools api.uat.pullthrough.tools usim.beprod.kesimptahcp.com bam.nr-data.net prod.cz.hcp.novartis.com .google.com contextweb.com .contextweb.com bat.bing.com .doubleclick.net .googleadservices.net stats.g.doubleclick.net .contentsquare.net .kaltura.com ws: 'self' .googleapis.com .tiqcdn.com cloudflareinsights.com trc.lhmos.com; media-src usim.beprod.kesimptahcp.com kaltura.com *.kaltura.com blob: 'self' data:; frame-ancestors usim.beprod.kesimptahcp.com 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	no-sniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://www.kesimptahcp.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"30e-195a9363568"
age: 5320
x-content-type-options: no-sniff
date: Wed, 26 Mar 2025 13:12:17 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 18 Mar 2025 12:24:17 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
content-security-policy: default-src usim.beprod.kesimptahcp.com 'self'; style-src cdn.pullthrough.tools cdn.uat.pullthrough.tools usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com *.googleapis.com fonts.gstatic.com 'self' 'unsafe-inline' kms-a.akamaihd.net cfvod.kaltura.com; script-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools js-agent.newrelic.com/nr-rum-1.248.0.min.js usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com unpkg.com kaltura.com *.kaltura.com contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net tags.tiqcdn.com ipredictive.com *.ipredictive.com 'self' 'unsafe-inline' 'unsafe-eval' blob: *.googleapis.com *.pmsrv.co t.contentsquare.net app.contentsquare.com static.cloudflareinsights.com *.meta.net mediahub.novartis.com match.deepintent.com trc.lhmos.com secure.adnxs.com *.facebook.net; child-src blob:; worker-src blob:; object-src 'none'; font-src prod.cz.hcp.novartis.com fonts.gstatic.com *.kaltura.com 'self' data: application:; img-src *.ipredictive.com *.contentsquare.net http: https: data: image: 'self'; frame-src contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net servedby.flashtalking.com di.rlcdn.com 'self' cdnapisec.kaltura.com; connect-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools api.ipstack.com api.pullthrough.tools api.uat.pullthrough.tools usim.beprod.kesimptahcp.com bam.nr-data.net prod.cz.hcp.novartis.com *.google.com contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net *.googleadservices.net stats.g.doubleclick.net *.contentsquare.net *.kaltura.com ws: 'self' *.googleapis.com *.tiqcdn.com cloudflareinsights.com trc.lhmos.com; media-src usim.beprod.kesimptahcp.com kaltura.com *.kaltura.com blob: 'self' data:; frame-ancestors usim.beprod.kesimptahcp.com 'self'
cache-control: public, max-age=31536000, immutable
x-dns-prefetch-control: on
cf-ray: 9266e6147c419b82-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 7d0bf13e-3ea7a283f336d1da.js Show response
www.kesimptahcp.com/_next/static/chunks/ 130 KB
28 KB 40ms
39ms Script
application/javascript 2606:4700:4400::ac40:9887
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://www.kesimptahcp.com/_next/static/chunks/7d0bf13e-3ea7a283f336d1da.js

Requested by

Host: www.kesimptahcp.com
URL: https://www.kesimptahcp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9887 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1d01d10390da0681ef8472942e934c926602ac5fe3dbcc2c06b8c831230f35

Security Headers

Name	Value
Content-Security-Policy	default-src usim.beprod.kesimptahcp.com 'self'; style-src cdn.pullthrough.tools cdn.uat.pullthrough.tools usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com .googleapis.com fonts.gstatic.com 'self' 'unsafe-inline' kms-a.akamaihd.net cfvod.kaltura.com; script-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools js-agent.newrelic.com/nr-rum-1.248.0.min.js usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com unpkg.com kaltura.com .kaltura.com contextweb.com .contextweb.com bat.bing.com .doubleclick.net tags.tiqcdn.com ipredictive.com .ipredictive.com 'self' 'unsafe-inline' 'unsafe-eval' blob: .googleapis.com .pmsrv.co t.contentsquare.net app.contentsquare.com static.cloudflareinsights.com .meta.net mediahub.novartis.com match.deepintent.com trc.lhmos.com secure.adnxs.com .facebook.net; child-src blob:; worker-src blob:; object-src 'none'; font-src prod.cz.hcp.novartis.com fonts.gstatic.com .kaltura.com 'self' data: application:; img-src .ipredictive.com .contentsquare.net http: https: data: image: 'self'; frame-src contextweb.com .contextweb.com bat.bing.com .doubleclick.net servedby.flashtalking.com di.rlcdn.com 'self' cdnapisec.kaltura.com; connect-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools api.ipstack.com api.pullthrough.tools api.uat.pullthrough.tools usim.beprod.kesimptahcp.com bam.nr-data.net prod.cz.hcp.novartis.com .google.com contextweb.com .contextweb.com bat.bing.com .doubleclick.net .googleadservices.net stats.g.doubleclick.net .contentsquare.net .kaltura.com ws: 'self' .googleapis.com .tiqcdn.com cloudflareinsights.com trc.lhmos.com; media-src usim.beprod.kesimptahcp.com kaltura.com *.kaltura.com blob: 'self' data:; frame-ancestors usim.beprod.kesimptahcp.com 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	no-sniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://www.kesimptahcp.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"2076b-195a9363568"
age: 302
x-content-type-options: no-sniff
date: Wed, 26 Mar 2025 13:12:17 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 18 Mar 2025 12:24:17 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
content-security-policy: default-src usim.beprod.kesimptahcp.com 'self'; style-src cdn.pullthrough.tools cdn.uat.pullthrough.tools usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com *.googleapis.com fonts.gstatic.com 'self' 'unsafe-inline' kms-a.akamaihd.net cfvod.kaltura.com; script-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools js-agent.newrelic.com/nr-rum-1.248.0.min.js usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com unpkg.com kaltura.com *.kaltura.com contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net tags.tiqcdn.com ipredictive.com *.ipredictive.com 'self' 'unsafe-inline' 'unsafe-eval' blob: *.googleapis.com *.pmsrv.co t.contentsquare.net app.contentsquare.com static.cloudflareinsights.com *.meta.net mediahub.novartis.com match.deepintent.com trc.lhmos.com secure.adnxs.com *.facebook.net; child-src blob:; worker-src blob:; object-src 'none'; font-src prod.cz.hcp.novartis.com fonts.gstatic.com *.kaltura.com 'self' data: application:; img-src *.ipredictive.com *.contentsquare.net http: https: data: image: 'self'; frame-src contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net servedby.flashtalking.com di.rlcdn.com 'self' cdnapisec.kaltura.com; connect-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools api.ipstack.com api.pullthrough.tools api.uat.pullthrough.tools usim.beprod.kesimptahcp.com bam.nr-data.net prod.cz.hcp.novartis.com *.google.com contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net *.googleadservices.net stats.g.doubleclick.net *.contentsquare.net *.kaltura.com ws: 'self' *.googleapis.com *.tiqcdn.com cloudflareinsights.com trc.lhmos.com; media-src usim.beprod.kesimptahcp.com kaltura.com *.kaltura.com blob: 'self' data:; frame-ancestors usim.beprod.kesimptahcp.com 'self'
cache-control: public, max-age=31536000, immutable
x-dns-prefetch-control: on
cf-ray: 9266e6147c449b82-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 514-062808359a89ca39.js Show response
www.kesimptahcp.com/_next/static/chunks/ 194 KB
57 KB 39ms
38ms Script
application/javascript 2606:4700:4400::ac40:9887
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://www.kesimptahcp.com/_next/static/chunks/514-062808359a89ca39.js

Requested by

Host: www.kesimptahcp.com
URL: https://www.kesimptahcp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9887 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d074031fb58f056ed7903e2c13755ab3cb13879935381e508584a476e80f69a

Security Headers

Name	Value
Content-Security-Policy	default-src usim.beprod.kesimptahcp.com 'self'; style-src cdn.pullthrough.tools cdn.uat.pullthrough.tools usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com .googleapis.com fonts.gstatic.com 'self' 'unsafe-inline' kms-a.akamaihd.net cfvod.kaltura.com; script-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools js-agent.newrelic.com/nr-rum-1.248.0.min.js usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com unpkg.com kaltura.com .kaltura.com contextweb.com .contextweb.com bat.bing.com .doubleclick.net tags.tiqcdn.com ipredictive.com .ipredictive.com 'self' 'unsafe-inline' 'unsafe-eval' blob: .googleapis.com .pmsrv.co t.contentsquare.net app.contentsquare.com static.cloudflareinsights.com .meta.net mediahub.novartis.com match.deepintent.com trc.lhmos.com secure.adnxs.com .facebook.net; child-src blob:; worker-src blob:; object-src 'none'; font-src prod.cz.hcp.novartis.com fonts.gstatic.com .kaltura.com 'self' data: application:; img-src .ipredictive.com .contentsquare.net http: https: data: image: 'self'; frame-src contextweb.com .contextweb.com bat.bing.com .doubleclick.net servedby.flashtalking.com di.rlcdn.com 'self' cdnapisec.kaltura.com; connect-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools api.ipstack.com api.pullthrough.tools api.uat.pullthrough.tools usim.beprod.kesimptahcp.com bam.nr-data.net prod.cz.hcp.novartis.com .google.com contextweb.com .contextweb.com bat.bing.com .doubleclick.net .googleadservices.net stats.g.doubleclick.net .contentsquare.net .kaltura.com ws: 'self' .googleapis.com .tiqcdn.com cloudflareinsights.com trc.lhmos.com; media-src usim.beprod.kesimptahcp.com kaltura.com *.kaltura.com blob: 'self' data:; frame-ancestors usim.beprod.kesimptahcp.com 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	no-sniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://www.kesimptahcp.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"309e5-195a9363568"
age: 5320
x-content-type-options: no-sniff
date: Wed, 26 Mar 2025 13:12:17 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 18 Mar 2025 12:24:17 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
content-security-policy: default-src usim.beprod.kesimptahcp.com 'self'; style-src cdn.pullthrough.tools cdn.uat.pullthrough.tools usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com *.googleapis.com fonts.gstatic.com 'self' 'unsafe-inline' kms-a.akamaihd.net cfvod.kaltura.com; script-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools js-agent.newrelic.com/nr-rum-1.248.0.min.js usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com unpkg.com kaltura.com *.kaltura.com contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net tags.tiqcdn.com ipredictive.com *.ipredictive.com 'self' 'unsafe-inline' 'unsafe-eval' blob: *.googleapis.com *.pmsrv.co t.contentsquare.net app.contentsquare.com static.cloudflareinsights.com *.meta.net mediahub.novartis.com match.deepintent.com trc.lhmos.com secure.adnxs.com *.facebook.net; child-src blob:; worker-src blob:; object-src 'none'; font-src prod.cz.hcp.novartis.com fonts.gstatic.com *.kaltura.com 'self' data: application:; img-src *.ipredictive.com *.contentsquare.net http: https: data: image: 'self'; frame-src contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net servedby.flashtalking.com di.rlcdn.com 'self' cdnapisec.kaltura.com; connect-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools api.ipstack.com api.pullthrough.tools api.uat.pullthrough.tools usim.beprod.kesimptahcp.com bam.nr-data.net prod.cz.hcp.novartis.com *.google.com contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net *.googleadservices.net stats.g.doubleclick.net *.contentsquare.net *.kaltura.com ws: 'self' *.googleapis.com *.tiqcdn.com cloudflareinsights.com trc.lhmos.com; media-src usim.beprod.kesimptahcp.com kaltura.com *.kaltura.com blob: 'self' data:; frame-ancestors usim.beprod.kesimptahcp.com 'self'
cache-control: public, max-age=31536000, immutable
x-dns-prefetch-control: on
cf-ray: 9266e6147c459b82-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 807-6fa12b91265b1172.js Show response
www.kesimptahcp.com/_next/static/chunks/ 194 KB
48 KB 42ms
41ms Script
application/javascript 2606:4700:4400::ac40:9887
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://www.kesimptahcp.com/_next/static/chunks/807-6fa12b91265b1172.js

Requested by

Host: www.kesimptahcp.com
URL: https://www.kesimptahcp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9887 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed327036bb8f6b6818225d8c9db249837d03ad6383ce4df809b313540876e43d

Security Headers

Name	Value
Content-Security-Policy	default-src usim.beprod.kesimptahcp.com 'self'; style-src cdn.pullthrough.tools cdn.uat.pullthrough.tools usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com .googleapis.com fonts.gstatic.com 'self' 'unsafe-inline' kms-a.akamaihd.net cfvod.kaltura.com; script-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools js-agent.newrelic.com/nr-rum-1.248.0.min.js usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com unpkg.com kaltura.com .kaltura.com contextweb.com .contextweb.com bat.bing.com .doubleclick.net tags.tiqcdn.com ipredictive.com .ipredictive.com 'self' 'unsafe-inline' 'unsafe-eval' blob: .googleapis.com .pmsrv.co t.contentsquare.net app.contentsquare.com static.cloudflareinsights.com .meta.net mediahub.novartis.com match.deepintent.com trc.lhmos.com secure.adnxs.com .facebook.net; child-src blob:; worker-src blob:; object-src 'none'; font-src prod.cz.hcp.novartis.com fonts.gstatic.com .kaltura.com 'self' data: application:; img-src .ipredictive.com .contentsquare.net http: https: data: image: 'self'; frame-src contextweb.com .contextweb.com bat.bing.com .doubleclick.net servedby.flashtalking.com di.rlcdn.com 'self' cdnapisec.kaltura.com; connect-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools api.ipstack.com api.pullthrough.tools api.uat.pullthrough.tools usim.beprod.kesimptahcp.com bam.nr-data.net prod.cz.hcp.novartis.com .google.com contextweb.com .contextweb.com bat.bing.com .doubleclick.net .googleadservices.net stats.g.doubleclick.net .contentsquare.net .kaltura.com ws: 'self' .googleapis.com .tiqcdn.com cloudflareinsights.com trc.lhmos.com; media-src usim.beprod.kesimptahcp.com kaltura.com *.kaltura.com blob: 'self' data:; frame-ancestors usim.beprod.kesimptahcp.com 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	no-sniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://www.kesimptahcp.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"3070a-195a9363568"
age: 5320
x-content-type-options: no-sniff
date: Wed, 26 Mar 2025 13:12:17 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 18 Mar 2025 12:24:17 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
content-security-policy: default-src usim.beprod.kesimptahcp.com 'self'; style-src cdn.pullthrough.tools cdn.uat.pullthrough.tools usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com *.googleapis.com fonts.gstatic.com 'self' 'unsafe-inline' kms-a.akamaihd.net cfvod.kaltura.com; script-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools js-agent.newrelic.com/nr-rum-1.248.0.min.js usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com unpkg.com kaltura.com *.kaltura.com contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net tags.tiqcdn.com ipredictive.com *.ipredictive.com 'self' 'unsafe-inline' 'unsafe-eval' blob: *.googleapis.com *.pmsrv.co t.contentsquare.net app.contentsquare.com static.cloudflareinsights.com *.meta.net mediahub.novartis.com match.deepintent.com trc.lhmos.com secure.adnxs.com *.facebook.net; child-src blob:; worker-src blob:; object-src 'none'; font-src prod.cz.hcp.novartis.com fonts.gstatic.com *.kaltura.com 'self' data: application:; img-src *.ipredictive.com *.contentsquare.net http: https: data: image: 'self'; frame-src contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net servedby.flashtalking.com di.rlcdn.com 'self' cdnapisec.kaltura.com; connect-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools api.ipstack.com api.pullthrough.tools api.uat.pullthrough.tools usim.beprod.kesimptahcp.com bam.nr-data.net prod.cz.hcp.novartis.com *.google.com contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net *.googleadservices.net stats.g.doubleclick.net *.contentsquare.net *.kaltura.com ws: 'self' *.googleapis.com *.tiqcdn.com cloudflareinsights.com trc.lhmos.com; media-src usim.beprod.kesimptahcp.com kaltura.com *.kaltura.com blob: 'self' data:; frame-ancestors usim.beprod.kesimptahcp.com 'self'
cache-control: public, max-age=31536000, immutable
x-dns-prefetch-control: on
cf-ray: 9266e6148c4a9b82-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 index-03ac7f8aef73daa0.js Show response
www.kesimptahcp.com/_next/static/chunks/pages/ 596 B
2 KB 41ms
40ms Script
application/javascript 2606:4700:4400::ac40:9887
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://www.kesimptahcp.com/_next/static/chunks/pages/index-03ac7f8aef73daa0.js

Requested by

Host: www.kesimptahcp.com
URL: https://www.kesimptahcp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9887 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46cc98ef0c5155e868a2df13d3c5d9ab1de88895d7c24f4224df7ca4a7ecd78e

Security Headers

Name	Value
Content-Security-Policy	default-src usim.beprod.kesimptahcp.com 'self'; style-src cdn.pullthrough.tools cdn.uat.pullthrough.tools usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com .googleapis.com fonts.gstatic.com 'self' 'unsafe-inline' kms-a.akamaihd.net cfvod.kaltura.com; script-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools js-agent.newrelic.com/nr-rum-1.248.0.min.js usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com unpkg.com kaltura.com .kaltura.com contextweb.com .contextweb.com bat.bing.com .doubleclick.net tags.tiqcdn.com ipredictive.com .ipredictive.com 'self' 'unsafe-inline' 'unsafe-eval' blob: .googleapis.com .pmsrv.co t.contentsquare.net app.contentsquare.com static.cloudflareinsights.com .meta.net mediahub.novartis.com match.deepintent.com trc.lhmos.com secure.adnxs.com .facebook.net; child-src blob:; worker-src blob:; object-src 'none'; font-src prod.cz.hcp.novartis.com fonts.gstatic.com .kaltura.com 'self' data: application:; img-src .ipredictive.com .contentsquare.net http: https: data: image: 'self'; frame-src contextweb.com .contextweb.com bat.bing.com .doubleclick.net servedby.flashtalking.com di.rlcdn.com 'self' cdnapisec.kaltura.com; connect-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools api.ipstack.com api.pullthrough.tools api.uat.pullthrough.tools usim.beprod.kesimptahcp.com bam.nr-data.net prod.cz.hcp.novartis.com .google.com contextweb.com .contextweb.com bat.bing.com .doubleclick.net .googleadservices.net stats.g.doubleclick.net .contentsquare.net .kaltura.com ws: 'self' .googleapis.com .tiqcdn.com cloudflareinsights.com trc.lhmos.com; media-src usim.beprod.kesimptahcp.com kaltura.com *.kaltura.com blob: 'self' data:; frame-ancestors usim.beprod.kesimptahcp.com 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	no-sniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://www.kesimptahcp.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"254-195a9363568"
age: 302
x-content-type-options: no-sniff
date: Wed, 26 Mar 2025 13:12:17 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 18 Mar 2025 12:24:17 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
content-security-policy: default-src usim.beprod.kesimptahcp.com 'self'; style-src cdn.pullthrough.tools cdn.uat.pullthrough.tools usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com *.googleapis.com fonts.gstatic.com 'self' 'unsafe-inline' kms-a.akamaihd.net cfvod.kaltura.com; script-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools js-agent.newrelic.com/nr-rum-1.248.0.min.js usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com unpkg.com kaltura.com *.kaltura.com contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net tags.tiqcdn.com ipredictive.com *.ipredictive.com 'self' 'unsafe-inline' 'unsafe-eval' blob: *.googleapis.com *.pmsrv.co t.contentsquare.net app.contentsquare.com static.cloudflareinsights.com *.meta.net mediahub.novartis.com match.deepintent.com trc.lhmos.com secure.adnxs.com *.facebook.net; child-src blob:; worker-src blob:; object-src 'none'; font-src prod.cz.hcp.novartis.com fonts.gstatic.com *.kaltura.com 'self' data: application:; img-src *.ipredictive.com *.contentsquare.net http: https: data: image: 'self'; frame-src contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net servedby.flashtalking.com di.rlcdn.com 'self' cdnapisec.kaltura.com; connect-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools api.ipstack.com api.pullthrough.tools api.uat.pullthrough.tools usim.beprod.kesimptahcp.com bam.nr-data.net prod.cz.hcp.novartis.com *.google.com contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net *.googleadservices.net stats.g.doubleclick.net *.contentsquare.net *.kaltura.com ws: 'self' *.googleapis.com *.tiqcdn.com cloudflareinsights.com trc.lhmos.com; media-src usim.beprod.kesimptahcp.com kaltura.com *.kaltura.com blob: 'self' data:; frame-ancestors usim.beprod.kesimptahcp.com 'self'
cache-control: public, max-age=31536000, immutable
x-dns-prefetch-control: on
cf-ray: 9266e6148c4c9b82-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 _buildManifest.js Show response
www.kesimptahcp.com/_next/static/J54XsRllpWydcH0TuntEO/ 1 KB
759 B 41ms
41ms Script
application/javascript 2606:4700:4400::ac40:9887
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://www.kesimptahcp.com/_next/static/J54XsRllpWydcH0TuntEO/_buildManifest.js

Requested by

Host: www.kesimptahcp.com
URL: https://www.kesimptahcp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9887 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8dac25c1d6b39396343745b86f08a0aaf9f3ed4e03795abc84088d8fc5721b86

Security Headers

Name	Value
Content-Security-Policy	default-src usim.beprod.kesimptahcp.com 'self'; style-src cdn.pullthrough.tools cdn.uat.pullthrough.tools usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com .googleapis.com fonts.gstatic.com 'self' 'unsafe-inline' kms-a.akamaihd.net cfvod.kaltura.com; script-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools js-agent.newrelic.com/nr-rum-1.248.0.min.js usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com unpkg.com kaltura.com .kaltura.com contextweb.com .contextweb.com bat.bing.com .doubleclick.net tags.tiqcdn.com ipredictive.com .ipredictive.com 'self' 'unsafe-inline' 'unsafe-eval' blob: .googleapis.com .pmsrv.co t.contentsquare.net app.contentsquare.com static.cloudflareinsights.com .meta.net mediahub.novartis.com match.deepintent.com trc.lhmos.com secure.adnxs.com .facebook.net; child-src blob:; worker-src blob:; object-src 'none'; font-src prod.cz.hcp.novartis.com fonts.gstatic.com .kaltura.com 'self' data: application:; img-src .ipredictive.com .contentsquare.net http: https: data: image: 'self'; frame-src contextweb.com .contextweb.com bat.bing.com .doubleclick.net servedby.flashtalking.com di.rlcdn.com 'self' cdnapisec.kaltura.com; connect-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools api.ipstack.com api.pullthrough.tools api.uat.pullthrough.tools usim.beprod.kesimptahcp.com bam.nr-data.net prod.cz.hcp.novartis.com .google.com contextweb.com .contextweb.com bat.bing.com .doubleclick.net .googleadservices.net stats.g.doubleclick.net .contentsquare.net .kaltura.com ws: 'self' .googleapis.com .tiqcdn.com cloudflareinsights.com trc.lhmos.com; media-src usim.beprod.kesimptahcp.com kaltura.com *.kaltura.com blob: 'self' data:; frame-ancestors usim.beprod.kesimptahcp.com 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	no-sniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://www.kesimptahcp.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"47a-195a9363568"
age: 5320
x-content-type-options: no-sniff
date: Wed, 26 Mar 2025 13:12:17 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 18 Mar 2025 12:24:17 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
content-security-policy: default-src usim.beprod.kesimptahcp.com 'self'; style-src cdn.pullthrough.tools cdn.uat.pullthrough.tools usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com *.googleapis.com fonts.gstatic.com 'self' 'unsafe-inline' kms-a.akamaihd.net cfvod.kaltura.com; script-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools js-agent.newrelic.com/nr-rum-1.248.0.min.js usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com unpkg.com kaltura.com *.kaltura.com contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net tags.tiqcdn.com ipredictive.com *.ipredictive.com 'self' 'unsafe-inline' 'unsafe-eval' blob: *.googleapis.com *.pmsrv.co t.contentsquare.net app.contentsquare.com static.cloudflareinsights.com *.meta.net mediahub.novartis.com match.deepintent.com trc.lhmos.com secure.adnxs.com *.facebook.net; child-src blob:; worker-src blob:; object-src 'none'; font-src prod.cz.hcp.novartis.com fonts.gstatic.com *.kaltura.com 'self' data: application:; img-src *.ipredictive.com *.contentsquare.net http: https: data: image: 'self'; frame-src contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net servedby.flashtalking.com di.rlcdn.com 'self' cdnapisec.kaltura.com; connect-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools api.ipstack.com api.pullthrough.tools api.uat.pullthrough.tools usim.beprod.kesimptahcp.com bam.nr-data.net prod.cz.hcp.novartis.com *.google.com contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net *.googleadservices.net stats.g.doubleclick.net *.contentsquare.net *.kaltura.com ws: 'self' *.googleapis.com *.tiqcdn.com cloudflareinsights.com trc.lhmos.com; media-src usim.beprod.kesimptahcp.com kaltura.com *.kaltura.com blob: 'self' data:; frame-ancestors usim.beprod.kesimptahcp.com 'self'
cache-control: public, max-age=31536000, immutable
x-dns-prefetch-control: on
cf-ray: 9266e6148c4d9b82-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 _ssgManifest.js Show response
www.kesimptahcp.com/_next/static/J54XsRllpWydcH0TuntEO/ 77 B
130 B 41ms
40ms Script
application/javascript 2606:4700:4400::ac40:9887
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://www.kesimptahcp.com/_next/static/J54XsRllpWydcH0TuntEO/_ssgManifest.js

Requested by

Host: www.kesimptahcp.com
URL: https://www.kesimptahcp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9887 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Security Headers

Name	Value
Content-Security-Policy	default-src usim.beprod.kesimptahcp.com 'self'; style-src cdn.pullthrough.tools cdn.uat.pullthrough.tools usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com .googleapis.com fonts.gstatic.com 'self' 'unsafe-inline' kms-a.akamaihd.net cfvod.kaltura.com; script-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools js-agent.newrelic.com/nr-rum-1.248.0.min.js usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com unpkg.com kaltura.com .kaltura.com contextweb.com .contextweb.com bat.bing.com .doubleclick.net tags.tiqcdn.com ipredictive.com .ipredictive.com 'self' 'unsafe-inline' 'unsafe-eval' blob: .googleapis.com .pmsrv.co t.contentsquare.net app.contentsquare.com static.cloudflareinsights.com .meta.net mediahub.novartis.com match.deepintent.com trc.lhmos.com secure.adnxs.com .facebook.net; child-src blob:; worker-src blob:; object-src 'none'; font-src prod.cz.hcp.novartis.com fonts.gstatic.com .kaltura.com 'self' data: application:; img-src .ipredictive.com .contentsquare.net http: https: data: image: 'self'; frame-src contextweb.com .contextweb.com bat.bing.com .doubleclick.net servedby.flashtalking.com di.rlcdn.com 'self' cdnapisec.kaltura.com; connect-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools api.ipstack.com api.pullthrough.tools api.uat.pullthrough.tools usim.beprod.kesimptahcp.com bam.nr-data.net prod.cz.hcp.novartis.com .google.com contextweb.com .contextweb.com bat.bing.com .doubleclick.net .googleadservices.net stats.g.doubleclick.net .contentsquare.net .kaltura.com ws: 'self' .googleapis.com .tiqcdn.com cloudflareinsights.com trc.lhmos.com; media-src usim.beprod.kesimptahcp.com kaltura.com *.kaltura.com blob: 'self' data:; frame-ancestors usim.beprod.kesimptahcp.com 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	no-sniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://www.kesimptahcp.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"4d-195a9363568"
age: 302
x-content-type-options: no-sniff
date: Wed, 26 Mar 2025 13:12:17 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 18 Mar 2025 12:24:17 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
content-security-policy: default-src usim.beprod.kesimptahcp.com 'self'; style-src cdn.pullthrough.tools cdn.uat.pullthrough.tools usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com *.googleapis.com fonts.gstatic.com 'self' 'unsafe-inline' kms-a.akamaihd.net cfvod.kaltura.com; script-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools js-agent.newrelic.com/nr-rum-1.248.0.min.js usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com unpkg.com kaltura.com *.kaltura.com contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net tags.tiqcdn.com ipredictive.com *.ipredictive.com 'self' 'unsafe-inline' 'unsafe-eval' blob: *.googleapis.com *.pmsrv.co t.contentsquare.net app.contentsquare.com static.cloudflareinsights.com *.meta.net mediahub.novartis.com match.deepintent.com trc.lhmos.com secure.adnxs.com *.facebook.net; child-src blob:; worker-src blob:; object-src 'none'; font-src prod.cz.hcp.novartis.com fonts.gstatic.com *.kaltura.com 'self' data: application:; img-src *.ipredictive.com *.contentsquare.net http: https: data: image: 'self'; frame-src contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net servedby.flashtalking.com di.rlcdn.com 'self' cdnapisec.kaltura.com; connect-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools api.ipstack.com api.pullthrough.tools api.uat.pullthrough.tools usim.beprod.kesimptahcp.com bam.nr-data.net prod.cz.hcp.novartis.com *.google.com contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net *.googleadservices.net stats.g.doubleclick.net *.contentsquare.net *.kaltura.com ws: 'self' *.googleapis.com *.tiqcdn.com cloudflareinsights.com trc.lhmos.com; media-src usim.beprod.kesimptahcp.com kaltura.com *.kaltura.com blob: 'self' data:; frame-ancestors usim.beprod.kesimptahcp.com 'self'
cache-control: public, max-age=31536000, immutable
x-dns-prefetch-control: on
cf-ray: 9266e6148c4e9b82-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 evergage.min.js Show response
cdn.evgnet.com/beacon/novartispharmaag/hp1/scripts/ 378 KB
63 KB 244ms
125ms Script
application/javascript 151.101.192.114
FASTLY

General

Check archive.org

Download Go to

Full URL: https://cdn.evgnet.com/beacon/novartispharmaag/hp1/scripts/evergage.min.js
Requested by: Host: www.kesimptahcp.com
URL: https://www.kesimptahcp.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.192.114 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 50fa9e98897bfe0f9610c41595bf4b1effdff43ad47fca8f6ae4b23ef59f184f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://www.kesimptahcp.com/

Response headers

content-encoding: gzip
etag: "545522c817e52849c4b9ffcc121510bb"
x-amz-version-id: xAKJY31r1WUxocTPWxh7t1yp28CLqIWz
age: 111
x-cache: HIT, HIT
date: Wed, 26 Mar 2025 13:12:17 GMT
last-modified: Mon, 03 Mar 2025 21:58:54 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-iad-kjyo7100127-IAD, cache-mad22074-MAD
x-cache-hits: 307627, 0
x-amz-id-2: v/cvEBhSJwgBGkcPtFw5kZ7VBvSbl6oJGqQQDF3mptcjq4z5kSy9tJ6IN8cu6jlCZjjZCru7qB8=
x-amz-meta-evergage-beacon-ver: 16
vary: Accept-Encoding
x-amz-replication-status: COMPLETED
cache-control: max-age=120
timing-allow-origin: *
x-amz-meta-evergage-sum: 439b16b5e6e9be8a535be71625c459afce3dd714
x-timer: S1742994737.475469,VS0,VE85
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: 8FXV0H0JFDS8XC3K
accept-ranges: bytes
content-length: 63611
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 microsoftteams-image-1.png
usim.beprod.kesimptahcp.com/sites/kesimptahcp_com/files/secondary_navigation/logo_full/ 7 KB
8 KB 201ms
29ms Image
image/png 2606:4700:4400::ac40:9887
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://usim.beprod.kesimptahcp.com/sites/kesimptahcp_com/files/secondary_navigation/logo_full/microsoftteams-image-1.png

Requested by

Host: www.kesimptahcp.com
URL: https://www.kesimptahcp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9887 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2dd9dfc9cd04637ef6e01d28dbfa1c7cfd5e38205d5d7af137a307b7aadccfb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://www.kesimptahcp.com/

Response headers

x-request-id: v-923a4d8e-fa84-11ef-8a6d-bfdaede8d20e
cf-bgj: imgq:100,h2pri
cf-cache-status: HIT
age: 302
x-content-type-options: nosniff
expires: Thu, 03 Apr 2025 12:14:41 GMT
cf-polished: origSize=13600
x-cache: HIT
date: Wed, 26 Mar 2025 13:12:17 GMT
content-type: image/png
last-modified: Mon, 06 Mar 2023 13:30:53 GMT
x-cache-hits: 32
vary: Accept-Encoding
cache-control: max-age=1209600
x-ah-environment: prod
via: varnish
cf-ray: 9266e6157cdd4d28-FRA
accept-ranges: bytes
content-length: 7494
server: cloudflare

GET
H3 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v22/ 8 KB
8 KB 56ms
18ms Font
font/woff2 142.250.181.227
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Origin: https://www.kesimptahcp.com
Referer: https://fonts.googleapis.com/

Response headers

age: 105530
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 25 Mar 2026 07:53:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 25 Mar 2025 07:53:27 GMT
last-modified: Wed, 04 Dec 2024 06:53:31 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8000
x-xss-protection: 0
server: sffe

GET
H3 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v22/ 8 KB
8 KB 65ms
27ms Font
font/woff2 142.250.181.227
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v22/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Origin: https://www.kesimptahcp.com
Referer: https://fonts.googleapis.com/

Response headers

age: 105523
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 25 Mar 2026 07:53:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 25 Mar 2025 07:53:34 GMT
last-modified: Wed, 04 Dec 2024 06:53:08 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7884
x-xss-protection: 0
server: sffe

GET
H3 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v22/ 8 KB
8 KB 57ms
19ms Font
font/woff2 142.250.181.227
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Origin: https://www.kesimptahcp.com
Referer: https://fonts.googleapis.com/

Response headers

age: 105284
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 25 Mar 2026 07:57:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 25 Mar 2025 07:57:33 GMT
last-modified: Wed, 04 Dec 2024 06:53:03 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7816
x-xss-protection: 0
server: sffe

GET
H2 200 0.0-jls-home-header-image_dsk_xl_v2.png.webp
usim.beprod.kesimptahcp.com/sites/kesimptahcp_com/files/styles/webp/public/styles/hero_full_width_width_2560/public/2024-08/ 165 KB
165 KB 42ms
40ms Image
image/webp 2606:4700:4400::ac40:9887
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://usim.beprod.kesimptahcp.com/sites/kesimptahcp_com/files/styles/webp/public/styles/hero_full_width_width_2560/public/2024-08/0.0-jls-home-header-image_dsk_xl_v2.png.webp?itok=vhoAHL2m

Requested by

Host: www.kesimptahcp.com
URL: https://www.kesimptahcp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9887 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8974f9ec96c7f95ad2aa6e9675f17872c17a0a3a88416af1bd3ab55ab372a35

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://www.kesimptahcp.com/

Response headers

x-request-id: v-1b80d76c-0574-11f0-a2a4-cf032a25f9ca
cf-cache-status: HIT
age: 302
x-content-type-options: nosniff
expires: Thu, 03 Apr 2025 10:14:28 GMT
x-cache: HIT
date: Wed, 26 Mar 2025 13:12:17 GMT
content-type: image/webp
last-modified: Fri, 23 Aug 2024 12:10:29 GMT
x-cache-hits: 29
vary: Accept-Encoding
cache-control: max-age=1209600
x-ah-environment: prod
via: varnish
cf-ray: 9266e6166d9d4d28-FRA
accept-ranges: bytes
content-length: 168800
server: cloudflare

GET
H2 200 0.0-down-arrow-icons.png
usim.beprod.kesimptahcp.com/sites/kesimptahcp_com/files/styles/single_featured_content_card_without_content_width_744/public/2024-09/ 18 KB
18 KB 39ms
37ms Image
image/png 2606:4700:4400::ac40:9887
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://usim.beprod.kesimptahcp.com/sites/kesimptahcp_com/files/styles/single_featured_content_card_without_content_width_744/public/2024-09/0.0-down-arrow-icons.png?itok=hC9i5aJi

Requested by

Host: www.kesimptahcp.com
URL: https://www.kesimptahcp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9887 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d818af895f6d17d8ef155622cb909437b87917c2c9efe759fa304fd3a55ce145

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://www.kesimptahcp.com/

Response headers

x-request-id: v-13433dec-0664-11f0-a5c3-c78b477b6870
cf-bgj: imgq:100,h2pri
cf-cache-status: HIT
age: 302
x-content-type-options: nosniff
expires: Fri, 04 Apr 2025 14:52:13 GMT
cf-polished: origSize=27314
x-cache: HIT
date: Wed, 26 Mar 2025 13:12:17 GMT
content-type: image/png
last-modified: Tue, 24 Sep 2024 11:56:12 GMT
x-cache-hits: 31
vary: Accept-Encoding
cache-control: max-age=1209600
x-ah-environment: prod
via: varnish
cf-ray: 9266e6166d9e4d28-FRA
accept-ranges: bytes
content-length: 18535
server: cloudflare

GET
H2 200 0.0-immune-icon.png
usim.beprod.kesimptahcp.com/sites/kesimptahcp_com/files/styles/single_featured_content_card_without_content_width_744/public/2024-09/ 18 KB
18 KB 40ms
38ms Image
image/png 2606:4700:4400::ac40:9887
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://usim.beprod.kesimptahcp.com/sites/kesimptahcp_com/files/styles/single_featured_content_card_without_content_width_744/public/2024-09/0.0-immune-icon.png?itok=Q0ph2-Vq

Requested by

Host: www.kesimptahcp.com
URL: https://www.kesimptahcp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9887 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b91e0c10a6269f1d82ea3d5bebf637294d8c5d5672185d99516c5dfbf49b114

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://www.kesimptahcp.com/

Response headers

x-request-id: v-1f329f6a-058f-11f0-b8f5-f7224167219b
cf-bgj: imgq:100,h2pri
cf-cache-status: HIT
age: 302
x-content-type-options: nosniff
expires: Thu, 03 Apr 2025 13:27:51 GMT
cf-polished: origSize=23978
x-cache: HIT
date: Wed, 26 Mar 2025 13:12:17 GMT
content-type: image/png
last-modified: Tue, 24 Sep 2024 11:56:12 GMT
x-cache-hits: 36
vary: Accept-Encoding
cache-control: max-age=1209600
x-ah-environment: prod
via: varnish
cf-ray: 9266e6166da04d28-FRA
accept-ranges: bytes
content-length: 18541
server: cloudflare

GET
H2 200 web-vitals.min.js Show response
www.kesimptahcp.com/scripts/ 11 KB
4 KB 31ms
31ms Script
application/javascript 2606:4700:4400::ac40:9887
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://www.kesimptahcp.com/scripts/web-vitals.min.js

Requested by

Host: www.kesimptahcp.com
URL: https://www.kesimptahcp.com/_next/static/chunks/main-5e177f13910846a1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9887 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3821c1693a5729be2109a5a8b871f114485659cfa5cca27d429f7ac4156f7587

Security Headers

Name	Value
Content-Security-Policy	default-src usim.beprod.kesimptahcp.com 'self'; style-src cdn.pullthrough.tools cdn.uat.pullthrough.tools usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com .googleapis.com fonts.gstatic.com 'self' 'unsafe-inline' kms-a.akamaihd.net cfvod.kaltura.com; script-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools js-agent.newrelic.com/nr-rum-1.248.0.min.js usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com unpkg.com kaltura.com .kaltura.com contextweb.com .contextweb.com bat.bing.com .doubleclick.net tags.tiqcdn.com ipredictive.com .ipredictive.com 'self' 'unsafe-inline' 'unsafe-eval' blob: .googleapis.com .pmsrv.co t.contentsquare.net app.contentsquare.com static.cloudflareinsights.com .meta.net mediahub.novartis.com match.deepintent.com trc.lhmos.com secure.adnxs.com .facebook.net; child-src blob:; worker-src blob:; object-src 'none'; font-src prod.cz.hcp.novartis.com fonts.gstatic.com .kaltura.com 'self' data: application:; img-src .ipredictive.com .contentsquare.net http: https: data: image: 'self'; frame-src contextweb.com .contextweb.com bat.bing.com .doubleclick.net servedby.flashtalking.com di.rlcdn.com 'self' cdnapisec.kaltura.com; connect-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools api.ipstack.com api.pullthrough.tools api.uat.pullthrough.tools usim.beprod.kesimptahcp.com bam.nr-data.net prod.cz.hcp.novartis.com .google.com contextweb.com .contextweb.com bat.bing.com .doubleclick.net .googleadservices.net stats.g.doubleclick.net .contentsquare.net .kaltura.com ws: 'self' .googleapis.com .tiqcdn.com cloudflareinsights.com trc.lhmos.com; media-src usim.beprod.kesimptahcp.com kaltura.com *.kaltura.com blob: 'self' data:; frame-ancestors usim.beprod.kesimptahcp.com 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	no-sniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://www.kesimptahcp.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"2a08-195a9366060"
age: 302
x-content-type-options: no-sniff
date: Wed, 26 Mar 2025 13:12:17 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 18 Mar 2025 12:24:28 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
content-security-policy: default-src usim.beprod.kesimptahcp.com 'self'; style-src cdn.pullthrough.tools cdn.uat.pullthrough.tools usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com *.googleapis.com fonts.gstatic.com 'self' 'unsafe-inline' kms-a.akamaihd.net cfvod.kaltura.com; script-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools js-agent.newrelic.com/nr-rum-1.248.0.min.js usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com unpkg.com kaltura.com *.kaltura.com contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net tags.tiqcdn.com ipredictive.com *.ipredictive.com 'self' 'unsafe-inline' 'unsafe-eval' blob: *.googleapis.com *.pmsrv.co t.contentsquare.net app.contentsquare.com static.cloudflareinsights.com *.meta.net mediahub.novartis.com match.deepintent.com trc.lhmos.com secure.adnxs.com *.facebook.net; child-src blob:; worker-src blob:; object-src 'none'; font-src prod.cz.hcp.novartis.com fonts.gstatic.com *.kaltura.com 'self' data: application:; img-src *.ipredictive.com *.contentsquare.net http: https: data: image: 'self'; frame-src contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net servedby.flashtalking.com di.rlcdn.com 'self' cdnapisec.kaltura.com; connect-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools api.ipstack.com api.pullthrough.tools api.uat.pullthrough.tools usim.beprod.kesimptahcp.com bam.nr-data.net prod.cz.hcp.novartis.com *.google.com contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net *.googleadservices.net stats.g.doubleclick.net *.contentsquare.net *.kaltura.com ws: 'self' *.googleapis.com *.tiqcdn.com cloudflareinsights.com trc.lhmos.com; media-src usim.beprod.kesimptahcp.com kaltura.com *.kaltura.com blob: 'self' data:; frame-ancestors usim.beprod.kesimptahcp.com 'self'
cache-control: public, s-maxage=31536000, stale-while-revalidate
x-dns-prefetch-control: on
cf-ray: 9266e6168da89b82-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 wheel-indicator.min.js Show response
www.kesimptahcp.com/vendor/scripts/ 3 KB
1 KB 25ms
25ms Script
application/javascript 2606:4700:4400::ac40:9887
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://www.kesimptahcp.com/vendor/scripts/wheel-indicator.min.js

Requested by

Host: www.kesimptahcp.com
URL: https://www.kesimptahcp.com/_next/static/chunks/main-5e177f13910846a1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9887 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e53bf2404f9f5b531093232a8809b1277e1b715aec43df5aba1141eb34c1361

Security Headers

Name	Value
Content-Security-Policy	default-src usim.beprod.kesimptahcp.com 'self'; style-src cdn.pullthrough.tools cdn.uat.pullthrough.tools usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com .googleapis.com fonts.gstatic.com 'self' 'unsafe-inline' kms-a.akamaihd.net cfvod.kaltura.com; script-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools js-agent.newrelic.com/nr-rum-1.248.0.min.js usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com unpkg.com kaltura.com .kaltura.com contextweb.com .contextweb.com bat.bing.com .doubleclick.net tags.tiqcdn.com ipredictive.com .ipredictive.com 'self' 'unsafe-inline' 'unsafe-eval' blob: .googleapis.com .pmsrv.co t.contentsquare.net app.contentsquare.com static.cloudflareinsights.com .meta.net mediahub.novartis.com match.deepintent.com trc.lhmos.com secure.adnxs.com .facebook.net; child-src blob:; worker-src blob:; object-src 'none'; font-src prod.cz.hcp.novartis.com fonts.gstatic.com .kaltura.com 'self' data: application:; img-src .ipredictive.com .contentsquare.net http: https: data: image: 'self'; frame-src contextweb.com .contextweb.com bat.bing.com .doubleclick.net servedby.flashtalking.com di.rlcdn.com 'self' cdnapisec.kaltura.com; connect-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools api.ipstack.com api.pullthrough.tools api.uat.pullthrough.tools usim.beprod.kesimptahcp.com bam.nr-data.net prod.cz.hcp.novartis.com .google.com contextweb.com .contextweb.com bat.bing.com .doubleclick.net .googleadservices.net stats.g.doubleclick.net .contentsquare.net .kaltura.com ws: 'self' .googleapis.com .tiqcdn.com cloudflareinsights.com trc.lhmos.com; media-src usim.beprod.kesimptahcp.com kaltura.com *.kaltura.com blob: 'self' data:; frame-ancestors usim.beprod.kesimptahcp.com 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	no-sniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://www.kesimptahcp.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"a8f-195a9366060"
age: 5318
x-content-type-options: no-sniff
date: Wed, 26 Mar 2025 13:12:17 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 18 Mar 2025 12:24:28 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
content-security-policy: default-src usim.beprod.kesimptahcp.com 'self'; style-src cdn.pullthrough.tools cdn.uat.pullthrough.tools usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com *.googleapis.com fonts.gstatic.com 'self' 'unsafe-inline' kms-a.akamaihd.net cfvod.kaltura.com; script-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools js-agent.newrelic.com/nr-rum-1.248.0.min.js usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com unpkg.com kaltura.com *.kaltura.com contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net tags.tiqcdn.com ipredictive.com *.ipredictive.com 'self' 'unsafe-inline' 'unsafe-eval' blob: *.googleapis.com *.pmsrv.co t.contentsquare.net app.contentsquare.com static.cloudflareinsights.com *.meta.net mediahub.novartis.com match.deepintent.com trc.lhmos.com secure.adnxs.com *.facebook.net; child-src blob:; worker-src blob:; object-src 'none'; font-src prod.cz.hcp.novartis.com fonts.gstatic.com *.kaltura.com 'self' data: application:; img-src *.ipredictive.com *.contentsquare.net http: https: data: image: 'self'; frame-src contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net servedby.flashtalking.com di.rlcdn.com 'self' cdnapisec.kaltura.com; connect-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools api.ipstack.com api.pullthrough.tools api.uat.pullthrough.tools usim.beprod.kesimptahcp.com bam.nr-data.net prod.cz.hcp.novartis.com *.google.com contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net *.googleadservices.net stats.g.doubleclick.net *.contentsquare.net *.kaltura.com ws: 'self' *.googleapis.com *.tiqcdn.com cloudflareinsights.com trc.lhmos.com; media-src usim.beprod.kesimptahcp.com kaltura.com *.kaltura.com blob: 'self' data:; frame-ancestors usim.beprod.kesimptahcp.com 'self'
cache-control: public, s-maxage=31536000, stale-while-revalidate
x-dns-prefetch-control: on
cf-ray: 9266e616edeb9b82-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 simple-datatables.js Show response
www.kesimptahcp.com/vendor/scripts/ 37 KB
12 KB 38ms
38ms Script
application/javascript 2606:4700:4400::ac40:9887
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://www.kesimptahcp.com/vendor/scripts/simple-datatables.js

Requested by

Host: www.kesimptahcp.com
URL: https://www.kesimptahcp.com/_next/static/chunks/main-5e177f13910846a1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9887 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a578640159ccfee4698ac9b539993d1b2aa85e8ae9d5cf8b262a9e843187a43

Security Headers

Name	Value
Content-Security-Policy	default-src usim.beprod.kesimptahcp.com 'self'; style-src cdn.pullthrough.tools cdn.uat.pullthrough.tools usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com .googleapis.com fonts.gstatic.com 'self' 'unsafe-inline' kms-a.akamaihd.net cfvod.kaltura.com; script-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools js-agent.newrelic.com/nr-rum-1.248.0.min.js usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com unpkg.com kaltura.com .kaltura.com contextweb.com .contextweb.com bat.bing.com .doubleclick.net tags.tiqcdn.com ipredictive.com .ipredictive.com 'self' 'unsafe-inline' 'unsafe-eval' blob: .googleapis.com .pmsrv.co t.contentsquare.net app.contentsquare.com static.cloudflareinsights.com .meta.net mediahub.novartis.com match.deepintent.com trc.lhmos.com secure.adnxs.com .facebook.net; child-src blob:; worker-src blob:; object-src 'none'; font-src prod.cz.hcp.novartis.com fonts.gstatic.com .kaltura.com 'self' data: application:; img-src .ipredictive.com .contentsquare.net http: https: data: image: 'self'; frame-src contextweb.com .contextweb.com bat.bing.com .doubleclick.net servedby.flashtalking.com di.rlcdn.com 'self' cdnapisec.kaltura.com; connect-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools api.ipstack.com api.pullthrough.tools api.uat.pullthrough.tools usim.beprod.kesimptahcp.com bam.nr-data.net prod.cz.hcp.novartis.com .google.com contextweb.com .contextweb.com bat.bing.com .doubleclick.net .googleadservices.net stats.g.doubleclick.net .contentsquare.net .kaltura.com ws: 'self' .googleapis.com .tiqcdn.com cloudflareinsights.com trc.lhmos.com; media-src usim.beprod.kesimptahcp.com kaltura.com *.kaltura.com blob: 'self' data:; frame-ancestors usim.beprod.kesimptahcp.com 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	no-sniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://www.kesimptahcp.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"945c-195a9366060"
age: 5318
x-content-type-options: no-sniff
date: Wed, 26 Mar 2025 13:12:17 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 18 Mar 2025 12:24:28 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
content-security-policy: default-src usim.beprod.kesimptahcp.com 'self'; style-src cdn.pullthrough.tools cdn.uat.pullthrough.tools usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com *.googleapis.com fonts.gstatic.com 'self' 'unsafe-inline' kms-a.akamaihd.net cfvod.kaltura.com; script-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools js-agent.newrelic.com/nr-rum-1.248.0.min.js usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com unpkg.com kaltura.com *.kaltura.com contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net tags.tiqcdn.com ipredictive.com *.ipredictive.com 'self' 'unsafe-inline' 'unsafe-eval' blob: *.googleapis.com *.pmsrv.co t.contentsquare.net app.contentsquare.com static.cloudflareinsights.com *.meta.net mediahub.novartis.com match.deepintent.com trc.lhmos.com secure.adnxs.com *.facebook.net; child-src blob:; worker-src blob:; object-src 'none'; font-src prod.cz.hcp.novartis.com fonts.gstatic.com *.kaltura.com 'self' data: application:; img-src *.ipredictive.com *.contentsquare.net http: https: data: image: 'self'; frame-src contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net servedby.flashtalking.com di.rlcdn.com 'self' cdnapisec.kaltura.com; connect-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools api.ipstack.com api.pullthrough.tools api.uat.pullthrough.tools usim.beprod.kesimptahcp.com bam.nr-data.net prod.cz.hcp.novartis.com *.google.com contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net *.googleadservices.net stats.g.doubleclick.net *.contentsquare.net *.kaltura.com ws: 'self' *.googleapis.com *.tiqcdn.com cloudflareinsights.com trc.lhmos.com; media-src usim.beprod.kesimptahcp.com kaltura.com *.kaltura.com blob: 'self' data:; frame-ancestors usim.beprod.kesimptahcp.com 'self'
cache-control: public, s-maxage=31536000, stale-while-revalidate
x-dns-prefetch-control: on
cf-ray: 9266e616edec9b82-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 bundle.js Show response
www.kesimptahcp.com/scripts/ 114 KB
18 KB 26ms
26ms Script
application/javascript 2606:4700:4400::ac40:9887
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://www.kesimptahcp.com/scripts/bundle.js?1

Requested by

Host: www.kesimptahcp.com
URL: https://www.kesimptahcp.com/_next/static/chunks/main-5e177f13910846a1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9887 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c336a548850bde59ad83ee9f46d4b17cd708fe3eb7d85e2225cfe892d1b02c2

Security Headers

Name	Value
Content-Security-Policy	default-src usim.beprod.kesimptahcp.com 'self'; style-src cdn.pullthrough.tools cdn.uat.pullthrough.tools usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com .googleapis.com fonts.gstatic.com 'self' 'unsafe-inline' kms-a.akamaihd.net cfvod.kaltura.com; script-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools js-agent.newrelic.com/nr-rum-1.248.0.min.js usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com unpkg.com kaltura.com .kaltura.com contextweb.com .contextweb.com bat.bing.com .doubleclick.net tags.tiqcdn.com ipredictive.com .ipredictive.com 'self' 'unsafe-inline' 'unsafe-eval' blob: .googleapis.com .pmsrv.co t.contentsquare.net app.contentsquare.com static.cloudflareinsights.com .meta.net mediahub.novartis.com match.deepintent.com trc.lhmos.com secure.adnxs.com .facebook.net; child-src blob:; worker-src blob:; object-src 'none'; font-src prod.cz.hcp.novartis.com fonts.gstatic.com .kaltura.com 'self' data: application:; img-src .ipredictive.com .contentsquare.net http: https: data: image: 'self'; frame-src contextweb.com .contextweb.com bat.bing.com .doubleclick.net servedby.flashtalking.com di.rlcdn.com 'self' cdnapisec.kaltura.com; connect-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools api.ipstack.com api.pullthrough.tools api.uat.pullthrough.tools usim.beprod.kesimptahcp.com bam.nr-data.net prod.cz.hcp.novartis.com .google.com contextweb.com .contextweb.com bat.bing.com .doubleclick.net .googleadservices.net stats.g.doubleclick.net .contentsquare.net .kaltura.com ws: 'self' .googleapis.com .tiqcdn.com cloudflareinsights.com trc.lhmos.com; media-src usim.beprod.kesimptahcp.com kaltura.com *.kaltura.com blob: 'self' data:; frame-ancestors usim.beprod.kesimptahcp.com 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	no-sniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://www.kesimptahcp.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"1c97d-195a9366060"
age: 302
x-content-type-options: no-sniff
date: Wed, 26 Mar 2025 13:12:17 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 18 Mar 2025 12:24:28 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
content-security-policy: default-src usim.beprod.kesimptahcp.com 'self'; style-src cdn.pullthrough.tools cdn.uat.pullthrough.tools usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com *.googleapis.com fonts.gstatic.com 'self' 'unsafe-inline' kms-a.akamaihd.net cfvod.kaltura.com; script-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools js-agent.newrelic.com/nr-rum-1.248.0.min.js usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com unpkg.com kaltura.com *.kaltura.com contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net tags.tiqcdn.com ipredictive.com *.ipredictive.com 'self' 'unsafe-inline' 'unsafe-eval' blob: *.googleapis.com *.pmsrv.co t.contentsquare.net app.contentsquare.com static.cloudflareinsights.com *.meta.net mediahub.novartis.com match.deepintent.com trc.lhmos.com secure.adnxs.com *.facebook.net; child-src blob:; worker-src blob:; object-src 'none'; font-src prod.cz.hcp.novartis.com fonts.gstatic.com *.kaltura.com 'self' data: application:; img-src *.ipredictive.com *.contentsquare.net http: https: data: image: 'self'; frame-src contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net servedby.flashtalking.com di.rlcdn.com 'self' cdnapisec.kaltura.com; connect-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools api.ipstack.com api.pullthrough.tools api.uat.pullthrough.tools usim.beprod.kesimptahcp.com bam.nr-data.net prod.cz.hcp.novartis.com *.google.com contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net *.googleadservices.net stats.g.doubleclick.net *.contentsquare.net *.kaltura.com ws: 'self' *.googleapis.com *.tiqcdn.com cloudflareinsights.com trc.lhmos.com; media-src usim.beprod.kesimptahcp.com kaltura.com *.kaltura.com blob: 'self' data:; frame-ancestors usim.beprod.kesimptahcp.com 'self'
cache-control: public, s-maxage=31536000, stale-while-revalidate
x-dns-prefetch-control: on
cf-ray: 9266e616edee9b82-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 454 KB
131 KB 116ms
66ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M4KPBLP&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: www.kesimptahcp.com
URL: https://www.kesimptahcp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1dc9fbdfd5845bde837d348e588bc3c797f92585ea0c15aec0914fd5f31b2cf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://www.kesimptahcp.com/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1262:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1262:0"}],}
expires: Wed, 26 Mar 2025 13:12:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 26 Mar 2025 13:12:17 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 26 Mar 2025 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1262:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1262:0
content-length: 133689
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 pxiEyp8kv8JHgFVrJJnecmNE.woff2
fonts.gstatic.com/s/poppins/v22/ 6 KB
6 KB 21ms
21ms Font
font/woff2 142.250.181.227
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v22/pxiEyp8kv8JHgFVrJJnecmNE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

0b1fcab42c18b69bcfe9ce4799fcbff5af1621c53ffcfdc4723c6f5ec4ee3ffb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Origin: https://www.kesimptahcp.com
Referer: https://fonts.googleapis.com/

Response headers

age: 162165
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 24 Mar 2026 16:09:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 24 Mar 2025 16:09:32 GMT
last-modified: Wed, 04 Dec 2024 06:53:11 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5644
x-xss-protection: 0
server: sffe

GET
H2 200 0.0-1-min-clock-icon.png
usim.beprod.kesimptahcp.com/sites/kesimptahcp_com/files/styles/single_featured_content_card_without_content_width_744/public/2024-09/ 20 KB
20 KB 24ms
23ms Image
image/png 2606:4700:4400::ac40:9887
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://usim.beprod.kesimptahcp.com/sites/kesimptahcp_com/files/styles/single_featured_content_card_without_content_width_744/public/2024-09/0.0-1-min-clock-icon.png?itok=CsGlgQK9

Requested by

Host: www.kesimptahcp.com
URL: https://www.kesimptahcp.com/vendor/scripts/swiper-bundle.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9887 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efde8a5e95bfe91718b75cd902cdb6f22edaa52f9dfb7b51b0b87427ad59bbb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://www.kesimptahcp.com/

Response headers

x-request-id: v-10a89174-059a-11f0-bd9b-3384439363a5
cf-bgj: imgq:100,h2pri
cf-cache-status: HIT
age: 301
x-content-type-options: nosniff
expires: Thu, 03 Apr 2025 14:46:11 GMT
cf-polished: origSize=31840
x-cache: HIT
date: Wed, 26 Mar 2025 13:12:17 GMT
content-type: image/png
last-modified: Tue, 24 Sep 2024 11:56:12 GMT
x-cache-hits: 31
vary: Accept-Encoding
cache-control: max-age=1209600
x-ah-environment: prod
via: varnish
cf-ray: 9266e6175e5d4d28-FRA
accept-ranges: bytes
content-length: 20169
server: cloudflare

POST
H3 200 collect
www.google.com/ccm/ 0
0 85ms
41ms Ping
text/plain 172.217.16.196
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.kesimptahcp.com%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1122901220.1742994738&dt=Relapsing%20MS%20Treatment%20%7C%20KESIMPTA%C2%AE%20(ofatumumab)%20HCP&auid=34577272.1742994738&navt=n&npa=1&gtm=45He53o2v9103149974za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=102482433~102788824~102803279~102813109~102887800~102926062~102926327&tft=1742994737951&tfd=1177&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M4KPBLP&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.16.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s65-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://www.kesimptahcp.com/

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 453 KB
145 KB 70ms
70ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H35KZTYHC4&cx=c&gtm=45He53o2v9103149974za200&tag_exp=102482433~102788824~102803279~102813109~102887800~102926062~102926327

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M4KPBLP&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

352fa040fa5d46d719c2c0a9e971123c54b96cb8115eb8a18bf2066dff14fd16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://www.kesimptahcp.com/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1020:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1020:0"}],}
expires: Wed, 26 Mar 2025 13:12:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 26 Mar 2025 13:12:17 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1020:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1020:0
content-length: 148092
x-xss-protection: 0
server: Google Tag Manager

GET
H3

200

web-vitals.iife.js Show response
unpkg.com/web-vitals@4.2.4/dist/
Redirect Chain

https://unpkg.com/web-vitals/dist/web-vitals.iife.js
https://unpkg.com/web-vitals@4.2.4/dist/web-vitals.iife.js

7 KB
3 KB

40ms
40ms

Script
text/javascript

104.17.249.203
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://unpkg.com/web-vitals@4.2.4/dist/web-vitals.iife.js

Requested by

Host: www.kesimptahcp.com
URL: https://www.kesimptahcp.com/

Protocol

Server

104.17.249.203 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f759996a85b1ddf539ef3f16fdca3d39e48f670aef69e82c6200cc2b5f9f47bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://www.kesimptahcp.com/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
age: 61376
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 26 Mar 2025 13:12:18 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 25 Mar 2025 20:09:22 GMT
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 9266e618dad103ac-FRA
content-digest: sha256=:91mZaoWx3fU57z8W/co9OeSPZwrvaegsYgDMK1+fR70=:
access-control-allow-origin: *
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
location: https://unpkg.com/web-vitals@4.2.4/dist/web-vitals.iife.js
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cf-ray: 9266e6187a9103ac-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 73
server-timing: cfExtPri
date: Wed, 26 Mar 2025 13:12:18 GMT
content-type: text/plain;charset=UTF-8
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

GET
H2 200 8dccb311ae877.js Show response
t.contentsquare.net/uxa/ 387 KB
92 KB 88ms
27ms Script
application/javascript 18.244.18.60
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://t.contentsquare.net/uxa/8dccb311ae877.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M4KPBLP&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-60.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 44ef7c40c9f7e370eada3b96d08d14e90c41414d8d911adea215504a01941c19

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://www.kesimptahcp.com/

Response headers

content-encoding: br
etag: "eeb5e4e404e75023751bb9ec244b08a3"
age: 0
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 8KDtZcPLam3RY6-_OsM96k1tcctYa-JlD4afuZZMi5MKsYAQpreukQ==
date: Wed, 26 Mar 2025 11:21:45 GMT
content-type: application/javascript;charset=utf-8
last-modified: Wed, 26 Mar 2025 10:51:18 GMT
vary: Origin
cache-control: max-age=900
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
via: 1.1 b88a4e10ec6aa05046ba32d44beb97f2.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 93301
x-amz-cf-pop: FRA56-P11
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 252 KB
63 KB 56ms
25ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.kesimptahcp.com
URL: https://www.kesimptahcp.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

13b3fea42a999bd1edc7815ad83b8529ad25262807607a54101486b76d2a39a0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;script-src 'nonce-XEImrKXu' .facebook.com .fbcdn.net .facebook.net blob: data: 'self';style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com .cdninstagram.com;font-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;img-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;media-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;child-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;frame-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;manifest-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;object-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;worker-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://www.kesimptahcp.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 26 Mar 2025 13:12:18 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;script-src 'nonce-XEImrKXu' *.facebook.com *.fbcdn.net *.facebook.net blob: data: 'self';style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com *.cdninstagram.com;font-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;img-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;media-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;child-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;frame-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;manifest-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;object-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;worker-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=26, rtx=0, c=23, mss=1232, tbw=4600, tp=9, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: z2W0/+trWhpFVkcrnyQuC7qDq40Izccv+OU1E+CZMMMwGh8X0u+xcfqI6BWPwuF7i/Wii++p7S2CJJv/yUF+nQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 64608
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H/1.1 200
OK /
servedby.flashtalking.com/container/18741;121868;13078;iframe/ Frame ADBC 0
0 130ms
46ms Document
text/html 2.16.252.135
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL

https://servedby.flashtalking.com/container/18741;121868;13078;iframe/?ftXRef=&ftXValue=&ftXType=&ftXName=&ftXNumItems=&ftXCurrency=&U1=&U2=&U3=&U4=&U5=&U6=&U7=&U8=&U9=&U10=&U11=&U12=&U13=&U14=&U15=&U16=&U17=&U18=&U19=&U20=&ft_referrer=https%3A%2F%2Fwww.kesimptahcp.com%2F%3F~U1%3DU1_VALUE%26U2%3DU2_VALUE%26U3%3DU3_VALUE%26U4%3DU4_VALUE%26U5%3DU5_VALUE%26U6%3DU6_VALUE%26U7%3DU7_VALUE%26U8%3DU8_VALUE%26U9%3DU9_VALUE%26U10%3DU10_VALUE%26U11%3DU11_VALUE%26U12%3DU12_VALUE%26U13%3DU13_VALUE%26U14%3DU14_VALUE%26U15%3DU15_VALUE%26U16%3DU16_VALUE%26U17%3DU17_VALUE%26U18%3DU18_VALUE%26U19%3DU19_VALUE%26U20%3DU20_VALUE&ns=&cb=1474572373

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M4KPBLP&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.16.252.135 Hamburg, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-16-252-135.deploy.static.akamaitechnologies.com

Software

prod-xre-app22.frk11 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.kesimptahcp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36

Response headers

Allow-Fenced-Frame-Automatic-Beacons: true
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1258
Content-Type: text/html
Date: Wed, 26 Mar 2025 13:12:18 GMT
Expires: Wed, 26 Mar 2025 13:12:18 GMT
Pragma: no-cache
Server: prod-xre-app22.frk11
Strict-Transport-Security: max-age=86400
Vary: Accept-Encoding

GET
H2 200 sr
bh.contextweb.com/bh/ 49 B
542 B 134ms
28ms Image
image/gif 208.93.169.131
WEBMD-IDC1-AS

General

Check archive.org

Download Go to Show image

Full URL: https://bh.contextweb.com/bh/sr?action=add&token=6CK90QSBQ9TT&ch=1&url=https%3A%2F%2Fwww.kesimptahcp.com%2F&rr=&campaign=undefined&frmtext=undefined&clktext=undefined&us_privacy=${us_privacy}&param1=undefined&param2=undefined&param3=undefined&param4=undefined&param5=undefined
Requested by: Host: www.kesimptahcp.com
URL: https://www.kesimptahcp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 208.93.169.131 , United States, ASN46244 (WEBMD-IDC1-AS, US),
Reverse DNS
Software: Jetty(12.0.17) /
Resource Hash: d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://www.kesimptahcp.com/

Response headers

cache-control: private, max-age=0, no-cache, no-store
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server: bh-deployment-7dbd47bd95-4bxr2
expires: -1
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: de-DE
content-type: image/gif;charset=iso-8859-1
server: Jetty(12.0.17)

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/53k0/ Frame DDAD 0
0 116ms
45ms Document
text/html 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/53k0/sw_iframe.html?origin=https%3A%2F%2Fwww.kesimptahcp.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M4KPBLP&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Mar 2025 13:12:18 GMT
expires: Thu, 26 Mar 2026 13:12:18 GMT
last-modified: Thu, 20 Mar 2025 08:58:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 187093443174552 Show response
connect.facebook.net/signals/config/ 13 KB
3 KB 177ms
177ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://connect.facebook.net/signals/config/187093443174552?v=2.9.190&r=stable&domain=www.kesimptahcp.com&hme=c1f2cecb0bd2e60711f2156ceae0254b57f69ec526dbc6c13633615b2168eda4&ex_m=71%2C124%2C109%2C113%2C62%2C4%2C102%2C70%2C16%2C98%2C90%2C51%2C55%2C178%2C181%2C193%2C189%2C190%2C192%2C29%2C103%2C53%2C78%2C191%2C173%2C176%2C186%2C187%2C194%2C135%2C41%2C199%2C196%2C197%2C34%2C148%2C15%2C50%2C203%2C202%2C137%2C18%2C40%2C1%2C43%2C66%2C67%2C68%2C72%2C94%2C17%2C14%2C97%2C93%2C92%2C110%2C52%2C112%2C39%2C111%2C30%2C95%2C26%2C174%2C177%2C145%2C87%2C57%2C85%2C33%2C74%2C0%2C96%2C32%2C28%2C83%2C84%2C89%2C47%2C46%2C88%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C58%2C63%2C65%2C76%2C54%2C104%2C27%2C77%2C9%2C8%2C81%2C48%2C21%2C106%2C105%2C107%2C99%2C10%2C20%2C3%2C38%2C75%2C19%2C5%2C91%2C82%2C44%2C35%2C86%2C244%2C171%2C122%2C160%2C153%2C2%2C36%2C64%2C42%2C108%2C45%2C80%2C69%2C114%2C61%2C60%2C31%2C100%2C59%2C56%2C49%2C79%2C73%2C24%2C101%2C115

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

a9f22e9ca59e103bc8f85cd0c86554438885d46dcc54295d3c4358dccded62e5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;script-src 'nonce-E4esYjiR' .facebook.com .fbcdn.net .facebook.net blob: data: 'self';style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com .cdninstagram.com;font-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;img-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;media-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;child-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;frame-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;manifest-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;object-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;worker-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://www.kesimptahcp.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 26 Mar 2025 13:12:18 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;script-src 'nonce-E4esYjiR' *.facebook.com *.fbcdn.net *.facebook.net blob: data: 'self';style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com *.cdninstagram.com;font-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;img-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;media-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;child-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;frame-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;manifest-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;object-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;worker-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=26, rtx=0, c=79, mss=1232, tbw=74022, tp=69, tpl=0, uplat=161, ullat=0
pragma: public
x-fb-debug: WveZ2YQQQWpyb34eU/h7AM9qxJbpQpuifHhPNG7qmy94HRytT/vIuF/Y0a9X0phlIIvZG1pNpWQlGzROsy5Xrg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 268 KB
95 KB 45ms
45ms Script
application/javascript 142.250.185.200
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-9787805&cx=c&gtm=45je53o2v9123481384za200zb9103149974&tag_exp=102482433~102788824~102803279~102813109~102887799~102926061~102926327

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H35KZTYHC4&cx=c&gtm=45He53o2v9103149974za200&tag_exp=102482433~102788824~102803279~102813109~102887800~102926062~102926327

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

b0ca64f7029541a4a0968e8b7eeb334a3e4458237cda806ba05de76cd491aaf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://www.kesimptahcp.com/

Response headers

content-encoding: br
report-to: {"group":"ascgcysghrgc:42:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Wed, 26 Mar 2025 13:12:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 26 Mar 2025 13:12:18 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 26 Mar 2025 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcysghrgc:42:0
content-length: 97611
x-xss-protection: 0
server: Google Tag Manager

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 82ms
40ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-H35KZTYHC4&gtm=45je53o2v9123481384z89103149974za200zb9103149974&_p=1742994737745&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102482433~102788824~102803279~102813109~102887799~102926061~102926327&tt=&cid=606562551.1742994738&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1742994738&sct=1&seg=0&dl=https%3A%2F%2Fwww.kesimptahcp.com%2F&dt=Relapsing%20MS%20Treatment%20%7C%20KESIMPTA%C2%AE%20(ofatumumab)%20HCP&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_name=kesimpta%3Ahcp%3Abranded%3Ahome&ep.indication=rms&ep.brand=kesimpta&ep.patient_hcp=hcp&ep.site_category=branded&ep.environment=production&ep.page_url=www.kesimptahcp.com%2F&ep.ml_id=10%2F24%20%20%20%20%20FA-11271191&ep.status=200&ep.section=home&ep.subsection=&tfd=1384
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H35KZTYHC4&cx=c&gtm=45He53o2v9103149974za200&tag_exp=102482433~102788824~102803279~102813109~102887800~102926062~102926327
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://www.kesimptahcp.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:137:0
report-to: {"group":"ascnsrsggc:137:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:137:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.kesimptahcp.com
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:137:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 26 Mar 2025 13:12:18 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
560 B 83ms
31ms Ping
text/plain 2a00:1450:400c:c02::9c
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-H35KZTYHC4&cid=606562551.1742994738&gtm=45je53o2v9123481384z89103149974za200zb9103149974&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=102482433~102788824~102803279~102813109~102887799~102926061~102926327
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H35KZTYHC4&cx=c&gtm=45He53o2v9103149974za200&tag_exp=102482433~102788824~102803279~102813109~102887800~102926062~102926327
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c02::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://www.kesimptahcp.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:112:0
report-to: {"group":"ascnsrsggc:112:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:112:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.kesimptahcp.com
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:112:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 26 Mar 2025 13:12:18 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 67ms
44ms Image
image/gif 172.217.16.195
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-H35KZTYHC4&cid=606562551.1742994738&gtm=45je53o2v9123481384z89103149974za200zb9103149974&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=102482433~102788824~102803279~102813109~102887799~102926061~102926327&tag_exp=102482433~102788824~102803279~102813109~102887799~102926061~102926327&z=837184688

Requested by

Host: www.kesimptahcp.com
URL: https://www.kesimptahcp.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://www.kesimptahcp.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 26 Mar 2025 13:12:18 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET 436a253f-f421-47fe-bff5-d720dce1d88b
https://www.kesimptahcp.com/ 0
0

GET
H2 204 pageview
c.az.contentsquare.net/ 0
272 B 230ms
34ms Image
text/plain 4.207.209.100
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to Show image

Full URL: https://c.az.contentsquare.net/pageview?ex=&dt=121&pvt=n&cvars=%7B%221%22%3A%5B%22Indication%22%2C%22rms%22%5D%2C%222%22%3A%5B%22Type%22%2C%22hcp%22%5D%2C%223%22%3A%5B%22Section%22%2C%22home%22%5D%2C%225%22%3A%5B%22Page%20Name%22%2C%22kesimpta%3Ahcp%3Abranded%3Ahome%22%5D%2C%226%22%3A%5B%22Site%20Category%22%2C%22branded%22%5D%2C%227%22%3A%5B%22Environment%22%2C%22production%22%5D%7D&cvarp=%7B%221%22%3A%5B%22Indication%22%2C%22rms%22%5D%2C%222%22%3A%5B%22Type%22%2C%22hcp%22%5D%2C%223%22%3A%5B%22Section%22%2C%22home%22%5D%2C%225%22%3A%5B%22Page%20Name%22%2C%22kesimpta%3Ahcp%3Abranded%3Ahome%22%5D%2C%226%22%3A%5B%22Site%20Category%22%2C%22branded%22%5D%2C%227%22%3A%5B%22Environment%22%2C%22production%22%5D%7D&la=de-DE&uc=0&url=https%3A%2F%2Fwww.kesimptahcp.com%2F&dr=&dw=1600&dh=3606&ww=1600&wh=1200&sw=1600&sh=1200&uu=e628e0e8-8731-ac00-941a-72c6f30b7306&sn=1&hd=1742994738&v=15.76.0&pid=59024&pn=1&r=781448
Requested by: Host: www.kesimptahcp.com
URL: https://www.kesimptahcp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 4.207.209.100 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://www.kesimptahcp.com/

Response headers

cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
timing-allow-origin: *
pragma: no-cache
access-control-allow-methods: GET, POST, OPTIONS
expires: Sun, 24 Oct 1982 23:00:00 GMT
access-control-allow-origin: *
date: Wed, 26 Mar 2025 13:12:18 GMT
content-disposition: inline
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With

GET
H2

200

activityi;dc_pre=CIqR6LHpp4wDFbXpEQgdeQ4uCQ;src=9787805;type=2021k003;cat=kesim0;ord=1;num=7107374096873;npa=1;auiddc=34577272.1742994738;ps=1;pcor=1746398663;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv...
9787805.fls.doubleclick.net/ Frame 7989
Redirect Chain

https://9787805.fls.doubleclick.net/activityi;src=9787805;type=2021k003;cat=kesim0;ord=1;num=7107374096873;npa=1;auiddc=34577272.1742994738;ps=1;pcor=1746398663;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;ua...
https://9787805.fls.doubleclick.net/activityi;dc_pre=CIqR6LHpp4wDFbXpEQgdeQ4uCQ;src=9787805;type=2021k003;cat=kesim0;ord=1;num=7107374096873;npa=1;auiddc=34577272.1742994738;ps=1;pcor=1746398663;ua...

0
0

34ms
33ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://9787805.fls.doubleclick.net/activityi;dc_pre=CIqR6LHpp4wDFbXpEQgdeQ4uCQ;src=9787805;type=2021k003;cat=kesim0;ord=1;num=7107374096873;npa=1;auiddc=34577272.1742994738;ps=1;pcor=1746398663;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KpA;gtm=45fe53o2v9181465264z89103149974za201zb9123481384;gcd=13l3lPl2l1l1;dma_cps=syphamo;dma=1;dc_fmt=1;tag_exp=102482433~102788824~102803279~102813109~102887800~102926327;epver=2;~oref=https%3A%2F%2Fwww.kesimptahcp.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-9787805&cx=c&gtm=45je53o2v9123481384za200zb9103149974&tag_exp=102482433~102788824~102803279~102813109~102887799~102926061~102926327

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kesimptahcp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 500
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Mar 2025 13:12:18 GMT
expires: Wed, 26 Mar 2025 13:12:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Mar 2025 13:12:18 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://9787805.fls.doubleclick.net/activityi;dc_pre=CIqR6LHpp4wDFbXpEQgdeQ4uCQ;src=9787805;type=2021k003;cat=kesim0;ord=1;num=7107374096873;npa=1;auiddc=34577272.1742994738;ps=1;pcor=1746398663;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KpA;gtm=45fe53o2v9181465264z89103149974za201zb9123481384;gcd=13l3lPl2l1l1;dma_cps=syphamo;dma=1;dc_fmt=1;tag_exp=102482433~102788824~102803279~102813109~102887800~102926327;epver=2;~oref=https%3A%2F%2Fwww.kesimptahcp.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CKKZ6LHpp4wDFWDtEQgdtZUtsA;src=9787805;type=kesim000;cat=kesim0;ord=1;num=9459142046472;npa=1;auiddc=34577272.1742994738;ps=1;pcor=1032291929;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv...
9787805.fls.doubleclick.net/ Frame 768C
Redirect Chain

https://9787805.fls.doubleclick.net/activityi;src=9787805;type=kesim000;cat=kesim0;ord=1;num=9459142046472;npa=1;auiddc=34577272.1742994738;ps=1;pcor=1032291929;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;ua...
https://9787805.fls.doubleclick.net/activityi;dc_pre=CKKZ6LHpp4wDFWDtEQgdtZUtsA;src=9787805;type=kesim000;cat=kesim0;ord=1;num=9459142046472;npa=1;auiddc=34577272.1742994738;ps=1;pcor=1032291929;ua...

0
0

35ms
34ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://9787805.fls.doubleclick.net/activityi;dc_pre=CKKZ6LHpp4wDFWDtEQgdtZUtsA;src=9787805;type=kesim000;cat=kesim0;ord=1;num=9459142046472;npa=1;auiddc=34577272.1742994738;ps=1;pcor=1032291929;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KpA;gtm=45fe53o2v9181465264z89103149974za201zb9123481384;gcd=13l3lPl2l1l1;dma_cps=syphamo;dma=1;dc_fmt=1;tag_exp=102482433~102788824~102803279~102813109~102887800~102926327;epver=2;~oref=https%3A%2F%2Fwww.kesimptahcp.com%2F?

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kesimptahcp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 504
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Mar 2025 13:12:18 GMT
expires: Wed, 26 Mar 2025 13:12:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Mar 2025 13:12:18 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://9787805.fls.doubleclick.net/activityi;dc_pre=CKKZ6LHpp4wDFWDtEQgdtZUtsA;src=9787805;type=kesim000;cat=kesim0;ord=1;num=9459142046472;npa=1;auiddc=34577272.1742994738;ps=1;pcor=1032291929;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KpA;gtm=45fe53o2v9181465264z89103149974za201zb9123481384;gcd=13l3lPl2l1l1;dma_cps=syphamo;dma=1;dc_fmt=1;tag_exp=102482433~102788824~102803279~102813109~102887800~102926327;epver=2;~oref=https%3A%2F%2Fwww.kesimptahcp.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=9787805;type=2021k003;cat=kesim0;ord=1;num=7107374096873;npa=1;auiddc=34577272.1742994738;ps=1;pcor=1746398663;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl...
ad.doubleclick.net/ 42 B
67 B 105ms
58ms Image
image/gif 142.250.184.230
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=9787805;type=2021k003;cat=kesim0;ord=1;num=7107374096873;npa=1;auiddc=34577272.1742994738;ps=1;pcor=1746398663;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KpA;gtm=45fe53o2v9181465264z89103149974za201zb9123481384;gcd=13l3lPl2l1l1;dma_cps=syphamo;dma=1;dc_fmt=10;tag_exp=102482433~102788824~102803279~102813109~102887800~102926327;epver=2;~oref=https%3A%2F%2Fwww.kesimptahcp.com%2F?

Requested by

Host: www.kesimptahcp.com
URL: https://www.kesimptahcp.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://www.kesimptahcp.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 42
date: Wed, 26 Mar 2025 13:12:18 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"2969493799741819938"}],"aggregatable_trigger_data":[{"filters":[{"14":["11116707"]}],"key_piece":"0x78117f0faafa0b17","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0xdd29f984ed7fa717","not_filters":{"14":["11116707"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"34774192":54,"34774193":54,"34774194":54,"34774195":5297,"34844140":109,"34844141":109,"34844142":109,"34844143":10594,"908777668":50,"908777669":50,"908777670":50,"908777671":4889,"908900572":81,"908900573":81,"908900574":81,"908900575":7946,"908912940":93,"908912941":93,"908912942":93,"908912943":9081},"aggregation_coordinator_origin":"https://publickeyservice.msmt.gcp.privacysandboxservices.com","debug_key":"10949408597089131784","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"2969493799741819938","filters":[{"14":["11116707"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"2969493799741819938","filters":[{"14":["11116707"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"2969493799741819938","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"2969493799741819938","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["9787805"]}}
content-type: image/gif
x-xss-protection: 0
server: cafe

GET
H3 200 activity;register_conversion=1;src=9787805;type=kesim000;cat=kesim0;ord=1;num=9459142046472;npa=1;auiddc=34577272.1742994738;ps=1;pcor=1032291929;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl...
ad.doubleclick.net/ 42 B
67 B 103ms
56ms Image
image/gif 142.250.184.230
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=9787805;type=kesim000;cat=kesim0;ord=1;num=9459142046472;npa=1;auiddc=34577272.1742994738;ps=1;pcor=1032291929;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KpA;gtm=45fe53o2v9181465264z89103149974za201zb9123481384;gcd=13l3lPl2l1l1;dma_cps=syphamo;dma=1;dc_fmt=10;tag_exp=102482433~102788824~102803279~102813109~102887800~102926327;epver=2;~oref=https%3A%2F%2Fwww.kesimptahcp.com%2F?

Requested by

Host: www.kesimptahcp.com
URL: https://www.kesimptahcp.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://www.kesimptahcp.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 42
date: Wed, 26 Mar 2025 13:12:18 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"2749442029013936777"}],"aggregatable_trigger_data":[{"filters":[{"14":["49464845"]}],"key_piece":"0x9f6f51fba99e24f1","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0xb1e6a439f08e1c7c","not_filters":{"14":["49464845"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"34774192":54,"34774193":54,"34774194":54,"34774195":5297,"34844140":109,"34844141":109,"34844142":109,"34844143":10594,"908777668":50,"908777669":50,"908777670":50,"908777671":4889,"908900572":81,"908900573":81,"908900574":81,"908900575":7946,"908912940":93,"908912941":93,"908912942":93,"908912943":9081},"aggregation_coordinator_origin":"https://publickeyservice.msmt.gcp.privacysandboxservices.com","debug_key":"10586175766180953737","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"2749442029013936777","filters":[{"14":["49464845"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"2749442029013936777","filters":[{"14":["49464845"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"2749442029013936777","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"2749442029013936777","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["9787805"]}}
content-type: image/gif
x-xss-protection: 0
server: cafe

GET
H2 200 hp1 Show response
novartispharmaag.us-7.evergage.com/api2/event/ 137 B
820 B 663ms
261ms XHR
application/json 52.25.103.135
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://novartispharmaag.us-7.evergage.com/api2/event/hp1?event=eyJpbnRlcmFjdGlvbiI6eyJuYW1lIjoiVmlldyBDYXRhbG9nIE9iamVjdCIsImNhdGFsb2dPYmplY3QiOnsidHlwZSI6IkNhdGVnb3J5IiwiaWQiOiJLRVMtSE9NRSIsImF0dHJpYnV0ZXMiOnsibmFtZSI6IktFUy1IT01FIn19fSwidXNlciI6eyJhdHRyaWJ1dGVzIjp7Imd1aWQiOiI1YWJlNjNkMzk2YjBlNTI0IiwibGFzdEVtYWlsVGhlbWUiOiIxMC8yNCAgICAgRkEtMTEyNzExOTEiLCJnYV9pZCI6IkdBMS4xLjYwNjU2MjU1MS4xNzQyOTk0NzM4In0sImFub255bW91c0lkIjoiNWFiZTYzZDM5NmIwZTUyNCJ9LCJzb3VyY2UiOnsidXJsIjoiaHR0cHM6Ly93d3cua2VzaW1wdGFoY3AuY29tLyIsInVybFJlZmVycmVyIjoiIiwiY2hhbm5lbCI6IldlYiIsImJlYWNvblZlcnNpb24iOjE2LCJjb25maWdWZXJzaW9uIjoiMTkiLCJjb250ZW50Wm9uZXMiOltdfSwiY29uc2VudHMiOltdLCJhY2NvdW50Ijp7fSwiX3Rvb2xzRXZlbnRMaW5rSWQiOiIwNjM5NzY3ODA5MDk2ODQ1IiwiZXhwbGFpbiI6dHJ1ZX0%3D

Requested by

Host: t.contentsquare.net
URL: https://t.contentsquare.net/uxa/8dccb311ae877.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.25.103.135 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-103-135.us-west-2.compute.amazonaws.com

Software

Resource Hash

45eb5814a68bd1256ce79435351ed534624192ec10be8fef5d80343a1f0d4412

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.kesimptahcp.com/

Response headers

cache-control: no-cache, no-store
timing-allow-origin: *
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://www.kesimptahcp.com
date: Wed, 26 Mar 2025 13:12:18 GMT
content-type: application/json;charset=UTF-8
vary: accept-encoding

POST
H2 200 hp1 Show response
novartispharmaag.us-7.evergage.com/api2/event/ 137 B
823 B 660ms
259ms XHR
application/json 52.25.103.135
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://novartispharmaag.us-7.evergage.com/api2/event/hp1

Requested by

Host: t.contentsquare.net
URL: https://t.contentsquare.net/uxa/8dccb311ae877.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.25.103.135 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-103-135.us-west-2.compute.amazonaws.com

Software

Resource Hash

f7dccadbab5ae65d038aeeff33c86e20545d7c2234a719bd54a7333707b965fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kesimptahcp.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Content-Type: application/x-www-form-urlencoded

Response headers

cache-control: no-cache, no-store
timing-allow-origin: *
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://www.kesimptahcp.com
date: Wed, 26 Mar 2025 13:12:18 GMT
content-type: application/json;charset=UTF-8
vary: accept-encoding

GET
H2 200 favicon.ico
www.kesimptahcp.com/ 9 KB
8 KB 40ms
39ms Other
image/x-icon 2606:4700:4400::ac40:9887
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://www.kesimptahcp.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9887 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80f3aed3583dda42e03076ff9a9d3df3bb000668976f6cc69563436bf169dcc8

Security Headers

Name	Value
Content-Security-Policy	default-src usim.beprod.kesimptahcp.com 'self'; style-src cdn.pullthrough.tools cdn.uat.pullthrough.tools usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com .googleapis.com fonts.gstatic.com 'self' 'unsafe-inline' kms-a.akamaihd.net cfvod.kaltura.com; script-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools js-agent.newrelic.com/nr-rum-1.248.0.min.js usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com unpkg.com kaltura.com .kaltura.com contextweb.com .contextweb.com bat.bing.com .doubleclick.net tags.tiqcdn.com ipredictive.com .ipredictive.com 'self' 'unsafe-inline' 'unsafe-eval' blob: .googleapis.com .pmsrv.co t.contentsquare.net app.contentsquare.com static.cloudflareinsights.com .meta.net mediahub.novartis.com match.deepintent.com trc.lhmos.com secure.adnxs.com .facebook.net; child-src blob:; worker-src blob:; object-src 'none'; font-src prod.cz.hcp.novartis.com fonts.gstatic.com .kaltura.com 'self' data: application:; img-src .ipredictive.com .contentsquare.net http: https: data: image: 'self'; frame-src contextweb.com .contextweb.com bat.bing.com .doubleclick.net servedby.flashtalking.com di.rlcdn.com 'self' cdnapisec.kaltura.com; connect-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools api.ipstack.com api.pullthrough.tools api.uat.pullthrough.tools usim.beprod.kesimptahcp.com bam.nr-data.net prod.cz.hcp.novartis.com .google.com contextweb.com .contextweb.com bat.bing.com .doubleclick.net .googleadservices.net stats.g.doubleclick.net .contentsquare.net .kaltura.com ws: 'self' .googleapis.com .tiqcdn.com cloudflareinsights.com trc.lhmos.com; media-src usim.beprod.kesimptahcp.com kaltura.com *.kaltura.com blob: 'self' data:; frame-ancestors usim.beprod.kesimptahcp.com 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	no-sniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://www.kesimptahcp.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"2201-195a9366060"
age: 302
x-content-type-options: no-sniff
date: Wed, 26 Mar 2025 13:12:18 GMT
content-type: image/x-icon
last-modified: Tue, 18 Mar 2025 12:24:28 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
content-security-policy: default-src usim.beprod.kesimptahcp.com 'self'; style-src cdn.pullthrough.tools cdn.uat.pullthrough.tools usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com *.googleapis.com fonts.gstatic.com 'self' 'unsafe-inline' kms-a.akamaihd.net cfvod.kaltura.com; script-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools js-agent.newrelic.com/nr-rum-1.248.0.min.js usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com unpkg.com kaltura.com *.kaltura.com contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net tags.tiqcdn.com ipredictive.com *.ipredictive.com 'self' 'unsafe-inline' 'unsafe-eval' blob: *.googleapis.com *.pmsrv.co t.contentsquare.net app.contentsquare.com static.cloudflareinsights.com *.meta.net mediahub.novartis.com match.deepintent.com trc.lhmos.com secure.adnxs.com *.facebook.net; child-src blob:; worker-src blob:; object-src 'none'; font-src prod.cz.hcp.novartis.com fonts.gstatic.com *.kaltura.com 'self' data: application:; img-src *.ipredictive.com *.contentsquare.net http: https: data: image: 'self'; frame-src contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net servedby.flashtalking.com di.rlcdn.com 'self' cdnapisec.kaltura.com; connect-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools api.ipstack.com api.pullthrough.tools api.uat.pullthrough.tools usim.beprod.kesimptahcp.com bam.nr-data.net prod.cz.hcp.novartis.com *.google.com contextweb.com *.contextweb.com bat.bing.com *.doubleclick.net *.googleadservices.net stats.g.doubleclick.net *.contentsquare.net *.kaltura.com ws: 'self' *.googleapis.com *.tiqcdn.com cloudflareinsights.com trc.lhmos.com; media-src usim.beprod.kesimptahcp.com kaltura.com *.kaltura.com blob: 'self' data:; frame-ancestors usim.beprod.kesimptahcp.com 'self'
cache-control: public, max-age=3600, s-maxage=2678400, stale-while-revalidate=59
x-dns-prefetch-control: on
cf-ray: 9266e61be9509b82-FRA
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 204 pr
novartispharmaag.us-7.evergage.com/ 0
538 B 411ms
410ms Ping
text/plain 52.25.103.135
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://novartispharmaag.us-7.evergage.com/pr?.top=667&item=%7B%22type%22%3A%22Article%22%2C%22_id%22%3A%22RELAPSING%20MS%20TREATMENT%20%7C%20KESIMPTA%C2%AE%20(OFATUMUMAB)%20HCP%22%2C%22categories%22%3A%5B%7B%22type%22%3A%22c%22%2C%22_id%22%3A%22KES-HOME%22%7D%5D%2C%22dimensions%22%3A%7B%22Type%22%3A%5B%22Branded%22%5D%2C%22Keyword%22%3A%5B%22KESIMPTA%22%5D%2C%22Indication%22%3A%5B%22rms%22%5D%2C%22HasImage%22%3A%5B%22TRUE%22%5D%2C%22Author%22%3A%5B%22FA-11271191%22%5D%7D%7D&action=View%20Catalog%20Object&.tt=662&.ttdns=37&.lt=1756&.bv=16&_ak=novartispharmaag&_ds=hp1&.scv=19&channel=Web&_r=166744&.anonId=5abe63d396b0e524&_anon=true

Requested by

Host: cdn.evgnet.com
URL: https://cdn.evgnet.com/beacon/novartispharmaag/hp1/scripts/evergage.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.25.103.135 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-103-135.us-west-2.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://www.kesimptahcp.com/

Response headers

access-control-allow-origin: https://www.kesimptahcp.com
timing-allow-origin: *
date: Wed, 26 Mar 2025 13:12:19 GMT
x-content-type-options: nosniff

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 56ms
56ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-H35KZTYHC4&gtm=45je53o2v9123481384z89103149974za200zb9103149974&_p=1742994737745&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102482433~102788824~102803279~102813109~102887799~102926061~102926327&tt=&cid=606562551.1742994738&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&sid=1742994738&sct=1&seg=0&dl=https%3A%2F%2Fwww.kesimptahcp.com%2F&dt=Relapsing%20MS%20Treatment%20%7C%20KESIMPTA%C2%AE%20(ofatumumab)%20HCP&en=scroll_25&ep.page_name=kesimpta%3Ahcp%3Abranded%3Ahome&ep.indication=rms&ep.brand=kesimpta&ep.patient_hcp=hcp&ep.site_category=branded&ep.environment=production&ep.page_url=www.kesimptahcp.com%2F&ep.ml_id=10%2F24%20%20%20%20%20FA-11271191&ep.status=200&ep.section=home&ep.subsection=&epn.percent_scrolled=25&_et=377&tfd=6763
Requested by: Host: t.contentsquare.net
URL: https://t.contentsquare.net/uxa/8dccb311ae877.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://www.kesimptahcp.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:137:0
report-to: {"group":"ascnsrsggc:137:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:137:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.kesimptahcp.com
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:137:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 26 Mar 2025 13:12:23 GMT
content-type: text/plain
server: Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.kesimptahcp.com
URL: blob:https://www.kesimptahcp.com/436a253f-f421-47fe-bff5-d720dce1d88b

Verdicts & Comments Add Verdict or Comment

104 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.kesimptahcp.com/	1970-01-21 13:45:54	Name: _evga_1eaa Value: {%22uuid%22:%225abe63d396b0e524%22}
.kesimptahcp.com/	1970-01-21 06:19:30	Name: _gcl_au Value: 1.1.34577272.1742994738
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 33cae1b5639bdd77
.kesimptahcp.com/	1970-01-21 13:45:54	Name: _ga Value: GA1.1.606562551.1742994738
.kesimptahcp.com/	1970-01-21 13:39:18	Name: _cs_c Value: 0
.kesimptahcp.com/	1970-01-21 13:39:18	Name: _cs_id Value: e628e0e8-8731-ac00-941a-72c6f30b7306.1742994738.1.1742994738.1742994738.1.1777158738171.1.x
.kesimptahcp.com/	1970-01-21 13:45:54	Name: _sfid_20df Value: {%22anonymousId%22:%225abe63d396b0e524%22%2C%22consents%22:[]}
.doubleclick.net/	1970-01-21 04:53:06	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-21 08:29:06	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-21 13:31:30	Name: IDE Value: AHWqTUn4QVF1luFV6FYorKv0A6g3aZNV_ZtB5N8NqlUW2BX764uEKkC02QltQU6luUU
.contextweb.com/	1970-01-21 12:48:18	Name: VP Value: part_1Ixa0To2Dm3c
.kesimptahcp.com/	1970-01-21 04:09:56	Name: _cs_s Value: 1.5.0.9.1742996538527
.kesimptahcp.com/	1970-01-21 13:45:54	Name: _ga_H35KZTYHC4 Value: GS1.1.1742994738.1.0.1742994738.60.0.0
novartispharmaag.us-7.evergage.com/	1970-01-21 04:19:59	Name: AWSALBTGCORS Value: uO4oAMRBLt1zV19S8LH/EpREc8O937URha1dkmHac/M730V0wVE1KXeyCxv7FfTtKJXQiFSKzkvBBw7+OfpSuMT0lxhU4xcdK+KWPtoVM+I+Yg4xu1dWlPEZcvPzBZXUACrWY1nux/4cHDd2uh1Lxw1ml3XfiuNa9/eHlEeWhT4sN0PRJU8=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src usim.beprod.kesimptahcp.com 'self'; style-src cdn.pullthrough.tools cdn.uat.pullthrough.tools usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com .googleapis.com fonts.gstatic.com 'self' 'unsafe-inline' kms-a.akamaihd.net cfvod.kaltura.com novartispharmaag.us-7.evergage.com; script-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools js-agent.newrelic.com/nr-rum-1.248.0.min.js usim.beprod.kesimptahcp.com prod.cz.hcp.novartis.com unpkg.com kaltura.com .kaltura.com contextweb.com .contextweb.com bat.bing.com .doubleclick.net tags.tiqcdn.com ipredictive.com .ipredictive.com 'self' 'unsafe-inline' 'unsafe-eval' blob: .googleapis.com .pmsrv.co t.contentsquare.net app.contentsquare.com static.cloudflareinsights.com .meta.net mediahub.novartis.com match.deepintent.com trc.lhmos.com secure.adnxs.com .facebook.net analytics.google.com .analytics.google.com google-analytics.com .google-analytics.com googletagmanager.com .googletagmanager.com tagmanager.google.com .tagmanager.google.com cdn.evgnet.com .facebook.com novartispharmaag.us-7.evergage.com; child-src blob:; worker-src blob:; object-src 'none'; font-src prod.cz.hcp.novartis.com fonts.gstatic.com .kaltura.com 'self' data: application: novartispharmaag.us-7.evergage.com; img-src .ipredictive.com .contentsquare.net http: https: data: image: 'self'; frame-src contextweb.com .contextweb.com bat.bing.com .doubleclick.net servedby.flashtalking.com di.rlcdn.com 'self' cdnapisec.kaltura.com analytics.google.com .analytics.google.com google-analytics.com .google-analytics.com googletagmanager.com .googletagmanager.com tagmanager.google.com .tagmanager.google.com; connect-src cdn.pullthrough.tools uatservices.pullthrough.tools code.jquery.com cdn.uat.pullthrough.tools api.ipstack.com api.pullthrough.tools api.uat.pullthrough.tools usim.beprod.kesimptahcp.com bam.nr-data.net prod.cz.hcp.novartis.com .google.com contextweb.com .contextweb.com bat.bing.com .doubleclick.net .googleadservices.net stats.g.doubleclick.net .contentsquare.net .kaltura.com ws: 'self' .googleapis.com .tiqcdn.com cloudflareinsights.com trc.lhmos.com analytics.google.com .analytics.google.com google-analytics.com .google-analytics.com googletagmanager.com .googletagmanager.com tagmanager.google.com .tagmanager.google.com novartispharmaag.us-7.evergage.com; media-src usim.beprod.kesimptahcp.com kaltura.com .kaltura.com blob: 'self' data:; frame-ancestors usim.beprod.kesimptahcp.com 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	no-sniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9787805.fls.doubleclick.net
ad.doubleclick.net
bh.contextweb.com
c.az.contentsquare.net
cdn.evgnet.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
msrxoption.com
novartispharmaag.us-7.evergage.com
region1.analytics.google.com
servedby.flashtalking.com
stats.g.doubleclick.net
t.contentsquare.net
unpkg.com
usim.beprod.kesimptahcp.com
www.google.com
www.google.de
www.googletagmanager.com
www.kesimptahcp.com
www.msrxoption.com
www.kesimptahcp.com
104.17.249.203
104.18.19.126
142.250.181.227
142.250.184.230
142.250.185.200
142.250.186.166
151.101.192.114
157.240.0.6
172.217.16.195
172.217.16.196
18.244.18.60
2.16.252.135
2001:4860:4802:32::36
208.93.169.131
2606:4700:4400::ac40:987e
2606:4700:4400::ac40:9887
2a00:1450:4001:812::2008
2a00:1450:4001:831::200a
2a00:1450:400c:c02::9c
4.207.209.100
52.25.103.135
048d534a44c7e9aed5965295403c8912d556ad35bb8b3b4a83a4ec0927aa8d2b
0b1fcab42c18b69bcfe9ce4799fcbff5af1621c53ffcfdc4723c6f5ec4ee3ffb
104e10644e86c213148d64cd0141d34c1f769d4f9c97eff0740df6c528e75b58
13b3fea42a999bd1edc7815ad83b8529ad25262807607a54101486b76d2a39a0
1dc9fbdfd5845bde837d348e588bc3c797f92585ea0c15aec0914fd5f31b2cf0
2b91e0c10a6269f1d82ea3d5bebf637294d8c5d5672185d99516c5dfbf49b114
2dd9dfc9cd04637ef6e01d28dbfa1c7cfd5e38205d5d7af137a307b7aadccfb9
352fa040fa5d46d719c2c0a9e971123c54b96cb8115eb8a18bf2066dff14fd16
3821c1693a5729be2109a5a8b871f114485659cfa5cca27d429f7ac4156f7587
3cf1eb20de8abaaf177a6ce3c61a6b289fa1eb1ab5aa9220a56812a03ffcb5bb
44ef7c40c9f7e370eada3b96d08d14e90c41414d8d911adea215504a01941c19
45eb5814a68bd1256ce79435351ed534624192ec10be8fef5d80343a1f0d4412
46cc98ef0c5155e868a2df13d3c5d9ab1de88895d7c24f4224df7ca4a7ecd78e
49bdb416c95b403ea89b3d54853b9b6f26000bf66e45e6ff19b1186e8aeeecf9
50fa9e98897bfe0f9610c41595bf4b1effdff43ad47fca8f6ae4b23ef59f184f
6a578640159ccfee4698ac9b539993d1b2aa85e8ae9d5cf8b262a9e843187a43
6c336a548850bde59ad83ee9f46d4b17cd708fe3eb7d85e2225cfe892d1b02c2
6e53bf2404f9f5b531093232a8809b1277e1b715aec43df5aba1141eb34c1361
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
7223369d3fc3576e38cad7a9d2ce15d8d588d898165614b014cbb8814943e517
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
80f3aed3583dda42e03076ff9a9d3df3bb000668976f6cc69563436bf169dcc8
8d074031fb58f056ed7903e2c13755ab3cb13879935381e508584a476e80f69a
8dac25c1d6b39396343745b86f08a0aaf9f3ed4e03795abc84088d8fc5721b86
8e89e1175a6145d737446d673ffa073f4c469c8fe3972f5287b1e7e9b241282b
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9b24fd64c70ccc6f0d26cf07916db6eaab4a03ad9c5e6010f41bfd76546aa58e
a9f22e9ca59e103bc8f85cd0c86554438885d46dcc54295d3c4358dccded62e5
b0ca64f7029541a4a0968e8b7eeb334a3e4458237cda806ba05de76cd491aaf5
b1d0ffe1129366b48ac07d5b108c2ec9f7aa89bd0f752bfb92e4d9c140e9b8dc
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d818af895f6d17d8ef155622cb909437b87917c2c9efe759fa304fd3a55ce145
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed327036bb8f6b6818225d8c9db249837d03ad6383ce4df809b313540876e43d
ee5aeb11ca1c2946b0e4501f44497b479a76e49b4e56eeac61332f533390cfb4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1d01d10390da0681ef8472942e934c926602ac5fe3dbcc2c06b8c831230f35
efde8a5e95bfe91718b75cd902cdb6f22edaa52f9dfb7b51b0b87427ad59bbb8
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f759996a85b1ddf539ef3f16fdca3d39e48f670aef69e82c6200cc2b5f9f47bd
f7dccadbab5ae65d038aeeff33c86e20545d7c2234a719bd54a7333707b965fc
f8974f9ec96c7f95ad2aa6e9675f17872c17a0a3a88416af1bd3ab55ab372a35
fd8f97d58b384ec07dbe0fb3c5fab96c1998f2b251b03237949de8f9502b78d5
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.kesimptahcp.com Open in urlscan Pro 2606:4700:4400::ac40:9887 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

56 Requests

96 %HTTPS

29 %IPv6

15 Domains

21 Subdomains

20 IPs

5 Countries

1350 kBTransfer

4409 kBSize

14 Cookies

14 Outgoing links

Page URL History

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.kesimptahcp.com Open in urlscan Pro
2606:4700:4400::ac40:9887 Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

96 %
HTTPS

29 %
IPv6

15
Domains

21
Subdomains

20
IPs

5
Countries

1350 kB
Transfer

4409 kB
Size

14
Cookies

56 HTTP transactions
0 data transactions