urlscan.io logo urlscan.io
SecurityTrails logo

auth.rxsavingssolutions.com Open in urlscan Pro
2600:9000:210b:4200:c:187a:d640:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://protect-us.mimecast.com/s/cHiFC82oYXcRY8vZfG0val?domain=click.salesforce.rxsavingssolutions.com
Effective URL: https://auth.rxsavingssolutions.com/activate?utm_campaign=email-1&utm_content=employer&utm_medium=email&utm_source=rolling
Submission: On November 03 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 1 countries across 9 domains to perform 24 HTTP transactions. The main IP is 2600:9000:210b:4200:c:187a:d640:93a1, located in United States and belongs to AMAZON-02, US. The main domain is auth.rxsavingssolutions.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on October 27th 2022. Valid for: a year.
This is the only time auth.rxsavingssolutions.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 205.139.111.12 3561 (CENTURYLI...)
1 1 13.111.48.123 22606 (EXACT-7)
1 3 34.227.220.237 14618 (AMAZON-AES)
8 2600:9000:210... 16509 (AMAZON-02)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2600:9000:23c... 16509 (AMAZON-02)
2 54.231.199.161 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
3 2600:9000:20e... 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 34.107.204.85 396982 (GOOGLE-CL...)
1 104.198.23.205 15169 (GOOGLE)
24 12
2    205.139.111.12 (United States)

ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US)
PTR: us-api.mimecast.com
protect-us.mimecast.com
1    13.111.48.123 (United States)

ASN22606 (EXACT-7, US)
PTR: click.salesforce.rxsavingssolutions.com
click.salesforce.rxsavingssolutions.com
3    34.227.220.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-227-220-237.compute-1.amazonaws.com
api.rxsavingssolutions.com
8    2600:9000:210b:4200:c:187a:d640:93a1 (United States)

ASN16509 (AMAZON-02, US)
auth.rxsavingssolutions.com
1    2606:4700:3032::6815:39ea (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.lr-ingest.io
1    2607:f8b0:4006:817::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:23cb:da00:1f:aa31:7740:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.pendo.io
2    54.231.199.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
login-activation-cms.s3.amazonaws.com
2    2607:f8b0:4006:809::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2600:9000:20ee:2a00:8:e57f:89c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets.rxss.design
1    2607:f8b0:4004:c08::9a (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    34.107.204.85 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 85.204.107.34.bc.googleusercontent.com
app.pendo.io
1    104.198.23.205 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 205.23.198.104.bc.googleusercontent.com
r.lr-ingest.io
Apex Domain
Subdomains		 Transfer
12 rxsavingssolutions.com
click.salesforce.rxsavingssolutions.com
api.rxsavingssolutions.com
auth.rxsavingssolutions.com
626 KB
3 rxss.design
assets.rxss.design
321 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 97
20 KB
2 amazonaws.com
login-activation-cms.s3.amazonaws.com
39 KB
2 pendo.io
cdn.pendo.io — Cisco Umbrella Rank: 2591
app.pendo.io — Cisco Umbrella Rank: 4438
130 KB
2 lr-ingest.io
cdn.lr-ingest.io — Cisco Umbrella Rank: 18555
r.lr-ingest.io — Cisco Umbrella Rank: 27435
159 KB
2 mimecast.com
protect-us.mimecast.com — Cisco Umbrella Rank: 20305
3 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 166
447 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 121
43 KB
24 9
Domain Requested by
8 auth.rxsavingssolutions.com auth.rxsavingssolutions.com
3 assets.rxss.design auth.rxsavingssolutions.com
3 api.rxsavingssolutions.com 1 redirects auth.rxsavingssolutions.com
2 www.google-analytics.com www.googletagmanager.com
auth.rxsavingssolutions.com
2 login-activation-cms.s3.amazonaws.com auth.rxsavingssolutions.com
2 protect-us.mimecast.com 2 redirects
1 r.lr-ingest.io auth.rxsavingssolutions.com
1 app.pendo.io
1 stats.g.doubleclick.net auth.rxsavingssolutions.com
1 cdn.pendo.io auth.rxsavingssolutions.com
1 www.googletagmanager.com auth.rxsavingssolutions.com
1 cdn.lr-ingest.io auth.rxsavingssolutions.com
1 click.salesforce.rxsavingssolutions.com 1 redirects
24 13

This site contains links to these domains. Also see Links.

Domain
rxsavingssolutions.com
Subject Issuer Validity Valid
*.auth.rxsavingssolutions.com
Amazon RSA 2048 M01		 2022-10-27 -
2023-11-25		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-11 -
2023-05-11		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
cdn.pendo.io
Amazon		 2022-07-30 -
2023-08-28		 a year crt.sh
api.rxsavingssolutions.com
Amazon RSA 2048 M02		 2022-10-31 -
2023-11-29		 a year crt.sh
*.s3.amazonaws.com
Amazon		 2022-09-21 -
2023-08-26		 a year crt.sh
rxss.design
Amazon		 2022-03-25 -
2023-04-23		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
pendo.io
GTS CA 1D4		 2022-10-29 -
2023-01-27		 3 months crt.sh
api.logrocket.com
R3		 2022-10-24 -
2023-01-22		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://auth.rxsavingssolutions.com/activate?utm_campaign=email-1&utm_content=employer&utm_medium=email&utm_source=rolling
Frame ID: 237B4E27662DD3E507A27EC7A5229E11
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Rx Savings Solutions

Page URL History Show full URLs

  1. https://protect-us.mimecast.com/s/cHiFC82oYXcRY8vZfG0val?domain=click.salesforce.rxsavingssolutions.com HTTP 307
    https://protect-us.mimecast.com/r/OMs3ZLGwVzXcVt8xgkVhENIJbSUELYxhQDQbFrnkgvX-lZGCX8eYWJCPMrrmLvlax01FH4T8Qy... HTTP 307
    https://click.salesforce.rxsavingssolutions.com/?qs=100b8bead2e3997c579a1ca8fb31a4127adbe9f4f65ec7d1300083b9c6c45cec69838fc4... HTTP 302
    https://api.rxsavingssolutions.com/register?utm_source=rolling&utm_medium=email&utm_campaign=email-1&utm_conten... HTTP 302
    https://auth.rxsavingssolutions.com/activate?utm_campaign=email-1&utm_content=employer&utm_medium=email&utm_sour... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.lr-ingest\.io

Page Statistics

24
Requests

96 %
HTTPS

54 %
IPv6

9
Domains

13
Subdomains

12
IPs

1
Countries

1339 kB
Transfer

3966 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://protect-us.mimecast.com/s/cHiFC82oYXcRY8vZfG0val?domain=click.salesforce.rxsavingssolutions.com HTTP 307
    https://protect-us.mimecast.com/r/OMs3ZLGwVzXcVt8xgkVhENIJbSUELYxhQDQbFrnkgvX-lZGCX8eYWJCPMrrmLvlax01FH4T8Qy_uxAqyTYJs3agvbz1exMap_hdBf5O9RBNkLOPomCaZ6oqXSXE2llqHRgSnP52o3C_ADd_rsR0a-tzYAsyhCVymqXucg6dS0yOAGnSt-pXw_WofG10CvJWQ-rnmqdo4j2F-4BQhNs0vK9AasaPlGHCkI_OD0g3i7uzlw-8WHTKxsVsq11RKoUQD1d3lWowVcNReLnbfM6kdZUH-H45wcvoMaAfcFYde0ZhVz6fxtPQHYWQE27t_9vE1EWt7Ju6bFykE9Xdc9U3YdFVlDjNZUqnce6fskrd65UeaH8mD5su02JltQbbPIkloklzCWHEyKOr_zW66gABrZJqrBAC_h5_3arzYotjbfY8G_SrpbTPCfTtAa9MhPU6lL4_qO8G57jNVwx_228bcPLxZsWx8yHfYuIbyo2e-uy4I2cu9oiBjqSQp30vpbhY7eiwQVRuzJY8gTVosw_oEU35RN4PfdaJ5cSWuTnBKbik6yN70kq7G5ZvBYTGzh04Hs_mAv1hgXMizifRhhmZ8rmqDk0XRWYt13pbcTxsGurRwYakT1OffvBvy5bDAzdWD5ipbPZzoKrdSmmHp5pRC1cHyKk4IrqFdK4XzWvJN4WlE9SdG7Sosl8mTcj_VcImjLUzZuRakPe3xetp8P-mRmUJgGzxAevZmjEltEMEIRAdhr4OcDhs10CbAQ0cUUB_DCOO5fpSOEsQ-j34NlKDJl71VxcZxvJSuTx0BTaY_ZY2cQpgfePpp_M580XGOqGZvgkAG6Q3oQClFDXhxcyKyljMaYTQQoBMTAK8pObZzxX2FuKJmpDO62eOgvJccn9YQ2ByXzaxEXBT8LrdVhalqMmp9A4XcTaWNfSoRw7BS5IIgCRrfSdlrh0VoNI6tU9Qp6g8TxQK-bLQwLCxwyBq4_7e1qpRvo1uw8Q9JsLE2dXHJSteCwTvIJAskWZqFWgWOIMdNMvtPAYsXamoeQLPhkZ8NRnC14WQp1ZKg7G8Cf0XV-9y1P7j-FEHOfhNBdrCHWQr6L8h500dxsRzRgybgfbve_AHHYaeVC2yYLTVMEXHfSgtxcTbweHFUvJTQ4gcnMOLkbJHT14wa_DjpMVADdEX9csEs5D28Htm_jgtA1XSOX_yCgEvhIt6vjt-JiEUHTBxZVuBnmaC5V5vcC8HG1ZLBra3-L1Z2gVZVFu43nHBopqVU7Pjz85teVOv0OfwVuzaC3p7UgtOJlWn5o75ktpSO3sWoVqMzcQg76DHDcY3s4jFRWJ-xNY_MO12s3EsVae0lUUXL9sMBRjaVAyrU5suBk57Mj_3Rt8OcPXi5K26XfPbXyU1Wf_eLecwy8uMU0wEn3I3pJQ7xgCrFD5vq8pehSuILpZlZlJrZBXzJJLPE1kZP8JSEoccXYo12mOUc1o0GDkpjJhHnu39GNpW4azofLo0kH9nDR0BLooaBKr-jZii2bfmxVNpGtsGD5XX2bWBYXjJp8qIR2ZYWDS3FbY-kzFeV1km4iSUJf4x_GoysyZIp2_E93u5M-nLXAVbkFN_AIEiB1_yexJkly3W8jL-Yo-B_PTn_Zijbup8Pl_fHw1dZ8ba1FYTYvJ5zeZM7Znf1GqZPSvFfr4S8XDXpS3xwt8680oOIE4FQATBsiiygbv-YLotKsDis2bhzAWhm-XyLI78c3amRxN91eGQvrGTHANYDnaUJFyIbpUFM8ouBuR5SCmy57vaxpyaKW9-JxNPQ_-Onbuu6PBbZ3CSmOIDw5SZLnU7VO7SofJOEMqjRFXOcCvsEEcX9vcFsi723qO_wwb-azCssayaO9BoliLSjhNAep3uu41tLC1yyyTeBlXpwn3FX4VL5t9i39qW1pTzlCUXd9QifUlZlH8LHZu7wMOErxxaVd4jSGHClDB0 HTTP 307
    https://click.salesforce.rxsavingssolutions.com/?qs=100b8bead2e3997c579a1ca8fb31a4127adbe9f4f65ec7d1300083b9c6c45cec69838fc448dafd7b596f4fe498c294d2506776e77241f8f60e2b18c945f3e37b HTTP 302
    https://api.rxsavingssolutions.com/register?utm_source=rolling&utm_medium=email&utm_campaign=email-1&utm_content=employer HTTP 302
    https://auth.rxsavingssolutions.com/activate?utm_campaign=email-1&utm_content=employer&utm_medium=email&utm_source=rolling Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request activate
auth.rxsavingssolutions.com/
Redirect Chain
  • https://protect-us.mimecast.com/s/cHiFC82oYXcRY8vZfG0val?domain=click.salesforce.rxsavingssolutions.com
  • https://protect-us.mimecast.com/r/OMs3ZLGwVzXcVt8xgkVhENIJbSUELYxhQDQbFrnkgvX-lZGCX8eYWJCPMrrmLvlax01FH4T8Qy_uxAqyTYJs3agvbz1exMap_hdBf5O9RBNkLOPomCaZ6oqXSXE2llqHRgSnP52o3C_ADd_rsR0a-tzYAsyhCVymqXu...
  • https://click.salesforce.rxsavingssolutions.com/?qs=100b8bead2e3997c579a1ca8fb31a4127adbe9f4f65ec7d1300083b9c6c45cec69838fc448dafd7b596f4fe498c294d2506776e77241f8f60e2b18c945f3e37b
  • https://api.rxsavingssolutions.com/register?utm_source=rolling&utm_medium=email&utm_campaign=email-1&utm_content=employer
  • https://auth.rxsavingssolutions.com/activate?utm_campaign=email-1&utm_content=employer&utm_medium=email&utm_source=rolling
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.rxsavingssolutions.com/activate?utm_campaign=email-1&utm_content=employer&utm_medium=email&utm_source=rolling
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:4200:c:187a:d640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4ff151de8a832fd5d6ae26e21d32e5f11049cea732da24734300dd4e3d940767
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
public, max-age=0, s-maxage=2
content-encoding
gzip
content-type
text/html
date
Thu, 03 Nov 2022 17:53:07 GMT
etag
W/"71c1a0fa53080ec1e94659691a63e0d3"
last-modified
Thu, 27 Oct 2022 21:33:54 GMT
server
AmazonS3
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 208179bfee14e9f51f5eb16e238b2f6c.cloudfront.net (CloudFront)
x-amz-cf-id
RAg-YGE7kpGE5uD-ZM4z7SmSXryeMjGDLG1ThILo4Vip0SZIxLkuNw==
x-amz-cf-pop
EWR53-C3
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block

Redirect headers

cache-control
max-age=0, must-revalidate, no-cache, no-store, private
content-type
text/html; charset=UTF-8
date
Thu, 03 Nov 2022 17:53:06 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://auth.rxsavingssolutions.com/activate?utm_campaign=email-1&utm_content=employer&utm_medium=email&utm_source=rolling
pragma
no-cache
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains
vary
Origin
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
app.81cb6787.css
auth.rxsavingssolutions.com/css/ 		20 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.rxsavingssolutions.com/css/app.81cb6787.css
Requested by
Host: auth.rxsavingssolutions.com
URL: https://auth.rxsavingssolutions.com/activate?utm_campaign=email-1&utm_content=employer&utm_medium=email&utm_source=rolling
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:4200:c:187a:d640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a85fe7d54161d9b4e68cfa78e34fc250bb0f63e46e6e76f70ada2fba46b34ce7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://auth.rxsavingssolutions.com/activate?utm_campaign=email-1&utm_content=employer&utm_medium=email&utm_source=rolling
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 17:53:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
EWR53-C3
x-amz-server-side-encryption
AES256
via
1.1 208179bfee14e9f51f5eb16e238b2f6c.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 27 Oct 2022 21:33:54 GMT
server
AmazonS3
etag
W/"aea888e343fd157d60bb120352b79b9f"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
EFfZbpYGyM4tjI08hr6nCpG3MyY4_nEfAL5PuregxAjEqR-gszeUcQ==
chunk-vendors.b20c9692.css
auth.rxsavingssolutions.com/css/ 		220 B
711 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.rxsavingssolutions.com/css/chunk-vendors.b20c9692.css
Requested by
Host: auth.rxsavingssolutions.com
URL: https://auth.rxsavingssolutions.com/activate?utm_campaign=email-1&utm_content=employer&utm_medium=email&utm_source=rolling
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:4200:c:187a:d640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3606d07767e5f07bcfc5c353559bdbd7c199af53ce7091b4370fd8f0389f2d49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://auth.rxsavingssolutions.com/activate?utm_campaign=email-1&utm_content=employer&utm_medium=email&utm_source=rolling
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 17:53:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
via
1.1 208179bfee14e9f51f5eb16e238b2f6c.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
220
x-xss-protection
1; mode=block
last-modified
Thu, 27 Oct 2022 21:33:54 GMT
server
AmazonS3
etag
"798b46d26550385bcd223edb1bd024a6"
x-frame-options
DENY
content-type
text/css
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
x-amz-cf-id
HJn-B2GwA8Dptgs7O_k712pysLytvKI3fIp__uK4GFbbX3357BupVg==
app.34b443aa.js
auth.rxsavingssolutions.com/js/ 		561 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.rxsavingssolutions.com/js/app.34b443aa.js
Requested by
Host: auth.rxsavingssolutions.com
URL: https://auth.rxsavingssolutions.com/activate?utm_campaign=email-1&utm_content=employer&utm_medium=email&utm_source=rolling
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:4200:c:187a:d640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
76a41d1d2b90254b2dcbc50f875b0c9b7bcbd3956ceef7633c2cec017d8f4f8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://auth.rxsavingssolutions.com/activate?utm_campaign=email-1&utm_content=employer&utm_medium=email&utm_source=rolling
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 17:53:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
EWR53-C3
x-amz-server-side-encryption
AES256
via
1.1 208179bfee14e9f51f5eb16e238b2f6c.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 27 Oct 2022 21:33:54 GMT
server
AmazonS3
etag
W/"0109643be3e5b592d9ace4921519ac27"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
MUAy5m6wQ8GIQzrGjXeaZurqrVQvUVIn4CZeyZ3nIC5fFZlw95O5Og==
chunk-vendors.b981b212.js
auth.rxsavingssolutions.com/js/ 		1 MB
387 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.rxsavingssolutions.com/js/chunk-vendors.b981b212.js
Requested by
Host: auth.rxsavingssolutions.com
URL: https://auth.rxsavingssolutions.com/activate?utm_campaign=email-1&utm_content=employer&utm_medium=email&utm_source=rolling
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:4200:c:187a:d640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
49e5708e6d50267be9c4ede90dac4cc4f0c78a9cc9995833d3645523b1316ad6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://auth.rxsavingssolutions.com/activate?utm_campaign=email-1&utm_content=employer&utm_medium=email&utm_source=rolling
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 17:53:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
EWR53-C3
x-amz-server-side-encryption
AES256
via
1.1 208179bfee14e9f51f5eb16e238b2f6c.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 27 Oct 2022 21:33:54 GMT
server
AmazonS3
etag
W/"577a1823dfda60818d7719700607a4b3"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
VW9WSFhWvRz0EWlhp-Oxo3ZuBXo4fpEAHrJcv61YRcfh8WF6MLiP0Q==
chunk-48e809d6.8dc57a85.js
auth.rxsavingssolutions.com/js/ 		0
58 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://auth.rxsavingssolutions.com/js/chunk-48e809d6.8dc57a85.js
Requested by
Host: auth.rxsavingssolutions.com
URL: https://auth.rxsavingssolutions.com/activate?utm_campaign=email-1&utm_content=employer&utm_medium=email&utm_source=rolling
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:4200:c:187a:d640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://auth.rxsavingssolutions.com/activate?utm_campaign=email-1&utm_content=employer&utm_medium=email&utm_source=rolling
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 17:53:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
EWR53-C3
x-amz-server-side-encryption
AES256
via
1.1 208179bfee14e9f51f5eb16e238b2f6c.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 27 Oct 2022 21:33:54 GMT
server
AmazonS3
etag
W/"0b1efa8ce73cd8ebeff4dc060b24def4"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
ksDUhlvnHa0tdqNwpZPUGv1PWeVSTPL7LIWZ89jHn4xRRUHso5TUbQ==
logger-1.min.js
cdn.lr-ingest.io/ 		781 KB
159 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.lr-ingest.io/logger-1.min.js
Requested by
Host: auth.rxsavingssolutions.com
URL: https://auth.rxsavingssolutions.com/js/chunk-vendors.b981b212.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:39ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42a624a4c8e7948f5693b160e20835145ab4493354c87d3652701ce32e932fbf
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
en-US,en;q=0.9
Referer
https://auth.rxsavingssolutions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 17:53:07 GMT
strict-transport-security
max-age=31556926
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
208
x-cache
MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-lga21922-LGA
last-modified
Thu, 03 Nov 2022 16:43:26 GMT
server
cloudflare
x-timer
S1667493866.271163,VS0,VE112
etag
W/"72f8362aa354783cc3dafb114f592df4458001cf264ff73f02ae27a3257db629"
vary
x-fh-requested-host, accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jtk5hJ5YLWByLWjONr5Smo%2BMphvJ9ueIwkFJekos4MYP5L6NP7EdhXTxu1WQ9S3BymetsNSZ1VM2wkj%2FBi9nMfvfO92PO%2BuCpLB1Ecwxq4JPa02X11RgbQSVQKNV0bvmk6kPM6CTwvudmzoh%2FupG"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
7646f7b3fd9b1801-EWR
x-cache-hits
0
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-32662361-2&l=dataLayer
Requested by
Host: auth.rxsavingssolutions.com
URL: https://auth.rxsavingssolutions.com/js/chunk-vendors.b981b212.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8dac391fb74f17ab37ff23c2b23f5a421c044f7b8f6ada731928e862486887e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://auth.rxsavingssolutions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 17:53:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43597
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 17:17:45 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 03 Nov 2022 17:53:07 GMT
pendo.js
cdn.pendo.io/agent/static/a1de7355-b6c8-4141-6659-633e90075a43/ 		389 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pendo.io/agent/static/a1de7355-b6c8-4141-6659-633e90075a43/pendo.js
Requested by
Host: auth.rxsavingssolutions.com
URL: https://auth.rxsavingssolutions.com/js/app.34b443aa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:da00:1f:aa31:7740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
UploadServer /
Resource Hash
c3572656df42ebf12a1a80cc3151b5863c7c9930ed6cfb61be10f53a5839b119

Request headers

accept-language
en-US,en;q=0.9
Referer
https://auth.rxsavingssolutions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 17:52:42 GMT
content-encoding
gzip
via
1.1 3e7fb742ce78adbb687505d8440bf99c.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P1
age
25
x-guploader-uploadid
ADPycdtHePLeEIKUMuiuJHhmYAV-CRF2NodDrixFDQKcsoXUszPQwwKdkF1Xg2GDIvXtyxn9Ov1Wce4RYvH1hVzboJUeHozk5P78
x-cache
Hit from cloudfront
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
131584
last-modified
Mon, 31 Oct 2022 18:17:19 GMT
server
UploadServer
etag
"f0bf55c5b1e833967c5c7b378b215438"
vary
Accept-Encoding
x-goog-generation
1667240239026348
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=g1LViA==, md5=8L9VxbHoM5Z8XHs3iyFUOA==
access-control-expose-headers
*
cache-control
max-age=450
x-goog-stored-content-length
131584
accept-ranges
bytes
x-amz-cf-id
fs9zy4Tdin_JpzboT6VNqwWwx5XH-bOfvghCNkrQKNH3bto6e1v26Q==
expires
Thu, 03 Nov 2022 18:00:12 GMT
status
api.rxsavingssolutions.com/login/ 		83 B
704 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rxsavingssolutions.com/login/status
Requested by
Host: auth.rxsavingssolutions.com
URL: https://auth.rxsavingssolutions.com/js/chunk-vendors.b981b212.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.220.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-220-237.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f5387539fbab40f59a89359adfb2dd8f02877dedf1fe1b6739f873fe4f2d4380
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://auth.rxsavingssolutions.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 17:53:07 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://auth.rxsavingssolutions.com
cache-control
no-cache, private
access-control-allow-credentials
true
x-xss-protection
1; mode=block
rxss
api.rxsavingssolutions.com/design-dictionaries/dictionaries/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rxsavingssolutions.com/design-dictionaries/dictionaries/rxss
Requested by
Host: auth.rxsavingssolutions.com
URL: https://auth.rxsavingssolutions.com/js/chunk-vendors.b981b212.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.220.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-220-237.compute-1.amazonaws.com
Software
nginx /
Resource Hash
277692ab3930df41431d291dafcd2b7096a425181d02d69852edaef05079d54f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://auth.rxsavingssolutions.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 17:53:07 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
server
nginx
vary
Origin
x-frame-options
DENY
content-type
application/json
access-control-allow-origin
https://auth.rxsavingssolutions.com
cache-control
no-cache, private
access-control-allow-credentials
true
x-xss-protection
1; mode=block
en-content_v19.json
login-activation-cms.s3.amazonaws.com/content/ 		18 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://login-activation-cms.s3.amazonaws.com/content/en-content_v19.json
Requested by
Host: auth.rxsavingssolutions.com
URL: https://auth.rxsavingssolutions.com/js/chunk-vendors.b981b212.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.199.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
9147444d4ba1c9c70cc4e395841af53011db424b4fd620f295d5c402641ab414

Request headers

Accept
application/json, text/plain, */*
Referer
https://auth.rxsavingssolutions.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 17:53:08 GMT
x-amz-version-id
q8VgL5ENk6z6S_lTG.x2A0yEqW6GpADe
x-amz-request-id
M638NGZFYP4S9ES9
x-amz-server-side-encryption
AES256
Content-Length
18651
x-amz-id-2
jsG5JlWRSTkkosgS6YMAOV6fLjhDtGyfdxuRgQZgMzjC8Vvs74lQ0vOnoPPGiu4FFySnx8igVmM=
Last-Modified
Thu, 20 Oct 2022 19:48:26 GMT
Server
AmazonS3
ETag
"21dd2526ebd7a681919b12c1e9954ccb"
Access-Control-Max-Age
3000
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
HEAD, GET, PUT, POST, DELETE
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2
Cache-Control
no-store
Content-Type
application/json
Accept-Ranges
bytes
es-content_v19.json
login-activation-cms.s3.amazonaws.com/content/ 		20 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://login-activation-cms.s3.amazonaws.com/content/es-content_v19.json
Requested by
Host: auth.rxsavingssolutions.com
URL: https://auth.rxsavingssolutions.com/js/chunk-vendors.b981b212.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.199.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
486b31b7e02f5b3d937b9584e8d25253d5576f35f098229df67560e5be34bafa

Request headers

Accept
application/json, text/plain, */*
Referer
https://auth.rxsavingssolutions.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 17:53:08 GMT
x-amz-version-id
4aSukw2Y8EUJxf341t8xJb53.48HjszU
x-amz-request-id
M637S4AXCPBHFX5S
x-amz-server-side-encryption
AES256
Content-Length
20242
x-amz-id-2
Kr+JY5J5/aT8KdHne/uASNF5X7HfdoklduVNxb5E8RLEZL1vNzUwcdI+rCqa5XuHu9U35uFtO9E=
Last-Modified
Thu, 20 Oct 2022 19:47:56 GMT
Server
AmazonS3
ETag
"c6d60cb1b0974ea41cbe84fa80d31218"
Access-Control-Max-Age
3000
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
HEAD, GET, PUT, POST, DELETE
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2
Cache-Control
no-store
Content-Type
application/json
Accept-Ranges
bytes
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-32662361-2&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://auth.rxsavingssolutions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 03 Nov 2022 15:53:39 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
7168
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Thu, 03 Nov 2022 17:53:39 GMT
activation_background.jpg
assets.rxss.design/images/rxss/auth_assets/ 		313 KB
314 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.rxss.design/images/rxss/auth_assets/activation_background.jpg
Requested by
Host: auth.rxsavingssolutions.com
URL: https://auth.rxsavingssolutions.com/activate?utm_campaign=email-1&utm_content=employer&utm_medium=email&utm_source=rolling
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ee:2a00:8:e57f:89c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
15966f72b75944c8294e2f2934826b6ac18b042ec33b5317b92085f5373a842b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://auth.rxsavingssolutions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 20:07:44 GMT
x-amz-version-id
null
via
1.1 da6ac7fe2ce4440b4aa52fe43d9dbf52.cloudfront.net (CloudFront)
last-modified
Tue, 20 Sep 2022 15:36:56 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-C2
age
78325
etag
"412173278e843b952c491f0b480e3f43"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
320684
x-amz-cf-id
Gqet6Zm_dKfBcCYFrGSO35vtiu-CPWuzznoRRZpTQ5sXUUSaD5L4RQ==
800da3b0-675f-465f-892d-d76cecbdd5b1.aa208d41.woff2
auth.rxsavingssolutions.com/fonts/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://auth.rxsavingssolutions.com/fonts/800da3b0-675f-465f-892d-d76cecbdd5b1.aa208d41.woff2
Requested by
Host: auth.rxsavingssolutions.com
URL: https://auth.rxsavingssolutions.com/css/app.81cb6787.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:4200:c:187a:d640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f0e377151a40a2121ae37408dccef196d10b6e78036cc7f78aff9a4f2e29fc89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.rxsavingssolutions.com/css/app.81cb6787.css
Origin
https://auth.rxsavingssolutions.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 17:53:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
via
1.1 208179bfee14e9f51f5eb16e238b2f6c.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
28632
x-xss-protection
1; mode=block
last-modified
Thu, 27 Oct 2022 21:33:54 GMT
server
AmazonS3
etag
"aa208d416edf264fed83943d57a68ecf"
x-frame-options
DENY
content-type
font/woff2
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
x-amz-cf-id
XbqVsLVYv-p2oEY-5dLMM38Fo1Wj8DNwil78BLGEvLd1x4rNROgkwA==
primaryLogo.svg
assets.rxss.design/images/rxss/ 		15 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.rxss.design/images/rxss/primaryLogo.svg
Requested by
Host: auth.rxsavingssolutions.com
URL: https://auth.rxsavingssolutions.com/activate?utm_campaign=email-1&utm_content=employer&utm_medium=email&utm_source=rolling
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ee:2a00:8:e57f:89c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
551be17882a95ea6af59a68b60ebd32eb93582ecf65775b9611c6956d21eeaaa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://auth.rxsavingssolutions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 da6ac7fe2ce4440b4aa52fe43d9dbf52.cloudfront.net (CloudFront)
date
Thu, 03 Nov 2022 17:45:01 GMT
last-modified
Fri, 25 Mar 2022 22:05:38 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-C2
age
488
x-amz-server-side-encryption
AES256
etag
W/"111cb7312a3f714fe8e06a48982e0b6b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
SI7emKDBd7TLeS1juorESyGw-KXOZ8lAb4_o0qfH3OmupJ1r2jeRug==
eligibilityStep.svg
assets.rxss.design/images/rxss/auth_assets/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.rxss.design/images/rxss/auth_assets/eligibilityStep.svg
Requested by
Host: auth.rxsavingssolutions.com
URL: https://auth.rxsavingssolutions.com/activate?utm_campaign=email-1&utm_content=employer&utm_medium=email&utm_source=rolling
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ee:2a00:8:e57f:89c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
22f0c8828af6addb4c47a6fbe2acf38a558af4c47afbb9f781c2a1287219a964

Request headers

accept-language
en-US,en;q=0.9
Referer
https://auth.rxsavingssolutions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 17:53:09 GMT
x-amz-version-id
null
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 15:36:54 GMT
server
AmazonS3
via
1.1 da6ac7fe2ce4440b4aa52fe43d9dbf52.cloudfront.net (CloudFront)
x-amz-cf-pop
BOS50-C2
etag
W/"296b2d2c18c62cfa6d048e8421c014f8"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
x-amz-cf-id
rAoN9urTCtHhlZjM79iIvmIdHlLNSzgGNubHV834gjmsy_tiq7eZ_g==
footerIcon.599c5c95.svg
auth.rxsavingssolutions.com/img/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth.rxsavingssolutions.com/img/footerIcon.599c5c95.svg
Requested by
Host: auth.rxsavingssolutions.com
URL: https://auth.rxsavingssolutions.com/activate?utm_campaign=email-1&utm_content=employer&utm_medium=email&utm_source=rolling
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:4200:c:187a:d640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d24e7713eee4a554f9bd3298f361834a270625666ae41508cc33cd404d04b400
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://auth.rxsavingssolutions.com/activate?utm_campaign=email-1&utm_content=employer&utm_medium=email&utm_source=rolling
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 17:53:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
EWR53-C3
x-amz-server-side-encryption
AES256
via
1.1 208179bfee14e9f51f5eb16e238b2f6c.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 27 Oct 2022 21:33:54 GMT
server
AmazonS3
etag
W/"599c5c95bc9f6bff4ff433040d8a2a7c"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
1nyTmXKDuymO5FYdsxMIv5wMv09f4xmhFA0Qr28Q7P6MsI_AJmozXQ==
1541840b-ce50-49df-b69d-051026f50a80
https://auth.rxsavingssolutions.com/ 		426 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://auth.rxsavingssolutions.com/1541840b-ce50-49df-b69d-051026f50a80
Requested by
Host: auth.rxsavingssolutions.com
URL: https://auth.rxsavingssolutions.com/activate?utm_campaign=email-1&utm_content=employer&utm_medium=email&utm_source=rolling
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56c44ca7e2903be7618fed847ed03b310c74777a8d613d8bcbbb10b1e0d8b886

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Length
436331
collect
www.google-analytics.com/j/ 		2 B
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=681872543&t=pageview&_s=1&dl=https%3A%2F%2Fauth.rxsavingssolutions.com%2Factivate%3Futm_campaign%3Demail-1%26utm_content%3Demployer%26utm_medium%3Demail%26utm_source%3Drolling&dp=%2Factivate&ul=en-us&de=UTF-8&dt=ActivationPage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACgCI~&jid=2129772669&gjid=2002837057&cid=96131459.1667497988&tid=UA-32662361-2&_gid=1654890455.1667497988&_r=1&gtm=2oub20&z=812727766
Requested by
Host: auth.rxsavingssolutions.com
URL: https://auth.rxsavingssolutions.com/js/chunk-vendors.b981b212.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://auth.rxsavingssolutions.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 17:53:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://auth.rxsavingssolutions.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-32662361-2&cid=96131459.1667497988&jid=2129772669&gjid=2002837057&_gid=1654890455.1667497988&_u=YEBAAUAAAAAAACgCI~&z=407367459
Requested by
Host: auth.rxsavingssolutions.com
URL: https://auth.rxsavingssolutions.com/js/chunk-vendors.b981b212.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://auth.rxsavingssolutions.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 03 Nov 2022 17:53:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://auth.rxsavingssolutions.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
a1de7355-b6c8-4141-6659-633e90075a43
app.pendo.io/data/ptm.gif/ 		42 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.pendo.io/data/ptm.gif/a1de7355-b6c8-4141-6659-633e90075a43?v=2.158.1_prod&ct=1667497988411&jzb=eJzdUctu2zAQ_BceelIlUw9LNmAURRMgOTRpXfWBFgXBUIzCgi-QS9du4H_PSkaMnnLrpTppR7OjmZ0fjwQOXpI1MRI4ychdcL-jDAyUQZQul229alddV3VNRnYqKnCBqQEX2IfLm4tb1jN_ac0XIX69d99QgAvhkoWZY5PWGUlBI_0BwMd1UfAED3nYR75TdozR6QTK2ZgLZwouQO04yDcJDBPceK5Gu5GGK_2avppBZ0FaQMxrd5BhBo0cVDIn3gxEl4KQm-C0xp-gKR-cj2T9-Jxgen0phOZ2THyc7iIt-_yJHM_BcBUHzwPaePs3NKBx5C-qgtKiXJQl6uxkiJgO4TKnTZdThk6GSe0k0PO76_Od4DSQdx-_G-j3f_w2LPd9c4U694EbOX-025vqYvy6dbf3V9dxAVNlB5AYrm4Wx-xcp3Z8eLHO7n-oc0r5nK0tm7xZ4dPVbU1L-k-OXNX18ecTDboXmQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.204.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
85.204.107.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://auth.rxsavingssolutions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 17:53:08 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-max-age
600
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
false
access-control-allow-headers
Origin,Accept,Content-Type,Authorization
content-length
42
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
i
r.lr-ingest.io/ 		78 B
604 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.lr-ingest.io/i?a=vj7fnr%2Frx-savings-solutions&r=5-acb9dcba-0e95-48c7-b7fe-286fea056b56&t=9c40ad1a-ff99-4d27-a5c0-bca3b38b3941&s=0&rs=0%2Cu
Requested by
Host: auth.rxsavingssolutions.com
URL: https://auth.rxsavingssolutions.com/js/chunk-vendors.b981b212.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.23.205 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
205.23.198.104.bc.googleusercontent.com
Software
/ Express
Resource Hash
0726a1460c479e6771c69b199c50878ab086b6688ee4360232d608a6c18ef142
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://auth.rxsavingssolutions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 17:53:11 GMT
strict-transport-security
max-age=15724800; includeSubDomains
etag
W/"4e-tVpdzeH1qOmgCYkZn233dffv4yA"
x-powered-by
Express
access-control-max-age
1728000
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret,X-LogRocket-ClickHouse-Override,X-LogRocket-ClickHouse-Enabled-Queries
content-length
78

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| webpackJsonp object| regeneratorRuntime function| setImmediate function| clearImmediate object| FontAwesomeConfig object| ___FONT_AWESOME___ number| _rollbarStartTime function| rollbar boolean| _rollbarDidLoad function| _rollbarURH function| _lrMutationObserver object| __SDKCONFIG__ object| dataLayer function| gtag function| _lrXMLHttpRequest object| pendo object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| _LRLogger boolean| _lr_loaded object| gaplugins object| gaGlobal object| gaData

8 Cookies

Domain/Path Name / Value
.rxsavingssolutions.com/ Name: private_label_name
Value: cnhzcw%3D%3D
.rxsavingssolutions.com/ Name: laravel_session
Value: eyJpdiI6ImxTMXlDRnc3S3JFYWR4ZG0vVTJpenc9PSIsInZhbHVlIjoiS1JoRDhFMkszTjN2K08reTlaUDZsaWpXUE5teTdEZHl3Z3p0b3JlZCtGd2pCeUZGY1V1M0dudldpOUhPU2trdGNFbjc1TEpLb0dxc0FabHFjVHVjYm5RNGpPbXNURWdkSDRwa05rWXh5U2NXa21YYy80UWpPZnpnOC9PZzVUQ1giLCJtYWMiOiI1ZmY1M2JlYmM4MmMzZjA1N2Q1YWJkMjk2YTE2MjNmOWE5YTg1YWMxNWI3NjdhNzg2Y2I0Yjc5MTBmMWI5Y2Q0In0%3D
.rxsavingssolutions.com/ Name: cnhzYXZpbmdzc29sdXRpb25zLmNvbQ%3D%3D-_lr_tabs_-vj7fnr%2Frx-savings-solutions
Value: {%22sessionID%22:0%2C%22recordingID%22:%225-acb9dcba-0e95-48c7-b7fe-286fea056b56%22%2C%22lastActivity%22:1667497987712}
.rxsavingssolutions.com/ Name: cnhzYXZpbmdzc29sdXRpb25zLmNvbQ%3D%3D-_lr_hb_-vj7fnr%2Frx-savings-solutions
Value: {%22heartbeat%22:1667497987714}
.rxsavingssolutions.com/ Name: cnhzYXZpbmdzc29sdXRpb25zLmNvbQ%3D%3D-_lr_uf_-vj7fnr
Value: 0bb61d17-3182-4d00-bb3f-4d7693b4f529
.rxsavingssolutions.com/ Name: _ga
Value: GA1.2.96131459.1667497988
.rxsavingssolutions.com/ Name: _gid
Value: GA1.2.1654890455.1667497988
.rxsavingssolutions.com/ Name: _gat_gtag_UA_32662361_2
Value: 1

1 Console Messages

Source Level URL
Text
network error URL: https://api.rxsavingssolutions.com/login/status
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.rxsavingssolutions.com
app.pendo.io
assets.rxss.design
auth.rxsavingssolutions.com
cdn.lr-ingest.io
cdn.pendo.io
click.salesforce.rxsavingssolutions.com
login-activation-cms.s3.amazonaws.com
protect-us.mimecast.com
r.lr-ingest.io
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
104.198.23.205
13.111.48.123
205.139.111.12
2600:9000:20ee:2a00:8:e57f:89c0:93a1
2600:9000:210b:4200:c:187a:d640:93a1
2600:9000:23cb:da00:1f:aa31:7740:93a1
2606:4700:3032::6815:39ea
2607:f8b0:4004:c08::9a
2607:f8b0:4006:809::200e
2607:f8b0:4006:817::2008
34.107.204.85
34.227.220.237
54.231.199.161
0726a1460c479e6771c69b199c50878ab086b6688ee4360232d608a6c18ef142
15966f72b75944c8294e2f2934826b6ac18b042ec33b5317b92085f5373a842b
22f0c8828af6addb4c47a6fbe2acf38a558af4c47afbb9f781c2a1287219a964
277692ab3930df41431d291dafcd2b7096a425181d02d69852edaef05079d54f
3606d07767e5f07bcfc5c353559bdbd7c199af53ce7091b4370fd8f0389f2d49
42a624a4c8e7948f5693b160e20835145ab4493354c87d3652701ce32e932fbf
486b31b7e02f5b3d937b9584e8d25253d5576f35f098229df67560e5be34bafa
49e5708e6d50267be9c4ede90dac4cc4f0c78a9cc9995833d3645523b1316ad6
4ff151de8a832fd5d6ae26e21d32e5f11049cea732da24734300dd4e3d940767
551be17882a95ea6af59a68b60ebd32eb93582ecf65775b9611c6956d21eeaaa
56c44ca7e2903be7618fed847ed03b310c74777a8d613d8bcbbb10b1e0d8b886
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
76a41d1d2b90254b2dcbc50f875b0c9b7bcbd3956ceef7633c2cec017d8f4f8e
8dac391fb74f17ab37ff23c2b23f5a421c044f7b8f6ada731928e862486887e9
9147444d4ba1c9c70cc4e395841af53011db424b4fd620f295d5c402641ab414
a85fe7d54161d9b4e68cfa78e34fc250bb0f63e46e6e76f70ada2fba46b34ce7
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
c3572656df42ebf12a1a80cc3151b5863c7c9930ed6cfb61be10f53a5839b119
d24e7713eee4a554f9bd3298f361834a270625666ae41508cc33cd404d04b400
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e377151a40a2121ae37408dccef196d10b6e78036cc7f78aff9a4f2e29fc89
f5387539fbab40f59a89359adfb2dd8f02877dedf1fe1b6739f873fe4f2d4380