iuhp2.destinationrx.com Open in urlscan Pro
40.143.95.201 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://iuhp2.destinationrx.com/PC/2022
Submission: On April 07 via manual (April 7th 2022, 5:45:34 pm UTC) from US — Scanned from DE

Summary HTTP 71 Redirects Behaviour Indicators

Summary

This website contacted 25 IPs in 5 countries across 22 domains to perform 71 HTTP transactions. The main IP is 40.143.95.201, located in United States and belongs to AS-TIERP-7349, US. The main domain is iuhp2.destinationrx.com.
TLS certificate: Issued by GeoTrust TLS RSA CA G1 on December 9th 2021. Valid for: a year.

This is the only time iuhp2.destinationrx.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	40.143.95.201 40.143.95.201	7349 (AS-TIERP-...) (AS-TIERP-7349)
3	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
12	2600:9000:223... 2600:9000:223d:ac00:9:f936:20c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:ef:... 2a02:26f0:ef::5c7b:c23c	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
10	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
8	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
4	44.193.136.195 44.193.136.195	14618 (AMAZON-AES) (AMAZON-AES)
1	13.227.147.61 13.227.147.61	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c03::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 1	3.93.204.138 3.93.204.138	14618 (AMAZON-AES) (AMAZON-AES)
3 3	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
7	52.50.239.222 52.50.239.222	16509 (AMAZON-02) (AMAZON-02)
2 3	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	18.185.251.21 18.185.251.21	16509 (AMAZON-02) (AMAZON-02)
1	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
1	2001:678:cb4:... 2001:678:cb4:bbbb::13	56396 (AMOBEE) (AMOBEE)
1 1	54.145.48.80 54.145.48.80	14618 (AMAZON-AES) (AMAZON-AES)
2 2	3.248.131.63 3.248.131.63	16509 (AMAZON-02) (AMAZON-02)
2	40.143.95.130 40.143.95.130	7349 (AS-TIERP-...) (AS-TIERP-7349)
1	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
1	162.247.243.146 162.247.243.146	13335 (CLOUDFLAR...) (CLOUDFLARENET)
71	25

2 40.143.95.201 (United States)

ASN7349 (AS-TIERP-7349, US)

iuhp2.destinationrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2600:9000:223d:ac00:9:f936:20c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

contentserver.destinationrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:ef::5c7b:c23c (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.194.133 (United States)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 44.193.136.195 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-136-195.compute-1.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.147.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-147-61.muc51.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c03::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.93.204.138 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-93-204-138.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.66 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.50.239.222 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-239-222.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.71.131.137 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.185.251.21 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-251-21.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::13 (United Kingdom)

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.145.48.80 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-145-48-80.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.248.131.63 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-131-63.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 40.143.95.130 (United States)

ASN7349 (AS-TIERP-7349, US)

www.drxwebservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.146 (United States)

ASN13335 (CLOUDFLARENET, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	krxd.net 1 redirects cdn.krxd.net — Cisco Umbrella Rank: 1448 consumer.krxd.net — Cisco Umbrella Rank: 1852 usermatch.krxd.net — Cisco Umbrella Rank: 1217 beacon.krxd.net — Cisco Umbrella Rank: 440	177 KB
14	destinationrx.com iuhp2.destinationrx.com contentserver.destinationrx.com — Cisco Umbrella Rank: 564000	4 MB
10	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	40 KB
5	doubleclick.net 3 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 95 cm.g.doubleclick.net — Cisco Umbrella Rank: 211	1 KB
5	stackadapt.com 1 redirects tags.srv.stackadapt.com — Cisco Umbrella Rank: 3894 sync.srv.stackadapt.com — Cisco Umbrella Rank: 835	7 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 482 www.linkedin.com — Cisco Umbrella Rank: 603 px4.ads.linkedin.com — Cisco Umbrella Rank: 4702	6 KB
4	adsrvr.org 2 redirects js.adsrvr.org — Cisco Umbrella Rank: 1607 match.adsrvr.org — Cisco Umbrella Rank: 355 insight.adsrvr.org — Cisco Umbrella Rank: 642	3 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	476 B
3	google.com analytics.google.com — Cisco Umbrella Rank: 724 www.google.com — Cisco Umbrella Rank: 4	870 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	206 KB
2	drxwebservices.com www.drxwebservices.com — Cisco Umbrella Rank: 581415	1 KB
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 662	556 B
2	google.de www.google.de — Cisco Umbrella Rank: 5383	608 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 138	114 KB
1	nr-data.net bam-cell.nr-data.net — Cisco Umbrella Rank: 354	720 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 380	18 KB
1	turn.com d.turn.com — Cisco Umbrella Rank: 814	398 B
1	amazon-adsystem.com s.amazon-adsystem.com — Cisco Umbrella Rank: 281	556 B
1	agkn.com aa.agkn.com — Cisco Umbrella Rank: 431	22 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 327	417 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 913	3 KB
0	ib-ibi.com Failed global.ib-ibi.com Failed
71	22

	Domain	Requested by
12	contentserver.destinationrx.com	iuhp2.destinationrx.com
10	www.google-analytics.com	iuhp2.destinationrx.com
7	beacon.krxd.net	iuhp2.destinationrx.com
6	cdn.krxd.net	iuhp2.destinationrx.com cdn.krxd.net
4	tags.srv.stackadapt.com	iuhp2.destinationrx.com
3	cm.g.doubleclick.net	3 redirects
3	www.facebook.com	iuhp2.destinationrx.com
3	www.googletagmanager.com	iuhp2.destinationrx.com
2	www.drxwebservices.com	iuhp2.destinationrx.com
2	sync.crwdcntrl.net	2 redirects
2	match.adsrvr.org	2 redirects
2	consumer.krxd.net	iuhp2.destinationrx.com cdn.krxd.net
2	px.ads.linkedin.com	2 redirects
2	www.google.de	iuhp2.destinationrx.com
2	stats.g.doubleclick.net	www.googletagmanager.com iuhp2.destinationrx.com
2	analytics.google.com	www.googletagmanager.com
2	connect.facebook.net	iuhp2.destinationrx.com
2	iuhp2.destinationrx.com	iuhp2.destinationrx.com
1	bam-cell.nr-data.net	iuhp2.destinationrx.com
1	insight.adsrvr.org	iuhp2.destinationrx.com
1	js-agent.newrelic.com	iuhp2.destinationrx.com
1	sync.srv.stackadapt.com	1 redirects
1	d.turn.com	iuhp2.destinationrx.com
1	s.amazon-adsystem.com	iuhp2.destinationrx.com
1	aa.agkn.com	iuhp2.destinationrx.com
1	idsync.rlcdn.com	iuhp2.destinationrx.com
1	usermatch.krxd.net	1 redirects
1	www.google.com	iuhp2.destinationrx.com
1	px4.ads.linkedin.com	iuhp2.destinationrx.com
1	www.linkedin.com	1 redirects
1	js.adsrvr.org	iuhp2.destinationrx.com
1	snap.licdn.com	iuhp2.destinationrx.com
0	global.ib-ibi.com Failed	iuhp2.destinationrx.com
71	33

This site contains no links.

Subject Issuer	Validity	Valid
*.destinationrx.com GeoTrust TLS RSA CA G1	`2021-12-09` - `2023-01-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-01-15` - `2022-04-15`	3 months	crt.sh
cdn.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-12-30` - `2022-12-29`	a year	crt.sh
*.srv.stackadapt.com Amazon	`2021-11-09` - `2022-12-07`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
consumer.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-13` - `2022-07-12`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2020-07-25` - `2022-09-18`	2 years	crt.sh
s.amazon-adsystem.com Amazon	`2021-07-14` - `2022-06-27`	a year	crt.sh
*.turn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-02` - `2023-04-01`	a year	crt.sh
*.drxwebservices.com GeoTrust TLS RSA CA G1	`2021-12-09` - `2023-01-09`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://iuhp2.destinationrx.com/PC/2022
Frame ID: B50F05623240ECF53CA2B1AB697BBEE4
Requests: 55 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: 7736147DD0069DF2F347FEE8257CFBAB
Requests: 14 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=bbb5mir&ref=https%3A%2F%2Fiuhp2.destinationrx.com%2FPC%2F2022&upid=6y5ps0q&upv=1.1.0
Frame ID: B2C9FFD6FE00549E0F00C310C03EE33D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Indiana University Health Plans - Log in and get started

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

71
Requests

90 %
HTTPS

41 %
IPv6

22
Domains

33
Subdomains

25
IPs

5
Countries

4415 kB
Transfer

12498 kB
Size

34
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=502738&time=1649353526915&url=https%3A%2F%2Fiuhp2.destinationrx.com%2FPC%2F2022 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D502738%26time%3D1649353526915%26url%3Dhttps%253A%252F%252Fiuhp2.destinationrx.com%252FPC%252F2022%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=502738&time=1649353526915&url=https%3A%2F%2Fiuhp2.destinationrx.com%2FPC%2F2022&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=502738&time=1649353526915&url=https%3A%2F%2Fiuhp2.destinationrx.com%2FPC%2F2022&liSync=true&e_ipv6=AQLehrN8IfCzUQAAAYAFIY_4F9B7-Op7J0lXR-5m-IID785u42dDCcqZKKpfyzPUtr93-Tcvt9PY3kQ1yutm9BgBryVX

Request Chain 35

https://usermatch.krxd.net/um/v2?partner=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=T3c3d29jSTk HTTP 302
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEIykmdwN3llUQ_qIfD8uo7E&google_cver=1

Request Chain 36

https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=T3c3d29jSTk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm=&google_hm=T3c3d29jSTk&google_tc= HTTP 302
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEIykmdwN3llUQ_qIfD8uo7E&google_cver=1

Request Chain 37

https://match.adsrvr.org/track/cmf/generic?ttd_pid=krux&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=krux&ttd_tpi=1 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=ttd&partner_uid=2b70987d-686d-4c95-a25c-b1249b82b09d

Request Chain 43

https://sync.srv.stackadapt.com/sync?nid=salesforce HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=stackadapt&partner_uid=rw3ZP3esS2tfkAcoYaJrPtly14M

Request Chain 44

https://sync.crwdcntrl.net/map/c=9164/TP=KRUX?https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=${profile_id} HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=9164/TP=KRUX?https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=${profile_id} HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=

71 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 2022 Show response
iuhp2.destinationrx.com/PC/ 65 KB
67 KB 748ms
358ms Document
text/html 40.143.95.201
AS-TIERP-7349

General

Check archive.org

Show headers Download Go to

Full URL

https://iuhp2.destinationrx.com/PC/2022

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

40.143.95.201 , United States, ASN7349 (AS-TIERP-7349, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

677508e78990bfbdd065aa1abe731805ffe1149bb3adb87b2f9b90de60bb152d

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; script-src https: data: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; style-src https: data: 'unsafe-eval' 'unsafe-inline'; connect-src https: data: wss:; font-src https: data:; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private
Content-Length: 66888
Content-Security-Policy: default-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; script-src https: data: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; style-src https: data: 'unsafe-eval' 'unsafe-inline'; connect-src https: data: wss:; font-src https: data:; upgrade-insecure-requests;
Content-Type: text/html; charset=utf-8
Date: Thu, 07 Apr 2022 17:45:25 GMT
P3P: CP="OTI DSP COR ADM DEVo TAIi PSA IVDi CONi TELi OUR IND CNT CAO"
Server: Microsoft-IIS/10.0
Strict-Transport-Security: max-age=31536000; includeSubdomains
X-AspNetMvc-Version: 5.2
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET
X-XSS-Protection: 1; mode=block

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 244 KB
70 KB 95ms
49ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K3J8MGD&l=dataLayerDrx

Requested by

Host: iuhp2.destinationrx.com
URL: https://iuhp2.destinationrx.com/PC/2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

da9eeb0e829ef8cea0fa972d434a9146aa0a03e91265b4d65e2016b4f225f35f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iuhp2.destinationrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 17:45:25 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70842
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 16:27:48 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 07 Apr 2022 17:45:25 GMT

GET
H2 200 marck-script.regular.ttf
contentserver.destinationrx.com/drxproductcontent/phoenix/assets/fonts/ 82 KB
82 KB 814ms
719ms Font
application/octet-stream 2600:9000:223d:ac00:9:f936:20c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://contentserver.destinationrx.com/drxproductcontent/phoenix/assets/fonts/marck-script.regular.ttf
Requested by: Host: iuhp2.destinationrx.com
URL: https://iuhp2.destinationrx.com/PC/2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:ac00:9:f936:20c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 504de8cc6f919163bc9afb67b9bc208d258230c5e8d00cb82ec52474f9fafc3b

Request headers

Referer: https://iuhp2.destinationrx.com/
Origin: https://iuhp2.destinationrx.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 17:45:26 GMT
via: 1.1 82514a5a8cf35fb3132b0b5ab9cb724c.cloudfront.net (CloudFront)
last-modified: Wed, 18 Sep 2019 18:28:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
etag: "8213f9f79159ce265b433a91528304b7"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 3000
x-cache: Miss from cloudfront
accept-ranges: bytes
content-length: 83664
x-amz-cf-id: q26lvAhVL__x5cD3AZwyEmpfPpdsFW6u_ovMiUhyDHare3OJTlDinw==

GET
H2 200 montserrat-regular.ttf
contentserver.destinationrx.com/drxproductcontent/phoenix/assets/fonts/ 257 KB
258 KB 812ms
718ms Font
application/octet-stream 2600:9000:223d:ac00:9:f936:20c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://contentserver.destinationrx.com/drxproductcontent/phoenix/assets/fonts/montserrat-regular.ttf
Requested by: Host: iuhp2.destinationrx.com
URL: https://iuhp2.destinationrx.com/PC/2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:ac00:9:f936:20c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 81ebc3916b524007b756d91d9df13c7673ec401161f2cad161662d08dcf1cc72

Request headers

Referer: https://iuhp2.destinationrx.com/
Origin: https://iuhp2.destinationrx.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 17:45:26 GMT
via: 1.1 82514a5a8cf35fb3132b0b5ab9cb724c.cloudfront.net (CloudFront)
last-modified: Wed, 18 Sep 2019 18:28:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
etag: "9c46095118380d38f12e67c916b427f9"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 3000
x-cache: Miss from cloudfront
accept-ranges: bytes
content-length: 263192
x-amz-cf-id: 1DHaOHHq_MLe6_5jeOzO6m3ChU3s0W01pVsqQAxc48AdMOqHz0k4SA==

GET
H2 200 montserrat-bold.ttf
contentserver.destinationrx.com/drxproductcontent/phoenix/assets/fonts/ 255 KB
256 KB 812ms
718ms Font
application/octet-stream 2600:9000:223d:ac00:9:f936:20c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://contentserver.destinationrx.com/drxproductcontent/phoenix/assets/fonts/montserrat-bold.ttf
Requested by: Host: iuhp2.destinationrx.com
URL: https://iuhp2.destinationrx.com/PC/2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:ac00:9:f936:20c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c4c8cb572a5a2c43d78b3701f4b2349684e6ca4d1557e469af6065b1e099c26c

Request headers

Referer: https://iuhp2.destinationrx.com/
Origin: https://iuhp2.destinationrx.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 17:45:26 GMT
via: 1.1 82514a5a8cf35fb3132b0b5ab9cb724c.cloudfront.net (CloudFront)
last-modified: Wed, 18 Sep 2019 18:28:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
etag: "88932dadc42e1bba93b21a76de60ef7a"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 3000
x-cache: Miss from cloudfront
accept-ranges: bytes
content-length: 261588
x-amz-cf-id: 5tY4zAdr5onR1JDdSCTNPSgLWBTr4fIqyjdQtcMsZk7VjQdS4oKMWQ==

GET
H2 200 montserrat-light.ttf
contentserver.destinationrx.com/drxproductcontent/phoenix/assets/fonts/ 253 KB
254 KB 827ms
734ms Font
application/octet-stream 2600:9000:223d:ac00:9:f936:20c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://contentserver.destinationrx.com/drxproductcontent/phoenix/assets/fonts/montserrat-light.ttf
Requested by: Host: iuhp2.destinationrx.com
URL: https://iuhp2.destinationrx.com/PC/2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:ac00:9:f936:20c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9b87925d061b1affb66417717731ad781f7d7678fb089b49f14bd922c2338559

Request headers

Referer: https://iuhp2.destinationrx.com/
Origin: https://iuhp2.destinationrx.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 17:45:27 GMT
via: 1.1 82514a5a8cf35fb3132b0b5ab9cb724c.cloudfront.net (CloudFront)
last-modified: Wed, 18 Sep 2019 18:28:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
etag: "100b38fa184634fc89bd07a84453992c"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 3000
x-cache: Miss from cloudfront
accept-ranges: bytes
content-length: 259416
x-amz-cf-id: VxpDWJYjNIeHBhnB9_CCHftqdu4LL6UMKTVP0xJpTGnUBLK7jZIHlQ==

GET
H2 200 montserrat-semibold.ttf
contentserver.destinationrx.com/drxproductcontent/phoenix/assets/fonts/ 255 KB
256 KB 830ms
737ms Font
application/octet-stream 2600:9000:223d:ac00:9:f936:20c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://contentserver.destinationrx.com/drxproductcontent/phoenix/assets/fonts/montserrat-semibold.ttf
Requested by: Host: iuhp2.destinationrx.com
URL: https://iuhp2.destinationrx.com/PC/2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:ac00:9:f936:20c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bab583d38d105dac9141b287fb2b7763b6d8b0bae97e745faaccedb40a579c29

Request headers

Referer: https://iuhp2.destinationrx.com/
Origin: https://iuhp2.destinationrx.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 17:45:27 GMT
via: 1.1 82514a5a8cf35fb3132b0b5ab9cb724c.cloudfront.net (CloudFront)
last-modified: Wed, 18 Sep 2019 18:28:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
etag: "c88cecbffad6d8e731fd95de49561ebd"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 3000
x-cache: Miss from cloudfront
accept-ranges: bytes
content-length: 260936
x-amz-cf-id: aeG_60XVNQAFDYafqWNIqCSDiIOKnxeXVvOKpnCifjRn3wFiIiLZSQ==

GET
H2 200 styles.db1ef79538b7c8994dc2.css
contentserver.destinationrx.com/vnext/efe97b56437570d78e4219029435fd93cb77af35a72c3b2da1dbfc7a2b687348/637837008881574879/ 389 KB
71 KB 811ms
718ms Stylesheet
text/css 2600:9000:223d:ac00:9:f936:20c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://contentserver.destinationrx.com/vnext/efe97b56437570d78e4219029435fd93cb77af35a72c3b2da1dbfc7a2b687348/637837008881574879/styles.db1ef79538b7c8994dc2.css
Requested by: Host: iuhp2.destinationrx.com
URL: https://iuhp2.destinationrx.com/PC/2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:ac00:9:f936:20c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 36f11823385fde37152ea5474c6a95b8f02e286a21a83912913a8be33835cc38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iuhp2.destinationrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 17:45:26 GMT
via: 1.1 8af5231b014ab5e8c35000dd4cf4b68c.cloudfront.net (CloudFront)
last-modified: Thu, 24 Mar 2022 06:45:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
etag: W/"67ca44efeffaaba86b1d6e63cafa68cf"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
cache-control: public, max-age=3600;
content-encoding: gzip
x-amz-cf-id: gNaf0pZIz8F5BxlNpQAvf27LijfmTTnxYAVo5CQ7RCBjBfAx3dvCrQ==

GET
H2 200 runtime.76bd2fc5975426633180.js Show response
contentserver.destinationrx.com/vnext/efe97b56437570d78e4219029435fd93cb77af35a72c3b2da1dbfc7a2b687348/637837008881574879/ 1 KB
1 KB 638ms
637ms Script
application/x-javascript 2600:9000:223d:ac00:9:f936:20c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://contentserver.destinationrx.com/vnext/efe97b56437570d78e4219029435fd93cb77af35a72c3b2da1dbfc7a2b687348/637837008881574879/runtime.76bd2fc5975426633180.js
Requested by: Host: iuhp2.destinationrx.com
URL: https://iuhp2.destinationrx.com/PC/2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:ac00:9:f936:20c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: af6406e8f4d712a0762db7aad2915763a80bb1c218453b2932bc35f41d8102de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iuhp2.destinationrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 17:45:28 GMT
via: 1.1 8af5231b014ab5e8c35000dd4cf4b68c.cloudfront.net (CloudFront)
last-modified: Thu, 24 Mar 2022 06:45:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
etag: W/"763cfff81a93149a827b59adad138cfb"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/x-javascript
cache-control: public, max-age=3600;
content-encoding: gzip
x-amz-cf-id: -omzWSdoP9ZkDjOniO4d71UuwuBR1aELdOI45MACoV-i4yl0YFQn3w==

GET
H2 200 polyfills.f65f07be6911101f7b14.js Show response
contentserver.destinationrx.com/vnext/efe97b56437570d78e4219029435fd93cb77af35a72c3b2da1dbfc7a2b687348/637837008881574879/ 142 KB
48 KB 702ms
702ms Script
application/x-javascript 2600:9000:223d:ac00:9:f936:20c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://contentserver.destinationrx.com/vnext/efe97b56437570d78e4219029435fd93cb77af35a72c3b2da1dbfc7a2b687348/637837008881574879/polyfills.f65f07be6911101f7b14.js
Requested by: Host: iuhp2.destinationrx.com
URL: https://iuhp2.destinationrx.com/PC/2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:ac00:9:f936:20c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e9e064fdc144f2094149b9a1dc31bac3d85425be614a1552ae4c79ef25fa9a9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iuhp2.destinationrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 17:45:28 GMT
via: 1.1 8af5231b014ab5e8c35000dd4cf4b68c.cloudfront.net (CloudFront)
last-modified: Thu, 24 Mar 2022 06:45:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
etag: W/"c6aa520a7175a7facffb0ed157c9a3c4"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/x-javascript
cache-control: public, max-age=3600;
content-encoding: gzip
x-amz-cf-id: wjS5cQHnkRgIr7_LETt04OvB67vTxRA7NeK3G9OEKt5iLfRshf36gw==

GET
H2 200 scripts.738f911b026d27f58dbf.js Show response
contentserver.destinationrx.com/vnext/efe97b56437570d78e4219029435fd93cb77af35a72c3b2da1dbfc7a2b687348/637837008881574879/ 983 KB
304 KB 658ms
656ms Script
application/x-javascript 2600:9000:223d:ac00:9:f936:20c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://contentserver.destinationrx.com/vnext/efe97b56437570d78e4219029435fd93cb77af35a72c3b2da1dbfc7a2b687348/637837008881574879/scripts.738f911b026d27f58dbf.js
Requested by: Host: iuhp2.destinationrx.com
URL: https://iuhp2.destinationrx.com/PC/2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:ac00:9:f936:20c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e1afd45d8d73908230ef64c48e779fc5d1268fb0c679b161da5481c4b6677163

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iuhp2.destinationrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 17:45:28 GMT
via: 1.1 8af5231b014ab5e8c35000dd4cf4b68c.cloudfront.net (CloudFront)
last-modified: Thu, 24 Mar 2022 06:45:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
etag: W/"d60ee2a948eb63bc0280e613df01dcba"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/x-javascript
cache-control: public, max-age=3600;
content-encoding: gzip
x-amz-cf-id: 5BvEUUdCUAVdkVWYhk_v0rakBetB3Gb7q1d8Ka25nBU3Ps5CBUTVLQ==

GET
H2 200 main.d5f22ea7821b46c992d9.js Show response
contentserver.destinationrx.com/vnext/efe97b56437570d78e4219029435fd93cb77af35a72c3b2da1dbfc7a2b687348/637837008881574879/ 7 MB
1 MB 781ms
779ms Script
application/x-javascript 2600:9000:223d:ac00:9:f936:20c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://contentserver.destinationrx.com/vnext/efe97b56437570d78e4219029435fd93cb77af35a72c3b2da1dbfc7a2b687348/637837008881574879/main.d5f22ea7821b46c992d9.js
Requested by: Host: iuhp2.destinationrx.com
URL: https://iuhp2.destinationrx.com/PC/2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:ac00:9:f936:20c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 819affa185ce61e031f557280932c4f31fc54a120fb559573bd959c1f80812c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iuhp2.destinationrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 17:45:28 GMT
via: 1.1 8af5231b014ab5e8c35000dd4cf4b68c.cloudfront.net (CloudFront)
last-modified: Thu, 24 Mar 2022 06:45:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
etag: W/"1dc249b4d51741bb183526de34b3f4df"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/x-javascript
cache-control: public, max-age=3600;
content-encoding: gzip
x-amz-cf-id: v5zUnz0r_2TZj-QIn6SrpTeRsn2CY84eTporxTOGDZ1Mb4MvkbIoBA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 268 KB
72 KB 46ms
45ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WSTBJN&l=dataLayerDrx

Requested by

Host: iuhp2.destinationrx.com
URL: https://iuhp2.destinationrx.com/PC/2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5b1379688f6278d12cd358e447b825f5309ad7400308e651665b99dd6045c179

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iuhp2.destinationrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 17:45:26 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73344
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 16:27:48 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 07 Apr 2022 17:45:26 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 176 KB
65 KB 37ms
37ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-84EFMR10WX&l=dataLayerDrx&cx=c

Requested by

Host: iuhp2.destinationrx.com
URL: https://iuhp2.destinationrx.com/PC/2022

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bd5a2af736b60c749e5457c4b157f0139481033d111d72cb1655d8b1bd40fb3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iuhp2.destinationrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 17:45:26 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66222
x-xss-protection: 0
expires: Thu, 07 Apr 2022 17:45:26 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 91ms
30ms Script
application/x-javascript 2a02:26f0:ef::5c7b:c23c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: iuhp2.destinationrx.com
URL: https://iuhp2.destinationrx.com/PC/2022
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c23c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5d5cf5a4a5b7c02915bc261dca0c755d29beda0c0c3a005c78c1682c9934bb3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iuhp2.destinationrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 07 Apr 2022 17:45:26 GMT
Content-Encoding: gzip
Last-Modified: Fri, 18 Mar 2022 23:45:34 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=13035
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3104

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 63ms
18ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: iuhp2.destinationrx.com
URL: https://iuhp2.destinationrx.com/PC/2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iuhp2.destinationrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 636
date: Thu, 07 Apr 2022 17:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 07 Apr 2022 19:34:50 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 59ms
20ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: iuhp2.destinationrx.com
URL: https://iuhp2.destinationrx.com/PC/2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iuhp2.destinationrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26311
x-xss-protection: 0
pragma: public
x-fb-debug: FM5jpE4oZrkm6yxnqcyiNdBAMdFSMHPYwyWn16VYKVj3dddHIpbLxh+at6VzKzPye/f7W4yITaNQvgJuuRxPRQ==
x-fb-trip-id: 2050670934
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 07 Apr 2022 17:45:26 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 uc69gslvp.js Show response
cdn.krxd.net/controltag/ 10 KB
3 KB 153ms
107ms Script
text/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/uc69gslvp.js
Requested by: Host: iuhp2.destinationrx.com
URL: https://iuhp2.destinationrx.com/PC/2022
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: adf3b27629ced342079660648bfaf40ce1aae42083663fdb3cdce48d233068a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iuhp2.destinationrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Thu, 07 Apr 2022 17:45:26 GMT
via: 1.1 varnish, 1.1 varnish
age: 1127
x-cache: MISS, HIT, MISS
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 3062
x-served-by: config-service-a006-ash-prod.krxd.net, cache-iad-kjyo7100136-IAD, cache-hhn4046-HHN
x-response-time: 1
x-do-esi: esi
x-timer: S1649353527.864927,VS0,VE88
etag: "5ae38cf1cc2457d343b72cbd8606bad84421775b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 0

GET
H/1.1 200
OK events.js Show response
tags.srv.stackadapt.com/ 13 KB
5 KB 413ms
102ms Script
text/javascript 44.193.136.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: iuhp2.destinationrx.com
URL: https://iuhp2.destinationrx.com/PC/2022
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.193.136.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-136-195.compute-1.amazonaws.com
Software: /
Resource Hash: 44f474f2590ebed27c1f1e807a2fe192a5eac74d5671073512089ef7614cd34a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iuhp2.destinationrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 07 Apr 2022 17:45:27 GMT
Content-Encoding: gzip
Cache-Control: max-age=30
Content-Length: 4429
Connection: keep-alive
Content-Type: text/javascript

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 73ms
23ms Script
application/x-javascript 13.227.147.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: iuhp2.destinationrx.com
URL: https://iuhp2.destinationrx.com/PC/2022
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.147.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-147-61.muc51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iuhp2.destinationrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 07 Apr 2022 03:25:17 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 51610
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 d13bba4e84358ea24a28ff509b72784e.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: MUC51-C1
X-Amz-Cf-Id: T-rM7rZ2naIo_A_u2zx-6B7PmsK_PidQ_uMHuOens8GLklr0ecwSQA==

POST
H2 204 collect
analytics.google.com/g/ 0
352 B 79ms
27ms Ping
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-84EFMR10WX&gtm=2oe3u0&_p=1057904168&sr=1600x1200&_z=ccd.AAB&_gaz=1&ul=en-us&cid=1308252593.1649353527&_s=1&dl=https%3A%2F%2Fiuhp2.destinationrx.com%2FPC%2F2022&dt=VnextCore&sid=1649353526&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-84EFMR10WX&l=dataLayerDrx&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iuhp2.destinationrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 17:45:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://iuhp2.destinationrx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
352 B 86ms
25ms Ping
text/plain 2a00:1450:400c:c03::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-84EFMR10WX&cid=1308252593.1649353527&gtm=2oe3u0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-84EFMR10WX&l=dataLayerDrx&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c03::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iuhp2.destinationrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 17:45:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://iuhp2.destinationrx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 110ms
56ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-84EFMR10WX&cid=1308252593.1649353527&gtm=2oe3u0&aip=1&z=1386047808

Requested by

Host: iuhp2.destinationrx.com
URL: https://iuhp2.destinationrx.com/PC/2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iuhp2.destinationrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 17:45:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 54ms
27ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1057904168&t=pageview&_s=1&dl=https%3A%2F%2Fiuhp2.destinationrx.com%2FPC%2F2022&ul=en-us&de=UTF-8&dt=VnextCore&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAAC~&jid=2097628823&gjid=2131583180&cid=1308252593.1649353527&tid=UA-79409405-7&_gid=1714874636.1649353527&_r=1&gtm=2wg3u0WSTBJN&z=276923561

Requested by

Host: iuhp2.destinationrx.com
URL: https://iuhp2.destinationrx.com/PC/2022

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://iuhp2.destinationrx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 17:45:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://iuhp2.destinationrx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 299328567435046 Show response
connect.facebook.net/signals/config/ 309 KB
88 KB 110ms
87ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/299328567435046?v=2.9.57&r=stable

Requested by

Host: iuhp2.destinationrx.com
URL: https://iuhp2.destinationrx.com/PC/2022

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0b9334f0c670accdd5d7b00df603cc822fdba8c705eaf3669d318f664c5afe0f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iuhp2.destinationrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: pswYqsSJXvoCIV9J3DLsRS5ZBvxXjkEjV/GJXwQvD3W6Pu80WwglDpFwwKcqlagPHBBfe0itcBcC/686CZYN+w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 07 Apr 2022 17:45:27 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=502738&time=1649353526915&url=https%3A%2F%2Fiuhp2.destinationrx.com%2FPC%2F2022
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D502738%26time%3D1649353526915%26url%3Dhttps%253A%252F%252Fiuhp2.destinationrx.com...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=502738&time=1649353526915&url=https%3A%2F%2Fiuhp2.destinationrx.com%2FPC%2F2022&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=502738&time=1649353526915&url=https%3A%2F%2Fiuhp2.destinationrx.com%2FPC%2F2022&liSync=true&e_ipv6=AQLehrN8IfCzUQAAAYAFIY_4F9B7-Op7J0lXR-5m-IID78...

0
263 B

168ms
124ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=502738&time=1649353526915&url=https%3A%2F%2Fiuhp2.destinationrx.com%2FPC%2F2022&liSync=true&e_ipv6=AQLehrN8IfCzUQAAAYAFIY_4F9B7-Op7J0lXR-5m-IID785u42dDCcqZKKpfyzPUtr93-Tcvt9PY3kQ1yutm9BgBryVX
Requested by: Host: iuhp2.destinationrx.com
URL: https://iuhp2.destinationrx.com/PC/2022
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iuhp2.destinationrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 17:45:27 GMT
x-li-pop: afd-prod-lva1
x-msedge-ref: Ref A: 4AE1FA0620CE4CC0935DD9BC1FFF7222 Ref B: FRAEDGE1112 Ref C: 2022-04-07T17:45:27Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: 0FtbaEuu4xYg7gSikCsAAA==
x-li-fabric: prod-lva1

Redirect headers

date: Thu, 07 Apr 2022 17:45:26 GMT
x-li-pop: afd-prod-lva1
x-msedge-ref: Ref A: E1671BA96CAE4BD0B56FBAD509A33D7A Ref B: FRAEDGE1218 Ref C: 2022-04-07T17:45:27Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=502738&time=1649353526915&url=https%3A%2F%2Fiuhp2.destinationrx.com%2FPC%2F2022&liSync=true&e_ipv6=AQLehrN8IfCzUQAAAYAFIY_4F9B7-Op7J0lXR-5m-IID785u42dDCcqZKKpfyzPUtr93-Tcvt9PY3kQ1yutm9BgBryVX
x-li-proto: http/2
content-length: 0
x-li-uuid: ylggXkuu4xbgGBXkQisAAA==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 25ms
25ms XHR
text/plain 2a00:1450:400c:c03::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-79409405-7&cid=1308252593.1649353527&jid=2097628823&gjid=2131583180&_gid=1714874636.1649353527&_u=YADAAEAAAAAAAC~&z=864970083

Requested by

Host: iuhp2.destinationrx.com
URL: https://iuhp2.destinationrx.com/PC/2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c03::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://iuhp2.destinationrx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 07 Apr 2022 17:45:26 GMT
content-type: text/plain
access-control-allow-origin: https://iuhp2.destinationrx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 controltag.js.0631b7d64dbbd3656a8b7368ad227a04 Show response
cdn.krxd.net/ctjs/ 259 KB
83 KB 16ms
16ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Requested by: Host: iuhp2.destinationrx.com
URL: https://iuhp2.destinationrx.com/PC/2022
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b9b47c8bafc4618d804c7c54ac03c39b29beb9ed5b1e7d9dbadb0f28d71c3d94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iuhp2.destinationrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Thu, 07 Apr 2022 17:45:26 GMT
content-encoding: gzip
age: 1788875
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 18495
content-length: 84451
x-served-by: cache-hhn4046-HHN
last-modified: Thu, 15 Oct 2020 07:09:29 GMT
x-timer: S1649353527.975256,VS0,VE0
etag: "0631b7d64dbbd3656a8b7368ad227a04"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Sun, 13 Oct 2030 07:09:28 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 99ms
55ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-79409405-7&cid=1308252593.1649353527&jid=2097628823&_u=YADAAEAAAAAAAC~&z=1566477091

Requested by

Host: iuhp2.destinationrx.com
URL: https://iuhp2.destinationrx.com/PC/2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iuhp2.destinationrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 17:45:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 56ms
56ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-79409405-7&cid=1308252593.1649353527&jid=2097628823&_u=YADAAEAAAAAAAC~&z=1566477091

Requested by

Host: iuhp2.destinationrx.com
URL: https://iuhp2.destinationrx.com/PC/2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iuhp2.destinationrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 17:45:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 proxy.3d2100fd7107262ecb55ce6847f01fa5.html Show response
cdn.krxd.net/partnerjs/xdi/ Frame 7736 805 B
850 B 16ms
16ms Document
text/html 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by: Host: iuhp2.destinationrx.com
URL: https://iuhp2.destinationrx.com/PC/2022
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9

Request headers

Referer: https://iuhp2.destinationrx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1444886
cache-control: public, max-age=315360000
content-encoding: gzip
content-length: 525
content-type: text/html
date: Thu, 07 Apr 2022 17:45:27 GMT
etag: "3d2100fd7107262ecb55ce6847f01fa5"
expires: Fri, 19 Feb 2027 17:50:50 GMT
last-modified: Tue, 21 Feb 2017 17:50:54 GMT
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 227267
x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
x-served-by: cache-hhn4046-HHN
x-timer: S1649353527.035774,VS0,VE0

GET
H2 200 uc69gslvp.js Show response
cdn.krxd.net/controltag/ Frame 7736 10 KB
3 KB 17ms
16ms Script
text/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/uc69gslvp.js
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: adf3b27629ced342079660648bfaf40ce1aae42083663fdb3cdce48d233068a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Thu, 07 Apr 2022 17:45:27 GMT
via: 1.1 varnish, 1.1 varnish
age: 1127
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 3062
x-served-by: config-service-a006-ash-prod.krxd.net, cache-iad-kjyo7100136-IAD, cache-hhn4046-HHN
x-response-time: 1
x-do-esi: esi
x-timer: S1649353527.072178,VS0,VE0
etag: "5ae38cf1cc2457d343b72cbd8606bad84421775b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 1

GET
H2 200 5bb0a1bc-2edf-4a26-a522-aabeead2651e Show response
consumer.krxd.net/consent/get/ 238 B
456 B 85ms
47ms Script
text/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/5bb0a1bc-2edf-4a26-a522-aabeead2651e?idt=device&dt=kxcookie&callback=Krux.ns.jungroup.kxjsonp_consent_get_0
Requested by: Host: iuhp2.destinationrx.com
URL: https://iuhp2.destinationrx.com/PC/2022
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: af1b7268671ecbd4091dd6b2d37a244be961f48ba5189db6163a7fd16684b112

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iuhp2.destinationrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 17:45:27 GMT
via: 1.1 varnish
fastly-original-body-size: 193
age: 0
x-served-by: consumer-a009-dub-prod.krxd.net, cache-hhn4061-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1649353527.119814,VS0,VE30
content-length: 193
x-cache-hits: 0, 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 57ms
18ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=299328567435046&ev=PageView&dl=https%3A%2F%2Fiuhp2.destinationrx.com%2FPC%2F2022&rl=&if=false&ts=1649353527090&sw=1600&sh=1200&v=2.9.57&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1649353527089.1089166107&it=1649353526912&coo=false&exp=p1&rqm=GET

Requested by

Host: iuhp2.destinationrx.com
URL: https://iuhp2.destinationrx.com/PC/2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iuhp2.destinationrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 17:45:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 07 Apr 2022 17:45:27 GMT

GET
H2 200 controltag.js.0631b7d64dbbd3656a8b7368ad227a04 Show response
cdn.krxd.net/ctjs/ Frame 7736 259 KB
83 KB 17ms
17ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/uc69gslvp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b9b47c8bafc4618d804c7c54ac03c39b29beb9ed5b1e7d9dbadb0f28d71c3d94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Thu, 07 Apr 2022 17:45:27 GMT
content-encoding: gzip
age: 1788875
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 18496
content-length: 84451
x-served-by: cache-hhn4046-HHN
last-modified: Thu, 15 Oct 2020 07:09:29 GMT
x-timer: S1649353527.104647,VS0,VE0
etag: "0631b7d64dbbd3656a8b7368ad227a04"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Sun, 13 Oct 2030 07:09:28 GMT

GET
H2 200 5bb0a1bc-2edf-4a26-a522-aabeead2651e Show response
consumer.krxd.net/consent/get/ Frame 7736 223 B
285 B 50ms
50ms Script
text/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/5bb0a1bc-2edf-4a26-a522-aabeead2651e?idt=device&dt=kxcookie&callback=Krux.ns.jungroup.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c3116a23d2dc2d4883680a10458529fdfeca8552b578250cfddf7e2d5f9052d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 17:45:27 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a004-dub-prod.krxd.net, cache-hhn4061-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1649353527.150030,VS0,VE34
content-length: 185
x-cache-hits: 0, 0

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 7736
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=google
https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=T3c3d29jSTk
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEIykmdwN3llUQ_qIfD8uo7E&google_cver=1

0
337 B

41ms
41ms

Image
text/plain

52.50.239.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEIykmdwN3llUQ_qIfD8uo7E&google_cver=1
Requested by: Host: iuhp2.destinationrx.com
URL: https://iuhp2.destinationrx.com/PC/2022
Protocol: H2
Server: 52.50.239.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-239-222.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 17:45:27 GMT
cache-control: private, no-cache, no-store
x-request-time: D=45 t=1649353527
x-served-by: beacon-n005-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Thu, 07 Apr 2022 17:45:27 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEIykmdwN3llUQ_qIfD8uo7E&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 291
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 7736
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=T3c3d29jSTk
https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm=&google_hm=T3c3d29jSTk&google_tc=
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEIykmdwN3llUQ_qIfD8uo7E&google_cver=1

0
337 B

139ms
42ms

Image
text/plain

52.50.239.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEIykmdwN3llUQ_qIfD8uo7E&google_cver=1
Requested by: Host: iuhp2.destinationrx.com
URL: https://iuhp2.destinationrx.com/PC/2022
Protocol: H2
Server: 52.50.239.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-239-222.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 17:45:27 GMT
cache-control: private, no-cache, no-store
x-request-time: D=52 t=1649353527
x-served-by: beacon-n012-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Thu, 07 Apr 2022 17:45:27 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEIykmdwN3llUQ_qIfD8uo7E&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 291
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 7736
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=krux&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=krux&ttd_tpi=1
https://beacon.krxd.net/usermatch.gif?partner=ttd&partner_uid=2b70987d-686d-4c95-a25c-b1249b82b09d

0
338 B

105ms
41ms

Image
text/plain

52.50.239.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=ttd&partner_uid=2b70987d-686d-4c95-a25c-b1249b82b09d
Requested by: Host: iuhp2.destinationrx.com
URL: https://iuhp2.destinationrx.com/PC/2022
Protocol: H2
Server: 52.50.239.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-239-222.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 17:45:27 GMT
cache-control: private, no-cache, no-store
x-request-time: D=22 t=1649353527
x-served-by: beacon-n020-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Thu, 07 Apr 2022 17:45:27 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://beacon.krxd.net/usermatch.gif?partner=ttd&partner_uid=2b70987d-686d-4c95-a25c-b1249b82b09d
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 227

GET
H2 200 379708.gif
idsync.rlcdn.com/ Frame 7736 42 B
417 B 80ms
31ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/379708.gif?partner_uid=Ow7wocI9
Requested by: Host: iuhp2.destinationrx.com
URL: https://iuhp2.destinationrx.com/PC/2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 07 Apr 2022 17:45:27 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

GET
H2 400 g.js
aa.agkn.com/adscores/ Frame 7736 22 B
22 B 71ms
18ms Image
text/plain 18.185.251.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=2111c0af-fc3a-446f-ab07-63aa74fbde8e
Requested by: Host: iuhp2.destinationrx.com
URL: https://iuhp2.destinationrx.com/PC/2022
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.251.21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-251-21.eu-central-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 412fe890925c0966aa6ed312e5846cac1572c856e551717cd07d0e5f805ac3c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 17:45:27 GMT
server: AAWebServer
content-type: text/plain
content-length: 22
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"

GET
H/1.1 200
OK ecm3
s.amazon-adsystem.com/ Frame 7736 43 B
556 B 425ms
106ms Image
image/gif 52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=krux.com&id=Ow7wocI9

Requested by

Host: iuhp2.destinationrx.com
URL: https://iuhp2.destinationrx.com/PC/2022

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 07 Apr 2022 17:45:27 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: B1PMM25CRKCN4X5Y8MTS
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 Ow7wocI9
d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0OTE3NDgvdC8y/dpuid/ Frame 7736 43 B
398 B 131ms
42ms Image
image/gif 2001:678:cb4:bbbb::13
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0OTE3NDgvdC8y/dpuid/Ow7wocI9
Requested by: Host: iuhp2.destinationrx.com
URL: https://iuhp2.destinationrx.com/PC/2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:678:cb4:bbbb::13 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 17:45:27 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET image.sbix
global.ib-ibi.com/ Frame 7736 0
0

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 7736
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=salesforce
https://beacon.krxd.net/usermatch.gif?partner=stackadapt&partner_uid=rw3ZP3esS2tfkAcoYaJrPtly14M

0
337 B

42ms
42ms

Image
text/plain

52.50.239.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=stackadapt&partner_uid=rw3ZP3esS2tfkAcoYaJrPtly14M
Requested by: Host: iuhp2.destinationrx.com
URL: https://iuhp2.destinationrx.com/PC/2022
Protocol: H2
Server: 52.50.239.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-239-222.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 17:45:27 GMT
cache-control: private, no-cache, no-store
x-request-time: D=26 t=1649353527
x-served-by: beacon-n001-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location: https://beacon.krxd.net/usermatch.gif?partner=stackadapt&partner_uid=rw3ZP3esS2tfkAcoYaJrPtly14M
Date: Thu, 07 Apr 2022 17:45:27 GMT
Connection: keep-alive
Content-Length: 123
Content-Type: text/html; charset=utf-8

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 7736
Redirect Chain

https://sync.crwdcntrl.net/map/c=9164/TP=KRUX?https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=${profile_id}
https://sync.crwdcntrl.net/map/ct=y/c=9164/TP=KRUX?https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=${profile_id}
https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=

0
337 B

105ms
42ms

Image
text/plain

52.50.239.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=
Requested by: Host: iuhp2.destinationrx.com
URL: https://iuhp2.destinationrx.com/PC/2022
Protocol: H2
Server: 52.50.239.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-239-222.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 17:45:27 GMT
cache-control: private, no-cache, no-store
x-request-time: D=31 t=1649353527
x-served-by: beacon-n003-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Thu, 07 Apr 2022 17:45:27 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=
expires: 0
cache-control: no-cache
x-server: 10.45.30.128
content-length: 0
x-consent: absent

GET
H/1.1 200
OK sa.css
tags.srv.stackadapt.com/ 65 B
292 B 101ms
101ms Stylesheet
text/css 44.193.136.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: iuhp2.destinationrx.com
URL: https://iuhp2.destinationrx.com/PC/2022
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.193.136.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-136-195.compute-1.amazonaws.com
Software: /
Resource Hash: 41cd30ced93b4d55366c53f6af0451e9591928b1074c13380d624cd8413ff8b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iuhp2.destinationrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 07 Apr 2022 17:45:27 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 65
Content-Type: text/css

GET
H/1.1 200
OK sa.jpeg Show response
tags.srv.stackadapt.com/ 0
881 B 407ms
101ms Fetch
image/jpeg 44.193.136.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: iuhp2.destinationrx.com
URL: https://iuhp2.destinationrx.com/PC/2022
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.193.136.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-136-195.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iuhp2.destinationrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 07 Apr 2022 17:45:27 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 651
Content-Type: image/jpeg

GET
H/1.1 200
OK saq_pxl Show response
tags.srv.stackadapt.com/ 94 B
405 B 102ms
102ms XHR
text/plain 44.193.136.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=LePaTHaHWbhrs5zMruriqw&is_js=true&landing_url=https%3A%2F%2Fiuhp2.destinationrx.com%2FPC%2F2022&t=VnextCore&host=https://iuhp2.destinationrx.com&sa_conv_data_css_value=%20%220-175d3fbd-f4f7-4f9c-70c4-1ddf1a11fcce%22&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd900e850f4df79432e4a19e1dd1da40e2bd972d783
Requested by: Host: iuhp2.destinationrx.com
URL: https://iuhp2.destinationrx.com/PC/2022
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.193.136.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-136-195.compute-1.amazonaws.com
Software: /
Resource Hash: 078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iuhp2.destinationrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 07 Apr 2022 17:45:27 GMT
Access-Control-Allow-Methods: GET
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://iuhp2.destinationrx.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 94

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 37ms
18ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=299328567435046&ev=Microdata&dl=https%3A%2F%2Fiuhp2.destinationrx.com%2FPC%2F2022&rl=&if=false&ts=1649353528593&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22VnextCore%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1649353527089.1089166107&it=1649353526912&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Requested by

Host: iuhp2.destinationrx.com
URL: https://iuhp2.destinationrx.com/PC/2022

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iuhp2.destinationrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 17:45:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 07 Apr 2022 17:45:28 GMT

OPTIONS
H/1.1 200
OK token
www.drxwebservices.com/spa2022/oauth2/v1/ Frame 0
0 559ms
150ms Preflight 40.143.95.130
AS-TIERP-7349

General

Check archive.org

Show headers Download Go to

Full URL

https://www.drxwebservices.com/spa2022/oauth2/v1/token

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

40.143.95.130 , United States, ASN7349 (AS-TIERP-7349, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; script-src https: data: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; style-src https: data: 'unsafe-eval' 'unsafe-inline'; connect-src https: data:; font-src https: data:; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://iuhp2.destinationrx.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Origin: https://iuhp2.destinationrx.com
Access-Control-Expose-Headers: Set-Authorization, Set-Authorization-Expires-In
Cache-Control: no-cache
Content-Length: 0
Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; script-src https: data: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; style-src https: data: 'unsafe-eval' 'unsafe-inline'; connect-src https: data:; font-src https: data:; upgrade-insecure-requests;
Date: Thu, 07 Apr 2022 17:45:29 GMT
Expires: -1
P3P: CP="OTI DSP COR ADM DEVo TAIi PSA IVDi CONi TELi OUR IND CNT CAO"
Pragma: no-cache
Server: Microsoft-IIS/10.0
Strict-Transport-Security: max-age=31536000; includeSubdomains
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

POST
H/1.1 200
OK token Show response
www.drxwebservices.com/spa2022/oauth2/v1/ 491 B
1 KB 147ms
147ms XHR
application/json 40.143.95.130
AS-TIERP-7349

General

Check archive.org

Show headers Download Go to

Full URL

https://www.drxwebservices.com/spa2022/oauth2/v1/token

Requested by

Host: iuhp2.destinationrx.com
URL: https://iuhp2.destinationrx.com/PC/2022

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

40.143.95.130 , United States, ASN7349 (AS-TIERP-7349, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

cef45432e7e897ea3b958c2e9fe3289363aa1cc7587ad5ebd22580199a583e62

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; script-src https: data: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; style-src https: data: 'unsafe-eval' 'unsafe-inline'; connect-src https: data:; font-src https: data:; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://iuhp2.destinationrx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubdomains
X-Content-Type-Options: nosniff
Server: Microsoft-IIS/10.0
Date: Thu, 07 Apr 2022 17:45:29 GMT
X-Frame-Options: SAMEORIGIN
P3P: CP="OTI DSP COR ADM DEVo TAIi PSA IVDi CONi TELi OUR IND CNT CAO"
Access-Control-Allow-Origin: https://iuhp2.destinationrx.com
Access-Control-Expose-Headers: Set-Authorization, Set-Authorization-Expires-In
Cache-Control: no-cache
Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; script-src https: data: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; style-src https: data: 'unsafe-eval' 'unsafe-inline'; connect-src https: data:; font-src https: data:; upgrade-insecure-requests;
Content-Type: application/json; charset=utf-8
Content-Length: 491
X-XSS-Protection: 1; mode=block
Expires: -1

GET
H2 200 nr-spa-1215.min.js Show response
js-agent.newrelic.com/ 47 KB
18 KB 149ms
16ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1215.min.js
Requested by: Host: iuhp2.destinationrx.com
URL: https://iuhp2.destinationrx.com/PC/2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dd2d8d288526b88b0eae53168e31b4092acf39ed38d40ffcbc6d0ab2f7a4aa66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iuhp2.destinationrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: zcmP9QP8YWQtiPZETZozJGQXbXQvWuWT
content-encoding: gzip
etag: "7e1862f7a390ed9fc02c299216395547"
x-amz-request-id: E3807YWQHPQZ8YJZ
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 17465
x-amz-id-2: 5tcVSTKzkfPEZbNMMs+Dplhb/d0xmPHl6ly9DhZlkXi7DMq5iwlmuwUDWB4WFuI4jhXJxdstiws=
x-served-by: cache-hhn4083-HHN
last-modified: Mon, 24 Jan 2022 22:13:54 GMT
server: AmazonS3
x-timer: S1649353529.405474,VS0,VE0
date: Thu, 07 Apr 2022 17:45:29 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 11882

GET
H2 200 optout_check Show response
beacon.krxd.net/ 81 B
240 B 42ms
41ms Script
text/javascript 52.50.239.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.jungroup.kxjsonp_optOutCheck
Requested by: Host: iuhp2.destinationrx.com
URL: https://iuhp2.destinationrx.com/PC/2022
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.239.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-239-222.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: b37fff266f8349d161214a2029a71987d0b83897deab98e1e65688a722644fb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iuhp2.destinationrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 17:45:29 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=24 t=1649353529
x-served-by: beacon-n011-dub-prod.krxd.net
content-type: text/javascript

GET
H2 200 get Show response
cdn.krxd.net/userdata/ 365 B
508 B 114ms
114ms Script
text/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/userdata/get?pub=5bb0a1bc-2edf-4a26-a522-aabeead2651e&technographics=1&callback=Krux.ns.jungroup.kxjsonp_userdata
Requested by: Host: iuhp2.destinationrx.com
URL: https://iuhp2.destinationrx.com/PC/2022
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 867a0ad2c3fe330cb611985e22f90942860a5480bdb652c3ac3f4d6e7269f3b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iuhp2.destinationrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2
date: Thu, 07 Apr 2022 17:45:29 GMT
content-encoding: gzip
age: 0
x-served-by: userdata-a015-ash-prod.krxd.net, cache-hhn4046-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript
via: 1.1 varnish
cache-control: private, max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1649353529.273953,VS0,VE99
content-length: 280
x-cache-hits: 0, 0

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame B2C9 0
181 B 74ms
73ms Document
text/html 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=bbb5mir&ref=https%3A%2F%2Fiuhp2.destinationrx.com%2FPC%2F2022&upid=6y5ps0q&upv=1.1.0
Requested by: Host: iuhp2.destinationrx.com
URL: https://iuhp2.destinationrx.com/PC/2022
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://iuhp2.destinationrx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html
date: Thu, 07 Apr 2022 17:45:29 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 18ms
17ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1057904168&t=event&ni=0&_s=1&dl=https%3A%2F%2Fiuhp2.destinationrx.com%2FPC%2F2022&ul=en-us&de=UTF-8&dt=VnextCore&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=On-page%20Behavior&ea=Scroll&el=25&_u=aADAAEABAAAAAC~&jid=&gjid=&cid=1308252593.1649353527&tid=UA-79409405-7&_gid=1714874636.1649353527&gtm=2wg3u0WSTBJN&z=1450017946

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iuhp2.destinationrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 14:18:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 12431
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 19ms
18ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1057904168&t=event&ni=0&_s=1&dl=https%3A%2F%2Fiuhp2.destinationrx.com%2FPC%2F2022&ul=en-us&de=UTF-8&dt=VnextCore&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=On-page%20Behavior&ea=Scroll&el=50&_u=aADAAEABAAAAAC~&jid=&gjid=&cid=1308252593.1649353527&tid=UA-79409405-7&_gid=1714874636.1649353527&gtm=2wg3u0WSTBJN&z=835520708

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iuhp2.destinationrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 14:18:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 12431
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 19ms
18ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1057904168&t=event&ni=0&_s=1&dl=https%3A%2F%2Fiuhp2.destinationrx.com%2FPC%2F2022&ul=en-us&de=UTF-8&dt=VnextCore&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=On-page%20Behavior&ea=Scroll&el=75&_u=aADAAEABAAAAAC~&jid=&gjid=&cid=1308252593.1649353527&tid=UA-79409405-7&_gid=1714874636.1649353527&gtm=2wg3u0WSTBJN&z=75659573

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iuhp2.destinationrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 14:18:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 12431
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 19ms
18ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1057904168&t=event&ni=0&_s=1&dl=https%3A%2F%2Fiuhp2.destinationrx.com%2FPC%2F2022&ul=en-us&de=UTF-8&dt=VnextCore&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=On-page%20Behavior&ea=Scroll&el=100&_u=aADAAEABAAAAAC~&jid=&gjid=&cid=1308252593.1649353527&tid=UA-79409405-7&_gid=1714874636.1649353527&gtm=2wg3u0WSTBJN&z=424750359

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iuhp2.destinationrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 14:18:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 12431
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
beacon.krxd.net/ 0
337 B 42ms
41ms Image
text/plain 52.50.239.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/pixel.gif?source=smarttag&fired=report&confid=uc69gslvp&_kpid=5bb0a1bc-2edf-4a26-a522-aabeead2651e&_kcp_s=IU%20Health%20Plans&_kcp_d=iuhp2.destinationrx.com&_knifr=2&_kua_kx_tz=0&geo_country=sk&geo_region=bc&_kua_kx_lang=en-us&_kua_kx_tech_browser_language=en-us&_kua_kx_tech_browser=Chrome%2010&_kua_kx_tech_manufacturer=Microsoft%20Corporation&_kua_kx_tech_device=Computer&_kua_kx_tech_os=Windows%2010&_kua_kx_geo_country=sk&_kua_kx_geo_region=bc&_kua_kx_whistle=0&t_navigation_type=0&t_dns=11&t_tcp=378&t_http_request=-1&t_http_response=230&t_content_ready=2377&t_window_load=4917&t_redirect=0&interchange_ran=false&userdata_was_requested=true&userdata_did_respond=true&store_user_after=xaw6apknj&userdata_user=Ow7wocI9%2Cxaw6apknj&sview=1&jsonp_requests=https%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F5bb0a1bc-2edf-4a26-a522-aabeead2651e%2C87%2Chttps%3A%2F%2Fbeacon.krxd.net%2Foptout_check%2C130%2Chttps%3A%2F%2Fcdn.krxd.net%2Fuserdata%2Fget%2C130
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.239.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-239-222.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iuhp2.destinationrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 17:45:29 GMT
cache-control: private, no-cache, no-store
x-request-time: D=58 t=1649353529
x-served-by: beacon-n020-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK cac7b39d3e Show response
bam-cell.nr-data.net/1/ 49 B
720 B 394ms
354ms Script
text/javascript 162.247.243.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/cac7b39d3e?a=236081898,555757310,16171334&v=1215.1253ab8&to=YgFVYRRSXBFZUxBYXVtLemMlHGANV0QnXlxBFlhZClZATXFeAFRKdBdOWwU%3D&rst=5076&ck=1&ref=https://iuhp2.destinationrx.com/PC/2022&ap=1039&be=868&fe=4918&dc=4807&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1649353524345,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:12,%22c%22:12,%22s%22:127,%22ce%22:390,%22rq%22:390,%22rp%22:748,%22rpe%22:978,%22dl%22:751,%22di%22:2377,%22ds%22:4807,%22de%22:4808,%22dc%22:4917,%22l%22:4917,%22le%22:4921%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by: Host: iuhp2.destinationrx.com
URL: https://iuhp2.destinationrx.com/PC/2022
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iuhp2.destinationrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 07 Apr 2022 17:45:29 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 6f8493c73c96927a-FRA

GET
H/1.1 200
OK values:check Show response
iuhp2.destinationrx.com/PC/2022/o/saml2/ 19 B
780 B 133ms
132ms XHR
application/json 40.143.95.201
AS-TIERP-7349

General

Check archive.org

Show headers Download Go to

Full URL

https://iuhp2.destinationrx.com/PC/2022/o/saml2/values:check

Requested by

Host: iuhp2.destinationrx.com
URL: https://iuhp2.destinationrx.com/PC/2022

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

40.143.95.201 , United States, ASN7349 (AS-TIERP-7349, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

9c9729d235cfd4897778afaf5651db6b7e91ca68f8c5d052d66de5e09734d668

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; script-src https: data: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; style-src https: data: 'unsafe-eval' 'unsafe-inline'; connect-src https: data: wss:; font-src https: data:; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
X-NewRelic-ID: UA4HVFZACgAGVFlTDwgP
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzYjphcHBfaWQiOiI0MjI0MzUxIiwic2I6ZG9tYWluIjoiSVVIUF9Ccm9rZXIiLCJzYjpwbGFueWVhciI6IjIwMjIiLCJzdWIiOiJrMGhybWNUTkVldUdoZ0JRVnIyMTVnIiwic2I6ZW52IjoiUFJPRCIsIm5iZiI6MTY0OTM1MzUyOSwiZXhwIjoxNjQ5MzYwNzI5LCJpYXQiOjE2NDkzNTM1MjksImlzcyI6Imh0dHBzOi8vd3d3LmRyeHdlYnNlcnZpY2VzLmNvbS9TUEEyMDIyLyIsImF1ZCI6Imh0dHBzOi8vd3d3LmRyeHdlYnNlcnZpY2VzLmNvbS9zcGEyMDIyIn0.2BEpMBnfLe0ZEd-aP_BWXiQC3eoDVgZwN_8aCMkD8lk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Referer: https://iuhp2.destinationrx.com/PC/2022

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubdomains
X-Content-Type-Options: nosniff
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
P3P: CP="OTI DSP COR ADM DEVo TAIi PSA IVDi CONi TELi OUR IND CNT CAO"
Cache-Control: no-cache
Date: Thu, 07 Apr 2022 17:45:29 GMT
Content-Security-Policy: default-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; script-src https: data: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; style-src https: data: 'unsafe-eval' 'unsafe-inline'; connect-src https: data: wss:; font-src https: data:; upgrade-insecure-requests;
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 1; mode=block
Expires: -1

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 24ms
24ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: iuhp2.destinationrx.com
URL: https://iuhp2.destinationrx.com/PC/2022

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://iuhp2.destinationrx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 17:45:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://iuhp2.destinationrx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: iuhp2.destinationrx.com
URL: https://iuhp2.destinationrx.com/PC/2022

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iuhp2.destinationrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 640
date: Thu, 07 Apr 2022 17:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 07 Apr 2022 19:34:50 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 26ms
26ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1057904168&t=pageview&_s=1&dl=https%3A%2F%2Fiuhp2.destinationrx.com%2FPC%2F2022%2FAccount%2FLogin&dp=iuhp2.destinationrx.com%2FPC%2F2022%2FAccount%2FLogin&ul=en-us&de=UTF-8&dt=Indiana%20University%20Health%20Plans%20-%20Log%20in%20and%20get%20started&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aAHAAEABAAAAAC~&jid=927342627&gjid=984307923&cid=1308252593.1649353527&tid=UA-163154869-7&_gid=1714874636.1649353527&_r=1&gtm=2wg3u0K3J8MGD&cd2=&cd10=MemberID%3AMemberID-NotSet%7CIDmethod%3Aanonymous%7CMemberAssistCode%3An%2Fa&cg1=Broker-SingleCarrier&cg2=435&cg3=iuhp2.destinationrx.com%2FPC%2F2022%2F&cg4=AgentGUID-NotSet&cg5=en-US&cd1=1649353530492.tobaj0f&cd3=broker%7CType%3A2&cd4=2022&cd5=CID%3A435%7CSID%3Ak0hrmcTNEeuGhgBQVr215g&cd6=iuhp2.destinationrx.com%2FPC%2F2022%2F&cd7=%3F&cd8=en-US&cd9=1649353530488.kfcpo01g&cd11=AgentGUID-NotSet&cd12=Zip%3A%7CFIPS%3A&cd13=SiteHasGuidedHelpInfo-NotSet&cd14=ProviderCount%3A0~DrugCount%3AUnavailable~PharmacyNABP%3ASelectedPharmacy-NotSet&cd15=n%2Fa%20-%20only%20available%20for%20certain%20pages&cd16=PlanType%3APlanType-NotSet%7CCarrier%3APlanCarrier-NotSet%7CPlanID%3APlanID-NotSet%7CAnnualCost%3APlanTotalAnnualCost-NotSet%7CRM%3An%2Fa&cd17=n%2Fa%20-%20values%20only%20available%20on%20enrollment%20pages&cd18=n%2Fa%20-%20values%20only%20available%20on%20enrollment%20pages&cd20=SelectedCoverage%3ACoverage-NotSet%7CSelectedSubsidy%3ASubsidy-NotSet%7CSelectedHealth%3AHealth-NotSet%7CSelectedAge%3AAge-NotSet&z=2112327846

Requested by

Host: iuhp2.destinationrx.com
URL: https://iuhp2.destinationrx.com/PC/2022

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://iuhp2.destinationrx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 17:45:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://iuhp2.destinationrx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 25ms
25ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1057904168&t=pageview&_s=1&dl=https%3A%2F%2Fiuhp2.destinationrx.com%2FPC%2F2022%2FAccount%2FLogin&dp=iuhp2.destinationrx.com%2FPC%2F2022%2FAccount%2FLogin&ul=en-us&de=UTF-8&dt=Indiana%20University%20Health%20Plans%20-%20Log%20in%20and%20get%20started&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aAHAAEABAAAAAC~&jid=897375687&gjid=125010162&cid=1308252593.1649353527&tid=UA-163154869-2&_gid=1714874636.1649353527&_r=1&gtm=2wg3u0K3J8MGD&cd2=&cd10=MemberID%3AMemberID-NotSet%7CIDmethod%3Aanonymous%7CMemberAssistCode%3An%2Fa&cg1=Broker-SingleCarrier&cg2=435&cg3=iuhp2.destinationrx.com%2FPC%2F2022%2F&cg4=AgentGUID-NotSet&cg5=en-US&cd1=1649353530501.cjqe70a&cd3=broker%7CType%3A2&cd4=2022&cd5=CID%3A435%7CSID%3Ak0hrmcTNEeuGhgBQVr215g&cd6=iuhp2.destinationrx.com%2FPC%2F2022%2F&cd7=%3F&cd8=en-US&cd9=1649353530488.kfcpo01g&cd11=AgentGUID-NotSet&cd12=Zip%3A%7CFIPS%3A&cd13=SiteHasGuidedHelpInfo-NotSet&cd14=ProviderCount%3A0~DrugCount%3AUnavailable~PharmacyNABP%3ASelectedPharmacy-NotSet&cd15=n%2Fa%20-%20only%20available%20for%20certain%20pages&cd16=PlanType%3APlanType-NotSet%7CCarrier%3APlanCarrier-NotSet%7CPlanID%3APlanID-NotSet%7CAnnualCost%3APlanTotalAnnualCost-NotSet%7CRM%3An%2Fa&cd17=n%2Fa%20-%20values%20only%20available%20on%20enrollment%20pages&cd18=n%2Fa%20-%20values%20only%20available%20on%20enrollment%20pages&cd20=SelectedCoverage%3ACoverage-NotSet%7CSelectedSubsidy%3ASubsidy-NotSet%7CSelectedHealth%3AHealth-NotSet%7CSelectedAge%3AAge-NotSet&z=1445985577

Requested by

Host: iuhp2.destinationrx.com
URL: https://iuhp2.destinationrx.com/PC/2022

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://iuhp2.destinationrx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 17:45:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://iuhp2.destinationrx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 18ms
17ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=299328567435046&ev=PageView&dl=https%3A%2F%2Fiuhp2.destinationrx.com%2FPC%2F2022%2FAccount%2FLogin&rl=&if=false&ts=1649353530065&sw=1600&sh=1200&v=2.9.57&r=stable&a=tmgoogletagmanager&ec=2&o=30&fbp=fb.1.1649353527089.1089166107&it=1649353526912&coo=false&exp=p1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iuhp2.destinationrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 17:45:30 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 07 Apr 2022 17:45:30 GMT

GET
H2 200 IUHealthPlansHz4c_1_drx_08172016022838426.jpg
contentserver.destinationrx.com/ContentServer/DRxProductContent/PC4_ClientImages/435_8a280ede655be61180dd0024e85a4a7d/ 31 KB
31 KB 678ms
678ms Image
image/jpeg 2600:9000:223d:ac00:9:f936:20c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://contentserver.destinationrx.com/ContentServer/DRxProductContent/PC4_ClientImages/435_8a280ede655be61180dd0024e85a4a7d/IUHealthPlansHz4c_1_drx_08172016022838426.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:ac00:9:f936:20c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5a3c91d04c1c46dc59c56ec8f80474cc3f7e7f2fac42ec4daeb19b910f43cccd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iuhp2.destinationrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 17:45:32 GMT
via: 1.1 8af5231b014ab5e8c35000dd4cf4b68c.cloudfront.net (CloudFront)
last-modified: Sun, 10 Jun 2018 04:40:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
etag: "35bfd3b5ad3ae72ea8cbba43a8362a2c"
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 31555
x-amz-cf-id: AZ_Gn_Pdq9zCQWF8_5IufgFLaLs13TDjZNFti0P4Gna9DcKZHnhrmQ==

GET
H2 200 brokerlogin_image_02192020082730426.png
contentserver.destinationrx.com/ContentServer/DRxProductContent/pc4_clientimages/0_1fc06ab51322ea11a2fc00505696c194/ 780 KB
781 KB 639ms
638ms Image
image/png 2600:9000:223d:ac00:9:f936:20c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://contentserver.destinationrx.com/ContentServer/DRxProductContent/pc4_clientimages/0_1fc06ab51322ea11a2fc00505696c194/brokerlogin_image_02192020082730426.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:ac00:9:f936:20c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27d8573fa69979139ae0910dbb183bbba5e9c41bd67663d562e07cfd9ee8e15e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iuhp2.destinationrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 17:45:32 GMT
via: 1.1 8af5231b014ab5e8c35000dd4cf4b68c.cloudfront.net (CloudFront)
last-modified: Thu, 20 Feb 2020 04:27:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
etag: "3e3257199c2055cda97fa72fd81175b9"
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 798418
x-amz-cf-id: NpAMeg_RHyZk0-yF5_E4GrwhI9eGINWewU7UCp4_uqG-3lEXQtC3Ew==

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 53ms
26ms Ping
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-84EFMR10WX&gtm=2oe3u0&_p=1057904168&sr=1600x1200&_z=ccd.AAB&ul=en-us&cid=1308252593.1649353527&dl=https%3A%2F%2Fiuhp2.destinationrx.com%2FPC%2F2022&dt=VnextCore&sid=1649353526&sct=1&seg=0&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-84EFMR10WX&l=dataLayerDrx&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://iuhp2.destinationrx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 17:45:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://iuhp2.destinationrx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: global.ib-ibi.com
URL: https://global.ib-ibi.com/image.sbix?go=247532&pid=314&xid=Ow7wocI9

Verdicts & Comments Add Verdict or Comment

188 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.destinationrx.com/	1969-12-31 23:59:59	Name: SXID Value: dhygvbiimbrela5jvnrnm1nv
iuhp2.destinationrx.com/	1970-01-20 02:09:13	Name: site+pc.2022 Value: eyJpZCI6ImswaHJtY1RORWV1R2hnQlFWcjIxNWciLCJyIjoiNjM3ODM3MDA4ODgxNTc0ODc5IiwiaCI6ImVmZTk3YjU2NDM3NTcwZDc4ZTQyMTkwMjk0MzVmZDkzY2I3N2FmMzVhNzJjM2IyZGExZGJmYzdhMmI2ODczNDgifQ==
.destinationrx.com/	1970-01-20 04:18:49	Name: _gcl_au Value: 1.1.1495523783.1649353527
.destinationrx.com/	1970-01-20 19:40:25	Name: _ga Value: GA1.2.1308252593.1649353527
.destinationrx.com/	1970-01-20 02:10:39	Name: _gid Value: GA1.2.1714874636.1649353527
.destinationrx.com/	1970-01-20 02:09:13	Name: _gat_UA-79409405-7 Value: 1
.linkedin.com/	1970-01-20 02:52:25	Name: UserMatchHistory Value: AQJdzi63IifHnQAAAYAFIY70rju0iqAzgwLvzLShvTT3MMA3d3oKkgzosUwTDPU1l5Ih_i2iNquHBg
.linkedin.com/	1970-01-20 02:52:25	Name: AnalyticsSyncHistory Value: AQL5h1SUUsSZ_gAAAYAFIY704F-pTmZg82PKAZISIV-haqAFA0vGjx0aZtVCs1HG_M_Ex9m4T8nvwC_qcpXm2w
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 19:41:07	Name: bcookie Value: "v=2&a297ec85-5690-45c2-8dde-d0517d5b1d2d"
.linkedin.com/	1970-01-20 02:10:39	Name: lidc Value: "b=VGST01:s=V:r=V:a=V:p=V:g=2590:u=1:x=1:i=1649353527:t=1649439927:v=2:sig=AQHOu9wYOrdcfeKMy1Z_O3HmPNR8Ae6M"
.destinationrx.com/	1970-01-20 04:18:49	Name: _fbp Value: fb.1.1649353527089.1089166107
.krxd.net/	1970-01-20 06:28:25	Name: _kuid_ Value: Ow7wocI9
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 19:41:07	Name: bscookie Value: "v=1&20220407174527951f4dea-7c8d-451d-8c45-ba5e3e2ca541AQF7Cq0-F37ol1LfTINTfZOtOWN9TauW"
.linkedin.com/	1970-01-20 19:39:19	Name: li_gc Value: MTswOzE2NDkzNTM1Mjc7MjswMjFY22yO9U/n10CW/sjhduM3GiJrPEfJiSw2iBrBZnk8dQ==
tags.srv.stackadapt.com/	1970-01-20 10:54:49	Name: sa-user-id Value: s%3A0-175d3fbd-f4f7-4f9c-70c4-1ddf1a11fcce.3GJpMxN2uratQZWfPJdJOv6qqxhTWsLcbBjP%2BLHdBsY
.agkn.com/	1970-01-20 10:54:49	Name: ab Value: 0001%3AF1xR3x45OUs9GBwhJgV8PI1ucBIYnZTB
.rlcdn.com/	1970-01-20 10:54:49	Name: rlas3 Value: Ae6CNx+sFY1kUSW6w13/9oWp0nBMcRK3Fr+aoHxirI4=
.rlcdn.com/	1970-01-20 03:35:37	Name: pxrc Value: CAA=
.adsrvr.org/	1970-01-20 10:54:49	Name: TDID Value: 2b70987d-686d-4c95-a25c-b1249b82b09d
.crwdcntrl.net/	1969-12-31 23:59:59	Name: _cc_cc Value: ctst
.turn.com/	1970-01-20 06:28:25	Name: uid Value: 7229601667451589200
.doubleclick.net/	1970-01-20 11:30:49	Name: IDE Value: AHWqTUkBOare0cGc_-LdVjf5HRj6qTujLXuNVu-eaKviIhbAZaKa-50SSYLliKzkPtE
.adsrvr.org/	1970-01-20 10:54:49	Name: TDCPM Value: CAESEwoEa3J1eBILCPrTtfGNssw6EAUYBSABKAIyCwiasYSepLLMOhAFOAE.
sync.srv.stackadapt.com/	1970-01-20 10:54:49	Name: sa-user-id Value: s%3A0-af0dd93f-77ac-4b6b-5f90-072861a26b3e.WT%2BhXsbPpWrMliF0ZjBdXJngwFMp8QjzCiLJzqe%2F6s4
.srv.stackadapt.com/	1970-01-20 10:54:49	Name: sa-user-id-v2 Value: s%3Arw3ZP3esS2tfkAcoYaJrPtly14M.QoUPw3NsGejKyeuv8sNksyzHepA%2Fqj5dN1b1f3xgR4I
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 31d485b545586b04
.iuhp2.destinationrx.com/	1970-01-20 19:40:25	Name: _ga Value: GA1.3.1308252593.1649353527
.iuhp2.destinationrx.com/	1970-01-20 02:10:39	Name: _gid Value: GA1.3.1714874636.1649353527
.iuhp2.destinationrx.com/	1970-01-20 02:09:13	Name: _gat_UA-9376214-268 Value: 1
.iuhp2.destinationrx.com/	1970-01-20 02:09:13	Name: _gat_UA-163154869-7 Value: 1
.iuhp2.destinationrx.com/	1970-01-20 02:09:13	Name: _gat_UA-163154869-2 Value: 1
.destinationrx.com/	1970-01-20 19:40:25	Name: _ga_84EFMR10WX Value: GS1.1.1649353526.1.1.1649353531.55

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=2111c0af-fc3a-446f-ab07-63aa74fbde8e Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://global.ib-ibi.com/image.sbix?go=247532&pid=314&xid=Ow7wocI9 Message: Failed to load resource: net::ERR_CONNECTION_RESET

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; script-src https: data: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; style-src https: data: 'unsafe-eval' 'unsafe-inline'; connect-src https: data: wss:; font-src https: data:; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
analytics.google.com
bam-cell.nr-data.net
beacon.krxd.net
cdn.krxd.net
cm.g.doubleclick.net
connect.facebook.net
consumer.krxd.net
contentserver.destinationrx.com
d.turn.com
global.ib-ibi.com
idsync.rlcdn.com
insight.adsrvr.org
iuhp2.destinationrx.com
js-agent.newrelic.com
js.adsrvr.org
match.adsrvr.org
px.ads.linkedin.com
px4.ads.linkedin.com
s.amazon-adsystem.com
snap.licdn.com
stats.g.doubleclick.net
sync.crwdcntrl.net
sync.srv.stackadapt.com
tags.srv.stackadapt.com
usermatch.krxd.net
www.drxwebservices.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
global.ib-ibi.com
13.107.42.14
13.227.147.61
142.250.185.66
151.101.194.133
151.101.66.137
162.247.243.146
18.185.251.21
2001:678:cb4:bbbb::13
2600:9000:223d:ac00:9:f936:20c0:93a1
2620:1ec:21::14
2a00:1450:4001:811::2003
2a00:1450:4001:812::2008
2a00:1450:4001:813::200e
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2004
2a00:1450:400c:c03::9d
2a02:26f0:ef::5c7b:c23c
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
3.248.131.63
3.93.204.138
35.244.174.68
35.71.131.137
40.143.95.130
40.143.95.201
44.193.136.195
52.46.130.91
52.50.239.222
54.145.48.80
078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
0b9334f0c670accdd5d7b00df603cc822fdba8c705eaf3669d318f664c5afe0f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
27d8573fa69979139ae0910dbb183bbba5e9c41bd67663d562e07cfd9ee8e15e
36f11823385fde37152ea5474c6a95b8f02e286a21a83912913a8be33835cc38
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9
412fe890925c0966aa6ed312e5846cac1572c856e551717cd07d0e5f805ac3c8
41cd30ced93b4d55366c53f6af0451e9591928b1074c13380d624cd8413ff8b9
44f474f2590ebed27c1f1e807a2fe192a5eac74d5671073512089ef7614cd34a
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
504de8cc6f919163bc9afb67b9bc208d258230c5e8d00cb82ec52474f9fafc3b
5a3c91d04c1c46dc59c56ec8f80474cc3f7e7f2fac42ec4daeb19b910f43cccd
5b1379688f6278d12cd358e447b825f5309ad7400308e651665b99dd6045c179
5d5cf5a4a5b7c02915bc261dca0c755d29beda0c0c3a005c78c1682c9934bb3c
677508e78990bfbdd065aa1abe731805ffe1149bb3adb87b2f9b90de60bb152d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
819affa185ce61e031f557280932c4f31fc54a120fb559573bd959c1f80812c3
81ebc3916b524007b756d91d9df13c7673ec401161f2cad161662d08dcf1cc72
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
867a0ad2c3fe330cb611985e22f90942860a5480bdb652c3ac3f4d6e7269f3b7
9b87925d061b1affb66417717731ad781f7d7678fb089b49f14bd922c2338559
9c9729d235cfd4897778afaf5651db6b7e91ca68f8c5d052d66de5e09734d668
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
adf3b27629ced342079660648bfaf40ce1aae42083663fdb3cdce48d233068a4
af1b7268671ecbd4091dd6b2d37a244be961f48ba5189db6163a7fd16684b112
af6406e8f4d712a0762db7aad2915763a80bb1c218453b2932bc35f41d8102de
b37fff266f8349d161214a2029a71987d0b83897deab98e1e65688a722644fb3
b9b47c8bafc4618d804c7c54ac03c39b29beb9ed5b1e7d9dbadb0f28d71c3d94
bab583d38d105dac9141b287fb2b7763b6d8b0bae97e745faaccedb40a579c29
bd5a2af736b60c749e5457c4b157f0139481033d111d72cb1655d8b1bd40fb3d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3116a23d2dc2d4883680a10458529fdfeca8552b578250cfddf7e2d5f9052d7
c4c8cb572a5a2c43d78b3701f4b2349684e6ca4d1557e469af6065b1e099c26c
cef45432e7e897ea3b958c2e9fe3289363aa1cc7587ad5ebd22580199a583e62
da9eeb0e829ef8cea0fa972d434a9146aa0a03e91265b4d65e2016b4f225f35f
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
dd2d8d288526b88b0eae53168e31b4092acf39ed38d40ffcbc6d0ab2f7a4aa66
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e1afd45d8d73908230ef64c48e779fc5d1268fb0c679b161da5481c4b6677163
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9e064fdc144f2094149b9a1dc31bac3d85425be614a1552ae4c79ef25fa9a9b
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

iuhp2.destinationrx.com Open in urlscan Pro 40.143.95.201 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

71 Requests

90 %HTTPS

41 %IPv6

22 Domains

33 Subdomains

25 IPs

5 Countries

4415 kBTransfer

12498 kBSize

34 Cookies

0 Outgoing links

Redirected requests

71 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

iuhp2.destinationrx.com Open in urlscan Pro
40.143.95.201 Public Scan

Screenshot
Live screenshot

Full Image

71
Requests

90 %
HTTPS

41 %
IPv6

22
Domains

33
Subdomains

25
IPs

5
Countries

4415 kB
Transfer

12498 kB
Size

34
Cookies

71 HTTP transactions
0 data transactions