www.e-rewardsmedical.com Open in urlscan Pro
2600:9000:211a:1800:18:d51a:a500:93a1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.e-rewardsmedical.com/en/signup?id=mvooscvef3n9xc6
Submission: On February 04 via manual (February 4th 2023, 2:09:31 am UTC) from US — Scanned from DE

Summary HTTP 64 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 24 IPs in 4 countries across 17 domains to perform 64 HTTP transactions. The main IP is 2600:9000:211a:1800:18:d51a:a500:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.e-rewardsmedical.com.
TLS certificate: Issued by Amazon on October 11th 2022. Valid for: a year.

This is the only time www.e-rewardsmedical.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 13	2600:9000:211... 2600:9000:211a:1800:18:d51a:a500:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:20e... 2600:9000:20eb:3600:1f:ad95:87c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 4	34.194.27.19 34.194.27.19	14618 (AMAZON-AES) (AMAZON-AES)
1	52.217.164.233 52.217.164.233	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400d:80e::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:f70... 2a02:26f0:f700:481::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a00:1450:400... 2a00:1450:400d:80c::2003	15169 (GOOGLE) (GOOGLE)
1	108.138.17.87 108.138.17.87	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:400d:803::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:2251:6000:17:5070:d6c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	13.224.189.30 13.224.189.30	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	13.225.78.2 13.225.78.2	16509 (AMAZON-02) (AMAZON-02)
1 7	104.103.100.82 104.103.100.82	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2600:1f18:24e... 2600:1f18:24e6:b902:6853:4072:a1e0:a34d	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:400d:802::200e	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	54.205.245.16 54.205.245.16	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:402... 2a00:1450:4025:401::9b	15169 (GOOGLE) (GOOGLE)
1	2600:9000:211... 2600:9000:211a:d200:18:d51a:a500:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20e... 2600:9000:20eb:f200:0:9a75:c240:21	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:400d:80d::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400d:802::2003	15169 (GOOGLE) (GOOGLE)
64	24

13 2600:9000:211a:1800:18:d51a:a500:93a1 (United States) 3 redirects

ASN16509 (AMAZON-02, US)

www.e-rewardsmedical.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
flare.e-rewardsmedical.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:20eb:3600:1f:ad95:87c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn4.rsncdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.194.27.19 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-27-19.compute-1.amazonaws.com

goggles.mw.dynata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.164.233 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

upp-public.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80e::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:f700:481::1e80 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:80c::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-87.fra56.r.cloudfront.net

tag.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:803::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2251:6000:17:5070:d6c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

darwin-assets.dynata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.189.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-30.fra2.r.cloudfront.net

darwin-api.dynata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-2.fra2.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.103.100.82 (Vienna, Austria) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-103-100-82.deploy.static.akamaitechnologies.com

c.evidon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:24e6:b902:6853:4072:a1e0:a34d (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

rum.browser-intake-datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:802::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.205.245.16 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-245-16.compute-1.amazonaws.com

l.evidon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4025:401::9b (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211a:d200:18:d51a:a500:93a1 (United States)

ASN16509 (AMAZON-02, US)

flare.e-rewardsmedical.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:f200:0:9a75:c240:21 (United States)

ASN16509 (AMAZON-02, US)

d3agx2rif8aadl.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:80d::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:802::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	e-rewardsmedical.com 3 redirects www.e-rewardsmedical.com flare.e-rewardsmedical.com	410 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com	639 KB
9	evidon.com 1 redirects c.evidon.com — Cisco Umbrella Rank: 1382 l.evidon.com — Cisco Umbrella Rank: 7766	41 KB
7	dynata.com 1 redirects goggles.mw.dynata.com — Cisco Umbrella Rank: 249727 darwin-assets.dynata.com — Cisco Umbrella Rank: 185635 darwin-api.dynata.com — Cisco Umbrella Rank: 869792	5 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 21 region1.google-analytics.com — Cisco Umbrella Rank: 2456	20 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	254 KB
4	google.com www.google.com — Cisco Umbrella Rank: 2	25 KB
3	rsncdn.com cdn4.rsncdn.com — Cisco Umbrella Rank: 179679	77 KB
2	browser-intake-datadoghq.com rum.browser-intake-datadoghq.com — Cisco Umbrella Rank: 2771
1	cloudfront.net d3agx2rif8aadl.cloudfront.net	153 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 78	352 B
1	company-target.com api.company-target.com — Cisco Umbrella Rank: 3420	959 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 596	98 B
1	demandbase.com tag.demandbase.com — Cisco Umbrella Rank: 4588	19 KB
1	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 475	9 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	953 B
1	amazonaws.com upp-public.s3.amazonaws.com — Cisco Umbrella Rank: 347880	66 KB
64	17

	Domain	Requested by
12	www.e-rewardsmedical.com	3 redirects www.e-rewardsmedical.com
7	c.evidon.com	1 redirects www.e-rewardsmedical.com c.evidon.com
6	www.gstatic.com	www.google.com www.gstatic.com
5	www.googletagmanager.com	www.e-rewardsmedical.com www.googletagmanager.com
5	fonts.gstatic.com	fonts.googleapis.com www.google.com
4	www.google.com	www.e-rewardsmedical.com www.gstatic.com www.google.com
4	goggles.mw.dynata.com	1 redirects www.e-rewardsmedical.com
3	www.google-analytics.com	www.googletagmanager.com www.e-rewardsmedical.com
3	cdn4.rsncdn.com	www.e-rewardsmedical.com
2	flare.e-rewardsmedical.com	www.e-rewardsmedical.com
2	l.evidon.com	www.e-rewardsmedical.com
2	region1.google-analytics.com	www.googletagmanager.com
2	rum.browser-intake-datadoghq.com	www.e-rewardsmedical.com
2	darwin-api.dynata.com	www.e-rewardsmedical.com
1	d3agx2rif8aadl.cloudfront.net	www.e-rewardsmedical.com
1	stats.g.doubleclick.net	www.e-rewardsmedical.com
1	api.company-target.com	www.e-rewardsmedical.com
1	id.rlcdn.com	www.e-rewardsmedical.com
1	darwin-assets.dynata.com	www.e-rewardsmedical.com
1	tag.demandbase.com	www.e-rewardsmedical.com
1	assets.adobedtm.com	www.e-rewardsmedical.com
1	fonts.googleapis.com	www.e-rewardsmedical.com
1	upp-public.s3.amazonaws.com	www.e-rewardsmedical.com
64	23

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.e-rewardsmedical.de

Subject Issuer	Validity	Valid
*.e-rewardsmedical.com Amazon	`2022-10-11` - `2023-11-08`	a year	crt.sh
cdn4.rsncdn.com Amazon	`2022-12-26` - `2024-01-23`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-08-19`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2022-08-17` - `2023-09-18`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.mw.dynata.com Amazon	`2022-06-27` - `2023-07-26`	a year	crt.sh
*.dynata.com Amazon	`2022-06-01` - `2023-06-30`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2022-09-16` - `2023-10-18`	a year	crt.sh
*.evidon.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-12` - `2023-04-12`	a year	crt.sh
*.browser-intake-datadoghq.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-21` - `2023-07-22`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.e-rewardsmedical.com/en/signup?id=mvooscvef3n9xc6
Frame ID: 945F48B0C86B1FC290B974A9E82EAA7F
Requests: 53 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcRhCIUAAAAAIXbvq3leyKjtt8gt5CzBOi8Ezqt&co=aHR0cHM6Ly93d3cuZS1yZXdhcmRzbWVkaWNhbC5jb206NDQz&hl=en&v=gEr-ODersURoIfof1hiDm7R5&size=normal&cb=sy0o7523vijx
Frame ID: B17E26FADAF9BDA331340B34D40A48E1
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=gEr-ODersURoIfof1hiDm7R5&k=6LcRhCIUAAAAAIXbvq3leyKjtt8gt5CzBOi8Ezqt
Frame ID: D07DD14AE90B95066E03F65EAF15547F
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign Up for Online Surveys to Earn Rewards at e-Rewards Medical

Page URL History Show full URLs

https://www.e-rewardsmedical.com/en/signup?id=mvooscvef3n9xc6 HTTP 301
https://www.e-rewardsmedical.com/join?id=mvooscvef3n9xc6 HTTP 301
https://www.e-rewardsmedical.com/signup?id=mvooscvef3n9xc6 HTTP 301
https://www.e-rewardsmedical.com/en/signup?id=mvooscvef3n9xc6 Page URL

Detected technologies

Crownpeak (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

c\.evidon\.com

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

64
Requests

95 %
HTTPS

65 %
IPv6

17
Domains

23
Subdomains

24
IPs

4
Countries

1721 kB
Transfer

4563 kB
Size

7
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/eRewardsMedical

Search URL Search Domain Scan URL

URL: https://www.e-rewardsmedical.de/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.e-rewardsmedical.com/en/signup?id=mvooscvef3n9xc6 HTTP 301
https://www.e-rewardsmedical.com/join?id=mvooscvef3n9xc6 HTTP 301
https://www.e-rewardsmedical.com/signup?id=mvooscvef3n9xc6 HTTP 301
https://www.e-rewardsmedical.com/en/signup?id=mvooscvef3n9xc6 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://goggles.mw.dynata.com/api/v1/upp/global.js HTTP 302
https://upp-public.s3.amazonaws.com/upp-client/1.2.2/global.js?v=1

Request Chain 30

https://c.evidon.com/sitenotice/1696/e-rewardsmedical/settings.js HTTP 301
https://c.evidon.com/sitenotice/1696/e-rewardsmedical/settingsV2.js

64 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request signup Show response
www.e-rewardsmedical.com/en/
Redirect Chain

https://www.e-rewardsmedical.com/en/signup?id=mvooscvef3n9xc6
https://www.e-rewardsmedical.com/join?id=mvooscvef3n9xc6
https://www.e-rewardsmedical.com/signup?id=mvooscvef3n9xc6
https://www.e-rewardsmedical.com/en/signup?id=mvooscvef3n9xc6

153 KB
33 KB

273ms
273ms

Document
text/html

2600:9000:211a:1800:18:d51a:a500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.e-rewardsmedical.com/en/signup?id=mvooscvef3n9xc6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:1800:18:d51a:a500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash: e85e811f76dc0f86f38160bc7f3d6956c37ca4edfa340585207b15c8e16f8c42

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=604800
content-encoding: gzip
content-length: 33697
content-type: text/html
date: Sat, 04 Feb 2023 02:09:24 GMT
etag: "59c5420cc45d017ef5f91649964b77ec"
last-modified: Fri, 03 Feb 2023 09:36:52 GMT
server: nginx/1.21.6
vary: Accept-Encoding
via: 1.1 e41179d785de304a9240d5e97b2e4cbc.cloudfront.net (CloudFront)
x-amz-cf-id: uKncPR_i5Db4CVq6cLSCRFvoyGkT2BIx6k5d4r-1zGgDX_AZTI3-jw==
x-amz-cf-pop: VIE50-C2
x-cache: Miss from cloudfront
x-stats: @gz_only; 0.041; 0.001; 0.040

Redirect headers

content-length: 0
date: Sat, 04 Feb 2023 02:09:24 GMT
location: /en/signup?id=mvooscvef3n9xc6
server: CloudFront
vary: Cookie
via: 1.1 e41179d785de304a9240d5e97b2e4cbc.cloudfront.net (CloudFront)
x-amz-cf-id: 3CSaIcIqqAsVL-sQGLwbi-BGyIOwRFh2TFMQq2zGgFr6SmFkzXOrcQ==
x-amz-cf-pop: VIE50-C2
x-cache: LambdaGeneratedResponse from cloudfront

GET
H2 200 style.css
www.e-rewardsmedical.com/blueprint/dist/stylesheets/ 97 KB
16 KB 38ms
35ms Stylesheet
text/css 2600:9000:211a:1800:18:d51a:a500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.e-rewardsmedical.com/blueprint/dist/stylesheets/style.css
Requested by: Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/en/signup?id=mvooscvef3n9xc6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:1800:18:d51a:a500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash: bfb745758c9ec0195071fcaabd9791a08bffbe4315a3c80739b084d37e087369

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/en/signup?id=mvooscvef3n9xc6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 01:37:24 GMT
content-encoding: br
via: 1.1 e41179d785de304a9240d5e97b2e4cbc.cloudfront.net (CloudFront)
last-modified: Fri, 03 Feb 2023 09:33:59 GMT
server: nginx/1.21.6
x-stats: @br_1st; 0.062; 0.002; 0.062
x-amz-cf-pop: VIE50-C2
age: 1920
etag: "5f04637cf5e4a40ab10b9b2b455dda15"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=604800
content-length: 16014
x-amz-cf-id: OwVeJvgDvAOKom_kBGC8WdsELUPb_IVRUOocaLOTnte60UI_i6UM2w==

GET
H2 200 default.css
www.e-rewardsmedical.com/blueprint/dist/stylesheets/layouts/default/ 17 KB
3 KB 101ms
99ms Stylesheet
text/css 2600:9000:211a:1800:18:d51a:a500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.e-rewardsmedical.com/blueprint/dist/stylesheets/layouts/default/default.css
Requested by: Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/en/signup?id=mvooscvef3n9xc6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:1800:18:d51a:a500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash: 0072ac4da2be62e296da967e0c844bc37e237e74bfab56683c927528eefdd6e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/en/signup?id=mvooscvef3n9xc6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 01:37:25 GMT
content-encoding: br
via: 1.1 e41179d785de304a9240d5e97b2e4cbc.cloudfront.net (CloudFront)
last-modified: Fri, 03 Feb 2023 09:32:59 GMT
server: nginx/1.21.6
x-stats: @br_1st; 0.055; 0.001; 0.055
x-amz-cf-pop: VIE50-C2
age: 1919
etag: "7d6cac675f9aca35473a3a4629713185"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=604800
content-length: 3159
x-amz-cf-id: GWdqRMQ3mS8A5Hm71NKnQL6Evd1Jivxi844P29H0DfBpDq8QS23lDA==

GET
H2 200 signup.css
www.e-rewardsmedical.com/blueprint/dist/stylesheets/ 3 KB
1 KB 41ms
39ms Stylesheet
text/css 2600:9000:211a:1800:18:d51a:a500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.e-rewardsmedical.com/blueprint/dist/stylesheets/signup.css
Requested by: Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/en/signup?id=mvooscvef3n9xc6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:1800:18:d51a:a500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash: 99242634c143c4935546f80818933bc681bc112bc120c6b24204cec2f20e1c37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/en/signup?id=mvooscvef3n9xc6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 01:37:25 GMT
content-encoding: br
via: 1.1 e41179d785de304a9240d5e97b2e4cbc.cloudfront.net (CloudFront)
last-modified: Fri, 03 Feb 2023 09:33:57 GMT
server: nginx/1.21.6
x-stats: @br_1st; 0.040; 0.002; 0.041
x-amz-cf-pop: VIE50-C2
age: 1919
etag: "c36f5768088f9afe671b7edf73121d10"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=604800
content-length: 752
x-amz-cf-id: VUG7-dU4d-teqr_4yh7cL5eyzsKnYJWJzLlY10fRFn2ApdZ05Niycw==

GET
H2 200 icons.js Show response
www.e-rewardsmedical.com/blueprint/dist/common/ 15 KB
5 KB 41ms
40ms Script
application/javascript 2600:9000:211a:1800:18:d51a:a500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.e-rewardsmedical.com/blueprint/dist/common/icons.js
Requested by: Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/en/signup?id=mvooscvef3n9xc6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:1800:18:d51a:a500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash: 151747425d77e68d7139dc374ebb289ee1ddda7dea62727a93be1c91591bde2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/en/signup?id=mvooscvef3n9xc6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 01:09:03 GMT
content-encoding: gzip
via: 1.1 e41179d785de304a9240d5e97b2e4cbc.cloudfront.net (CloudFront)
last-modified: Tue, 16 Aug 2022 16:33:53 GMT
server: nginx/1.21.6
x-stats: @origin; 0.158; 0.001 : 0.001 : 0.000 : 0.001; 0.037 : 0.029 : 0.018 : 0.074
x-amz-cf-pop: VIE50-C2
age: 90021
etag: W/"4003cb76511b170434281fb17c8f96c2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: CESfQfL90ceq2_IoSNF-3poQ-7B5nOzh3xmzA_dzV48p5tF4KLfA9w==

GET
H2 200 91e174c5-f1f3-4fb3-a187-7c97b057bb76
cdn4.rsncdn.com/prd/dynamicAsset/partner1/asset_logo/700/en_US/ 6 KB
6 KB 170ms
25ms Image
image/webp 2600:9000:20eb:3600:1f:ad95:87c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.rsncdn.com/prd/dynamicAsset/partner1/asset_logo/700/en_US/91e174c5-f1f3-4fb3-a187-7c97b057bb76
Requested by: Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/en/signup?id=mvooscvef3n9xc6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:3600:1f:ad95:87c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.17.8 /
Resource Hash: dd5e2022f635153489c43ca6a6a9b2010d13543eed029d5c6dfe714deace3ea0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 01:38:07 GMT
via: 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
last-modified: Thu, 19 Mar 2020 19:05:16 GMT
server: nginx/1.17.8
x-stats: @webp; 0.044; 0.012; 0.048
x-amz-cf-pop: FRA2-C1
age: 1878
etag: "2fff03c4c5895f6d1bee1778fa3b8813"
vary: Accept
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 5704
x-amz-cf-id: pqwyTWCWmS9TaOM1ndy0yEwpN_MXn7Qqh0eOZnsVSuIFYXO91soEZQ==

GET
H/1.1

200
OK

global.js Show response
upp-public.s3.amazonaws.com/upp-client/1.2.2/
Redirect Chain

https://goggles.mw.dynata.com/api/v1/upp/global.js
https://upp-public.s3.amazonaws.com/upp-client/1.2.2/global.js?v=1

66 KB
66 KB

432ms
167ms

Script
application/javascript

52.217.164.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upp-public.s3.amazonaws.com/upp-client/1.2.2/global.js?v=1
Requested by: Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/en/signup?id=mvooscvef3n9xc6
Protocol: HTTP/1.1
Server: 52.217.164.233 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 621c1c14c167f412b0deb14f839e91260d8fb51e0e8d1545a6af7c8624f9e651

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Sat, 04 Feb 2023 02:09:26 GMT
Last-Modified: Wed, 30 Nov 2022 15:31:55 GMT
Server: AmazonS3
x-amz-request-id: 02P02WRTK43JHR5D
ETag: "2d1c023302b5da1b4529de5ffa7078d7"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 67410
x-amz-id-2: Ob/3Nzae1k3uDVGieDYKZBdODkwSccQwawd10KlahtIfhc1/oNht6a+f4lBPdikhake849tk5Ws=

Redirect headers

date: Sat, 04 Feb 2023 02:09:25 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/html; charset=utf-8
location: https://upp-public.s3.amazonaws.com/upp-client/1.2.2/global.js?v=1
access-control-allow-origin
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, paneldomainid
content-length: 110

GET
H2 200 css
fonts.googleapis.com/ 5 KB
953 B 190ms
70ms Stylesheet
text/css 2a00:1450:400d:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400italic,400,700,700italic

Requested by

Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/blueprint/dist/stylesheets/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ce790ebecbb55dffebbaa44622b9c389a00533b410216fb0a12e92ad28917fdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 04 Feb 2023 02:09:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 04 Feb 2023 01:51:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 04 Feb 2023 02:09:24 GMT

GET
H2 200 nectarCanvass2-global.js Show response
www.e-rewardsmedical.com/blueprint/dist/packages/ 617 KB
183 KB 38ms
38ms Script
application/javascript 2600:9000:211a:1800:18:d51a:a500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.e-rewardsmedical.com/blueprint/dist/packages/nectarCanvass2-global.js
Requested by: Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/en/signup?id=mvooscvef3n9xc6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:1800:18:d51a:a500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash: 6beaa737a07b2cdd82921ee0c8f09b66a177140265905ce32c1ef9c1dfb59272

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/en/signup?id=mvooscvef3n9xc6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 01:09:03 GMT
content-encoding: gzip
via: 1.1 e41179d785de304a9240d5e97b2e4cbc.cloudfront.net (CloudFront)
last-modified: Tue, 15 Jun 2021 14:30:17 GMT
server: nginx/1.21.6
x-stats: @origin; 0.161; 0.001 : 0.001 : 0.001 : 0.000; 0.022 : 0.011 : 0.045 : 0.084
x-amz-cf-pop: VIE50-C2
age: 90020
etag: W/"e0420c9fb226c26e6284844ef57d9d0d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: jpc5qFvbNmK27cS9erfFJl7VDVVUn8iXrFrMhyUhX4k58GEPgI3Kcw==

GET
H2 200 signup.js Show response
www.e-rewardsmedical.com/blueprint/dist/apps/signup/ 566 KB
98 KB 82ms
79ms Script
application/javascript 2600:9000:211a:1800:18:d51a:a500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.e-rewardsmedical.com/blueprint/dist/apps/signup/signup.js
Requested by: Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/en/signup?id=mvooscvef3n9xc6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:1800:18:d51a:a500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash: a7564b3371d2a7b123af19bc83b5e464bc6fb016937ee928816e64dd67c9c7a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/en/signup?id=mvooscvef3n9xc6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 01:37:59 GMT
content-encoding: br
via: 1.1 e41179d785de304a9240d5e97b2e4cbc.cloudfront.net (CloudFront)
last-modified: Fri, 03 Feb 2023 09:32:13 GMT
server: nginx/1.21.6
x-stats: @br_1st; 0.071; 0.001; 0.072
x-amz-cf-pop: VIE50-C2
age: 1885
etag: "e4c8cec6d6e356c1845c565ca9b4f14e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=604800
content-length: 99409
x-amz-cf-id: pMgxLqJbTCzN4ItSEKltmTbDjn7AWcoBBbBUpDZdpUOG4CZwAxrXQQ==

GET
H2 200 layout.js Show response
www.e-rewardsmedical.com/blueprint/dist/common/ 2 KB
1 KB 67ms
65ms Script
application/javascript 2600:9000:211a:1800:18:d51a:a500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.e-rewardsmedical.com/blueprint/dist/common/layout.js
Requested by: Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/en/signup?id=mvooscvef3n9xc6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:1800:18:d51a:a500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash: e16b9816ecaf90056fe69adbef5506c6c014c03b4d17826f89f84d19a54ba68e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/en/signup?id=mvooscvef3n9xc6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 01:09:03 GMT
content-encoding: gzip
via: 1.1 e41179d785de304a9240d5e97b2e4cbc.cloudfront.net (CloudFront)
last-modified: Tue, 16 Aug 2022 16:33:53 GMT
server: nginx/1.21.6
x-stats: @origin; 0.128; 0.001 : 0.000 : 0.001 : 0.000; 0.025 : 0.030 : 0.017 : 0.057
x-amz-cf-pop: VIE50-C2
age: 90021
etag: W/"a0932f66bb0a3a91fd6ac0283cd8d434"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: 8rYsRSeYMQVvI1eHd6KIFBcs_ijjtAmF4rVPZ_K7Pk_BFxAfU_SLuA==

GET
H2 200 launch-f1138988d326.min.js Show response
assets.adobedtm.com/e3aee76e417e/83f07140de93/ 25 KB
9 KB 327ms
80ms Script
application/x-javascript 2a02:26f0:f700:481::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/e3aee76e417e/83f07140de93/launch-f1138988d326.min.js
Requested by: Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/en/signup?id=mvooscvef3n9xc6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:481::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 1586019660bbeecdf343d83cbec005fb8da84ab0eb68c5370399e8d622faf8fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 02:09:25 GMT
content-encoding: gzip
last-modified: Wed, 30 Mar 2022 10:23:00 GMT
server: AkamaiNetStorage
etag: "8834979ec70d0b3266dfffacc5f098a0:1648635780.232077"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.e-rewardsmedical.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 9266
expires: Sat, 04 Feb 2023 03:09:25 GMT

GET
H2 200 13fcb095-f491-4f27-ac4f-c0990acb5e21
cdn4.rsncdn.com/prd/dynamicAsset/partner1/asset_pages_signup_hero/700/en_US/ 70 KB
70 KB 148ms
16ms Image
image/webp 2600:9000:20eb:3600:1f:ad95:87c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.rsncdn.com/prd/dynamicAsset/partner1/asset_pages_signup_hero/700/en_US/13fcb095-f491-4f27-ac4f-c0990acb5e21
Requested by: Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/en/signup?id=mvooscvef3n9xc6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:3600:1f:ad95:87c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.17.8 /
Resource Hash: 829935e04fe7bb4c7163c1cbfe3839df1f8b4d3cb9a51ed5bff1624173e0f00a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 01:37:56 GMT
via: 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
last-modified: Thu, 19 Mar 2020 19:05:25 GMT
server: nginx/1.17.8
x-stats: @webp; 0.090; 0.012; 0.076
x-amz-cf-pop: FRA2-C1
age: 1889
etag: "f9358a54431fdfbc72ada765c99c2e3c"
vary: Accept
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 71192
x-amz-cf-id: UymWzY_UbH8-JMpCWv2HSPeBRixQqNmuNjNOJPRupWBWW3nYIljvew==

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 223ms
93ms Font
font/woff2 2a00:1450:400d:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400italic,400,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.e-rewardsmedical.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 15:58:58 GMT
x-content-type-options: nosniff
age: 382227
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23236
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:04:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 Jan 2024 15:58:58 GMT

GET
H2 200 fontawesome-webfont.woff2
www.e-rewardsmedical.com/shared/vendor/font-awesome/fonts/ 65 KB
66 KB 51ms
51ms Font
font/woff2 2600:9000:211a:1800:18:d51a:a500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.e-rewardsmedical.com/shared/vendor/font-awesome/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by: Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/blueprint/dist/stylesheets/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:1800:18:d51a:a500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash: ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

Referer: https://www.e-rewardsmedical.com/blueprint/dist/stylesheets/style.css
Origin: https://www.e-rewardsmedical.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 01:38:15 GMT
via: 1.1 e41179d785de304a9240d5e97b2e4cbc.cloudfront.net (CloudFront)
last-modified: Tue, 15 Jun 2021 14:30:41 GMT
server: nginx/1.21.6
x-stats: @origin; 0.550; 0.002 : 0.001 : 0.001 : 0.000 : 0.001 : 0.002; 0.162 : 0.029 : 0.101 : 0.073 : 0.074 : 0.110
x-amz-cf-pop: VIE50-C2
age: 1869
etag: "db812d8a70a4e88e888744c1c9a27e89"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: font/woff2
cache-control: max-age=604800
content-length: 66624
x-amz-cf-id: zaL3WxH-B7vz2DJkM9oqyrlHi5ZocoMPFH-S6j7FATjhfzlmPRXkkA==

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
24 KB 164ms
47ms Font
font/woff2 2a00:1450:400d:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400italic,400,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.e-rewardsmedical.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 15:21:12 GMT
x-content-type-options: nosniff
age: 298093
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Jan 2024 15:21:12 GMT

GET
H2 200 b4475a2ba824dd78.min.js Show response
tag.demandbase.com/ 67 KB
19 KB 39ms
21ms Script
application/javascript 108.138.17.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.demandbase.com/b4475a2ba824dd78.min.js

Requested by

Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/en/signup?id=mvooscvef3n9xc6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.87 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-87.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f19c5021f17c6ceab151c51e5d1395ecc9f18e238850b83c661c3383a28d8362

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: baPMr5XbM7cAlqH363flhAbB_RN1xHMd
content-encoding: gzip
via: 1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
date: Sat, 04 Feb 2023 02:09:25 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P7
age: 1836
x-cache: Hit from cloudfront
last-modified: Fri, 03 Feb 2023 22:18:12 GMT
server: AmazonS3
etag: W/"9d44c9d8a9b4794eac2da2bd065e0b34"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-id: u7Gwrnl3gwypPHlJjjBBW1WbRvfCugNKBY-rfcMO9eu_fGJ4KmANRQ==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 146 KB
54 KB 201ms
86ms Script
application/javascript 2a00:1450:400d:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WXVC3PD

Requested by

Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/en/signup?id=mvooscvef3n9xc6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d2e4529fe2986b4583a411f25413bb172e1c4aa6f7d674df7e0571395b7565d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 02:09:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54584
x-xss-protection: 0
last-modified: Sat, 04 Feb 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 04 Feb 2023 02:09:26 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 97 KB
38 KB 250ms
135ms Script
application/javascript 2a00:1450:400d:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TF4HZ8V

Requested by

Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/en/signup?id=mvooscvef3n9xc6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5cfea48712281c2ad7d9eee68ac0a1ae465855703293704b9a781edd325d0376

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 02:09:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39153
x-xss-protection: 0
last-modified: Sat, 04 Feb 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 04 Feb 2023 02:09:26 GMT

OPTIONS
H2 200 details
goggles.mw.dynata.com/api/v1/panel/700/ Frame 0
0 324ms
109ms Preflight 34.194.27.19
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://goggles.mw.dynata.com/api/v1/panel/700/details
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.27.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-27-19.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: paneldomainid
Access-Control-Request-Method: GET
Origin: https://www.e-rewardsmedical.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, paneldomainid
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://www.e-rewardsmedical.com
content-encoding: gzip
content-length: 23
date: Sat, 04 Feb 2023 02:09:26 GMT
vary: Accept-Encoding

GET
H2 200 browserCheck.js Show response
darwin-assets.dynata.com/upp-ui/ 28 B
457 B 529ms
426ms Fetch
text/javascript 2600:9000:2251:6000:17:5070:d6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://darwin-assets.dynata.com/upp-ui/browserCheck.js
Requested by: Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/blueprint/dist/apps/signup/signup.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:6000:17:5070:d6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dd81812b6243e24c01ed9be8589d5fea74e0777057f0f75cc996f12d38542cb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 02:09:27 GMT
via: 1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified: Wed, 07 Sep 2022 14:07:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
etag: "1c4926c3c66c0f7e380ee29ead2e544b"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
x-cache: RefreshHit from cloudfront
accept-ranges: bytes
content-length: 28
x-amz-cf-id: Jwhlonsg72yWvB4Mc7MudnxJEIdPxYjtmCpog0U7TrxwOYrHD4Vp5Q==

GET
H2 200 details Show response
goggles.mw.dynata.com/api/v1/panel/700/ 97 B
433 B 112ms
112ms XHR
application/json 34.194.27.19
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://goggles.mw.dynata.com/api/v1/panel/700/details
Requested by: Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/blueprint/dist/apps/signup/signup.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.27.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-27-19.compute-1.amazonaws.com
Software: /
Resource Hash: 0a5a7859fe77badbf9987bafa8e4a2225327ea06ef5ff1b08bf8fe2a5f7c7214

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.e-rewardsmedical.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
paneldomainid: 7002

Response headers

date: Sat, 04 Feb 2023 02:09:26 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: https://www.e-rewardsmedical.com
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, paneldomainid
content-length: 109

GET
H2 200 loader.html Show response
cdn4.rsncdn.com/prd/corona/1.0.40/public/shared/components/loader/html/ 619 B
1 KB 32ms
15ms XHR
text/html 2600:9000:20eb:3600:1f:ad95:87c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4.rsncdn.com/prd/corona/1.0.40/public/shared/components/loader/html/loader.html
Requested by: Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/blueprint/dist/apps/signup/signup.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:3600:1f:ad95:87c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.17.8 /
Resource Hash: 202e1c9f4904909ee357c3e6036f3c39d0eeb527c627fcbd21d4d359e02bb1d4

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.e-rewardsmedical.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 15:18:41 GMT
via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 125445
x-cache: Hit from cloudfront
content-length: 619
last-modified: Thu, 14 Feb 2019 19:55:48 GMT
server: nginx/1.17.8
x-stats: @origin; 0.104; 0.012 : 0.012 : 0.000; 0.048 : 0.036 : 0.016
etag: "6a4d751c68cee41d17870e9038f985b9"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Origin,Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: ejb8gbFsyAWxouVzWvj_Jw9JvyCWzIlFbE6LT3Mj-ppFd7L3zEzFJg==

GET
H2 200 config Show response
goggles.mw.dynata.com/api/v1/panel/ 14 KB
3 KB 304ms
119ms XHR
application/json 34.194.27.19
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://goggles.mw.dynata.com/api/v1/panel/config?panelId=700&locale=en_US&campaignId=8398
Requested by: Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/blueprint/dist/apps/signup/signup.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.27.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-27-19.compute-1.amazonaws.com
Software: /
Resource Hash: 86887fd63c2765682c46a69d3821c288e98ca424592357b6763051fb9b80f419

Request headers

Accept: */*
Referer: https://www.e-rewardsmedical.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 02:09:26 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: https://www.e-rewardsmedical.com
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, paneldomainid

GET
BLOB 200
OK 970b354c-ff0c-428c-b4dd-1caba4c61d4f
https://www.e-rewardsmedical.com/ 35 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.e-rewardsmedical.com/970b354c-ff0c-428c-b4dd-1caba4c61d4f
Requested by: Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/en/signup?id=mvooscvef3n9xc6
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6466d1ed5f65005efc1c63b9db38328b4bc3b4c9cadbbf652e1206f5af25968e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Length: 35362
Content-Type

GET
H2 200 8398 Show response
darwin-api.dynata.com/campaigns/1/ 13 B
513 B 474ms
366ms XHR
application/json 13.224.189.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://darwin-api.dynata.com/campaigns/1/8398?locale=en_US
Requested by: Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/blueprint/dist/apps/signup/signup.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-30.fra2.r.cloudfront.net
Software: /
Resource Hash: 8dabb5504f42de0ff9ef31e2b6da7cde1e49387030c12f8d65700c366b0c722f

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.e-rewardsmedical.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-response-time: 66ms
date: Sat, 04 Feb 2023 02:09:26 GMT
via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 13
x-amz-cf-pop: FRA2-C1
x-amzn-requestid: e0fd59b5-6ae8-4488-8f50-9e60eb9d6164
etag: "d-DYr4upPsZPob8sPDlbtreR+j84w"
vary: Origin, Accept-Encoding
x-amzn-trace-id: Root=1-63ddbe56-565d7e234f63384846bfc25d;Sampled=0
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.e-rewardsmedical.com
x-cache: Miss from cloudfront
x-amz-apigw-id: fyqthGT1IAMFesA=
content-length: 13
x-amz-cf-id: kmpBqU4LyaT4LXBBP3I0xb5uSenyYQL4jKeOU9NOie2Tu-26Hta-uw==

GET
H2 451 464526.gif
id.rlcdn.com/ 0
98 B 93ms
31ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/464526.gif
Requested by: Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/en/signup?id=mvooscvef3n9xc6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 02:09:26 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 ip.json Show response
api.company-target.com/api/v2/ 461 B
959 B 81ms
62ms XHR
application/json 13.225.78.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fwww.e-rewardsmedical.com%2Fen%2Fsignup%3Fid%3Dmvooscvef3n9xc6&page_title=Sign%20Up%20for%20Online%20Surveys%20to%20Earn%20Rewards%20at%20e-Rewards%20Medical
Requested by: Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/blueprint/dist/apps/signup/signup.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-2.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 06294245f12818c2d04b2a9f1e1d9d5cadd44667f565cdc6f51c83aaf4dfef28

Request headers

Referer: https://www.e-rewardsmedical.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 04 Feb 2023 02:09:26 GMT
identification-source: CENTRAL
content-encoding: gzip
via: 1.1 d9bf8acc1da383db4531789bbb03ac06.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
request-id: fe4aa3f5-4e2b-4ee5-9d39-916c8d61ac8a
pragma: no-cache
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.e-rewardsmedical.com
access-control-expose-headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding, Origin
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: c40-AKR3vEM-ylS-w0odt55zSSp0GQUpmwaE4Kv0upwL1jCOLkAdmw==
expires: Fri, 03 Feb 2023 02:09:26 GMT

GET
H2 200 evidon-sitenotice-tag.js Show response
c.evidon.com/sitenotice/ 73 KB
20 KB 81ms
17ms Script
application/x-javascript 104.103.100.82
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Requested by: Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/en/signup?id=mvooscvef3n9xc6
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.103.100.82 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-103-100-82.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 973e0be9ad095c6bea8d2a9b22df3acbc368ecb234823059ddac700ed103c593

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 02:09:26 GMT
content-encoding: gzip
last-modified: Tue, 20 Dec 2022 17:50:10 GMT
server: AkamaiNetStorage
etag: "b9539a2e77d15a946ad29fbada55c14c:1671558610.191575"
vary: Accept-Encoding, Origin
access-control-max-age: 108000
content-type: application/x-javascript
access-control-allow-origin
access-control-allow-methods: GET,OPTIONS,POST
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 19598
expires: Mon, 06 Feb 2023 02:09:26 GMT

GET
H2 200 country.js Show response
c.evidon.com/geo/ 252 B
459 B 100ms
36ms Script
application/x-javascript 104.103.100.82
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/geo/country.js
Requested by: Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/en/signup?id=mvooscvef3n9xc6
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.103.100.82 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-103-100-82.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: fd6321a73fa53c24f5ac39432a3eaf12305d410b415349e19278548b8a4deb75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 02:09:26 GMT
content-encoding: gzip
last-modified: Fri, 13 Mar 2020 23:46:45 GMT
server: AkamaiNetStorage
etag: "61397050076da6e6062ac7b53a8ef498:1584143205.714402"
vary: Accept-Encoding, Origin
access-control-max-age: 108000
content-type: application/x-javascript
access-control-allow-origin
access-control-allow-methods: GET,OPTIONS,POST
accept-ranges: bytes
access-control-allow-headers: *
content-length: 174

GET
H2 200 snthemes.js Show response
c.evidon.com/sitenotice/1696/ 108 KB
5 KB 98ms
34ms Script
application/x-javascript 104.103.100.82
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/1696/snthemes.js
Requested by: Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/en/signup?id=mvooscvef3n9xc6
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.103.100.82 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-103-100-82.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8a4e573b1a6f7eea3548d22b54c95a78e3e01957e9a3a5f2e43d7b9cbd91a629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 02:09:26 GMT
content-encoding: gzip
last-modified: Fri, 09 Dec 2022 08:00:42 GMT
server: AkamaiNetStorage
etag: "b96bc20aff33f0d3f17127d47d60fd8e:1670572842.402937"
vary: Accept-Encoding, Origin
access-control-max-age: 108000
content-type: application/x-javascript
access-control-allow-origin
access-control-allow-methods: GET,OPTIONS,POST
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 4507
expires: Mon, 06 Feb 2023 02:09:26 GMT

GET
H2

200

settingsV2.js Show response
c.evidon.com/sitenotice/1696/e-rewardsmedical/
Redirect Chain

https://c.evidon.com/sitenotice/1696/e-rewardsmedical/settings.js
https://c.evidon.com/sitenotice/1696/e-rewardsmedical/settingsV2.js

7 KB
2 KB

224ms
222ms

Script
application/x-javascript

104.103.100.82
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/1696/e-rewardsmedical/settingsV2.js
Requested by: Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/en/signup?id=mvooscvef3n9xc6
Protocol: H2
Server: 104.103.100.82 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-103-100-82.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d3b2e47f4dd7891317e7ca95c10c4294d04a78be9a5013376a60e8767bb567a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 02:09:26 GMT
content-encoding: gzip
last-modified: Fri, 03 Feb 2023 22:17:29 GMT
server: AkamaiNetStorage
etag: "b0933232abb1fa75d2746bb1200c58b3:1675462649.293874"
vary: Accept-Encoding, Origin
access-control-max-age: 108000
content-type: application/x-javascript
access-control-allow-origin
access-control-allow-methods: GET,OPTIONS,POST
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1554
expires: Mon, 06 Feb 2023 02:09:26 GMT

Redirect headers

date: Sat, 04 Feb 2023 02:09:26 GMT
server: AkamaiGHost
vary: Origin
access-control-max-age: 108000
access-control-allow-methods: GET,OPTIONS,POST
location: https://c.evidon.com/sitenotice/1696/e-rewardsmedical/settingsV2.js
access-control-allow-origin
cache-control: max-age=432000, private;max-age=86400
access-control-allow-headers: *
content-length: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 217 KB
76 KB 84ms
83ms Script
application/javascript 2a00:1450:400d:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DP16LK0FSJ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXVC3PD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7e5f9c7cef8bb005ff925d4495a93559fa65dc4c79d251358e54aa63ebbbdc60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 02:09:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77599
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 04 Feb 2023 02:09:26 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 110 KB
43 KB 86ms
86ms Script
application/javascript 2a00:1450:400d:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-55103389-1

Requested by

Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/en/signup?id=mvooscvef3n9xc6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f51ac10ae4498349670d880fc6cc2604342015f047f10cd839f312f14dae29a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 02:09:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43911
x-xss-protection: 0
last-modified: Sat, 04 Feb 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 04 Feb 2023 02:09:26 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 110 KB
43 KB 76ms
76ms Script
application/javascript 2a00:1450:400d:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-55103389-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXVC3PD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aa75b51dee83b56b260ee71b1ab87faa5f194e5126fe9bcb178cc90483a66f5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 02:09:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43942
x-xss-protection: 0
last-modified: Sat, 04 Feb 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 04 Feb 2023 02:09:26 GMT

GET
H2 200 en.js Show response
c.evidon.com/sitenotice/1696/translations/ 150 KB
10 KB 17ms
17ms Script
application/x-javascript 104.103.100.82
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/1696/translations/en.js
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.103.100.82 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-103-100-82.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 896bd9da117899827edb381eee72cb717fc9e01a0b9657682f297d333d402268

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 02:09:26 GMT
content-encoding: gzip
last-modified: Fri, 09 Dec 2022 08:00:41 GMT
server: AkamaiNetStorage
etag: "0c3158067222d9406859d8afdbc798a9:1670572841.382207"
vary: Accept-Encoding, Origin
access-control-max-age: 108000
content-type: application/x-javascript
access-control-allow-origin
access-control-allow-methods: GET,OPTIONS,POST
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 9828
expires: Mon, 06 Feb 2023 02:09:26 GMT

POST
H2 202 rum
rum.browser-intake-datadoghq.com/api/v2/ 0
0 547ms
233ms Ping
application/json 2600:1f18:24e6:b902:6853:4072:a1e0:a34d
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.9.0%2Cservice%3Aresponse-experience-web&dd-api-key=pub0d8f728b476197d73aad467b563b8ec7&dd-evp-origin-version=4.9.0&dd-evp-origin=browser&dd-request-id=e7035cc8-dc4c-49e3-b5b2-1daaee614554&batch_time=1675476566369
Requested by: Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/blueprint/dist/apps/signup/signup.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b902:6853:4072:a1e0:a34d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.e-rewardsmedical.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 164ms
47ms Script
text/javascript 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-55103389-1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 04 Feb 2023 01:12:08 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 3438
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sat, 04 Feb 2023 03:12:08 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
260 B 48ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-DP16LK0FSJ&gtm=45je3210&_p=1569622762&cid=1542066258.1675476566&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1675476566&sct=1&seg=0&dl=https%3A%2F%2Fwww.e-rewardsmedical.com%2Fen%2Fsignup%3Fid%3Dmvooscvef3n9xc6&dt=Sign%20Up%20for%20Online%20Surveys%20to%20Earn%20Rewards%20at%20e-Rewards%20Medical&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DP16LK0FSJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 02:09:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.e-rewardsmedical.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 8398 Show response
darwin-api.dynata.com/campaigns/1/ 112 B
613 B 453ms
452ms XHR
application/json 13.224.189.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://darwin-api.dynata.com/campaigns/1/8398?locale=en_IE
Requested by: Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/blueprint/dist/apps/signup/signup.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-30.fra2.r.cloudfront.net
Software: /
Resource Hash: 7035b915620dc70259afc62600cff99285e27ad4b0386967eaf290f1414fd2cc

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.e-rewardsmedical.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-response-time: 49ms
date: Sat, 04 Feb 2023 02:09:26 GMT
via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 112
x-amz-cf-pop: FRA2-C1
x-amzn-requestid: 6f09b4a0-4d8c-4c1c-a71f-c361703896e7
etag: "70-C4mAbciRxT83ycwTADsZgUxtxUA"
vary: Origin, Accept-Encoding
x-amzn-trace-id: Root=1-63ddbe56-559ce03e60f038721ac6094f;Sampled=0
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.e-rewardsmedical.com
x-cache: Miss from cloudfront
x-amz-apigw-id: fyqtmGEwoAMFTmg=
content-length: 112
x-amz-cf-id: VGHJv8FYZVKAcGEdEy4JUHcoSEzMhapDARKyQBS-ns9F_rKVEWOqJQ==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
215 B 69ms
67ms XHR
text/plain 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1569622762&t=pageview&_s=1&dl=https%3A%2F%2Fwww.e-rewardsmedical.com%2Fen%2Fsignup%3Fid%3Dmvooscvef3n9xc6&ul=en-us&de=UTF-8&dt=Sign%20Up%20for%20Online%20Surveys%20to%20Earn%20Rewards%20at%20e-Rewards%20Medical&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aBDAAUABAAAAACAAI~&jid=353168565&gjid=254064437&cid=1542066258.1675476566&tid=UA-55103389-1&_gid=952778.1675476567&_r=1&_slc=1&gtm=457e3210&z=58940867

Requested by

Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/blueprint/dist/apps/signup/signup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.e-rewardsmedical.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 02:09:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.e-rewardsmedical.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 evidon-barrier.js Show response
c.evidon.com/sitenotice/ 14 KB
4 KB 17ms
17ms Script
application/x-javascript 104.103.100.82
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/evidon-barrier.js
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.103.100.82 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-103-100-82.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5d420d4cc480cfbab1e0e4c87971db5ec27c87d9a03f08d494e4a839e89fba1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 02:09:26 GMT
content-encoding: gzip
last-modified: Tue, 20 Dec 2022 17:50:10 GMT
server: AkamaiNetStorage
etag: "12408df7068621a87bfbd1bee4d923a4:1671558610.959798"
vary: Accept-Encoding, Origin
access-control-max-age: 108000
content-type: application/x-javascript
access-control-allow-origin
access-control-allow-methods: GET,OPTIONS,POST
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 3926
expires: Mon, 06 Feb 2023 02:09:26 GMT

GET
H2 204 63642
l.evidon.com/site/v3/1696/68973/3/1/3/2/ 0
121 B 334ms
109ms Image
text/plain 54.205.245.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.evidon.com/site/v3/1696/68973/3/1/3/2/63642?consent=0&regulationid=2&regulationconsenttypeid=1&d=https%3A%2F%2Fwww.e-rewardsmedical.com%2Fen%2Fsignup
Requested by: Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/en/signup?id=mvooscvef3n9xc6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.205.245.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-205-245-16.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 02:09:26 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

GET
H2 204 63642
l.evidon.com/site/v3/1696/68973/3/5/3/2/ 0
120 B 311ms
111ms Image
text/plain 54.205.245.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.evidon.com/site/v3/1696/68973/3/5/3/2/63642?consent=0&regulationid=2&regulationconsenttypeid=1&d=https%3A%2F%2Fwww.e-rewardsmedical.com%2Fen%2Fsignup
Requested by: Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/en/signup?id=mvooscvef3n9xc6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.205.245.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-205-245-16.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 02:09:26 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
352 B 55ms
18ms XHR
text/plain 2a00:1450:4025:401::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-55103389-1&cid=1542066258.1675476566&jid=353168565&gjid=254064437&_gid=952778.1675476567&_u=aBDAAUAAAAAAACAAI~&z=1884919764

Requested by

Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/blueprint/dist/apps/signup/signup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.e-rewardsmedical.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 04 Feb 2023 02:09:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.e-rewardsmedical.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 registration
flare.e-rewardsmedical.com/api/1/form/panel/700/blueprint/partner1/locale/en_US/type/ Frame 0
0 417ms
330ms Preflight
text/plain 2600:9000:211a:d200:18:d51a:a500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flare.e-rewardsmedical.com/api/1/form/panel/700/blueprint/partner1/locale/en_US/type/registration?campaignId=8398&_cache=1675476566992
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:d200:18:d51a:a500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: spray-can/1.3.3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: paneldomainid
Access-Control-Request-Method: GET
Origin: https://www.e-rewardsmedical.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, paneldomainid, auth-token
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
access-control-allow-origin: https://www.e-rewardsmedical.com
access-control-max-age: 86400
access-control-request-headers: panelDomainId auth-token
content-encoding: gzip
content-length: 22
content-type: text/plain; charset=UTF-8
date: Sat, 04 Feb 2023 02:09:27 GMT
server: spray-can/1.3.3
vary: Origin
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
x-amz-cf-id: XStyAZvEMIM49FMe7UVkzEZ-K2Y8ibW97x-JCN5dHtvIhSNXVUH17g==
x-amz-cf-pop: VIE50-C2
x-cache: Miss from cloudfront

GET
H2 200 registration Show response
flare.e-rewardsmedical.com/api/1/form/panel/700/blueprint/partner1/locale/en_US/type/ 14 KB
3 KB 481ms
480ms XHR
application/json 2600:9000:211a:1800:18:d51a:a500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flare.e-rewardsmedical.com/api/1/form/panel/700/blueprint/partner1/locale/en_US/type/registration?campaignId=8398&_cache=1675476566992
Requested by: Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/blueprint/dist/apps/signup/signup.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:1800:18:d51a:a500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: spray-can/1.3.3 /
Resource Hash: 0bd2682686468042c461e67e90b6a2acc38bef10945e7142a1ae70776584730f

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.e-rewardsmedical.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
panelDomainId: 7002

Response headers

date: Sat, 04 Feb 2023 02:09:27 GMT
content-encoding: gzip
via: 1.1 e41179d785de304a9240d5e97b2e4cbc.cloudfront.net (CloudFront)
server: spray-can/1.3.3
x-amz-cf-pop: VIE50-C2
x-cache: Miss from cloudfront
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.e-rewardsmedical.com
access-control-allow-credentials: true
content-length: 2702
x-amz-cf-id: iXVv3yAuJJ_FXW1NosZu5PNoTvGtai7O5TgghRuSF7Xos7Fxe1NjFw==

GET
H2 200 registrationguard1.0.js Show response
d3agx2rif8aadl.cloudfront.net/ 153 KB
153 KB 80ms
10ms Script
application/x-javascript 2600:9000:20eb:f200:0:9a75:c240:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3agx2rif8aadl.cloudfront.net/registrationguard1.0.js?_=1675476565895
Requested by: Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/en/signup?id=mvooscvef3n9xc6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:f200:0:9a75:c240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 256c9e8e2e4c6e2bfc2b480ed54137e27843a3a4d44ad6b9f4e02afb5be2ee63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: 1XyFkq1jOlpMuGeDla2s0zkmwICIue6b
date: Fri, 03 Feb 2023 12:03:36 GMT
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 50751
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:032350890711:build/Imperium-BuildScripts:3ce8686f-29e5-413c-a9ba-e8b03c30f536
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 44210012c85f14b1c3efff00bba8ef03
content-length: 156397
last-modified: Tue, 12 Apr 2022 00:00:42 GMT
server: AmazonS3
etag: "14eaef5a78eab895a9bdfbfe65357385"
content-type: application/x-javascript
x-amz-meta-codebuild-content-sha256: 5be653558742505efaab884bafc490be6dc3b1a659e7867004ae0867acc15b4b
accept-ranges: bytes
x-amz-cf-id: UtGI-ejDNcDG6g1bbpDD0-qwEJHFAVbrl1w6dQ9WAvoIZK8MXgUBnQ==

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 915 B
902 B 188ms
70ms Script
text/javascript 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=captchaReadyCallback&render=explicit&hl=en

Requested by

Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/blueprint/dist/apps/signup/signup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

30f0b51629a93edbccc9861c2b609bbcda946a42f8f0221bcf9ea5f418ea0422

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 02:09:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 582
x-xss-protection: 1; mode=block
expires: Sat, 04 Feb 2023 02:09:28 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 47ms
47ms Image
image/gif 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1569622762&t=event&_s=2&dl=https%3A%2F%2Fwww.e-rewardsmedical.com%2Fen%2Fsignup%3Fid%3Dmvooscvef3n9xc6&ul=en-us&de=UTF-8&dt=Sign%20Up%20for%20Online%20Surveys%20to%20Earn%20Rewards%20at%20e-Rewards%20Medical&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=form-registration&ea=form-load&el=Campaign%3A8398&ev=10&_u=aBDAAUABAAAAACAAI~&jid=&gjid=&cid=1542066258.1675476566&tid=UA-55103389-1&_gid=952778.1675476567&gtm=457e3210&z=673324265

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 05:32:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 74209
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 47ms
46ms Font
font/woff2 2a00:1450:400d:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400italic,400,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.e-rewardsmedical.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 22:49:45 GMT
x-content-type-options: nosniff
age: 271183
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Jan 2024 22:49:45 GMT

GET
H2 200 S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v23/ 24 KB
24 KB 60ms
60ms Font
font/woff2 2a00:1450:400d:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400italic,400,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.e-rewardsmedical.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 06:57:19 GMT
x-content-type-options: nosniff
age: 328329
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24408
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:50:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Jan 2024 06:57:19 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ 402 KB
161 KB 161ms
47ms Script
text/javascript 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=captchaReadyCallback&render=explicit&hl=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d808130157ed1fca0469f5f40210d7d1b2dc2c41add64e658bb3222aea4d9eba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.e-rewardsmedical.com/
Origin: https://www.e-rewardsmedical.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 11:06:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54160
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 163841
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Feb 2024 11:06:48 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame B17E 43 KB
23 KB 83ms
82ms Document
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcRhCIUAAAAAIXbvq3leyKjtt8gt5CzBOi8Ezqt&co=aHR0cHM6Ly93d3cuZS1yZXdhcmRzbWVkaWNhbC5jb206NDQz&hl=en&v=gEr-ODersURoIfof1hiDm7R5&size=normal&cb=sy0o7523vijx

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

25684da48a5fc4977f7428657457ae32ca273d1cde6d61cc140284ab5244f539

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rdylRWBSPWwcjDA5qFZjGg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.e-rewardsmedical.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 23319
content-security-policy: script-src 'report-sample' 'nonce-rdylRWBSPWwcjDA5qFZjGg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 02:09:28 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ Frame B17E 55 KB
24 KB 147ms
50ms Stylesheet
text/css 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcRhCIUAAAAAIXbvq3leyKjtt8gt5CzBOi8Ezqt&co=aHR0cHM6Ly93d3cuZS1yZXdhcmRzbWVkaWNhbC5jb206NDQz&hl=en&v=gEr-ODersURoIfof1hiDm7R5&size=normal&cb=sy0o7523vijx

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 06:57:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69091
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Feb 2024 06:57:57 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ Frame B17E 402 KB
160 KB 144ms
48ms Script
text/javascript 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d808130157ed1fca0469f5f40210d7d1b2dc2c41add64e658bb3222aea4d9eba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 11:06:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54160
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 163841
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Feb 2024 11:06:48 GMT

GET
DATA 200
OK truncated
/ Frame B17E 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B17E 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame B17E 2 KB
2 KB 48ms
48ms Image
image/png 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 15:21:21 GMT
x-content-type-options: nosniff
age: 298087
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 07 Feb 2023 15:21:21 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B17E 15 KB
15 KB 48ms
48ms Font
font/woff2 2a00:1450:400d:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 13:18:51 GMT
x-content-type-options: nosniff
age: 391837
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 Jan 2024 13:18:51 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame B17E 102 B
133 B 69ms
69ms Other
text/javascript 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=gEr-ODersURoIfof1hiDm7R5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2b9fdf8ec5c4a71d39191e9fb067ac1d8be6df56eb2e0d620a6947df0bf35615

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcRhCIUAAAAAIXbvq3leyKjtt8gt5CzBOi8Ezqt&co=aHR0cHM6Ly93d3cuZS1yZXdhcmRzbWVkaWNhbC5jb206NDQz&hl=en&v=gEr-ODersURoIfof1hiDm7R5&size=normal&cb=sy0o7523vijx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 02:09:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
x-xss-protection: 1; mode=block
expires: Sat, 04 Feb 2023 02:09:29 GMT

POST
H2 202 rum
rum.browser-intake-datadoghq.com/api/v2/ 0
0 217ms
217ms Ping
application/json 2600:1f18:24e6:b902:6853:4072:a1e0:a34d
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.9.0%2Cservice%3Aresponse-experience-web&dd-api-key=pub0d8f728b476197d73aad467b563b8ec7&dd-evp-origin-version=4.9.0&dd-evp-origin=browser&dd-request-id=3cd912df-19df-4e2d-987f-a4cb2131e93e&batch_time=1675476569038
Requested by: Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/blueprint/dist/apps/signup/signup.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b902:6853:4072:a1e0:a34d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.e-rewardsmedical.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame D07D 7 KB
1 KB 98ms
98ms Document
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=gEr-ODersURoIfof1hiDm7R5&k=6LcRhCIUAAAAAIXbvq3leyKjtt8gt5CzBOi8Ezqt

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

da397975e97cbd7f4ad3fdd20046d90796596f3539c32772c91add2edb4e0d2d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Ib2zpz_pMYSI7z4UnYtLcQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.e-rewardsmedical.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1114
content-security-policy: script-src 'report-sample' 'nonce-Ib2zpz_pMYSI7z4UnYtLcQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 02:09:29 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ Frame D07D 55 KB
24 KB 49ms
48ms Stylesheet
text/css 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=gEr-ODersURoIfof1hiDm7R5&k=6LcRhCIUAAAAAIXbvq3leyKjtt8gt5CzBOi8Ezqt

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 06:57:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69092
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Feb 2024 06:57:57 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ Frame D07D 402 KB
160 KB 52ms
52ms Script
text/javascript 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=gEr-ODersURoIfof1hiDm7R5&k=6LcRhCIUAAAAAIXbvq3leyKjtt8gt5CzBOi8Ezqt

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d808130157ed1fca0469f5f40210d7d1b2dc2c41add64e658bb3222aea4d9eba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 11:06:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54161
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 163841
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Feb 2024 11:06:48 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 20ms
18ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-DP16LK0FSJ&gtm=45je3210&_p=1569622762&cid=1542066258.1675476566&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1675476566&sct=1&seg=0&dl=https%3A%2F%2Fwww.e-rewardsmedical.com%2Fen%2Fsignup%3Fid%3Dmvooscvef3n9xc6&dt=Sign%20Up%20for%20Online%20Surveys%20to%20Earn%20Rewards%20at%20e-Rewards%20Medical&en=scroll&epn.percent_scrolled=90&_et=10
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DP16LK0FSJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 02:09:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.e-rewardsmedical.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.e-rewardsmedical.com/	1969-12-31 23:59:59	Name: corona_campaign Value: eyJ1dG1fc291cmNlIjoiQUxMIEFjY29yIC0gMTQ3MzMiLCJjYW1wYWlnbl9jb2RlIjoibXZvb3NjdmVmM245eGM2IiwibG9jYWxlIjoiZW5fSUUiLCJ1dG1fY2FtcGFpZ24iOiJFUk9QX0lFX3BhcnRuZXIgcGFnZSIsImNhbXBhaWduX2lkIjoiODM5OCIsInV0bV90ZXJtIjoiUEdFIiwiaWQiOiJtdm9vc2N2ZWYzbjl4YzYifQ==
.e-rewardsmedical.com/	1970-01-20 11:34:12	Name: _gcl_au Value: 1.1.1854466588.1675476566
.e-rewardsmedical.com/	1970-01-20 19:00:36	Name: _ga_DP16LK0FSJ Value: GS1.1.1675476566.1.0.1675476566.0.0.0
.e-rewardsmedical.com/	1970-01-20 19:00:36	Name: _ga Value: GA1.2.1542066258.1675476566
.e-rewardsmedical.com/	1970-01-20 09:26:02	Name: _gid Value: GA1.2.952778.1675476567
.e-rewardsmedical.com/	1970-01-20 09:24:36	Name: _gat_gtag_UA_55103389_1 Value: 1
www.e-rewardsmedical.com/	1970-01-20 09:24:37	Name: _dd_s Value: rum=1&id=6a5805a1-3add-43b4-9d8f-fb6f2f25447e&created=1675476565998&expire=1675477465999

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://id.rlcdn.com/464526.gif Message: Failed to load resource: the server responded with a status of 451 ()
other	warning	URL: https://d3agx2rif8aadl.cloudfront.net/registrationguard1.0.js?_=1675476565895 Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
rendering	warning	URL: https://www.e-rewardsmedical.com/en/signup?id=mvooscvef3n9xc6 Message: [.WebGL-0x3bb800d42a00]GL Driver Message (OpenGL, Performance, GL_CLOSE_PATH_NV, High): GPU stall due to ReadPixels

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.company-target.com
assets.adobedtm.com
c.evidon.com
cdn4.rsncdn.com
d3agx2rif8aadl.cloudfront.net
darwin-api.dynata.com
darwin-assets.dynata.com
flare.e-rewardsmedical.com
fonts.googleapis.com
fonts.gstatic.com
goggles.mw.dynata.com
id.rlcdn.com
l.evidon.com
region1.google-analytics.com
rum.browser-intake-datadoghq.com
stats.g.doubleclick.net
tag.demandbase.com
upp-public.s3.amazonaws.com
www.e-rewardsmedical.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
104.103.100.82
108.138.17.87
13.224.189.30
13.225.78.2
2001:4860:4802:32::36
2600:1f18:24e6:b902:6853:4072:a1e0:a34d
2600:9000:20eb:3600:1f:ad95:87c0:93a1
2600:9000:20eb:f200:0:9a75:c240:21
2600:9000:211a:1800:18:d51a:a500:93a1
2600:9000:211a:d200:18:d51a:a500:93a1
2600:9000:2251:6000:17:5070:d6c0:93a1
2a00:1450:400d:802::2003
2a00:1450:400d:802::200e
2a00:1450:400d:803::2008
2a00:1450:400d:80c::2003
2a00:1450:400d:80d::2004
2a00:1450:400d:80e::200a
2a00:1450:4025:401::9b
2a02:26f0:f700:481::1e80
34.194.27.19
35.244.174.68
52.217.164.233
54.205.245.16
0072ac4da2be62e296da967e0c844bc37e237e74bfab56683c927528eefdd6e0
06294245f12818c2d04b2a9f1e1d9d5cadd44667f565cdc6f51c83aaf4dfef28
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0a5a7859fe77badbf9987bafa8e4a2225327ea06ef5ff1b08bf8fe2a5f7c7214
0bd2682686468042c461e67e90b6a2acc38bef10945e7142a1ae70776584730f
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
151747425d77e68d7139dc374ebb289ee1ddda7dea62727a93be1c91591bde2d
1586019660bbeecdf343d83cbec005fb8da84ab0eb68c5370399e8d622faf8fb
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
202e1c9f4904909ee357c3e6036f3c39d0eeb527c627fcbd21d4d359e02bb1d4
25684da48a5fc4977f7428657457ae32ca273d1cde6d61cc140284ab5244f539
256c9e8e2e4c6e2bfc2b480ed54137e27843a3a4d44ad6b9f4e02afb5be2ee63
2b9fdf8ec5c4a71d39191e9fb067ac1d8be6df56eb2e0d620a6947df0bf35615
30f0b51629a93edbccc9861c2b609bbcda946a42f8f0221bcf9ea5f418ea0422
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5cfea48712281c2ad7d9eee68ac0a1ae465855703293704b9a781edd325d0376
5d420d4cc480cfbab1e0e4c87971db5ec27c87d9a03f08d494e4a839e89fba1d
621c1c14c167f412b0deb14f839e91260d8fb51e0e8d1545a6af7c8624f9e651
6466d1ed5f65005efc1c63b9db38328b4bc3b4c9cadbbf652e1206f5af25968e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6beaa737a07b2cdd82921ee0c8f09b66a177140265905ce32c1ef9c1dfb59272
7035b915620dc70259afc62600cff99285e27ad4b0386967eaf290f1414fd2cc
7e5f9c7cef8bb005ff925d4495a93559fa65dc4c79d251358e54aa63ebbbdc60
829935e04fe7bb4c7163c1cbfe3839df1f8b4d3cb9a51ed5bff1624173e0f00a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86887fd63c2765682c46a69d3821c288e98ca424592357b6763051fb9b80f419
896bd9da117899827edb381eee72cb717fc9e01a0b9657682f297d333d402268
8a4e573b1a6f7eea3548d22b54c95a78e3e01957e9a3a5f2e43d7b9cbd91a629
8dabb5504f42de0ff9ef31e2b6da7cde1e49387030c12f8d65700c366b0c722f
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
973e0be9ad095c6bea8d2a9b22df3acbc368ecb234823059ddac700ed103c593
99242634c143c4935546f80818933bc681bc112bc120c6b24204cec2f20e1c37
a7564b3371d2a7b123af19bc83b5e464bc6fb016937ee928816e64dd67c9c7a8
aa75b51dee83b56b260ee71b1ab87faa5f194e5126fe9bcb178cc90483a66f5a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
bfb745758c9ec0195071fcaabd9791a08bffbe4315a3c80739b084d37e087369
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
ce790ebecbb55dffebbaa44622b9c389a00533b410216fb0a12e92ad28917fdb
d2e4529fe2986b4583a411f25413bb172e1c4aa6f7d674df7e0571395b7565d5
d3b2e47f4dd7891317e7ca95c10c4294d04a78be9a5013376a60e8767bb567a7
d808130157ed1fca0469f5f40210d7d1b2dc2c41add64e658bb3222aea4d9eba
da397975e97cbd7f4ad3fdd20046d90796596f3539c32772c91add2edb4e0d2d
dd5e2022f635153489c43ca6a6a9b2010d13543eed029d5c6dfe714deace3ea0
dd81812b6243e24c01ed9be8589d5fea74e0777057f0f75cc996f12d38542cb6
e16b9816ecaf90056fe69adbef5506c6c014c03b4d17826f89f84d19a54ba68e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e85e811f76dc0f86f38160bc7f3d6956c37ca4edfa340585207b15c8e16f8c42
f19c5021f17c6ceab151c51e5d1395ecc9f18e238850b83c661c3383a28d8362
f51ac10ae4498349670d880fc6cc2604342015f047f10cd839f312f14dae29a9
fd6321a73fa53c24f5ac39432a3eaf12305d410b415349e19278548b8a4deb75
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

www.e-rewardsmedical.com Open in urlscan Pro 2600:9000:211a:1800:18:d51a:a500:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

64 Requests

95 %HTTPS

65 %IPv6

17 Domains

23 Subdomains

24 IPs

4 Countries

1721 kBTransfer

4563 kBSize

7 Cookies

2 Outgoing links

Page URL History

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.e-rewardsmedical.com Open in urlscan Pro
2600:9000:211a:1800:18:d51a:a500:93a1 Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

95 %
HTTPS

65 %
IPv6

17
Domains

23
Subdomains

24
IPs

4
Countries

1721 kB
Transfer

4563 kB
Size

7
Cookies

64 HTTP transactions
2 data transactions