www.e-rewardsmedical.com Open in urlscan Pro
2600:9000:2190:4e00:18:d51a:a500:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.e-rewardsmedical.com/en/signup?id=
Effective URL:
https://www.e-rewardsmedical.com/en/signup?id=
Submission: On May 25 via manual (May 25th 2023, 5:00:52 pm UTC) from US — Scanned from DE

Summary HTTP 48 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 24 IPs in 4 countries across 18 domains to perform 48 HTTP transactions. The main IP is 2600:9000:2190:4e00:18:d51a:a500:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.e-rewardsmedical.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on May 23rd 2023. Valid for: a year.

This is the only time www.e-rewardsmedical.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2600:9000:219... 2600:9000:2190:fa00:18:d51a:a500:93a1	16509 (AMAZON-02) (AMAZON-02)
9	2600:9000:219... 2600:9000:2190:4e00:18:d51a:a500:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:25a... 2600:9000:25a2:7600:1f:ad95:87c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 4	52.72.110.76 52.72.110.76	14618 (AMAZON-AES) (AMAZON-AES)
1	3.5.0.204 3.5.0.204	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:591::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	18.165.183.48 18.165.183.48	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:25a... 2600:9000:25a2:6000:17:5070:d6c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.96.71.22 34.96.71.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	13.224.103.100 13.224.103.100	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:25a... 2600:9000:25a2:b400:1d:8d6d:3b40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 7	2.16.186.136 2.16.186.136	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	2600:1f18:612... 2600:1f18:612b:4200:f6d4:30b2:8e5e:6d5f	14618 (AMAZON-AES) (AMAZON-AES)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
3	52.20.193.155 52.20.193.155	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:24e... 2600:1f18:24e6:b902:e093:7677:7f6:7f5c	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
48	24

1 2600:9000:2190:fa00:18:d51a:a500:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

www.e-rewardsmedical.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:2190:4e00:18:d51a:a500:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.e-rewardsmedical.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:25a2:7600:1f:ad95:87c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn4.rsncdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.72.110.76 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-110-76.compute-1.amazonaws.com

goggles.mw.dynata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.5.0.204 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3-1-w.amazonaws.com

upp-public.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:591::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.165.183.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-183-48.zrh55.r.cloudfront.net

tag.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:25a2:6000:17:5070:d6c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

darwin-assets.dynata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com

s.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.103.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-103-100.zrh50.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:25a2:b400:1d:8d6d:3b40:93a1 (United States)

ASN16509 (AMAZON-02, US)

tag-logger.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.16.186.136 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-136.deploy.static.akamaitechnologies.com

c.evidon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4200:f6d4:30b2:8e5e:6d5f (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.20.193.155 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-193-155.compute-1.amazonaws.com

l.evidon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:24e6:b902:e093:7677:7f6:7f5c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

rum.browser-intake-datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	evidon.com 1 redirects c.evidon.com — Cisco Umbrella Rank: 1329 l.evidon.com — Cisco Umbrella Rank: 9168	41 KB
10	e-rewardsmedical.com 1 redirects www.e-rewardsmedical.com	567 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	280 KB
5	dynata.com 1 redirects goggles.mw.dynata.com — Cisco Umbrella Rank: 290852 darwin-assets.dynata.com — Cisco Umbrella Rank: 206644	4 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30 region1.google-analytics.com — Cisco Umbrella Rank: 2230	21 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530	2 KB
2	company-target.com s.company-target.com — Cisco Umbrella Rank: 1528 api.company-target.com — Cisco Umbrella Rank: 3147	2 KB
2	demandbase.com tag.demandbase.com — Cisco Umbrella Rank: 3983 tag-logger.demandbase.com	21 KB
2	gstatic.com fonts.gstatic.com	46 KB
2	rsncdn.com cdn4.rsncdn.com — Cisco Umbrella Rank: 190447	76 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 76	352 B
1	browser-intake-datadoghq.com rum.browser-intake-datadoghq.com — Cisco Umbrella Rank: 2441
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 315	239 B
1	tremorhub.com partners.tremorhub.com — Cisco Umbrella Rank: 1013	394 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 629	98 B
1	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 448	9 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	965 B
1	amazonaws.com upp-public.s3.amazonaws.com — Cisco Umbrella Rank: 442941	66 KB
48	18

	Domain	Requested by
10	www.e-rewardsmedical.com	1 redirects www.e-rewardsmedical.com
7	c.evidon.com	1 redirects www.e-rewardsmedical.com c.evidon.com
5	www.googletagmanager.com	www.e-rewardsmedical.com www.googletagmanager.com
4	goggles.mw.dynata.com	1 redirects www.e-rewardsmedical.com
3	l.evidon.com	www.e-rewardsmedical.com
2	www.google-analytics.com	www.googletagmanager.com www.e-rewardsmedical.com
2	dsum-sec.casalemedia.com	1 redirects s.company-target.com
2	fonts.gstatic.com	fonts.googleapis.com
2	cdn4.rsncdn.com	www.e-rewardsmedical.com
1	stats.g.doubleclick.net	www.e-rewardsmedical.com
1	region1.google-analytics.com	www.googletagmanager.com
1	rum.browser-intake-datadoghq.com	www.e-rewardsmedical.com
1	pixel.rubiconproject.com	s.company-target.com
1	partners.tremorhub.com	s.company-target.com
1	tag-logger.demandbase.com	www.e-rewardsmedical.com
1	api.company-target.com	www.e-rewardsmedical.com
1	id.rlcdn.com	www.e-rewardsmedical.com
1	s.company-target.com	tag.demandbase.com
1	darwin-assets.dynata.com	www.e-rewardsmedical.com
1	tag.demandbase.com	www.e-rewardsmedical.com
1	assets.adobedtm.com	www.e-rewardsmedical.com
1	fonts.googleapis.com	www.e-rewardsmedical.com
1	upp-public.s3.amazonaws.com	www.e-rewardsmedical.com
48	23

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.e-rewardsmedical.de

Subject Issuer	Validity	Valid
e-rewardsmedical.com Amazon RSA 2048 M01	`2023-05-23` - `2024-06-21`	a year	crt.sh
cdn4.rsncdn.com Amazon RSA 2048 M01	`2023-02-28` - `2024-01-23`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-08-19`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2022-08-17` - `2023-09-18`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.mw.dynata.com Amazon RSA 2048 M01	`2023-02-28` - `2023-07-26`	5 months	crt.sh
*.dynata.com Amazon RSA 2048 M02	`2023-05-17` - `2024-06-13`	a year	crt.sh
*.company-target.com R3	`2023-04-19` - `2023-07-18`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2022-09-16` - `2023-10-18`	a year	crt.sh
*.demandbase.com Amazon RSA 2048 M01	`2023-02-22` - `2023-09-08`	7 months	crt.sh
betrad.com R3	`2023-04-04` - `2023-07-03`	3 months	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.evidon.com Amazon RSA 2048 M02	`2023-02-24` - `2023-11-06`	8 months	crt.sh
*.browser-intake-datadoghq.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-21` - `2023-07-22`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.e-rewardsmedical.com/en/signup?id=
Frame ID: F1EAB432A546F6102D6CD427ABDAD48E
Requests: 43 HTTP requests in this frame

Frame: https://s.company-target.com/s/sync?exc=lr
Frame ID: F9FC85F8D07232569068B76F0A52E8A6
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign Up for Online Surveys to Earn Rewards at e-Rewards Medical

Page URL History Show full URLs

http://www.e-rewardsmedical.com/en/signup?id= HTTP 301
https://www.e-rewardsmedical.com/en/signup?id= Page URL

Detected technologies

Crownpeak (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

c\.evidon\.com

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

48
Requests

92 %
HTTPS

58 %
IPv6

18
Domains

23
Subdomains

24
IPs

4
Countries

1137 kB
Transfer

4204 kB
Size

13
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/eRewardsMedical

Search URL Search Domain Scan URL

URL: https://www.e-rewardsmedical.de/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.e-rewardsmedical.com/en/signup?id= HTTP 301
https://www.e-rewardsmedical.com/en/signup?id= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://goggles.mw.dynata.com/api/v1/upp/global.js HTTP 302
https://upp-public.s3.amazonaws.com/upp-client/1.2.2/global.js?v=3

Request Chain 30

https://c.evidon.com/sitenotice/1696/e-rewardsmedical/settings.js HTTP 301
https://c.evidon.com/sitenotice/1696/e-rewardsmedical/settingsV2.js

Request Chain 34

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1700931647&external_user_id=2a9fcee9-c82f-449a-b6ab-d64dfd903166 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1700931647&external_user_id=2a9fcee9-c82f-449a-b6ab-d64dfd903166&C=1

48 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request signup Show response
www.e-rewardsmedical.com/en/
Redirect Chain

http://www.e-rewardsmedical.com/en/signup?id=
https://www.e-rewardsmedical.com/en/signup?id=

173 KB
39 KB

303ms
266ms

Document
text/html

2600:9000:2190:4e00:18:d51a:a500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.e-rewardsmedical.com/en/signup?id=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:4e00:18:d51a:a500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash: 7ef4657399ec92e8d1df1ef2750df607aa638108252af85d47ed5ea40606b83f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=604800
content-encoding: gzip
content-length: 39353
content-type: text/html
date: Thu, 25 May 2023 17:00:45 GMT
etag: "63af53538ae5f55da7ddb906b696e87a"
last-modified: Thu, 04 May 2023 22:32:55 GMT
server: nginx/1.21.6
vary: Accept-Encoding
via: 1.1 cd66c5a89ae3376f15c155e3b52a758c.cloudfront.net (CloudFront)
x-amz-cf-id: xwdmP9b7qni_hxf1R4O1AYSFWK95q7ql6rY1UVH9w7InUs32sJ2CBQ==
x-amz-cf-pop: ZRH50-C1
x-cache: Miss from cloudfront
x-stats: @gz_only; 0.035; 0.001; 0.035

Redirect headers

Connection: keep-alive
Content-Length: 167
Content-Type: text/html
Date: Thu, 25 May 2023 17:00:45 GMT
Location: https://www.e-rewardsmedical.com/en/signup?id=
Server: CloudFront
Via: 1.1 a4f3f56409fe4e0b42683dc15dd52ef8.cloudfront.net (CloudFront)
X-Amz-Cf-Id: 6PZZ6LAfyr3ssBwVnwtBoltTJNVkjwm8LlFhzZoGLVA6TDCxaAzpDw==
X-Amz-Cf-Pop: ZRH50-C1
X-Cache: Redirect from cloudfront

GET
H2 200 style.css
www.e-rewardsmedical.com/blueprint/dist/stylesheets/ 814 KB
133 KB 22ms
19ms Stylesheet
text/css 2600:9000:2190:4e00:18:d51a:a500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.e-rewardsmedical.com/blueprint/dist/stylesheets/style.css
Requested by: Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/en/signup?id=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:4e00:18:d51a:a500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash: 20d5a02ec7d5421576729df95cf099cd77ec9ef085fc21fdc2c1cf0fcceb94b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/en/signup?id=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 17:35:58 GMT
content-encoding: br
via: 1.1 cd66c5a89ae3376f15c155e3b52a758c.cloudfront.net (CloudFront)
last-modified: Thu, 04 May 2023 22:28:34 GMT
server: nginx/1.21.6
x-stats: @br_1st; 0.077; 0.001; 0.077
x-amz-cf-pop: ZRH50-C1
age: 257087
etag: "f301d52aaa44c5656fbb4e03729c61e3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=604800
content-length: 135382
x-amz-cf-id: SZUihxNSLiUaKPUfMxx9lCakBOHkfgsUqqcEzs-_2NN6_btQtyqZhA==

GET
H2 200 default.css
www.e-rewardsmedical.com/blueprint/dist/stylesheets/layouts/default/ 255 KB
51 KB 36ms
33ms Stylesheet
text/css 2600:9000:2190:4e00:18:d51a:a500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.e-rewardsmedical.com/blueprint/dist/stylesheets/layouts/default/default.css
Requested by: Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/en/signup?id=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:4e00:18:d51a:a500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash: b9fa9e37892a9448e19fdaa02290c3c8e38f8a9394b1281e97125d91afb0cdcc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/en/signup?id=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 17:35:58 GMT
content-encoding: br
via: 1.1 cd66c5a89ae3376f15c155e3b52a758c.cloudfront.net (CloudFront)
last-modified: Thu, 04 May 2023 22:26:57 GMT
server: nginx/1.21.6
x-stats: @br_1st; 0.051; 0.000; 0.051
x-amz-cf-pop: ZRH50-C1
age: 257087
etag: "e0b93ed0290b562a0691d82823e7fc8a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=604800
content-length: 52063
x-amz-cf-id: njET6e-npS4itcUG-270iNT9HpUYDaZaX3nPB19kTWUAsz9EtSnJmg==

GET
H2 200 signup.css
www.e-rewardsmedical.com/blueprint/dist/stylesheets/ 190 KB
40 KB 49ms
47ms Stylesheet
text/css 2600:9000:2190:4e00:18:d51a:a500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.e-rewardsmedical.com/blueprint/dist/stylesheets/signup.css
Requested by: Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/en/signup?id=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:4e00:18:d51a:a500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash: b17302846a1204e55779d42c54db71cd6f17310eadc474901af601603fba2e7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/en/signup?id=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:52:38 GMT
content-encoding: br
via: 1.1 cd66c5a89ae3376f15c155e3b52a758c.cloudfront.net (CloudFront)
last-modified: Thu, 04 May 2023 22:28:20 GMT
server: nginx/1.21.6
x-stats: @br_1st; 0.110; 0.001; 0.110
x-amz-cf-pop: ZRH50-C1
age: 184087
etag: "593d4acf1f05eea9710f3c2b8454261f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=604800
content-length: 40342
x-amz-cf-id: fHwpg8Vu_sJT64GzYLclPgSlaVmeaIhMnx01yJUAXEHG7ZmMaaDv2w==

GET
H2 200 icons.js Show response
www.e-rewardsmedical.com/blueprint/dist/common/ 15 KB
4 KB 16ms
15ms Script
application/javascript 2600:9000:2190:4e00:18:d51a:a500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.e-rewardsmedical.com/blueprint/dist/common/icons.js
Requested by: Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/en/signup?id=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:4e00:18:d51a:a500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash: 35eebec575cd32883146e1cdb851853a277898aecf83a3ee5c2885323a2c45ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/en/signup?id=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 17:35:58 GMT
content-encoding: br
via: 1.1 cd66c5a89ae3376f15c155e3b52a758c.cloudfront.net (CloudFront)
last-modified: Thu, 04 May 2023 22:17:30 GMT
server: nginx/1.21.6
x-stats: @br_1st; 0.082; 0.001; 0.082
x-amz-cf-pop: ZRH50-C1
age: 257087
etag: "2563a77b865dd94fa2da639892fd140a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=604800
content-length: 4039
x-amz-cf-id: CeerayFOAh0mUO5A_D4a1t2EyhqlJF1dZ_wykDTXV-6D56MXm1HpBA==

GET
H2 200 91e174c5-f1f3-4fb3-a187-7c97b057bb76
cdn4.rsncdn.com/prd/dynamicAsset/partner1/asset_logo/700/en_US/ 6 KB
6 KB 75ms
14ms Image
image/webp 2600:9000:25a2:7600:1f:ad95:87c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.rsncdn.com/prd/dynamicAsset/partner1/asset_logo/700/en_US/91e174c5-f1f3-4fb3-a187-7c97b057bb76
Requested by: Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/en/signup?id=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25a2:7600:1f:ad95:87c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.17.8 /
Resource Hash: dd5e2022f635153489c43ca6a6a9b2010d13543eed029d5c6dfe714deace3ea0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 22:34:51 GMT
via: 1.1 d75d7156b5e1833582c3070298720664.cloudfront.net (CloudFront)
last-modified: Thu, 19 Mar 2020 19:05:16 GMT
server: nginx/1.17.8
x-stats: @webp; 0.103; 0.008; 0.100
x-amz-cf-pop: ZRH55-P1
age: 239154
etag: "2fff03c4c5895f6d1bee1778fa3b8813"
vary: Accept
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 5704
x-amz-cf-id: L4K1hzv4Y01drVwRRKnPnreMHn_5CiLltMJLsJTztg8cDAPUn8qdKQ==

GET
H/1.1

200
OK

global.js Show response
upp-public.s3.amazonaws.com/upp-client/1.2.2/
Redirect Chain

https://goggles.mw.dynata.com/api/v1/upp/global.js
https://upp-public.s3.amazonaws.com/upp-client/1.2.2/global.js?v=3

66 KB
66 KB

379ms
131ms

Script
application/javascript

3.5.0.204
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://upp-public.s3.amazonaws.com/upp-client/1.2.2/global.js?v=3
Requested by: Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/en/signup?id=
Protocol: HTTP/1.1
Server: 3.5.0.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: e2026c165c4d75a84f9dad168ae6d70f79a782b22c9307b7d4c36097c1e10526

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Thu, 25 May 2023 17:00:47 GMT
Last-Modified: Thu, 04 May 2023 00:06:49 GMT
Server: AmazonS3
x-amz-request-id: WB9Y6STXJ51PF9TJ
ETag: "7c9e31cb51b1191324d4198c02606049"
x-amz-server-side-encryption: AES256
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 67494
x-amz-id-2: mMppy5XD81R2xka/HtXo+dw44OC6nRzn6zyjRIXPR9ZQh0ZO3GGQd4tFBVdOjsapgikIPaNrKLSlLm3EoyHSQA==

Redirect headers

date: Thu, 25 May 2023 17:00:46 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/html; charset=utf-8
location: https://upp-public.s3.amazonaws.com/upp-client/1.2.2/global.js?v=3
access-control-allow-origin
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, paneldomainid
content-length: 110

GET
H2 200 css
fonts.googleapis.com/ 6 KB
965 B 143ms
57ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400italic,400,700,700italic

Requested by

Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/blueprint/dist/stylesheets/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c3a3a9f738fb8ce22a65aee94ecb6826deab5a16a14f812283e2d79251fdde99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 25 May 2023 17:00:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 25 May 2023 16:41:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 May 2023 17:00:45 GMT

GET
H2 200 nectarCanvass2-global.js Show response
www.e-rewardsmedical.com/blueprint/dist/packages/ 617 KB
135 KB 16ms
16ms Script
application/javascript 2600:9000:2190:4e00:18:d51a:a500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.e-rewardsmedical.com/blueprint/dist/packages/nectarCanvass2-global.js
Requested by: Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/en/signup?id=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:4e00:18:d51a:a500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash: 6beaa737a07b2cdd82921ee0c8f09b66a177140265905ce32c1ef9c1dfb59272

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/en/signup?id=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 17:35:59 GMT
content-encoding: br
via: 1.1 cd66c5a89ae3376f15c155e3b52a758c.cloudfront.net (CloudFront)
last-modified: Thu, 04 May 2023 22:18:06 GMT
server: nginx/1.21.6
x-stats: @br_1st; 0.110; 0.000; 0.110
x-amz-cf-pop: ZRH50-C1
age: 257086
etag: "09b41789e411461aee348f494eb899b0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=604800
content-length: 138128
x-amz-cf-id: x57RZSL88xXOXF5586FFkGMQARewNiaqOBinoqoSmLaEy88HM85OCg==

GET
H2 200 signup.js Show response
www.e-rewardsmedical.com/blueprint/dist/apps/signup/ 569 KB
98 KB 25ms
25ms Script
application/javascript 2600:9000:2190:4e00:18:d51a:a500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.e-rewardsmedical.com/blueprint/dist/apps/signup/signup.js
Requested by: Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/en/signup?id=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:4e00:18:d51a:a500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash: 86733e44008ab6f233c46a49a6176fab4d511ae82abc8fce5dfb009fc767228d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/en/signup?id=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:53:32 GMT
content-encoding: br
via: 1.1 cd66c5a89ae3376f15c155e3b52a758c.cloudfront.net (CloudFront)
last-modified: Thu, 04 May 2023 22:17:27 GMT
server: nginx/1.21.6
x-stats: @br_1st; 0.075; 0.001; 0.075
x-amz-cf-pop: ZRH50-C1
age: 184034
etag: "95c5961ab883d0e73a51707a74df459c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=604800
content-length: 99415
x-amz-cf-id: GUdbndUAlwRBCyuMwYHeJ2dRSR_f8KN4jr3IPJ8R5q-56dyD2mKW5Q==

GET
H2 200 layout.js Show response
www.e-rewardsmedical.com/blueprint/dist/common/ 2 KB
1015 B 28ms
28ms Script
application/javascript 2600:9000:2190:4e00:18:d51a:a500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.e-rewardsmedical.com/blueprint/dist/common/layout.js
Requested by: Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/en/signup?id=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:4e00:18:d51a:a500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash: f42a6386b5073ba572bae2006e2ba59c692704da4346ec82140962c3cf6281dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/en/signup?id=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:53:32 GMT
content-encoding: br
via: 1.1 cd66c5a89ae3376f15c155e3b52a758c.cloudfront.net (CloudFront)
last-modified: Thu, 04 May 2023 22:17:32 GMT
server: nginx/1.21.6
x-stats: @br_1st; 0.061; 0.002; 0.062
x-amz-cf-pop: ZRH50-C1
age: 184034
etag: "a2a72ad595d6c76eebe99e0fbe166647"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=604800
content-length: 608
x-amz-cf-id: lpkwZ3jQZtphrT7IN_CrGASebZmk9LW1un5PPDcNWpoNYa9VTS-11w==

GET
H2 200 launch-f1138988d326.min.js Show response
assets.adobedtm.com/e3aee76e417e/83f07140de93/ 25 KB
9 KB 57ms
7ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/e3aee76e417e/83f07140de93/launch-f1138988d326.min.js
Requested by: Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/en/signup?id=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 1586019660bbeecdf343d83cbec005fb8da84ab0eb68c5370399e8d622faf8fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 17:00:46 GMT
content-encoding: gzip
last-modified: Wed, 30 Mar 2022 10:23:00 GMT
server: AkamaiNetStorage
etag: "8834979ec70d0b3266dfffacc5f098a0:1648635780.232077"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.e-rewardsmedical.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 9266
expires: Thu, 25 May 2023 18:00:46 GMT

GET
H2 200 13fcb095-f491-4f27-ac4f-c0990acb5e21
cdn4.rsncdn.com/prd/dynamicAsset/partner1/asset_pages_signup_hero/700/en_US/ 70 KB
70 KB 30ms
30ms Image
image/webp 2600:9000:25a2:7600:1f:ad95:87c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.rsncdn.com/prd/dynamicAsset/partner1/asset_pages_signup_hero/700/en_US/13fcb095-f491-4f27-ac4f-c0990acb5e21
Requested by: Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/en/signup?id=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25a2:7600:1f:ad95:87c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.17.8 /
Resource Hash: 829935e04fe7bb4c7163c1cbfe3839df1f8b4d3cb9a51ed5bff1624173e0f00a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:53:46 GMT
via: 1.1 d75d7156b5e1833582c3070298720664.cloudfront.net (CloudFront)
last-modified: Thu, 19 Mar 2020 19:05:25 GMT
server: nginx/1.17.8
x-stats: @webp; 0.063; 0.012; 0.064
x-amz-cf-pop: ZRH55-P1
age: 184020
etag: "f9358a54431fdfbc72ada765c99c2e3c"
vary: Accept
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 71192
x-amz-cf-id: kiEko87hcIez3OAY39LCnLtL9zxf0GUdSUwpzMQCRbXd5gevaSr2Xw==

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 123ms
38ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400italic,400,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.e-rewardsmedical.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 17:00:48 GMT
x-content-type-options: nosniff
age: 172798
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23236
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 May 2024 17:00:48 GMT

GET
H2 200 fontawesome-webfont.woff2
www.e-rewardsmedical.com/shared/vendor/font-awesome/fonts/ 65 KB
66 KB 15ms
15ms Font
font/woff2 2600:9000:2190:4e00:18:d51a:a500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.e-rewardsmedical.com/shared/vendor/font-awesome/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by: Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/blueprint/dist/stylesheets/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:4e00:18:d51a:a500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash: ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

Referer: https://www.e-rewardsmedical.com/blueprint/dist/stylesheets/style.css
Origin: https://www.e-rewardsmedical.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 09:37:50 GMT
via: 1.1 cd66c5a89ae3376f15c155e3b52a758c.cloudfront.net (CloudFront)
last-modified: Tue, 15 Jun 2021 14:30:41 GMT
server: nginx/1.21.6
x-stats: @origin; 0.243; 0.001 : 0.002 : 0.001 : 0.001 : 0.002 : 0.002; 0.057 : 0.038 : 0.038 : 0.030 : 0.021 : 0.058
x-amz-cf-pop: ZRH50-C1
age: 199376
etag: "db812d8a70a4e88e888744c1c9a27e89"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: font/woff2
cache-control: max-age=604800
content-length: 66624
x-amz-cf-id: cot7reTKSyDhv97Z6hIKxJD7u8imDeu4YRBoRqJlgG0-5Ssqg_BWQg==

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 155ms
75ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400italic,400,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.e-rewardsmedical.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 15:41:45 GMT
x-content-type-options: nosniff
age: 436741
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 15:41:45 GMT

GET
H2 200 b4475a2ba824dd78.min.js Show response
tag.demandbase.com/ 76 KB
21 KB 64ms
23ms Script
application/javascript 18.165.183.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.demandbase.com/b4475a2ba824dd78.min.js

Requested by

Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/en/signup?id=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.165.183.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-165-183-48.zrh55.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

7ade28020e551a9aae381936e1bb6c2525e34b1c00112a16e77d19640de592b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: BSdTd34N8I.5EOcQZWvfpyGTxS_EtAWU
content-encoding: gzip
via: 1.1 a9717fb92179a05f5da85fabc586e750.cloudfront.net (CloudFront)
date: Thu, 25 May 2023 16:55:25 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: ZRH55-P1
age: 322
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 25 May 2023 02:30:25 GMT
server: AmazonS3
etag: W/"993fffe8c148589a3be7671ed4d8dec2"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-id: ZtGSQZ5eUrbU-6oRHmP7O-Q9RblWR-ROQ37RXH3J_yMixIHrtAb5pw==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 192 KB
68 KB 186ms
102ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WXVC3PD

Requested by

Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/en/signup?id=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

21f994fb509ac277e73999a5b1a9546afa0e6a3ebf96a7d91ea923842d060720

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 17:00:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69945
x-xss-protection: 0
last-modified: Thu, 25 May 2023 16:17:21 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 25 May 2023 17:00:46 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 104 KB
41 KB 136ms
52ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TF4HZ8V

Requested by

Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/en/signup?id=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5f89c6ec73b6deadb1555f11606faf0b238fac8a02db5b115ee9cb088b10c290

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 17:00:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41713
x-xss-protection: 0
last-modified: Thu, 25 May 2023 16:17:21 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 25 May 2023 17:00:46 GMT

OPTIONS
H2 200 details
goggles.mw.dynata.com/api/v1/panel/700/ Frame 0
0 332ms
110ms Preflight 52.72.110.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://goggles.mw.dynata.com/api/v1/panel/700/details
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.110.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-110-76.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: paneldomainid
Access-Control-Request-Method: GET
Origin: https://www.e-rewardsmedical.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, paneldomainid
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://www.e-rewardsmedical.com
content-encoding: gzip
content-length: 23
date: Thu, 25 May 2023 17:00:47 GMT
vary: Accept-Encoding

GET
H2 200 browserCheck.js Show response
darwin-assets.dynata.com/upp-ui/ 28 B
451 B 113ms
49ms Fetch
text/javascript 2600:9000:25a2:6000:17:5070:d6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://darwin-assets.dynata.com/upp-ui/browserCheck.js
Requested by: Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/blueprint/dist/apps/signup/signup.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25a2:6000:17:5070:d6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dd81812b6243e24c01ed9be8589d5fea74e0777057f0f75cc996f12d38542cb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 15:58:14 GMT
via: 1.1 ff571229df9f46b01b0e434bcb36f9e6.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH55-P1
age: 3753
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 28
last-modified: Wed, 07 Sep 2022 14:07:47 GMT
server: AmazonS3
etag: "1c4926c3c66c0f7e380ee29ead2e544b"
vary: Origin
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: lD10N4fqX44zSFDDehkFh9BSm4zfkAtRW0N1Dm8NW_rIqD3J_GwAsA==

GET
H2 200 details Show response
goggles.mw.dynata.com/api/v1/panel/700/ 118 B
443 B 115ms
115ms XHR
application/json 52.72.110.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://goggles.mw.dynata.com/api/v1/panel/700/details
Requested by: Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/blueprint/dist/apps/signup/signup.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.110.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-110-76.compute-1.amazonaws.com
Software: /
Resource Hash: d64902cfbc365631d1c35e77e891aa3ad98b64fa6dfdbb245acd9d9ec17c8b42

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.e-rewardsmedical.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
paneldomainid: 7002

Response headers

date: Thu, 25 May 2023 17:00:47 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: https://www.e-rewardsmedical.com
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, paneldomainid
content-length: 119

GET
H2 200 config Show response
goggles.mw.dynata.com/api/v1/panel/ 14 KB
3 KB 361ms
142ms XHR
application/json 52.72.110.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://goggles.mw.dynata.com/api/v1/panel/config?panelId=700&locale=en_US&campaignId=0
Requested by: Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/blueprint/dist/apps/signup/signup.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.110.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-110-76.compute-1.amazonaws.com
Software: /
Resource Hash: 2e4dbd4726732603def93076aea918dc680696b212e99abab318d9ebc1fadb90

Request headers

Accept: */*
Referer: https://www.e-rewardsmedical.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 17:00:47 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: https://www.e-rewardsmedical.com
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, paneldomainid

GET
BLOB 200
OK 05779b2d-7b49-41da-a62c-04ca6f62e602
https://www.e-rewardsmedical.com/ 35 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.e-rewardsmedical.com/05779b2d-7b49-41da-a62c-04ca6f62e602
Requested by: Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/en/signup?id=
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6466d1ed5f65005efc1c63b9db38328b4bc3b4c9cadbbf652e1206f5af25968e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Length: 35362
Content-Type

GET
H2 200 sync Show response
s.company-target.com/s/ Frame F9FC 634 B
977 B 169ms
100ms Document
text/html 34.96.71.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.company-target.com/s/sync?exc=lr
Requested by: Host: tag.demandbase.com
URL: https://tag.demandbase.com/b4475a2ba824dd78.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.71.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.71.96.34.bc.googleusercontent.com
Software: /
Resource Hash: f301b8ee1bd315b1d21da86d09e7427c75344507166e9a7f3fea635e4a46a858

Request headers

Referer: https://www.e-rewardsmedical.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-methods: GET,OPTIONS
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 634
content-type: text/html; charset=UTF-8
date: Thu, 25 May 2023 17:00:47 GMT
via: 1.1 google

GET
H2 451 464526.gif
id.rlcdn.com/ 0
98 B 64ms
20ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/464526.gif
Requested by: Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/en/signup?id=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 17:00:46 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 ip.json Show response
api.company-target.com/api/v2/ 4 KB
1 KB 133ms
68ms XHR
application/json 13.224.103.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fwww.e-rewardsmedical.com%2Fen%2Fsignup%3Fid%3D&page_title=Sign%20Up%20for%20Online%20Surveys%20to%20Earn%20Rewards%20at%20e-Rewards%20Medical
Requested by: Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/blueprint/dist/apps/signup/signup.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-100.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 863edf1500d305d04f32ca2b9676dc628c601b72b461d05f6c2b3692a3944c1d

Request headers

Referer: https://www.e-rewardsmedical.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 25 May 2023 17:00:47 GMT
identification-source: CACHE
content-encoding: gzip
via: 1.1 a63182cf51dce7998774e112bf9ee7c6.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-cache: Miss from cloudfront
request-id: 905aaf55-3710-4ed7-91f4-8fe9f706fd8f
pragma: no-cache
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.e-rewardsmedical.com
access-control-expose-headers: x-amz-cf-id
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding, Origin
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: O8WHTbJPcRr4c_joO3jW3gLeVfKSDNcNEYZNko-LebhlNFILk_GTqg==
expires: Wed, 24 May 2023 17:00:47 GMT

GET
H2 200 bg9s Show response
tag-logger.demandbase.com/ 0
419 B 161ms
109ms XHR
text/html 2600:9000:25a2:b400:1d:8d6d:3b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag-logger.demandbase.com/bg9s?x-amz-cf-id=O8WHTbJPcRr4c_joO3jW3gLeVfKSDNcNEYZNko-LebhlNFILk_GTqg==&api-version=v2
Requested by: Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/blueprint/dist/apps/signup/signup.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25a2:b400:1d:8d6d:3b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: 8SdDCdpJvGjkSiMFPv08XcVSgwOMVVmH
date: Thu, 25 May 2023 07:17:29 GMT
via: 1.1 a1822b92cbf5d3516743d4786d5b6020.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH55-P1
age: 35027
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
content-length: 0
last-modified: Tue, 07 Mar 2023 20:47:02 GMT
server: AmazonS3
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: 7vKzfmt9afQ1q-3HTWl4FkcJIAtdwJkyQuXnq34rywwsd-DRJV341A==

GET
H2 200 evidon-sitenotice-tag.js Show response
c.evidon.com/sitenotice/ 74 KB
20 KB 50ms
28ms Script
application/x-javascript 2.16.186.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Requested by: Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/en/signup?id=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-136.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 53336aa630db1e3624ea59594157016c2999c600cc847c90defa1c8560d08b41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 17:00:47 GMT
content-encoding: gzip
last-modified: Tue, 16 May 2023 16:03:10 GMT
server: AkamaiNetStorage
etag: "c3ee938bd3d9d03945abc0972e4a1c06:1684252990.825288"
vary: Accept-Encoding, Origin
access-control-max-age: 108000
content-type: application/x-javascript
access-control-allow-origin
access-control-allow-methods: GET,OPTIONS,POST
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 19653
expires: Sat, 27 May 2023 17:00:47 GMT

GET
H2 200 country.js Show response
c.evidon.com/geo/ 252 B
450 B 57ms
35ms Script
application/x-javascript 2.16.186.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/geo/country.js
Requested by: Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/en/signup?id=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-136.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: fd6321a73fa53c24f5ac39432a3eaf12305d410b415349e19278548b8a4deb75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 17:00:47 GMT
content-encoding: gzip
last-modified: Fri, 13 Mar 2020 23:46:45 GMT
server: AkamaiNetStorage
etag: "61397050076da6e6062ac7b53a8ef498:1584143205.714402"
vary: Accept-Encoding, Origin
access-control-max-age: 108000
content-type: application/x-javascript
access-control-allow-origin
access-control-allow-methods: GET,OPTIONS,POST
accept-ranges: bytes
access-control-allow-headers: *
content-length: 174

GET
H2 200 snthemes.js Show response
c.evidon.com/sitenotice/1696/ 108 KB
5 KB 31ms
9ms Script
application/x-javascript 2.16.186.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/1696/snthemes.js
Requested by: Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/en/signup?id=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-136.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8a4e573b1a6f7eea3548d22b54c95a78e3e01957e9a3a5f2e43d7b9cbd91a629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 17:00:47 GMT
content-encoding: gzip
last-modified: Fri, 09 Dec 2022 08:00:42 GMT
server: AkamaiNetStorage
etag: "b96bc20aff33f0d3f17127d47d60fd8e:1670572842.402937"
vary: Accept-Encoding, Origin
access-control-max-age: 108000
content-type: application/x-javascript
access-control-allow-origin
access-control-allow-methods: GET,OPTIONS,POST
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 4507
expires: Sat, 27 May 2023 17:00:47 GMT

GET
H2

200

settingsV2.js Show response
c.evidon.com/sitenotice/1696/e-rewardsmedical/
Redirect Chain

https://c.evidon.com/sitenotice/1696/e-rewardsmedical/settings.js
https://c.evidon.com/sitenotice/1696/e-rewardsmedical/settingsV2.js

7 KB
2 KB

14ms
13ms

Script
application/x-javascript

2.16.186.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/1696/e-rewardsmedical/settingsV2.js
Requested by: Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/en/signup?id=
Protocol: H2
Server: 2.16.186.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-136.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d3b2e47f4dd7891317e7ca95c10c4294d04a78be9a5013376a60e8767bb567a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 17:00:47 GMT
content-encoding: gzip
last-modified: Fri, 07 Apr 2023 10:31:21 GMT
server: AkamaiNetStorage
etag: "b0933232abb1fa75d2746bb1200c58b3:1680863481.542772"
vary: Accept-Encoding, Origin
access-control-max-age: 108000
content-type: application/x-javascript
access-control-allow-origin
access-control-allow-methods: GET,OPTIONS,POST
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1554
expires: Sat, 27 May 2023 17:00:47 GMT

Redirect headers

date: Thu, 25 May 2023 17:00:47 GMT
server: AkamaiGHost
vary: Origin
access-control-max-age: 108000
access-control-allow-methods: GET,OPTIONS,POST
location: https://c.evidon.com/sitenotice/1696/e-rewardsmedical/settingsV2.js
access-control-allow-origin
cache-control: max-age=432000, private;max-age=86400
access-control-allow-headers: *
content-length: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 224 KB
79 KB 58ms
58ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DP16LK0FSJ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXVC3PD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f8c39868e2892f78b3be40b5b6ebacd73e4262842762c8f70d94603fe7c8ec60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 17:00:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80506
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 25 May 2023 17:00:47 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 117 KB
46 KB 51ms
51ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-55103389-1

Requested by

Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/en/signup?id=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

372219227ed666257b7aa61abc7b1ef443b4d53ce8eb80e26bcceadb5a9c648a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 17:00:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46697
x-xss-protection: 0
last-modified: Thu, 25 May 2023 16:17:21 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 25 May 2023 17:00:47 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 117 KB
46 KB 70ms
70ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-55103389-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TF4HZ8V

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9d182832cad663ad4fda2fdab6110b0dd5c044772906b046a520bb7a1400f4cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 17:00:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46708
x-xss-protection: 0
last-modified: Thu, 25 May 2023 16:17:21 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 25 May 2023 17:00:47 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F9FC
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1700931647&external_user_id=2a9fcee9-c82f-449a-b6ab-d64dfd903166
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1700931647&external_user_id=2a9fcee9-c82f-449a-b6ab-d64dfd903166&C=1

43 B
766 B

7ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1700931647&external_user_id=2a9fcee9-c82f-449a-b6ab-d64dfd903166&C=1
Requested by: Host: s.company-target.com
URL: https://s.company-target.com/s/sync?exc=lr
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 May 2023 17:00:47 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 25 May 2023 17:00:47 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=18&expiry=1700931647&external_user_id=2a9fcee9-c82f-449a-b6ab-d64dfd903166&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H2 200 sync
partners.tremorhub.com/ Frame F9FC 43 B
394 B 326ms
106ms Image
image/gif 2600:1f18:612b:4200:f6d4:30b2:8e5e:6d5f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIDM=2a9fcee9-c82f-449a-b6ab-d64dfd903166
Requested by: Host: s.company-target.com
URL: https://s.company-target.com/s/sync?exc=lr
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:f6d4:30b2:8e5e:6d5f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Thu, 25 May 2023 17:00:47 GMT
server: nginx
content-type: image/gif

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame F9FC 0
239 B 37ms
8ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?nid=5578&put=2a9fcee9-c82f-449a-b6ab-d64dfd903166&v=1181926
Requested by: Host: s.company-target.com
URL: https://s.company-target.com/s/sync?exc=lr
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 en.js Show response
c.evidon.com/sitenotice/1696/translations/ 150 KB
10 KB 21ms
21ms Script
application/x-javascript 2.16.186.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/1696/translations/en.js
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-136.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 896bd9da117899827edb381eee72cb717fc9e01a0b9657682f297d333d402268

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 17:00:47 GMT
content-encoding: gzip
last-modified: Fri, 09 Dec 2022 08:00:41 GMT
server: AkamaiNetStorage
etag: "0c3158067222d9406859d8afdbc798a9:1670572841.382207"
vary: Accept-Encoding, Origin
access-control-max-age: 108000
content-type: application/x-javascript
access-control-allow-origin
access-control-allow-methods: GET,OPTIONS,POST
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 9828
expires: Sat, 27 May 2023 17:00:47 GMT

GET
H2 200 evidon-barrier.js Show response
c.evidon.com/sitenotice/ 14 KB
4 KB 17ms
17ms Script
application/x-javascript 2.16.186.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/evidon-barrier.js
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-136.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5d420d4cc480cfbab1e0e4c87971db5ec27c87d9a03f08d494e4a839e89fba1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 17:00:47 GMT
content-encoding: gzip
last-modified: Tue, 16 May 2023 16:03:11 GMT
server: AkamaiNetStorage
etag: "12408df7068621a87bfbd1bee4d923a4:1684252991.592873"
vary: Accept-Encoding, Origin
access-control-max-age: 108000
content-type: application/x-javascript
access-control-allow-origin
access-control-allow-methods: GET,OPTIONS,POST
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 3926
expires: Sat, 27 May 2023 17:00:47 GMT

GET
H2 204 2
l.evidon.com/site/v3/1696/68973/3/1/3/ 0
120 B 331ms
113ms Image
text/plain 52.20.193.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.evidon.com/site/v3/1696/68973/3/1/3/2?consent=0&regulationid=2&regulationconsenttypeid=1&d=https://www.e-rewardsmedical.com/en/signup
Requested by: Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/en/signup?id=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.20.193.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-193-155.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 17:00:47 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

POST
H2 202 rum
rum.browser-intake-datadoghq.com/api/v2/ 0
0 462ms
242ms Ping
application/json 2600:1f18:24e6:b902:e093:7677:7f6:7f5c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.9.0%2Cservice%3Aresponse-experience-web&dd-api-key=pub0d8f728b476197d73aad467b563b8ec7&dd-evp-origin-version=4.9.0&dd-evp-origin=browser&dd-request-id=6e424bef-4f5e-4662-9faa-6cec7b5a4d8b&batch_time=1685034047154
Requested by: Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/blueprint/dist/apps/signup/signup.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b902:e093:7677:7f6:7f5c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.e-rewardsmedical.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 123ms
38ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-55103389-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 25 May 2023 15:04:54 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 6953
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Thu, 25 May 2023 17:04:54 GMT

GET
H2 204 63642
l.evidon.com/site/v3/1696/68973/3/5/3/2/ 0
121 B 295ms
110ms Image
text/plain 52.20.193.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.evidon.com/site/v3/1696/68973/3/5/3/2/63642?consent=0&regulationid=2&regulationconsenttypeid=1&d=https://www.e-rewardsmedical.com/en/signup
Requested by: Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/en/signup?id=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.20.193.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-193-155.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 17:00:47 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

GET
H2 204 63642
l.evidon.com/site/v3/1696/68973/3/1/3/2/ 0
120 B 296ms
111ms Image
text/plain 52.20.193.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.evidon.com/site/v3/1696/68973/3/1/3/2/63642?consent=0&regulationid=2&regulationconsenttypeid=1&d=https://www.e-rewardsmedical.com/en/signup
Requested by: Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/en/signup?id=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.20.193.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-193-155.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 17:00:47 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 59ms
21ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-DP16LK0FSJ&gtm=45je35m0&_p=1067502591&cid=764402958.1685034047&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1685034047&sct=1&seg=0&dl=https%3A%2F%2Fwww.e-rewardsmedical.com%2Fen%2Fsignup%3Fid%3D&dt=Sign%20Up%20for%20Online%20Surveys%20to%20Earn%20Rewards%20at%20e-Rewards%20Medical&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DP16LK0FSJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.e-rewardsmedical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 May 2023 17:00:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.e-rewardsmedical.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
213 B 45ms
45ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1067502591&t=pageview&_s=1&dl=https%3A%2F%2Fwww.e-rewardsmedical.com%2Fen%2Fsignup%3Fid%3D&ul=en-us&de=UTF-8&dt=Sign%20Up%20for%20Online%20Surveys%20to%20Earn%20Rewards%20at%20e-Rewards%20Medical&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aBDAAUABAAAAACAAI~&jid=453056246&gjid=712705341&cid=764402958.1685034047&tid=UA-55103389-1&_gid=602939291.1685034047&_r=1&gtm=457e35m0&jsscut=1&z=1041166439

Requested by

Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/blueprint/dist/apps/signup/signup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.e-rewardsmedical.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 25 May 2023 17:00:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.e-rewardsmedical.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
352 B 55ms
18ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-55103389-1&cid=764402958.1685034047&jid=453056246&gjid=712705341&_gid=602939291.1685034047&_u=aBDAAUAAAAAAACAAI~&z=858172164

Requested by

Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/blueprint/dist/apps/signup/signup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.e-rewardsmedical.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 25 May 2023 17:00:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.e-rewardsmedical.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.e-rewardsmedical.com/	1970-01-20 14:13:30	Name: _gcl_au Value: 1.1.1712294337.1685034047
.company-target.com/	1970-01-20 21:39:54	Name: tuuid Value: 2a9fcee9-c82f-449a-b6ab-d64dfd903166
.company-target.com/	1970-01-20 21:39:54	Name: tuuid_lu Value: 1685034047\|ix:0\|mctv:0\|rp:0
.casalemedia.com/	1970-01-20 20:49:30	Name: CMID Value: ZG.UP83yAA4yq6EgCJeIWAAA
.casalemedia.com/	1970-01-20 14:13:30	Name: CMPS Value: 5156
.casalemedia.com/	1970-01-20 14:13:30	Name: CMPRO Value: 5156
.e-rewardsmedical.com/	1970-01-20 21:39:54	Name: _ga_DP16LK0FSJ Value: GS1.1.1685034047.1.0.1685034047.0.0.0
.e-rewardsmedical.com/	1970-01-20 21:39:54	Name: _ga Value: GA1.2.764402958.1685034047
.e-rewardsmedical.com/	1970-01-20 12:05:20	Name: _gid Value: GA1.2.602939291.1685034047
.e-rewardsmedical.com/	1970-01-20 12:03:54	Name: _gat_gtag_UA_55103389_1 Value: 1
.tremorhub.com/	1970-01-20 20:49:50	Name: tvid Value: 90377643a83344e2bbbeb346585a433f
.tremorhub.com/	1970-01-20 21:39:54	Name: tv_UIDM Value: 2a9fcee9-c82f-449a-b6ab-d64dfd903166
www.e-rewardsmedical.com/	1970-01-20 12:03:54	Name: _dd_s Value: rum=1&id=c550bfc4-855d-4ced-8301-a5b26c2557c6&created=1685034046872&expire=1685034946872

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://id.rlcdn.com/464526.gif Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.company-target.com
assets.adobedtm.com
c.evidon.com
cdn4.rsncdn.com
darwin-assets.dynata.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
goggles.mw.dynata.com
id.rlcdn.com
l.evidon.com
partners.tremorhub.com
pixel.rubiconproject.com
region1.google-analytics.com
rum.browser-intake-datadoghq.com
s.company-target.com
stats.g.doubleclick.net
tag-logger.demandbase.com
tag.demandbase.com
upp-public.s3.amazonaws.com
www.e-rewardsmedical.com
www.google-analytics.com
www.googletagmanager.com
13.224.103.100
18.165.183.48
185.80.39.216
2.16.186.136
2001:4860:4802:32::36
2600:1f18:24e6:b902:e093:7677:7f6:7f5c
2600:1f18:612b:4200:f6d4:30b2:8e5e:6d5f
2600:9000:2190:4e00:18:d51a:a500:93a1
2600:9000:2190:fa00:18:d51a:a500:93a1
2600:9000:25a2:6000:17:5070:d6c0:93a1
2600:9000:25a2:7600:1f:ad95:87c0:93a1
2600:9000:25a2:b400:1d:8d6d:3b40:93a1
2a00:1450:4001:80e::2008
2a00:1450:4001:810::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:830::200e
2a00:1450:400c:c00::9b
2a02:26f0:3500:591::1e80
3.5.0.204
34.96.71.22
35.244.174.68
52.20.193.155
52.72.110.76
69.173.144.139
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
1586019660bbeecdf343d83cbec005fb8da84ab0eb68c5370399e8d622faf8fb
20d5a02ec7d5421576729df95cf099cd77ec9ef085fc21fdc2c1cf0fcceb94b9
21f994fb509ac277e73999a5b1a9546afa0e6a3ebf96a7d91ea923842d060720
2e4dbd4726732603def93076aea918dc680696b212e99abab318d9ebc1fadb90
35eebec575cd32883146e1cdb851853a277898aecf83a3ee5c2885323a2c45ba
372219227ed666257b7aa61abc7b1ef443b4d53ce8eb80e26bcceadb5a9c648a
53336aa630db1e3624ea59594157016c2999c600cc847c90defa1c8560d08b41
5d420d4cc480cfbab1e0e4c87971db5ec27c87d9a03f08d494e4a839e89fba1d
5f89c6ec73b6deadb1555f11606faf0b238fac8a02db5b115ee9cb088b10c290
6466d1ed5f65005efc1c63b9db38328b4bc3b4c9cadbbf652e1206f5af25968e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6beaa737a07b2cdd82921ee0c8f09b66a177140265905ce32c1ef9c1dfb59272
7ade28020e551a9aae381936e1bb6c2525e34b1c00112a16e77d19640de592b3
7ef4657399ec92e8d1df1ef2750df607aa638108252af85d47ed5ea40606b83f
829935e04fe7bb4c7163c1cbfe3839df1f8b4d3cb9a51ed5bff1624173e0f00a
863edf1500d305d04f32ca2b9676dc628c601b72b461d05f6c2b3692a3944c1d
86733e44008ab6f233c46a49a6176fab4d511ae82abc8fce5dfb009fc767228d
896bd9da117899827edb381eee72cb717fc9e01a0b9657682f297d333d402268
8a4e573b1a6f7eea3548d22b54c95a78e3e01957e9a3a5f2e43d7b9cbd91a629
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9d182832cad663ad4fda2fdab6110b0dd5c044772906b046a520bb7a1400f4cd
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b17302846a1204e55779d42c54db71cd6f17310eadc474901af601603fba2e7a
b9fa9e37892a9448e19fdaa02290c3c8e38f8a9394b1281e97125d91afb0cdcc
c3a3a9f738fb8ce22a65aee94ecb6826deab5a16a14f812283e2d79251fdde99
d3b2e47f4dd7891317e7ca95c10c4294d04a78be9a5013376a60e8767bb567a7
d64902cfbc365631d1c35e77e891aa3ad98b64fa6dfdbb245acd9d9ec17c8b42
dd5e2022f635153489c43ca6a6a9b2010d13543eed029d5c6dfe714deace3ea0
dd81812b6243e24c01ed9be8589d5fea74e0777057f0f75cc996f12d38542cb6
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e2026c165c4d75a84f9dad168ae6d70f79a782b22c9307b7d4c36097c1e10526
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
f301b8ee1bd315b1d21da86d09e7427c75344507166e9a7f3fea635e4a46a858
f42a6386b5073ba572bae2006e2ba59c692704da4346ec82140962c3cf6281dd
f8c39868e2892f78b3be40b5b6ebacd73e4262842762c8f70d94603fe7c8ec60
fd6321a73fa53c24f5ac39432a3eaf12305d410b415349e19278548b8a4deb75
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

www.e-rewardsmedical.com Open in urlscan Pro 2600:9000:2190:4e00:18:d51a:a500:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

48 Requests

92 %HTTPS

58 %IPv6

18 Domains

23 Subdomains

24 IPs

4 Countries

1137 kBTransfer

4204 kBSize

13 Cookies

2 Outgoing links

Page URL History

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.e-rewardsmedical.com Open in urlscan Pro
2600:9000:2190:4e00:18:d51a:a500:93a1 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

92 %
HTTPS

58 %
IPv6

18
Domains

23
Subdomains

24
IPs

4
Countries

1137 kB
Transfer

4204 kB
Size

13
Cookies

48 HTTP transactions
0 data transactions