med.easysurveys.net Open in urlscan Pro
52.49.217.234  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request enroll Show response med.easysurveys.net/	7 KB 4 KB	170ms 42ms	Document text/html	52.49.217.234 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://med.easysurveys.net/enroll Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.49.217.234 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-49-217-234.eu-west-1.compute.amazonaws.com Software Apache / Resource Hash 1615fd796c79022ee59d79e510b7efded1d5c5befa9f239960673d88bbef3d5b Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-cache Cache-control no-cache="set-cookie" Connection keep-alive Content-Encoding gzip Content-Length 2259 Content-Type text/html; charset=UTF-8 Date Sun, 28 May 2023 07:06:01 GMT Server Apache Vary Accept-Encoding,User-Agent
GET H2	200	api.js Show response www.google.com/recaptcha/	850 B 876 B	56ms 24ms	Script text/javascript	2a00:1450:4001:831::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js Requested by Host: med.easysurveys.net URL: https://med.easysurveys.net/enroll Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 3860159a79dfe110b5ddb3394443c46bf5ec1af3e95bfa898cfcb6fa2c940b6f Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://med.easysurveys.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Sun, 28 May 2023 07:06:01 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 556 x-xss-protection 1; mode=block expires Sun, 28 May 2023 07:06:01 GMT
GET H2	200	icon fonts.googleapis.com/	569 B 775 B	54ms 30ms	Stylesheet text/css	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/icon?family=Material+Icons Requested by Host: med.easysurveys.net URL: https://med.easysurveys.net/enroll Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://med.easysurveys.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sun, 28 May 2023 07:06:01 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 28 May 2023 07:06:01 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 28 May 2023 07:06:01 GMT
GET H2	200	materialize.min.css cdnjs.cloudflare.com/ajax/libs/materialize/1.0.0/css/	139 KB 18 KB	38ms 13ms	Stylesheet text/css	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/materialize/1.0.0/css/materialize.min.css Requested by Host: med.easysurveys.net URL: https://med.easysurveys.net/enroll Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3b079a3ff21ceabb15fa5cac7f24b887e2cceac470b8eddeb9361fafa335db88 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://med.easysurveys.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Sun, 28 May 2023 07:06:01 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 3501909 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 17475 last-modified Mon, 04 May 2020 16:12:46 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03efe-22a11" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ariJoOlja%2Fp2w%2Fr9eK4jUD1g51b094qKUXUJA8%2FWlPRkv4MfXJRQLk8n28HOUC7uY%2FYLH0hlaXBDas3C8rK8Ls1xeHImSzDGMsyTkTty8nWckO6mZeGQ89u6%2BrefciqwH15Bt6e72RR8HOCnwg9Okz0x"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 7ce4a7102a9d3830-FRA expires Fri, 17 May 2024 07:06:01 GMT
GET H/1.1	200 OK	style.css med.easysurveys.net/css/	337 B 500 B	34ms 34ms	Stylesheet text/css	52.49.217.234 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://med.easysurveys.net/css/style.css Requested by Host: med.easysurveys.net URL: https://med.easysurveys.net/enroll Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.49.217.234 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-49-217-234.eu-west-1.compute.amazonaws.com Software Apache / Resource Hash d8d28f782b508ebd5f91f58d4bef13063c2e055ce0a3f0c8b6d9804631f1b27c Request headers accept-language de-DE,de;q=0.9 Referer https://med.easysurveys.net/enroll User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Date Sun, 28 May 2023 07:06:01 GMT Content-Encoding gzip Last-Modified Tue, 10 Mar 2020 09:58:55 GMT Server Apache Vary Accept-Encoding,User-Agent Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 233
GET H/1.1	200 OK	logo-easy-surveys.png med.easysurveys.net/images/	20 KB 7 KB	91ms 31ms	Image image/png	52.49.217.234 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://med.easysurveys.net/images/logo-easy-surveys.png Requested by Host: med.easysurveys.net URL: https://med.easysurveys.net/enroll Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.49.217.234 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-49-217-234.eu-west-1.compute.amazonaws.com Software Apache / Resource Hash e8192bbc02a1077a08d6f6d8cf4fd299166cdb211db3ec6d30c60ad79897ca91 Request headers accept-language de-DE,de;q=0.9 Referer https://med.easysurveys.net/enroll User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Date Sun, 28 May 2023 07:06:01 GMT Content-Encoding gzip Last-Modified Tue, 10 Mar 2020 09:53:34 GMT Server Apache Vary Accept-Encoding,User-Agent Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 6554
GET H2	200	jquery-2.1.1.min.js Show response code.jquery.com/	82 KB 29 KB	41ms 9ms	Script application/javascript	2001:4de0:ac18::1:a:3b STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-2.1.1.min.js Requested by Host: med.easysurveys.net URL: https://med.easysurveys.net/enroll Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash 874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4 Request headers accept-language de-DE,de;q=0.9 Referer https://med.easysurveys.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Sun, 28 May 2023 07:06:01 GMT content-encoding gzip last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx etag W/"28feccc0-14915" vary Accept-Encoding x-hw 1685257561.dop265.fr8.t,1685257561.cds338.fr8.hn,1685257561.cds246.fr8.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 29482
GET H2	200	materialize.min.js Show response cdnjs.cloudflare.com/ajax/libs/materialize/1.0.0/js/	177 KB 36 KB	39ms 15ms	Script application/javascript	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/materialize/1.0.0/js/materialize.min.js Requested by Host: med.easysurveys.net URL: https://med.easysurveys.net/enroll Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 53f7070cc4c81c278c72f7a106fd71434e766cf49b26d6ee8b0e1003d7132b3d Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://med.easysurveys.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Sun, 28 May 2023 07:06:01 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 2657031 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 36877 last-modified Mon, 04 May 2020 16:12:46 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03efe-2c375" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9iW569Lzit6WaAaNjA9eCo3dVlaMmN4jhia3Mfu7X7itUf72H4dGh1RObNwcILZFmTmDP29QG0xL3eM67I56Y0NOkZIuUDLvT4%2FQX%2BRiWbUX%2FZqktTjt2WJSUqygF3GUioXLQ%2B2Z2L67ohyvBThC9WMf"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 7ce4a7102a9e3830-FRA expires Fri, 17 May 2024 07:06:01 GMT
GET H2	200	rfg-fp.js Show response survey.saysoforgood.com/utils/	5 KB 6 KB	319ms 106ms	Script application/x-javascript	3.214.105.5 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://survey.saysoforgood.com/utils/rfg-fp.js Requested by Host: med.easysurveys.net URL: https://med.easysurveys.net/enroll Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.214.105.5 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-214-105-5.compute-1.amazonaws.com Software nginx/1.20.0 / Resource Hash c8265c5465173bdf517dcefab182b174d101b73b6cd82d5bc09beb3a37c22bc6 Request headers accept-language de-DE,de;q=0.9 Referer https://med.easysurveys.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Sun, 28 May 2023 07:06:01 GMT server nginx/1.20.0 x-trace 2B5FD438BC663082096A55A2E21737B915057B9321000000000000000000 content-length 5409 content-type application/x-javascript
GET H/1.1	200 OK	init.js Show response med.easysurveys.net/js/	32 KB 10 KB	69ms 36ms	Script text/javascript	52.49.217.234 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://med.easysurveys.net/js/init.js Requested by Host: med.easysurveys.net URL: https://med.easysurveys.net/enroll Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.49.217.234 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-49-217-234.eu-west-1.compute.amazonaws.com Software Apache / Resource Hash 91c9090031116419b166c58750a1a45e885266a4cb4c7d0623ad1417835c4643 Request headers accept-language de-DE,de;q=0.9 Referer https://med.easysurveys.net/enroll User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Date Sun, 28 May 2023 07:06:01 GMT Content-Encoding gzip Last-Modified Tue, 10 Mar 2020 09:58:56 GMT Server Apache Vary Accept-Encoding,User-Agent Content-Type text/javascript Connection keep-alive Accept-Ranges bytes Content-Length 9900
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/	410 KB 165 KB	31ms 8ms	Script text/javascript	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9e2831acb97097ce89e609e9ff841c6c6293ffeb1ce3e2acc07dfcdeeaa621fd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://med.easysurveys.net/ Origin https://med.easysurveys.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Sat, 27 May 2023 14:16:43 GMT content-encoding gzip x-content-type-options nosniff age 60558 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 168302 x-xss-protection 0 last-modified Mon, 22 May 2023 20:58:33 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sun, 26 May 2024 14:16:43 GMT
GET H2	200	flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 fonts.gstatic.com/s/materialicons/v140/	125 KB 126 KB	38ms 8ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/icon?family=Material+Icons Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://med.easysurveys.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Sat, 27 May 2023 12:25:59 GMT x-content-type-options nosniff age 67202 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 128352 x-xss-protection 0 last-modified Tue, 07 Mar 2023 19:51:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 26 May 2024 12:25:59 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	51 KB 21 KB	39ms 7ms	Script text/javascript	2a00:1450:4001:829::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: med.easysurveys.net URL: https://med.easysurveys.net/enroll Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://med.easysurveys.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Sun, 28 May 2023 07:04:54 GMT last-modified Mon, 17 Apr 2023 22:36:01 GMT server Golfe2 age 67 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20737 expires Sun, 28 May 2023 09:04:54 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	15 B 224 B	14ms 13ms	XHR text/plain	2a00:1450:4001:829::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j100&a=2032583378&t=pageview&_s=1&dl=https%3A%2F%2Fmed.easysurveys.net%2Fenroll&ul=en-us&de=UTF-8&dt=Easy%20Surveys%20-%20Surveys%20for%20everyone&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=2095291533&gjid=804776020&cid=1548031966.1685257562&tid=UA-79032812-1&_gid=1288603989.1685257562&_r=1&_slc=1&z=628181372 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6eca845ff40be08d3b086e4b0c149679741dfb885b96d6d04bf695ceda981a0f Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://med.easysurveys.net/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 28 May 2023 07:06:01 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://med.easysurveys.net cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	203 KB 73 KB	53ms 23ms	Script application/javascript	2a00:1450:4001:80b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-G42097W63D&cx=c&_slc=1 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 6a3a668ad08a1e007063cd1fa622f8269c7f2e0e790c47b13f6cd1c4dd5741bb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://med.easysurveys.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Sun, 28 May 2023 07:06:02 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 74692 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sun, 28 May 2023 07:06:02 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 257 B	43ms 13ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-G42097W63D&gtm=45je35o0&_p=2032583378&cid=1548031966.1685257562&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBA&ngs=1&_s=1&sid=1685257562&sct=1&seg=0&dl=https%3A%2F%2Fmed.easysurveys.net%2Fenroll&dt=Easy%20Surveys%20-%20Surveys%20for%20everyone&en=page_view&_fv=1&_ss=1&_ee=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-G42097W63D&cx=c&_slc=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://med.easysurveys.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers pragma no-cache date Sun, 28 May 2023 07:06:02 GMT server Golfe2 content-type text/plain access-control-allow-origin https://med.easysurveys.net cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| $ function| jQuery function| _get function| _createClass function| _possibleConstructorReturn function| _inherits function| _classCallCheck function| Component function| docHandleKeydown function| docHandleKeyup function| docHandleFocus function| docHandleBlur function| getTime object| $jscomp object| $jscomp$this function| cash object| M object| Waves object| recaptcha function| Fingerprint function| Fingerprint2 string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| dataLayer object| google_tag_manager

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			med.easysurveys.net/	1970-01-20 12:07:44	Name: XSRF-TOKEN Value: eyJpdiI6IkxOcjJDRWRTNjdTQ2Y0VkJaRWlMUkE9PSIsInZhbHVlIjoiQXJoU3gwamlCM1c0Y3ZwSDZaZmcwOHJWRWc1djVNU2d4Q2JxSmdHQnd3NjltK1paekdieUNNTmF4c0hVUzRWMG9PenlpYldQN1ZwaDJCTVhNREIwWGc9PSIsIm1hYyI6ImNiZjE1ZGI0NTllZGFiMWZkYTI2ZTM4YmI3MTI2MjFiMDk5OTBkNGRlYWMxYjhmYzFlNzIzNTUyNmUwMThjNTIifQ%3D%3D
			med.easysurveys.net/	1970-01-20 12:07:44	Name: laravel_session Value: eyJpdiI6IjNERnJoSWdGRWhuNmE3WmVcL2tmc21RPT0iLCJ2YWx1ZSI6IjVma2t4R2lrOXFlb0ZTYWFESCtiQktEZ3MxVytqSktjVmFaMEJORjVsWnlyakpaeE5XYVBkaGtXb0tvek1RSTBRSGE3dW1IZ1wvckFDcWhhXC83elhvZ1E9PSIsIm1hYyI6ImM1ZGI4ZDZlZDMyMTgyYjRiMTlkOTVkYWMyNTVkYjBiZGUzNmQyMmE5ZTRhN2FlNTM3OGM4OGNjMjdlOWRlOWEifQ%3D%3D
			med.easysurveys.net/	1969-12-31 23:59:59	Name: AWSELB Value: 7319C9851ED43FA656A234EEB72A18F0B6D103A09C2DB5F5B67825E4DC0C660351CA05488BD4A43BE1DF9C82A0C9663770752A49E85A7E8A973F3CF50DADEF81F9697FBF1C
			med.easysurveys.net/	1969-12-31 23:59:59	Name: AWSELBCORS Value: 7319C9851ED43FA656A234EEB72A18F0B6D103A09C2DB5F5B67825E4DC0C660351CA05488BD4A43BE1DF9C82A0C9663770752A49E85A7E8A973F3CF50DADEF81F9697FBF1C
			survey.saysoforgood.com/	1970-01-20 12:17:42	Name: AWSALBCORS Value: Uiep2WME3tTBCBQtLP0ji/5t/GRAKA5jd7xiZzQm3k24nZWB7oeiPG6nRNGTzhcCU5CjqI9RtsqoAtTYISEJeN+2ebxHKlM73sPuGXH+qpFHG8AwjSAVxJP7NUNp
			survey.saysoforgood.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: 76D8736281241C18480C031C83662B01
			.easysurveys.net/	1970-01-20 12:09:03	Name: _gid Value: GA1.2.1288603989.1685257562
			.easysurveys.net/	1970-01-20 12:07:37	Name: _gat Value: 1
			.easysurveys.net/	1970-01-20 21:43:37	Name: _ga_G42097W63D Value: GS1.1.1685257562.1.0.1685257562.0.0.0
			.easysurveys.net/	1970-01-20 21:43:37	Name: _ga Value: GA1.1.1548031966.1685257562

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
med.easysurveys.net
region1.google-analytics.com
survey.saysoforgood.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
2001:4860:4802:32::36
2001:4de0:ac18::1:a:3b
2606:4700::6811:190e
2a00:1450:4001:80b::2008
2a00:1450:4001:813::2003
2a00:1450:4001:827::2003
2a00:1450:4001:828::200a
2a00:1450:4001:829::200e
2a00:1450:4001:831::2004
3.214.105.5
52.49.217.234
1615fd796c79022ee59d79e510b7efded1d5c5befa9f239960673d88bbef3d5b
3860159a79dfe110b5ddb3394443c46bf5ec1af3e95bfa898cfcb6fa2c940b6f
3b079a3ff21ceabb15fa5cac7f24b887e2cceac470b8eddeb9361fafa335db88
53f7070cc4c81c278c72f7a106fd71434e766cf49b26d6ee8b0e1003d7132b3d
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
6a3a668ad08a1e007063cd1fa622f8269c7f2e0e790c47b13f6cd1c4dd5741bb
6eca845ff40be08d3b086e4b0c149679741dfb885b96d6d04bf695ceda981a0f
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
91c9090031116419b166c58750a1a45e885266a4cb4c7d0623ad1417835c4643
9e2831acb97097ce89e609e9ff841c6c6293ffeb1ce3e2acc07dfcdeeaa621fd
c8265c5465173bdf517dcefab182b174d101b73b6cd82d5bc09beb3a37c22bc6
d8d28f782b508ebd5f91f58d4bef13063c2e055ce0a3f0c8b6d9804631f1b27c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8192bbc02a1077a08d6f6d8cf4fd299166cdb211db3ec6d30c60ad79897ca91