urlscan.io logo urlscan.io
SecurityTrails logo

www.e-rewardsmedical.com Open in urlscan Pro
2600:9000:2306:2000:18:d51a:a500:93a1  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.e-rewardsmedical.com/
Submission: On May 22 via manual from VE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 4 countries across 17 domains to perform 51 HTTP transactions. The main IP is 2600:9000:2306:2000:18:d51a:a500:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.e-rewardsmedical.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 22nd 2023. Valid for: 5 months.
This is the only time www.e-rewardsmedical.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

8    2600:9000:2306:2000:18:d51a:a500:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.e-rewardsmedical.com
9    2600:9000:201a:ca00:1f:ad95:87c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn4.rsncdn.com
2    52.72.110.76 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-110-76.compute-1.amazonaws.com
goggles.mw.dynata.com
1    3.5.29.141 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3-1-w.amazonaws.com
upp-public.s3.amazonaws.com
1    2a02:26f0:480:980::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    13.32.27.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-69.fra56.r.cloudfront.net
tag.demandbase.com
5    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:2259:ce00:17:5070:d6c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
darwin-assets.dynata.com
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
1    108.139.210.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-210-54.fco50.r.cloudfront.net
api.company-target.com
7    2.16.187.10 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-187-10.deploy.static.akamaitechnologies.com
c.evidon.com
3    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:400c:c09::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
1    2600:1f18:612b:4200:5bb:451c:42bf:bf21 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
partners.tremorhub.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
3    3.94.46.20 (Chicago, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-94-46-20.compute-1.amazonaws.com
l.evidon.com
Apex Domain
Subdomains		 Transfer
10 evidon.com
c.evidon.com — Cisco Umbrella Rank: 1329
l.evidon.com — Cisco Umbrella Rank: 9168
41 KB
9 rsncdn.com
cdn4.rsncdn.com — Cisco Umbrella Rank: 190447
148 KB
8 e-rewardsmedical.com
www.e-rewardsmedical.com
454 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
267 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
region1.google-analytics.com — Cisco Umbrella Rank: 2230
21 KB
3 gstatic.com
fonts.gstatic.com
69 KB
3 dynata.com
goggles.mw.dynata.com — Cisco Umbrella Rank: 290852
darwin-assets.dynata.com — Cisco Umbrella Rank: 206644
4 KB
2 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530
2 KB
2 company-target.com
s.company-target.com — Cisco Umbrella Rank: 1528
api.company-target.com — Cisco Umbrella Rank: 3147
3 KB
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 315
239 B
1 tremorhub.com
partners.tremorhub.com — Cisco Umbrella Rank: 1013
391 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 76
352 B
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 629
98 B
1 demandbase.com
tag.demandbase.com — Cisco Umbrella Rank: 3983
20 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
964 B
1 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 448
9 KB
1 amazonaws.com
upp-public.s3.amazonaws.com — Cisco Umbrella Rank: 442941
66 KB
51 17
Domain Requested by
9 cdn4.rsncdn.com www.e-rewardsmedical.com
8 www.e-rewardsmedical.com www.e-rewardsmedical.com
7 c.evidon.com 1 redirects www.e-rewardsmedical.com
c.evidon.com
5 www.googletagmanager.com www.e-rewardsmedical.com
www.googletagmanager.com
3 l.evidon.com www.e-rewardsmedical.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.e-rewardsmedical.com
3 fonts.gstatic.com fonts.googleapis.com
2 dsum-sec.casalemedia.com 1 redirects s.company-target.com
2 goggles.mw.dynata.com 1 redirects www.e-rewardsmedical.com
1 pixel.rubiconproject.com s.company-target.com
1 partners.tremorhub.com s.company-target.com
1 stats.g.doubleclick.net www.google-analytics.com
1 region1.google-analytics.com www.googletagmanager.com
1 api.company-target.com tag.demandbase.com
1 id.rlcdn.com www.e-rewardsmedical.com
1 s.company-target.com tag.demandbase.com
1 darwin-assets.dynata.com www.e-rewardsmedical.com
1 tag.demandbase.com www.e-rewardsmedical.com
1 fonts.googleapis.com www.e-rewardsmedical.com
1 assets.adobedtm.com www.e-rewardsmedical.com
1 upp-public.s3.amazonaws.com www.e-rewardsmedical.com
51 21

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.e-rewardsmedical.de
Subject Issuer Validity Valid
e-rewardsmedical.com
Amazon RSA 2048 M02		 2023-02-22 -
2023-07-21		 5 months crt.sh
cdn4.rsncdn.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-01-23		 a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-19 -
2023-08-19		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
tag.demandbase.com
Go Daddy Secure Certificate Authority - G2		 2022-08-17 -
2023-09-18		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.dynata.com
Amazon RSA 2048 M02		 2023-05-17 -
2024-06-13		 a year crt.sh
*.mw.dynata.com
Amazon RSA 2048 M01		 2023-02-28 -
2023-07-26		 5 months crt.sh
*.company-target.com
R3		 2023-04-19 -
2023-07-18		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
api.demandbase.com
Go Daddy Secure Certificate Authority - G2		 2022-09-16 -
2023-10-18		 a year crt.sh
betrad.com
R3		 2023-04-04 -
2023-07-03		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.tremorhub.com
Amazon RSA 2048 M01		 2023-02-22 -
2024-03-23		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.evidon.com
Amazon RSA 2048 M02		 2023-02-24 -
2023-11-06		 8 months crt.sh

This page contains 2 frames:

Primary Page: https://www.e-rewardsmedical.com/
Frame ID: BE7CD23890FD39260B609BC261BFCADC
Requests: 47 HTTP requests in this frame

Frame: https://s.company-target.com/s/sync?exc=lr
Frame ID: C5D1AE6C15275B8AC1CFB4A3FA09DDC0
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Paid Surveys | Take an Online Survey at e-Rewards Medical

Detected technologies

Overall confidence: 100%
Detected patterns
  • c\.evidon\.com
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

51
Requests

94 %
HTTPS

52 %
IPv6

17
Domains

21
Subdomains

21
IPs

4
Countries

1104 kB
Transfer

3597 kB
Size

13
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://goggles.mw.dynata.com/api/v1/upp/global.js HTTP 302
  • https://upp-public.s3.amazonaws.com/upp-client/1.2.2/global.js?v=3
Request Chain 33
  • https://c.evidon.com/sitenotice/1696/e-rewardsmedical/settings.js HTTP 301
  • https://c.evidon.com/sitenotice/1696/e-rewardsmedical/settingsV2.js
Request Chain 41
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1700692492&external_user_id=27870455-e6e5-4f20-84b3-cc3e80d82efc HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1700692492&external_user_id=27870455-e6e5-4f20-84b3-cc3e80d82efc&C=1

51 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.e-rewardsmedical.com/ 		177 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.e-rewardsmedical.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2306:2000:18:d51a:a500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
6a340bc6240e4f3c467de43f0efef0e0a065d5f1f0bf61a9ae963ae2374a6ce5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=604800
content-encoding
br
content-length
34290
content-type
text/html
date
Mon, 22 May 2023 22:34:50 GMT
etag
"41f80a29e3696c63409628a3c4d9d9c1"
last-modified
Thu, 04 May 2023 22:33:12 GMT
server
nginx/1.21.6
vary
Accept-Encoding,Cookie
via
1.1 c9e2e887b99cf6f6eca356fe3b5edfaa.cloudfront.net (CloudFront)
x-amz-cf-id
i383J-ImPINF836cFI4Bx_-qMQ25KzSzxuVOPwmZv49G60mGC52A7A==
x-amz-cf-pop
FCO50-P3
x-cache
Miss from cloudfront
x-stats
@br_1st; 0.029; 0.001; 0.029
style.css
www.e-rewardsmedical.com/blueprint/dist/stylesheets/ 		814 KB
133 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.e-rewardsmedical.com/blueprint/dist/stylesheets/style.css
Requested by
Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2306:2000:18:d51a:a500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
20d5a02ec7d5421576729df95cf099cd77ec9ef085fc21fdc2c1cf0fcceb94b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewardsmedical.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 16 May 2023 17:20:59 GMT
content-encoding
br
via
1.1 c9e2e887b99cf6f6eca356fe3b5edfaa.cloudfront.net (CloudFront)
last-modified
Thu, 04 May 2023 22:28:34 GMT
server
nginx/1.21.6
x-stats
@br_1st; 0.106; 0.001; 0.106
x-amz-cf-pop
FCO50-P3
age
537231
etag
"f301d52aaa44c5656fbb4e03729c61e3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=604800
content-length
135382
x-amz-cf-id
QZBVDSDRTwZ0qhkO8cGtpOVwSHCOJAlF8EM6aBFNL_LsRK_YNb82ww==
default.css
www.e-rewardsmedical.com/blueprint/dist/stylesheets/layouts/default/ 		255 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.e-rewardsmedical.com/blueprint/dist/stylesheets/layouts/default/default.css
Requested by
Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2306:2000:18:d51a:a500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
b9fa9e37892a9448e19fdaa02290c3c8e38f8a9394b1281e97125d91afb0cdcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewardsmedical.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 22:34:50 GMT
content-encoding
br
via
1.1 c9e2e887b99cf6f6eca356fe3b5edfaa.cloudfront.net (CloudFront)
last-modified
Thu, 04 May 2023 22:26:57 GMT
server
nginx/1.21.6
x-stats
@br_1st; 0.053; 0.001; 0.053
x-amz-cf-pop
FCO50-P3
age
17932
etag
"e0b93ed0290b562a0691d82823e7fc8a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=604800
content-length
52063
x-amz-cf-id
k3N_kW7DK1sOhINaEMvfL43z-n4Rhqv2yow87GEYWa6c_r8C8aRmvQ==
icons.js
www.e-rewardsmedical.com/blueprint/dist/common/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.e-rewardsmedical.com/blueprint/dist/common/icons.js
Requested by
Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2306:2000:18:d51a:a500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
35eebec575cd32883146e1cdb851853a277898aecf83a3ee5c2885323a2c45ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewardsmedical.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 22:34:50 GMT
content-encoding
br
via
1.1 c9e2e887b99cf6f6eca356fe3b5edfaa.cloudfront.net (CloudFront)
last-modified
Thu, 04 May 2023 22:17:30 GMT
server
nginx/1.21.6
x-stats
@br_1st; 0.052; 0.001; 0.051
x-amz-cf-pop
FCO50-P3
age
17932
etag
"2563a77b865dd94fa2da639892fd140a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=604800
content-length
4039
x-amz-cf-id
-djujfOd1nx3oRPr96VUNh8D2AoEkBKokjkGmdiE-ZZa5__3LwUoCg==
91e174c5-f1f3-4fb3-a187-7c97b057bb76
cdn4.rsncdn.com/prd/dynamicAsset/partner1/asset_logo/700/en_US/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.rsncdn.com/prd/dynamicAsset/partner1/asset_logo/700/en_US/91e174c5-f1f3-4fb3-a187-7c97b057bb76
Requested by
Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:201a:ca00:1f:ad95:87c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.17.8 /
Resource Hash
dd5e2022f635153489c43ca6a6a9b2010d13543eed029d5c6dfe714deace3ea0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewardsmedical.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 22:34:51 GMT
via
1.1 7d28c602911eeec3ffd74f76816b0dda.cloudfront.net (CloudFront)
last-modified
Thu, 19 Mar 2020 19:05:16 GMT
server
nginx/1.17.8
x-stats
@webp; 0.103; 0.008; 0.100
x-amz-cf-pop
FCO50-C2
etag
"2fff03c4c5895f6d1bee1778fa3b8813"
vary
Accept
x-cache
Miss from cloudfront
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
5704
x-amz-cf-id
80_oMCQn1zRGRGnsgaVLs27MU_Hr7pHwq3NHOZrJOthe-XycMAEfAw==
6650009f-060e-4b39-843b-77012dc11102
cdn4.rsncdn.com/prd/dynamicAsset/partner1/asset_mobileLogo/700/en_US/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.rsncdn.com/prd/dynamicAsset/partner1/asset_mobileLogo/700/en_US/6650009f-060e-4b39-843b-77012dc11102
Requested by
Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:201a:ca00:1f:ad95:87c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.17.8 /
Resource Hash
dd5e2022f635153489c43ca6a6a9b2010d13543eed029d5c6dfe714deace3ea0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewardsmedical.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 22:34:51 GMT
via
1.1 7d28c602911eeec3ffd74f76816b0dda.cloudfront.net (CloudFront)
last-modified
Thu, 19 Mar 2020 19:05:17 GMT
server
nginx/1.17.8
x-stats
@webp; 0.069; 0.008; 0.068
x-amz-cf-pop
FCO50-C2
etag
"2fff03c4c5895f6d1bee1778fa3b8813"
vary
Accept
x-cache
Miss from cloudfront
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
5704
x-amz-cf-id
fSfUGubgVF0DecxR8b3Q6iWHz4L7_Ds0_8brAIeLDolmzfAisRtuGw==
9c61354a-356e-49dc-a8ca-0ef26a67b702
cdn4.rsncdn.com/prd/dynamicAsset/partner1/asset_pages_home_promo1/700/en_US/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.rsncdn.com/prd/dynamicAsset/partner1/asset_pages_home_promo1/700/en_US/9c61354a-356e-49dc-a8ca-0ef26a67b702
Requested by
Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:201a:ca00:1f:ad95:87c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.17.8 /
Resource Hash
4ec4f124fe5eaf4c5f31c0de64f2af2ecd6ea37feb12fe8bd9b68fc62e1948bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewardsmedical.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 20:43:31 GMT
via
1.1 7d28c602911eeec3ffd74f76816b0dda.cloudfront.net (CloudFront)
last-modified
Thu, 19 Mar 2020 19:05:21 GMT
server
nginx/1.17.8
x-stats
@webp; 0.069; 0.012; 0.068
x-amz-cf-pop
FCO50-C2
age
4240280
etag
"ecb8e0a919a3d6282932186b27168de9"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
11504
x-amz-cf-id
fBSJvU55-RC-8yi_o-nRvJuTAWV41ZZzQ7q668IzOTQseMEXOA1bog==
fbff0dd8-35cc-41fa-8c8b-77e5164ed5be
cdn4.rsncdn.com/prd/dynamicAsset/partner1/asset_pages_home_promo2/701/en_GB/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.rsncdn.com/prd/dynamicAsset/partner1/asset_pages_home_promo2/701/en_GB/fbff0dd8-35cc-41fa-8c8b-77e5164ed5be
Requested by
Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:201a:ca00:1f:ad95:87c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.17.8 /
Resource Hash
ad5efbf0243c127a16ee17309b7df316000d43e9309132f80638a3d2f267fcd9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewardsmedical.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 19:59:41 GMT
via
1.1 7d28c602911eeec3ffd74f76816b0dda.cloudfront.net (CloudFront)
last-modified
Thu, 19 Mar 2020 19:05:22 GMT
server
nginx/1.17.8
x-stats
@webp; 0.071; 0.008; 0.068
x-amz-cf-pop
FCO50-C2
age
441310
etag
"7d166d04b16d23f45f332175e464774f"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
13922
x-amz-cf-id
zaZmFkT-lRWuAdi1jhPSW6HaY4wM7JrAA6oflYBppfzLGFXr-SpLbw==
4587256b-7e62-4860-833a-75e3dbf866b1
cdn4.rsncdn.com/prd/dynamicAsset/partner1/asset_pages_home_promo3/700/en_US/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.rsncdn.com/prd/dynamicAsset/partner1/asset_pages_home_promo3/700/en_US/4587256b-7e62-4860-833a-75e3dbf866b1
Requested by
Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:201a:ca00:1f:ad95:87c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.17.8 /
Resource Hash
5978105111d1faf87819e711fdc4a3c02cc3be18ca872e384f9449bc961ddb8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewardsmedical.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 19:59:42 GMT
via
1.1 7d28c602911eeec3ffd74f76816b0dda.cloudfront.net (CloudFront)
last-modified
Thu, 19 Mar 2020 19:05:23 GMT
server
nginx/1.17.8
x-stats
@webp; 0.075; 0.008; 0.072
x-amz-cf-pop
FCO50-C2
age
441309
etag
"a55a9a6a7b98cfb25326b84d5258ad42"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
24362
x-amz-cf-id
bYQfbWJOpzOvcKgp6IbkksOTmKPeSXb16SvbFaALalqEWwJ4GdC4Hg==
global.js
upp-public.s3.amazonaws.com/upp-client/1.2.2/
Redirect Chain
  • https://goggles.mw.dynata.com/api/v1/upp/global.js
  • https://upp-public.s3.amazonaws.com/upp-client/1.2.2/global.js?v=3
66 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://upp-public.s3.amazonaws.com/upp-client/1.2.2/global.js?v=3
Requested by
Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/
Protocol
HTTP/1.1
Server
3.5.29.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
e2026c165c4d75a84f9dad168ae6d70f79a782b22c9307b7d4c36097c1e10526

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewardsmedical.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 22:34:52 GMT
Last-Modified
Thu, 04 May 2023 00:06:49 GMT
Server
AmazonS3
x-amz-request-id
J346W87DP3SYNZW5
ETag
"7c9e31cb51b1191324d4198c02606049"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
67494
x-amz-id-2
EDspUOLFqbcLHoW10B2Qof754gX7V59Z1WHXESrx+WeBJtY0qnFqEFOB480nZl8VMX3zUkmsHoiSTPwxnTq1vfXICQS71+L9Yy5U+RfS/W8=

Redirect headers

date
Mon, 22 May 2023 22:34:51 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
text/html; charset=utf-8
location
https://upp-public.s3.amazonaws.com/upp-client/1.2.2/global.js?v=3
access-control-allow-origin
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, paneldomainid
content-length
110
nectarCanvass2-global.js
www.e-rewardsmedical.com/blueprint/dist/packages/ 		617 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.e-rewardsmedical.com/blueprint/dist/packages/nectarCanvass2-global.js
Requested by
Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2306:2000:18:d51a:a500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
6beaa737a07b2cdd82921ee0c8f09b66a177140265905ce32c1ef9c1dfb59272

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewardsmedical.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 22:34:51 GMT
content-encoding
br
via
1.1 c9e2e887b99cf6f6eca356fe3b5edfaa.cloudfront.net (CloudFront)
last-modified
Thu, 04 May 2023 22:18:06 GMT
server
nginx/1.21.6
x-stats
@br_1st; 0.095; 0.001; 0.095
x-amz-cf-pop
FCO50-P3
age
17932
etag
"09b41789e411461aee348f494eb899b0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=604800
content-length
138128
x-amz-cf-id
PmQob1OcpfmAf8AHV4gJHJvqCOcbtPk8h7XrfNl6oAbY5Me-MIAiFg==
home.js
www.e-rewardsmedical.com/blueprint/dist/apps/home/ 		133 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.e-rewardsmedical.com/blueprint/dist/apps/home/home.js
Requested by
Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2306:2000:18:d51a:a500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
04a0e8a0a40fe18f405e9155fdbe0604318c8fb0038b912884bd0700ddb544ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewardsmedical.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 22:34:51 GMT
content-encoding
br
via
1.1 c9e2e887b99cf6f6eca356fe3b5edfaa.cloudfront.net (CloudFront)
last-modified
Thu, 04 May 2023 22:17:16 GMT
server
nginx/1.21.6
x-stats
@br_1st; 0.049; 0.001; 0.050
x-amz-cf-pop
FCO50-P3
age
17932
etag
"6d369252572194c9f3a3a7932d4756d1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=604800
content-length
29641
x-amz-cf-id
r5UVbacsCtzvweaeW3d9Ed1ua2oiSHwzrGYDOttbJsg1VyVbOZsaeQ==
layout.js
www.e-rewardsmedical.com/blueprint/dist/common/ 		2 KB
1016 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.e-rewardsmedical.com/blueprint/dist/common/layout.js
Requested by
Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2306:2000:18:d51a:a500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
f42a6386b5073ba572bae2006e2ba59c692704da4346ec82140962c3cf6281dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewardsmedical.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 16 May 2023 17:21:00 GMT
content-encoding
br
via
1.1 c9e2e887b99cf6f6eca356fe3b5edfaa.cloudfront.net (CloudFront)
last-modified
Thu, 04 May 2023 22:17:32 GMT
server
nginx/1.21.6
x-stats
@br_1st; 0.077; 0.001; 0.077
x-amz-cf-pop
FCO50-P3
age
537231
etag
"a2a72ad595d6c76eebe99e0fbe166647"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=604800
content-length
608
x-amz-cf-id
FCzxNaBa5RCbBDtDXPhnfdaGWdsxXWslqiSUUhRjJ2Si7lpFaeLvJw==
launch-f1138988d326.min.js
assets.adobedtm.com/e3aee76e417e/83f07140de93/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/e3aee76e417e/83f07140de93/launch-f1138988d326.min.js
Requested by
Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:980::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1586019660bbeecdf343d83cbec005fb8da84ab0eb68c5370399e8d622faf8fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewardsmedical.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 22:34:51 GMT
content-encoding
gzip
last-modified
Wed, 30 Mar 2022 10:23:00 GMT
server
AkamaiNetStorage
etag
"8834979ec70d0b3266dfffacc5f098a0:1648635780.232077"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.e-rewardsmedical.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
9266
expires
Mon, 22 May 2023 23:34:51 GMT
css
fonts.googleapis.com/ 		6 KB
964 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400italic,400,700,700italic
Requested by
Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/blueprint/dist/stylesheets/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c3a3a9f738fb8ce22a65aee94ecb6826deab5a16a14f812283e2d79251fdde99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewardsmedical.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 22 May 2023 22:34:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 22 May 2023 22:34:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 May 2023 22:34:51 GMT
fbbfa731-7078-4384-9f63-c479499c1ca1
cdn4.rsncdn.com/prd/dynamicAsset/partner1/asset_pages_home_hero/700/en_US/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.rsncdn.com/prd/dynamicAsset/partner1/asset_pages_home_hero/700/en_US/fbbfa731-7078-4384-9f63-c479499c1ca1
Requested by
Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:201a:ca00:1f:ad95:87c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.17.8 /
Resource Hash
56f217ced76659755521b1d86876af6ec34ec0769a411f270ada706ebe98a61e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewardsmedical.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 19:59:49 GMT
via
1.1 7d28c602911eeec3ffd74f76816b0dda.cloudfront.net (CloudFront)
last-modified
Thu, 19 Mar 2020 19:05:20 GMT
server
nginx/1.17.8
x-stats
@webp; 0.060; 0.016; 0.060
x-amz-cf-pop
FCO50-C2
age
441302
etag
"a373c8b670a76dcfc58ca3de0c08af6b"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
33804
x-amz-cf-id
ZoOOEHiAaOSQPH7pYj2OSw4Z_LVqmQmjgh-2EaxU1BInmFU_yr6ghg==
1ce0a647-f4d2-44a5-a957-c4554d66bc88
cdn4.rsncdn.com/prd/dynamicAsset/partner1/asset_loggedOutBottomPromo1/700/en_US/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.rsncdn.com/prd/dynamicAsset/partner1/asset_loggedOutBottomPromo1/700/en_US/1ce0a647-f4d2-44a5-a957-c4554d66bc88
Requested by
Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:201a:ca00:1f:ad95:87c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.17.8 /
Resource Hash
59079286b0238de36400d1318ccac19bf9cbb4a4997feeb5a4f0de4412985b9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewardsmedical.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:25:50 GMT
via
1.1 7d28c602911eeec3ffd74f76816b0dda.cloudfront.net (CloudFront)
last-modified
Thu, 19 Mar 2020 19:05:10 GMT
server
nginx/1.17.8
x-stats
@webp; 0.065; 0.012; 0.068
x-amz-cf-pop
FCO50-C2
age
616141
etag
"57194214c8a4a6699560865b7555a8a9"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
19080
x-amz-cf-id
-TpBZAd2nMQgfNbWNygHnghmwCJEjUVB0WTknWQ25Lm5_Vm0eaPwOA==
55dbe987-6109-4360-967c-a28c890749ce
cdn4.rsncdn.com/prd/dynamicAsset/partner1/asset_loggedOutBottomPromo2/700/en_US/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.rsncdn.com/prd/dynamicAsset/partner1/asset_loggedOutBottomPromo2/700/en_US/55dbe987-6109-4360-967c-a28c890749ce
Requested by
Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:201a:ca00:1f:ad95:87c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.17.8 /
Resource Hash
3678e5f84ab9ac70a544e0129f8c2031242725beab648004578a164372ac3fc3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewardsmedical.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:25:50 GMT
via
1.1 7d28c602911eeec3ffd74f76816b0dda.cloudfront.net (CloudFront)
last-modified
Thu, 19 Mar 2020 19:05:10 GMT
server
nginx/1.17.8
x-stats
@webp; 0.061; 0.012; 0.060
x-amz-cf-pop
FCO50-C2
age
616141
etag
"3063597d6df593ce397f19c091953e10"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
19390
x-amz-cf-id
mSNMCV04ucZu_UST1CrTwSq2rvk_HWoJjSEf6exv1MbT5LMo0zijQQ==
cda09d66-9808-43a9-8f8c-57b74975dfa4
cdn4.rsncdn.com/prd/dynamicAsset/partner1/asset_loggedOutBottomPromo3/700/en_US/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.rsncdn.com/prd/dynamicAsset/partner1/asset_loggedOutBottomPromo3/700/en_US/cda09d66-9808-43a9-8f8c-57b74975dfa4
Requested by
Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:201a:ca00:1f:ad95:87c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.17.8 /
Resource Hash
0fa886a6457172259245e298dd70ae780da751416098127d16999939bd604ca9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewardsmedical.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:25:51 GMT
via
1.1 7d28c602911eeec3ffd74f76816b0dda.cloudfront.net (CloudFront)
last-modified
Thu, 19 Mar 2020 19:05:11 GMT
server
nginx/1.17.8
x-stats
@webp; 0.066; 0.016; 0.068
x-amz-cf-pop
FCO50-C2
age
616140
etag
"b8cbebd02d0ca662868629305ef196f0"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
14060
x-amz-cf-id
HDLIbM9GFytKvYCFswLCgTqNQiBonzf_QrKtwigrAF12Ix1qDHLpMw==
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400italic,400,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.e-rewardsmedical.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 15:41:45 GMT
x-content-type-options
nosniff
age
197586
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 May 2024 15:41:45 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400italic,400,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.e-rewardsmedical.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 13:31:10 GMT
x-content-type-options
nosniff
age
205421
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 May 2024 13:31:10 GMT
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400italic,400,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.e-rewardsmedical.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 08:15:11 GMT
x-content-type-options
nosniff
age
224380
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23236
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 May 2024 08:15:11 GMT
fontawesome-webfont.woff2
www.e-rewardsmedical.com/shared/vendor/font-awesome/fonts/ 		65 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.e-rewardsmedical.com/shared/vendor/font-awesome/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by
Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/blueprint/dist/stylesheets/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2306:2000:18:d51a:a500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

Referer
https://www.e-rewardsmedical.com/blueprint/dist/stylesheets/style.css
Origin
https://www.e-rewardsmedical.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 22:34:51 GMT
via
1.1 c9e2e887b99cf6f6eca356fe3b5edfaa.cloudfront.net (CloudFront)
last-modified
Tue, 15 Jun 2021 14:30:41 GMT
server
nginx/1.21.6
x-stats
@origin; 0.404; 0.001 : 0.001 : 0.001 : 0.001 : 0.002 : 0.001; 0.041 : 0.136 : 0.065 : 0.037 : 0.031 : 0.093
x-amz-cf-pop
FCO50-P3
age
17932
etag
"db812d8a70a4e88e888744c1c9a27e89"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
font/woff2
cache-control
max-age=604800
content-length
66624
x-amz-cf-id
2SWU-SGcQJUV1oQ8-L7eoaB0Vsytzrc_aiEMEsLB6FYDGmvidp0uUg==
b4475a2ba824dd78.min.js
tag.demandbase.com/ 		72 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.demandbase.com/b4475a2ba824dd78.min.js
Requested by
Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-69.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ac2883fb5d9d1b78d8b896beb3c36f6bea54e37d8d0ebe9a3675015385e52032
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewardsmedical.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
XcOSKu2SzDRYss3E_qYe.wGmQkexlPpg
content-encoding
gzip
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
date
Mon, 22 May 2023 22:17:43 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA56-C2
age
1893
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 26 Apr 2023 02:18:31 GMT
server
AmazonS3
etag
W/"173c3d0159a512c29ddac8ba7c7d2363"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-id
8uvDxOI73RiGS5uVxiPOzTInrmKfx855AesujKWcT0rLLKFHUUZREg==
gtm.js
www.googletagmanager.com/ 		153 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WXVC3PD
Requested by
Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7dbdd7500a9550b9f61c0b7b1f2e25f42e9392f072003ce8e51870aa9705e5bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewardsmedical.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 22:34:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57469
x-xss-protection
0
last-modified
Mon, 22 May 2023 21:18:23 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 22 May 2023 22:34:52 GMT
gtm.js
www.googletagmanager.com/ 		104 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TF4HZ8V
Requested by
Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ce32beaeed673d37d393fd9b00840d58442a4f7b922431dd8e180896b60b8b7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewardsmedical.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 22:34:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41582
x-xss-protection
0
last-modified
Mon, 22 May 2023 21:18:23 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 22 May 2023 22:34:52 GMT
browserCheck.js
darwin-assets.dynata.com/upp-ui/ 		28 B
451 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://darwin-assets.dynata.com/upp-ui/browserCheck.js
Requested by
Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/blueprint/dist/apps/home/home.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2259:ce00:17:5070:d6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dd81812b6243e24c01ed9be8589d5fea74e0777057f0f75cc996f12d38542cb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewardsmedical.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 17:36:01 GMT
via
1.1 f3dfc4227af0c5d4e98197194339e98a.cloudfront.net (CloudFront)
x-amz-cf-pop
FCO50-P2
age
17932
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
28
last-modified
Wed, 07 Sep 2022 14:07:47 GMT
server
AmazonS3
etag
"1c4926c3c66c0f7e380ee29ead2e544b"
vary
Origin
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
ZLHyOVD1vikxiKl5TY_Uui4UX8GvcAgg9Rk8NBJrw1NbaLsTue3kOg==
config
goggles.mw.dynata.com/api/v1/panel/ 		14 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://goggles.mw.dynata.com/api/v1/panel/config?panelId=700&locale=en_US&campaignId=0
Requested by
Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.110.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-110-76.compute-1.amazonaws.com
Software
/
Resource Hash
2e4dbd4726732603def93076aea918dc680696b212e99abab318d9ebc1fadb90

Request headers

Accept
*/*
Referer
https://www.e-rewardsmedical.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 22:34:52 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json
access-control-allow-origin
https://www.e-rewardsmedical.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, paneldomainid
sync
s.company-target.com/s/ Frame C5D1 		634 B
977 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.company-target.com/s/sync?exc=lr
Requested by
Host: tag.demandbase.com
URL: https://tag.demandbase.com/b4475a2ba824dd78.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.71.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.71.96.34.bc.googleusercontent.com
Software
/
Resource Hash
a88a7e34fd7f30a5da17a11df253bb74eedb469213efbc7d4940bbf25e9b21ac

Request headers

Referer
https://www.e-rewardsmedical.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-methods
GET,OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
634
content-type
text/html; charset=UTF-8
date
Mon, 22 May 2023 22:34:52 GMT
via
1.1 google
464526.gif
id.rlcdn.com/ 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/464526.gif
Requested by
Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewardsmedical.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 22:34:52 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ip.json
api.company-target.com/api/v2/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fwww.e-rewardsmedical.com%2F&page_title=Paid%20Surveys%20%7C%20Take%20an%20Online%20Survey%20at%20e-Rewards%20Medical
Requested by
Host: tag.demandbase.com
URL: https://tag.demandbase.com/b4475a2ba824dd78.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.210.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-210-54.fco50.r.cloudfront.net
Software
nginx /
Resource Hash
b828951a6995abf27c492cee416800d1fc8ea6c6702cddf332f3a9bcba0bbfd0

Request headers

Referer
https://www.e-rewardsmedical.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 22 May 2023 22:34:52 GMT
identification-source
CENTRAL
content-encoding
gzip
via
1.1 82ac75fd9952b18bba3cee267fd41832.cloudfront.net (CloudFront)
x-amz-cf-pop
FCO50-P3
x-cache
Miss from cloudfront
request-id
053085df-f577-4e27-95d7-d8d76d0c9437
pragma
no-cache
server
nginx
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.e-rewardsmedical.com
access-control-expose-headers
x-amz-cf-id
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding, Origin
api-version
v2
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
aJigx9by3TE2Tm7-AsWyR1xATguSNpyNx2uuuYnsSHKjxw7wYu-mWQ==
expires
Sun, 21 May 2023 22:34:52 GMT
evidon-sitenotice-tag.js
c.evidon.com/sitenotice/ 		74 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Requested by
Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-10.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
53336aa630db1e3624ea59594157016c2999c600cc847c90defa1c8560d08b41

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewardsmedical.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 22:34:52 GMT
content-encoding
gzip
last-modified
Tue, 16 May 2023 16:03:10 GMT
server
AkamaiNetStorage
etag
"c3ee938bd3d9d03945abc0972e4a1c06:1684252990.825288"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=172800, private;max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
19653
expires
Wed, 24 May 2023 22:34:52 GMT
country.js
c.evidon.com/geo/ 		252 B
450 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/geo/country.js
Requested by
Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-10.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
fd6321a73fa53c24f5ac39432a3eaf12305d410b415349e19278548b8a4deb75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewardsmedical.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 22:34:52 GMT
content-encoding
gzip
last-modified
Fri, 13 Mar 2020 23:46:45 GMT
server
AkamaiNetStorage
etag
"61397050076da6e6062ac7b53a8ef498:1584143205.714402"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
accept-ranges
bytes
access-control-allow-headers
*
content-length
174
snthemes.js
c.evidon.com/sitenotice/1696/ 		108 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/sitenotice/1696/snthemes.js
Requested by
Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-10.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
8a4e573b1a6f7eea3548d22b54c95a78e3e01957e9a3a5f2e43d7b9cbd91a629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewardsmedical.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 22:34:52 GMT
content-encoding
gzip
last-modified
Fri, 09 Dec 2022 08:00:42 GMT
server
AkamaiNetStorage
etag
"b96bc20aff33f0d3f17127d47d60fd8e:1670572842.402937"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=172800, private;max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
4507
expires
Wed, 24 May 2023 22:34:52 GMT
settingsV2.js
c.evidon.com/sitenotice/1696/e-rewardsmedical/
Redirect Chain
  • https://c.evidon.com/sitenotice/1696/e-rewardsmedical/settings.js
  • https://c.evidon.com/sitenotice/1696/e-rewardsmedical/settingsV2.js
7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/sitenotice/1696/e-rewardsmedical/settingsV2.js
Requested by
Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/
Protocol
H2
Server
2.16.187.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-10.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d3b2e47f4dd7891317e7ca95c10c4294d04a78be9a5013376a60e8767bb567a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewardsmedical.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 22:34:52 GMT
content-encoding
gzip
last-modified
Fri, 07 Apr 2023 10:31:21 GMT
server
AkamaiNetStorage
etag
"b0933232abb1fa75d2746bb1200c58b3:1680863481.542772"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=172800, private;max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
1554
expires
Wed, 24 May 2023 22:34:52 GMT

Redirect headers

date
Mon, 22 May 2023 22:34:52 GMT
server
AkamaiGHost
vary
Origin
access-control-max-age
108000
access-control-allow-methods
GET,OPTIONS,POST
location
https://c.evidon.com/sitenotice/1696/e-rewardsmedical/settingsV2.js
access-control-allow-origin
cache-control
max-age=432000, private;max-age=86400
access-control-allow-headers
*
content-length
0
js
www.googletagmanager.com/gtag/ 		223 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DP16LK0FSJ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXVC3PD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4188f1f6905544d69bd72ea2b58aa599361a116184b0c36763d4930624786b3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewardsmedical.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 22:34:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80353
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 22 May 2023 22:34:52 GMT
js
www.googletagmanager.com/gtag/ 		117 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-55103389-1
Requested by
Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f7657cd57c69b722a958c382ed6a27e2aa65ee618dd466a3c4e5c718a63d2f88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewardsmedical.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 22:34:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46574
x-xss-protection
0
last-modified
Mon, 22 May 2023 21:18:23 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 22 May 2023 22:34:52 GMT
js
www.googletagmanager.com/gtag/ 		117 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-55103389-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TF4HZ8V
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a508943b56d02a45e3c0a181948ac748b83f86fd0aa2375870d9e74ab9c072ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewardsmedical.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 22:34:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46602
x-xss-protection
0
last-modified
Mon, 22 May 2023 21:18:23 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 22 May 2023 22:34:52 GMT
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-55103389-1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewardsmedical.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 22 May 2023 20:35:39 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
7153
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Mon, 22 May 2023 22:35:39 GMT
collect
region1.google-analytics.com/g/ 		0
260 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-DP16LK0FSJ&gtm=45je35h0&_p=1999089939&cid=1832125019.1684794892&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1684794892&sct=1&seg=0&dl=https%3A%2F%2Fwww.e-rewardsmedical.com%2F&dt=Paid%20Surveys%20%7C%20Take%20an%20Online%20Survey%20at%20e-Rewards%20Medical&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DP16LK0FSJ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewardsmedical.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 22:34:52 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.e-rewardsmedical.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1999089939&t=pageview&_s=1&dl=https%3A%2F%2Fwww.e-rewardsmedical.com%2F&ul=en-us&de=UTF-8&dt=Paid%20Surveys%20%7C%20Take%20an%20Online%20Survey%20at%20e-Rewards%20Medical&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YBDAAUABAAAAACAAI~&jid=858770568&gjid=1339569360&cid=1832125019.1684794892&tid=UA-55103389-1&_gid=369366513.1684794892&_r=1&gtm=457e35h0&jsscut=1&z=2113934547
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.e-rewardsmedical.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 22:34:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.e-rewardsmedical.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-55103389-1&cid=1832125019.1684794892&jid=858770568&gjid=1339569360&_gid=369366513.1684794892&_u=YBDAAUAAAAAAACAAI~&z=1669275966
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.e-rewardsmedical.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 22 May 2023 22:34:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.e-rewardsmedical.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame C5D1
Redirect Chain
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1700692492&external_user_id=27870455-e6e5-4f20-84b3-cc3e80d82efc
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1700692492&external_user_id=27870455-e6e5-4f20-84b3-cc3e80d82efc&C=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1700692492&external_user_id=27870455-e6e5-4f20-84b3-cc3e80d82efc&C=1
Requested by
Host: s.company-target.com
URL: https://s.company-target.com/s/sync?exc=lr
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 22:34:52 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 22 May 2023 22:34:52 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=18&expiry=1700692492&external_user_id=27870455-e6e5-4f20-84b3-cc3e80d82efc&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
sync
partners.tremorhub.com/ Frame C5D1 		43 B
391 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIDM=27870455-e6e5-4f20-84b3-cc3e80d82efc
Requested by
Host: s.company-target.com
URL: https://s.company-target.com/s/sync?exc=lr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:5bb:451c:42bf:bf21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Mon, 22 May 2023 22:34:52 GMT
server
nginx
content-type
image/gif
tap.php
pixel.rubiconproject.com/ Frame C5D1 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?nid=5578&put=27870455-e6e5-4f20-84b3-cc3e80d82efc&v=1181926
Requested by
Host: s.company-target.com
URL: https://s.company-target.com/s/sync?exc=lr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
en.js
c.evidon.com/sitenotice/1696/translations/ 		150 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/sitenotice/1696/translations/en.js
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-10.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
896bd9da117899827edb381eee72cb717fc9e01a0b9657682f297d333d402268

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewardsmedical.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 22:34:52 GMT
content-encoding
gzip
last-modified
Fri, 09 Dec 2022 08:00:41 GMT
server
AkamaiNetStorage
etag
"0c3158067222d9406859d8afdbc798a9:1670572841.382207"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=172800, private;max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
9828
expires
Wed, 24 May 2023 22:34:52 GMT
evidon-barrier.js
c.evidon.com/sitenotice/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/sitenotice/evidon-barrier.js
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-10.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5d420d4cc480cfbab1e0e4c87971db5ec27c87d9a03f08d494e4a839e89fba1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewardsmedical.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 22:34:52 GMT
content-encoding
gzip
last-modified
Tue, 16 May 2023 16:03:11 GMT
server
AkamaiNetStorage
etag
"12408df7068621a87bfbd1bee4d923a4:1684252991.592873"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=172800, private;max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
3926
expires
Wed, 24 May 2023 22:34:52 GMT
2
l.evidon.com/site/v3/1696/68973/3/1/3/ 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.evidon.com/site/v3/1696/68973/3/1/3/2?consent=0&regulationid=2&regulationconsenttypeid=1&d=https://www.e-rewardsmedical.com/
Requested by
Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.46.20 Chicago, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-46-20.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewardsmedical.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 22:34:52 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary
Accept-Encoding
63642
l.evidon.com/site/v3/1696/68973/3/1/3/2/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.evidon.com/site/v3/1696/68973/3/1/3/2/63642?consent=0&regulationid=2&regulationconsenttypeid=1&d=https://www.e-rewardsmedical.com/
Requested by
Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.46.20 Chicago, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-46-20.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewardsmedical.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 22:34:52 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary
Accept-Encoding
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1999089939&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.e-rewardsmedical.com%2F&ul=en-us&de=UTF-8&dt=Paid%20Surveys%20%7C%20Take%20an%20Online%20Survey%20at%20e-Rewards%20Medical&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Demandbase&ea=API%20Resolution&el=IP%20API&_u=aDDAAUABAAAAACAAI~&jid=&gjid=&cid=1832125019.1684794892&tid=UA-55103389-1&_gid=369366513.1684794892&gtm=457e35h0&cd1=112350113&cd2=Credit%20Suisse%20Realwerte%201%20GmbH%20%26%20Co%20KG&cd3=Financial%20Services&cd4=Investment%20Services&cd5=Enterprise&cd6=Over%20%245B&cd7=Enterprise%20Business&cd8=Financial%20Services&cd9=credit-suisse.com&cd10=HE&cd11=Germany&cd12=true&cd13=true&cd14=(Non-Company%20Visitor)&z=889261174
Requested by
Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewardsmedical.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 08:46:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
49676
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
63642
l.evidon.com/site/v3/1696/68973/3/5/3/2/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.evidon.com/site/v3/1696/68973/3/5/3/2/63642?consent=0&regulationid=2&regulationconsenttypeid=1&d=https://www.e-rewardsmedical.com/
Requested by
Host: www.e-rewardsmedical.com
URL: https://www.e-rewardsmedical.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.46.20 Chicago, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-46-20.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewardsmedical.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 22:34:52 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary
Accept-Encoding

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| svg undefined| cssBlob undefined| style object| corona object| UPP function| $ function| jQuery function| _ object| angular object| googleCaptchaCompleted function| captchaReadyCallback function| formatPoints object| SiteNotification object| dataLayer object| _satellite boolean| __satelliteLoaded function| contractMode object| google_tag_manager object| google_tag_data object| Demandbase function| ga object| evidon function| g_addScript function| gtag string| GoogleAnalyticsObject function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData string| bucketid

13 Cookies

Domain/Path Name / Value
.e-rewardsmedical.com/ Name: corona_visit
Value: "eyJwYW5lbElkIjoiNzAwIiwiZHQiOiIxNjg0Nzk0ODkwODk1IiwidXVpZCI6IjJiNjM5MmI1LWEzMzQtNGEyYy1iODViLWZlZGU1YTA4N2MzMCIsInRva2VuIjoiYzFiODUzZDMwNDZlY2Q4ODhjMjI1ZjMxOTI3YjYxN2U2M2ZhNjVhMSJ9"
.e-rewardsmedical.com/ Name: _gcl_au
Value: 1.1.774490452.1684794892
.e-rewardsmedical.com/ Name: _ga_DP16LK0FSJ
Value: GS1.1.1684794892.1.0.1684794892.0.0.0
.e-rewardsmedical.com/ Name: _ga
Value: GA1.2.1832125019.1684794892
.e-rewardsmedical.com/ Name: _gid
Value: GA1.2.369366513.1684794892
.e-rewardsmedical.com/ Name: _gat_gtag_UA_55103389_1
Value: 1
.company-target.com/ Name: tuuid
Value: 27870455-e6e5-4f20-84b3-cc3e80d82efc
.company-target.com/ Name: tuuid_lu
Value: 1684794892|ix:0|mctv:0|rp:0
.casalemedia.com/ Name: CMID
Value: ZGvuDHJtb7grJsbG3aje-gAA
.casalemedia.com/ Name: CMPS
Value: 3297
.casalemedia.com/ Name: CMPRO
Value: 3297
.tremorhub.com/ Name: tvid
Value: bcd329eb739a4f608c4efca08d3cc5c7
.tremorhub.com/ Name: tv_UIDM
Value: 27870455-e6e5-4f20-84b3-cc3e80d82efc

1 Console Messages

Source Level URL
Text
network error URL: https://id.rlcdn.com/464526.gif
Message:
Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.company-target.com
assets.adobedtm.com
c.evidon.com
cdn4.rsncdn.com
darwin-assets.dynata.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
goggles.mw.dynata.com
id.rlcdn.com
l.evidon.com
partners.tremorhub.com
pixel.rubiconproject.com
region1.google-analytics.com
s.company-target.com
stats.g.doubleclick.net
tag.demandbase.com
upp-public.s3.amazonaws.com
www.e-rewardsmedical.com
www.google-analytics.com
www.googletagmanager.com
108.139.210.54
13.32.27.69
185.80.39.216
2.16.187.10
2001:4860:4802:32::36
2600:1f18:612b:4200:5bb:451c:42bf:bf21
2600:9000:201a:ca00:1f:ad95:87c0:93a1
2600:9000:2259:ce00:17:5070:d6c0:93a1
2600:9000:2306:2000:18:d51a:a500:93a1
2a00:1450:4001:800::2003
2a00:1450:4001:80b::2008
2a00:1450:4001:80e::200e
2a00:1450:4001:82a::200a
2a00:1450:400c:c09::9b
2a02:26f0:480:980::1e80
3.5.29.141
3.94.46.20
34.96.71.22
35.244.174.68
52.72.110.76
69.173.144.138
04a0e8a0a40fe18f405e9155fdbe0604318c8fb0038b912884bd0700ddb544ec
0fa886a6457172259245e298dd70ae780da751416098127d16999939bd604ca9
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
1586019660bbeecdf343d83cbec005fb8da84ab0eb68c5370399e8d622faf8fb
20d5a02ec7d5421576729df95cf099cd77ec9ef085fc21fdc2c1cf0fcceb94b9
2e4dbd4726732603def93076aea918dc680696b212e99abab318d9ebc1fadb90
35eebec575cd32883146e1cdb851853a277898aecf83a3ee5c2885323a2c45ba
3678e5f84ab9ac70a544e0129f8c2031242725beab648004578a164372ac3fc3
4188f1f6905544d69bd72ea2b58aa599361a116184b0c36763d4930624786b3d
4ec4f124fe5eaf4c5f31c0de64f2af2ecd6ea37feb12fe8bd9b68fc62e1948bd
53336aa630db1e3624ea59594157016c2999c600cc847c90defa1c8560d08b41
56f217ced76659755521b1d86876af6ec34ec0769a411f270ada706ebe98a61e
59079286b0238de36400d1318ccac19bf9cbb4a4997feeb5a4f0de4412985b9f
5978105111d1faf87819e711fdc4a3c02cc3be18ca872e384f9449bc961ddb8f
5d420d4cc480cfbab1e0e4c87971db5ec27c87d9a03f08d494e4a839e89fba1d
6a340bc6240e4f3c467de43f0efef0e0a065d5f1f0bf61a9ae963ae2374a6ce5
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6beaa737a07b2cdd82921ee0c8f09b66a177140265905ce32c1ef9c1dfb59272
7dbdd7500a9550b9f61c0b7b1f2e25f42e9392f072003ce8e51870aa9705e5bd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
896bd9da117899827edb381eee72cb717fc9e01a0b9657682f297d333d402268
8a4e573b1a6f7eea3548d22b54c95a78e3e01957e9a3a5f2e43d7b9cbd91a629
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a508943b56d02a45e3c0a181948ac748b83f86fd0aa2375870d9e74ab9c072ac
a88a7e34fd7f30a5da17a11df253bb74eedb469213efbc7d4940bbf25e9b21ac
ac2883fb5d9d1b78d8b896beb3c36f6bea54e37d8d0ebe9a3675015385e52032
ad5efbf0243c127a16ee17309b7df316000d43e9309132f80638a3d2f267fcd9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b828951a6995abf27c492cee416800d1fc8ea6c6702cddf332f3a9bcba0bbfd0
b9fa9e37892a9448e19fdaa02290c3c8e38f8a9394b1281e97125d91afb0cdcc
c3a3a9f738fb8ce22a65aee94ecb6826deab5a16a14f812283e2d79251fdde99
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
ce32beaeed673d37d393fd9b00840d58442a4f7b922431dd8e180896b60b8b7d
d3b2e47f4dd7891317e7ca95c10c4294d04a78be9a5013376a60e8767bb567a7
dd5e2022f635153489c43ca6a6a9b2010d13543eed029d5c6dfe714deace3ea0
dd81812b6243e24c01ed9be8589d5fea74e0777057f0f75cc996f12d38542cb6
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e2026c165c4d75a84f9dad168ae6d70f79a782b22c9307b7d4c36097c1e10526
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
f42a6386b5073ba572bae2006e2ba59c692704da4346ec82140962c3cf6281dd
f7657cd57c69b722a958c382ed6a27e2aa65ee618dd466a3c4e5c718a63d2f88
fd6321a73fa53c24f5ac39432a3eaf12305d410b415349e19278548b8a4deb75
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995