Submitted URL: http://links.iterable.com/u/click?_t=5104dc272fa849a7b33c7a3aa5593be3&_m=6d7fd44c5c1047528209a8a0de287aa8&_e=R2Q-qXh-yG4qm...
Effective URL: https://secure.doxo.com/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_Activated_Winback_6M_ConfirmReminder...
Submission: On January 01 via api from US — Scanned from DE

Summary

This website contacted 16 IPs in 2 countries across 14 domains to perform 40 HTTP transactions. The main IP is 3.221.52.23, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is secure.doxo.com.
TLS certificate: Issued by Amazon on July 21st 2021. Valid for: a year.
This is the only time secure.doxo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
13 d13abuqgaodzs6.cloudfront.net secure.doxo.com
d13abuqgaodzs6.cloudfront.net
3 heapanalytics.com secure.doxo.com
3 rs.fullstory.com d13abuqgaodzs6.cloudfront.net
edge.fullstory.com
3 fast.appcues.com secure.doxo.com
fast.appcues.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
secure.doxo.com
2 www.facebook.com secure.doxo.com
2 connect.facebook.net secure.doxo.com
connect.facebook.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fonts.googleapis.com secure.doxo.com
1 rum-http-intake.logs.datadoghq.com d13abuqgaodzs6.cloudfront.net
1 user.doxo.com d13abuqgaodzs6.cloudfront.net
1 edge.fullstory.com d13abuqgaodzs6.cloudfront.net
1 cdn.heapanalytics.com secure.doxo.com
1 www.googletagmanager.com secure.doxo.com
1 cdn.jsdelivr.net secure.doxo.com
1 secure.doxo.com
1 links.iterable.com 1 redirects
40 17

This site contains no links.

Subject Issuer Validity Valid
*.doxo.com
Amazon
2021-07-21 -
2022-08-19
a year crt.sh
upload.video.google.com
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-07-03 -
2022-07-02
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
*.cloudfront.net
Amazon
2021-03-19 -
2022-03-17
a year crt.sh
www.bing.com
Microsoft RSA TLS CA 01
2021-12-22 -
2022-06-22
6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-10-11 -
2022-01-09
3 months crt.sh
cdn.heapanalytics.com
Amazon
2021-08-28 -
2022-09-26
a year crt.sh
fast.appcues.com
GlobalSign Atlas R3 DV TLS CA 2020
2021-04-26 -
2022-05-28
a year crt.sh
edge.fullstory.com
GTS CA 1D4
2021-12-17 -
2022-03-17
3 months crt.sh
*.fullstory.com
R3
2021-11-30 -
2022-02-28
3 months crt.sh
*.logs.datadoghq.com
Sectigo RSA Domain Validation Secure Server CA
2020-05-31 -
2022-05-31
2 years crt.sh
heapanalytics.com
Amazon
2021-12-09 -
2023-01-06
a year crt.sh

This page contains 2 frames:

Primary Page: https://secure.doxo.com/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_Activated_Winback_6M_ConfirmReminders_NoActiveReminders%20%20from%20Workflow%20151123&utm_content=6d7fd44c5c1047528209a8a0de287aa8
Frame ID: C55AB3AEAC74C726D48EB609FEA0AE9C
Requests: 39 HTTP requests in this frame

Frame: https://user.doxo.com/oauth/authorize?redirect_uri=https%3A%2F%2Fsecure.doxo.com%2Fauth%2Fcallback%2F&client_id=becad9bc4d4b71ac91310b5a6ed6732fdd5af45c623c17adad8bd2e09b6a7403&response_type=code&state=oTjf5rFloh&scope=user_service&display=popup&prompt=none&code_challenge=9L2mjCNenVn7PTsy0nRxF-lfCeX5JncZwXMjQooFmUw&code_challenge_method=S256
Frame ID: 19B496A22BF4569C6299FE897F401E13
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

doxo

Page URL History Show full URLs

  1. http://links.iterable.com/u/click?_t=5104dc272fa849a7b33c7a3aa5593be3&_m=6d7fd44c5c1047528209a8a0de287... HTTP 303
    https://secure.doxo.com/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_Activated_Winbac... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <div [^>]*id="__nuxt"

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • heap-\d+\.js

Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

40
Requests

100 %
HTTPS

59 %
IPv6

14
Domains

17
Subdomains

16
IPs

2
Countries

995 kB
Transfer

3840 kB
Size

18
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://links.iterable.com/u/click?_t=5104dc272fa849a7b33c7a3aa5593be3&_m=6d7fd44c5c1047528209a8a0de287aa8&_e=R2Q-qXh-yG4qmrAg4f4wYyZTDgdfBgE74IkuVXD2pUIutPM2vHya_JNP_HxjLk23cySNFext-qWwWOfKWY6Y1tKwg9749b1b4caCACykkdlyutYyC4iTcz1RjpLOtz61BQI7mfpFRAJ8jvAFI_ikJRY5ELE-tcKSCdsvlapSTJadoAOCi96il_8KUlIQqXwhlO6ZZGrxNj6CKE1BxXjrykcZ3cce-w7QDvYmh-fePObBtCA7QmxN5fhj7jovRpJRXGcPo8Sst3Mf_xdodvlHBMHrkNXB5WexEfz5JfsbQ1C7ZYm5HUsRlsu95JvkP3B1Ovw1NCZP_6xN_6N9Acdt60f2Na0FybHOFiyOH0mJg3sayJberrI8VsDi7hfmsdRK0mpt3PMJkXJ4qYjLSHoRD20y32zhsRLH1Zb38fqmJKbWKzXK7WKXRGDV6MqS4uD0CXwQ7Q4drZtnD8pfi9wrJYGoHZuoye67VMFHyHpyS24_JfAAn1bxbfuqvh4GW8yc HTTP 303
    https://secure.doxo.com/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_Activated_Winback_6M_ConfirmReminders_NoActiveReminders%20%20from%20Workflow%20151123&utm_content=6d7fd44c5c1047528209a8a0de287aa8 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

40 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
secure.doxo.com/
Redirect Chain
  • http://links.iterable.com/u/click?_t=5104dc272fa849a7b33c7a3aa5593be3&_m=6d7fd44c5c1047528209a8a0de287aa8&_e=R2Q-qXh-yG4qmrAg4f4wYyZTDgdfBgE74IkuVXD2pUIutPM2vHya_JNP_HxjLk23cySNFext-qWwWOfKWY6Y1tKw...
  • https://secure.doxo.com/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_Activated_Winback_6M_ConfirmReminders_NoActiveReminders%20%20from%20Workflow%20151123&utm_content=6d7fd44c5c10475...
4 KB
5 KB
Document
General
Full URL
https://secure.doxo.com/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_Activated_Winback_6M_ConfirmReminders_NoActiveReminders%20%20from%20Workflow%20151123&utm_content=6d7fd44c5c1047528209a8a0de287aa8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.52.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-52-23.compute-1.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
88039d0dd06848e544b88df5abe5df2fdbac8ddb7f2c63bb99580536fa95b5b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sat, 01 Jan 2022 17:20:52 GMT
content-type
text/html
content-length
4510
server
nginx/1.21.4
last-modified
Wed, 15 Dec 2021 23:33:59 GMT
etag
"61ba7b67-119e"
expires
Thu, 01 Jan 1970 00:00:01 GMT
cache-control
no-cache
strict-transport-security
max-age=31536000
x-frame-options
SAMEORIGIN
accept-ranges
bytes

Redirect headers

Date
Sat, 01 Jan 2022 17:20:52 GMT
Content-Length
0
Connection
keep-alive
Vary
Origin
Location
https://secure.doxo.com/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_Activated_Winback_6M_ConfirmReminders_NoActiveReminders%20%20from%20Workflow%20151123&utm_content=6d7fd44c5c1047528209a8a0de287aa8
Request-Time
1
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options
sameorigin
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' https://links.iterable.com https://links.doordash.com; base-uri 'none'; object-src 'none'; report-uri https://sentry.io/api/22065/security/?sentry_key=d6d9333ad25747ba8107e7681de79ec4
X-Permitted-Cross-Domain-Policies
master-only
Server
iterable-links 6e77
css
fonts.googleapis.com/
569 B
440 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Material+Icons
Requested by
Host: secure.doxo.com
URL: https://secure.doxo.com/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_Activated_Winback_6M_ConfirmReminders_NoActiveReminders%20%20from%20Workflow%20151123&utm_content=6d7fd44c5c1047528209a8a0de287aa8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
99c1697bfc05f8e00314bc2aa32c60b123b311965e94e91801d3876d86d72fdd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.doxo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 01 Jan 2022 17:20:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 01 Jan 2022 17:20:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 01 Jan 2022 17:20:52 GMT
css
fonts.googleapis.com/
13 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900&display=swap
Requested by
Host: secure.doxo.com
URL: https://secure.doxo.com/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_Activated_Winback_6M_ConfirmReminders_NoActiveReminders%20%20from%20Workflow%20151123&utm_content=6d7fd44c5c1047528209a8a0de287aa8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ff420b26b8a33e1bcae39c4d165c2cc259681bbb7b32565dbd7644c1d84cbfa8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.doxo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 01 Jan 2022 16:41:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 01 Jan 2022 17:20:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 01 Jan 2022 17:20:52 GMT
materialdesignicons.min.css
cdn.jsdelivr.net/npm/@mdi/font@latest/css/
298 KB
48 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css
Requested by
Host: secure.doxo.com
URL: https://secure.doxo.com/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_Activated_Winback_6M_ConfirmReminders_NoActiveReminders%20%20from%20Workflow%20151123&utm_content=6d7fd44c5c1047528209a8a0de287aa8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50271f9d1fb53bfd2074827218441de193a0f5bdb94f6a20b3e76d1fa91b41b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.doxo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 01 Jan 2022 17:20:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
34910
x-jsd-version
6.5.95
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19128-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"4a77e-zA2GoL0mTEDvUuLc3XyUhUKPyv0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6c6d6bb86983dfa5-FRA
gtm.js
www.googletagmanager.com/
233 KB
75 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MN22SCS&l=dataLayer
Requested by
Host: secure.doxo.com
URL: https://secure.doxo.com/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_Activated_Winback_6M_ConfirmReminders_NoActiveReminders%20%20from%20Workflow%20151123&utm_content=6d7fd44c5c1047528209a8a0de287aa8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
24469c7804c3c61aac7560a0eb8ebed690b635f9f8af1854e1389e5ac9bcb90e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.doxo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 01 Jan 2022 17:20:52 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
76334
x-xss-protection
0
last-modified
Sat, 01 Jan 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 01 Jan 2022 17:20:52 GMT
21d885170863b4f944c6.js
d13abuqgaodzs6.cloudfront.net/
5 KB
3 KB
Script
General
Full URL
https://d13abuqgaodzs6.cloudfront.net/21d885170863b4f944c6.js
Requested by
Host: secure.doxo.com
URL: https://secure.doxo.com/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_Activated_Winback_6M_ConfirmReminders_NoActiveReminders%20%20from%20Workflow%20151123&utm_content=6d7fd44c5c1047528209a8a0de287aa8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:9600:1:623d:9980:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
65602d8dc12d587f855664abaef8080d2a6b706b72e838ef000d5a6887a5809c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.doxo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 23:52:02 GMT
content-encoding
gzip
vary
Accept-Encoding
age
1445330
x-cache
Hit from cloudfront
last-modified
Wed, 15 Dec 2021 23:36:48 GMT
server
nginx/1.21.4
x-frame-options
SAMEORIGIN
etag
W/"61ba7c10-12a7"
strict-transport-security
max-age=31536000
content-type
application/javascript
via
1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
W0mrJelUWkHumOC9G9FQeieqPjuBuDPE7akeWxgPhN5jmZ7SjXnlpw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
4869135c34b92377f3f4.js
d13abuqgaodzs6.cloudfront.net/
222 KB
76 KB
Script
General
Full URL
https://d13abuqgaodzs6.cloudfront.net/4869135c34b92377f3f4.js
Requested by
Host: secure.doxo.com
URL: https://secure.doxo.com/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_Activated_Winback_6M_ConfirmReminders_NoActiveReminders%20%20from%20Workflow%20151123&utm_content=6d7fd44c5c1047528209a8a0de287aa8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:9600:1:623d:9980:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6a6e865a14f30a63d1c719ddd8f52db530a8a388c9e4e05484fcf2353353a98f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.doxo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 23:52:02 GMT
content-encoding
gzip
vary
Accept-Encoding
age
1445330
x-cache
Hit from cloudfront
last-modified
Wed, 15 Dec 2021 23:38:46 GMT
server
nginx/1.21.4
x-frame-options
SAMEORIGIN
etag
W/"61ba7c86-37830"
strict-transport-security
max-age=31536000
content-type
application/javascript
via
1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
Sw3hZaz-n3teUwrbJqEgIuKD2TaLHMniHwAjM3ShbJzNhzG4natE5w==
expires
Thu, 31 Dec 2037 23:55:55 GMT
a37cd6e5eaa4942cc0be.css
d13abuqgaodzs6.cloudfront.net/
402 KB
46 KB
Stylesheet
General
Full URL
https://d13abuqgaodzs6.cloudfront.net/a37cd6e5eaa4942cc0be.css
Requested by
Host: secure.doxo.com
URL: https://secure.doxo.com/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_Activated_Winback_6M_ConfirmReminders_NoActiveReminders%20%20from%20Workflow%20151123&utm_content=6d7fd44c5c1047528209a8a0de287aa8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:9600:1:623d:9980:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
32c2e16e15d4787a9d2eb920303aa15d11c2b9854a75bf554417c4993f143d83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.doxo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 19:26:14 GMT
content-encoding
gzip
vary
Accept-Encoding
age
4398878
x-cache
Hit from cloudfront
last-modified
Thu, 11 Nov 2021 19:00:47 GMT
server
nginx/1.21.4
x-frame-options
SAMEORIGIN
etag
W/"618d685f-647ad"
strict-transport-security
max-age=31536000
content-type
text/css
via
1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
TLJ6VHt7KvRfiBDZTNb_XcErm9FA6XXKS1OWUR4kMJ-1Tvlx3L4PTg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
4ad1fe68fce1705feab6.js
d13abuqgaodzs6.cloudfront.net/
775 KB
211 KB
Script
General
Full URL
https://d13abuqgaodzs6.cloudfront.net/4ad1fe68fce1705feab6.js
Requested by
Host: secure.doxo.com
URL: https://secure.doxo.com/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_Activated_Winback_6M_ConfirmReminders_NoActiveReminders%20%20from%20Workflow%20151123&utm_content=6d7fd44c5c1047528209a8a0de287aa8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:9600:1:623d:9980:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c823343bbd33e527b2f8d09fc0e3bf153b53ee32f110a4fe1871dd8f42a9c2b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.doxo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 23:52:02 GMT
content-encoding
gzip
vary
Accept-Encoding
age
1445330
x-cache
Hit from cloudfront
last-modified
Wed, 15 Dec 2021 23:33:59 GMT
server
nginx/1.21.4
x-frame-options
SAMEORIGIN
etag
W/"61ba7b67-c1a72"
strict-transport-security
max-age=31536000
content-type
application/javascript
via
1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
K2ABKVktbR21YYjcfrSBvIq1sJYk5H8PJg_0HLiWlwLMXFtPsLAITQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
c7c925b055ebccbadd09.css
d13abuqgaodzs6.cloudfront.net/
30 KB
5 KB
Stylesheet
General
Full URL
https://d13abuqgaodzs6.cloudfront.net/c7c925b055ebccbadd09.css
Requested by
Host: secure.doxo.com
URL: https://secure.doxo.com/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_Activated_Winback_6M_ConfirmReminders_NoActiveReminders%20%20from%20Workflow%20151123&utm_content=6d7fd44c5c1047528209a8a0de287aa8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:9600:1:623d:9980:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ab42c0e657fbf5a60d9678c1a5bf148b1c709bc5720bc91b23d5d4746855889f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.doxo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 22:16:48 GMT
content-encoding
gzip
vary
Accept-Encoding
age
3351844
x-cache
Hit from cloudfront
last-modified
Tue, 23 Nov 2021 22:10:47 GMT
server
nginx/1.21.4
x-frame-options
SAMEORIGIN
etag
W/"619d66e7-7609"
strict-transport-security
max-age=31536000
content-type
text/css
via
1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
FTtxcvAdgPNOOX1odq5u-VsICe04MwNxlb1OtHaoG0MMeAQb8LjNLQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
00b3f95d6ae2fd14b31f.js
d13abuqgaodzs6.cloudfront.net/
212 KB
52 KB
Script
General
Full URL
https://d13abuqgaodzs6.cloudfront.net/00b3f95d6ae2fd14b31f.js
Requested by
Host: secure.doxo.com
URL: https://secure.doxo.com/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_Activated_Winback_6M_ConfirmReminders_NoActiveReminders%20%20from%20Workflow%20151123&utm_content=6d7fd44c5c1047528209a8a0de287aa8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:9600:1:623d:9980:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
05b35492a2546223e05dafc286331cb0d47ad840764715b8cb9117f3e5e2f983
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.doxo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 23:52:02 GMT
content-encoding
gzip
vary
Accept-Encoding
age
1445330
x-cache
Hit from cloudfront
last-modified
Wed, 15 Dec 2021 23:33:59 GMT
server
nginx/1.21.4
x-frame-options
SAMEORIGIN
etag
W/"61ba7b67-3519f"
strict-transport-security
max-age=31536000
content-type
application/javascript
via
1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
IMlU3caY3itrW2d777WYTA_m8P9_FqoZO5HgfMTzR7ihxAbOWiOsxA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
dcc5444cd3fffe6e4368.js
d13abuqgaodzs6.cloudfront.net/
0
8 KB
Other
General
Full URL
https://d13abuqgaodzs6.cloudfront.net/dcc5444cd3fffe6e4368.js
Requested by
Host: d13abuqgaodzs6.cloudfront.net
URL: https://d13abuqgaodzs6.cloudfront.net/21d885170863b4f944c6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:9600:1:623d:9980:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.doxo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 23:52:03 GMT
content-encoding
gzip
vary
Accept-Encoding
age
1445328
x-cache
Hit from cloudfront
last-modified
Wed, 15 Dec 2021 23:33:59 GMT
server
nginx/1.21.4
x-frame-options
SAMEORIGIN
etag
W/"61ba7b67-719c"
strict-transport-security
max-age=31536000
content-type
application/javascript
via
1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
EZie9eDxNONd0Pxu6i4R1HsrtDmV4IjIsJ9O4tlyuxnMGbDMX0CObA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
a21d1349a96e1792bfca.css
d13abuqgaodzs6.cloudfront.net/
19 KB
4 KB
Stylesheet
General
Full URL
https://d13abuqgaodzs6.cloudfront.net/a21d1349a96e1792bfca.css
Requested by
Host: d13abuqgaodzs6.cloudfront.net
URL: https://d13abuqgaodzs6.cloudfront.net/21d885170863b4f944c6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:9600:1:623d:9980:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6abca65186a90b5073dbe55e396519e590e93b643dd5d530057f24516b542b31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.doxo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 19:26:28 GMT
content-encoding
gzip
vary
Accept-Encoding
age
4398864
x-cache
Hit from cloudfront
last-modified
Thu, 11 Nov 2021 19:00:47 GMT
server
nginx/1.21.4
x-frame-options
SAMEORIGIN
etag
W/"618d685f-4adb"
strict-transport-security
max-age=31536000
content-type
text/css
via
1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
Kc2u6N7vCTPSK75rx9wAnc0sVSdrlFEshzlMrhHNEADeX6wjvSdL0g==
expires
Thu, 31 Dec 2037 23:55:55 GMT
6868a97a0af7847c4bb8.js
d13abuqgaodzs6.cloudfront.net/
58 KB
15 KB
Script
General
Full URL
https://d13abuqgaodzs6.cloudfront.net/6868a97a0af7847c4bb8.js
Requested by
Host: d13abuqgaodzs6.cloudfront.net
URL: https://d13abuqgaodzs6.cloudfront.net/21d885170863b4f944c6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:9600:1:623d:9980:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
edb4166321e3fa7b70e189765b90f6f17ba97b0e7c4d4e2ffae4aabc5478ab50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.doxo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 23:52:04 GMT
content-encoding
gzip
vary
Accept-Encoding
age
1445328
x-cache
Hit from cloudfront
last-modified
Wed, 15 Dec 2021 23:33:59 GMT
server
nginx/1.21.4
x-frame-options
SAMEORIGIN
etag
W/"61ba7b67-e748"
strict-transport-security
max-age=31536000
content-type
application/javascript
via
1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
mspXVLwufrKcxcOgFYmT4HeI1OdQSKk2I1sIqNClm6EBryaTU2eZSg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
ed2955ad0f2137b53b6f.css
d13abuqgaodzs6.cloudfront.net/
1 KB
884 B
Stylesheet
General
Full URL
https://d13abuqgaodzs6.cloudfront.net/ed2955ad0f2137b53b6f.css
Requested by
Host: d13abuqgaodzs6.cloudfront.net
URL: https://d13abuqgaodzs6.cloudfront.net/21d885170863b4f944c6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:9600:1:623d:9980:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
fe3d85b891998a7fba6f129abf75cf2bb52563a2744b4c72f2c586b851b2897d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.doxo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 23:52:03 GMT
content-encoding
gzip
vary
Accept-Encoding
age
1445329
x-cache
Hit from cloudfront
last-modified
Wed, 15 Dec 2021 23:33:59 GMT
server
nginx/1.21.4
x-frame-options
SAMEORIGIN
etag
W/"61ba7b67-42c"
strict-transport-security
max-age=31536000
content-type
text/css
via
1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
Eq1WqvBiXzQi2V1sAmS5wVWAvZbSkfLpL_GYKwbhz9nCW3Y5tgf5Ig==
expires
Thu, 31 Dec 2037 23:55:55 GMT
69b8593c67b468f5a968.js
d13abuqgaodzs6.cloudfront.net/
37 KB
9 KB
Script
General
Full URL
https://d13abuqgaodzs6.cloudfront.net/69b8593c67b468f5a968.js
Requested by
Host: d13abuqgaodzs6.cloudfront.net
URL: https://d13abuqgaodzs6.cloudfront.net/21d885170863b4f944c6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:9600:1:623d:9980:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
443a80555e5fb768dd5d605f61da021766b35f9125c2d2834f5f79aa2e599eef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.doxo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 23:52:04 GMT
content-encoding
gzip
vary
Accept-Encoding
age
1445328
x-cache
Hit from cloudfront
last-modified
Wed, 15 Dec 2021 23:38:46 GMT
server
nginx/1.21.4
x-frame-options
SAMEORIGIN
etag
W/"61ba7c86-92cb"
strict-transport-security
max-age=31536000
content-type
application/javascript
via
1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
D7I8NqtoZY-gRU3DeN6HpAaNtsTN-T-5cKIKUtNH66t8oe83SYsisQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
26b90fd3e5e09e6de935.css
d13abuqgaodzs6.cloudfront.net/
8 KB
2 KB
Stylesheet
General
Full URL
https://d13abuqgaodzs6.cloudfront.net/26b90fd3e5e09e6de935.css
Requested by
Host: d13abuqgaodzs6.cloudfront.net
URL: https://d13abuqgaodzs6.cloudfront.net/21d885170863b4f944c6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:9600:1:623d:9980:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6afdb1c4942e620cbf531eae882321595dfc74a63a5c4eb45be461fec3ea675f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.doxo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 23:52:03 GMT
content-encoding
gzip
vary
Accept-Encoding
age
1445329
x-cache
Hit from cloudfront
last-modified
Wed, 15 Dec 2021 23:36:48 GMT
server
nginx/1.21.4
x-frame-options
SAMEORIGIN
etag
W/"61ba7c10-2010"
strict-transport-security
max-age=31536000
content-type
text/css
via
1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
Mg1RLvvspaVbguh9WyrANyrKB5vo2A0Jpg6wE21-xTY9jqnY1Mh2Tw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
f15c482ccf9565941749.js
d13abuqgaodzs6.cloudfront.net/
98 KB
20 KB
Script
General
Full URL
https://d13abuqgaodzs6.cloudfront.net/f15c482ccf9565941749.js
Requested by
Host: d13abuqgaodzs6.cloudfront.net
URL: https://d13abuqgaodzs6.cloudfront.net/21d885170863b4f944c6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:9600:1:623d:9980:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
93dae4a5f6c766cc2232e293205e327e5e3d96e1230bea816e7b19c9a28d92d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.doxo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 23:52:04 GMT
content-encoding
gzip
vary
Accept-Encoding
age
1445328
x-cache
Hit from cloudfront
last-modified
Wed, 15 Dec 2021 23:38:46 GMT
server
nginx/1.21.4
x-frame-options
SAMEORIGIN
etag
W/"61ba7c86-1890c"
strict-transport-security
max-age=31536000
content-type
application/javascript
via
1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
mCsShEpzNm3mwfaZjmmgATaoBuDpqf6PeR5uxjdJjr_PeZkPPZTPXw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN22SCS&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.doxo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6358
date
Sat, 01 Jan 2022 15:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 01 Jan 2022 17:34:54 GMT
bat.js
bat.bing.com/
36 KB
11 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN22SCS&l=dataLayer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.doxo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 01 Jan 2022 17:20:51 GMT
content-encoding
gzip
last-modified
Fri, 03 Dec 2021 01:53:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C2B08E8F07F04F08B3A77BE049F0A334 Ref B: FRAEDGE1310 Ref C: 2022-01-01T17:20:52Z
etag
"0cb09ee8e7d71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
10468
fbevents.js
connect.facebook.net/en_US/
103 KB
23 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: secure.doxo.com
URL: https://secure.doxo.com/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_Activated_Winback_6M_ConfirmReminders_NoActiveReminders%20%20from%20Workflow%20151123&utm_content=6d7fd44c5c1047528209a8a0de287aa8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9a6f890cb47fee47c8f8f2366ce7481f6323eecf1f966784f350761cfab24d35
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.doxo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
22474
x-xss-protection
0
pragma
public
x-fb-debug
YZUjBvvST1cAe00hIkt4Qvg0RwX/VKJgqWycFL+dn/eLhOB3P2iJEqyZQj0f02WFpucCC2MjBOxlUEB+DsUyAA==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Sat, 01 Jan 2022 17:20:52 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
heap-3839637385.js
cdn.heapanalytics.com/js/
113 KB
44 KB
Script
General
Full URL
https://cdn.heapanalytics.com/js/heap-3839637385.js
Requested by
Host: secure.doxo.com
URL: https://secure.doxo.com/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_Activated_Winback_6M_ConfirmReminders_NoActiveReminders%20%20from%20Workflow%20151123&utm_content=6d7fd44c5c1047528209a8a0de287aa8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.73.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-73-18.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
22b1d105947db8db61bbdc6dd5540d06d0128ff9f3d1fdd825c6dabf0ef51085
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.doxo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 01 Jan 2022 17:20:20 GMT
content-encoding
gzip
server
nginx
age
32
etag
W/"1c522-m9Lo5n71u78xc74w2Bwnlw"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
cache-control
public, max-age=120
x-amz-cf-pop
FRA2-C2
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-id
qTjklZ_l9pWBcr3wDkpiKjtyd6FhrmM6NALi8cBoMENqBfqcfRj5RA==
85239.js
fast.appcues.com/
20 KB
5 KB
Script
General
Full URL
https://fast.appcues.com/85239.js
Requested by
Host: secure.doxo.com
URL: https://secure.doxo.com/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_Activated_Winback_6M_ConfirmReminders_NoActiveReminders%20%20from%20Workflow%20151123&utm_content=6d7fd44c5c1047528209a8a0de287aa8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
4808bd5c45464157106171f47c7e4493d563092bfe33934c235ed2da245b29d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.doxo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 01 Jan 2022 17:20:52 GMT
content-encoding
gzip
age
57
x-cache
HIT
content-length
4856
x-request-id
FsY1MFuAXWZXv1tZ0gZh
x-served-by
cache-fra19128-FRA
access-control-allow-origin
*
server
Cowboy
x-timer
S1641057653.759318,VS0,VE1
vary
accept-encoding, Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/javascript; charset=utf-8
via
1.1 varnish
access-control-expose-headers
cache-control
max-age=120,public
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With,Authorization
x-cache-hits
1
fs.js
edge.fullstory.com/s/
219 KB
66 KB
Script
General
Full URL
https://edge.fullstory.com/s/fs.js
Requested by
Host: d13abuqgaodzs6.cloudfront.net
URL: https://d13abuqgaodzs6.cloudfront.net/00b3f95d6ae2fd14b31f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
50a5284de7a0b6a18645b623fe7cd7b193ed75387dc21eeb7b8527775fecae24

Request headers

Referer
https://secure.doxo.com/
Origin
https://secure.doxo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 01 Jan 2022 16:38:55 GMT
content-encoding
gzip
age
2517
x-guploader-uploadid
ADPycdvMF-cNHHZ6COW3Teb63BFBpRm-Lr2bthdLGB1viWu3lHB15aolGtcuG817dPFYJSiXCsthkEIW2RhRKyiOWU1ypNDWMg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
67347
last-modified
Wed, 15 Dec 2021 19:15:03 GMT
server
UploadServer
etag
"ae62e8f5c7c7587ea691afdd7b461301"
x-goog-hash
crc32c=LKlKNg==, md5=rmLo9cfHWH6mka/de0YTAQ==
x-goog-generation
1639595703727219
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600,no-transform
x-goog-stored-content-length
67347
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 01 Jan 2022 17:38:55 GMT
authorize
user.doxo.com/oauth/ Frame 19B4
115 B
196 B
Document
General
Full URL
https://user.doxo.com/oauth/authorize?redirect_uri=https%3A%2F%2Fsecure.doxo.com%2Fauth%2Fcallback%2F&client_id=becad9bc4d4b71ac91310b5a6ed6732fdd5af45c623c17adad8bd2e09b6a7403&response_type=code&state=oTjf5rFloh&scope=user_service&display=popup&prompt=none&code_challenge=9L2mjCNenVn7PTsy0nRxF-lfCeX5JncZwXMjQooFmUw&code_challenge_method=S256
Requested by
Host: d13abuqgaodzs6.cloudfront.net
URL: https://d13abuqgaodzs6.cloudfront.net/00b3f95d6ae2fd14b31f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.227.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-227-119.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
25dda3a3529b2bc18adfdce991be8bc54606e8fd479abe079d40327b662bed06

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.doxo.com/

Response headers

server
awselb/2.0
date
Sat, 01 Jan 2022 17:20:53 GMT
content-length
115
content-type
text/html
appcues.main.6a7768d5ed9d53bc49d865db745918fcdb33cab3.js
fast.appcues.com/generic/main/4.32.11/
401 KB
113 KB
Script
General
Full URL
https://fast.appcues.com/generic/main/4.32.11/appcues.main.6a7768d5ed9d53bc49d865db745918fcdb33cab3.js
Requested by
Host: fast.appcues.com
URL: https://fast.appcues.com/85239.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3fbbb48f95ad471b880728d24affd27fbe2ec28ef85eaa5bb9cb2c1cfca2cc95

Request headers

Referer
https://secure.doxo.com/
Origin
https://secure.doxo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 01 Jan 2022 17:20:52 GMT
content-encoding
gzip
age
936955
via
1.1 varnish
x-cache
HIT
content-length
115344
x-amz-id-2
lNLyJiosUK0VpI+LlQy8Gfbd0lnZNQ4jN1ErIMBdhCakt7TXcx6d1S+QEDXYEviFExOWs4YD1Tc=
x-served-by
cache-fra19175-FRA
timing-allow-origin
*
last-modified
Tue, 21 Dec 2021 20:52:29 GMT
server
AmazonS3
x-timer
S1641057653.783779,VS0,VE0
etag
"e1ce9e54c82660ba85fb1fd85fd15cae"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
x-amz-request-id
PVZWBQTRF3BBB6A2
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
access-control-allow-headers
X-Requested-With,Authorization
x-cache-hits
22583
js
www.google-analytics.com/gtm/
109 KB
40 KB
Script
General
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-WZ4XCHM&t=gtm5&cid=520704983.1641057653
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4783757a08118a800d793f868f0efe0f58e144de4314f3cecbd1fa6d9c3c4f1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.doxo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 01 Jan 2022 17:20:52 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40395
x-xss-protection
0
expires
Sat, 01 Jan 2022 17:20:52 GMT
150715232192596
connect.facebook.net/signals/config/
355 KB
85 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/150715232192596?v=2.9.5&r=c2
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
db8f645e29482c593e172d89b665221a4b30688d2a65daa44dc9eafdcac559e5
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.doxo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
aZBa3FtyEq4/4UfuWXBhZOeWX9zsBFmsVebrosQr03E8Bo7zf8egpFWyLJZWgiRXDLsKVvFsXO/WqFmkapN4IA==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sat, 01 Jan 2022 17:20:52 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
page
rs.fullstory.com/rec/
3 KB
1 KB
XHR
General
Full URL
https://rs.fullstory.com/rec/page
Requested by
Host: d13abuqgaodzs6.cloudfront.net
URL: https://d13abuqgaodzs6.cloudfront.net/4ad1fe68fce1705feab6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
7421002fede7d6448be9e69112ed7d1385983d74b804bff74357a389e67b2522

Request headers

Referer
https://secure.doxo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 01 Jan 2022 17:20:53 GMT
content-encoding
gzip
content-type
application/json; charset=utf-8
access-control-allow-origin
https://secure.doxo.com
access-control-allow-credentials
true
alt-svc
clear
content-length
1285
via
1.1 google
5772357.js
bat.bing.com/p/action/
0
116 B
Script
General
Full URL
https://bat.bing.com/p/action/5772357.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.doxo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 01 Jan 2022 17:20:52 GMT
cache-control
private,max-age=1800
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 37802408D9F04FD5907ECB9753C3D0C8 Ref B: FRAEDGE1310 Ref C: 2022-01-01T17:20:52Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/
0
150 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=5772357&tm=gtm002&Ver=2&mid=d352db80-25fc-4e96-8aa7-15f054756293&sid=2c08a1b06b2711ec900eeb5ee93dbd89&vid=2c08c2306b2711ec8a827de7a86dadeb&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=doxo&p=https%3A%2F%2Fsecure.doxo.com%2F%3Futm_source%3DIterable%26utm_medium%3Demail%26utm_campaign%3Dcampaign_Activated_Winback_6M_ConfirmReminders_NoActiveReminders%2520%2520from%2520Workflow%2520151123%26utm_content%3D6d7fd44c5c1047528209a8a0de287aa8&r=&lt=669&evt=pageLoad&msclkid=N&sv=1&rn=65967
Requested by
Host: secure.doxo.com
URL: https://secure.doxo.com/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_Activated_Winback_6M_ConfirmReminders_NoActiveReminders%20%20from%20Workflow%20151123&utm_content=6d7fd44c5c1047528209a8a0de287aa8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.doxo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Jan 2022 17:20:51 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 1FF91FF2D3E44E8AB9ED18609FE6F8C6 Ref B: FRAEDGE1310 Ref C: 2022-01-01T17:20:52Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
pub84fc4cf5e97756c5d2f659623a17d830
rum-http-intake.logs.datadoghq.com/v1/input/
2 B
94 B
Ping
General
Full URL
https://rum-http-intake.logs.datadoghq.com/v1/input/pub84fc4cf5e97756c5d2f659623a17d830?_dd.application_id=5cbfa008-90d3-4075-bcdb-95f9b5db6519&ddsource=browser&ddtags=sdk_version:2.2.1,env:prod,service:Ash&batch_time=1641057652834
Requested by
Host: d13abuqgaodzs6.cloudfront.net
URL: https://d13abuqgaodzs6.cloudfront.net/4ad1fe68fce1705feab6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:4281:7a44:2477:25fb Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://secure.doxo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 01 Jan 2022 17:20:53 GMT
content-length
2
content-type
application/json
container.6a7768d5ed9d53bc49d865db745918fcdb33cab3.css
fast.appcues.com/generic/main/4.32.11/
15 KB
2 KB
Stylesheet
General
Full URL
https://fast.appcues.com/generic/main/4.32.11/container.6a7768d5ed9d53bc49d865db745918fcdb33cab3.css
Requested by
Host: fast.appcues.com
URL: https://fast.appcues.com/generic/main/4.32.11/appcues.main.6a7768d5ed9d53bc49d865db745918fcdb33cab3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d4c676ed415cb16654c1309c8c2ee790db12f4a5ae5efb675a595ddd31a6a9e3

Request headers

Referer
https://secure.doxo.com/
Origin
https://secure.doxo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 01 Jan 2022 17:20:52 GMT
content-encoding
gzip
age
936976
via
1.1 varnish
x-cache
HIT
content-length
2029
x-amz-id-2
m1sFskdUl+jEcROL2FpQBNcPOxms9cKG8V2fSZ6LlgWLWfJd2bh8g+U33EAEKdixj7dRpXq8n3I=
x-served-by
cache-fra19175-FRA
timing-allow-origin
*
last-modified
Tue, 21 Dec 2021 20:52:29 GMT
server
AmazonS3
x-timer
S1641057653.887114,VS0,VE0
etag
"c8a48e77946e446dc42162494c5a4ed7"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
x-amz-request-id
G4RAVVGWEQR708BN
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
content-type
text/css; charset=utf-8;
access-control-allow-headers
X-Requested-With,Authorization
x-cache-hits
21846
telemetry
heapanalytics.com/api/
37 B
259 B
Image
General
Full URL
https://heapanalytics.com/api/telemetry?a=3839637385&te=type&te=data&te=cm&te=eventPropertiesTelemetry%20-%20added%20new%20properties&te=val&te=1&st=1641057652931&hv=4.15.0
Requested by
Host: secure.doxo.com
URL: https://secure.doxo.com/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_Activated_Winback_6M_ConfirmReminders_NoActiveReminders%20%20from%20Workflow%20151123&utm_content=6d7fd44c5c1047528209a8a0de287aa8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.146.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-146-241.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.doxo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Jan 2022 17:20:53 GMT
server
nginx
etag
W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
/
www.facebook.com/tr/
44 B
295 B
Image
General
Full URL
https://www.facebook.com/tr/?id=150715232192596&ev=PageView&dl=https%3A%2F%2Fsecure.doxo.com%2F%3Futm_source%3DIterable%26utm_medium%3Demail%26utm_campaign%3Dcampaign_Activated_Winback_6M_ConfirmReminders_NoActiveReminders%2520%2520from%2520Workflow%2520151123%26utm_content%3D6d7fd44c5c1047528209a8a0de287aa8&rl=&if=false&ts=1641057652940&sw=1600&sh=1200&v=2.9.5&r=c2&ec=0&o=30&fbp=fb.1.1641057652940.37971113&it=1641057652786&coo=false&rqm=GET
Requested by
Host: secure.doxo.com
URL: https://secure.doxo.com/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_Activated_Winback_6M_ConfirmReminders_NoActiveReminders%20%20from%20Workflow%20151123&utm_content=6d7fd44c5c1047528209a8a0de287aa8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.doxo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 01 Jan 2022 17:20:52 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Sat, 01 Jan 2022 17:20:52 GMT
h
heapanalytics.com/
37 B
258 B
Image
General
Full URL
https://heapanalytics.com/h?a=3839637385&u=1783324883333979&v=4609520991775363&s=5553871306385471&b=web&tv=4.0&z=0&h=%2F&q=%3Futm_source%3DIterable%26utm_medium%3Demail%26utm_campaign%3Dcampaign_Activated_Winback_6M_ConfirmReminders_NoActiveReminders%2520%2520from%2520Workflow%2520151123%26utm_content%3D6d7fd44c5c1047528209a8a0de287aa8&d=secure.doxo.com&t=doxo&us=Iterable&um=email&uc=6d7fd44c5c1047528209a8a0de287aa8&ua=campaign_Activated_Winback_6M_ConfirmReminders_NoActiveReminders%20%20from%20Workflow%20151123&k=user_agent&k=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.93%20Safari%2F537.36&k=Google%20Optimize%3A%20ebsg0PxwShqz7FjsqeM4HA&k=1&k=onload_is_doxoplus_subscriber&k=true&ts=1641057652943&st=1641057652945
Requested by
Host: secure.doxo.com
URL: https://secure.doxo.com/?utm_source=Iterable&utm_medium=email&utm_campaign=campaign_Activated_Winback_6M_ConfirmReminders_NoActiveReminders%20%20from%20Workflow%20151123&utm_content=6d7fd44c5c1047528209a8a0de287aa8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.146.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-146-241.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.doxo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Jan 2022 17:20:53 GMT
server
nginx
etag
W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
integrations
rs.fullstory.com/rec/
0
64 B
Script
General
Full URL
https://rs.fullstory.com/rec/integrations?OrgId=1ITz
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.doxo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 01 Jan 2022 17:20:53 GMT
via
1.1 google
alt-svc
clear
content-length
0
content-type
text/javascript; charset=utf-8
bundle
rs.fullstory.com/rec/
29 B
91 B
XHR
General
Full URL
https://rs.fullstory.com/rec/bundle?OrgId=1ITz&UserId=5313682087174144&SessionId=6542699712831488&PageId=6115706626203648&Seq=1&PageStart=1641057653116&PrevBundleTime=0&LastActivity=564&IsNewSession=true
Requested by
Host: d13abuqgaodzs6.cloudfront.net
URL: https://d13abuqgaodzs6.cloudfront.net/4ad1fe68fce1705feab6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
64f3077707f228787d6e2d1c017e1619786ca7472ffdcdf0057ae035994ca9fc

Request headers

Referer
https://secure.doxo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://secure.doxo.com
date
Sat, 01 Jan 2022 17:20:53 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
clear
content-length
29
content-type
application/json; charset=utf-8
telemetry
heapanalytics.com/api/
37 B
258 B
Image
General
Full URL
https://heapanalytics.com/api/telemetry?a=3839637385&te=type&te=data&te=cm&te=addUserProperties%20-%20no%20valid%20props&st=1641057652944&hv=4.15.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.146.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-146-241.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.doxo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Jan 2022 17:20:53 GMT
server
nginx
etag
W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
/
www.facebook.com/tr/
44 B
91 B
Image
General
Full URL
https://www.facebook.com/tr/?id=150715232192596&ev=Microdata&dl=https%3A%2F%2Fsecure.doxo.com%2F%3Futm_source%3DIterable%26utm_medium%3Demail%26utm_campaign%3Dcampaign_Activated_Winback_6M_ConfirmReminders_NoActiveReminders%2520%2520from%2520Workflow%2520151123%26utm_content%3D6d7fd44c5c1047528209a8a0de287aa8&rl=&if=false&ts=1641057654443&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22doxo%22%2C%22meta%3Adescription%22%3A%22doxo%20User%20Site%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.5&r=c2&ec=1&o=30&fbp=fb.1.1641057652940.37971113&it=1641057652786&coo=false&es=automatic&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.doxo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 01 Jan 2022 17:20:54 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Sat, 01 Jan 2022 17:20:54 GMT

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| webpackJsonp object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady function| Velocity function| vueApolloWillPrefetch object| DD_RUM object| google_tag_manager object| dataLayer object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| heap boolean| _fs_debug string| _fs_host string| _fs_script string| _fs_org string| _fs_namespace function| FS object| $nuxt object| AppcuesBundleSettings object| Appcues object| gaplugins object| gaGlobal object| gaData string| _fs_loaded function| _fs_shutdown function| UET function| UET_init function| UET_push object| ueto_269efaeb0f object| uetq object| google_optimize

18 Cookies

Domain/Path Name / Value
.iterable.com/ Name: iterableEndUserId
Value: tod.lovas%40ros.com
.iterable.com/ Name: iterableEmailCampaignId
Value: 3447036
.iterable.com/ Name: iterableTemplateId
Value: 4705623
.iterable.com/ Name: iterableMessageId
Value: 6d7fd44c5c1047528209a8a0de287aa8
links.iterable.com/ Name: XSRF-TOKEN
Value: 2fc4fe62d412ac5edbc094e414bafa8bd1cdfa71-1641057652150-6b4dbae9c4745d9fde7b04cb
.doxo.com/ Name: _gcl_au
Value: 1.1.1993433396.1641057653
secure.doxo.com/ Name: _dd_s
Value: rum=1&id=d2ff13d3-5a7a-4812-8a7d-7ccc83f13f13&created=1641057652743&expire=1641058552743
.doxo.com/ Name: _ga
Value: GA1.2.520704983.1641057653
.doxo.com/ Name: _gid
Value: GA1.2.1699166255.1641057653
.bing.com/ Name: MUID
Value: 0CAB2280C7936835156F339FC6416904
.doxo.com/ Name: _uetsid
Value: 2c08a1b06b2711ec900eeb5ee93dbd89
.doxo.com/ Name: _uetvid
Value: 2c08c2306b2711ec8a827de7a86dadeb
.doxo.com/ Name: _gaexp
Value: GAX1.2.ebsg0PxwShqz7FjsqeM4HA.19071.1
.doxo.com/ Name: _hp2_props.3839637385
Value: %7B%22user_agent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.93%20Safari%2F537.36%22%7D
.doxo.com/ Name: _fbp
Value: fb.1.1641057652940.37971113
.doxo.com/ Name: _hp2_id.3839637385
Value: %7B%22userId%22%3A%221783324883333979%22%2C%22pageviewId%22%3A%224609520991775363%22%2C%22sessionId%22%3A%225553871306385471%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.doxo.com/ Name: _hp2_ses_props.3839637385
Value: %7B%22us%22%3A%22Iterable%22%2C%22um%22%3A%22email%22%2C%22uc%22%3A%226d7fd44c5c1047528209a8a0de287aa8%22%2C%22ua%22%3A%22campaign_Activated_Winback_6M_ConfirmReminders_NoActiveReminders%20%20from%20Workflow%20151123%22%2C%22ts%22%3A1641057652943%2C%22d%22%3A%22secure.doxo.com%22%2C%22h%22%3A%22%2F%22%2C%22q%22%3A%22%3Futm_source%3DIterable%26utm_medium%3Demail%26utm_campaign%3Dcampaign_Activated_Winback_6M_ConfirmReminders_NoActiveReminders%2520%2520from%2520Workflow%2520151123%26utm_content%3D6d7fd44c5c1047528209a8a0de287aa8%22%7D
.doxo.com/ Name: fs_uid
Value: rs.fullstory.com#1ITz#5313682087174144:6542699712831488/1672593652

1 Console Messages

Source Level URL
Text
network error URL: https://user.doxo.com/oauth/authorize?redirect_uri=https%3A%2F%2Fsecure.doxo.com%2Fauth%2Fcallback%2F&client_id=becad9bc4d4b71ac91310b5a6ed6732fdd5af45c623c17adad8bd2e09b6a7403&response_type=code&state=oTjf5rFloh&scope=user_service&display=popup&prompt=none&code_challenge=9L2mjCNenVn7PTsy0nRxF-lfCeX5JncZwXMjQooFmUw&code_challenge_method=S256
Message:
Failed to load resource: the server responded with a status of 502 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bat.bing.com
cdn.heapanalytics.com
cdn.jsdelivr.net
connect.facebook.net
d13abuqgaodzs6.cloudfront.net
edge.fullstory.com
fast.appcues.com
fonts.googleapis.com
heapanalytics.com
links.iterable.com
rs.fullstory.com
rum-http-intake.logs.datadoghq.com
secure.doxo.com
user.doxo.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
13.225.73.18
2600:1f18:24e6:b901:4281:7a44:2477:25fb
2600:9000:21f3:9600:1:623d:9980:21
2606:4700::6810:5814
2620:1ec:c11::200
2a00:1450:4001:80f::200a
2a00:1450:4001:811::2008
2a00:1450:4001:812::200e
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:400::622
3.221.52.23
34.233.227.119
35.153.212.150
35.186.194.58
35.201.112.186
52.201.146.241
05b35492a2546223e05dafc286331cb0d47ad840764715b8cb9117f3e5e2f983
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
22b1d105947db8db61bbdc6dd5540d06d0128ff9f3d1fdd825c6dabf0ef51085
24469c7804c3c61aac7560a0eb8ebed690b635f9f8af1854e1389e5ac9bcb90e
25dda3a3529b2bc18adfdce991be8bc54606e8fd479abe079d40327b662bed06
32c2e16e15d4787a9d2eb920303aa15d11c2b9854a75bf554417c4993f143d83
3fbbb48f95ad471b880728d24affd27fbe2ec28ef85eaa5bb9cb2c1cfca2cc95
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
443a80555e5fb768dd5d605f61da021766b35f9125c2d2834f5f79aa2e599eef
4783757a08118a800d793f868f0efe0f58e144de4314f3cecbd1fa6d9c3c4f1a
4808bd5c45464157106171f47c7e4493d563092bfe33934c235ed2da245b29d9
50271f9d1fb53bfd2074827218441de193a0f5bdb94f6a20b3e76d1fa91b41b7
50a5284de7a0b6a18645b623fe7cd7b193ed75387dc21eeb7b8527775fecae24
64f3077707f228787d6e2d1c017e1619786ca7472ffdcdf0057ae035994ca9fc
65602d8dc12d587f855664abaef8080d2a6b706b72e838ef000d5a6887a5809c
6a6e865a14f30a63d1c719ddd8f52db530a8a388c9e4e05484fcf2353353a98f
6abca65186a90b5073dbe55e396519e590e93b643dd5d530057f24516b542b31
6afdb1c4942e620cbf531eae882321595dfc74a63a5c4eb45be461fec3ea675f
7421002fede7d6448be9e69112ed7d1385983d74b804bff74357a389e67b2522
88039d0dd06848e544b88df5abe5df2fdbac8ddb7f2c63bb99580536fa95b5b8
93dae4a5f6c766cc2232e293205e327e5e3d96e1230bea816e7b19c9a28d92d6
99c1697bfc05f8e00314bc2aa32c60b123b311965e94e91801d3876d86d72fdd
9a6f890cb47fee47c8f8f2366ce7481f6323eecf1f966784f350761cfab24d35
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
ab42c0e657fbf5a60d9678c1a5bf148b1c709bc5720bc91b23d5d4746855889f
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c823343bbd33e527b2f8d09fc0e3bf153b53ee32f110a4fe1871dd8f42a9c2b7
d4c676ed415cb16654c1309c8c2ee790db12f4a5ae5efb675a595ddd31a6a9e3
db8f645e29482c593e172d89b665221a4b30688d2a65daa44dc9eafdcac559e5
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edb4166321e3fa7b70e189765b90f6f17ba97b0e7c4d4e2ffae4aabc5478ab50
fe3d85b891998a7fba6f129abf75cf2bb52563a2744b4c72f2c586b851b2897d
ff420b26b8a33e1bcae39c4d165c2cc259681bbb7b32565dbd7644c1d84cbfa8