uatadmin.davincimeetingrooms.com Open in urlscan Pro
104.214.29.203 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://uatadmin.davincimeetingrooms.com/
Effective URL:
https://uatadmin.davincimeetingrooms.com/secure/login
Submission: On November 05 via api (November 5th 2024, 6:49:03 am UTC) from US — Scanned from DE

Summary HTTP 74 Redirects Behaviour Indicators

Summary

This website contacted 35 IPs in 4 countries across 24 domains to perform 74 HTTP transactions. The main IP is 104.214.29.203, located in San Antonio, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is uatadmin.davincimeetingrooms.com.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on November 5th 2024. Valid for: 6 months.

This is the only time uatadmin.davincimeetingrooms.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 13	104.214.29.203 104.214.29.203	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
2	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2	52.222.236.107 52.222.236.107	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:4239	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	142.250.186.67 142.250.186.67	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:33:1... 2620:1ec:33:1::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2	142.250.185.227 142.250.185.227	15169 (GOOGLE) (GOOGLE)
4	34.49.241.189 34.49.241.189	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	178.249.97.23 178.249.97.23	11054 (LIVEPERSON) (LIVEPERSON)
1	2a00:1450:400... 2a00:1450:400c:c0a::9d	15169 (GOOGLE) (GOOGLE)
4	152.195.15.58 152.195.15.58	15133 (EDGECAST) (EDGECAST)
1	2606:4700:10:... 2606:4700:10::6816:3668	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:205... 2600:9000:2057:b800:18:6c16:27c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	44.237.145.255 44.237.145.255	16509 (AMAZON-02) (AMAZON-02)
1	18.172.103.101 18.172.103.101	16509 (AMAZON-02) (AMAZON-02)
2	157.240.253.1 157.240.253.1	32934 (FACEBOOK) (FACEBOOK)
1	142.250.186.142 142.250.186.142	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	34.107.203.234 34.107.203.234	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	178.249.97.99 178.249.97.99	11054 (LIVEPERSON) (LIVEPERSON)
5	34.120.154.120 34.120.154.120	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.66.102.11 18.66.102.11	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:223... 2600:9000:223d:e000:12:de4a:40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	52.208.3.210 52.208.3.210	16509 (AMAZON-02) (AMAZON-02)
1	13.33.187.109 13.33.187.109	16509 (AMAZON-02) (AMAZON-02)
1	54.76.153.143 54.76.153.143	16509 (AMAZON-02) (AMAZON-02)
3	208.89.12.87 208.89.12.87	11054 (LIVEPERSON) (LIVEPERSON)
74	35

13 104.214.29.203 (San Antonio, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

uatadmin.davincimeetingrooms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.236.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-107.fra56.r.cloudfront.net

widget.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:4239 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:33:1::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.49.241.189 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 189.241.49.34.bc.googleusercontent.com

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.249.97.23 (United States)

ASN11054 (LIVEPERSON, US)

lptag.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 152.195.15.58 (United States)

ASN15133 (EDGECAST, US)

cdn.bizible.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.bizibly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3668 (United States)

ASN13335 (CLOUDFLARENET, US)

rum-static.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:b800:18:6c16:27c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

tools.luckyorange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 44.237.145.255 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-237-145-255.us-west-2.compute.amazonaws.com

app.picreel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.172.103.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-103-101.fra60.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.203.234 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 234.203.107.34.bc.googleusercontent.com

settings.luckyorange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.249.97.99 (United States)

ASN11054 (LIVEPERSON, US)
PTR: lo-accdn.lpsnmedia.net

accdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.120.154.120 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 120.154.120.34.bc.googleusercontent.com

lpcdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-11.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223d:e000:12:de4a:40:93a1 (United States)

ASN16509 (AMAZON-02, US)

125525.tctm.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.3.210 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-3-210.eu-west-1.compute.amazonaws.com

rum-collector-2.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.187.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-109.fra60.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.153.143 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-153-143.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 208.89.12.87 (United States)

ASN11054 (LIVEPERSON, US)
PTR: va.v.liveperson.net

va.v.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	davincimeetingrooms.com 1 redirects uatadmin.davincimeetingrooms.com	201 KB
7	lpsnmedia.net accdn.lpsnmedia.net — Cisco Umbrella Rank: 4602 lpcdn.lpsnmedia.net — Cisco Umbrella Rank: 4284	292 KB
5	liveperson.net lptag.liveperson.net — Cisco Umbrella Rank: 4143 va.v.liveperson.net — Cisco Umbrella Rank: 4688	162 KB
5	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 971 logx.optimizely.com — Cisco Umbrella Rank: 1669	101 KB
4	picreel.com app.picreel.com — Cisco Umbrella Rank: 180119	163 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	68 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34 region1.google-analytics.com — Cisco Umbrella Rank: 3643	22 KB
3	bizible.com cdn.bizible.com — Cisco Umbrella Rank: 9266	26 KB
2	tctm.co 125525.tctm.co	17 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 877 script.hotjar.com — Cisco Umbrella Rank: 1177	61 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	5 KB
2	bing.net bat.bing.net — Cisco Umbrella Rank: 20475	467 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	74 KB
2	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1442 insight.adsrvr.org — Cisco Umbrella Rank: 945	6 KB
2	luckyorange.com tools.luckyorange.com — Cisco Umbrella Rank: 14252 settings.luckyorange.com — Cisco Umbrella Rank: 14201 Failed	5 KB
2	pingdom.net rum-static.pingdom.net — Cisco Umbrella Rank: 6596 rum-collector-2.pingdom.net — Cisco Umbrella Rank: 6092	3 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 stats.g.doubleclick.net — Cisco Umbrella Rank: 136	719 B
2	bing.com bat.bing.com — Cisco Umbrella Rank: 348	15 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	180 KB
2	trustpilot.com widget.trustpilot.com — Cisco Umbrella Rank: 5983	9 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 89	21 KB
1	hotjar.io content.hotjar.io — Cisco Umbrella Rank: 6755	172 B
1	bizibly.com cdn.bizibly.com — Cisco Umbrella Rank: 13274	204 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	912 B
74	24

	Domain	Requested by
13	uatadmin.davincimeetingrooms.com	1 redirects uatadmin.davincimeetingrooms.com
5	lpcdn.lpsnmedia.net	lptag.liveperson.net
4	app.picreel.com	www.googletagmanager.com app.picreel.com cdn.bizible.com
4	logx.optimizely.com	cdn.optimizely.com cdn.bizible.com
3	va.v.liveperson.net	lptag.liveperson.net
3	cdn.bizible.com	www.googletagmanager.com uatadmin.davincimeetingrooms.com cdn.bizible.com
3	www.google-analytics.com	uatadmin.davincimeetingrooms.com www.google-analytics.com
2	125525.tctm.co	www.googletagmanager.com 125525.tctm.co
2	accdn.lpsnmedia.net	lptag.liveperson.net
2	www.facebook.com	uatadmin.davincimeetingrooms.com
2	bat.bing.net	bat.bing.com uatadmin.davincimeetingrooms.com
2	connect.facebook.net	uatadmin.davincimeetingrooms.com connect.facebook.net
2	lptag.liveperson.net	uatadmin.davincimeetingrooms.com
2	fonts.gstatic.com	fonts.googleapis.com
2	bat.bing.com	uatadmin.davincimeetingrooms.com bat.bing.com
2	www.gstatic.com	uatadmin.davincimeetingrooms.com www.gstatic.com
2	www.googletagmanager.com	uatadmin.davincimeetingrooms.com www.googletagmanager.com
2	widget.trustpilot.com	uatadmin.davincimeetingrooms.com widget.trustpilot.com
2	www.googleadservices.com	uatadmin.davincimeetingrooms.com www.gstatic.com
1	content.hotjar.io	cdn.bizible.com
1	script.hotjar.com	static.hotjar.com
1	rum-collector-2.pingdom.net	cdn.bizible.com
1	insight.adsrvr.org	js.adsrvr.org
1	static.hotjar.com	uatadmin.davincimeetingrooms.com
1	settings.luckyorange.com	tools.luckyorange.com
1	cdn.bizibly.com	uatadmin.davincimeetingrooms.com
1	region1.google-analytics.com	www.googletagmanager.com
1	js.adsrvr.org	www.googletagmanager.com
1	tools.luckyorange.com	www.googletagmanager.com
1	rum-static.pingdom.net	www.googletagmanager.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	cdn.optimizely.com	uatadmin.davincimeetingrooms.com
1	fonts.googleapis.com	uatadmin.davincimeetingrooms.com
74	34

This site contains no links.

Subject Issuer	Validity	Valid
uatadmin.davincimeetingrooms.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2024-11-05` - `2025-05-05`	6 months	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.googleadservices.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.trustpilot.com Amazon RSA 2048 M03	`2024-01-03` - `2025-01-31`	a year	crt.sh
cdn.optimizely.com WE1	`2024-10-21` - `2025-01-19`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 03	`2024-09-16` - `2025-03-15`	6 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
logx.optimizely.com WR3	`2024-09-16` - `2024-12-15`	3 months	crt.sh
*.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2023-11-28` - `2024-11-27`	a year	crt.sh
io.bizible.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-07` - `2025-07-08`	a year	crt.sh
pingdom.net WE1	`2024-09-12` - `2024-12-12`	3 months	crt.sh
luckyorange.com Amazon RSA 2048 M02	`2024-10-17` - `2025-11-14`	a year	crt.sh
*.picreel.com Amazon RSA 2048 M02	`2024-08-27` - `2025-09-25`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-14` - `2024-11-12`	3 months	crt.sh
bat.bing.net Microsoft Azure RSA TLS Issuing CA 07	`2024-10-27` - `2025-04-25`	6 months	crt.sh
settings.luckyorange.com R11	`2024-10-08` - `2025-01-06`	3 months	crt.sh
*.lpsnmedia.net Sectigo RSA Organization Validation Secure Server CA	`2024-10-08` - `2025-10-08`	a year	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
*.tctm.co Amazon RSA 2048 M03	`2024-07-06` - `2025-08-03`	a year	crt.sh
*.pingdom.net Amazon RSA 2048 M03	`2024-10-22` - `2025-11-19`	a year	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2024-01-31` - `2025-03-01`	a year	crt.sh
*.v.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2024-08-20` - `2025-08-20`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://uatadmin.davincimeetingrooms.com/secure/login
Frame ID: EAFBD0D9414822652ED39736B1E3315A
Requests: 71 HTTP requests in this frame

Frame: https://lpcdn.lpsnmedia.net/le_secure_storage/3.31.1-release_1465379762/storage.secure.min.html?loc=https%3A%2F%2Fuatadmin.davincimeetingrooms.com&site=86101864&ist=sessionStorage&env=prod&accdn=accdn.lpsnmedia.net
Frame ID: 047ED284087978C08C17406730CAECDA
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=hl90nhy&ref=https%3A%2F%2Fuatadmin.davincimeetingrooms.com%2Fsecure%2Flogin&upid=q84sit1&upv=1.1.0&paapi=1
Frame ID: A8089C9FF99C8611C6E445723AB0924D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Conference Facilities, Meeting Space | Davinci Meeting Rooms & Conference Center

Page URL History Show full URLs

https://uatadmin.davincimeetingrooms.com/ HTTP 302
https://uatadmin.davincimeetingrooms.com/secure/login Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

74
Requests

99 %
HTTPS

35 %
IPv6

24
Domains

34
Subdomains

35
IPs

4
Countries

1431 kB
Transfer

4330 kB
Size

24
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://uatadmin.davincimeetingrooms.com/ HTTP 302
https://uatadmin.davincimeetingrooms.com/secure/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

74 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request login Show response
uatadmin.davincimeetingrooms.com/secure/
Redirect Chain

https://uatadmin.davincimeetingrooms.com/
https://uatadmin.davincimeetingrooms.com/secure/login

11 KB
5 KB

193ms
193ms

Document
text/html

104.214.29.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://uatadmin.davincimeetingrooms.com/secure/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.214.29.203 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7a5ac3ae33283dd222e22adbaecabd79da1e973144b42e03e05ec96dd306c850

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control: private
Content-Encoding: gzip
Content-Length: 4474
Content-Type: text/html; charset=utf-8
Date: Tue, 05 Nov 2024 06:48:56 GMT
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.2
X-Powered-By: ASP.NET

Redirect headers

Cache-Control: private
Content-Length: 130
Content-Type: text/html; charset=utf-8
Date: Tue, 05 Nov 2024 06:48:56 GMT
Location: /secure/login
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.2
X-Powered-By: ASP.NET

GET
H/1.1 200
OK legacy.css
uatadmin.davincimeetingrooms.com/assets/css/ 107 KB
26 KB 164ms
161ms Stylesheet
text/css 104.214.29.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://uatadmin.davincimeetingrooms.com/assets/css/legacy.css
Requested by: Host: uatadmin.davincimeetingrooms.com
URL: https://uatadmin.davincimeetingrooms.com/secure/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.214.29.203 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: bd141e2b7780aad75f631f169a6a47ea8de2604d2bbd40827e8bbd93673b509f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/secure/login

Response headers

X-Powered-By: ASP.NET
Content-Encoding: gzip
ETag: "02010424a2fdb1:0"
Accept-Ranges: bytes
Content-Length: 26077
Date: Tue, 05 Nov 2024 06:48:56 GMT
Content-Type: text/css
Last-Modified: Tue, 05 Nov 2024 06:16:32 GMT
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding

GET
H/1.1 200
OK dv.css
uatadmin.davincimeetingrooms.com/ 151 KB
37 KB 501ms
187ms Stylesheet
text/css 104.214.29.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://uatadmin.davincimeetingrooms.com/dv.css?r=5839F7895A5E0F0687102722E68EB19D
Requested by: Host: uatadmin.davincimeetingrooms.com
URL: https://uatadmin.davincimeetingrooms.com/secure/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.214.29.203 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c8b32f0ae8408024e373a54c923594708f646dc2a905b29fa21dbe5a5e5b7c1f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/secure/login

Response headers

X-Powered-By: ASP.NET
Content-Encoding: gzip
ETag: "5e969174d2fdb1:0"
Accept-Ranges: bytes
Content-Length: 37466
Date: Tue, 05 Nov 2024 06:48:56 GMT
Content-Type: text/css
Last-Modified: Tue, 05 Nov 2024 06:36:48 GMT
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding

GET
H/1.1 200
OK dv.js Show response
uatadmin.davincimeetingrooms.com/ 274 KB
105 KB 641ms
190ms Script
application/x-javascript 104.214.29.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://uatadmin.davincimeetingrooms.com/dv.js?r=6D074BA5CBFD8AF53BD9AAAA2F3FAE9E
Requested by: Host: uatadmin.davincimeetingrooms.com
URL: https://uatadmin.davincimeetingrooms.com/secure/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.214.29.203 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: cccdeef8b4b221944a1ed97f0f64da34c961ed48a0e604f53d1940b4ee950818

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/secure/login

Response headers

Transfer-Encoding: chunked
X-Powered-By: ASP.NET
Content-Encoding: gzip
ETag: "2e9447174d2fdb1:0"
Accept-Ranges: bytes
Date: Tue, 05 Nov 2024 06:48:56 GMT
Content-Type: application/x-javascript
Last-Modified: Tue, 05 Nov 2024 06:36:48 GMT
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding

GET
H2 200 css
fonts.googleapis.com/ 3 KB
912 B 137ms
46ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Requested by

Host: uatadmin.davincimeetingrooms.com
URL: https://uatadmin.davincimeetingrooms.com/secure/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

90e974df873feda1d776ead3f199c7e9144bc524114dc9a4acac291cd8f56512

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 05 Nov 2024 06:48:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 06:48:57 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 05 Nov 2024 06:34:14 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H/1.1 200
OK login.css
uatadmin.davincimeetingrooms.com/assets/css/ 1 KB
952 B 603ms
152ms Stylesheet
text/css 104.214.29.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://uatadmin.davincimeetingrooms.com/assets/css/login.css
Requested by: Host: uatadmin.davincimeetingrooms.com
URL: https://uatadmin.davincimeetingrooms.com/secure/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.214.29.203 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2702ff9f74655600a95ea32679da5a2ba076156e8a48b3f4704a36ef1efd4113

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/secure/login

Response headers

X-Powered-By: ASP.NET
Content-Encoding: gzip
ETag: "02010424a2fdb1:0"
Accept-Ranges: bytes
Content-Length: 659
Date: Tue, 05 Nov 2024 06:48:56 GMT
Content-Type: text/css
Last-Modified: Tue, 05 Nov 2024 06:16:32 GMT
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding

GET
H/1.1 200
OK jquery.metadata.js Show response
uatadmin.davincimeetingrooms.com/assets/js/jquery/ 4 KB
2 KB 623ms
172ms Script
application/x-javascript 104.214.29.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://uatadmin.davincimeetingrooms.com/assets/js/jquery/jquery.metadata.js
Requested by: Host: uatadmin.davincimeetingrooms.com
URL: https://uatadmin.davincimeetingrooms.com/secure/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.214.29.203 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f5bf35ec31a628e648ebeaa60f93f5a282838a9a0d37389df247392016a86164

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/secure/login

Response headers

X-Powered-By: ASP.NET
Content-Encoding: gzip
ETag: "02010424a2fdb1:0"
Accept-Ranges: bytes
Content-Length: 1821
Date: Tue, 05 Nov 2024 06:48:56 GMT
Content-Type: application/x-javascript
Last-Modified: Tue, 05 Nov 2024 06:16:32 GMT
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding

GET
H/1.1 200
OK jquery.validate.min.js Show response
uatadmin.davincimeetingrooms.com/assets/js/jquery/ 21 KB
8 KB 623ms
172ms Script
application/x-javascript 104.214.29.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://uatadmin.davincimeetingrooms.com/assets/js/jquery/jquery.validate.min.js
Requested by: Host: uatadmin.davincimeetingrooms.com
URL: https://uatadmin.davincimeetingrooms.com/secure/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.214.29.203 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 11b1c0e5a3310cfaf10c857db28ffbbe227c31bac0acdd5b56397eac032c82d9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/secure/login

Response headers

X-Powered-By: ASP.NET
Content-Encoding: gzip
ETag: "02010424a2fdb1:0"
Accept-Ranges: bytes
Content-Length: 7887
Date: Tue, 05 Nov 2024 06:48:56 GMT
Content-Type: application/x-javascript
Last-Modified: Tue, 05 Nov 2024 06:16:32 GMT
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding

GET
H/1.1 200
OK forms.js Show response
uatadmin.davincimeetingrooms.com/assets/js/ 2 KB
1 KB 630ms
176ms Script
application/x-javascript 104.214.29.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://uatadmin.davincimeetingrooms.com/assets/js/forms.js
Requested by: Host: uatadmin.davincimeetingrooms.com
URL: https://uatadmin.davincimeetingrooms.com/secure/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.214.29.203 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2deb32d57737b66d2c08a84735041ec451d464df98fc013c805cf4316fbdb586

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/secure/login

Response headers

X-Powered-By: ASP.NET
Content-Encoding: gzip
ETag: "02010424a2fdb1:0"
Accept-Ranges: bytes
Content-Length: 938
Date: Tue, 05 Nov 2024 06:48:56 GMT
Content-Type: application/x-javascript
Last-Modified: Tue, 05 Nov 2024 06:16:32 GMT
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding

GET
H3 200 conversion.js Show response
www.googleadservices.com/pagead/ 56 KB
20 KB 121ms
58ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: uatadmin.davincimeetingrooms.com
URL: https://uatadmin.davincimeetingrooms.com/secure/login

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

af5c27d91a8b814351b6522aa17a23a709545f11cdbc953cb0d452280e5d3b0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

content-encoding: br
etag: 13730477501505533595
x-content-type-options: nosniff
expires: Tue, 05 Nov 2024 06:48:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 05 Nov 2024 06:48:56 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 20911
x-xss-protection: 0
server: cafe

GET
H2 200 tp.widget.sync.bootstrap.min.js Show response
widget.trustpilot.com/bootstrap/v5/ 1 KB
1 KB 120ms
41ms Script
application/x-javascript 52.222.236.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/bootstrap/v5/tp.widget.sync.bootstrap.min.js

Requested by

Host: uatadmin.davincimeetingrooms.com
URL: https://uatadmin.davincimeetingrooms.com/secure/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-107.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

90745a0f257aa1424e5b997ec85544b52094e60b7187c09ec3f108303bfc2073

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

content-encoding: gzip
etag: "a148992a7b15dc7e6a9fa9d5e18e4368"
age: 14343
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: LQaGNuFQzFiff444Hw2TNHCN82W8Ucq2quJg2b8z9xD_ABKgFkhnZw==
date: Tue, 05 Nov 2024 02:49:55 GMT
content-type: application/x-javascript
last-modified: Wed, 09 Oct 2024 12:04:38 GMT
strict-transport-security: max-age=31536000
cache-control: max-age=86400
via: 1.1 ed91e9c9d6be32c45c1d670b7d4a6616.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 712
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 6322080518.js Show response
cdn.optimizely.com/js/ 317 KB
100 KB 380ms
285ms Script
text/javascript 2606:4700::6812:4239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.optimizely.com/js/6322080518.js
Requested by: Host: uatadmin.davincimeetingrooms.com
URL: https://uatadmin.davincimeetingrooms.com/secure/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:4239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ab642f16e2140290494735e1ae6d4f9e60cd311eab591bec8023a432fec8301

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

access-control-max-age: 86400
access-control-expose-headers: x-amz-meta-revision
content-encoding: gzip
cf-cache-status: EXPIRED
etag: "75cd1825dc7c59fe38be68bbd5f0e7de"
x-amz-version-id: Zi2_p39y2WkX5OD3jJ9HkYsi6xf9kPme
access-control-allow-methods: GET, HEAD
date: Tue, 05 Nov 2024 06:48:57 GMT
x-amz-meta-revision: 71
content-type: text/javascript; charset=utf-8
last-modified: Fri, 05 Jan 2018 18:03:19 GMT
vary: Accept-Encoding
x-amz-id-2: MRLcTzk8Aen54tOn9pddRaUi4o4kO88g+YV1wBvQyF8Ign+NfKfZG3gH0nmY5BtfVaotvr009sE=
access-control-allow-headers: *
cache-control: max-age=120
timing-allow-origin: *
access-control-allow-credentials: false
x-amz-request-id: B4D4VE2AG8RA51C5
cf-ray: 8ddae6ac59189bf5-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 102144
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 275 KB
93 KB 178ms
65ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TL6QHZ

Requested by

Host: uatadmin.davincimeetingrooms.com
URL: https://uatadmin.davincimeetingrooms.com/secure/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5160628e979bfb90acf5aecab926bd12a2db51ebe4378f6a0e889670c2571676

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Tue, 05 Nov 2024 06:48:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 06:48:58 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 05 Nov 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 94554
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 156ms
43ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: uatadmin.davincimeetingrooms.com
URL: https://uatadmin.davincimeetingrooms.com/secure/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

content-encoding: gzip
age: 4963
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Tue, 05 Nov 2024 07:26:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 05:26:15 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H3 200 loader.js Show response
www.gstatic.com/wcm/ 6 KB
2 KB 149ms
38ms Script
text/javascript 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/wcm/loader.js

Requested by

Host: uatadmin.davincimeetingrooms.com
URL: https://uatadmin.davincimeetingrooms.com/secure/login

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

670f77f11cb4c747f5de1affa5b53687cf7a20d1eaf99b0ef5c9c60858aefa55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

content-encoding: br
age: 1579
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options: nosniff
expires: Tue, 05 Nov 2024 07:22:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 06:22:39 GMT
last-modified: Wed, 20 Mar 2024 23:18:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
content-length: 2133
x-xss-protection: 0
server: sffe

GET
H2 200 bat.js Show response
bat.bing.com/ 50 KB
15 KB 199ms
65ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: uatadmin.davincimeetingrooms.com
URL: https://uatadmin.davincimeetingrooms.com/secure/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: gzip
etag: "028e0691d20db1:0"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B5F91C2C95C54A5EA0409B5392EB2013 Ref B: FRA31EDGE0414 Ref C: 2024-11-05T06:48:58Z
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 14570
date: Tue, 05 Nov 2024 06:48:57 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 22:47:44 GMT
vary: Accept-Encoding

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1038069620/ 43 B
61 B 163ms
57ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1038069620/?random=1730789337873&cv=9&fst=1730789337873&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&data=ecomm_prodid%3D%3Becomm_pagetype%3Dother%3Becomm_totalvalue%3D%3Bdynx_itemid%3D%3Bdynx_itemid2%3D%3Bdynx_pagetype%3Dother%3Bdynx_totalvalue%3D&frm=0&url=https%3A%2F%2Fuatadmin.davincimeetingrooms.com%2Fsecure%2Flogin&tiba=Conference%20Facilities%2C%20Meeting%20Space%20%7C%20Davinci%20Meeting%20Rooms%20%26%20Conference%20Center&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 37
date: Tue, 05 Nov 2024 06:48:58 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H/1.1 200
OK headerBkgrnd.png
uatadmin.davincimeetingrooms.com/assets/images/ 223 B
470 B 151ms
151ms Image
image/png 104.214.29.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uatadmin.davincimeetingrooms.com/assets/images/headerBkgrnd.png
Requested by: Host: uatadmin.davincimeetingrooms.com
URL: https://uatadmin.davincimeetingrooms.com/dv.css?r=5839F7895A5E0F0687102722E68EB19D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.214.29.203 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 96041a600b0b0fbe9b5abb1879edec5a8a848249edcdce726aaf1d9529683b4b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/dv.css?r=5839F7895A5E0F0687102722E68EB19D

Response headers

ETag: "02010424a2fdb1:0"
Accept-Ranges: bytes
Content-Length: 223
Date: Tue, 05 Nov 2024 06:48:57 GMT
Content-Type: image/png
Last-Modified: Tue, 05 Nov 2024 06:16:32 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET

GET
H/1.1 200
OK navDavinciLogo.png
uatadmin.davincimeetingrooms.com/assets/images/ 12 KB
13 KB 158ms
157ms Image
image/png 104.214.29.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uatadmin.davincimeetingrooms.com/assets/images/navDavinciLogo.png
Requested by: Host: uatadmin.davincimeetingrooms.com
URL: https://uatadmin.davincimeetingrooms.com/dv.css?r=5839F7895A5E0F0687102722E68EB19D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.214.29.203 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2468ce2203e061eff1bbc5b7ef7ad8e7eddc880b3a012c5240f136442fec00de

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/dv.css?r=5839F7895A5E0F0687102722E68EB19D

Response headers

ETag: "02010424a2fdb1:0"
Accept-Ranges: bytes
Content-Length: 12780
Date: Tue, 05 Nov 2024 06:48:57 GMT
Content-Type: image/png
Last-Modified: Tue, 05 Nov 2024 06:16:32 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET

GET
H/1.1 200
OK checkbox-unchecked.png
uatadmin.davincimeetingrooms.com/assets/images/listing/ 1014 B
1 KB 159ms
159ms Image
image/png 104.214.29.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uatadmin.davincimeetingrooms.com/assets/images/listing/checkbox-unchecked.png
Requested by: Host: uatadmin.davincimeetingrooms.com
URL: https://uatadmin.davincimeetingrooms.com/dv.css?r=5839F7895A5E0F0687102722E68EB19D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.214.29.203 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1bd2c76dddde8acc8e1f54a177230a34a01c2096237f03873d22cc9748ceb86f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/dv.css?r=5839F7895A5E0F0687102722E68EB19D

Response headers

ETag: "02010424a2fdb1:0"
Accept-Ranges: bytes
Content-Length: 1014
Date: Tue, 05 Nov 2024 06:48:57 GMT
Content-Type: image/png
Last-Modified: Tue, 05 Nov 2024 06:16:32 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 150ms
60ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://uatadmin.davincimeetingrooms.com
Referer: https://fonts.googleapis.com/

Response headers

age: 487341
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 15:26:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:26:37 GMT
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23580
x-xss-protection: 0
server: sffe

GET
H3 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 132ms
42ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://uatadmin.davincimeetingrooms.com
Referer: https://fonts.googleapis.com/

Response headers

age: 486641
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 15:38:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:38:17 GMT
last-modified: Tue, 02 May 2023 15:08:26 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23236
x-xss-protection: 0
server: sffe

GET
H2 200 tp.widget.bootstrap.min.js Show response
widget.trustpilot.com/bootstrap/v5/ 23 KB
8 KB 42ms
41ms Script
application/x-javascript 52.222.236.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.sync.bootstrap.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-107.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c69de41dda83f00cc1b13dba90a57f25df046286ecd227bdd0c4d51d94947b61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

content-encoding: gzip
etag: "7d4644d89e45fe92623bdd628e60e8dd"
age: 19412
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: EtcKuXSwFRH6a3cZmWt4w0BmlBCtuTwAzaxI369WaPHbDqxov8xJ8Q==
date: Tue, 05 Nov 2024 01:25:26 GMT
content-type: application/x-javascript
last-modified: Wed, 09 Oct 2024 12:04:38 GMT
strict-transport-security: max-age=31536000
cache-control: max-age=86400
via: 1.1 ed91e9c9d6be32c45c1d670b7d4a6616.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 7350
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 404 event Show response
logx.optimizely.com/log/ 0
363 B 236ms
131ms XHR
text/plain 34.49.241.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/log/event
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/6322080518.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.49.241.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.241.49.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

access-control-expose-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
via: 1.1 google
access-control-allow-origin: https://uatadmin.davincimeetingrooms.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 05 Nov 2024 06:48:58 GMT
content-type: text/plain
access-control-allow-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict

GET
H2 200 tag.js Show response
lptag.liveperson.net/tag/ 27 KB
10 KB 247ms
50ms Script
application/javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lptag.liveperson.net/tag/tag.js?site=86101864

Requested by

Host: uatadmin.davincimeetingrooms.com
URL: https://uatadmin.davincimeetingrooms.com/secure/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.23 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

2823fbfa7b9256867e21af1ecbfbb98583c8ef0e0b495f6f01d862ef58e3d93d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
content-encoding: gzip
etag: "6657cfc2-253d"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PATCH
x-content-type-options: nosniff
content-length: 9533
date: Tue, 05 Nov 2024 06:48:58 GMT
content-type: application/javascript
last-modified: Thu, 30 May 2024 01:00:50 GMT
server: ws
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H3 200 call-tracking_9.js Show response
www.gstatic.com/call-tracking/ 62 KB
20 KB 44ms
43ms Script
text/javascript 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/call-tracking/call-tracking_9.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

6d8f8fd6de0b42e3acc7b2f3005c599e9f54d21355c3d6850a5c13daca10d5ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

content-encoding: br
age: 98020
report-to: {"group":"ads-telephony","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-telephony"}]}
x-content-type-options: nosniff
expires: Tue, 04 Nov 2025 03:35:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 03:35:18 GMT
last-modified: Mon, 22 Jan 2024 22:18:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="ads-telephony"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-telephony
accept-ranges: bytes
content-length: 20777
x-xss-protection: 0
server: sffe

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
433 B 50ms
48ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1139464962&t=pageview&_s=1&dl=https%3A%2F%2Fuatadmin.davincimeetingrooms.com%2Fsecure%2Flogin&ul=de-de&de=UTF-8&dt=Conference%20Facilities%2C%20Meeting%20Space%20%7C%20Davinci%20Meeting%20Rooms%20%26%20Conference%20Center&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgAABAAAAACAAI~&jid=1344020884&gjid=2128758333&cid=1226296746.1730789338&tid=UA-6206249-1&_gid=197971407.1730789338&_slc=1&z=1322659820

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 06:48:58 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://uatadmin.davincimeetingrooms.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 3
server: Golfe2

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
658 B 189ms
51ms XHR
text/plain 2a00:1450:400c:c0a::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-6206249-1&cid=1226296746.1730789338&jid=1344020884&gjid=2128758333&_gid=197971407.1730789338&_u=IGBAgAABAAAAAGAAI~&z=2097808039

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgdc:149:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 06:48:58 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgdc:149:0
access-control-allow-origin: https://uatadmin.davincimeetingrooms.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 1
server: Golfe2

GET
H2 200 5117086.js Show response
bat.bing.com/p/action/ 362 B
417 B 66ms
65ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5117086.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

28168751a3267ac9c5f88003ac159fc70033e01cd6667833e52a4ef19e0f5b65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6EE111D5676F40CB8337C63C57C41FAC Ref B: FRA31EDGE0414 Ref C: 2024-11-05T06:48:58Z
x-cache: CONFIG_NOCACHE
date: Tue, 05 Nov 2024 06:48:57 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

GET
H3 200 wcm Show response
www.googleadservices.com/pagead/conversion/1038069620/ 81 B
95 B 47ms
46ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1038069620/wcm?cc=ZZ&dn=18774249767&cl=O_ZRCN7Kh2MQ9N7-7gM&ct_eid=2

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/call-tracking/call-tracking_9.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

d22d4f2250deeb2d80f1587d7d81d85e17d412bbcd98315e18fd9e35dc021c3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://uatadmin.davincimeetingrooms.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 72
date: Tue, 05 Nov 2024 06:48:58 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 240 KB
87 KB 48ms
47ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-111111111&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TL6QHZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

beaf59bbdb9bdc238a0259301777b717b47ee82cdedef95d696e5007cf665ce6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 05 Nov 2024 06:48:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 06:48:58 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 05 Nov 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 88851
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 bizible.js Show response
cdn.bizible.com/scripts/ 67 KB
25 KB 183ms
38ms Script
application/x-javascript 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.bizible.com/scripts/bizible.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TL6QHZ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.15.58 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67D4) /

Resource Hash

441dc9086f8113d30109a9369d4a1e1dc1e66a6f55be96f187d9aa05b238e469

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

strict-transport-security: max-age=31536000; includeSub
cache-control: max-age=86400
content-encoding: gzip
etag: "16628d8e32bdb1:0"
age: 34407
accept-ranges: bytes
x-cache: HIT
content-length: 25393
date: Tue, 05 Nov 2024 06:48:58 GMT
content-type: application/x-javascript
last-modified: Thu, 31 Oct 2024 22:25:52 GMT
server: ECS (frb/67D4)
vary: Accept-Encoding

GET
H2 200 pa-5d63fe9505a2410008000296.js Show response
rum-static.pingdom.net/ 6 KB
3 KB 255ms
143ms Script
application/javascript 2606:4700:10::6816:3668
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-static.pingdom.net/pa-5d63fe9505a2410008000296.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TL6QHZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3668 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fc6117262c8dc92d2d74c82a7b56aa3686efd515c9bf2965cb32769fe13f5ee

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

cache-control: max-age=86400
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"63490024-1852"
cf-ray: 8ddae6b49dc871df-FRA
expires: Tue, 05 Nov 2024 06:53:58 GMT
access-control-allow-origin: *
date: Tue, 05 Nov 2024 06:48:58 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 14 Oct 2022 06:22:28 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 lo.js Show response
tools.luckyorange.com/core/ 13 KB
5 KB 154ms
44ms Script
text/javascript 2600:9000:2057:b800:18:6c16:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.luckyorange.com/core/lo.js?site-id=d0eb29cc
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TL6QHZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:b800:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4eda83f304d2d8c8b0c4be2233dce114827a0c51065de371ed7e8c5fd26118f3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

content-encoding: gzip
etag: "9b474f69d37960e9c471d9d3316a036d"
age: 3173
x-cache: Hit from cloudfront
x-amz-cf-id: 0owFMPYfIdp68jJgckT-WLwLFzKeN598rVjBhfSc1fRxeeNT5qbxDA==
date: Tue, 05 Nov 2024 05:56:06 GMT
content-type: text/javascript
vary: accept-encoding
last-modified: Tue, 22 Oct 2024 16:14:17 GMT
cache-control: max-age=3600
via: 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 4677
x-amz-cf-pop: FRA6-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 main.js Show response
app.picreel.com/assets/ 1 KB
1 KB 648ms
209ms Script
application/javascript 44.237.145.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.picreel.com/assets/main.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TL6QHZ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.237.145.255 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-237-145-255.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c3a3db943e20d99275537609b123798805c27fee394bb3b0f489884207d46db2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

accept-ranges: bytes
content-length: 1047
date: Tue, 05 Nov 2024 06:48:58 GMT
etag: "670dffc1-417"
content-type: application/javascript
last-modified: Tue, 15 Oct 2024 05:38:09 GMT
server: nginx/1.18.0 (Ubuntu)

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 15 KB
6 KB 153ms
45ms Script
application/x-javascript 18.172.103.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TL6QHZ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.103.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-103-101.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c87aa708d354d2db657ba47b08aae2cc50653369ccbffa36448d7b47fd3e9fe6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

Transfer-Encoding: chunked
Vary: accept-encoding
Content-Encoding: gzip
ETag: W/"407149e43d6d6f4c2458e9179af5b3a2"
Age: 76439
Connection: keep-alive
Via: 1.1 d6f2ecdfd53b40c1776d655bd15fdeb0.cloudfront.net (CloudFront)
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: _JKGvnEB1FWFVLAwtIHGC-saqinf9R8slKOIRbcPyMs97tsd4DyxtA==
Date: Mon, 04 Nov 2024 09:35:00 GMT
Content-Type: application/x-javascript
Last-Modified: Thu, 31 Oct 2024 16:18:07 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P8
x-amz-server-side-encryption: AES256

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 90ms
40ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: uatadmin.davincimeetingrooms.com
URL: https://uatadmin.davincimeetingrooms.com/secure/login

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

924f0b32e86fe959e4290f3690d241cc6a24c08a0a4be56b4d3ce9c2286291bc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-ODsRkpyN' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 05 Nov 2024 06:48:58 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-ODsRkpyN' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=37, rtx=0, c=23, mss=1232, tbw=4456, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: geRER3IHVR3YF8eOo8naVGbsNyDSl3OVPJaQaXl4AuPs+u0xjM/J5ssNb180p6Btdh+Fb3ImXqsAY3ePh09Haw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62086
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
24 B 46ms
45ms XHR
text/plain 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1139464962&t=pageview&_s=1&dl=https%3A%2F%2Fuatadmin.davincimeetingrooms.com%2Fsecure%2Flogin&ul=de-de&de=UTF-8&dt=Conference%20Facilities%2C%20Meeting%20Space%20%7C%20Davinci%20Meeting%20Rooms%20%26%20Conference%20Center&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEABAAAAAGAAI~&jid=946149986&gjid=460341347&cid=1226296746.1730789338&tid=UA-6206249-1&_gid=197971407.1730789338&_r=1&gtm=45He4au0n71TL6QHZv72623645za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101823848~101878899~101878944~101925629&npa=1&z=1075430964

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 06:48:58 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://uatadmin.davincimeetingrooms.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 1
server: Golfe2

POST
H2 204 0
bat.bing.net/actionp/ 0
347 B 211ms
77ms Ping
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.net/actionp/0?ti=5117086&Ver=2&mid=7cd22060-4b08-4ae7-861a-f076ba7ae056&bo=1&evt=consent&src=enforced&cdb=AQAI&asc=D
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3BFC92470CDF4A81967E9BCF080AE96D Ref B: FRA31EDGE0212 Ref C: 2024-11-05T06:48:58Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Tue, 05 Nov 2024 06:48:57 GMT

GET
H2 204 0
bat.bing.net/action/ 0
120 B 208ms
76ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.net/action/0?ti=5117086&Ver=2&mid=7cd22060-4b08-4ae7-861a-f076ba7ae056&bo=2&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Conference%20Facilities,%20Meeting%20Space%20%7C%20Davinci%20Meeting%20Rooms%20%26%20Conference%20Center&p=https%3A%2F%2Fuatadmin.davincimeetingrooms.com%2Fsecure%2Flogin&r=&lt=1973&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=13343
Requested by: Host: uatadmin.davincimeetingrooms.com
URL: https://uatadmin.davincimeetingrooms.com/secure/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3351A9498CD34872AD835954F9C09F27 Ref B: FRA31EDGE0212 Ref C: 2024-11-05T06:48:58Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Tue, 05 Nov 2024 06:48:57 GMT

GET
H2 200 .jsonp Show response
lptag.liveperson.net/lptag/api/account/86101864/configuration/applications/taglets/ 506 KB
149 KB 54ms
51ms Script
application/x-javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lptag.liveperson.net/lptag/api/account/86101864/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Requested by

Host: uatadmin.davincimeetingrooms.com
URL: https://uatadmin.davincimeetingrooms.com/secure/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.23 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

f3bf17507307a79f681d5c1920c6c5a6179f674f739519983d671039535f265d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

x-cache-status: HIT
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: public, max-age=630
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PATCH
x-content-type-options: nosniff
date: Tue, 05 Nov 2024 06:48:58 GMT
content-type: application/x-javascript;charset=UTF-8
server: ws
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 148ms
47ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-111111111&gtm=45je4au0z872623645za200zb72623645&_p=1730789337867&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101878899~101878944~101925629&cid=1226296746.1730789338&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1730789338&sct=1&seg=0&dl=https%3A%2F%2Fuatadmin.davincimeetingrooms.com%2Fsecure%2Flogin&dt=Conference%20Facilities%2C%20Meeting%20Space%20%7C%20Davinci%20Meeting%20Rooms%20%26%20Conference%20Center&en=page_view&_fv=1&_ss=1&tfd=2314
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-111111111&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://uatadmin.davincimeetingrooms.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 06:48:58 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 189356184944279 Show response
connect.facebook.net/signals/config/ 67 KB
13 KB 87ms
87ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/189356184944279?v=2.9.176&r=stable&domain=uatadmin.davincimeetingrooms.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

4ead903fd72335d24159c81739cca2c9503d70599cd6f93b53bd488fb85d9727

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-gqz5nfhI' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 05 Nov 2024 06:48:58 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-gqz5nfhI' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=37, rtx=0, c=77, mss=1232, tbw=70855, tp=67, tpl=0, uplat=48, ullat=0
pragma: public
x-fb-debug: uuoTbUBZ8kJ3qBkT7hFdnMzSUuEIW0r06FJMmhjQr18/5lFnVRSf7MdDCcmv5IO2dbW6gCBRnX8+W++YuVpA9A==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 ipv
cdn.bizible.com/ 43 B
305 B 39ms
38ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.bizible.com/ipv?_biz_r=&_biz_h=-1906410348&_biz_u=5b9d8e4edb4741c58fbb0fa1bb98cad8&_biz_l=https%3A%2F%2Fuatadmin.davincimeetingrooms.com%2Fsecure%2Flogin&_biz_t=1730789338391&_biz_i=Conference%20Facilities%2C%20Meeting%20Space%20%7C%20Davinci%20Meeting%20Rooms%20%26%20Conference%20Center&_biz_n=0&rnd=696431&cdn_o=a&_biz_z=1730789338392

Requested by

Host: uatadmin.davincimeetingrooms.com
URL: https://uatadmin.davincimeetingrooms.com/secure/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.15.58 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BA) /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

strict-transport-security: max-age=31536000; includeSub
cache-control: no-cache, no-store
pragma: no-cache
age: 293613
expires: -1
accept-ranges: bytes
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-length: 43
date: Tue, 05 Nov 2024 06:48:58 GMT
content-type: Image/GIF
last-modified: Fri, 01 Nov 2024 21:15:25 GMT
server: ECS (frb/67BA)

GET
H2 200 u
cdn.bizibly.com/ 43 B
204 B 49ms
38ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.bizibly.com/u?_biz_u=5b9d8e4edb4741c58fbb0fa1bb98cad8&_biz_l=https%3A%2F%2Fuatadmin.davincimeetingrooms.com%2Fsecure%2Flogin&_biz_t=1730789338395&_biz_i=Conference%20Facilities%2C%20Meeting%20Space%20%7C%20Davinci%20Meeting%20Rooms%20%26%20Conference%20Center&rnd=750195&cdn_o=a&_biz_z=1730789338395

Requested by

Host: uatadmin.davincimeetingrooms.com
URL: https://uatadmin.davincimeetingrooms.com/secure/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.15.58 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6752) /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

strict-transport-security: max-age=31536000; includeSub
cache-control: no-cache, no-store
pragma: no-cache
age: 293606
expires: -1
accept-ranges: bytes
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-length: 43
date: Tue, 05 Nov 2024 06:48:58 GMT
content-type: Image/GIF
last-modified: Fri, 01 Nov 2024 21:15:32 GMT
server: ECS (frb/6752)

GET
H2 200 xdc.js Show response
cdn.bizible.com/ 111 B
319 B 155ms
155ms Script
text/javascript 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.bizible.com/xdc.js?_biz_u=5b9d8e4edb4741c58fbb0fa1bb98cad8&_biz_h=-1906410348&cdn_o=a&jsVer=4.24.10.31

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.15.58 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6711) /

Resource Hash

86295fefee375ab2d204f3877345da8e5ba9db235b5dc3bfc9a57de76bc2d3e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

strict-transport-security: max-age=31536000; includeSub
cache-control: private, must-revalidate, max-age=21600
content-encoding: gzip
etag: 690B0241
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-length: 213
date: Tue, 05 Nov 2024 06:48:58 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
server: ECS (frb/6711)

GET
H2 200 /
www.facebook.com/tr/ 0
275 B 123ms
38ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=189356184944279&ev=PageView&dl=https%3A%2F%2Fuatadmin.davincimeetingrooms.com%2Fsecure%2Flogin&rl=&if=false&ts=1730789338464&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1730789338463.843338151592835366&ler=empty&cdl=API_unavailable&it=1730789338357&coo=false&rqm=GET

Requested by

Host: uatadmin.davincimeetingrooms.com
URL: https://uatadmin.davincimeetingrooms.com/secure/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=36, rtx=0, c=10, mss=1297, tbw=2937, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Tue, 05 Nov 2024 06:48:58 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 280ms
196ms Image
image/png 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=189356184944279&ev=PageView&dl=https%3A%2F%2Fuatadmin.davincimeetingrooms.com%2Fsecure%2Flogin&rl=&if=false&ts=1730789338464&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1730789338463.843338151592835366&ler=empty&cdl=API_unavailable&it=1730789338357&coo=false&rqm=FGET

Requested by

Host: uatadmin.davincimeetingrooms.com
URL: https://uatadmin.davincimeetingrooms.com/secure/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src 'report-sample' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7433683605101325743"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 05 Nov 2024 06:48:58 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: HxUuFPhz1O6D2SZikUXGUEBX5oOUs0xES9BqSKE/rGrJTJXmYuQl3knKgyPfQ1iXHfHm6791bUq3geDzbeiHBQ==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7433683605101325743", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=36, rtx=0, c=12, mss=1297, tbw=3256, tp=-1, tpl=-1, uplat=156, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET d0eb29cc
settings.luckyorange.com/ 0
0

OPTIONS
H2 200 d0eb29cc
settings.luckyorange.com/ Frame 0
0 241ms
151ms Preflight 34.107.203.234
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://settings.luckyorange.com/d0eb29cc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 234.203.107.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-lucky-referrer,x-lucky-uid
Access-Control-Request-Method: GET
Origin: https://uatadmin.davincimeetingrooms.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Origin,Authorization,Content-Type,X-Lucky-Uid,X-Lucky-Site-Id,X-Lucky-Impersonate,X-Lucky-Session-Id,X-Lucky-Referrer
access-control-allow-methods: POST,GET,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://uatadmin.davincimeetingrooms.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 05 Nov 2024 06:48:58 GMT
via: 1.1 google

GET
H2 200 / Show response
accdn.lpsnmedia.net/api/account/86101864/configuration/setting/accountproperties/ 7 KB
2 KB 267ms
56ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/86101864/configuration/setting/accountproperties/?cb=accountSettingsCB

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/86101864/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

27271a571b9e2700caf70c38e261629811271cf02b7b3abbd86b881c757c5e62

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

x-cache-status: EXPIRED
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PATCH
x-content-type-options: nosniff
expires: Tue, 05 Nov 2024 06:49:58 GMT
date: Tue, 05 Nov 2024 06:48:58 GMT
content-type: application/javascript
vary: Accept
server: ws
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 ui-framework.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.40.1-release_1497670326/ 38 KB
12 KB 205ms
39ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_unified_window/10.40.1-release_1497670326/ui-framework.js?version=10.40.1-release_1497670326

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/86101864/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

120.154.120.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

dd101610bfdd5074e44f8db73ae061dfbd46c7b6a7c860171e525088e85b6474

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=oKNHqQ==, md5=BYdG3qhck64DJvVkVcqFTw==
content-encoding: br
age: 1639
x-content-type-options: nosniff
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 39335
date: Tue, 05 Nov 2024 06:21:39 GMT
last-modified: Sun, 20 Oct 2024 13:15:07 GMT
content-type: application/javascript
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY33ImJOJoiqApr15Cm_kJysG-bHWWIzzKc4DIBOvfBcSJSr69gyY707pHvTaqkGYWCPjcsmyKTGBQ
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public,max-age=31536000
timing-allow-origin: https://z1.le.liveperson.net, https://va.le.liveperson.net, https://z2.le.liveperson.net, https://lo.le.liveperson.net, https://am.le.liveperson.net, https://z3.le.liveperson.net, https://sy.le.liveperson.net, https://me.le.liveperson.net, https://vz-care-dev.liveengage.verizon.com, https://vz-care-qa.liveengage.verizon.com, https://vz-care.liveengage.verizon.com
x-goog-storage-class: MULTI_REGIONAL
via: 1.1 google
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1729430107826024
content-length: 11795
server: UploadServer

GET
H2 200 surveylogicinstance.min.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.40.1-release_1497670326/ 8 KB
3 KB 204ms
39ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_unified_window/10.40.1-release_1497670326/surveylogicinstance.min.js?version=10.40.1-release_1497670326

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/86101864/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

120.154.120.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

7fcbc5d3c3265e7038e929c1cff2495764dd435c770852863eb46b9791c49524

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=Qyp3Rw==, md5=paUQAgyh/ZCObtCdJZmPqw==
content-encoding: br
age: 992
x-content-type-options: nosniff
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 7794
date: Tue, 05 Nov 2024 06:32:26 GMT
last-modified: Sun, 20 Oct 2024 13:15:07 GMT
content-type: application/javascript
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY2qC219PXsUiL6hRPmhx2IzV3Ctxdn5itVJtCvocWnq7zJ-sahjlJVvvXysU2G88AYPNvnuRNpltw
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public,max-age=31536000
timing-allow-origin: https://z1.le.liveperson.net, https://va.le.liveperson.net, https://z2.le.liveperson.net, https://lo.le.liveperson.net, https://am.le.liveperson.net, https://z3.le.liveperson.net, https://sy.le.liveperson.net, https://me.le.liveperson.net, https://vz-care-dev.liveengage.verizon.com, https://vz-care-qa.liveengage.verizon.com, https://vz-care.liveengage.verizon.com
x-goog-storage-class: MULTI_REGIONAL
via: 1.1 google
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1729430107798387
content-length: 2275
server: UploadServer

GET
H2 200 zones Show response
accdn.lpsnmedia.net/api/account/86101864/configuration/le-campaigns/ 42 KB
6 KB 362ms
156ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/86101864/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/86101864/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

dac17f2248b0d2b00414586f55e9ed6aefba77f030d15d9f3d5eadd71f9e7707

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

x-cache-status: EXPIRED
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PATCH
x-content-type-options: nosniff
expires: Tue, 05 Nov 2024 06:49:58 GMT
date: Tue, 05 Nov 2024 06:48:58 GMT
content-type: application/javascript
vary: Accept
server: ws
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 desktopEmbedded.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.40.1-release_1497670326/ 1 MB
254 KB 43ms
42ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_unified_window/10.40.1-release_1497670326/desktopEmbedded.js?version=10.40.1-release_1497670326

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/86101864/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

120.154.120.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

e461d7db8b2e5f1134cf65a81cb67266012efca717f4a345ff82d565308b780c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=jrB2QA==, md5=X5yyJArsNw3PSzi8AYtKLA==
content-encoding: br
age: 3197
x-content-type-options: nosniff
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 1112334
date: Tue, 05 Nov 2024 05:55:41 GMT
last-modified: Sun, 20 Oct 2024 13:15:07 GMT
content-type: application/javascript
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY1QUkVwm9ngGEpSewzku7Q7wFMIW0Da0AYuxhj4smbjPX1t0mZ9-f_fC1a9wpkCH5mNuK502witPw
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public,max-age=31536000
timing-allow-origin: https://z1.le.liveperson.net, https://va.le.liveperson.net, https://z2.le.liveperson.net, https://lo.le.liveperson.net, https://am.le.liveperson.net, https://z3.le.liveperson.net, https://sy.le.liveperson.net, https://me.le.liveperson.net, https://vz-care-dev.liveengage.verizon.com, https://vz-care-qa.liveengage.verizon.com, https://vz-care.liveengage.verizon.com
x-goog-storage-class: MULTI_REGIONAL
via: 1.1 google
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1729430107436925
content-length: 260269
server: UploadServer

GET
H3 200 storage.secure.min.js Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.31.1-release_1465379762/ 44 KB
15 KB 39ms
39ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_secure_storage/3.31.1-release_1465379762/storage.secure.min.js?loc=https%3A%2F%2Fuatadmin.davincimeetingrooms.com&site=86101864&env=prod&accdn=accdn.lpsnmedia.net

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/86101864/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

120.154.120.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

9a8d16cf69b04f17bf869fdc4b81588cde13c410f37e079820b54e1baed4bac7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=8YO1Sw==, md5=4+aMlAImxNFdUXksF62+nA==
content-encoding: br
age: 2079
x-content-type-options: nosniff
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 44755
date: Tue, 05 Nov 2024 06:14:19 GMT
last-modified: Sun, 20 Oct 2024 13:17:36 GMT
content-type: application/javascript
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY2cutrElyiolm8emCmbMhPcr0x8i-FGHhUjpwsCmyypeMQI7aR1csMom1V4Y6JICCTgi2s
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public,max-age=31536000
timing-allow-origin: https://z1.le.liveperson.net, https://va.le.liveperson.net, https://z2.le.liveperson.net, https://lo.le.liveperson.net, https://am.le.liveperson.net, https://z3.le.liveperson.net, https://sy.le.liveperson.net, https://me.le.liveperson.net, https://vz-care-dev.liveengage.verizon.com, https://vz-care-qa.liveengage.verizon.com, https://vz-care.liveengage.verizon.com
x-goog-storage-class: MULTI_REGIONAL
via: 1.1 google
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1729430256453751
content-length: 14853
server: UploadServer

GET
H2 200 storage.secure.min.html
lpcdn.lpsnmedia.net/le_secure_storage/3.31.1-release_1465379762/ Frame 047E 0
0 130ms
38ms Document
text/html 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_secure_storage/3.31.1-release_1465379762/storage.secure.min.html?loc=https%3A%2F%2Fuatadmin.davincimeetingrooms.com&site=86101864&ist=sessionStorage&env=prod&accdn=accdn.lpsnmedia.net

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/86101864/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

120.154.120.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://uatadmin.davincimeetingrooms.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2114
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=31536000
content-encoding: br
content-length: 15827
content-type: text/html
date: Tue, 05 Nov 2024 06:13:44 GMT
last-modified: Sun, 20 Oct 2024 13:17:36 GMT
server: UploadServer
strict-transport-security: max-age=31536000; includeSubDomains
timing-allow-origin: https://z1.le.liveperson.net, https://va.le.liveperson.net, https://z2.le.liveperson.net, https://lo.le.liveperson.net, https://am.le.liveperson.net, https://z3.le.liveperson.net, https://sy.le.liveperson.net, https://me.le.liveperson.net, https://vz-care-dev.liveengage.verizon.com, https://vz-care-qa.liveengage.verizon.com, https://vz-care.liveengage.verizon.com
vary: Accept-Encoding
via: 1.1 google
x-content-type-options: nosniff
x-goog-generation: 1729430256442261
x-goog-hash: crc32c=KlhQzg== md5=bKsN5C5ryS+u3DZ/8oCZxA==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 48665
x-guploader-uploadid: AHmUCY1GwEZCbwCBo8nJAYkQvlned5_cfALx76ZDYWp7n5wpNaA1-SADuwrBfNEFqIB0qMEMV9Ztsi0jpg

POST
H2 404 event Show response
logx.optimizely.com/log/ 0
46 B 147ms
144ms XHR
text/plain 34.49.241.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/log/event
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.49.241.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.241.49.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

access-control-expose-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
via: 1.1 google
access-control-allow-origin: https://uatadmin.davincimeetingrooms.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 05 Nov 2024 06:48:59 GMT
content-type: text/plain
access-control-allow-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict

POST
H2 404 event Show response
logx.optimizely.com/log/ 0
46 B 139ms
137ms XHR
text/plain 34.49.241.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/log/event
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.49.241.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.241.49.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

access-control-expose-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
via: 1.1 google
access-control-allow-origin: https://uatadmin.davincimeetingrooms.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 05 Nov 2024 06:48:59 GMT
content-type: text/plain
access-control-allow-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict

POST
H2 404 event Show response
logx.optimizely.com/log/ 0
46 B 140ms
138ms XHR
text/plain 34.49.241.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/log/event
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.49.241.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.241.49.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

access-control-expose-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
via: 1.1 google
access-control-allow-origin: https://uatadmin.davincimeetingrooms.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 05 Nov 2024 06:48:59 GMT
content-type: text/plain
access-control-allow-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict

GET
H2 200 hotjar-1454230.js Show response
static.hotjar.com/c/ 13 KB
6 KB 213ms
77ms Script
application/javascript 18.66.102.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1454230.js?sv=6

Requested by

Host: uatadmin.davincimeetingrooms.com
URL: https://uatadmin.davincimeetingrooms.com/secure/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-11.fra56.r.cloudfront.net

Software

Resource Hash

f0d0699a59934cb32a65d2a6f366bdb77e83d9830051d863ef2952de93c376c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=60
content-encoding: br
etag: W/493e9c558d19c99ae6c35f4f26130920
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-cache-hit: 1
via: 1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: RefreshHit from cloudfront
x-amz-cf-id: _UqPeKTNBOj3rlyq_BkR6CWFctMx7UfWsBYDbPmrEx91twCfEfciFQ==
date: Tue, 05 Nov 2024 06:48:59 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-amz-cf-pop: FRA56-P2

GET
H2 200 t.js Show response
125525.tctm.co/ 50 KB
16 KB 205ms
63ms Script
application/x-javascript 2600:9000:223d:e000:12:de4a:40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://125525.tctm.co/t.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TL6QHZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:e000:12:de4a:40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ctm /
Resource Hash: 7166d7901d5679899f4313c68ba6b042e456b69758ec78369bf358fce27fc9f2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
etag: W/6729bfdb0001ea55cdd84e8f-125525
via: 1.1 910a343c3141ba3fe805e18bded62490.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: qDMwA_E_RPL5q5sH3FTiJ93XPzOHtlqnVietSVYypgwVx4scbD8_yg==
date: Tue, 05 Nov 2024 06:48:59 GMT
content-type: application/x-javascript
last-modified: Tue, 05 Nov 2024 06:48:59 GMT
server: ctm
x-amz-cf-pop: FRA56-P3

GET
H2 200 up
insight.adsrvr.org/track/ Frame A808 0
0 197ms
56ms Document
text/html 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=hl90nhy&ref=https%3A%2F%2Fuatadmin.davincimeetingrooms.com%2Fsecure%2Flogin&upid=q84sit1&upv=1.1.0&paapi=1
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash

Request headers

Referer: https://uatadmin.davincimeetingrooms.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-length: 0
content-type: text/html
date: Tue, 05 Nov 2024 06:48:59 GMT
server: Kestrel

GET
H/1.1 200
OK beacon.gif Show response
rum-collector-2.pingdom.net/img/ 0
213 B 270ms
54ms XHR
text/plain 52.208.3.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-collector-2.pingdom.net/img/beacon.gif?id=5d63fe9505a2410008000296&sAW=1600&sAH=1200&bIW=1600&bIH=1200&pD=24&dPR=1&or=landscape-primary&nT=0&rC=1&nS=0&cS=722&cE=722&dLE=722&dLS=722&fS=722&hS=-1&rE=722&rS=0&reS=723&resS=915&resE=917&uEE=-1&uES=-1&dL=921&dI=1968&dCLES=1968&dCLEE=1973&dC=3035&lES=3035&lEE=3037&s=nt&title=Conference%20Facilities%2C%20Meeting%20Space%20%7C%20Davinci%20Meeting%20Rooms%20%26%20Conference%20Center&path=https%3A%2F%2Fuatadmin.davincimeetingrooms.com%2Fsecure%2Flogin&ref=&sId=z2guptbk&sST=1730789339&sIS=1&rV=0&v=1.4.1
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.3.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-3-210.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

Expires: 0
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 0
Date: Tue, 05 Nov 2024 06:48:59 GMT
Pragma: no-cache
Connection: keep-alive

GET
H2 200 edit.js Show response
app.picreel.com/assets/js/ 102 KB
102 KB 416ms
416ms Script
application/javascript 44.237.145.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.picreel.com/assets/js/edit.js?v=1734351107
Requested by: Host: app.picreel.com
URL: https://app.picreel.com/assets/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.237.145.255 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-237-145-255.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3fdb76df4263336c1d52282f8ecb6f490c184e1392392376fccb48f048c8970c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

accept-ranges: bytes
content-length: 104504
date: Tue, 05 Nov 2024 06:48:59 GMT
etag: "671a151c-19838"
content-type: application/javascript
last-modified: Thu, 24 Oct 2024 09:36:28 GMT
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 events.js Show response
app.picreel.com/assets/ 59 KB
60 KB 832ms
831ms Script
application/javascript 44.237.145.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.picreel.com/assets/events.js?v=1734351107
Requested by: Host: app.picreel.com
URL: https://app.picreel.com/assets/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.237.145.255 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-237-145-255.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3a8d1191e4aa28303f073c5c0dbba28cbe2f1f146ed7d2627d5338927b9a84d1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

accept-ranges: bytes
content-length: 60689
date: Tue, 05 Nov 2024 06:48:59 GMT
etag: "670e21fc-ed11"
content-type: application/javascript
last-modified: Tue, 15 Oct 2024 08:04:12 GMT
server: nginx/1.18.0 (Ubuntu)

GET
H/1.1 200
OK favicon.ico
uatadmin.davincimeetingrooms.com/ 1 KB
1 KB 176ms
175ms Other
image/x-icon 104.214.29.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://uatadmin.davincimeetingrooms.com/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.214.29.203 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c36f1f571fa6ffce09c2d775c12a7002f3704c6fa943787af33bd340a5681930

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/secure/login

Response headers

ETag: "02010424a2fdb1:0"
Accept-Ranges: bytes
Content-Length: 1150
Date: Tue, 05 Nov 2024 06:48:58 GMT
Content-Type: image/x-icon
Last-Modified: Tue, 05 Nov 2024 06:16:32 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET

GET
H2 200 p.js Show response
125525.tctm.co/ 73 B
479 B 52ms
51ms Script
application/x-javascript 2600:9000:223d:e000:12:de4a:40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://125525.tctm.co/p.js?sid=6729bfdb0001ea55cdd84e8f&p=632951.1.877.424.9767&
Requested by: Host: 125525.tctm.co
URL: https://125525.tctm.co/t.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:e000:12:de4a:40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ctm /
Resource Hash: d04f2b5d425c05543cc31be2cc7198151fba0e022b551ad9d2fca062b86ad7e4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
via: 1.1 910a343c3141ba3fe805e18bded62490.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: RfaBQ0Rec7i4XHXOZ76u8d91j2AsFqmXgv_3W2qdd9Z9VQUay4Vgkw==
date: Tue, 05 Nov 2024 06:48:59 GMT
content-type: application/x-javascript
x-amz-cf-pop: FRA56-P3
server: ctm

GET
H2 200 modules.6f60e575cf8ad7cb10f7.js Show response
script.hotjar.com/ 222 KB
55 KB 134ms
45ms Script
application/javascript 13.33.187.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.6f60e575cf8ad7cb10f7.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1454230.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.187.109 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-187-109.fra60.r.cloudfront.net

Software

Resource Hash

f0a9b19d1615e0e2afdca507d4c7cbe384b0bdfad5cbaf63c14a386df33a62d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

x-robots-tag: none
content-encoding: br
etag: "56b1b49a4bdc4c874445907df778d045"
age: 59341
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: GTTncnG5c6n1EWRHYbMNW4Q65aiRa0-sFEcqyGfnXLyEtGX_RrpX-w==
date: Mon, 04 Nov 2024 14:19:58 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 Nov 2024 14:19:24 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
via: 1.1 ad82d8a80f2c6497aad660c7722475c0.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 56128
x-amz-cf-pop: FRA60-P9

POST
H2 200 / Show response
content.hotjar.io/ 56 B
172 B 189ms
55ms XHR
application/json 54.76.153.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?site_id=1454230&gzip=1
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.76.153.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-153-143.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2a424f24c5bf6bd6bdf7c399ff8f53164f95b9c30059a4161189f760a665da95

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain; charset=UTF-8
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

access-control-max-age: 86400
access-control-allow-origin: *
content-length: 56
date: Tue, 05 Nov 2024 06:48:59 GMT
content-type: application/json

POST
H2 200 / Show response
app.picreel.com/visitor/get_campaigns/ 2 B
347 B 779ms
355ms XHR
text/html 44.237.145.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.picreel.com/visitor/get_campaigns/
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.237.145.255 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-237-145-255.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryIhQJqjzzwEFcUT8r
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
pragma: no-cache
expires: Thu, 19 Nov 1981 08:52:00 GMT
access-control-allow-origin: *
date: Tue, 05 Nov 2024 06:49:00 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 86101864 Show response
va.v.liveperson.net/api/js/ 247 B
1 KB 652ms
254ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.v.liveperson.net/api/js/86101864?&cb=lpCb66580x9660&t=sp&ts=1730789338565&pid=8268637151&tid=5737943456&pt=Conference%20Facilities%2C%20Meeting%20Space%20%7C%20Davinci%20Meeting%20Rooms%20%26%20Conference%20Center&u=https%3A%2F%2Fuatadmin.davincimeetingrooms.com%2Fsecure%2Flogin&df=0&os=2&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/86101864/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.v.liveperson.net

Software

ws /

Resource Hash

23accb97eecee0afc71a408a0f7fc172e6d6bd5f60566aada00a20586c7a2663

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-store
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PATCH
date: Tue, 05 Nov 2024 06:49:00 GMT
content-type: application/javascript
server: ws
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 86101864 Show response
va.v.liveperson.net/api/js/ 42 B
838 B 133ms
132ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.v.liveperson.net/api/js/86101864?sid=3X00wwyDT-SEcNAVt3FUVA&cb=lpCb67529x94113&t=uc&ts=1730789338930&pid=8268637151&tid=5737943456&sdes=%5B%7B%22type%22%3A%22pagediv%22%2C%22divId%22%3A%22LP_DIV_1377295410447%22%7D%5D&vid=QyYjU5NTE5Njc3ODI4MGEw

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/86101864/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.v.liveperson.net

Software

ws /

Resource Hash

55a196b0dc8c803dbae233948aced3baeef01fb974f8bbef4a73647c4eee95ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-store
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PATCH
date: Tue, 05 Nov 2024 06:49:00 GMT
content-type: application/javascript
server: ws
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 86101864 Show response
va.v.liveperson.net/api/js/ 110 B
899 B 129ms
128ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.v.liveperson.net/api/js/86101864?sid=3X00wwyDT-SEcNAVt3FUVA&cb=lpCb60548x5306&t=pl&ts=1730789340031&pid=8268637151&tid=5737943456&vid=QyYjU5NTE5Njc3ODI4MGEw

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/86101864/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.v.liveperson.net

Software

ws /

Resource Hash

01779ee40f73e5fd6512fcb3a0885f69f85ba75e578d5796d6b5a0a0cd408476

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-store
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PATCH
date: Tue, 05 Nov 2024 06:49:00 GMT
content-type: application/javascript
server: ws
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: settings.luckyorange.com
URL: https://settings.luckyorange.com/d0eb29cc

Verdicts & Comments Add Verdict or Comment

127 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.uatadmin.davincimeetingrooms.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: f6deb2a666fc016cfdb2beb295bd5e8ec06277d6b15612228abfba4acfd8f929
.uatadmin.davincimeetingrooms.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: f6deb2a666fc016cfdb2beb295bd5e8ec06277d6b15612228abfba4acfd8f929
.davincimeetingrooms.com/	1970-01-21 10:22:29	Name: optimizelyEndUserId Value: oeu1730789337926r0.8880331125269814
.doubleclick.net/	1970-01-21 00:46:30	Name: test_cookie Value: CheckForPermission
.davincimeetingrooms.com/	1970-01-21 00:47:55	Name: _gid Value: GA1.2.197971407.1730789338
.davincimeetingrooms.com/	1970-01-21 00:46:29	Name: _gat Value: 1
.davincimeetingrooms.com/	1970-01-21 00:46:29	Name: _gat_UA-6206249-1 Value: 1
.davincimeetingrooms.com/	1970-01-21 10:22:29	Name: _ga_111111111 Value: GS1.1.1730789338.1.0.1730789338.0.0.0
.davincimeetingrooms.com/	1970-01-21 10:22:29	Name: _ga Value: GA1.1.1226296746.1730789338
.davincimeetingrooms.com/	1970-01-21 09:32:05	Name: _biz_uid Value: 5b9d8e4edb4741c58fbb0fa1bb98cad8
.davincimeetingrooms.com/	1970-01-21 09:32:05	Name: _biz_nA Value: 1
.bizible.com/	1970-01-21 09:32:05	Name: _BUID Value: 5b9d8e4edb4741c58fbb0fa1bb98cad8
.davincimeetingrooms.com/	1970-01-21 09:32:05	Name: _biz_pendingA Value: %5B%5D
.bizibly.com/	1970-01-21 09:32:05	Name: _BUID Value: 88014bcafc41754a0c10baf6c5a2fa32
.davincimeetingrooms.com/	1970-01-21 02:56:05	Name: _fbp Value: fb.1.1730789338463.843338151592835366
.davincimeetingrooms.com/	1970-01-21 09:32:05	Name: _biz_flagsA Value: %7B%22Version%22%3A1%2C%22ViewThrough%22%3A%221%22%2C%22XDomain%22%3A%221%22%7D
125525.tctm.co/	1969-12-31 23:59:59	Name: ct125525 Value: 6729bfdb0001ea55cdd84e8f
.davincimeetingrooms.com/	1970-01-21 02:56:05	Name: __ctmid Value: 6729bfdb0001ea55cdd84e8f
uatadmin.davincimeetingrooms.com/	1970-01-21 02:56:05	Name: __ctmid Value: 6729bfdb0001ea55cdd84e8f
.davincimeetingrooms.com/	1970-01-21 09:32:05	Name: _hjSessionUser_1454230 Value: eyJpZCI6ImM3MzY1YzZlLTljZjAtNTRmYi1hODg3LTFlNzU5MGZmODAxNiIsImNyZWF0ZWQiOjE3MzA3ODkzMzk0NTksImV4aXN0aW5nIjp0cnVlfQ==
.davincimeetingrooms.com/	1970-01-21 00:46:31	Name: _hjSession_1454230 Value: eyJpZCI6IjFjY2FkYjZmLTA4M2QtNDhjOC1iZDVlLWI5NTk0YTZkOGM2NSIsImMiOjE3MzA3ODkzMzk0NTksInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
uatadmin.davincimeetingrooms.com/	1970-01-21 00:47:55	Name: PicreelUser_pages Value: 1
.davincimeetingrooms.com/	1970-01-21 09:32:05	Name: LPVID Value: QyYjU5NTE5Njc3ODI4MGEw
.davincimeetingrooms.com/	1969-12-31 23:59:59	Name: LPSID-86101864 Value: 3X00wwyDT-SEcNAVt3FUVA

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://uatadmin.davincimeetingrooms.com/secure/login Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://logx.optimizely.com/log/event Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://uatadmin.davincimeetingrooms.com/secure/login Message: Access to fetch at 'https://settings.luckyorange.com/d0eb29cc' from origin 'https://uatadmin.davincimeetingrooms.com' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://www.davincimeetingrooms.com' that is not equal to the supplied origin. Have the server send the header with a valid value, or, if an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://settings.luckyorange.com/d0eb29cc Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://logx.optimizely.com/log/event Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://logx.optimizely.com/log/event Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://logx.optimizely.com/log/event Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

125525.tctm.co
accdn.lpsnmedia.net
app.picreel.com
bat.bing.com
bat.bing.net
cdn.bizible.com
cdn.bizibly.com
cdn.optimizely.com
connect.facebook.net
content.hotjar.io
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
insight.adsrvr.org
js.adsrvr.org
logx.optimizely.com
lpcdn.lpsnmedia.net
lptag.liveperson.net
region1.google-analytics.com
rum-collector-2.pingdom.net
rum-static.pingdom.net
script.hotjar.com
settings.luckyorange.com
static.hotjar.com
stats.g.doubleclick.net
tools.luckyorange.com
uatadmin.davincimeetingrooms.com
va.v.liveperson.net
widget.trustpilot.com
www.facebook.com
www.google-analytics.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
settings.luckyorange.com
104.214.29.203
13.33.187.109
142.250.184.194
142.250.185.227
142.250.186.142
142.250.186.67
142.250.186.98
15.197.193.217
152.195.15.58
157.240.253.1
178.249.97.23
178.249.97.99
18.172.103.101
18.66.102.11
2001:4860:4802:32::36
208.89.12.87
2600:9000:2057:b800:18:6c16:27c0:93a1
2600:9000:223d:e000:12:de4a:40:93a1
2606:4700:10::6816:3668
2606:4700::6812:4239
2620:1ec:33:1::10
2620:1ec:c11::237
2a00:1450:4001:811::200a
2a00:1450:4001:830::200e
2a00:1450:4001:831::2008
2a00:1450:400c:c0a::9d
2a03:2880:f176:84:face:b00c:0:25de
34.107.203.234
34.120.154.120
34.49.241.189
44.237.145.255
52.208.3.210
52.222.236.107
54.76.153.143
01779ee40f73e5fd6512fcb3a0885f69f85ba75e578d5796d6b5a0a0cd408476
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
11b1c0e5a3310cfaf10c857db28ffbbe227c31bac0acdd5b56397eac032c82d9
1bd2c76dddde8acc8e1f54a177230a34a01c2096237f03873d22cc9748ceb86f
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
23accb97eecee0afc71a408a0f7fc172e6d6bd5f60566aada00a20586c7a2663
2468ce2203e061eff1bbc5b7ef7ad8e7eddc880b3a012c5240f136442fec00de
2702ff9f74655600a95ea32679da5a2ba076156e8a48b3f4704a36ef1efd4113
27271a571b9e2700caf70c38e261629811271cf02b7b3abbd86b881c757c5e62
28168751a3267ac9c5f88003ac159fc70033e01cd6667833e52a4ef19e0f5b65
2823fbfa7b9256867e21af1ecbfbb98583c8ef0e0b495f6f01d862ef58e3d93d
2a424f24c5bf6bd6bdf7c399ff8f53164f95b9c30059a4161189f760a665da95
2deb32d57737b66d2c08a84735041ec451d464df98fc013c805cf4316fbdb586
3a8d1191e4aa28303f073c5c0dbba28cbe2f1f146ed7d2627d5338927b9a84d1
3ab642f16e2140290494735e1ae6d4f9e60cd311eab591bec8023a432fec8301
3fdb76df4263336c1d52282f8ecb6f490c184e1392392376fccb48f048c8970c
441dc9086f8113d30109a9369d4a1e1dc1e66a6f55be96f187d9aa05b238e469
4ead903fd72335d24159c81739cca2c9503d70599cd6f93b53bd488fb85d9727
4eda83f304d2d8c8b0c4be2233dce114827a0c51065de371ed7e8c5fd26118f3
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5160628e979bfb90acf5aecab926bd12a2db51ebe4378f6a0e889670c2571676
55a196b0dc8c803dbae233948aced3baeef01fb974f8bbef4a73647c4eee95ab
670f77f11cb4c747f5de1affa5b53687cf7a20d1eaf99b0ef5c9c60858aefa55
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d8f8fd6de0b42e3acc7b2f3005c599e9f54d21355c3d6850a5c13daca10d5ad
7166d7901d5679899f4313c68ba6b042e456b69758ec78369bf358fce27fc9f2
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
7a5ac3ae33283dd222e22adbaecabd79da1e973144b42e03e05ec96dd306c850
7fc6117262c8dc92d2d74c82a7b56aa3686efd515c9bf2965cb32769fe13f5ee
7fcbc5d3c3265e7038e929c1cff2495764dd435c770852863eb46b9791c49524
86295fefee375ab2d204f3877345da8e5ba9db235b5dc3bfc9a57de76bc2d3e4
90745a0f257aa1424e5b997ec85544b52094e60b7187c09ec3f108303bfc2073
90e974df873feda1d776ead3f199c7e9144bc524114dc9a4acac291cd8f56512
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
924f0b32e86fe959e4290f3690d241cc6a24c08a0a4be56b4d3ce9c2286291bc
96041a600b0b0fbe9b5abb1879edec5a8a848249edcdce726aaf1d9529683b4b
9a8d16cf69b04f17bf869fdc4b81588cde13c410f37e079820b54e1baed4bac7
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
af5c27d91a8b814351b6522aa17a23a709545f11cdbc953cb0d452280e5d3b0d
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
bd141e2b7780aad75f631f169a6a47ea8de2604d2bbd40827e8bbd93673b509f
beaf59bbdb9bdc238a0259301777b717b47ee82cdedef95d696e5007cf665ce6
c36f1f571fa6ffce09c2d775c12a7002f3704c6fa943787af33bd340a5681930
c3a3db943e20d99275537609b123798805c27fee394bb3b0f489884207d46db2
c69de41dda83f00cc1b13dba90a57f25df046286ecd227bdd0c4d51d94947b61
c87aa708d354d2db657ba47b08aae2cc50653369ccbffa36448d7b47fd3e9fe6
c8b32f0ae8408024e373a54c923594708f646dc2a905b29fa21dbe5a5e5b7c1f
cccdeef8b4b221944a1ed97f0f64da34c961ed48a0e604f53d1940b4ee950818
d04f2b5d425c05543cc31be2cc7198151fba0e022b551ad9d2fca062b86ad7e4
d22d4f2250deeb2d80f1587d7d81d85e17d412bbcd98315e18fd9e35dc021c3b
dac17f2248b0d2b00414586f55e9ed6aefba77f030d15d9f3d5eadd71f9e7707
dd101610bfdd5074e44f8db73ae061dfbd46c7b6a7c860171e525088e85b6474
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e461d7db8b2e5f1134cf65a81cb67266012efca717f4a345ff82d565308b780c
f0a9b19d1615e0e2afdca507d4c7cbe384b0bdfad5cbaf63c14a386df33a62d7
f0d0699a59934cb32a65d2a6f366bdb77e83d9830051d863ef2952de93c376c1
f3bf17507307a79f681d5c1920c6c5a6179f674f739519983d671039535f265d
f5bf35ec31a628e648ebeaa60f93f5a282838a9a0d37389df247392016a86164

uatadmin.davincimeetingrooms.com Open in urlscan Pro 104.214.29.203 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

74 Requests

99 %HTTPS

35 %IPv6

24 Domains

34 Subdomains

35 IPs

4 Countries

1431 kBTransfer

4330 kBSize

24 Cookies

0 Outgoing links

Page URL History

Redirected requests

74 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

uatadmin.davincimeetingrooms.com Open in urlscan Pro
104.214.29.203 Public Scan

Screenshot
Live screenshot

Full Image

74
Requests

99 %
HTTPS

35 %
IPv6

24
Domains

34
Subdomains

35
IPs

4
Countries

1431 kB
Transfer

4330 kB
Size

24
Cookies

74 HTTP transactions
0 data transactions