uatadmin.davincimeetingrooms.com Open in urlscan Pro
104.214.29.203 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://uatadmin.davincimeetingrooms.com/
Effective URL:
https://uatadmin.davincimeetingrooms.com/secure/login
Submission: On November 05 via api (November 5th 2024, 6:36:57 am UTC) from US — Scanned from DE

Summary HTTP 75 Redirects Behaviour Indicators

Summary

This website contacted 36 IPs in 4 countries across 24 domains to perform 75 HTTP transactions. The main IP is 104.214.29.203, located in San Antonio, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is uatadmin.davincimeetingrooms.com.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on November 5th 2024. Valid for: 6 months.

This is the only time uatadmin.davincimeetingrooms.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 15	104.214.29.203 104.214.29.203	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
2	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2	52.222.236.94 52.222.236.94	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:4139	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	216.58.206.67 216.58.206.67	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:33:1... 2620:1ec:33:1::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
4	34.49.241.189 34.49.241.189	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	142.250.186.99 142.250.186.99	15169 (GOOGLE) (GOOGLE)
2	178.249.97.23 178.249.97.23	11054 (LIVEPERSON) (LIVEPERSON)
1	2a00:1450:400... 2a00:1450:400c:c09::9a	15169 (GOOGLE) (GOOGLE)
4	152.195.15.58 152.195.15.58	15133 (EDGECAST) (EDGECAST)
1	2606:4700:10:... 2606:4700:10::6816:3768	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:205... 2600:9000:2057:1400:18:6c16:27c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	44.237.145.255 44.237.145.255	16509 (AMAZON-02) (AMAZON-02)
1	18.172.103.101 18.172.103.101	16509 (AMAZON-02) (AMAZON-02)
2	157.240.253.1 157.240.253.1	32934 (FACEBOOK) (FACEBOOK)
1	142.250.185.78 142.250.185.78	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	34.107.203.234 34.107.203.234	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	178.249.97.99 178.249.97.99	11054 (LIVEPERSON) (LIVEPERSON)
5	34.120.154.120 34.120.154.120	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	208.89.12.87 208.89.12.87	11054 (LIVEPERSON) (LIVEPERSON)
1	18.66.102.51 18.66.102.51	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:223... 2600:9000:223d:9400:12:de4a:40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	54.78.174.227 54.78.174.227	16509 (AMAZON-02) (AMAZON-02)
1	13.33.187.109 13.33.187.109	16509 (AMAZON-02) (AMAZON-02)
1	18.66.112.19 18.66.112.19	16509 (AMAZON-02) (AMAZON-02)
1	34.247.247.224 34.247.247.224	16509 (AMAZON-02) (AMAZON-02)
75	36

15 104.214.29.203 (San Antonio, United States) 3 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

uatadmin.davincimeetingrooms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.236.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-94.fra56.r.cloudfront.net

widget.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:4139 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.67 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s08-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:33:1::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.49.241.189 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 189.241.49.34.bc.googleusercontent.com

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.249.97.23 (United States)

ASN11054 (LIVEPERSON, US)

lptag.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 152.195.15.58 (United States)

ASN15133 (EDGECAST, US)

cdn.bizible.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.bizibly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3768 (United States)

ASN13335 (CLOUDFLARENET, US)

rum-static.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:1400:18:6c16:27c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

tools.luckyorange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 44.237.145.255 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-237-145-255.us-west-2.compute.amazonaws.com

app.picreel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.172.103.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-103-101.fra60.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.203.234 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 234.203.107.34.bc.googleusercontent.com

settings.luckyorange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.249.97.99 (United States)

ASN11054 (LIVEPERSON, US)
PTR: lo-accdn.lpsnmedia.net

accdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.120.154.120 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 120.154.120.34.bc.googleusercontent.com

lpcdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 208.89.12.87 (United States)

ASN11054 (LIVEPERSON, US)
PTR: va.v.liveperson.net

va.v.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-51.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223d:9400:12:de4a:40:93a1 (United States)

ASN16509 (AMAZON-02, US)

125525.tctm.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.78.174.227 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-174-227.eu-west-1.compute.amazonaws.com

rum-collector-2.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.187.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-109.fra60.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-19.fra56.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.247.247.224 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-247-224.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	davincimeetingrooms.com 3 redirects uatadmin.davincimeetingrooms.com	201 KB
7	lpsnmedia.net accdn.lpsnmedia.net — Cisco Umbrella Rank: 4602 lpcdn.lpsnmedia.net — Cisco Umbrella Rank: 4284	292 KB
5	liveperson.net lptag.liveperson.net — Cisco Umbrella Rank: 4143 va.v.liveperson.net — Cisco Umbrella Rank: 4688	162 KB
5	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 971 logx.optimizely.com — Cisco Umbrella Rank: 1669	101 KB
4	picreel.com app.picreel.com — Cisco Umbrella Rank: 180119	163 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	68 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34 region1.google-analytics.com — Cisco Umbrella Rank: 3643	22 KB
3	bizible.com cdn.bizible.com — Cisco Umbrella Rank: 9266	26 KB
2	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 3185 content.hotjar.io — Cisco Umbrella Rank: 6755	405 B
2	tctm.co 125525.tctm.co	17 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 877 script.hotjar.com — Cisco Umbrella Rank: 1177	61 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	4 KB
2	bing.net bat.bing.net — Cisco Umbrella Rank: 20475	466 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	74 KB
2	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1442 insight.adsrvr.org — Cisco Umbrella Rank: 945	6 KB
2	luckyorange.com tools.luckyorange.com — Cisco Umbrella Rank: 14252 settings.luckyorange.com — Cisco Umbrella Rank: 14201 Failed	5 KB
2	pingdom.net rum-static.pingdom.net — Cisco Umbrella Rank: 6596 rum-collector-2.pingdom.net — Cisco Umbrella Rank: 6092	3 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 stats.g.doubleclick.net — Cisco Umbrella Rank: 136	718 B
2	bing.com bat.bing.com — Cisco Umbrella Rank: 348	15 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	180 KB
2	trustpilot.com widget.trustpilot.com — Cisco Umbrella Rank: 5983	9 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 89	21 KB
1	bizibly.com cdn.bizibly.com — Cisco Umbrella Rank: 13274	204 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	910 B
75	24

	Domain	Requested by
15	uatadmin.davincimeetingrooms.com	3 redirects uatadmin.davincimeetingrooms.com
5	lpcdn.lpsnmedia.net	lptag.liveperson.net
4	app.picreel.com	www.googletagmanager.com app.picreel.com cdn.bizible.com
4	logx.optimizely.com	cdn.optimizely.com cdn.bizible.com
3	va.v.liveperson.net	lptag.liveperson.net
3	cdn.bizible.com	www.googletagmanager.com uatadmin.davincimeetingrooms.com cdn.bizible.com
3	www.google-analytics.com	uatadmin.davincimeetingrooms.com www.google-analytics.com
2	125525.tctm.co	www.googletagmanager.com 125525.tctm.co
2	accdn.lpsnmedia.net	lptag.liveperson.net
2	www.facebook.com	uatadmin.davincimeetingrooms.com
2	bat.bing.net	bat.bing.com uatadmin.davincimeetingrooms.com
2	connect.facebook.net	uatadmin.davincimeetingrooms.com connect.facebook.net
2	lptag.liveperson.net	uatadmin.davincimeetingrooms.com
2	fonts.gstatic.com	fonts.googleapis.com
2	bat.bing.com	uatadmin.davincimeetingrooms.com bat.bing.com
2	www.gstatic.com	uatadmin.davincimeetingrooms.com www.gstatic.com
2	www.googletagmanager.com	uatadmin.davincimeetingrooms.com www.googletagmanager.com
2	widget.trustpilot.com	uatadmin.davincimeetingrooms.com widget.trustpilot.com
2	www.googleadservices.com	uatadmin.davincimeetingrooms.com www.gstatic.com
1	content.hotjar.io	cdn.bizible.com
1	vc.hotjar.io	cdn.bizible.com
1	script.hotjar.com	static.hotjar.com
1	rum-collector-2.pingdom.net	cdn.bizible.com
1	insight.adsrvr.org	js.adsrvr.org
1	static.hotjar.com	uatadmin.davincimeetingrooms.com
1	settings.luckyorange.com	tools.luckyorange.com
1	cdn.bizibly.com	uatadmin.davincimeetingrooms.com
1	region1.google-analytics.com	www.googletagmanager.com
1	js.adsrvr.org	www.googletagmanager.com
1	tools.luckyorange.com	www.googletagmanager.com
1	rum-static.pingdom.net	www.googletagmanager.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	cdn.optimizely.com	uatadmin.davincimeetingrooms.com
1	fonts.googleapis.com	uatadmin.davincimeetingrooms.com
75	35

This site contains no links.

Subject Issuer	Validity	Valid
uatadmin.davincimeetingrooms.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2024-11-05` - `2025-05-05`	6 months	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.googleadservices.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.trustpilot.com Amazon RSA 2048 M03	`2024-01-03` - `2025-01-31`	a year	crt.sh
cdn.optimizely.com WE1	`2024-10-21` - `2025-01-19`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 03	`2024-09-16` - `2025-03-15`	6 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
logx.optimizely.com WR3	`2024-09-16` - `2024-12-15`	3 months	crt.sh
*.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2023-11-28` - `2024-11-27`	a year	crt.sh
io.bizible.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-07` - `2025-07-08`	a year	crt.sh
pingdom.net WE1	`2024-09-12` - `2024-12-12`	3 months	crt.sh
luckyorange.com Amazon RSA 2048 M02	`2024-10-17` - `2025-11-14`	a year	crt.sh
*.picreel.com Amazon RSA 2048 M02	`2024-08-27` - `2025-09-25`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-14` - `2024-11-12`	3 months	crt.sh
bat.bing.net Microsoft Azure RSA TLS Issuing CA 07	`2024-10-27` - `2025-04-25`	6 months	crt.sh
settings.luckyorange.com R11	`2024-10-08` - `2025-01-06`	3 months	crt.sh
*.lpsnmedia.net Sectigo RSA Organization Validation Secure Server CA	`2024-10-08` - `2025-10-08`	a year	crt.sh
*.v.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2024-08-20` - `2025-08-20`	a year	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
*.tctm.co Amazon RSA 2048 M03	`2024-07-06` - `2025-08-03`	a year	crt.sh
*.pingdom.net Amazon RSA 2048 M03	`2024-10-22` - `2025-11-19`	a year	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2024-02-07` - `2025-03-08`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://uatadmin.davincimeetingrooms.com/secure/login
Frame ID: 827548374306D72EFDFE0C108C162132
Requests: 72 HTTP requests in this frame

Frame: https://lpcdn.lpsnmedia.net/le_secure_storage/3.31.1-release_1465379762/storage.secure.min.html?loc=https%3A%2F%2Fuatadmin.davincimeetingrooms.com&site=86101864&ist=sessionStorage&env=prod&accdn=accdn.lpsnmedia.net
Frame ID: F202D957C560E414DDFB20FC11A28C8A
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=hl90nhy&ref=https%3A%2F%2Fuatadmin.davincimeetingrooms.com%2Fsecure%2Flogin&upid=q84sit1&upv=1.1.0&paapi=1
Frame ID: FBA878B7F5CE29AA56F0DC6A7E8D03A2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Conference Facilities, Meeting Space | Davinci Meeting Rooms & Conference Center

Page URL History Show full URLs

http://uatadmin.davincimeetingrooms.com/ HTTP 307
https://uatadmin.davincimeetingrooms.com/ HTTP 302
https://uatadmin.davincimeetingrooms.com/secure/login HTTP 307
http://uatadmin.davincimeetingrooms.com/ HTTP 301
https://uatadmin.davincimeetingrooms.com/ HTTP 302
https://uatadmin.davincimeetingrooms.com/secure/login Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

75
Requests

99 %
HTTPS

34 %
IPv6

24
Domains

35
Subdomains

36
IPs

4
Countries

1431 kB
Transfer

4330 kB
Size

24
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://uatadmin.davincimeetingrooms.com/ HTTP 307
https://uatadmin.davincimeetingrooms.com/ HTTP 302
https://uatadmin.davincimeetingrooms.com/secure/login HTTP 307
http://uatadmin.davincimeetingrooms.com/ HTTP 301
https://uatadmin.davincimeetingrooms.com/ HTTP 302
https://uatadmin.davincimeetingrooms.com/secure/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

75 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request login Show response
uatadmin.davincimeetingrooms.com/secure/
Redirect Chain

http://uatadmin.davincimeetingrooms.com/
https://uatadmin.davincimeetingrooms.com/
https://uatadmin.davincimeetingrooms.com/secure/login
http://uatadmin.davincimeetingrooms.com/
https://uatadmin.davincimeetingrooms.com/
https://uatadmin.davincimeetingrooms.com/secure/login

11 KB
5 KB

1552ms
1551ms

Document
text/html

104.214.29.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://uatadmin.davincimeetingrooms.com/secure/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.214.29.203 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7a5ac3ae33283dd222e22adbaecabd79da1e973144b42e03e05ec96dd306c850

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control: private
Content-Encoding: gzip
Content-Length: 4474
Content-Type: text/html; charset=utf-8
Date: Tue, 05 Nov 2024 06:36:49 GMT
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.2
X-Powered-By: ASP.NET

Redirect headers

Cache-Control: private
Content-Length: 130
Content-Type: text/html; charset=utf-8
Date: Tue, 05 Nov 2024 06:36:48 GMT
Location: /secure/login
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.2
X-Powered-By: ASP.NET

GET
H/1.1 200
OK legacy.css
uatadmin.davincimeetingrooms.com/assets/css/ 107 KB
26 KB 135ms
133ms Stylesheet
text/css 104.214.29.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://uatadmin.davincimeetingrooms.com/assets/css/legacy.css
Requested by: Host: uatadmin.davincimeetingrooms.com
URL: https://uatadmin.davincimeetingrooms.com/secure/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.214.29.203 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: bd141e2b7780aad75f631f169a6a47ea8de2604d2bbd40827e8bbd93673b509f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/secure/login

Response headers

X-Powered-By: ASP.NET
Content-Encoding: gzip
ETag: "02010424a2fdb1:0"
Accept-Ranges: bytes
Content-Length: 26077
Date: Tue, 05 Nov 2024 06:36:50 GMT
Content-Type: text/css
Last-Modified: Tue, 05 Nov 2024 06:16:32 GMT
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding

GET
H/1.1 200
OK dv.css
uatadmin.davincimeetingrooms.com/ 151 KB
37 KB 602ms
338ms Stylesheet
text/css 104.214.29.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://uatadmin.davincimeetingrooms.com/dv.css?r=5839F7895A5E0F0687102722E68EB19D
Requested by: Host: uatadmin.davincimeetingrooms.com
URL: https://uatadmin.davincimeetingrooms.com/secure/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.214.29.203 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c8b32f0ae8408024e373a54c923594708f646dc2a905b29fa21dbe5a5e5b7c1f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/secure/login

Response headers

X-Powered-By: ASP.NET
Content-Encoding: gzip
ETag: W/"5e969174d2fdb1:0"
Accept-Ranges: bytes
Content-Length: 37466
Date: Tue, 05 Nov 2024 06:36:50 GMT
Content-Type: text/css
Last-Modified: Tue, 05 Nov 2024 06:36:48 GMT
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding

GET
H/1.1 200
OK dv.js Show response
uatadmin.davincimeetingrooms.com/ 274 KB
105 KB 731ms
360ms Script
application/x-javascript 104.214.29.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://uatadmin.davincimeetingrooms.com/dv.js?r=6D074BA5CBFD8AF53BD9AAAA2F3FAE9E
Requested by: Host: uatadmin.davincimeetingrooms.com
URL: https://uatadmin.davincimeetingrooms.com/secure/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.214.29.203 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: cccdeef8b4b221944a1ed97f0f64da34c961ed48a0e604f53d1940b4ee950818

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/secure/login

Response headers

Transfer-Encoding: chunked
X-Powered-By: ASP.NET
Content-Encoding: gzip
ETag: W/"2e9447174d2fdb1:0"
Accept-Ranges: bytes
Date: Tue, 05 Nov 2024 06:36:50 GMT
Content-Type: application/x-javascript
Last-Modified: Tue, 05 Nov 2024 06:36:48 GMT
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding

GET
H2 200 css
fonts.googleapis.com/ 3 KB
910 B 46ms
18ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Requested by

Host: uatadmin.davincimeetingrooms.com
URL: https://uatadmin.davincimeetingrooms.com/secure/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

90e974df873feda1d776ead3f199c7e9144bc524114dc9a4acac291cd8f56512

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 05 Nov 2024 06:36:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 06:36:50 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 05 Nov 2024 05:38:10 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H/1.1 200
OK login.css
uatadmin.davincimeetingrooms.com/assets/css/ 1 KB
952 B 513ms
142ms Stylesheet
text/css 104.214.29.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://uatadmin.davincimeetingrooms.com/assets/css/login.css
Requested by: Host: uatadmin.davincimeetingrooms.com
URL: https://uatadmin.davincimeetingrooms.com/secure/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.214.29.203 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2702ff9f74655600a95ea32679da5a2ba076156e8a48b3f4704a36ef1efd4113

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/secure/login

Response headers

X-Powered-By: ASP.NET
Content-Encoding: gzip
ETag: "02010424a2fdb1:0"
Accept-Ranges: bytes
Content-Length: 659
Date: Tue, 05 Nov 2024 06:36:50 GMT
Content-Type: text/css
Last-Modified: Tue, 05 Nov 2024 06:16:32 GMT
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding

GET
H/1.1 200
OK jquery.metadata.js Show response
uatadmin.davincimeetingrooms.com/assets/js/jquery/ 4 KB
2 KB 518ms
146ms Script
application/x-javascript 104.214.29.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://uatadmin.davincimeetingrooms.com/assets/js/jquery/jquery.metadata.js
Requested by: Host: uatadmin.davincimeetingrooms.com
URL: https://uatadmin.davincimeetingrooms.com/secure/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.214.29.203 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f5bf35ec31a628e648ebeaa60f93f5a282838a9a0d37389df247392016a86164

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/secure/login

Response headers

X-Powered-By: ASP.NET
Content-Encoding: gzip
ETag: "02010424a2fdb1:0"
Accept-Ranges: bytes
Content-Length: 1821
Date: Tue, 05 Nov 2024 06:36:50 GMT
Content-Type: application/x-javascript
Last-Modified: Tue, 05 Nov 2024 06:16:32 GMT
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding

GET
H/1.1 200
OK jquery.validate.min.js Show response
uatadmin.davincimeetingrooms.com/assets/js/jquery/ 21 KB
8 KB 515ms
143ms Script
application/x-javascript 104.214.29.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://uatadmin.davincimeetingrooms.com/assets/js/jquery/jquery.validate.min.js
Requested by: Host: uatadmin.davincimeetingrooms.com
URL: https://uatadmin.davincimeetingrooms.com/secure/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.214.29.203 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 11b1c0e5a3310cfaf10c857db28ffbbe227c31bac0acdd5b56397eac032c82d9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/secure/login

Response headers

X-Powered-By: ASP.NET
Content-Encoding: gzip
ETag: "02010424a2fdb1:0"
Accept-Ranges: bytes
Content-Length: 7889
Date: Tue, 05 Nov 2024 06:36:50 GMT
Content-Type: application/x-javascript
Last-Modified: Tue, 05 Nov 2024 06:16:32 GMT
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding

GET
H/1.1 200
OK forms.js Show response
uatadmin.davincimeetingrooms.com/assets/js/ 2 KB
1 KB 526ms
150ms Script
application/x-javascript 104.214.29.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://uatadmin.davincimeetingrooms.com/assets/js/forms.js
Requested by: Host: uatadmin.davincimeetingrooms.com
URL: https://uatadmin.davincimeetingrooms.com/secure/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.214.29.203 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2deb32d57737b66d2c08a84735041ec451d464df98fc013c805cf4316fbdb586

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/secure/login

Response headers

X-Powered-By: ASP.NET
Content-Encoding: gzip
ETag: "02010424a2fdb1:0"
Accept-Ranges: bytes
Content-Length: 938
Date: Tue, 05 Nov 2024 06:36:50 GMT
Content-Type: application/x-javascript
Last-Modified: Tue, 05 Nov 2024 06:16:32 GMT
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding

GET
H3 200 conversion.js Show response
www.googleadservices.com/pagead/ 56 KB
20 KB 44ms
20ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: uatadmin.davincimeetingrooms.com
URL: https://uatadmin.davincimeetingrooms.com/secure/login

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

af5c27d91a8b814351b6522aa17a23a709545f11cdbc953cb0d452280e5d3b0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

content-encoding: br
etag: 13730477501505533595
x-content-type-options: nosniff
expires: Tue, 05 Nov 2024 06:36:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 05 Nov 2024 06:36:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 20911
x-xss-protection: 0
server: cafe

GET
H2 200 tp.widget.sync.bootstrap.min.js Show response
widget.trustpilot.com/bootstrap/v5/ 1 KB
1 KB 36ms
8ms Script
application/x-javascript 52.222.236.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/bootstrap/v5/tp.widget.sync.bootstrap.min.js

Requested by

Host: uatadmin.davincimeetingrooms.com
URL: https://uatadmin.davincimeetingrooms.com/secure/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-94.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

90745a0f257aa1424e5b997ec85544b52094e60b7187c09ec3f108303bfc2073

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

content-encoding: gzip
etag: "a148992a7b15dc7e6a9fa9d5e18e4368"
age: 13616
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: nZ7CtXjazwQhzSN3LJTIgzYrjG-0cxWS3ocOCJAIs0dsbcrr4tu15w==
date: Tue, 05 Nov 2024 02:49:55 GMT
content-type: application/x-javascript
last-modified: Wed, 09 Oct 2024 12:04:38 GMT
strict-transport-security: max-age=31536000
cache-control: max-age=86400
via: 1.1 8a6f67a9421de326f43e9107751b580e.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 712
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 6322080518.js Show response
cdn.optimizely.com/js/ 317 KB
100 KB 199ms
170ms Script
text/javascript 2606:4700::6812:4139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.optimizely.com/js/6322080518.js
Requested by: Host: uatadmin.davincimeetingrooms.com
URL: https://uatadmin.davincimeetingrooms.com/secure/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:4139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ab642f16e2140290494735e1ae6d4f9e60cd311eab591bec8023a432fec8301

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

access-control-max-age: 86400
access-control-expose-headers: x-amz-meta-revision
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: "75cd1825dc7c59fe38be68bbd5f0e7de"
x-amz-version-id: Zi2_p39y2WkX5OD3jJ9HkYsi6xf9kPme
access-control-allow-methods: GET, HEAD
date: Tue, 05 Nov 2024 06:36:50 GMT
x-amz-meta-revision: 71
content-type: text/javascript; charset=utf-8
last-modified: Fri, 05 Jan 2018 18:03:19 GMT
vary: Accept-Encoding
x-amz-id-2: MRLcTzk8Aen54tOn9pddRaUi4o4kO88g+YV1wBvQyF8Ign+NfKfZG3gH0nmY5BtfVaotvr009sE=
access-control-allow-headers: *
cache-control: max-age=120
timing-allow-origin: *
access-control-allow-credentials: false
x-amz-request-id: B4D4VE2AG8RA51C5
cf-ray: 8ddad4f17bd8d372-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 102144
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 275 KB
93 KB 52ms
27ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TL6QHZ

Requested by

Host: uatadmin.davincimeetingrooms.com
URL: https://uatadmin.davincimeetingrooms.com/secure/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2f1b8ad59cd5cab9c4c8f4b3535b262e1be94cf62006be1cd959b39bc497e892

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Tue, 05 Nov 2024 06:36:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 06:36:51 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 05 Nov 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 94577
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 31ms
6ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: uatadmin.davincimeetingrooms.com
URL: https://uatadmin.davincimeetingrooms.com/secure/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

content-encoding: gzip
age: 4002
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Tue, 05 Nov 2024 07:30:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 05:30:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H3 200 loader.js Show response
www.gstatic.com/wcm/ 6 KB
2 KB 24ms
8ms Script
text/javascript 216.58.206.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/wcm/loader.js

Requested by

Host: uatadmin.davincimeetingrooms.com
URL: https://uatadmin.davincimeetingrooms.com/secure/login

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f3.1e100.net

Software

sffe /

Resource Hash

670f77f11cb4c747f5de1affa5b53687cf7a20d1eaf99b0ef5c9c60858aefa55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

content-encoding: br
age: 852
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options: nosniff
expires: Tue, 05 Nov 2024 07:22:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 06:22:39 GMT
last-modified: Wed, 20 Mar 2024 23:18:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
content-length: 2133
x-xss-protection: 0
server: sffe

GET
H2 200 bat.js Show response
bat.bing.com/ 50 KB
15 KB 73ms
30ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: uatadmin.davincimeetingrooms.com
URL: https://uatadmin.davincimeetingrooms.com/secure/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: gzip
etag: "028e0691d20db1:0"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 523E76BED2204CD39704BFF36CD2CD08 Ref B: FRA31EDGE0715 Ref C: 2024-11-05T06:36:51Z
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 14570
date: Tue, 05 Nov 2024 06:36:50 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 22:47:44 GMT
vary: Accept-Encoding

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1038069620/ 43 B
61 B 37ms
19ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1038069620/?random=1730788611874&cv=9&fst=1730788611874&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&data=ecomm_prodid%3D%3Becomm_pagetype%3Dother%3Becomm_totalvalue%3D%3Bdynx_itemid%3D%3Bdynx_itemid2%3D%3Bdynx_pagetype%3Dother%3Bdynx_totalvalue%3D&frm=0&url=https%3A%2F%2Fuatadmin.davincimeetingrooms.com%2Fsecure%2Flogin&tiba=Conference%20Facilities%2C%20Meeting%20Space%20%7C%20Davinci%20Meeting%20Rooms%20%26%20Conference%20Center&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 37
date: Tue, 05 Nov 2024 06:36:51 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 tp.widget.bootstrap.min.js Show response
widget.trustpilot.com/bootstrap/v5/ 23 KB
8 KB 8ms
8ms Script
application/x-javascript 52.222.236.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.sync.bootstrap.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-94.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c69de41dda83f00cc1b13dba90a57f25df046286ecd227bdd0c4d51d94947b61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

content-encoding: gzip
etag: "7d4644d89e45fe92623bdd628e60e8dd"
age: 18686
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: 8Lajq1EvsOrmRWB_twrmqp2P435cNUeYbva052g13uz8iFjgEVpO6g==
date: Tue, 05 Nov 2024 01:25:26 GMT
content-type: application/x-javascript
last-modified: Wed, 09 Oct 2024 12:04:38 GMT
strict-transport-security: max-age=31536000
cache-control: max-age=86400
via: 1.1 8a6f67a9421de326f43e9107751b580e.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 7350
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 404 event Show response
logx.optimizely.com/log/ 0
362 B 142ms
116ms XHR
text/plain 34.49.241.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/log/event
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/6322080518.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.49.241.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.241.49.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

access-control-expose-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
via: 1.1 google
access-control-allow-origin: https://uatadmin.davincimeetingrooms.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 05 Nov 2024 06:36:51 GMT
content-type: text/plain
access-control-allow-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict

GET
H/1.1 200
OK headerBkgrnd.png
uatadmin.davincimeetingrooms.com/assets/images/ 223 B
470 B 130ms
130ms Image
image/png 104.214.29.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uatadmin.davincimeetingrooms.com/assets/images/headerBkgrnd.png
Requested by: Host: uatadmin.davincimeetingrooms.com
URL: https://uatadmin.davincimeetingrooms.com/dv.css?r=5839F7895A5E0F0687102722E68EB19D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.214.29.203 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 96041a600b0b0fbe9b5abb1879edec5a8a848249edcdce726aaf1d9529683b4b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/dv.css?r=5839F7895A5E0F0687102722E68EB19D

Response headers

ETag: "02010424a2fdb1:0"
Accept-Ranges: bytes
Content-Length: 223
Date: Tue, 05 Nov 2024 06:36:51 GMT
Content-Type: image/png
Last-Modified: Tue, 05 Nov 2024 06:16:32 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET

GET
H/1.1 200
OK navDavinciLogo.png
uatadmin.davincimeetingrooms.com/assets/images/ 12 KB
13 KB 135ms
134ms Image
image/png 104.214.29.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uatadmin.davincimeetingrooms.com/assets/images/navDavinciLogo.png
Requested by: Host: uatadmin.davincimeetingrooms.com
URL: https://uatadmin.davincimeetingrooms.com/dv.css?r=5839F7895A5E0F0687102722E68EB19D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.214.29.203 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2468ce2203e061eff1bbc5b7ef7ad8e7eddc880b3a012c5240f136442fec00de

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/dv.css?r=5839F7895A5E0F0687102722E68EB19D

Response headers

ETag: "02010424a2fdb1:0"
Accept-Ranges: bytes
Content-Length: 12780
Date: Tue, 05 Nov 2024 06:36:51 GMT
Content-Type: image/png
Last-Modified: Tue, 05 Nov 2024 06:16:32 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET

GET
H/1.1 200
OK checkbox-unchecked.png
uatadmin.davincimeetingrooms.com/assets/images/listing/ 1014 B
1 KB 130ms
129ms Image
image/png 104.214.29.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uatadmin.davincimeetingrooms.com/assets/images/listing/checkbox-unchecked.png
Requested by: Host: uatadmin.davincimeetingrooms.com
URL: https://uatadmin.davincimeetingrooms.com/dv.css?r=5839F7895A5E0F0687102722E68EB19D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.214.29.203 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1bd2c76dddde8acc8e1f54a177230a34a01c2096237f03873d22cc9748ceb86f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/dv.css?r=5839F7895A5E0F0687102722E68EB19D

Response headers

ETag: "02010424a2fdb1:0"
Accept-Ranges: bytes
Content-Length: 1014
Date: Tue, 05 Nov 2024 06:36:51 GMT
Content-Type: image/png
Last-Modified: Tue, 05 Nov 2024 06:16:32 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 30ms
11ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://uatadmin.davincimeetingrooms.com
Referer: https://fonts.googleapis.com/

Response headers

age: 486757
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 15:24:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:24:14 GMT
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23580
x-xss-protection: 0
server: sffe

GET
H3 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 26ms
7ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://uatadmin.davincimeetingrooms.com
Referer: https://fonts.googleapis.com/

Response headers

age: 485753
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 15:40:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:40:58 GMT
last-modified: Tue, 02 May 2023 15:08:26 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23236
x-xss-protection: 0
server: sffe

GET
H2 200 tag.js Show response
lptag.liveperson.net/tag/ 27 KB
10 KB 108ms
20ms Script
application/javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lptag.liveperson.net/tag/tag.js?site=86101864

Requested by

Host: uatadmin.davincimeetingrooms.com
URL: https://uatadmin.davincimeetingrooms.com/secure/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.23 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

2823fbfa7b9256867e21af1ecbfbb98583c8ef0e0b495f6f01d862ef58e3d93d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
content-encoding: gzip
etag: "6657cfc2-253d"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PATCH
x-content-type-options: nosniff
content-length: 9533
date: Tue, 05 Nov 2024 06:36:52 GMT
content-type: application/javascript
last-modified: Thu, 30 May 2024 01:00:50 GMT
server: ws
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H3 200 call-tracking_9.js Show response
www.gstatic.com/call-tracking/ 62 KB
20 KB 8ms
8ms Script
text/javascript 216.58.206.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/call-tracking/call-tracking_9.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f3.1e100.net

Software

sffe /

Resource Hash

6d8f8fd6de0b42e3acc7b2f3005c599e9f54d21355c3d6850a5c13daca10d5ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

content-encoding: br
age: 97293
report-to: {"group":"ads-telephony","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-telephony"}]}
x-content-type-options: nosniff
expires: Tue, 04 Nov 2025 03:35:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 03:35:18 GMT
last-modified: Mon, 22 Jan 2024 22:18:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="ads-telephony"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-telephony
accept-ranges: bytes
content-length: 20777
x-xss-protection: 0
server: sffe

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
432 B 15ms
14ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=804094280&t=pageview&_s=1&dl=https%3A%2F%2Fuatadmin.davincimeetingrooms.com%2Fsecure%2Flogin&ul=de-de&de=UTF-8&dt=Conference%20Facilities%2C%20Meeting%20Space%20%7C%20Davinci%20Meeting%20Rooms%20%26%20Conference%20Center&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgAABAAAAACAAI~&jid=1391417229&gjid=591061074&cid=164849694.1730788612&tid=UA-6206249-1&_gid=36968039.1730788612&_slc=1&z=322190309

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 06:36:51 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://uatadmin.davincimeetingrooms.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 3
server: Golfe2

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
657 B 57ms
19ms XHR
text/plain 2a00:1450:400c:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-6206249-1&cid=164849694.1730788612&jid=1391417229&gjid=591061074&_gid=36968039.1730788612&_u=IGBAgAABAAAAAGAAI~&z=477954267

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgdc:149:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 06:36:51 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgdc:149:0
access-control-allow-origin: https://uatadmin.davincimeetingrooms.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 1
server: Golfe2

GET
H3 200 wcm Show response
www.googleadservices.com/pagead/conversion/1038069620/ 81 B
95 B 14ms
14ms XHR
application/json 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1038069620/wcm?cc=ZZ&dn=18774249767&cl=O_ZRCN7Kh2MQ9N7-7gM&ct_eid=2

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/call-tracking/call-tracking_9.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

d22d4f2250deeb2d80f1587d7d81d85e17d412bbcd98315e18fd9e35dc021c3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://uatadmin.davincimeetingrooms.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 72
date: Tue, 05 Nov 2024 06:36:51 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 240 KB
87 KB 17ms
16ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-111111111&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TL6QHZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

685d0a1525bc53daf0bb63f6b54d4d9bae66e4695c59853fb4cb47875ccf2638

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 05 Nov 2024 06:36:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 06:36:51 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 05 Nov 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 88848
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 bizible.js Show response
cdn.bizible.com/scripts/ 67 KB
25 KB 54ms
9ms Script
application/x-javascript 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.bizible.com/scripts/bizible.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TL6QHZ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.15.58 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67D4) /

Resource Hash

441dc9086f8113d30109a9369d4a1e1dc1e66a6f55be96f187d9aa05b238e469

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

strict-transport-security: max-age=31536000; includeSub
cache-control: max-age=86400
content-encoding: gzip
etag: "16628d8e32bdb1:0"
age: 33681
accept-ranges: bytes
x-cache: HIT
content-length: 25393
date: Tue, 05 Nov 2024 06:36:52 GMT
content-type: application/x-javascript
last-modified: Thu, 31 Oct 2024 22:25:52 GMT
server: ECS (frb/67D4)
vary: Accept-Encoding

GET
H2 200 pa-5d63fe9505a2410008000296.js Show response
rum-static.pingdom.net/ 6 KB
3 KB 159ms
135ms Script
application/javascript 2606:4700:10::6816:3768
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-static.pingdom.net/pa-5d63fe9505a2410008000296.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TL6QHZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3768 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fc6117262c8dc92d2d74c82a7b56aa3686efd515c9bf2965cb32769fe13f5ee

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

cache-control: max-age=86400
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"63490024-1852"
cf-ray: 8ddad4f8eb44363b-FRA
expires: Tue, 05 Nov 2024 06:41:52 GMT
access-control-allow-origin: *
date: Tue, 05 Nov 2024 06:36:52 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 14 Oct 2022 06:22:28 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 lo.js Show response
tools.luckyorange.com/core/ 13 KB
5 KB 59ms
8ms Script
text/javascript 2600:9000:2057:1400:18:6c16:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.luckyorange.com/core/lo.js?site-id=d0eb29cc
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TL6QHZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:1400:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4eda83f304d2d8c8b0c4be2233dce114827a0c51065de371ed7e8c5fd26118f3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

content-encoding: gzip
etag: "9b474f69d37960e9c471d9d3316a036d"
age: 2447
x-cache: Hit from cloudfront
x-amz-cf-id: HLdsOj0VjUPGGN49ElOqzRFgoNvOtGj55wDeLs62l5ZAsqsHsqCDdg==
date: Tue, 05 Nov 2024 05:56:06 GMT
content-type: text/javascript
vary: accept-encoding
last-modified: Tue, 22 Oct 2024 16:14:17 GMT
cache-control: max-age=3600
via: 1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 4677
x-amz-cf-pop: FRA6-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 main.js Show response
app.picreel.com/assets/ 1 KB
1 KB 586ms
183ms Script
application/javascript 44.237.145.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.picreel.com/assets/main.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TL6QHZ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.237.145.255 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-237-145-255.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c3a3db943e20d99275537609b123798805c27fee394bb3b0f489884207d46db2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

accept-ranges: bytes
content-length: 1047
date: Tue, 05 Nov 2024 06:36:52 GMT
etag: "670dffc1-417"
content-type: application/javascript
last-modified: Tue, 15 Oct 2024 05:38:09 GMT
server: nginx/1.18.0 (Ubuntu)

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 15 KB
6 KB 34ms
8ms Script
application/x-javascript 18.172.103.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TL6QHZ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.103.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-103-101.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c87aa708d354d2db657ba47b08aae2cc50653369ccbffa36448d7b47fd3e9fe6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

Transfer-Encoding: chunked
Vary: accept-encoding
Content-Encoding: gzip
ETag: W/"407149e43d6d6f4c2458e9179af5b3a2"
Age: 75712
Connection: keep-alive
Via: 1.1 da9618575b838f6c05697fe3f723a49e.cloudfront.net (CloudFront)
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: UwPbfwGTzmSimZ2Ac5n3nwUsXhu1ENIHTGNx0dZ4a1mr-O0d-O2eHw==
Date: Mon, 04 Nov 2024 09:35:00 GMT
Content-Type: application/x-javascript
Last-Modified: Thu, 31 Oct 2024 16:18:07 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P8
x-amz-server-side-encryption: AES256

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 19ms
9ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: uatadmin.davincimeetingrooms.com
URL: https://uatadmin.davincimeetingrooms.com/secure/login

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

924f0b32e86fe959e4290f3690d241cc6a24c08a0a4be56b4d3ce9c2286291bc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-HndFXge6' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 05 Nov 2024 06:36:51 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-HndFXge6' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4423, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: z/0keit9Ua5NY4SMosPzkygNhhgg2ZraQfp/COd2LnRWjNuzt6cQ0BCFHyFXN8yaRQuBZoGspN83sTMl8Z4+Rw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62086
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
24 B 15ms
15ms XHR
text/plain 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=804094280&t=pageview&_s=1&dl=https%3A%2F%2Fuatadmin.davincimeetingrooms.com%2Fsecure%2Flogin&ul=de-de&de=UTF-8&dt=Conference%20Facilities%2C%20Meeting%20Space%20%7C%20Davinci%20Meeting%20Rooms%20%26%20Conference%20Center&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEABAAAAAGAAI~&jid=1195667827&gjid=852065927&cid=164849694.1730788612&tid=UA-6206249-1&_gid=36968039.1730788612&_r=1&gtm=45He4au0n71TL6QHZv72623645za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101823848~101878899~101878944~101925629&npa=1&z=147995252

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 06:36:51 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://uatadmin.davincimeetingrooms.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 1
server: Golfe2

GET
H2 200 5117086.js Show response
bat.bing.com/p/action/ 362 B
415 B 32ms
32ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5117086.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

28168751a3267ac9c5f88003ac159fc70033e01cd6667833e52a4ef19e0f5b65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C30D9E1FD801458DA138325120EC4DAF Ref B: FRA31EDGE0715 Ref C: 2024-11-05T06:36:51Z
x-cache: CONFIG_NOCACHE
date: Tue, 05 Nov 2024 06:36:51 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 42ms
18ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-111111111&gtm=45je4au0z872623645za200zb72623645&_p=1730788611872&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101878899~101878944~101925629&cid=164849694.1730788612&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1730788612&sct=1&seg=0&dl=https%3A%2F%2Fuatadmin.davincimeetingrooms.com%2Fsecure%2Flogin&dt=Conference%20Facilities%2C%20Meeting%20Space%20%7C%20Davinci%20Meeting%20Rooms%20%26%20Conference%20Center&en=page_view&_fv=1&_ss=1&tfd=6528
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-111111111&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://uatadmin.davincimeetingrooms.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 06:36:52 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 189356184944279 Show response
connect.facebook.net/signals/config/ 67 KB
13 KB 79ms
79ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/189356184944279?v=2.9.176&r=stable&domain=uatadmin.davincimeetingrooms.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

4ead903fd72335d24159c81739cca2c9503d70599cd6f93b53bd488fb85d9727

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-7PrT7F4r' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 05 Nov 2024 06:36:52 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-7PrT7F4r' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=77, mss=1232, tbw=70852, tp=68, tpl=0, uplat=71, ullat=0
pragma: public
x-fb-debug: EULDYitsmCVwpoXa8PxuEl8B9/VBZGBJbni7vOrQ8l3PFs+JLjXWxObrzflkFdG++otZHmMcEppH8ELiAIzYZg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 204 0
bat.bing.net/actionp/ 0
346 B 114ms
62ms Ping
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.net/actionp/0?ti=5117086&Ver=2&mid=4ec0df62-672c-475d-8065-eb47b1191aae&bo=1&evt=consent&src=enforced&cdb=AQAI&asc=D
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A89F05FE0CA54BEFBB77328349D491CA Ref B: FRA31EDGE0420 Ref C: 2024-11-05T06:36:52Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Tue, 05 Nov 2024 06:36:51 GMT

GET
H2 204 0
bat.bing.net/action/ 0
120 B 113ms
61ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.net/action/0?ti=5117086&Ver=2&mid=4ec0df62-672c-475d-8065-eb47b1191aae&bo=2&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Conference%20Facilities,%20Meeting%20Space%20%7C%20Davinci%20Meeting%20Rooms%20%26%20Conference%20Center&p=https%3A%2F%2Fuatadmin.davincimeetingrooms.com%2Fsecure%2Flogin&r=&lt=6454&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=470803
Requested by: Host: uatadmin.davincimeetingrooms.com
URL: https://uatadmin.davincimeetingrooms.com/secure/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4BEAC512BA73407999DA8E3C6B6BB133 Ref B: FRA31EDGE0420 Ref C: 2024-11-05T06:36:52Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Tue, 05 Nov 2024 06:36:51 GMT

GET
H2 200 ipv
cdn.bizible.com/ 43 B
304 B 7ms
7ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.bizible.com/ipv?_biz_r=&_biz_h=-1906410348&_biz_u=823110c0dba64967a0ce6aecacd0fa20&_biz_l=https%3A%2F%2Fuatadmin.davincimeetingrooms.com%2Fsecure%2Flogin&_biz_t=1730788612025&_biz_i=Conference%20Facilities%2C%20Meeting%20Space%20%7C%20Davinci%20Meeting%20Rooms%20%26%20Conference%20Center&_biz_n=0&rnd=207061&cdn_o=a&_biz_z=1730788612025

Requested by

Host: uatadmin.davincimeetingrooms.com
URL: https://uatadmin.davincimeetingrooms.com/secure/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.15.58 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BA) /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

strict-transport-security: max-age=31536000; includeSub
cache-control: no-cache, no-store
pragma: no-cache
age: 292887
expires: -1
accept-ranges: bytes
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-length: 43
date: Tue, 05 Nov 2024 06:36:52 GMT
content-type: Image/GIF
last-modified: Fri, 01 Nov 2024 21:15:25 GMT
server: ECS (frb/67BA)

GET
H2 200 u
cdn.bizibly.com/ 43 B
204 B 14ms
7ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.bizibly.com/u?_biz_u=823110c0dba64967a0ce6aecacd0fa20&_biz_l=https%3A%2F%2Fuatadmin.davincimeetingrooms.com%2Fsecure%2Flogin&_biz_t=1730788612027&_biz_i=Conference%20Facilities%2C%20Meeting%20Space%20%7C%20Davinci%20Meeting%20Rooms%20%26%20Conference%20Center&rnd=731087&cdn_o=a&_biz_z=1730788612027

Requested by

Host: uatadmin.davincimeetingrooms.com
URL: https://uatadmin.davincimeetingrooms.com/secure/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.15.58 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6752) /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

strict-transport-security: max-age=31536000; includeSub
cache-control: no-cache, no-store
pragma: no-cache
age: 292880
expires: -1
accept-ranges: bytes
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-length: 43
date: Tue, 05 Nov 2024 06:36:52 GMT
content-type: Image/GIF
last-modified: Fri, 01 Nov 2024 21:15:32 GMT
server: ECS (frb/6752)

GET
H2 200 xdc.js Show response
cdn.bizible.com/ 111 B
320 B 120ms
120ms Script
text/javascript 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.bizible.com/xdc.js?_biz_u=823110c0dba64967a0ce6aecacd0fa20&_biz_h=-1906410348&cdn_o=a&jsVer=4.24.10.31

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.15.58 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6711) /

Resource Hash

4dc29c50d2e7d70386e6bf6fa4e27840dacaac9b674e513fac477467a87eb078

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

strict-transport-security: max-age=31536000; includeSub
cache-control: private, must-revalidate, max-age=21600
content-encoding: gzip
etag: 523AB206
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-length: 214
date: Tue, 05 Nov 2024 06:36:52 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
server: ECS (frb/6711)

GET
H2 200 .jsonp Show response
lptag.liveperson.net/lptag/api/account/86101864/configuration/applications/taglets/ 506 KB
149 KB 48ms
48ms Script
application/x-javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lptag.liveperson.net/lptag/api/account/86101864/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Requested by

Host: uatadmin.davincimeetingrooms.com
URL: https://uatadmin.davincimeetingrooms.com/secure/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.23 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

f3bf17507307a79f681d5c1920c6c5a6179f674f739519983d671039535f265d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

x-cache-status: EXPIRED
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: public, max-age=630
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PATCH
x-content-type-options: nosniff
date: Tue, 05 Nov 2024 06:36:52 GMT
content-type: application/x-javascript;charset=UTF-8
server: ws
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 24ms
8ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=189356184944279&ev=PageView&dl=https%3A%2F%2Fuatadmin.davincimeetingrooms.com%2Fsecure%2Flogin&rl=&if=false&ts=1730788612115&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1730788612114.418062221958045737&ler=empty&cdl=API_unavailable&it=1730788612018&coo=false&rqm=GET

Requested by

Host: uatadmin.davincimeetingrooms.com
URL: https://uatadmin.davincimeetingrooms.com/secure/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1297, tbw=2916, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Tue, 05 Nov 2024 06:36:52 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 192ms
176ms Image
image/png 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=189356184944279&ev=PageView&dl=https%3A%2F%2Fuatadmin.davincimeetingrooms.com%2Fsecure%2Flogin&rl=&if=false&ts=1730788612115&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1730788612114.418062221958045737&ler=empty&cdl=API_unavailable&it=1730788612018&coo=false&rqm=FGET

Requested by

Host: uatadmin.davincimeetingrooms.com
URL: https://uatadmin.davincimeetingrooms.com/secure/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src 'report-sample' .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7433680485676506685"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 05 Nov 2024 06:36:52 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: sSDqV+IEuRW+xde6zdQn77Dl19/bJbeyVp8igo/xpmftRR8wsGjS+v+qXFU1qw10iyPavycYXp/Q95/PL4CMZQ==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7433680485676506685", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=12, rtx=0, c=10, mss=1297, tbw=3233, tp=-1, tpl=-1, uplat=167, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET d0eb29cc
settings.luckyorange.com/ 0
0

OPTIONS
H2 200 d0eb29cc
settings.luckyorange.com/ Frame 0
0 144ms
120ms Preflight 34.107.203.234
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://settings.luckyorange.com/d0eb29cc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 234.203.107.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-lucky-referrer,x-lucky-uid
Access-Control-Request-Method: GET
Origin: https://uatadmin.davincimeetingrooms.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Origin,Authorization,Content-Type,X-Lucky-Uid,X-Lucky-Site-Id,X-Lucky-Impersonate,X-Lucky-Session-Id,X-Lucky-Referrer
access-control-allow-methods: POST,GET,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://uatadmin.davincimeetingrooms.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 05 Nov 2024 06:36:52 GMT
via: 1.1 google

GET
H2 200 / Show response
accdn.lpsnmedia.net/api/account/86101864/configuration/setting/accountproperties/ 7 KB
2 KB 138ms
45ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/86101864/configuration/setting/accountproperties/?cb=accountSettingsCB

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/86101864/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

27271a571b9e2700caf70c38e261629811271cf02b7b3abbd86b881c757c5e62

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

x-cache-status: EXPIRED
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PATCH
x-content-type-options: nosniff
expires: Tue, 05 Nov 2024 06:37:52 GMT
date: Tue, 05 Nov 2024 06:36:52 GMT
content-type: application/javascript
vary: Accept
server: ws
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 ui-framework.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.40.1-release_1497670326/ 38 KB
12 KB 101ms
8ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_unified_window/10.40.1-release_1497670326/ui-framework.js?version=10.40.1-release_1497670326

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/86101864/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

120.154.120.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

dd101610bfdd5074e44f8db73ae061dfbd46c7b6a7c860171e525088e85b6474

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=oKNHqQ==, md5=BYdG3qhck64DJvVkVcqFTw==
content-encoding: br
age: 913
x-content-type-options: nosniff
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 39335
date: Tue, 05 Nov 2024 06:21:39 GMT
last-modified: Sun, 20 Oct 2024 13:15:07 GMT
content-type: application/javascript
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY33ImJOJoiqApr15Cm_kJysG-bHWWIzzKc4DIBOvfBcSJSr69gyY707pHvTaqkGYWCPjcsmyKTGBQ
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public,max-age=31536000
timing-allow-origin: https://z1.le.liveperson.net, https://va.le.liveperson.net, https://z2.le.liveperson.net, https://lo.le.liveperson.net, https://am.le.liveperson.net, https://z3.le.liveperson.net, https://sy.le.liveperson.net, https://me.le.liveperson.net, https://vz-care-dev.liveengage.verizon.com, https://vz-care-qa.liveengage.verizon.com, https://vz-care.liveengage.verizon.com
x-goog-storage-class: MULTI_REGIONAL
via: 1.1 google
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1729430107826024
content-length: 11795
server: UploadServer

GET
H2 200 surveylogicinstance.min.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.40.1-release_1497670326/ 8 KB
3 KB 100ms
8ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_unified_window/10.40.1-release_1497670326/surveylogicinstance.min.js?version=10.40.1-release_1497670326

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/86101864/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

120.154.120.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

7fcbc5d3c3265e7038e929c1cff2495764dd435c770852863eb46b9791c49524

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=Qyp3Rw==, md5=paUQAgyh/ZCObtCdJZmPqw==
content-encoding: br
age: 266
x-content-type-options: nosniff
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 7794
date: Tue, 05 Nov 2024 06:32:26 GMT
last-modified: Sun, 20 Oct 2024 13:15:07 GMT
content-type: application/javascript
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY2qC219PXsUiL6hRPmhx2IzV3Ctxdn5itVJtCvocWnq7zJ-sahjlJVvvXysU2G88AYPNvnuRNpltw
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public,max-age=31536000
timing-allow-origin: https://z1.le.liveperson.net, https://va.le.liveperson.net, https://z2.le.liveperson.net, https://lo.le.liveperson.net, https://am.le.liveperson.net, https://z3.le.liveperson.net, https://sy.le.liveperson.net, https://me.le.liveperson.net, https://vz-care-dev.liveengage.verizon.com, https://vz-care-qa.liveengage.verizon.com, https://vz-care.liveengage.verizon.com
x-goog-storage-class: MULTI_REGIONAL
via: 1.1 google
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1729430107798387
content-length: 2275
server: UploadServer

GET
H2 200 zones Show response
accdn.lpsnmedia.net/api/account/86101864/configuration/le-campaigns/ 42 KB
6 KB 117ms
27ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/86101864/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/86101864/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

dac17f2248b0d2b00414586f55e9ed6aefba77f030d15d9f3d5eadd71f9e7707

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

x-cache-status: EXPIRED
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PATCH
x-content-type-options: nosniff
expires: Tue, 05 Nov 2024 06:37:52 GMT
date: Tue, 05 Nov 2024 06:36:52 GMT
content-type: application/javascript
vary: Accept
server: ws
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 desktopEmbedded.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.40.1-release_1497670326/ 1 MB
254 KB 9ms
8ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_unified_window/10.40.1-release_1497670326/desktopEmbedded.js?version=10.40.1-release_1497670326

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/86101864/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

120.154.120.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

e461d7db8b2e5f1134cf65a81cb67266012efca717f4a345ff82d565308b780c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=jrB2QA==, md5=X5yyJArsNw3PSzi8AYtKLA==
content-encoding: br
age: 2471
x-content-type-options: nosniff
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 1112334
date: Tue, 05 Nov 2024 05:55:41 GMT
last-modified: Sun, 20 Oct 2024 13:15:07 GMT
content-type: application/javascript
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY1QUkVwm9ngGEpSewzku7Q7wFMIW0Da0AYuxhj4smbjPX1t0mZ9-f_fC1a9wpkCH5mNuK502witPw
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public,max-age=31536000
timing-allow-origin: https://z1.le.liveperson.net, https://va.le.liveperson.net, https://z2.le.liveperson.net, https://lo.le.liveperson.net, https://am.le.liveperson.net, https://z3.le.liveperson.net, https://sy.le.liveperson.net, https://me.le.liveperson.net, https://vz-care-dev.liveengage.verizon.com, https://vz-care-qa.liveengage.verizon.com, https://vz-care.liveengage.verizon.com
x-goog-storage-class: MULTI_REGIONAL
via: 1.1 google
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1729430107436925
content-length: 260269
server: UploadServer

GET
H3 200 storage.secure.min.js Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.31.1-release_1465379762/ 44 KB
15 KB 12ms
11ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_secure_storage/3.31.1-release_1465379762/storage.secure.min.js?loc=https%3A%2F%2Fuatadmin.davincimeetingrooms.com&site=86101864&env=prod&accdn=accdn.lpsnmedia.net

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/86101864/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

120.154.120.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

9a8d16cf69b04f17bf869fdc4b81588cde13c410f37e079820b54e1baed4bac7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=8YO1Sw==, md5=4+aMlAImxNFdUXksF62+nA==
content-encoding: br
age: 1742
x-content-type-options: nosniff
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 44755
date: Tue, 05 Nov 2024 06:07:50 GMT
last-modified: Sun, 20 Oct 2024 13:17:36 GMT
content-type: application/javascript
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY3LF0GX3KJRnZ8kqVXzN-Tz5HP514DAtbnblYb0AQFeFD11pyTjiCbQ_Ee42kYIFvigEfIG6TeF9g
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public,max-age=31536000
timing-allow-origin: https://z1.le.liveperson.net, https://va.le.liveperson.net, https://z2.le.liveperson.net, https://lo.le.liveperson.net, https://am.le.liveperson.net, https://z3.le.liveperson.net, https://sy.le.liveperson.net, https://me.le.liveperson.net, https://vz-care-dev.liveengage.verizon.com, https://vz-care-qa.liveengage.verizon.com, https://vz-care.liveengage.verizon.com
x-goog-storage-class: MULTI_REGIONAL
via: 1.1 google
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1729430256453751
content-length: 14853
server: UploadServer

GET
H2 200 storage.secure.min.html
lpcdn.lpsnmedia.net/le_secure_storage/3.31.1-release_1465379762/ Frame F202 0
0 33ms
8ms Document
text/html 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_secure_storage/3.31.1-release_1465379762/storage.secure.min.html?loc=https%3A%2F%2Fuatadmin.davincimeetingrooms.com&site=86101864&ist=sessionStorage&env=prod&accdn=accdn.lpsnmedia.net

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/86101864/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

120.154.120.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://uatadmin.davincimeetingrooms.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1388
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=31536000
content-encoding: br
content-length: 15827
content-type: text/html
date: Tue, 05 Nov 2024 06:13:44 GMT
last-modified: Sun, 20 Oct 2024 13:17:36 GMT
server: UploadServer
strict-transport-security: max-age=31536000; includeSubDomains
timing-allow-origin: https://z1.le.liveperson.net, https://va.le.liveperson.net, https://z2.le.liveperson.net, https://lo.le.liveperson.net, https://am.le.liveperson.net, https://z3.le.liveperson.net, https://sy.le.liveperson.net, https://me.le.liveperson.net, https://vz-care-dev.liveengage.verizon.com, https://vz-care-qa.liveengage.verizon.com, https://vz-care.liveengage.verizon.com
vary: Accept-Encoding
via: 1.1 google
x-content-type-options: nosniff
x-goog-generation: 1729430256442261
x-goog-hash: crc32c=KlhQzg== md5=bKsN5C5ryS+u3DZ/8oCZxA==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 48665
x-guploader-uploadid: AHmUCY1GwEZCbwCBo8nJAYkQvlned5_cfALx76ZDYWp7n5wpNaA1-SADuwrBfNEFqIB0qMEMV9Ztsi0jpg

GET
H2 200 86101864 Show response
va.v.liveperson.net/api/js/ 248 B
1 KB 535ms
230ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.v.liveperson.net/api/js/86101864?&cb=lpCb35129x80441&t=sp&ts=1730788612231&pid=4489822297&tid=4419913248&pt=Conference%20Facilities%2C%20Meeting%20Space%20%7C%20Davinci%20Meeting%20Rooms%20%26%20Conference%20Center&u=https%3A%2F%2Fuatadmin.davincimeetingrooms.com%2Fsecure%2Flogin&df=0&os=2&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/86101864/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.v.liveperson.net

Software

ws /

Resource Hash

6e2b69791d96edabe3f250bd748d3abb101d6b335cbece9159774e64062b22b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-store
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PATCH
date: Tue, 05 Nov 2024 06:36:52 GMT
content-type: application/javascript
server: ws
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

POST
H2 404 event Show response
logx.optimizely.com/log/ 0
45 B 112ms
110ms XHR
text/plain 34.49.241.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/log/event
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.49.241.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.241.49.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

access-control-expose-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
via: 1.1 google
access-control-allow-origin: https://uatadmin.davincimeetingrooms.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 05 Nov 2024 06:36:52 GMT
content-type: text/plain
access-control-allow-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict

POST
H2 404 event Show response
logx.optimizely.com/log/ 0
45 B 113ms
111ms XHR
text/plain 34.49.241.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/log/event
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.49.241.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.241.49.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

access-control-expose-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
via: 1.1 google
access-control-allow-origin: https://uatadmin.davincimeetingrooms.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 05 Nov 2024 06:36:52 GMT
content-type: text/plain
access-control-allow-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict

POST
H2 404 event Show response
logx.optimizely.com/log/ 0
45 B 112ms
111ms XHR
text/plain 34.49.241.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/log/event
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.49.241.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.241.49.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

access-control-expose-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
via: 1.1 google
access-control-allow-origin: https://uatadmin.davincimeetingrooms.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 05 Nov 2024 06:36:52 GMT
content-type: text/plain
access-control-allow-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict

GET
H2 200 86101864 Show response
va.v.liveperson.net/api/js/ 41 B
838 B 96ms
96ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.v.liveperson.net/api/js/86101864?sid=iG8y3b_1R6muH9UuHCjBYg&cb=lpCb16074x5622&t=uc&ts=1730788612351&pid=4489822297&tid=4419913248&sdes=%5B%7B%22type%22%3A%22pagediv%22%2C%22divId%22%3A%22LP_DIV_1377295410447%22%7D%5D&vid=NhMjM5ZTNlOTdkN2Y3NWM1

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/86101864/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.v.liveperson.net

Software

ws /

Resource Hash

e8914e0fd9fe278e7d930baaa0ccfa0dbb27278d738233bb4e479ceae978b7d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-store
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PATCH
date: Tue, 05 Nov 2024 06:36:53 GMT
content-type: application/javascript
server: ws
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 86101864 Show response
va.v.liveperson.net/api/js/ 110 B
900 B 96ms
96ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.v.liveperson.net/api/js/86101864?sid=iG8y3b_1R6muH9UuHCjBYg&cb=lpCb8184x49139&t=pl&ts=1730788612437&pid=4489822297&tid=4419913248&vid=NhMjM5ZTNlOTdkN2Y3NWM1

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/86101864/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.v.liveperson.net

Software

ws /

Resource Hash

fa79349f67c471e73d1872c5dcf9c22c62cba9930a58475e9b2ab96697b08bbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-store
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PATCH
date: Tue, 05 Nov 2024 06:36:53 GMT
content-type: application/javascript
server: ws
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 hotjar-1454230.js Show response
static.hotjar.com/c/ 13 KB
6 KB 51ms
34ms Script
application/javascript 18.66.102.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1454230.js?sv=6

Requested by

Host: uatadmin.davincimeetingrooms.com
URL: https://uatadmin.davincimeetingrooms.com/secure/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.51 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-51.fra56.r.cloudfront.net

Software

Resource Hash

f0d0699a59934cb32a65d2a6f366bdb77e83d9830051d863ef2952de93c376c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=60
content-encoding: br
etag: W/493e9c558d19c99ae6c35f4f26130920
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-cache-hit: 1
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: RefreshHit from cloudfront
x-amz-cf-id: -xCQ9fLPqd0vms3zhYVE0S2yj-gH7-AR7bjWxSOG1ts7A0af-dMdHQ==
date: Tue, 05 Nov 2024 06:36:53 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-amz-cf-pop: FRA56-P2

GET
H2 200 t.js Show response
125525.tctm.co/ 50 KB
16 KB 58ms
19ms Script
application/x-javascript 2600:9000:223d:9400:12:de4a:40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://125525.tctm.co/t.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TL6QHZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:9400:12:de4a:40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ctm /
Resource Hash: 84c1f9cfe515e1be2fcfeba8493b01566824d941d34365bd832a6d1167e999f0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
etag: W/6729bd050001ea552a32df24-125525
via: 1.1 eaedf92fd05c53aa96f20b6322b473e6.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: GKhYRFj1Oan6rkfZrPOv_PUB0wz_NTY87g8sO40sKH42p2wbXUwWsQ==
date: Tue, 05 Nov 2024 06:36:53 GMT
content-type: application/x-javascript
last-modified: Tue, 05 Nov 2024 06:36:53 GMT
server: ctm
x-amz-cf-pop: FRA56-P3

GET
H2 200 up
insight.adsrvr.org/track/ Frame FBA8 0
0 101ms
31ms Document
text/html 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=hl90nhy&ref=https%3A%2F%2Fuatadmin.davincimeetingrooms.com%2Fsecure%2Flogin&upid=q84sit1&upv=1.1.0&paapi=1
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash

Request headers

Referer: https://uatadmin.davincimeetingrooms.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-length: 0
content-type: text/html
date: Tue, 05 Nov 2024 06:36:53 GMT
server: Kestrel

GET
H/1.1 200
OK favicon.ico
uatadmin.davincimeetingrooms.com/ 1 KB
1 KB 125ms
124ms Other
image/x-icon 104.214.29.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://uatadmin.davincimeetingrooms.com/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.214.29.203 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c36f1f571fa6ffce09c2d775c12a7002f3704c6fa943787af33bd340a5681930

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/secure/login

Response headers

ETag: "02010424a2fdb1:0"
Accept-Ranges: bytes
Content-Length: 1150
Date: Tue, 05 Nov 2024 06:36:53 GMT
Content-Type: image/x-icon
Last-Modified: Tue, 05 Nov 2024 06:16:32 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET

GET
H/1.1 200
OK beacon.gif Show response
rum-collector-2.pingdom.net/img/ 0
213 B 119ms
28ms XHR
text/plain 54.78.174.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-collector-2.pingdom.net/img/beacon.gif?id=5d63fe9505a2410008000296&sAW=1600&sAH=1200&bIW=1600&bIH=1200&pD=24&dPR=1&or=landscape-primary&nT=0&rC=0&nS=0&cS=3719&cE=3719&dLE=3719&dLS=3719&fS=3719&hS=-1&rE=-1&rS=-1&reS=3720&resS=5270&resE=5274&uEE=-1&uES=-1&dL=5281&dI=6449&dCLES=6449&dCLEE=6454&dC=7696&lES=7696&lEE=7697&s=nt&title=Conference%20Facilities%2C%20Meeting%20Space%20%7C%20Davinci%20Meeting%20Rooms%20%26%20Conference%20Center&path=https%3A%2F%2Fuatadmin.davincimeetingrooms.com%2Fsecure%2Flogin&ref=&sId=yymtcclo&sST=1730788613&sIS=1&rV=0&v=1.4.1
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.174.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-174-227.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

Expires: 0
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 0
Date: Tue, 05 Nov 2024 06:36:53 GMT
Pragma: no-cache
Connection: keep-alive

GET
H2 200 modules.6f60e575cf8ad7cb10f7.js Show response
script.hotjar.com/ 222 KB
55 KB 25ms
7ms Script
application/javascript 13.33.187.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.6f60e575cf8ad7cb10f7.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1454230.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.187.109 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-187-109.fra60.r.cloudfront.net

Software

Resource Hash

f0a9b19d1615e0e2afdca507d4c7cbe384b0bdfad5cbaf63c14a386df33a62d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

x-robots-tag: none
content-encoding: br
etag: "56b1b49a4bdc4c874445907df778d045"
age: 58615
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: Kigd83l7QEOn3CLETuouIgLszYgoa9X8FVD9wM4Od6qLFtkerNxI0g==
date: Mon, 04 Nov 2024 14:19:58 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 Nov 2024 14:19:24 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
via: 1.1 ccd3e547bd5d86bbfbaca15b4307ce70.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 56128
x-amz-cf-pop: FRA60-P9

GET
H2 200 p.js Show response
125525.tctm.co/ 73 B
479 B 22ms
21ms Script
application/x-javascript 2600:9000:223d:9400:12:de4a:40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://125525.tctm.co/p.js?sid=6729bd050001ea552a32df24&p=632951.1.877.424.9767&
Requested by: Host: 125525.tctm.co
URL: https://125525.tctm.co/t.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:9400:12:de4a:40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ctm /
Resource Hash: 14fe7cef1de87101e8f5befea551669d6b237cb0055c70dbd370833b1fc3f695

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
via: 1.1 eaedf92fd05c53aa96f20b6322b473e6.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: A5xNZkGRZNhwzPzX1k5OdQhDrYNb7EH-fofVWwA6bRPM7r38hn5f1w==
date: Tue, 05 Nov 2024 06:36:53 GMT
content-type: application/x-javascript
x-amz-cf-pop: FRA56-P3
server: ctm

GET
H2 200 edit.js Show response
app.picreel.com/assets/js/ 102 KB
102 KB 539ms
538ms Script
application/javascript 44.237.145.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.picreel.com/assets/js/edit.js?v=1731725259
Requested by: Host: app.picreel.com
URL: https://app.picreel.com/assets/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.237.145.255 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-237-145-255.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3fdb76df4263336c1d52282f8ecb6f490c184e1392392376fccb48f048c8970c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

accept-ranges: bytes
content-length: 104504
date: Tue, 05 Nov 2024 06:36:53 GMT
etag: "671a151c-19838"
content-type: application/javascript
last-modified: Thu, 24 Oct 2024 09:36:28 GMT
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 events.js Show response
app.picreel.com/assets/ 59 KB
59 KB 360ms
360ms Script
application/javascript 44.237.145.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.picreel.com/assets/events.js?v=1731725259
Requested by: Host: app.picreel.com
URL: https://app.picreel.com/assets/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.237.145.255 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-237-145-255.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3a8d1191e4aa28303f073c5c0dbba28cbe2f1f146ed7d2627d5338927b9a84d1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

accept-ranges: bytes
content-length: 60689
date: Tue, 05 Nov 2024 06:36:53 GMT
etag: "670e21fc-ed11"
content-type: application/javascript
last-modified: Tue, 15 Oct 2024 08:04:12 GMT
server: nginx/1.18.0 (Ubuntu)

GET
H2 204 1454230 Show response
vc.hotjar.io/sessions/ 0
233 B 64ms
34ms XHR
text/plain 18.66.112.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/1454230?s=0.25&r=0.05378336364155767
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-19.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
access-control-allow-origin: *
cache-control: no-store
x-cache: Miss from cloudfront
x-amz-cf-id: EiJwHw0lcqcKJYLshtDwDxHP-5aupXyFb9E5vDSjfQIU7o61SYQniA==
date: Tue, 05 Nov 2024 06:36:53 GMT
x-amz-cf-pop: FRA56-P5

POST
H2 200 / Show response
content.hotjar.io/ 56 B
172 B 105ms
30ms XHR
application/json 34.247.247.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?site_id=1454230&gzip=1
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.247.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-247-224.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2419e158b18bc8cfe1db2b4d81826f6b5cfb29b67b30122ad20045a64658c392

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain; charset=UTF-8
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

access-control-max-age: 86400
access-control-allow-origin: *
content-length: 56
date: Tue, 05 Nov 2024 06:36:53 GMT
content-type: application/json

POST
H2 200 / Show response
app.picreel.com/visitor/get_campaigns/ 2 B
347 B 729ms
365ms XHR
text/html 44.237.145.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.picreel.com/visitor/get_campaigns/
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.237.145.255 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-237-145-255.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryARSQmhFyT9RngS4K
Referer: https://uatadmin.davincimeetingrooms.com/

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
pragma: no-cache
expires: Thu, 19 Nov 1981 08:52:00 GMT
access-control-allow-origin: *
date: Tue, 05 Nov 2024 06:36:54 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.18.0 (Ubuntu)

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: settings.luckyorange.com
URL: https://settings.luckyorange.com/d0eb29cc

Verdicts & Comments Add Verdict or Comment

127 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.uatadmin.davincimeetingrooms.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: f6deb2a666fc016cfdb2beb295bd5e8ec06277d6b15612228abfba4acfd8f929
.uatadmin.davincimeetingrooms.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: f6deb2a666fc016cfdb2beb295bd5e8ec06277d6b15612228abfba4acfd8f929
.davincimeetingrooms.com/	1970-01-21 10:22:28	Name: optimizelyEndUserId Value: oeu1730788611903r0.5725450048171574
.doubleclick.net/	1970-01-21 00:46:29	Name: test_cookie Value: CheckForPermission
.davincimeetingrooms.com/	1970-01-21 00:47:55	Name: _gid Value: GA1.2.36968039.1730788612
.davincimeetingrooms.com/	1970-01-21 00:46:28	Name: _gat Value: 1
.davincimeetingrooms.com/	1970-01-21 00:46:28	Name: _gat_UA-6206249-1 Value: 1
.davincimeetingrooms.com/	1970-01-21 10:22:28	Name: _ga_111111111 Value: GS1.1.1730788612.1.0.1730788612.0.0.0
.davincimeetingrooms.com/	1970-01-21 10:22:28	Name: _ga Value: GA1.1.164849694.1730788612
.davincimeetingrooms.com/	1970-01-21 09:32:04	Name: _biz_uid Value: 823110c0dba64967a0ce6aecacd0fa20
.davincimeetingrooms.com/	1970-01-21 09:32:04	Name: _biz_nA Value: 1
.bizible.com/	1970-01-21 09:32:04	Name: _BUID Value: 823110c0dba64967a0ce6aecacd0fa20
.davincimeetingrooms.com/	1970-01-21 09:32:04	Name: _biz_pendingA Value: %5B%5D
.bizibly.com/	1970-01-21 09:32:04	Name: _BUID Value: 8189ebec6572b43a15ba2809da5c53cf
.davincimeetingrooms.com/	1970-01-21 02:56:04	Name: _fbp Value: fb.1.1730788612114.418062221958045737
.davincimeetingrooms.com/	1970-01-21 09:32:04	Name: _biz_flagsA Value: %7B%22Version%22%3A1%2C%22ViewThrough%22%3A%221%22%2C%22XDomain%22%3A%221%22%7D
.davincimeetingrooms.com/	1970-01-21 09:32:04	Name: LPVID Value: NhMjM5ZTNlOTdkN2Y3NWM1
.davincimeetingrooms.com/	1969-12-31 23:59:59	Name: LPSID-86101864 Value: iG8y3b_1R6muH9UuHCjBYg
125525.tctm.co/	1969-12-31 23:59:59	Name: ct125525 Value: 6729bd050001ea552a32df24
.davincimeetingrooms.com/	1970-01-21 02:56:04	Name: __ctmid Value: 6729bd050001ea552a32df24
uatadmin.davincimeetingrooms.com/	1970-01-21 02:56:04	Name: __ctmid Value: 6729bd050001ea552a32df24
.davincimeetingrooms.com/	1970-01-21 09:32:04	Name: _hjSessionUser_1454230 Value: eyJpZCI6IjMwMDAwZTU4LWE1MTItNTUxMy1hZGY2LWZkZmExMmE4NWQ5MiIsImNyZWF0ZWQiOjE3MzA3ODg2MTMyOTUsImV4aXN0aW5nIjp0cnVlfQ==
.davincimeetingrooms.com/	1970-01-21 00:46:30	Name: _hjSession_1454230 Value: eyJpZCI6IjIzMjdjM2M4LWFlNzctNDI4Yy05NGRiLTMyN2JmZTQ5YzI0YSIsImMiOjE3MzA3ODg2MTMyOTYsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
uatadmin.davincimeetingrooms.com/	1970-01-21 00:47:55	Name: PicreelUser_pages Value: 1

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://uatadmin.davincimeetingrooms.com/secure/login Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://logx.optimizely.com/log/event Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://uatadmin.davincimeetingrooms.com/secure/login Message: Access to fetch at 'https://settings.luckyorange.com/d0eb29cc' from origin 'https://uatadmin.davincimeetingrooms.com' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://www.davincimeetingrooms.com' that is not equal to the supplied origin. Have the server send the header with a valid value, or, if an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://settings.luckyorange.com/d0eb29cc Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://logx.optimizely.com/log/event Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://logx.optimizely.com/log/event Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://logx.optimizely.com/log/event Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

125525.tctm.co
accdn.lpsnmedia.net
app.picreel.com
bat.bing.com
bat.bing.net
cdn.bizible.com
cdn.bizibly.com
cdn.optimizely.com
connect.facebook.net
content.hotjar.io
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
insight.adsrvr.org
js.adsrvr.org
logx.optimizely.com
lpcdn.lpsnmedia.net
lptag.liveperson.net
region1.google-analytics.com
rum-collector-2.pingdom.net
rum-static.pingdom.net
script.hotjar.com
settings.luckyorange.com
static.hotjar.com
stats.g.doubleclick.net
tools.luckyorange.com
uatadmin.davincimeetingrooms.com
va.v.liveperson.net
vc.hotjar.io
widget.trustpilot.com
www.facebook.com
www.google-analytics.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
settings.luckyorange.com
104.214.29.203
13.33.187.109
142.250.184.194
142.250.185.78
142.250.186.34
142.250.186.99
152.195.15.58
157.240.253.1
178.249.97.23
178.249.97.99
18.172.103.101
18.66.102.51
18.66.112.19
2001:4860:4802:32::36
208.89.12.87
216.58.206.67
2600:9000:2057:1400:18:6c16:27c0:93a1
2600:9000:223d:9400:12:de4a:40:93a1
2606:4700:10::6816:3768
2606:4700::6812:4139
2620:1ec:33:1::10
2620:1ec:c11::237
2a00:1450:4001:803::200a
2a00:1450:4001:80b::2008
2a00:1450:4001:80e::200e
2a00:1450:400c:c09::9a
2a03:2880:f176:181:face:b00c:0:25de
3.33.220.150
34.107.203.234
34.120.154.120
34.247.247.224
34.49.241.189
44.237.145.255
52.222.236.94
54.78.174.227
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
11b1c0e5a3310cfaf10c857db28ffbbe227c31bac0acdd5b56397eac032c82d9
14fe7cef1de87101e8f5befea551669d6b237cb0055c70dbd370833b1fc3f695
1bd2c76dddde8acc8e1f54a177230a34a01c2096237f03873d22cc9748ceb86f
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2419e158b18bc8cfe1db2b4d81826f6b5cfb29b67b30122ad20045a64658c392
2468ce2203e061eff1bbc5b7ef7ad8e7eddc880b3a012c5240f136442fec00de
2702ff9f74655600a95ea32679da5a2ba076156e8a48b3f4704a36ef1efd4113
27271a571b9e2700caf70c38e261629811271cf02b7b3abbd86b881c757c5e62
28168751a3267ac9c5f88003ac159fc70033e01cd6667833e52a4ef19e0f5b65
2823fbfa7b9256867e21af1ecbfbb98583c8ef0e0b495f6f01d862ef58e3d93d
2deb32d57737b66d2c08a84735041ec451d464df98fc013c805cf4316fbdb586
2f1b8ad59cd5cab9c4c8f4b3535b262e1be94cf62006be1cd959b39bc497e892
3a8d1191e4aa28303f073c5c0dbba28cbe2f1f146ed7d2627d5338927b9a84d1
3ab642f16e2140290494735e1ae6d4f9e60cd311eab591bec8023a432fec8301
3fdb76df4263336c1d52282f8ecb6f490c184e1392392376fccb48f048c8970c
441dc9086f8113d30109a9369d4a1e1dc1e66a6f55be96f187d9aa05b238e469
4dc29c50d2e7d70386e6bf6fa4e27840dacaac9b674e513fac477467a87eb078
4ead903fd72335d24159c81739cca2c9503d70599cd6f93b53bd488fb85d9727
4eda83f304d2d8c8b0c4be2233dce114827a0c51065de371ed7e8c5fd26118f3
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
670f77f11cb4c747f5de1affa5b53687cf7a20d1eaf99b0ef5c9c60858aefa55
685d0a1525bc53daf0bb63f6b54d4d9bae66e4695c59853fb4cb47875ccf2638
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d8f8fd6de0b42e3acc7b2f3005c599e9f54d21355c3d6850a5c13daca10d5ad
6e2b69791d96edabe3f250bd748d3abb101d6b335cbece9159774e64062b22b7
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
7a5ac3ae33283dd222e22adbaecabd79da1e973144b42e03e05ec96dd306c850
7fc6117262c8dc92d2d74c82a7b56aa3686efd515c9bf2965cb32769fe13f5ee
7fcbc5d3c3265e7038e929c1cff2495764dd435c770852863eb46b9791c49524
84c1f9cfe515e1be2fcfeba8493b01566824d941d34365bd832a6d1167e999f0
90745a0f257aa1424e5b997ec85544b52094e60b7187c09ec3f108303bfc2073
90e974df873feda1d776ead3f199c7e9144bc524114dc9a4acac291cd8f56512
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
924f0b32e86fe959e4290f3690d241cc6a24c08a0a4be56b4d3ce9c2286291bc
96041a600b0b0fbe9b5abb1879edec5a8a848249edcdce726aaf1d9529683b4b
9a8d16cf69b04f17bf869fdc4b81588cde13c410f37e079820b54e1baed4bac7
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
af5c27d91a8b814351b6522aa17a23a709545f11cdbc953cb0d452280e5d3b0d
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
bd141e2b7780aad75f631f169a6a47ea8de2604d2bbd40827e8bbd93673b509f
c36f1f571fa6ffce09c2d775c12a7002f3704c6fa943787af33bd340a5681930
c3a3db943e20d99275537609b123798805c27fee394bb3b0f489884207d46db2
c69de41dda83f00cc1b13dba90a57f25df046286ecd227bdd0c4d51d94947b61
c87aa708d354d2db657ba47b08aae2cc50653369ccbffa36448d7b47fd3e9fe6
c8b32f0ae8408024e373a54c923594708f646dc2a905b29fa21dbe5a5e5b7c1f
cccdeef8b4b221944a1ed97f0f64da34c961ed48a0e604f53d1940b4ee950818
d22d4f2250deeb2d80f1587d7d81d85e17d412bbcd98315e18fd9e35dc021c3b
dac17f2248b0d2b00414586f55e9ed6aefba77f030d15d9f3d5eadd71f9e7707
dd101610bfdd5074e44f8db73ae061dfbd46c7b6a7c860171e525088e85b6474
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e461d7db8b2e5f1134cf65a81cb67266012efca717f4a345ff82d565308b780c
e8914e0fd9fe278e7d930baaa0ccfa0dbb27278d738233bb4e479ceae978b7d7
f0a9b19d1615e0e2afdca507d4c7cbe384b0bdfad5cbaf63c14a386df33a62d7
f0d0699a59934cb32a65d2a6f366bdb77e83d9830051d863ef2952de93c376c1
f3bf17507307a79f681d5c1920c6c5a6179f674f739519983d671039535f265d
f5bf35ec31a628e648ebeaa60f93f5a282838a9a0d37389df247392016a86164
fa79349f67c471e73d1872c5dcf9c22c62cba9930a58475e9b2ab96697b08bbb

uatadmin.davincimeetingrooms.com Open in urlscan Pro 104.214.29.203 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

75 Requests

99 %HTTPS

34 %IPv6

24 Domains

35 Subdomains

36 IPs

4 Countries

1431 kBTransfer

4330 kBSize

24 Cookies

0 Outgoing links

Page URL History

Redirected requests

75 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

uatadmin.davincimeetingrooms.com Open in urlscan Pro
104.214.29.203 Public Scan

Screenshot
Live screenshot

Full Image

75
Requests

99 %
HTTPS

34 %
IPv6

24
Domains

35
Subdomains

36
IPs

4
Countries

1431 kB
Transfer

4330 kB
Size

24
Cookies

75 HTTP transactions
0 data transactions