urlscan.io logo urlscan.io
SecurityTrails logo

app.dam-health.com Open in urlscan Pro
2606:4700:10::6816:367d  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy2...
Effective URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvY...
Submission Tags: falconsandbox
Submission: On May 10 via api from US — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 4 countries across 17 domains to perform 57 HTTP transactions. The main IP is 2606:4700:10::6816:367d, located in United States and belongs to CLOUDFLARENET, US. The main domain is app.dam-health.com.
TLS certificate: Issued by E1 on April 18th 2022. Valid for: 3 months.
This is the only time app.dam-health.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 10 95.110.136.136 31034 (ARUBA-ASN)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 2600:9000:206... 16509 (AMAZON-02)
18 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 151.101.0.176 54113 (FASTLY)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2620:1ec:27::... 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
2 54.187.119.242 16509 (AMAZON-02)
2 65.9.85.9 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.130 15169 (GOOGLE)
2 20.84.22.197 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.41.199.178 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 52.142.114.2 ()
1 1 2620:1ec:c11:... ()
57 20
10    95.110.136.136 (Ponte San Pietro, Italy)

ASN31034 (ARUBA-ASN, IT)
PTR: net-80-211-49-112.cust.vodafonedsl.it
urlsand.esvalabs.com
2    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2600:9000:206f:e00:9:ec94:b800:93a1 (United States)

ASN16509 (AMAZON-02, US)
trk.klclick3.com
18    2606:4700:10::6816:367d (United States)

ASN13335 (CLOUDFLARENET, US)
app.dam-health.com
2    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
3    151.101.0.176 (United States)

ASN54113 (FASTLY, US)
js.stripe.com
2    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2620:1ec:27::cafe:1784 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com
q.stripe.com
2    65.9.85.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-85-9.ams1.r.cloudfront.net
m.stripe.network
2    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
www.googleadservices.com
2    20.84.22.197 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
f.clarity.ms
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    52.41.199.178 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-41-199-178.us-west-2.compute.amazonaws.com
m.stripe.com
2    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.it
2    52.142.114.2 (None, )

ASN- ()
c.clarity.ms
1    2620:1ec:c11::200 (None, )

ASN- ()
c.bing.com
Apex Domain
Subdomains		 Transfer
18 dam-health.com
app.dam-health.com
926 KB
10 esvalabs.com
urlsand.esvalabs.com — Cisco Umbrella Rank: 454673
405 KB
6 stripe.com
js.stripe.com — Cisco Umbrella Rank: 2561
q.stripe.com — Cisco Umbrella Rank: 14128
m.stripe.com — Cisco Umbrella Rank: 2153
74 KB
5 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1591
f.clarity.ms — Cisco Umbrella Rank: 2798
c.clarity.ms
25 KB
2 google.it
www.google.it — Cisco Umbrella Rank: 13675
655 B
2 google.com
www.google.com — Cisco Umbrella Rank: 20
655 B
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 65
stats.g.doubleclick.net — Cisco Umbrella Rank: 175
2 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
20 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 2747
18 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 341
12 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 574
5 KB
2 gstatic.com
fonts.gstatic.com
60 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 111
2 KB
1 bing.com
c.bing.com
555 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 126
15 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 142
50 KB
1 klclick3.com
trk.klclick3.com — Cisco Umbrella Rank: 43308
359 B
57 17
Domain Requested by
18 app.dam-health.com urlsand.esvalabs.com
app.dam-health.com
10 urlsand.esvalabs.com 1 redirects urlsand.esvalabs.com
3 js.stripe.com app.dam-health.com
js.stripe.com
2 c.clarity.ms 1 redirects
2 www.google.it app.dam-health.com
2 www.google.com app.dam-health.com
2 f.clarity.ms www.clarity.ms
f.clarity.ms
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 m.stripe.network js.stripe.com
m.stripe.network
2 q.stripe.com urlsand.esvalabs.com
2 cdnjs.cloudflare.com app.dam-health.com
2 cdn.jsdelivr.net app.dam-health.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com urlsand.esvalabs.com
app.dam-health.com
1 c.bing.com 1 redirects
1 m.stripe.com m.stripe.network
1 stats.g.doubleclick.net www.google-analytics.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.googleadservices.com www.googletagmanager.com
1 www.googletagmanager.com app.dam-health.com
1 www.clarity.ms app.dam-health.com
1 trk.klclick3.com 1 redirects
57 22

This site contains no links.

Subject Issuer Validity Valid
esvalabs.com
R3		 2022-05-09 -
2022-08-07		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
*.dam-health.com
E1		 2022-04-18 -
2022-07-17		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-03 -
2022-07-02		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2022-04-19 -
2022-08-05		 4 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-27 -
2023-02-27		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2022-06-09		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
a.clarity.ms
Microsoft RSA TLS CA 01		 2021-07-27 -
2022-07-27		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-11 -
2022-08-03		 4 months crt.sh
www.google.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
*.google.it
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Frame ID: F822D92505F7E71D88041469A2026873
Requests: 50 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-08a68483638f1673180e789f690b2a14.html
Frame ID: C4716C4E3B8C8E6F54449C0601555DE9
Requests: 3 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 9C89D6C407C416387DD26460C31EDCBA
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

DAM Health

Page URL History Show full URLs

  1. https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSD... HTTP 302
    https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSD... Page URL
  2. https://trk.klclick3.com/ls/click?upn=tgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdU... HTTP 302
    https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPF... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • blazor\.server\.js
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

57
Requests

98 %
HTTPS

64 %
IPv6

17
Domains

22
Subdomains

20
IPs

4
Countries

1614 kB
Transfer

4023 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jhn0x1Pe1-2F-2BCMcLQlgm32to5IOivOSZdJ8-2BSHIvrRSN_Z4nllQV2sLbvIe2xKPPf8v5u8jLwN2UAcZEgkH0O6V8l8-2FU65STavBx8d-2F-2BztyZPJ83WAkg-2BqPgTarSmoHcd-2Bht2DnpK9gi0CxfyxtKmqeYRHlJdKt28mwQZkq-2FBNwJmkmMLdbyOt7XecyM7tOe1e1VHh7GpqcWK3jCIsZ-2F-2BclUqc5c6dx9DTDuwvJmtJAzXZs6NGaf-2B9jx2Ar2BFTHf4eNGo9dT3eXRpi83ouCGhVZRLaeX9-2FeruXpZb8rLuEenAds5dDGLS9wyHr1jdONREvwyCMlizMp5HtWw7LIPyUNDr4mjLZpY2PglS3EtcFQc5zbpQdxntfNQQgTpfQ73OwAs6O0i3YfZ3qLQwx1eowkk0Rx4UJoqmLS8muobqPBpDnXwQo1T4i7IjViOBgi2nw-3D-3D&e=d02f10fa&h=16457eb4&f=y&p=y HTTP 302
    https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jhn0x1Pe1-2F-2BCMcLQlgm32to5IOivOSZdJ8-2BSHIvrRSN_Z4nllQV2sLbvIe2xKPPf8v5u8jLwN2UAcZEgkH0O6V8l8-2FU65STavBx8d-2F-2BztyZPJ83WAkg-2BqPgTarSmoHcd-2Bht2DnpK9gi0CxfyxtKmqeYRHlJdKt28mwQZkq-2FBNwJmkmMLdbyOt7XecyM7tOe1e1VHh7GpqcWK3jCIsZ-2F-2BclUqc5c6dx9DTDuwvJmtJAzXZs6NGaf-2B9jx2Ar2BFTHf4eNGo9dT3eXRpi83ouCGhVZRLaeX9-2FeruXpZb8rLuEenAds5dDGLS9wyHr1jdONREvwyCMlizMp5HtWw7LIPyUNDr4mjLZpY2PglS3EtcFQc5zbpQdxntfNQQgTpfQ73OwAs6O0i3YfZ3qLQwx1eowkk0Rx4UJoqmLS8muobqPBpDnXwQo1T4i7IjViOBgi2nw-3D-3D&e=d02f10fa&h=16457eb4&f=y&p=y&l=1 Page URL
  2. https://trk.klclick3.com/ls/click?upn=tgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jhn0x1Pe1-2F-2BCMcLQlgm32to5IOivOSZdJ8-2BSHIvrRSN_Z4nllQV2sLbvIe2xKPPf8v5u8jLwN2UAcZEgkH0O6V8l8-2FU65STavBx8d-2F-2BztyZPJ83WAkg-2BqPgTarSmoHcd-2Bht2DnpK9gi0CxfyxtKmqeYRHlJdKt28mwQZkq-2FBNwJmkmMLdbyOt7XecyM7tOe1e1VHh7GpqcWK3jCIsZ-2F-2BclUqc5c6dx9DTDuwvJmtJAzXZs6NGaf-2B9jx2Ar2BFTHf4eNGo9dT3eXRpi83ouCGhVZRLaeX9-2FeruXpZb8rLuEenAds5dDGLS9wyHr1jdONREvwyCMlizMp5HtWw7LIPyUNDr4mjLZpY2PglS3EtcFQc5zbpQdxntfNQQgTpfQ73OwAs6O0i3YfZ3qLQwx1eowkk0Rx4UJoqmLS8muobqPBpDnXwQo1T4i7IjViOBgi2nw-3D-3D HTTP 302
    https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jhn0x1Pe1-2F-2BCMcLQlgm32to5IOivOSZdJ8-2BSHIvrRSN_Z4nllQV2sLbvIe2xKPPf8v5u8jLwN2UAcZEgkH0O6V8l8-2FU65STavBx8d-2F-2BztyZPJ83WAkg-2BqPgTarSmoHcd-2Bht2DnpK9gi0CxfyxtKmqeYRHlJdKt28mwQZkq-2FBNwJmkmMLdbyOt7XecyM7tOe1e1VHh7GpqcWK3jCIsZ-2F-2BclUqc5c6dx9DTDuwvJmtJAzXZs6NGaf-2B9jx2Ar2BFTHf4eNGo9dT3eXRpi83ouCGhVZRLaeX9-2FeruXpZb8rLuEenAds5dDGLS9wyHr1jdONREvwyCMlizMp5HtWw7LIPyUNDr4mjLZpY2PglS3EtcFQc5zbpQdxntfNQQgTpfQ73OwAs6O0i3YfZ3qLQwx1eowkk0Rx4UJoqmLS8muobqPBpDnXwQo1T4i7IjViOBgi2nw-3D-3D&e=d02f10fa&h=16457eb4&f=y&p=y HTTP 302
  • https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jhn0x1Pe1-2F-2BCMcLQlgm32to5IOivOSZdJ8-2BSHIvrRSN_Z4nllQV2sLbvIe2xKPPf8v5u8jLwN2UAcZEgkH0O6V8l8-2FU65STavBx8d-2F-2BztyZPJ83WAkg-2BqPgTarSmoHcd-2Bht2DnpK9gi0CxfyxtKmqeYRHlJdKt28mwQZkq-2FBNwJmkmMLdbyOt7XecyM7tOe1e1VHh7GpqcWK3jCIsZ-2F-2BclUqc5c6dx9DTDuwvJmtJAzXZs6NGaf-2B9jx2Ar2BFTHf4eNGo9dT3eXRpi83ouCGhVZRLaeX9-2FeruXpZb8rLuEenAds5dDGLS9wyHr1jdONREvwyCMlizMp5HtWw7LIPyUNDr4mjLZpY2PglS3EtcFQc5zbpQdxntfNQQgTpfQ73OwAs6O0i3YfZ3qLQwx1eowkk0Rx4UJoqmLS8muobqPBpDnXwQo1T4i7IjViOBgi2nw-3D-3D&e=d02f10fa&h=16457eb4&f=y&p=y&l=1
Request Chain 54
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=0397B7B431B14F819ACC1A1C82C330A0&RedC=c.clarity.ms&MXFR=3F4B822A5F6E670E38F1938A5B6E69F2 HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=0397B7B431B14F819ACC1A1C82C330A0&MUID=2664978D2BC264D6141C862D2AB5657F

57 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
urlsand.esvalabs.com/
Redirect Chain
  • https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2...
  • https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2...
6 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jhn0x1Pe1-2F-2BCMcLQlgm32to5IOivOSZdJ8-2BSHIvrRSN_Z4nllQV2sLbvIe2xKPPf8v5u8jLwN2UAcZEgkH0O6V8l8-2FU65STavBx8d-2F-2BztyZPJ83WAkg-2BqPgTarSmoHcd-2Bht2DnpK9gi0CxfyxtKmqeYRHlJdKt28mwQZkq-2FBNwJmkmMLdbyOt7XecyM7tOe1e1VHh7GpqcWK3jCIsZ-2F-2BclUqc5c6dx9DTDuwvJmtJAzXZs6NGaf-2B9jx2Ar2BFTHf4eNGo9dT3eXRpi83ouCGhVZRLaeX9-2FeruXpZb8rLuEenAds5dDGLS9wyHr1jdONREvwyCMlizMp5HtWw7LIPyUNDr4mjLZpY2PglS3EtcFQc5zbpQdxntfNQQgTpfQ73OwAs6O0i3YfZ3qLQwx1eowkk0Rx4UJoqmLS8muobqPBpDnXwQo1T4i7IjViOBgi2nw-3D-3D&e=d02f10fa&h=16457eb4&f=y&p=y&l=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.110.136.136 Ponte San Pietro, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
net-80-211-49-112.cust.vodafonedsl.it
Software
nginx /
Resource Hash
f2053a1d0fd885c22858bdf85f379b2be45b659315ff08413fdca0cf933e9b8a
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

cache-control
no-cache, private
content-security-policy
default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
content-type
text/html; charset=UTF-8
date
Tue, 10 May 2022 13:52:35 GMT
feature-policy
fullscreen 'self'
referrer-policy
strict-origin
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-cache, private
content-security-policy
default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
content-type
text/html; charset=UTF-8
date
Tue, 10 May 2022 13:52:35 GMT
feature-policy
fullscreen 'self'
location
//urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jhn0x1Pe1-2F-2BCMcLQlgm32to5IOivOSZdJ8-2BSHIvrRSN_Z4nllQV2sLbvIe2xKPPf8v5u8jLwN2UAcZEgkH0O6V8l8-2FU65STavBx8d-2F-2BztyZPJ83WAkg-2BqPgTarSmoHcd-2Bht2DnpK9gi0CxfyxtKmqeYRHlJdKt28mwQZkq-2FBNwJmkmMLdbyOt7XecyM7tOe1e1VHh7GpqcWK3jCIsZ-2F-2BclUqc5c6dx9DTDuwvJmtJAzXZs6NGaf-2B9jx2Ar2BFTHf4eNGo9dT3eXRpi83ouCGhVZRLaeX9-2FeruXpZb8rLuEenAds5dDGLS9wyHr1jdONREvwyCMlizMp5HtWw7LIPyUNDr4mjLZpY2PglS3EtcFQc5zbpQdxntfNQQgTpfQ73OwAs6O0i3YfZ3qLQwx1eowkk0Rx4UJoqmLS8muobqPBpDnXwQo1T4i7IjViOBgi2nw-3D-3D&e=d02f10fa&h=16457eb4&f=y&p=y&l=1
referrer-policy
strict-origin
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
urlsandbox.css
urlsand.esvalabs.com/templates/default/css/ 		184 KB
184 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://urlsand.esvalabs.com/templates/default/css/urlsandbox.css
Requested by
Host: urlsand.esvalabs.com
URL: https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jhn0x1Pe1-2F-2BCMcLQlgm32to5IOivOSZdJ8-2BSHIvrRSN_Z4nllQV2sLbvIe2xKPPf8v5u8jLwN2UAcZEgkH0O6V8l8-2FU65STavBx8d-2F-2BztyZPJ83WAkg-2BqPgTarSmoHcd-2Bht2DnpK9gi0CxfyxtKmqeYRHlJdKt28mwQZkq-2FBNwJmkmMLdbyOt7XecyM7tOe1e1VHh7GpqcWK3jCIsZ-2F-2BclUqc5c6dx9DTDuwvJmtJAzXZs6NGaf-2B9jx2Ar2BFTHf4eNGo9dT3eXRpi83ouCGhVZRLaeX9-2FeruXpZb8rLuEenAds5dDGLS9wyHr1jdONREvwyCMlizMp5HtWw7LIPyUNDr4mjLZpY2PglS3EtcFQc5zbpQdxntfNQQgTpfQ73OwAs6O0i3YfZ3qLQwx1eowkk0Rx4UJoqmLS8muobqPBpDnXwQo1T4i7IjViOBgi2nw-3D-3D&e=d02f10fa&h=16457eb4&f=y&p=y&l=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.110.136.136 Ponte San Pietro, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
net-80-211-49-112.cust.vodafonedsl.it
Software
nginx /
Resource Hash
3661b0abad108b1e162b750119e065a1bc24b379ed4371a0daf807ee3567534c
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://urlsand.esvalabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 13:52:35 GMT
referrer-policy
strict-origin
last-modified
Fri, 06 May 2022 06:43:20 GMT
server
nginx
etag
"6274c388-2df7e"
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
feature-policy
fullscreen 'self'
content-security-policy
default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
188286
x-content-type-options
nosniff
urlsand.css
urlsand.esvalabs.com/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://urlsand.esvalabs.com/css/urlsand.css
Requested by
Host: urlsand.esvalabs.com
URL: https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jhn0x1Pe1-2F-2BCMcLQlgm32to5IOivOSZdJ8-2BSHIvrRSN_Z4nllQV2sLbvIe2xKPPf8v5u8jLwN2UAcZEgkH0O6V8l8-2FU65STavBx8d-2F-2BztyZPJ83WAkg-2BqPgTarSmoHcd-2Bht2DnpK9gi0CxfyxtKmqeYRHlJdKt28mwQZkq-2FBNwJmkmMLdbyOt7XecyM7tOe1e1VHh7GpqcWK3jCIsZ-2F-2BclUqc5c6dx9DTDuwvJmtJAzXZs6NGaf-2B9jx2Ar2BFTHf4eNGo9dT3eXRpi83ouCGhVZRLaeX9-2FeruXpZb8rLuEenAds5dDGLS9wyHr1jdONREvwyCMlizMp5HtWw7LIPyUNDr4mjLZpY2PglS3EtcFQc5zbpQdxntfNQQgTpfQ73OwAs6O0i3YfZ3qLQwx1eowkk0Rx4UJoqmLS8muobqPBpDnXwQo1T4i7IjViOBgi2nw-3D-3D&e=d02f10fa&h=16457eb4&f=y&p=y&l=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.110.136.136 Ponte San Pietro, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
net-80-211-49-112.cust.vodafonedsl.it
Software
nginx /
Resource Hash
fb55650bbb7a33af4f2925696ef0765dc57aaeeadadad1193969554f07d0f957
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://urlsand.esvalabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 13:52:35 GMT
referrer-policy
strict-origin
last-modified
Fri, 06 May 2022 06:43:19 GMT
server
nginx
etag
"6274c387-6db"
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
feature-policy
fullscreen 'self'
content-security-policy
default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
1755
x-content-type-options
nosniff
logo.png
urlsand.esvalabs.com/templates/default/img/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://urlsand.esvalabs.com/templates/default/img/logo.png
Requested by
Host: urlsand.esvalabs.com
URL: https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jhn0x1Pe1-2F-2BCMcLQlgm32to5IOivOSZdJ8-2BSHIvrRSN_Z4nllQV2sLbvIe2xKPPf8v5u8jLwN2UAcZEgkH0O6V8l8-2FU65STavBx8d-2F-2BztyZPJ83WAkg-2BqPgTarSmoHcd-2Bht2DnpK9gi0CxfyxtKmqeYRHlJdKt28mwQZkq-2FBNwJmkmMLdbyOt7XecyM7tOe1e1VHh7GpqcWK3jCIsZ-2F-2BclUqc5c6dx9DTDuwvJmtJAzXZs6NGaf-2B9jx2Ar2BFTHf4eNGo9dT3eXRpi83ouCGhVZRLaeX9-2FeruXpZb8rLuEenAds5dDGLS9wyHr1jdONREvwyCMlizMp5HtWw7LIPyUNDr4mjLZpY2PglS3EtcFQc5zbpQdxntfNQQgTpfQ73OwAs6O0i3YfZ3qLQwx1eowkk0Rx4UJoqmLS8muobqPBpDnXwQo1T4i7IjViOBgi2nw-3D-3D&e=d02f10fa&h=16457eb4&f=y&p=y&l=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.110.136.136 Ponte San Pietro, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
net-80-211-49-112.cust.vodafonedsl.it
Software
nginx /
Resource Hash
81793beb150a889b0d407981e2c19a362cd56dead1445af5d314c7117d885ffc
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://urlsand.esvalabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 13:52:35 GMT
referrer-policy
strict-origin
last-modified
Fri, 06 May 2022 06:43:20 GMT
server
nginx
etag
"6274c388-4b25"
x-frame-options
SAMEORIGIN
content-type
image/png
x-xss-protection
1; mode=block
feature-policy
fullscreen 'self'
content-security-policy
default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
19237
x-content-type-options
nosniff
polyfill.js
urlsand.esvalabs.com/js/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://urlsand.esvalabs.com/js/polyfill.js
Requested by
Host: urlsand.esvalabs.com
URL: https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jhn0x1Pe1-2F-2BCMcLQlgm32to5IOivOSZdJ8-2BSHIvrRSN_Z4nllQV2sLbvIe2xKPPf8v5u8jLwN2UAcZEgkH0O6V8l8-2FU65STavBx8d-2F-2BztyZPJ83WAkg-2BqPgTarSmoHcd-2Bht2DnpK9gi0CxfyxtKmqeYRHlJdKt28mwQZkq-2FBNwJmkmMLdbyOt7XecyM7tOe1e1VHh7GpqcWK3jCIsZ-2F-2BclUqc5c6dx9DTDuwvJmtJAzXZs6NGaf-2B9jx2Ar2BFTHf4eNGo9dT3eXRpi83ouCGhVZRLaeX9-2FeruXpZb8rLuEenAds5dDGLS9wyHr1jdONREvwyCMlizMp5HtWw7LIPyUNDr4mjLZpY2PglS3EtcFQc5zbpQdxntfNQQgTpfQ73OwAs6O0i3YfZ3qLQwx1eowkk0Rx4UJoqmLS8muobqPBpDnXwQo1T4i7IjViOBgi2nw-3D-3D&e=d02f10fa&h=16457eb4&f=y&p=y&l=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.110.136.136 Ponte San Pietro, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
net-80-211-49-112.cust.vodafonedsl.it
Software
nginx /
Resource Hash
b5ddb60604ac7c649070dc629ab1729ddfc0927463b3891d0d6c7d1b18419738
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://urlsand.esvalabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 13:52:35 GMT
referrer-policy
strict-origin
last-modified
Fri, 06 May 2022 06:43:19 GMT
server
nginx
etag
"6274c387-4e3"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
feature-policy
fullscreen 'self'
content-security-policy
default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
1251
x-content-type-options
nosniff
helper.js
urlsand.esvalabs.com/js/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://urlsand.esvalabs.com/js/helper.js
Requested by
Host: urlsand.esvalabs.com
URL: https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jhn0x1Pe1-2F-2BCMcLQlgm32to5IOivOSZdJ8-2BSHIvrRSN_Z4nllQV2sLbvIe2xKPPf8v5u8jLwN2UAcZEgkH0O6V8l8-2FU65STavBx8d-2F-2BztyZPJ83WAkg-2BqPgTarSmoHcd-2Bht2DnpK9gi0CxfyxtKmqeYRHlJdKt28mwQZkq-2FBNwJmkmMLdbyOt7XecyM7tOe1e1VHh7GpqcWK3jCIsZ-2F-2BclUqc5c6dx9DTDuwvJmtJAzXZs6NGaf-2B9jx2Ar2BFTHf4eNGo9dT3eXRpi83ouCGhVZRLaeX9-2FeruXpZb8rLuEenAds5dDGLS9wyHr1jdONREvwyCMlizMp5HtWw7LIPyUNDr4mjLZpY2PglS3EtcFQc5zbpQdxntfNQQgTpfQ73OwAs6O0i3YfZ3qLQwx1eowkk0Rx4UJoqmLS8muobqPBpDnXwQo1T4i7IjViOBgi2nw-3D-3D&e=d02f10fa&h=16457eb4&f=y&p=y&l=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.110.136.136 Ponte San Pietro, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
net-80-211-49-112.cust.vodafonedsl.it
Software
nginx /
Resource Hash
6b9d2b61facecada8129475b245089790d9efb851a05fabc70ee2cb42c58d46b
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://urlsand.esvalabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 13:52:35 GMT
referrer-policy
strict-origin
last-modified
Fri, 06 May 2022 06:43:19 GMT
server
nginx
etag
"6274c387-d47"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
feature-policy
fullscreen 'self'
content-security-policy
default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
3399
x-content-type-options
nosniff
redirect.js
urlsand.esvalabs.com/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://urlsand.esvalabs.com/js/redirect.js
Requested by
Host: urlsand.esvalabs.com
URL: https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jhn0x1Pe1-2F-2BCMcLQlgm32to5IOivOSZdJ8-2BSHIvrRSN_Z4nllQV2sLbvIe2xKPPf8v5u8jLwN2UAcZEgkH0O6V8l8-2FU65STavBx8d-2F-2BztyZPJ83WAkg-2BqPgTarSmoHcd-2Bht2DnpK9gi0CxfyxtKmqeYRHlJdKt28mwQZkq-2FBNwJmkmMLdbyOt7XecyM7tOe1e1VHh7GpqcWK3jCIsZ-2F-2BclUqc5c6dx9DTDuwvJmtJAzXZs6NGaf-2B9jx2Ar2BFTHf4eNGo9dT3eXRpi83ouCGhVZRLaeX9-2FeruXpZb8rLuEenAds5dDGLS9wyHr1jdONREvwyCMlizMp5HtWw7LIPyUNDr4mjLZpY2PglS3EtcFQc5zbpQdxntfNQQgTpfQ73OwAs6O0i3YfZ3qLQwx1eowkk0Rx4UJoqmLS8muobqPBpDnXwQo1T4i7IjViOBgi2nw-3D-3D&e=d02f10fa&h=16457eb4&f=y&p=y&l=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.110.136.136 Ponte San Pietro, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
net-80-211-49-112.cust.vodafonedsl.it
Software
nginx /
Resource Hash
1856e9eb336c1eb373538389dd55e7063d0c7598f2b1191c37c1bd1d7697c892
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://urlsand.esvalabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 13:52:35 GMT
referrer-policy
strict-origin
last-modified
Fri, 06 May 2022 06:43:19 GMT
server
nginx
etag
"6274c387-71a"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
feature-policy
fullscreen 'self'
content-security-policy
default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
1818
x-content-type-options
nosniff
urlsandbox-dark.css
urlsand.esvalabs.com/templates/default/css/ 		184 KB
184 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://urlsand.esvalabs.com/templates/default/css/urlsandbox-dark.css
Requested by
Host: urlsand.esvalabs.com
URL: https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jhn0x1Pe1-2F-2BCMcLQlgm32to5IOivOSZdJ8-2BSHIvrRSN_Z4nllQV2sLbvIe2xKPPf8v5u8jLwN2UAcZEgkH0O6V8l8-2FU65STavBx8d-2F-2BztyZPJ83WAkg-2BqPgTarSmoHcd-2Bht2DnpK9gi0CxfyxtKmqeYRHlJdKt28mwQZkq-2FBNwJmkmMLdbyOt7XecyM7tOe1e1VHh7GpqcWK3jCIsZ-2F-2BclUqc5c6dx9DTDuwvJmtJAzXZs6NGaf-2B9jx2Ar2BFTHf4eNGo9dT3eXRpi83ouCGhVZRLaeX9-2FeruXpZb8rLuEenAds5dDGLS9wyHr1jdONREvwyCMlizMp5HtWw7LIPyUNDr4mjLZpY2PglS3EtcFQc5zbpQdxntfNQQgTpfQ73OwAs6O0i3YfZ3qLQwx1eowkk0Rx4UJoqmLS8muobqPBpDnXwQo1T4i7IjViOBgi2nw-3D-3D&e=d02f10fa&h=16457eb4&f=y&p=y&l=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.110.136.136 Ponte San Pietro, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
net-80-211-49-112.cust.vodafonedsl.it
Software
nginx /
Resource Hash
b4b3a8838d9785f30af74c5697192dd2f05ab486e0e9ef9ea074f1e3e4829a9c
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://urlsand.esvalabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 13:52:35 GMT
referrer-policy
strict-origin
last-modified
Fri, 06 May 2022 06:43:20 GMT
server
nginx
etag
"6274c388-2dec3"
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
feature-policy
fullscreen 'self'
content-security-policy
default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
188099
x-content-type-options
nosniff
css
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400italic,700italic,400,700
Requested by
Host: urlsand.esvalabs.com
URL: https://urlsand.esvalabs.com/templates/default/css/urlsandbox.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
336b9e18c04ab729a2f86ee62eecd62674f1103e060b9fc91544dc8fe748c3d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://urlsand.esvalabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 10 May 2022 12:12:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 10 May 2022 13:52:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 10 May 2022 13:52:36 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400italic,700italic,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://urlsand.esvalabs.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 03 May 2022 22:45:07 GMT
x-content-type-options
nosniff
age
572849
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 22:03:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 May 2023 22:45:07 GMT
/
urlsand.esvalabs.com/ 		696 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jhn0x1Pe1-2F-2BCMcLQlgm32to5IOivOSZdJ8-2BSHIvrRSN_Z4nllQV2sLbvIe2xKPPf8v5u8jLwN2UAcZEgkH0O6V8l8-2FU65STavBx8d-2F-2BztyZPJ83WAkg-2BqPgTarSmoHcd-2Bht2DnpK9gi0CxfyxtKmqeYRHlJdKt28mwQZkq-2FBNwJmkmMLdbyOt7XecyM7tOe1e1VHh7GpqcWK3jCIsZ-2F-2BclUqc5c6dx9DTDuwvJmtJAzXZs6NGaf-2B9jx2Ar2BFTHf4eNGo9dT3eXRpi83ouCGhVZRLaeX9-2FeruXpZb8rLuEenAds5dDGLS9wyHr1jdONREvwyCMlizMp5HtWw7LIPyUNDr4mjLZpY2PglS3EtcFQc5zbpQdxntfNQQgTpfQ73OwAs6O0i3YfZ3qLQwx1eowkk0Rx4UJoqmLS8muobqPBpDnXwQo1T4i7IjViOBgi2nw-3D-3D&e=d02f10fa&h=16457eb4&f=y&p=y&l=2
Requested by
Host: urlsand.esvalabs.com
URL: https://urlsand.esvalabs.com/js/helper.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.110.136.136 Ponte San Pietro, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
net-80-211-49-112.cust.vodafonedsl.it
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://urlsand.esvalabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 13:52:37 GMT
referrer-policy
strict-origin
server
nginx
x-frame-options
SAMEORIGIN
content-type
application/json
x-xss-protection
1; mode=block
cache-control
no-cache, private
feature-policy
fullscreen 'self'
content-security-policy
default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
Primary Request createbookings
app.dam-health.com/
Redirect Chain
  • https://trk.klclick3.com/ls/click?upn=tgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jh...
  • https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
22 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Requested by
Host: urlsand.esvalabs.com
URL: https://urlsand.esvalabs.com/js/redirect.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:367d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bd2af8bbb60841130d8993fd6fe1a328b71cceb783a833b4199e4aa577b6eca

Request headers

Referer
https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jhn0x1Pe1-2F-2BCMcLQlgm32to5IOivOSZdJ8-2BSHIvrRSN_Z4nllQV2sLbvIe2xKPPf8v5u8jLwN2UAcZEgkH0O6V8l8-2FU65STavBx8d-2F-2BztyZPJ83WAkg-2BqPgTarSmoHcd-2Bht2DnpK9gi0CxfyxtKmqeYRHlJdKt28mwQZkq-2FBNwJmkmMLdbyOt7XecyM7tOe1e1VHh7GpqcWK3jCIsZ-2F-2BclUqc5c6dx9DTDuwvJmtJAzXZs6NGaf-2B9jx2Ar2BFTHf4eNGo9dT3eXRpi83ouCGhVZRLaeX9-2FeruXpZb8rLuEenAds5dDGLS9wyHr1jdONREvwyCMlizMp5HtWw7LIPyUNDr4mjLZpY2PglS3EtcFQc5zbpQdxntfNQQgTpfQ73OwAs6O0i3YfZ3qLQwx1eowkk0Rx4UJoqmLS8muobqPBpDnXwQo1T4i7IjViOBgi2nw-3D-3D&e=d02f10fa&h=16457eb4&f=y&p=y&l=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
7093280dbd3a59a7-MXP
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 10 May 2022 13:52:38 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare

Redirect headers

content-length
160
content-type
text/html; charset=utf-8
date
Tue, 10 May 2022 13:52:37 GMT
location
https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
server
nginx
via
1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
x-amz-cf-id
wHwtKw5O0u38eTX9Jz0HVYtB-Up3oaxvmhoUui9YuoDhwwJbbJCnDQ==
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
x-robots-tag
noindex, nofollow
site.css
app.dam-health.com/css/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.dam-health.com/css/site.css
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:367d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58ae26e890e14f275e972b734698f027b0bdef95740e6a7e08c6782d1a78f287

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 13:52:38 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Fri, 06 May 2022 06:12:00 GMT
server
cloudflare
etag
W/"1d861103260f029"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache
cf-polished
origSize=18473
cf-ray
7093280e9f8f59a7-MXP
cf-bgj
minify
css
fonts.googleapis.com/ 		8 KB
828 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3fa49132cfd4ae80349a262b643fc4f9afa40c41a56032d7e05c3500f4ec9313
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 10 May 2022 13:13:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 10 May 2022 13:52:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 10 May 2022 13:52:38 GMT
MudBlazor.min.css
app.dam-health.com/_content/MudBlazor/ 		429 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.dam-health.com/_content/MudBlazor/MudBlazor.min.css?v=5.0.10
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:367d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
293f09d0d70a5f42427c86e4439ab21229f0e648aedd9d73f2f59868a411af54

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 13:52:38 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Fri, 06 May 2022 06:12:32 GMT
server
cloudflare
etag
W/"1d8611045753ba6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache
cf-ray
7093280e9f9959a7-MXP
default.css
cdn.jsdelivr.net/npm/mobile-drag-drop@2.3.0-rc.2/ 		260 B
988 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/mobile-drag-drop@2.3.0-rc.2/default.css
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78460a8d3512f692dd035f09657a924a9a44ff5053ba7107cb7fc51ce2986448
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 13:52:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
76220
x-jsd-version
2.3.0-rc.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19168-FRA, cache-cdg20724-CDG
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"104-2RPwG8pP5Fzg9LJq3RDrayzT0Io"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fuc%2Fh7F2A7lzVl2h%2BZA2E1Hz%2FtzBYH9xZ92SXoOuI0uO3I9yIkEpfu4lQ0rc5R9DbkF8rzFXA57gPzuVnR70sAh0oalgblcis1hMvRIddVToWnD7XtqO%2FiPgE4AvFjFjV2Hjo7a9WU7OHAiyaUM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
7093280f0e890f6e-MXP
access-control-expose-headers
*
default-base.css
app.dam-health.com/_content/Radzen.Blazor/css/ 		171 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.dam-health.com/_content/Radzen.Blazor/css/default-base.css
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:367d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2541adbf9880d55849e514e038587902dda461a8e4febc7e7d8d6925eb07d8dc

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 13:52:38 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Fri, 06 May 2022 06:12:39 GMT
server
cloudflare
etag
W/"1d86110499cb50a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache
cf-polished
origSize=200842
cf-ray
7093280e9f9b59a7-MXP
cf-bgj
minify
invisible.js
app.dam-health.com/cdn-cgi/challenge-platform/h/b/scripts/ 		45 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.dam-health.com/cdn-cgi/challenge-platform/h/b/scripts/invisible.js?ts=1652187600
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:367d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c76474ad3e27fc71162966fe85806b2387cc1c7677546994476a0ac9ec5433a9

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 13:52:38 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=604800, public
x-control-type-options
nosniff
cf-ray
70932810acb159a7-MXP
MudBlazor.min.js
app.dam-health.com/_content/MudBlazor/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.dam-health.com/_content/MudBlazor/MudBlazor.min.js?v=5.0.10
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:367d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7f84cfb80e3cf8b118e511442bc82caba2c0e47a0ac207f21d667498bca0dff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 13:52:38 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Fri, 06 May 2022 06:12:33 GMT
server
cloudflare
etag
W/"1d86110460c5643"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
cf-ray
7093280e9f9d59a7-MXP
Radzen.Blazor.js
app.dam-health.com/_content/Radzen.Blazor/ 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.dam-health.com/_content/Radzen.Blazor/Radzen.Blazor.js
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:367d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20d82b5fbe95218afe9d88a276f1233c5c6ec551321651b232a28518e684f83b

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 13:52:38 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Fri, 06 May 2022 06:12:35 GMT
server
cloudflare
etag
W/"1d86110473dd48e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
cf-polished
origSize=40718
cf-ray
7093280e9fa159a7-MXP
cf-bgj
minify
/
js.stripe.com/v3/ 		300 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
7c67115ac053fe29e0e25d6803a15ad0ef6e81b1b7ae5004aee19efc3548ed41
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
34
x-cache
HIT
content-length
72446
etag
"353095b6af95ced6f6fc34b3b8eda51c"
x-request-id
2f8248f7-29d9-4b04-816b-9aeedd96d6f3
x-served-by
cache-mxp6964-MXP
access-control-allow-origin
*
last-modified
Mon, 09 May 2022 20:27:51 GMT
server
Fastly
date
Tue, 10 May 2022 13:52:38 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
6
blazor.server.js
app.dam-health.com/_framework/ 		269 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.dam-health.com/_framework/blazor.server.js
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:367d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d86d118d53132256a69e07b133ff73c3c9d37877a4b4449bb0de792a8c73f8d1

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 13:52:38 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Thu, 15 Jul 2021 17:56:21 GMT
server
cloudflare
etag
W/"1d779a2b80d6355"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
cf-polished
origSize=275413
cf-ray
7093280e9fa259a7-MXP
cf-bgj
minify
protectedBrowserStorage.js
app.dam-health.com/_content/Microsoft.AspNetCore.ProtectedBrowserStorage/ 		210 B
249 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.dam-health.com/_content/Microsoft.AspNetCore.ProtectedBrowserStorage/protectedBrowserStorage.js
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:367d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd2bcb205da28f2725ed5344849a7c96aa79f845bc09b3558ef599ed88e6d75d

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 13:52:38 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Fri, 06 May 2022 06:12:30 GMT
server
cloudflare
etag
W/"1d861104442657d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
cf-polished
origSize=15997
cf-ray
7093280e9fa559a7-MXP
cf-bgj
minify
jquery.min.js
app.dam-health.com/scripts/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.dam-health.com/scripts/jquery.min.js
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:367d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3a518dea876de39f9e5dc1ffcdeb6c661aee25d8a62474386b664ef3bf1b40f

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 13:52:38 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Fri, 06 May 2022 06:12:11 GMT
server
cloudflare
etag
W/"1d8611038ee7d05"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
cf-ray
7093280e9fa659a7-MXP
html2pdf.bundle.js
app.dam-health.com/scripts/ 		559 KB
150 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.dam-health.com/scripts/html2pdf.bundle.js
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:367d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc128fd6f3e291c41c72421b8be392d274a7a16bddb377e7f40a3dcf74724821

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 13:52:38 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Fri, 06 May 2022 06:12:13 GMT
server
cloudflare
etag
W/"1d861103a2ae61c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
cf-polished
origSize=703132
cf-ray
7093280e9faa59a7-MXP
cf-bgj
minify
index.min.js
cdn.jsdelivr.net/npm/mobile-drag-drop@2.3.0-rc.2/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/mobile-drag-drop@2.3.0-rc.2/index.min.js
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de9f5cd8299bb2ba0384e79344bf545f74d498ff2085fe187ee4031267d9e83f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 13:52:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
fastly-original-body-size
3842
age
76220
x-jsd-version
2.3.0-rc.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19126-FRA, cache-cdg20729-CDG
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"29c5-VnwgYfLywwpMuAl6HfFqoynL3HE"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CT6gemXt2JBio4TuhusrrLeimPLpN3HwEDQW4GyDxNI4IM4pkWvNRdUUQeLdr22Jsq7LjRjAeHC%2Fz%2Fz%2FamqrovA2yRmDJvFDVyWVcBKHwIEEafEi29Cpmlc2HmXOTa4YNvH1POxqJSr5wq2NAxM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
7093280f0e8c0f6e-MXP
xlsx.full.min.js
app.dam-health.com/scripts/ 		917 KB
325 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.dam-health.com/scripts/xlsx.full.min.js
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:367d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bff01a76f15f0387a5dc5ee2bfa6ff8759520f574053b2a3088d68f797c9f66

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 13:52:38 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Fri, 06 May 2022 06:12:16 GMT
server
cloudflare
etag
W/"1d861103be47349"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
cf-ray
7093280e9fad59a7-MXP
FileSaver.js
cdnjs.cloudflare.com/ajax/libs/FileSaver.js/2.0.5/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/FileSaver.js/2.0.5/FileSaver.js
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6060c139808ad689ae6f055ea65eb8eaa90314fcceda72af727a369a7e69f263
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 13:52:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
13688238
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1960
timing-allow-origin
*
last-modified
Thu, 19 Nov 2020 15:31:13 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fb68fc1-1809"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qPVsOcqQY%2FNPGYMADEgYY6%2F4VoMIdd0M%2BNRSCHHSSmTK%2F1UGE10B8Zoz%2BitB30f3oY3B38MYRyo42tIT04TnHFrm%2BeViJmcJMbSUOK2T1YPSqm3R%2FaYjZMJD6zko2mEtuBS60YiHvSOABrS9Z%2F91d61O"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
7093280f08bc59a7-MXP
expires
Sun, 30 Apr 2023 13:52:38 GMT
tableexport.js
cdnjs.cloudflare.com/ajax/libs/TableExport/5.2.0/js/ 		39 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/TableExport/5.2.0/js/tableexport.js
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
499c2356e5692760d4ae5e42cf06988e7e74317d556645522ffbb29e6b6b5782
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 13:52:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
7749394
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9177
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:02 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03cf2-9aae"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QTNxhnX7RMmnPZy193S2V4Xk5G%2BE66ys3Wl8RiIDMw7rBIhGF9ufP4J%2Bqy3tsJQxKnr3fluRg0RJ8YaiyDrRrBvdIH6MzRa%2F8Utm1gfXL50837jJza1zZHeRzzDIpPrnv7MAA2D%2BeTUamYIDpj02AG7d"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
7093280f08be59a7-MXP
expires
Sun, 30 Apr 2023 13:52:38 GMT
open-iconic-bootstrap.min.css
app.dam-health.com/css/open-iconic/font/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.dam-health.com/css/open-iconic/font/css/open-iconic-bootstrap.min.css
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/css/site.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:367d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
049fc6f9efb2edb41dad8912d91053c8d7c11e903d22e19a3e67fd86db9be4c4

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/css/site.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 13:52:38 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Fri, 06 May 2022 06:13:00 GMT
server
cloudflare
etag
W/"1d861105623dab3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache
cf-ray
7093280f9a2e59a7-MXP
ao6oiy1hcp
www.clarity.ms/tag/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/ao6oiy1hcp
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:1784 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
79faeacd320b99bd5e4d7ebcbc06a03898f4e5b0828dfd6a821c1bda6529ed50

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 13:52:38 GMT
x-powered-by
ASP.NET
x-azure-ref
0Jm56YgAAAAD5s5T7GQn1S52h1fwTD1FkSVNUMzBFREdFMDIxNwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
request-context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
content-length
1167
expires
-1
gtm.js
www.googletagmanager.com/ 		130 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5F275K6
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e2e23d1ed296aed11f61622f1b2d95e58e43acc8643f866cfbdcb1e509b0d7bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 13:52:38 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50298
x-xss-protection
0
last-modified
Tue, 10 May 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 10 May 2022 13:52:38 GMT
negotiate
app.dam-health.com/_blazor/ 		316 B
277 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app.dam-health.com/_blazor/negotiate?negotiateVersion=1
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/_framework/blazor.server.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:367d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3aa0036a886c61df38ea0b980e525ff78842cbfe6f6af30dfeed9b79cb8b2d7

Request headers

Referer
https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
X-Requested-With
XMLHttpRequest
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
X-SignalR-User-Agent
Microsoft SignalR/0.0 (0.0.0-DEV_BUILD; Unknown OS; Browser; Unknown Runtime Version)
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 10 May 2022 13:52:38 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
70932810dd1859a7-MXP
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/json
m-outer-08a68483638f1673180e789f690b2a14.html
js.stripe.com/v3/ Frame C471 		240 B
552 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-08a68483638f1673180e789f690b2a14.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
eaf2bd3d92596d7daa1105013ab1a9df04c5638908c58a816aebedd3d299aefd
Security Headers
Name Value
Content-Security-Policy default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://app.dam-health.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
657223
cache-control
max-age=31536000
content-encoding
br
content-length
141
content-security-policy
default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 10 May 2022 13:52:38 GMT
etag
"08a68483638f1673180e789f690b2a14"
last-modified
Mon, 02 May 2022 23:16:40 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
158849
x-content-type-options
nosniff
x-request-id
33a432a8-b6b9-41b2-96b3-2a0afade5310
x-served-by
cache-mxp6964-MXP
pica.js
app.dam-health.com/cdn-cgi/challenge-platform/h/b/scripts/ 		22 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://app.dam-health.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:367d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a08022c6a50c7bc2fc7fcd3deeaddd69deaf761118a11800a5ef762bac15648b

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 13:52:38 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=604800, public
x-control-type-options
nosniff
cf-ray
709328117ec059a7-MXP
csp-report
q.stripe.com/ Frame C471 		0
570 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: urlsand.esvalabs.com
URL: https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jhn0x1Pe1-2F-2BCMcLQlgm32to5IOivOSZdJ8-2BSHIvrRSN_Z4nllQV2sLbvIe2xKPPf8v5u8jLwN2UAcZEgkH0O6V8l8-2FU65STavBx8d-2F-2BztyZPJ83WAkg-2BqPgTarSmoHcd-2Bht2DnpK9gi0CxfyxtKmqeYRHlJdKt28mwQZkq-2FBNwJmkmMLdbyOt7XecyM7tOe1e1VHh7GpqcWK3jCIsZ-2F-2BclUqc5c6dx9DTDuwvJmtJAzXZs6NGaf-2B9jx2Ar2BFTHf4eNGo9dT3eXRpi83ouCGhVZRLaeX9-2FeruXpZb8rLuEenAds5dDGLS9wyHr1jdONREvwyCMlizMp5HtWw7LIPyUNDr4mjLZpY2PglS3EtcFQc5zbpQdxntfNQQgTpfQ73OwAs6O0i3YfZ3qLQwx1eowkk0Rx4UJoqmLS8muobqPBpDnXwQo1T4i7IjViOBgi2nw-3D-3D&e=d02f10fa&h=16457eb4&f=y&p=y&l=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 10 May 2022 13:52:39 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
7
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
m-outer-a862395be942d34811e19def0b9ea803.js
js.stripe.com/v3/fingerprinted/js/ Frame C471 		1 KB
773 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-a862395be942d34811e19def0b9ea803.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-08a68483638f1673180e789f690b2a14.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
32efd3c886b0811738301f293d38482b2b18f34a7d2b5ed6dd197fd08c821815
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://js.stripe.com/v3/m-outer-08a68483638f1673180e789f690b2a14.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
46
x-cache
HIT
content-length
645
etag
"799080ebea6eade0766c4725741ce6bf"
x-request-id
0151b693-ae4b-4ed4-b7de-9d4f4dda29a2
x-served-by
cache-mxp6964-MXP
access-control-allow-origin
*
last-modified
Mon, 02 May 2022 23:16:41 GMT
server
Fastly
date
Tue, 10 May 2022 13:52:38 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
49
inner.html
m.stripe.network/ Frame 9C89 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-a862395be942d34811e19def0b9ea803.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.85.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-85-9.ams1.r.cloudfront.net
Software
Cloudfront /
Resource Hash
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

accept-ranges
bytes
age
68
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 10 May 2022 13:51:37 GMT
etag
"fc2e029628f163bb59adc6fa5a31161c"
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 9385401cebb473e4ed1da6c81b927c52.cloudfront.net (CloudFront)
x-amz-cf-id
-fxRYWcMFqPWDCtkoUBYqwUWDkXK9JlAGmqJyeU_q86ZN4U9vGl-VQ==
x-amz-cf-pop
AMS1-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5F275K6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
5609
date
Tue, 10 May 2022 12:19:09 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 10 May 2022 14:19:09 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5F275K6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
89ba0d4f6cf9500041778760fea24e37c6de04955c6a62b5435c64b600423749
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 13:52:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14865
x-xss-protection
0
server
cafe
etag
2710672821686371805
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 10 May 2022 13:52:38 GMT
7093280dbd3a59a7
app.dam-health.com/cdn-cgi/challenge-platform/h/b/cv/result/ 		2 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.dam-health.com/cdn-cgi/challenge-platform/h/b/cv/result/7093280dbd3a59a7
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/cdn-cgi/challenge-platform/h/b/scripts/invisible.js?ts=1652187600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:367d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 10 May 2022 13:52:39 GMT
content-encoding
gzip
server
cloudflare
cf-ray
70932813fd7459a7-MXP
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/plain; charset=UTF-8
csp-report
q.stripe.com/ Frame 9C89 		0
345 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: urlsand.esvalabs.com
URL: https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jhn0x1Pe1-2F-2BCMcLQlgm32to5IOivOSZdJ8-2BSHIvrRSN_Z4nllQV2sLbvIe2xKPPf8v5u8jLwN2UAcZEgkH0O6V8l8-2FU65STavBx8d-2F-2BztyZPJ83WAkg-2BqPgTarSmoHcd-2Bht2DnpK9gi0CxfyxtKmqeYRHlJdKt28mwQZkq-2FBNwJmkmMLdbyOt7XecyM7tOe1e1VHh7GpqcWK3jCIsZ-2F-2BclUqc5c6dx9DTDuwvJmtJAzXZs6NGaf-2B9jx2Ar2BFTHf4eNGo9dT3eXRpi83ouCGhVZRLaeX9-2FeruXpZb8rLuEenAds5dDGLS9wyHr1jdONREvwyCMlizMp5HtWw7LIPyUNDr4mjLZpY2PglS3EtcFQc5zbpQdxntfNQQgTpfQ73OwAs6O0i3YfZ3qLQwx1eowkk0Rx4UJoqmLS8muobqPBpDnXwQo1T4i7IjViOBgi2nw-3D-3D&e=d02f10fa&h=16457eb4&f=y&p=y&l=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Tue, 10 May 2022 13:52:39 GMT
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
7
x-robots-tag
none
content-length
0
x-content-type-options
nosniff
expires
0
out-4.5.42.js
m.stripe.network/ Frame 9C89 		86 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.42.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.85.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-85-9.ams1.r.cloudfront.net
Software
Cloudfront /
Resource Hash
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
266
x-cache
Hit from cloudfront
date
Tue, 10 May 2022 13:48:18 GMT
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
etag
W/"21df7244385e5c0bdf32da01d0dad6c0"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 9385401cebb473e4ed1da6c81b927c52.cloudfront.net (CloudFront)
cache-control
max-age=300, public
x-amz-cf-pop
AMS1-C1
timing-allow-origin
*
x-amz-cf-id
qOTfCd01olUXp4AxjbkkCDO07GOiOPw9cRmW9QRRvwsiwadvZHZYmQ==
clarity.js
f.clarity.ms/s/0.6.34/ 		53 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f.clarity.ms/s/0.6.34/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/ao6oiy1hcp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 13:52:39 GMT
content-encoding
br
etag
"1d85e80e187b254"
last-modified
Tue, 03 May 2022 00:01:04 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
accept-ranges
bytes
request-context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1785146899&t=pageview&_s=1&dl=https%3A%2F%2Fapp.dam-health.com%2Fcreatebookings%3FproductID%3D10012%26_kx%3DILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm&dr=https%3A%2F%2Furlsand.esvalabs.com%2F&ul=en-us&de=UTF-8&dt=DAM%20Health&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=307707682&gjid=1040053899&cid=72830433.1652190759&tid=UA-185774809-1&_gid=1737140970.1652190759&_r=1&gtm=2wg5905F275K6&z=1941911378
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://app.dam-health.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 10 May 2022 13:52:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.dam-health.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/457076487/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/457076487/?random=1652190759033&cv=9&fst=1652190759033&num=1&label=DW6NCNezmKoDEIfe-dkB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg590&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fapp.dam-health.com%2Fcreatebookings%3FproductID%3D10012%26_kx%3DILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm&ref=https%3A%2F%2Furlsand.esvalabs.com%2F&tiba=DAM%20Health&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1666ea0ec3413146a3e693468290852f7af00d17de242ccc73ef94aba6364147
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 May 2022 13:52:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1178
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-185774809-1&cid=72830433.1652190759&jid=307707682&gjid=1040053899&_gid=1737140970.1652190759&_u=YEBAAEAAAAAAAC~&z=897083445
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b4cd4f889e2c7dd71da12d2b0a29aa6346de2e5d8b3c882d7700d64c700f661d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://app.dam-health.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 10 May 2022 13:52:39 GMT
content-type
text/plain
access-control-allow-origin
https://app.dam-health.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
6
m.stripe.com/ Frame 9C89 		156 B
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.41.199.178 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-41-199-178.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
8335a9478328950698b2f386018752f87450598d5b4e3cd5d608b35a71bb4c27
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 10 May 2022 13:52:39 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
application/json;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
/
www.google.com/pagead/1p-user-list/457076487/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/457076487/?random=1652190759033&cv=9&fst=1652187600000&num=1&label=DW6NCNezmKoDEIfe-dkB&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg590&sendb=1&frm=0&url=https%3A%2F%2Fapp.dam-health.com%2Fcreatebookings%3FproductID%3D10012%26_kx%3DILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm&ref=https%3A%2F%2Furlsand.esvalabs.com%2F&tiba=DAM%20Health&async=1&fmt=3&is_vtc=1&random=2178649453&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 May 2022 13:52:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.it/pagead/1p-user-list/457076487/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.it/pagead/1p-user-list/457076487/?random=1652190759033&cv=9&fst=1652187600000&num=1&label=DW6NCNezmKoDEIfe-dkB&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg590&sendb=1&frm=0&url=https%3A%2F%2Fapp.dam-health.com%2Fcreatebookings%3FproductID%3D10012%26_kx%3DILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm&ref=https%3A%2F%2Furlsand.esvalabs.com%2F&tiba=DAM%20Health&async=1&fmt=3&is_vtc=1&random=2178649453&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 May 2022 13:52:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
logoDam.png
app.dam-health.com/images/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.dam-health.com/images/logoDam.png
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:367d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
923abde875568ae7cbcae0053f41dd38ac7650475ea9c0c6332ae38805f109f2

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 13:52:39 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 06 May 2022 06:12:07 GMT
server
cloudflare
etag
"1d86110368cfaf6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
cf-ray
7093281528a159a7-MXP
content-length
12150
Oakes.ttf
app.dam-health.com/fonts/ 		231 KB
231 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.dam-health.com/fonts/Oakes.ttf
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/css/site.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:367d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
515f70ce3d03819a65e1696c947edcb97140fe6f390d8487fd2a5ed1e89835d7

Request headers

Referer
https://app.dam-health.com/css/site.css
Origin
https://app.dam-health.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 13:52:39 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 06 May 2022 06:12:04 GMT
server
cloudflare
etag
"1d8611034c088f0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-font-ttf
cache-control
no-cache
accept-ranges
bytes
cf-ray
7093281528b159a7-MXP
content-length
236272
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://app.dam-health.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 01:46:21 GMT
x-content-type-options
nosniff
age
389178
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 May 2023 01:46:21 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-185774809-1&cid=72830433.1652190759&jid=307707682&_u=YEBAAEAAAAAAAC~&z=916448892
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 May 2022 13:52:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.it/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.it/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-185774809-1&cid=72830433.1652190759&jid=307707682&_u=YEBAAEAAAAAAAC~&z=916448892
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 May 2022 13:52:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=0397B7B431B14F819ACC1A1C82C330A0&RedC=c.clarity.ms&MXFR=3F4B822A5F6E670E38F1938A5B6E69F2
  • https://c.clarity.ms/c.gif?CtsSyncId=0397B7B431B14F819ACC1A1C82C330A0&MUID=2664978D2BC264D6141C862D2AB5657F
42 B
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=0397B7B431B14F819ACC1A1C82C330A0&MUID=2664978D2BC264D6141C862D2AB5657F
Protocol
H2
Server
52.142.114.2 -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 May 2022 13:52:39 GMT
last-modified
Fri, 18 Mar 2022 19:39:54 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"8120eaf0ff3ad81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 10 May 2022 13:52:40 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5AFE81FB835B4A5EB3DE425F58400261 Ref B: MIL30EDGE1405 Ref C: 2022-05-10T13:52:40Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=0397B7B431B14F819ACC1A1C82C330A0&MUID=2664978D2BC264D6141C862D2AB5657F
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
collect
f.clarity.ms/ 		0
72 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://f.clarity.ms/collect
Requested by
Host: f.clarity.ms
URL: https://f.clarity.ms/s/0.6.34/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://app.dam-health.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin
https://app.dam-health.com
date
Tue, 10 May 2022 13:52:39 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

Verdicts & Comments Add Verdict or Comment

94 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails function| clarity object| dataLayer function| mudHandlePortal function| mudGetAnchorStyle function| mudCorrectAnchorBoundaries function| mudShallowClone object| mudElementRef object| mudThrottledEventManager object| mudEventProjections function| getTabbableElements function| serializeParameter object| mudResizeListener object| mudResizeObserver object| mudScrollListener object| mudScrollManager object| mudScrollSpy object| mudWindow object| resolveCallbacks object| rejectCallbacks object| Radzen object| __webpackStripeJSv3Jsonp function| Stripe object| DotNet object| Blazor function| setImmediate function| clearImmediate object| protectedBrowserStorage function| $ function| jQuery function| ChoiceField function| ListBox function| ComboBox function| EditBox function| Button function| PushButton function| RadioButton function| CheckBox function| TextField function| PasswordField object| AcroForm function| _jzlib_Deflater function| Deflater function| RGBColor function| PNG function| html2pdf object| MobileDragDrop boolean| DO_NOT_EXPORT_CODEPAGE boolean| DO_NOT_EXPORT_JSZIP object| cptable object| XLSX function| make_xlsx_lib object| XLS object| ODS function| JSZipSync function| saveAs object| FileSaver function| TableExport object| GLOBAL object| stripe function| triggerFileDownload function| reloadapplication function| SetDotnetReference function| togglemenu function| stripeCheckout function| viewInStripe function| getDimensions function| addClickEvents function| reloadSchedulerData function| getGeoLocations function| createNavigationList function| scrollToDate function| scrollToControl function| scrollToTop function| setChipSetMargin function| adjustHeight function| downloadReport function| downloadTable function| downloadCertificate object| __CF$cv$params object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO

12 Cookies

Domain/Path Name / Value
app.dam-health.com/ Name: .AspNetCore.Culture
Value: c%3Den-GB%7Cuic%3Den-GB
.dam-health.com/ Name: _gcl_au
Value: 1.1.1244580969.1652190759
www.clarity.ms/ Name: CLID
Value: 97e262bcb53948d18d7ebbef597545c2.20220510.20230510
.dam-health.com/ Name: _ga
Value: GA1.2.72830433.1652190759
.dam-health.com/ Name: _gid
Value: GA1.2.1737140970.1652190759
.dam-health.com/ Name: _gat_UA-185774809-1
Value: 1
.dam-health.com/ Name: __cf_bm
Value: xSIRL_Wk4UNpT3.h9CiBkyGbJ8q2nl6Uu.ZvfdH1Ba0-1652190759-0-AQni0iFPC8p2mRcWn32y9LFchwOIlBJj3Xyrsf0e8xEclcJmiIfb0iYX1HFpugVnyfoJr4GlW2LpFPNo/WapsIU1MWiXstWy+Yb9KhY4k0w0AE89xXF/3cXBdlFTbE8Y0A==
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.dam-health.com/ Name: _clck
Value: o483o9|1|f1c|0
m.stripe.com/ Name: m
Value: 6be63972-4205-41b2-98fc-2de85e314b77ea355f
.app.dam-health.com/ Name: __stripe_mid
Value: 3aac48ad-9e58-4dde-87e7-b8e67727ca948b720e
.app.dam-health.com/ Name: __stripe_sid
Value: b04fb370-e30a-486c-8111-080859548b3902e5ae

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.dam-health.com
c.bing.com
c.clarity.ms
cdn.jsdelivr.net
cdnjs.cloudflare.com
f.clarity.ms
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.stripe.com
m.stripe.com
m.stripe.network
q.stripe.com
stats.g.doubleclick.net
trk.klclick3.com
urlsand.esvalabs.com
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.it
www.googleadservices.com
www.googletagmanager.com
142.250.186.130
151.101.0.176
20.84.22.197
2600:9000:206f:e00:9:ec94:b800:93a1
2606:4700:10::6816:367d
2606:4700::6810:5614
2606:4700::6811:190e
2620:1ec:27::cafe:1784
2620:1ec:c11::200
2a00:1450:4001:802::2008
2a00:1450:4001:80e::2004
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2003
2a00:1450:4001:830::200a
2a00:1450:400c:c07::9c
52.142.114.2
52.41.199.178
54.187.119.242
65.9.85.9
95.110.136.136
049fc6f9efb2edb41dad8912d91053c8d7c11e903d22e19a3e67fd86db9be4c4
1666ea0ec3413146a3e693468290852f7af00d17de242ccc73ef94aba6364147
1856e9eb336c1eb373538389dd55e7063d0c7598f2b1191c37c1bd1d7697c892
20d82b5fbe95218afe9d88a276f1233c5c6ec551321651b232a28518e684f83b
2541adbf9880d55849e514e038587902dda461a8e4febc7e7d8d6925eb07d8dc
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
293f09d0d70a5f42427c86e4439ab21229f0e648aedd9d73f2f59868a411af54
2bff01a76f15f0387a5dc5ee2bfa6ff8759520f574053b2a3088d68f797c9f66
32efd3c886b0811738301f293d38482b2b18f34a7d2b5ed6dd197fd08c821815
336b9e18c04ab729a2f86ee62eecd62674f1103e060b9fc91544dc8fe748c3d0
3661b0abad108b1e162b750119e065a1bc24b379ed4371a0daf807ee3567534c
3fa49132cfd4ae80349a262b643fc4f9afa40c41a56032d7e05c3500f4ec9313
499c2356e5692760d4ae5e42cf06988e7e74317d556645522ffbb29e6b6b5782
515f70ce3d03819a65e1696c947edcb97140fe6f390d8487fd2a5ed1e89835d7
58ae26e890e14f275e972b734698f027b0bdef95740e6a7e08c6782d1a78f287
6060c139808ad689ae6f055ea65eb8eaa90314fcceda72af727a369a7e69f263
6b9d2b61facecada8129475b245089790d9efb851a05fabc70ee2cb42c58d46b
78460a8d3512f692dd035f09657a924a9a44ff5053ba7107cb7fc51ce2986448
79faeacd320b99bd5e4d7ebcbc06a03898f4e5b0828dfd6a821c1bda6529ed50
7c67115ac053fe29e0e25d6803a15ad0ef6e81b1b7ae5004aee19efc3548ed41
81793beb150a889b0d407981e2c19a362cd56dead1445af5d314c7117d885ffc
8335a9478328950698b2f386018752f87450598d5b4e3cd5d608b35a71bb4c27
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
89ba0d4f6cf9500041778760fea24e37c6de04955c6a62b5435c64b600423749
8bd2af8bbb60841130d8993fd6fe1a328b71cceb783a833b4199e4aa577b6eca
923abde875568ae7cbcae0053f41dd38ac7650475ea9c0c6332ae38805f109f2
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a08022c6a50c7bc2fc7fcd3deeaddd69deaf761118a11800a5ef762bac15648b
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
b4b3a8838d9785f30af74c5697192dd2f05ab486e0e9ef9ea074f1e3e4829a9c
b4cd4f889e2c7dd71da12d2b0a29aa6346de2e5d8b3c882d7700d64c700f661d
b5ddb60604ac7c649070dc629ab1729ddfc0927463b3891d0d6c7d1b18419738
b7f84cfb80e3cf8b118e511442bc82caba2c0e47a0ac207f21d667498bca0dff
c76474ad3e27fc71162966fe85806b2387cc1c7677546994476a0ac9ec5433a9
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d3a518dea876de39f9e5dc1ffcdeb6c661aee25d8a62474386b664ef3bf1b40f
d86d118d53132256a69e07b133ff73c3c9d37877a4b4449bb0de792a8c73f8d1
dd2bcb205da28f2725ed5344849a7c96aa79f845bc09b3558ef599ed88e6d75d
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de9f5cd8299bb2ba0384e79344bf545f74d498ff2085fe187ee4031267d9e83f
e2e23d1ed296aed11f61622f1b2d95e58e43acc8643f866cfbdcb1e509b0d7bd
e3aa0036a886c61df38ea0b980e525ff78842cbfe6f6af30dfeed9b79cb8b2d7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaf2bd3d92596d7daa1105013ab1a9df04c5638908c58a816aebedd3d299aefd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2053a1d0fd885c22858bdf85f379b2be45b659315ff08413fdca0cf933e9b8a
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
fb55650bbb7a33af4f2925696ef0765dc57aaeeadadad1193969554f07d0f957
fc128fd6f3e291c41c72421b8be392d274a7a16bddb377e7f40a3dcf74724821