urlscan.io logo urlscan.io
SecurityTrails logo

647-bw-frontend.test.davinci.care Open in urlscan Pro
35.195.84.203  Public Scan

Go To Rescan Add Verdict Report
URL: https://647-bw-frontend.test.davinci.care/
Submission: On November 28 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 3 countries across 10 domains to perform 31 HTTP transactions. The main IP is 35.195.84.203, located in Brussels, Belgium and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is 647-bw-frontend.test.davinci.care.
TLS certificate: Issued by WR1 on November 28th 2024. Valid for: 3 months.
This is the only time 647-bw-frontend.test.davinci.care was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 35.195.84.203 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
3 52.85.65.95 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.163 15169 (GOOGLE)
1 18.214.11.63 14618 (AMAZON-AES)
2 2a02:26f0:350... 20940 (AKAMAI-AS...)
3 216.198.54.3 209242 (CLOUDFLAR...)
1 216.198.53.3 209242 (CLOUDFLAR...)
2 2a02:26f0:710... 20940 (AKAMAI-AS...)
1 216.198.54.1 209242 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
31 14
11    35.195.84.203 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 203.84.195.35.bc.googleusercontent.com
647-bw-frontend.test.davinci.care
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    52.85.65.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-65-95.muc50.r.cloudfront.net
static.userback.io
3    2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    142.250.185.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f3.1e100.net
fonts.gstatic.com
1    18.214.11.63 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-11-63.compute-1.amazonaws.com
api.userback.io
2    2a02:26f0:3500:18::1724:a299 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
consent.cookiebot.com
3    216.198.54.3 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US)
static.zdassets.com
1    216.198.53.3 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US)
ekr.zdassets.com
2    2a02:26f0:7100:8a3::f09 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
consentcdn.cookiebot.com
imgsct.cookiebot.com
1    216.198.54.1 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US)
eltydavinci.zendesk.com
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
11 davinci.care
647-bw-frontend.test.davinci.care
2 MB
4 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 2270
ekr.zdassets.com — Cisco Umbrella Rank: 2553
270 KB
4 cookiebot.com
consent.cookiebot.com — Cisco Umbrella Rank: 4433
consentcdn.cookiebot.com — Cisco Umbrella Rank: 5051
imgsct.cookiebot.com — Cisco Umbrella Rank: 5232
35 KB
4 userback.io
static.userback.io — Cisco Umbrella Rank: 59428
api.userback.io — Cisco Umbrella Rank: 51037
195 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
242 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3353
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
1 zendesk.com
eltydavinci.zendesk.com
1 KB
1 gstatic.com
fonts.gstatic.com
27 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
31 10
Domain Requested by
11 647-bw-frontend.test.davinci.care 647-bw-frontend.test.davinci.care
3 static.zdassets.com www.googletagmanager.com
static.zdassets.com
3 www.googletagmanager.com 647-bw-frontend.test.davinci.care
www.googletagmanager.com
3 static.userback.io 647-bw-frontend.test.davinci.care
static.userback.io
2 consent.cookiebot.com www.googletagmanager.com
consent.cookiebot.com
1 region1.google-analytics.com www.googletagmanager.com
1 pagead2.googlesyndication.com www.googletagmanager.com
1 imgsct.cookiebot.com
1 eltydavinci.zendesk.com static.zdassets.com
1 consentcdn.cookiebot.com consent.cookiebot.com
1 ekr.zdassets.com static.zdassets.com
1 api.userback.io static.userback.io
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com 647-bw-frontend.test.davinci.care
31 14

This site contains no links.

Subject Issuer Validity Valid
647-bw-frontend.test.davinci.care
WR1		 2024-11-28 -
2025-02-26		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.userback.io
Amazon RSA 2048 M03		 2024-09-18 -
2025-10-16		 a year crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
consent.cookiebot.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-02-28 -
2025-02-27		 a year crt.sh
zdassets.com
WE1		 2024-11-03 -
2025-02-01		 3 months crt.sh
*.cookiebot.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-02-26 -
2025-02-26		 a year crt.sh
eltydavinci.zendesk.com
E6		 2024-10-29 -
2025-01-27		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://647-bw-frontend.test.davinci.care/
Frame ID: 062A5F63C480D5CC51676B0D3366458B
Requests: 29 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: C5143F0818496923D71FA22013DB5E15
Requests: 1 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-f8ea3a2.js
Frame ID: 42DD3CD98356B4BA65C04B1F71806267
Requests: 3 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2F647-bw-frontend.test.davinci.care
Frame ID: 139109E97F7C4D8C3737B78B7CBD5B48
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Elty DaVinci

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • consent\.cookiebot\.com
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

31
Requests

100 %
HTTPS

46 %
IPv6

10
Domains

14
Subdomains

14
IPs

3
Countries

3039 kB
Transfer

9150 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
647-bw-frontend.test.davinci.care/ 		739 B
710 B 		Document
General
Check archive.org
Download Go to
Full URL
https://647-bw-frontend.test.davinci.care/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.195.84.203 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
203.84.195.35.bc.googleusercontent.com
Software
/
Resource Hash
131f3a6d45a79a4dc9f53105ce36ea611bb92e45effda834d70b554e95c4fcc7
Security Headers
Name Value
Content-Security-Policy default-src * https: wss: data: blob: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
no-store, must-revalidate
content-encoding
gzip
content-security-policy
default-src * https: wss: data: blob: 'unsafe-eval' 'unsafe-inline'
content-type
text/html
date
Thu, 28 Nov 2024 16:53:15 GMT
etag
W/"67488a96-2e3"
last-modified
Thu, 28 Nov 2024 15:21:58 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
index-Dtmeyq0-.js
647-bw-frontend.test.davinci.care/assets/ 		6 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://647-bw-frontend.test.davinci.care/assets/index-Dtmeyq0-.js
Requested by
Host: 647-bw-frontend.test.davinci.care
URL: https://647-bw-frontend.test.davinci.care/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.195.84.203 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
203.84.195.35.bc.googleusercontent.com
Software
/
Resource Hash
09ede7f04f529b6e0e503533dbc77bb9f13d5d71d4a4df6fda868ed78bbdf8a4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://647-bw-frontend.test.davinci.care
Referer
https://647-bw-frontend.test.davinci.care/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Thu, 28 Nov 2024 16:53:15 GMT
etag
W/"67488a95-5a7da4"
content-type
application/javascript
vary
Accept-Encoding
last-modified
Thu, 28 Nov 2024 15:21:57 GMT
index-wVC6cCM4.css
647-bw-frontend.test.davinci.care/assets/ 		117 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://647-bw-frontend.test.davinci.care/assets/index-wVC6cCM4.css
Requested by
Host: 647-bw-frontend.test.davinci.care
URL: https://647-bw-frontend.test.davinci.care/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.195.84.203 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
203.84.195.35.bc.googleusercontent.com
Software
/
Resource Hash
51b43bd4467ecc644e20ac9a952028fa34a518db02b14d914e513bc1987b53bb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://647-bw-frontend.test.davinci.care
Referer
https://647-bw-frontend.test.davinci.care/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Thu, 28 Nov 2024 16:53:15 GMT
etag
W/"67488a95-1d54c"
content-type
text/css
vary
Accept-Encoding
last-modified
Thu, 28 Nov 2024 15:21:57 GMT
css2
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Plus+Jakarta+Sans:wght@300;400;500;600;700&display=swap
Requested by
Host: 647-bw-frontend.test.davinci.care
URL: https://647-bw-frontend.test.davinci.care/assets/index-wVC6cCM4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
89f7d5c030c479e4bd7120a077f294bf3f45af6fba5c9edfd6424848b08d0b12
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://647-bw-frontend.test.davinci.care/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 28 Nov 2024 16:53:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 16:53:15 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Thu, 28 Nov 2024 16:47:55 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
v1.js
static.userback.io/widget/ 		492 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.userback.io/widget/v1.js
Requested by
Host: 647-bw-frontend.test.davinci.care
URL: https://647-bw-frontend.test.davinci.care/assets/index-Dtmeyq0-.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.65.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-65-95.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
434001ce9a070e9740f4aeba62def5db2619eb78892e80a2671d202d2dc81e42

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://647-bw-frontend.test.davinci.care/

Response headers

vary
accept-encoding
content-encoding
gzip
etag
W/"c68b5f1aeb78962e8dcd5f276e4819bf"
x-amz-version-id
null
age
39129
via
1.1 711bf86dc2898a8122a5a6c5b71ec626.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
UySfFDD_SpaELy2uFIWo-COJiMFf_2f4vt3Mh4e1paxe_LbH3f1dUw==
date
Thu, 28 Nov 2024 06:01:11 GMT
content-type
application/javascript
last-modified
Mon, 25 Nov 2024 06:01:05 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P6
x-amz-server-side-encryption
AES256
gtm.js
www.googletagmanager.com/ 		308 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TXZFDDN7
Requested by
Host: 647-bw-frontend.test.davinci.care
URL: https://647-bw-frontend.test.davinci.care/assets/index-Dtmeyq0-.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6af3bdec271d83c8cd3a67b1333b0160bd1a314dded47bab3ea461076b11c184
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://647-bw-frontend.test.davinci.care/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Thu, 28 Nov 2024 16:53:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 16:53:16 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Thu, 28 Nov 2024 15:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109240
x-xss-protection
0
server
Google Tag Manager
LayoutView-DUrNZYHZ.js
647-bw-frontend.test.davinci.care/assets/ 		761 B
674 B 		Script
General
Check archive.org
Download Go to
Full URL
https://647-bw-frontend.test.davinci.care/assets/LayoutView-DUrNZYHZ.js
Requested by
Host: 647-bw-frontend.test.davinci.care
URL: https://647-bw-frontend.test.davinci.care/assets/index-Dtmeyq0-.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.195.84.203 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
203.84.195.35.bc.googleusercontent.com
Software
/
Resource Hash
f39e2870189c3303ef9ede55d7a48bcf49cdd61074872c06c59a6087390a9930
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://647-bw-frontend.test.davinci.care
Referer

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Thu, 28 Nov 2024 16:53:16 GMT
etag
W/"67488a95-2f9"
content-type
application/javascript
vary
Accept-Encoding
last-modified
Thu, 28 Nov 2024 15:21:57 GMT
UnauthLayout.vue_vue_type_script_setup_true_lang-B3LdkVQs.js
647-bw-frontend.test.davinci.care/assets/ 		1 KB
874 B 		Script
General
Check archive.org
Download Go to
Full URL
https://647-bw-frontend.test.davinci.care/assets/UnauthLayout.vue_vue_type_script_setup_true_lang-B3LdkVQs.js
Requested by
Host: 647-bw-frontend.test.davinci.care
URL: https://647-bw-frontend.test.davinci.care/assets/index-Dtmeyq0-.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.195.84.203 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
203.84.195.35.bc.googleusercontent.com
Software
/
Resource Hash
69982d009b191a58041316dcdcfe87ce3fcb81ab1476aed6f9fabf3ba9934d5f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://647-bw-frontend.test.davinci.care
Referer

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Thu, 28 Nov 2024 16:53:16 GMT
etag
W/"67488a95-428"
content-type
application/javascript
vary
Accept-Encoding
last-modified
Thu, 28 Nov 2024 15:21:57 GMT
CustomTransition.vue_vue_type_style_index_0_lang-Cm23rIB8.js
647-bw-frontend.test.davinci.care/assets/ 		711 B
654 B 		Script
General
Check archive.org
Download Go to
Full URL
https://647-bw-frontend.test.davinci.care/assets/CustomTransition.vue_vue_type_style_index_0_lang-Cm23rIB8.js
Requested by
Host: 647-bw-frontend.test.davinci.care
URL: https://647-bw-frontend.test.davinci.care/assets/index-Dtmeyq0-.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.195.84.203 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
203.84.195.35.bc.googleusercontent.com
Software
/
Resource Hash
f5ecb10096ad9683bf12a052b2ff92b840d2ea278dcea54551d816b4b18ec6d0
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://647-bw-frontend.test.davinci.care
Referer

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Thu, 28 Nov 2024 16:53:16 GMT
etag
W/"67488a95-2c7"
content-type
application/javascript
vary
Accept-Encoding
last-modified
Thu, 28 Nov 2024 15:21:57 GMT
CustomTransition-CFublMqM.css
647-bw-frontend.test.davinci.care/assets/ 		1 KB
556 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://647-bw-frontend.test.davinci.care/assets/CustomTransition-CFublMqM.css
Requested by
Host: 647-bw-frontend.test.davinci.care
URL: https://647-bw-frontend.test.davinci.care/assets/index-Dtmeyq0-.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.195.84.203 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
203.84.195.35.bc.googleusercontent.com
Software
/
Resource Hash
31477c4b1b897bda3bcf24620205d8e3927ccee98d6b60a4b176ca3e3d60757b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://647-bw-frontend.test.davinci.care/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Thu, 28 Nov 2024 16:53:16 GMT
etag
W/"67488a95-50a"
content-type
text/css
vary
Accept-Encoding
last-modified
Thu, 28 Nov 2024 15:21:57 GMT
LoginView-CWp-wjq_.js
647-bw-frontend.test.davinci.care/assets/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://647-bw-frontend.test.davinci.care/assets/LoginView-CWp-wjq_.js
Requested by
Host: 647-bw-frontend.test.davinci.care
URL: https://647-bw-frontend.test.davinci.care/assets/index-Dtmeyq0-.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.195.84.203 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
203.84.195.35.bc.googleusercontent.com
Software
/
Resource Hash
56fb1ee562169cfc7ec4bb9680c5305febdefed8f8e3a972e37d686e1d99d559
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://647-bw-frontend.test.davinci.care
Referer

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Thu, 28 Nov 2024 16:53:16 GMT
etag
W/"67488a95-162a"
content-type
application/javascript
vary
Accept-Encoding
last-modified
Thu, 28 Nov 2024 15:21:57 GMT
store-sVPu4G4b.js
647-bw-frontend.test.davinci.care/assets/ 		1 KB
748 B 		Script
General
Check archive.org
Download Go to
Full URL
https://647-bw-frontend.test.davinci.care/assets/store-sVPu4G4b.js
Requested by
Host: 647-bw-frontend.test.davinci.care
URL: https://647-bw-frontend.test.davinci.care/assets/index-Dtmeyq0-.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.195.84.203 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
203.84.195.35.bc.googleusercontent.com
Software
/
Resource Hash
c1e7c25db00533fcc1f51e3730365d82ec1f786336ccbddc101a000843a78b01
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://647-bw-frontend.test.davinci.care
Referer

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Thu, 28 Nov 2024 16:53:16 GMT
etag
W/"67488a96-419"
content-type
application/javascript
vary
Accept-Encoding
last-modified
Thu, 28 Nov 2024 15:21:58 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b0bbbc363abf78844b9a39a38c94997c1f1f39283a3ceb8cdd4ed4125a4a0c81

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f7a65756260d69003cb456e96006c3c9e9c4df02c1db16e80d20a793508321cc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
32e48c88314454b39c014e53476fb95f820a274dfe1a140b577a70410088a6f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
authBackground-BKZbccwE.png
647-bw-frontend.test.davinci.care/assets/ 		837 KB
838 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://647-bw-frontend.test.davinci.care/assets/authBackground-BKZbccwE.png
Requested by
Host: 647-bw-frontend.test.davinci.care
URL: https://647-bw-frontend.test.davinci.care/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.195.84.203 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
203.84.195.35.bc.googleusercontent.com
Software
/
Resource Hash
21130ff7537cb31e6aa867ce73582d9d03d5536ddf6ffeeaf03ce495e6095b76
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://647-bw-frontend.test.davinci.care/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
accept-ranges
bytes
content-length
857033
date
Thu, 28 Nov 2024 16:53:16 GMT
etag
"67488a96-d13c9"
content-type
image/png
last-modified
Thu, 28 Nov 2024 15:21:58 GMT
LDIoaomQNQcsA88c7O9yZ4KMCoOg4Ko20yw.woff2
fonts.gstatic.com/s/plusjakartasans/v8/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/plusjakartasans/v8/LDIoaomQNQcsA88c7O9yZ4KMCoOg4Ko20yw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Plus+Jakarta+Sans:wght@300;400;500;600;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f3.1e100.net
Software
sffe /
Resource Hash
1262bff0591c36094d058ab102b84ce34eb1e547e8ff00557bf8d55449e58e40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://647-bw-frontend.test.davinci.care
Referer
https://fonts.googleapis.com/

Response headers

age
213879
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 26 Nov 2025 05:28:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 05:28:37 GMT
last-modified
Thu, 22 Jun 2023 14:14:33 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
27444
x-xss-protection
0
server
sffe
/
api.userback.io/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.userback.io/?jsSnippetLoad
Requested by
Host: static.userback.io
URL: https://static.userback.io/widget/v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.11.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-11-63.compute-1.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
323527664c0c7f23043875b7c7a49111b7ca90f30bdb08f5f28ba1e8f8371b2d

Request headers

Referer
https://647-bw-frontend.test.davinci.care/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
pragma
no-cache
expires
Thu, 19 Nov 1981 08:52:00 GMT
access-control-allow-origin
*
date
Thu, 28 Nov 2024 16:53:16 GMT
content-type
application/json
server
nginx/1.24.0
uc.js
consent.cookiebot.com/ 		110 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiebot.com/uc.js?cbid=b2bbd7e4-5193-45f5-9d15-b05325108fe1&implementation=gtm&consentmode-dataredaction=dynamic
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TXZFDDN7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a299 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
b30b70e2067e407e427ac15a978091acb030d9b2db360ea2a3ce3eec6ef474e5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://647-bw-frontend.test.davinci.care/

Response headers

access-control-expose-headers
Request-Context
cache-control
public, max-age=604
content-encoding
gzip
etag
"42d4c62e8219db1:0"
cross-origin-resource-policy
cross-origin
request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
expires
Thu, 28 Nov 2024 17:03:20 GMT
accept-ranges
bytes
content-length
34533
date
Thu, 28 Nov 2024 16:53:16 GMT
content-type
application/javascript
last-modified
Tue, 08 Oct 2024 13:01:25 GMT
vary
Accept-Encoding
js
www.googletagmanager.com/gtag/ 		420 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FQM7W3N9BM&l=dataLayer&cx=c&gtm=45He4bk0v9198718320za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TXZFDDN7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cf165c3efee106f23beb595003841d82d2165b399a6427ac0e0002a16eb964ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://647-bw-frontend.test.davinci.care/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 28 Nov 2024 16:53:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 16:53:16 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
137344
x-xss-protection
0
server
Google Tag Manager
snippet.js
static.zdassets.com/ekr/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/snippet.js?key=986fe07e-576e-4b45-8df9-ab87a423c67b
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TXZFDDN7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.198.54.3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7631939bbc2c74fc9a5fb1ee9565250a15bf95cc0e364da7fc5f15e3db41427
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://647-bw-frontend.test.davinci.care/

Response headers

access-control-max-age
0
content-encoding
br
cf-cache-status
HIT
etag
W/"c88d625098ddb649cf216dba2e52435c"
x-amz-version-id
C4qpYKgeT8.DeRlre_wbz3El4DCj0uok
age
30
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fNcNhmVGuI5mNqV8Gdplo%2Fq3xhxQB8Vx2vuVk03ZWBhsrSyS3fuY3yv5ATc0HgNJuaHPw3agDe7owttcmW0mkmDy6UFF%2B9qXY%2BpTD9ySWTC5NRL16e8%2BI%2BVmr2Raw9x2v6VwGyk%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, HEAD
date
Thu, 28 Nov 2024 16:53:16 GMT
content-type
application/javascript
last-modified
Mon, 04 Nov 2024 09:45:04 GMT
vary
Accept-Encoding
x-amz-id-2
Cr8zdnxRqpI/VgC5mhzQaB5OxAWTXNNBckrW4M0e+V5/UjkMrpZTfzLc74mNnjIox6N+BGlAi+c=
access-control-allow-headers
*
strict-transport-security
max-age=0
x-amz-replication-status
COMPLETED
cache-control
public, max-age=3600, s-maxage=60
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
S1FV3KQXFAWNZYNR
cf-ray
8e9bdf89dbfce52f-TXL
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
986fe07e-576e-4b45-8df9-ab87a423c67b
ekr.zdassets.com/compose/ 		930 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose/986fe07e-576e-4b45-8df9-ab87a423c67b
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=986fe07e-576e-4b45-8df9-ab87a423c67b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.198.53.3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfc78274953175715256834e2241bc215812105e03008123fe372433dfb9ec22
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://647-bw-frontend.test.davinci.care/

Response headers

access-control-max-age
7200
x-request-id
8e9bdf8acb9de52b-SEA, 8e9bdf8acb9de52b-SEA, 8e9bdf8acb9de52b-SEA
access-control-expose-headers
content-encoding
br
cf-cache-status
MISS
etag
W/"bfc78274953175715256834e2241bc21"
x-permitted-cross-domain-policies
none
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xTSitGQHSKC61ykkWcVuf6AsQfvARIxLcPHaJfxAu3nWsi1UGcdSwzfYiyNPDmzES8laoA8cFeLRXVKJAtfydXBNSDw7DdxMxe3dQVkwp8aasyWThGVVp1%2FDyZSZF%2FZgGP0%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
date
Thu, 28 Nov 2024 16:53:16 GMT
content-type
application/json; charset=utf-8
vary
Accept, Origin, Accept-Encoding
x-runtime
0.005087
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
cdn-cache-control
max-age=60
cache-control
max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8e9bdf8acb9de52b-TXL
access-control-allow-origin
*
x-zendesk-zorg
yes, yes
x-xss-protection
1; mode=block
server
cloudflare
bc-v4.min.html
consentcdn.cookiebot.com/sdk/ Frame C514 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=b2bbd7e4-5193-45f5-9d15-b05325108fe1&implementation=gtm&consentmode-dataredaction=dynamic
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:8a3::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash

Request headers

Referer
https://647-bw-frontend.test.davinci.care/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
gzip
content-length
392
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 28 Nov 2024 16:53:16 GMT
etag
"3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
expires
Fri, 28 Nov 2025 16:53:16 GMT
last-modified
Mon, 04 Apr 2022 07:23:49 GMT
server
AkamaiNetStorage
server-timing
cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1732812796597_34603335_12707238_25_930_36_41_255";dur=1
vary
Accept-Encoding
x-akamai-transformed
9 - 0 pmb=mRUM,1
cc.js
consent.cookiebot.com/b2bbd7e4-5193-45f5-9d15-b05325108fe1/ 		389 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiebot.com/b2bbd7e4-5193-45f5-9d15-b05325108fe1/cc.js?renew=false&referer=647-bw-frontend.test.davinci.care&dnt=false&init=false
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=b2bbd7e4-5193-45f5-9d15-b05325108fe1&implementation=gtm&consentmode-dataredaction=dynamic
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a299 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
ee8ebaeddc6ddf32a76839c150f1c248ac763713edafd2159ddd1fbd6a16e34a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://647-bw-frontend.test.davinci.care/

Response headers

cache-control
private, max-age=60
access-control-expose-headers
Request-Context
content-encoding
gzip
cross-origin-resource-policy
cross-origin
request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
content-length
378
date
Thu, 28 Nov 2024 16:53:16 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
v1.css
static.userback.io/widget/ 		110 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.userback.io/widget/v1.css
Requested by
Host: static.userback.io
URL: https://static.userback.io/widget/v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.65.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-65-95.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7038c304ec16c92ab7b066549cec44ef8671da4f0a71a44521f9d385dd539dab

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://647-bw-frontend.test.davinci.care
Referer
https://647-bw-frontend.test.davinci.care/

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
null
etag
W/"99dceb062d0836ab6dfd0ac059cef595"
access-control-allow-methods
GET, POST, PUT
x-cache
Miss from cloudfront
x-amz-cf-id
Oa6xpDu6hU5I7zRmRNd_qw-jFA5zgknPi7iA6eooW6ezS9Gs_rwh9Q==
date
Thu, 28 Nov 2024 16:53:18 GMT
content-type
text/css
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
last-modified
Mon, 25 Nov 2024 06:01:04 GMT
via
1.1 ed63aee7a232dfd166d737f0f937fa32.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
MUC50-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
web-widget-main-f8ea3a2.js
static.zdassets.com/web_widget/classic/latest/ Frame 42DD 		829 KB
258 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-main-f8ea3a2.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=986fe07e-576e-4b45-8df9-ab87a423c67b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.198.54.3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4023a33e55c975d4dc3bb5097bfbb0b3292ee6f7cfc606dd8d26cadfeb192569
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
0
content-encoding
br
cf-cache-status
HIT
etag
W/"9036dc5e0838fdf3f24f3b4865511179"
x-amz-version-id
Kx.ZdT9ddwx0cxOUKUZ9kWt5KVOjAgPp
age
198406
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8wnx9XOkIS%2B3K3tj%2FiSdTCfiXCPG4thVE%2BdK%2BthckPxxmSCCsk6oQyowUAzT18n25P3yEekrKWfSoAZdhFAnahsYIhqqzTzSIcpoGFj2abcXhKzLckg%2BLojaiHh7F%2BCF7Eh1R8o%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, HEAD
expires
Tue, 25 Nov 2025 16:16:32 GMT
date
Thu, 28 Nov 2024 16:53:16 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 25 Nov 2024 16:16:33 GMT
vary
Accept-Encoding
x-amz-id-2
MLnkpFpEOiAcnvHXljaogs0P2N51XrmK3508+UgQzNgo2Zvm3fM6WsWXhiVZFJs7T9s8oklawyI3TpJGgbBw109SFhi2uKKz
access-control-allow-headers
*
strict-transport-security
max-age=0
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
7PKS30VJ5Z7547EY
cf-ray
8e9bdf8c6fbde52f-TXL
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
en-us-json-f8ea3a2.js
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame 42DD 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-f8ea3a2.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-f8ea3a2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.198.54.3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b87b92cd9b2943bcc97a64011eb833ef4205009327eaffe17db1cd001ae9ecc8
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
0
content-encoding
br
cf-cache-status
HIT
etag
W/"ef48436bf7997a9fed0856cd3df28c0f"
x-amz-version-id
7EyNMW5giVK41nqiVNpynDUogEN5OA.V
age
47811
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iHrJ8DaSaTkN3zqk6XIxlr1z73i669ihxCHWklDSBI1ERquYgw7%2F0E6yipEWlJPVEbH%2F6mk9H1X8DLwdtFVJcPuzwcxa%2FuguCIZWUjiGQo%2FkobEP4bOFLYvY1B%2BSFYyaGm3qXIo%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, HEAD
expires
Tue, 25 Nov 2025 16:16:33 GMT
date
Thu, 28 Nov 2024 16:53:17 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 25 Nov 2024 16:16:35 GMT
vary
Accept-Encoding
x-amz-id-2
sUwMLtPNqXWOQAETl3ka3OSfrxPu9J60KhfoQYzyMWkontw/R5BwxpTVZtD4JImafI+Dk7kE+n4l/+p/SMFuxNsi98uvBBPb
access-control-allow-headers
*
strict-transport-security
max-age=0
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
7PKJY410EZ6H7WGT
cf-ray
8e9bdf8dbceae52f-TXL
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
config
eltydavinci.zendesk.com/embeddable/ Frame 42DD 		509 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://eltydavinci.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-f8ea3a2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.198.54.1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bd39a792423c030319614919bac9f68648d1e0df5e6191f370adc85b22cf9dc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
7200
x-request-id
8e9bdf8e5b066a74-FRA
access-control-expose-headers
x-zendesk-origin-server
embeddable-app-server-f855f7789-nn96n
cf-cache-status
EXPIRED
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cGm8qKYs%2Bg2jQkhE00Iky1Z0sVuUs1npFh3NWuoMKwSAlSL1L1VeChkBZm8GTtBeIihXvwpCEFvpu4fraszvkWb74qsPlvIPb%2FMylAB7nwGAUCZqT%2FPEB4XYPp%2FovxuJ%2FkMgJglzTKlK"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
date
Thu, 28 Nov 2024 16:53:17 GMT
content-type
application/json; charset=utf-8
vary
Origin, Accept-Encoding
x-runtime
0.002083
last-modified
Thu, 28 Nov 2024 16:53:17 GMT
cache-control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray
8e9bdf8e5b066a74-TXL
access-control-allow-origin
*
x-zendesk-zorg
yes
x-cached
MISS
server
cloudflare
1.gif
imgsct.cookiebot.com/ 		35 B
781 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgsct.cookiebot.com/1.gif?dgi=b2bbd7e4-5193-45f5-9d15-b05325108fe1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:8a3::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
UploadServer /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://647-bw-frontend.test.davinci.care/

Response headers

x-goog-metageneration
1
Access-Control-Expose-Headers
*
x-goog-hash
crc32c=rX4K2g==, md5=whlt6LpBLGDCKrSRr3sUCQ==
ETag
"c2196de8ba412c60c22ab491af7b1409"
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
35
Date
Thu, 28 Nov 2024 16:53:17 GMT
Last-Modified
Mon, 23 Oct 2023 11:39:32 GMT
Content-Type
image/gif
X-GUploader-UploadID
AFiumC7icH2LeyVH1mn0aDQ8G98lDxQRHtxoV3HsE4xpPVcSLFjP0tEgw5BAfAmVtrxI4f0Es9c
Cache-Control
public,max-age=1800
x-goog-storage-class
STANDARD
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
x-goog-generation
1698061172769999
Content-Length
35
Server
UploadServer
favicon.png
647-bw-frontend.test.davinci.care/ 		727 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://647-bw-frontend.test.davinci.care/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.195.84.203 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
203.84.195.35.bc.googleusercontent.com
Software
/
Resource Hash
58bda0165dd5ca40df14a75af58269a8bb84e036d3fe57a9a35862695fe06d23
Security Headers
Name Value
Content-Security-Policy default-src * https: wss: data: blob: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://647-bw-frontend.test.davinci.care/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-security-policy
default-src * https: wss: data: blob: 'unsafe-eval' 'unsafe-inline'
cache-control
no-store, must-revalidate
etag
"67488a96-2d7"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
727
date
Thu, 28 Nov 2024 16:53:17 GMT
content-type
image/png
last-modified
Thu, 28 Nov 2024 15:21:58 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2
static.userback.io/fonts/inter/v12/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.userback.io/fonts/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2
Requested by
Host: static.userback.io
URL: https://static.userback.io/widget/v1.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.65.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-65-95.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
39e72c0794c12f2dbb14a0f61ca946b535f795b1478fcf795bd26e5cb52ded34

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://647-bw-frontend.test.davinci.care
Referer
https://static.userback.io/widget/v1.css

Response headers

access-control-max-age
3000
etag
"e1b9f0ecaaebb12c93064cd3c406f82b"
x-amz-version-id
JK3dQ2l_.pOziSBHmkh.gj8Jqw2MS70R
access-control-allow-methods
GET, POST, PUT
x-cache
Miss from cloudfront
x-amz-cf-id
Fr-xfnU6fbqvdLMB5QcmtWnE0p80DMXaXi35XmTX6r86TJzNkdpxLg==
date
Thu, 28 Nov 2024 16:53:18 GMT
content-type
binary/octet-stream
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
last-modified
Wed, 19 Apr 2023 06:58:55 GMT
x-amz-replication-status
REPLICA
via
1.1 ed63aee7a232dfd166d737f0f937fa32.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
37780
x-amz-cf-pop
MUC50-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
collect
pagead2.googlesyndication.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/ccm/collect?en=page_view&dl=https%3A%2F%2F647-bw-frontend.test.davinci.care%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=199189768.1732812798&npa=1&us_privacy=1YNY&gtm=45He4bk0v9198718320za200&gcs=G100&gcd=13p3p3p2p5l1&dma_cps=-&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&tft=1732812798468&tfd=3525&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TXZFDDN7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://647-bw-frontend.test.davinci.care/

Response headers
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-FQM7W3N9BM&gtm=45je4bk0v887483845z89198718320za200zb9198718320&_p=1732812796013&gcs=G100&gcd=13p3pPp2p5l1&npa=1&dma_cps=-&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&gdid=dMWZhNz&gtm_up=1&cid=944658789.1732812798&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_s=1&sid=1732812796&sct=1&seg=0&dl=https%3A%2F%2F647-bw-frontend.test.davinci.care%2F&dt=Elty%20DaVinci&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3531
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FQM7W3N9BM&l=dataLayer&cx=c&gtm=45He4bk0v9198718320za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://647-bw-frontend.test.davinci.care/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://647-bw-frontend.test.davinci.care
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 16:53:18 GMT
content-type
text/plain
server
Golfe2
sw_iframe.html
www.googletagmanager.com/static/service_worker/4bj0/ Frame 1391 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2F647-bw-frontend.test.davinci.care
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TXZFDDN7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Thu, 28 Nov 2024 16:53:18 GMT
expires
Fri, 28 Nov 2025 16:53:18 GMT
last-modified
Tue, 19 Nov 2024 10:38:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| zESettings object| _sentryDebugIds string| _sentryDebugIdIdentifier object| __VUE_INSTANCE_SETTERS__ object| __VUE_SSR_SETTERS__ object| mongoose function| Buffer boolean| __VUE__ object| Userback object| dataLayer object| webpackChunkapp_userback_io object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| zEWebpackACJsonp function| zE function| zEmbed object| CookieControl function| __uspapi function| addUspapiLocatorFrame function| __handleUspapiMessage function| propagateIABStub object| Cookiebot object| CookieConsent object| __USERBACK_SURVEY_EVENTS string| cookiedomainwarning boolean| zEACLoaded function| $zopim object| gaGlobal

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * https: wss: data: blob: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

647-bw-frontend.test.davinci.care
api.userback.io
consent.cookiebot.com
consentcdn.cookiebot.com
ekr.zdassets.com
eltydavinci.zendesk.com
fonts.googleapis.com
fonts.gstatic.com
imgsct.cookiebot.com
pagead2.googlesyndication.com
region1.google-analytics.com
static.userback.io
static.zdassets.com
www.googletagmanager.com
142.250.185.163
18.214.11.63
2001:4860:4802:34::36
216.198.53.3
216.198.54.1
216.198.54.3
2a00:1450:4001:800::200a
2a00:1450:4001:81c::2008
2a00:1450:4001:828::2002
2a02:26f0:3500:18::1724:a299
2a02:26f0:7100:8a3::f09
35.195.84.203
52.85.65.95
09ede7f04f529b6e0e503533dbc77bb9f13d5d71d4a4df6fda868ed78bbdf8a4
1262bff0591c36094d058ab102b84ce34eb1e547e8ff00557bf8d55449e58e40
131f3a6d45a79a4dc9f53105ce36ea611bb92e45effda834d70b554e95c4fcc7
21130ff7537cb31e6aa867ce73582d9d03d5536ddf6ffeeaf03ce495e6095b76
31477c4b1b897bda3bcf24620205d8e3927ccee98d6b60a4b176ca3e3d60757b
323527664c0c7f23043875b7c7a49111b7ca90f30bdb08f5f28ba1e8f8371b2d
32e48c88314454b39c014e53476fb95f820a274dfe1a140b577a70410088a6f2
39e72c0794c12f2dbb14a0f61ca946b535f795b1478fcf795bd26e5cb52ded34
4023a33e55c975d4dc3bb5097bfbb0b3292ee6f7cfc606dd8d26cadfeb192569
434001ce9a070e9740f4aeba62def5db2619eb78892e80a2671d202d2dc81e42
51b43bd4467ecc644e20ac9a952028fa34a518db02b14d914e513bc1987b53bb
56fb1ee562169cfc7ec4bb9680c5305febdefed8f8e3a972e37d686e1d99d559
58bda0165dd5ca40df14a75af58269a8bb84e036d3fe57a9a35862695fe06d23
69982d009b191a58041316dcdcfe87ce3fcb81ab1476aed6f9fabf3ba9934d5f
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6af3bdec271d83c8cd3a67b1333b0160bd1a314dded47bab3ea461076b11c184
6bd39a792423c030319614919bac9f68648d1e0df5e6191f370adc85b22cf9dc
7038c304ec16c92ab7b066549cec44ef8671da4f0a71a44521f9d385dd539dab
89f7d5c030c479e4bd7120a077f294bf3f45af6fba5c9edfd6424848b08d0b12
b0bbbc363abf78844b9a39a38c94997c1f1f39283a3ceb8cdd4ed4125a4a0c81
b30b70e2067e407e427ac15a978091acb030d9b2db360ea2a3ce3eec6ef474e5
b87b92cd9b2943bcc97a64011eb833ef4205009327eaffe17db1cd001ae9ecc8
bfc78274953175715256834e2241bc215812105e03008123fe372433dfb9ec22
c1e7c25db00533fcc1f51e3730365d82ec1f786336ccbddc101a000843a78b01
c7631939bbc2c74fc9a5fb1ee9565250a15bf95cc0e364da7fc5f15e3db41427
cf165c3efee106f23beb595003841d82d2165b399a6427ac0e0002a16eb964ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee8ebaeddc6ddf32a76839c150f1c248ac763713edafd2159ddd1fbd6a16e34a
f39e2870189c3303ef9ede55d7a48bcf49cdd61074872c06c59a6087390a9930
f5ecb10096ad9683bf12a052b2ff92b840d2ea278dcea54551d816b4b18ec6d0
f7a65756260d69003cb456e96006c3c9e9c4df02c1db16e80d20a793508321cc