urlscan.io logo urlscan.io
SecurityTrails logo

app.dam-health.com Open in urlscan Pro
2606:4700:10::6816:367d  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy2...
Effective URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvY...
Submission Tags: falconsandbox
Submission: On July 21 via api from US — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 5 countries across 17 domains to perform 59 HTTP transactions. The main IP is 2606:4700:10::6816:367d, located in United States and belongs to CLOUDFLARENET, US. The main domain is app.dam-health.com.
TLS certificate: Issued by E1 on June 16th 2022. Valid for: 3 months.
This is the only time app.dam-health.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 10 95.110.136.136 31034 (ARUBA-ASN)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 2600:9000:223... 16509 (AMAZON-02)
18 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 18.66.122.63 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2620:1ec:27::... 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
3 54.187.159.182 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 172.217.23.98 15169 (GOOGLE)
2 52.222.236.120 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 20.85.30.134 8075 (MICROSOFT...)
1 34.217.199.81 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 20.234.93.27 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
59 20
10    95.110.136.136 (Ponte San Pietro, Italy)

ASN31034 (ARUBA-ASN, IT)
PTR: net-80-211-49-112.cust.vodafonedsl.it
urlsand.esvalabs.com
2    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2600:9000:223c:d000:9:ec94:b800:93a1 (United States)

ASN16509 (AMAZON-02, US)
trk.klclick3.com
18    2606:4700:10::6816:367d (United States)

ASN13335 (CLOUDFLARENET, US)
app.dam-health.com
2    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
3    18.66.122.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-63.fra60.r.cloudfront.net
js.stripe.com
2    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2620:1ec:27::cafe:1959 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com
q.stripe.com
2    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net
www.googleadservices.com
2    52.222.236.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-120.fra56.r.cloudfront.net
m.stripe.network
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    20.85.30.134 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
j.clarity.ms
1    34.217.199.81 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-217-199-81.us-west-2.compute.amazonaws.com
m.stripe.com
1    2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.it
2    20.234.93.27 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
Apex Domain
Subdomains		 Transfer
18 dam-health.com
app.dam-health.com
924 KB
10 esvalabs.com
urlsand.esvalabs.com — Cisco Umbrella Rank: 123571
405 KB
7 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1872
q.stripe.com — Cisco Umbrella Rank: 14306
m.stripe.com — Cisco Umbrella Rank: 1639
81 KB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 542
j.clarity.ms — Cisco Umbrella Rank: 5385
c.clarity.ms — Cisco Umbrella Rank: 1008
25 KB
2 google.it
www.google.it — Cisco Umbrella Rank: 17945
611 B
2 google.com
www.google.com — Cisco Umbrella Rank: 10
611 B
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 56
stats.g.doubleclick.net — Cisco Umbrella Rank: 117
2 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 2007
18 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
20 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 226
12 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 424
5 KB
2 gstatic.com
fonts.gstatic.com
60 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 72
2 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 192
555 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 125
15 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 93
55 KB
1 klclick3.com
trk.klclick3.com — Cisco Umbrella Rank: 35417
360 B
59 17
Domain Requested by
18 app.dam-health.com urlsand.esvalabs.com
app.dam-health.com
10 urlsand.esvalabs.com 1 redirects urlsand.esvalabs.com
3 q.stripe.com urlsand.esvalabs.com
3 js.stripe.com app.dam-health.com
js.stripe.com
2 c.clarity.ms 1 redirects
2 www.google.it app.dam-health.com
2 www.google.com app.dam-health.com
2 j.clarity.ms www.clarity.ms
2 m.stripe.network js.stripe.com
m.stripe.network
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.clarity.ms app.dam-health.com
www.clarity.ms
2 cdnjs.cloudflare.com app.dam-health.com
2 cdn.jsdelivr.net app.dam-health.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com urlsand.esvalabs.com
app.dam-health.com
1 c.bing.com 1 redirects
1 stats.g.doubleclick.net www.google-analytics.com
1 m.stripe.com m.stripe.network
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.googleadservices.com www.googletagmanager.com
1 www.googletagmanager.com app.dam-health.com
1 trk.klclick3.com 1 redirects
59 22

This site contains no links.

Subject Issuer Validity Valid
esvalabs.com
R3		 2022-06-20 -
2022-09-18		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
*.dam-health.com
E1		 2022-06-16 -
2022-09-14		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-02 -
2023-06-01		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2022-05-20 -
2022-09-25		 4 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-27 -
2023-02-27		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-05-25 -
2022-09-08		 4 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 02		 2022-06-07 -
2023-06-02		 a year crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-11 -
2022-10-19		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
*.google.it
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Frame ID: 74B2884AFECDF6AC7DF201919FC96C62
Requests: 48 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-fb68bef34c647b6101d72d7384daf13e.html
Frame ID: 88D2FAB09C16A21F1CEC22E738D3C55C
Requests: 4 HTTP requests in this frame

Frame: https://app.dam-health.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1658419200
Frame ID: 0093206CD34F8189A3C27EDA6ABCF970
Requests: 3 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: E42563930BB0AB81881431E61674AEC7
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

DAM Health

Page URL History Show full URLs

  1. https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSD... HTTP 302
    https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSD... Page URL
  2. https://trk.klclick3.com/ls/click?upn=tgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdU... HTTP 302
    https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPF... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • blazor\.server\.js
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

59
Requests

98 %
HTTPS

64 %
IPv6

17
Domains

22
Subdomains

20
IPs

5
Countries

1625 kB
Transfer

4046 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jhn0x1Pe1-2F-2BCMcLQlgm32to5IOivOSZdJ8-2BSHIvrRSN_Z4nllQV2sLbvIe2xKPPf8v5u8jLwN2UAcZEgkH0O6V8l8-2FU65STavBx8d-2F-2BztyZPJ83WAkg-2BqPgTarSmoHcd-2Bht2DnpK9gi0CxfyxtKmqeYRHlJdKt28mwQZkq-2FBNwJmkmMLdbyOt7XecyM7tOe1e1VHh7GpqcWK3jCIsZ-2F-2BclUqc5c6dx9DTDuwvJmtJAzXZs6NGaf-2B9jx2Ar2BFTHf4eNGo9dT3eXRpi83ouCGhVZRLaeX9-2FeruXpZb8rLuEenAds5dDGLS9wyHr1jdONREvwyCMlizMp5HtWw7LIPyUNDr4mjLZpY2PglS3EtcFQc5zbpQdxntfNQQgTpfQ73OwAs6O0i3YfZ3qLQwx1eowkk0Rx4UJoqmLS8muobqPBpDnXwQo1T4i7IjViOBgi2nw-3D-3D&e=d02f10fa&h=16457eb4&f=y&p=y HTTP 302
    https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jhn0x1Pe1-2F-2BCMcLQlgm32to5IOivOSZdJ8-2BSHIvrRSN_Z4nllQV2sLbvIe2xKPPf8v5u8jLwN2UAcZEgkH0O6V8l8-2FU65STavBx8d-2F-2BztyZPJ83WAkg-2BqPgTarSmoHcd-2Bht2DnpK9gi0CxfyxtKmqeYRHlJdKt28mwQZkq-2FBNwJmkmMLdbyOt7XecyM7tOe1e1VHh7GpqcWK3jCIsZ-2F-2BclUqc5c6dx9DTDuwvJmtJAzXZs6NGaf-2B9jx2Ar2BFTHf4eNGo9dT3eXRpi83ouCGhVZRLaeX9-2FeruXpZb8rLuEenAds5dDGLS9wyHr1jdONREvwyCMlizMp5HtWw7LIPyUNDr4mjLZpY2PglS3EtcFQc5zbpQdxntfNQQgTpfQ73OwAs6O0i3YfZ3qLQwx1eowkk0Rx4UJoqmLS8muobqPBpDnXwQo1T4i7IjViOBgi2nw-3D-3D&e=d02f10fa&h=16457eb4&f=y&p=y&l=1 Page URL
  2. https://trk.klclick3.com/ls/click?upn=tgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jhn0x1Pe1-2F-2BCMcLQlgm32to5IOivOSZdJ8-2BSHIvrRSN_Z4nllQV2sLbvIe2xKPPf8v5u8jLwN2UAcZEgkH0O6V8l8-2FU65STavBx8d-2F-2BztyZPJ83WAkg-2BqPgTarSmoHcd-2Bht2DnpK9gi0CxfyxtKmqeYRHlJdKt28mwQZkq-2FBNwJmkmMLdbyOt7XecyM7tOe1e1VHh7GpqcWK3jCIsZ-2F-2BclUqc5c6dx9DTDuwvJmtJAzXZs6NGaf-2B9jx2Ar2BFTHf4eNGo9dT3eXRpi83ouCGhVZRLaeX9-2FeruXpZb8rLuEenAds5dDGLS9wyHr1jdONREvwyCMlizMp5HtWw7LIPyUNDr4mjLZpY2PglS3EtcFQc5zbpQdxntfNQQgTpfQ73OwAs6O0i3YfZ3qLQwx1eowkk0Rx4UJoqmLS8muobqPBpDnXwQo1T4i7IjViOBgi2nw-3D-3D HTTP 302
    https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jhn0x1Pe1-2F-2BCMcLQlgm32to5IOivOSZdJ8-2BSHIvrRSN_Z4nllQV2sLbvIe2xKPPf8v5u8jLwN2UAcZEgkH0O6V8l8-2FU65STavBx8d-2F-2BztyZPJ83WAkg-2BqPgTarSmoHcd-2Bht2DnpK9gi0CxfyxtKmqeYRHlJdKt28mwQZkq-2FBNwJmkmMLdbyOt7XecyM7tOe1e1VHh7GpqcWK3jCIsZ-2F-2BclUqc5c6dx9DTDuwvJmtJAzXZs6NGaf-2B9jx2Ar2BFTHf4eNGo9dT3eXRpi83ouCGhVZRLaeX9-2FeruXpZb8rLuEenAds5dDGLS9wyHr1jdONREvwyCMlizMp5HtWw7LIPyUNDr4mjLZpY2PglS3EtcFQc5zbpQdxntfNQQgTpfQ73OwAs6O0i3YfZ3qLQwx1eowkk0Rx4UJoqmLS8muobqPBpDnXwQo1T4i7IjViOBgi2nw-3D-3D&e=d02f10fa&h=16457eb4&f=y&p=y HTTP 302
  • https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jhn0x1Pe1-2F-2BCMcLQlgm32to5IOivOSZdJ8-2BSHIvrRSN_Z4nllQV2sLbvIe2xKPPf8v5u8jLwN2UAcZEgkH0O6V8l8-2FU65STavBx8d-2F-2BztyZPJ83WAkg-2BqPgTarSmoHcd-2Bht2DnpK9gi0CxfyxtKmqeYRHlJdKt28mwQZkq-2FBNwJmkmMLdbyOt7XecyM7tOe1e1VHh7GpqcWK3jCIsZ-2F-2BclUqc5c6dx9DTDuwvJmtJAzXZs6NGaf-2B9jx2Ar2BFTHf4eNGo9dT3eXRpi83ouCGhVZRLaeX9-2FeruXpZb8rLuEenAds5dDGLS9wyHr1jdONREvwyCMlizMp5HtWw7LIPyUNDr4mjLZpY2PglS3EtcFQc5zbpQdxntfNQQgTpfQ73OwAs6O0i3YfZ3qLQwx1eowkk0Rx4UJoqmLS8muobqPBpDnXwQo1T4i7IjViOBgi2nw-3D-3D&e=d02f10fa&h=16457eb4&f=y&p=y&l=1
Request Chain 56
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=442105065B0E4AF58BFEAFFBC52C6EEC&RedC=c.clarity.ms&MXFR=181DFFB1427D68181981EE59467D66D4 HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=442105065B0E4AF58BFEAFFBC52C6EEC&MUID=00FBD37556FA69E912F6C29D570F681D

59 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
urlsand.esvalabs.com/
Redirect Chain
  • https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2...
  • https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2...
6 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jhn0x1Pe1-2F-2BCMcLQlgm32to5IOivOSZdJ8-2BSHIvrRSN_Z4nllQV2sLbvIe2xKPPf8v5u8jLwN2UAcZEgkH0O6V8l8-2FU65STavBx8d-2F-2BztyZPJ83WAkg-2BqPgTarSmoHcd-2Bht2DnpK9gi0CxfyxtKmqeYRHlJdKt28mwQZkq-2FBNwJmkmMLdbyOt7XecyM7tOe1e1VHh7GpqcWK3jCIsZ-2F-2BclUqc5c6dx9DTDuwvJmtJAzXZs6NGaf-2B9jx2Ar2BFTHf4eNGo9dT3eXRpi83ouCGhVZRLaeX9-2FeruXpZb8rLuEenAds5dDGLS9wyHr1jdONREvwyCMlizMp5HtWw7LIPyUNDr4mjLZpY2PglS3EtcFQc5zbpQdxntfNQQgTpfQ73OwAs6O0i3YfZ3qLQwx1eowkk0Rx4UJoqmLS8muobqPBpDnXwQo1T4i7IjViOBgi2nw-3D-3D&e=d02f10fa&h=16457eb4&f=y&p=y&l=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.110.136.136 Ponte San Pietro, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
net-80-211-49-112.cust.vodafonedsl.it
Software
nginx /
Resource Hash
f2053a1d0fd885c22858bdf85f379b2be45b659315ff08413fdca0cf933e9b8a
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

cache-control
no-cache, private
content-security-policy
default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
content-type
text/html; charset=UTF-8
date
Thu, 21 Jul 2022 18:14:35 GMT
feature-policy
fullscreen 'self'
referrer-policy
strict-origin
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-cache, private
content-security-policy
default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
content-type
text/html; charset=UTF-8
date
Thu, 21 Jul 2022 18:14:35 GMT
feature-policy
fullscreen 'self'
location
//urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jhn0x1Pe1-2F-2BCMcLQlgm32to5IOivOSZdJ8-2BSHIvrRSN_Z4nllQV2sLbvIe2xKPPf8v5u8jLwN2UAcZEgkH0O6V8l8-2FU65STavBx8d-2F-2BztyZPJ83WAkg-2BqPgTarSmoHcd-2Bht2DnpK9gi0CxfyxtKmqeYRHlJdKt28mwQZkq-2FBNwJmkmMLdbyOt7XecyM7tOe1e1VHh7GpqcWK3jCIsZ-2F-2BclUqc5c6dx9DTDuwvJmtJAzXZs6NGaf-2B9jx2Ar2BFTHf4eNGo9dT3eXRpi83ouCGhVZRLaeX9-2FeruXpZb8rLuEenAds5dDGLS9wyHr1jdONREvwyCMlizMp5HtWw7LIPyUNDr4mjLZpY2PglS3EtcFQc5zbpQdxntfNQQgTpfQ73OwAs6O0i3YfZ3qLQwx1eowkk0Rx4UJoqmLS8muobqPBpDnXwQo1T4i7IjViOBgi2nw-3D-3D&e=d02f10fa&h=16457eb4&f=y&p=y&l=1
referrer-policy
strict-origin
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
urlsandbox.css
urlsand.esvalabs.com/templates/default/css/ 		184 KB
184 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://urlsand.esvalabs.com/templates/default/css/urlsandbox.css
Requested by
Host: urlsand.esvalabs.com
URL: https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jhn0x1Pe1-2F-2BCMcLQlgm32to5IOivOSZdJ8-2BSHIvrRSN_Z4nllQV2sLbvIe2xKPPf8v5u8jLwN2UAcZEgkH0O6V8l8-2FU65STavBx8d-2F-2BztyZPJ83WAkg-2BqPgTarSmoHcd-2Bht2DnpK9gi0CxfyxtKmqeYRHlJdKt28mwQZkq-2FBNwJmkmMLdbyOt7XecyM7tOe1e1VHh7GpqcWK3jCIsZ-2F-2BclUqc5c6dx9DTDuwvJmtJAzXZs6NGaf-2B9jx2Ar2BFTHf4eNGo9dT3eXRpi83ouCGhVZRLaeX9-2FeruXpZb8rLuEenAds5dDGLS9wyHr1jdONREvwyCMlizMp5HtWw7LIPyUNDr4mjLZpY2PglS3EtcFQc5zbpQdxntfNQQgTpfQ73OwAs6O0i3YfZ3qLQwx1eowkk0Rx4UJoqmLS8muobqPBpDnXwQo1T4i7IjViOBgi2nw-3D-3D&e=d02f10fa&h=16457eb4&f=y&p=y&l=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.110.136.136 Ponte San Pietro, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
net-80-211-49-112.cust.vodafonedsl.it
Software
nginx /
Resource Hash
3661b0abad108b1e162b750119e065a1bc24b379ed4371a0daf807ee3567534c
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://urlsand.esvalabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 18:14:35 GMT
referrer-policy
strict-origin
last-modified
Wed, 20 Jul 2022 06:50:33 GMT
server
nginx
etag
"62d7a5b9-2df7e"
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
feature-policy
fullscreen 'self'
content-security-policy
default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
188286
x-content-type-options
nosniff
urlsand.css
urlsand.esvalabs.com/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://urlsand.esvalabs.com/css/urlsand.css
Requested by
Host: urlsand.esvalabs.com
URL: https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jhn0x1Pe1-2F-2BCMcLQlgm32to5IOivOSZdJ8-2BSHIvrRSN_Z4nllQV2sLbvIe2xKPPf8v5u8jLwN2UAcZEgkH0O6V8l8-2FU65STavBx8d-2F-2BztyZPJ83WAkg-2BqPgTarSmoHcd-2Bht2DnpK9gi0CxfyxtKmqeYRHlJdKt28mwQZkq-2FBNwJmkmMLdbyOt7XecyM7tOe1e1VHh7GpqcWK3jCIsZ-2F-2BclUqc5c6dx9DTDuwvJmtJAzXZs6NGaf-2B9jx2Ar2BFTHf4eNGo9dT3eXRpi83ouCGhVZRLaeX9-2FeruXpZb8rLuEenAds5dDGLS9wyHr1jdONREvwyCMlizMp5HtWw7LIPyUNDr4mjLZpY2PglS3EtcFQc5zbpQdxntfNQQgTpfQ73OwAs6O0i3YfZ3qLQwx1eowkk0Rx4UJoqmLS8muobqPBpDnXwQo1T4i7IjViOBgi2nw-3D-3D&e=d02f10fa&h=16457eb4&f=y&p=y&l=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.110.136.136 Ponte San Pietro, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
net-80-211-49-112.cust.vodafonedsl.it
Software
nginx /
Resource Hash
fb55650bbb7a33af4f2925696ef0765dc57aaeeadadad1193969554f07d0f957
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://urlsand.esvalabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 18:14:35 GMT
referrer-policy
strict-origin
last-modified
Wed, 20 Jul 2022 06:50:32 GMT
server
nginx
etag
"62d7a5b8-6db"
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
feature-policy
fullscreen 'self'
content-security-policy
default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
1755
x-content-type-options
nosniff
logo.png
urlsand.esvalabs.com/templates/default/img/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://urlsand.esvalabs.com/templates/default/img/logo.png
Requested by
Host: urlsand.esvalabs.com
URL: https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jhn0x1Pe1-2F-2BCMcLQlgm32to5IOivOSZdJ8-2BSHIvrRSN_Z4nllQV2sLbvIe2xKPPf8v5u8jLwN2UAcZEgkH0O6V8l8-2FU65STavBx8d-2F-2BztyZPJ83WAkg-2BqPgTarSmoHcd-2Bht2DnpK9gi0CxfyxtKmqeYRHlJdKt28mwQZkq-2FBNwJmkmMLdbyOt7XecyM7tOe1e1VHh7GpqcWK3jCIsZ-2F-2BclUqc5c6dx9DTDuwvJmtJAzXZs6NGaf-2B9jx2Ar2BFTHf4eNGo9dT3eXRpi83ouCGhVZRLaeX9-2FeruXpZb8rLuEenAds5dDGLS9wyHr1jdONREvwyCMlizMp5HtWw7LIPyUNDr4mjLZpY2PglS3EtcFQc5zbpQdxntfNQQgTpfQ73OwAs6O0i3YfZ3qLQwx1eowkk0Rx4UJoqmLS8muobqPBpDnXwQo1T4i7IjViOBgi2nw-3D-3D&e=d02f10fa&h=16457eb4&f=y&p=y&l=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.110.136.136 Ponte San Pietro, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
net-80-211-49-112.cust.vodafonedsl.it
Software
nginx /
Resource Hash
81793beb150a889b0d407981e2c19a362cd56dead1445af5d314c7117d885ffc
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://urlsand.esvalabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 18:14:35 GMT
referrer-policy
strict-origin
last-modified
Wed, 20 Jul 2022 06:50:33 GMT
server
nginx
etag
"62d7a5b9-4b25"
x-frame-options
SAMEORIGIN
content-type
image/png
x-xss-protection
1; mode=block
feature-policy
fullscreen 'self'
content-security-policy
default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
19237
x-content-type-options
nosniff
polyfill.js
urlsand.esvalabs.com/js/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://urlsand.esvalabs.com/js/polyfill.js
Requested by
Host: urlsand.esvalabs.com
URL: https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jhn0x1Pe1-2F-2BCMcLQlgm32to5IOivOSZdJ8-2BSHIvrRSN_Z4nllQV2sLbvIe2xKPPf8v5u8jLwN2UAcZEgkH0O6V8l8-2FU65STavBx8d-2F-2BztyZPJ83WAkg-2BqPgTarSmoHcd-2Bht2DnpK9gi0CxfyxtKmqeYRHlJdKt28mwQZkq-2FBNwJmkmMLdbyOt7XecyM7tOe1e1VHh7GpqcWK3jCIsZ-2F-2BclUqc5c6dx9DTDuwvJmtJAzXZs6NGaf-2B9jx2Ar2BFTHf4eNGo9dT3eXRpi83ouCGhVZRLaeX9-2FeruXpZb8rLuEenAds5dDGLS9wyHr1jdONREvwyCMlizMp5HtWw7LIPyUNDr4mjLZpY2PglS3EtcFQc5zbpQdxntfNQQgTpfQ73OwAs6O0i3YfZ3qLQwx1eowkk0Rx4UJoqmLS8muobqPBpDnXwQo1T4i7IjViOBgi2nw-3D-3D&e=d02f10fa&h=16457eb4&f=y&p=y&l=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.110.136.136 Ponte San Pietro, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
net-80-211-49-112.cust.vodafonedsl.it
Software
nginx /
Resource Hash
b5ddb60604ac7c649070dc629ab1729ddfc0927463b3891d0d6c7d1b18419738
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://urlsand.esvalabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 18:14:35 GMT
referrer-policy
strict-origin
last-modified
Wed, 20 Jul 2022 06:50:32 GMT
server
nginx
etag
"62d7a5b8-4e3"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
feature-policy
fullscreen 'self'
content-security-policy
default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
1251
x-content-type-options
nosniff
helper.js
urlsand.esvalabs.com/js/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://urlsand.esvalabs.com/js/helper.js
Requested by
Host: urlsand.esvalabs.com
URL: https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jhn0x1Pe1-2F-2BCMcLQlgm32to5IOivOSZdJ8-2BSHIvrRSN_Z4nllQV2sLbvIe2xKPPf8v5u8jLwN2UAcZEgkH0O6V8l8-2FU65STavBx8d-2F-2BztyZPJ83WAkg-2BqPgTarSmoHcd-2Bht2DnpK9gi0CxfyxtKmqeYRHlJdKt28mwQZkq-2FBNwJmkmMLdbyOt7XecyM7tOe1e1VHh7GpqcWK3jCIsZ-2F-2BclUqc5c6dx9DTDuwvJmtJAzXZs6NGaf-2B9jx2Ar2BFTHf4eNGo9dT3eXRpi83ouCGhVZRLaeX9-2FeruXpZb8rLuEenAds5dDGLS9wyHr1jdONREvwyCMlizMp5HtWw7LIPyUNDr4mjLZpY2PglS3EtcFQc5zbpQdxntfNQQgTpfQ73OwAs6O0i3YfZ3qLQwx1eowkk0Rx4UJoqmLS8muobqPBpDnXwQo1T4i7IjViOBgi2nw-3D-3D&e=d02f10fa&h=16457eb4&f=y&p=y&l=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.110.136.136 Ponte San Pietro, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
net-80-211-49-112.cust.vodafonedsl.it
Software
nginx /
Resource Hash
6b9d2b61facecada8129475b245089790d9efb851a05fabc70ee2cb42c58d46b
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://urlsand.esvalabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 18:14:35 GMT
referrer-policy
strict-origin
last-modified
Wed, 20 Jul 2022 06:50:32 GMT
server
nginx
etag
"62d7a5b8-d47"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
feature-policy
fullscreen 'self'
content-security-policy
default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
3399
x-content-type-options
nosniff
redirect.js
urlsand.esvalabs.com/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://urlsand.esvalabs.com/js/redirect.js
Requested by
Host: urlsand.esvalabs.com
URL: https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jhn0x1Pe1-2F-2BCMcLQlgm32to5IOivOSZdJ8-2BSHIvrRSN_Z4nllQV2sLbvIe2xKPPf8v5u8jLwN2UAcZEgkH0O6V8l8-2FU65STavBx8d-2F-2BztyZPJ83WAkg-2BqPgTarSmoHcd-2Bht2DnpK9gi0CxfyxtKmqeYRHlJdKt28mwQZkq-2FBNwJmkmMLdbyOt7XecyM7tOe1e1VHh7GpqcWK3jCIsZ-2F-2BclUqc5c6dx9DTDuwvJmtJAzXZs6NGaf-2B9jx2Ar2BFTHf4eNGo9dT3eXRpi83ouCGhVZRLaeX9-2FeruXpZb8rLuEenAds5dDGLS9wyHr1jdONREvwyCMlizMp5HtWw7LIPyUNDr4mjLZpY2PglS3EtcFQc5zbpQdxntfNQQgTpfQ73OwAs6O0i3YfZ3qLQwx1eowkk0Rx4UJoqmLS8muobqPBpDnXwQo1T4i7IjViOBgi2nw-3D-3D&e=d02f10fa&h=16457eb4&f=y&p=y&l=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.110.136.136 Ponte San Pietro, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
net-80-211-49-112.cust.vodafonedsl.it
Software
nginx /
Resource Hash
1856e9eb336c1eb373538389dd55e7063d0c7598f2b1191c37c1bd1d7697c892
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://urlsand.esvalabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 18:14:35 GMT
referrer-policy
strict-origin
last-modified
Wed, 20 Jul 2022 06:50:32 GMT
server
nginx
etag
"62d7a5b8-71a"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
feature-policy
fullscreen 'self'
content-security-policy
default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
1818
x-content-type-options
nosniff
urlsandbox-dark.css
urlsand.esvalabs.com/templates/default/css/ 		184 KB
184 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://urlsand.esvalabs.com/templates/default/css/urlsandbox-dark.css
Requested by
Host: urlsand.esvalabs.com
URL: https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jhn0x1Pe1-2F-2BCMcLQlgm32to5IOivOSZdJ8-2BSHIvrRSN_Z4nllQV2sLbvIe2xKPPf8v5u8jLwN2UAcZEgkH0O6V8l8-2FU65STavBx8d-2F-2BztyZPJ83WAkg-2BqPgTarSmoHcd-2Bht2DnpK9gi0CxfyxtKmqeYRHlJdKt28mwQZkq-2FBNwJmkmMLdbyOt7XecyM7tOe1e1VHh7GpqcWK3jCIsZ-2F-2BclUqc5c6dx9DTDuwvJmtJAzXZs6NGaf-2B9jx2Ar2BFTHf4eNGo9dT3eXRpi83ouCGhVZRLaeX9-2FeruXpZb8rLuEenAds5dDGLS9wyHr1jdONREvwyCMlizMp5HtWw7LIPyUNDr4mjLZpY2PglS3EtcFQc5zbpQdxntfNQQgTpfQ73OwAs6O0i3YfZ3qLQwx1eowkk0Rx4UJoqmLS8muobqPBpDnXwQo1T4i7IjViOBgi2nw-3D-3D&e=d02f10fa&h=16457eb4&f=y&p=y&l=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.110.136.136 Ponte San Pietro, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
net-80-211-49-112.cust.vodafonedsl.it
Software
nginx /
Resource Hash
b4b3a8838d9785f30af74c5697192dd2f05ab486e0e9ef9ea074f1e3e4829a9c
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://urlsand.esvalabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 18:14:35 GMT
referrer-policy
strict-origin
last-modified
Wed, 20 Jul 2022 06:50:33 GMT
server
nginx
etag
"62d7a5b9-2dec3"
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
feature-policy
fullscreen 'self'
content-security-policy
default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
188099
x-content-type-options
nosniff
css
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400italic,700italic,400,700
Requested by
Host: urlsand.esvalabs.com
URL: https://urlsand.esvalabs.com/templates/default/css/urlsandbox.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
da8447216be92bd1f38585865c06dfb2715cbfabf0896549bdb6b89c8fa42981
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://urlsand.esvalabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 21 Jul 2022 17:12:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 21 Jul 2022 18:14:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 21 Jul 2022 18:14:35 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400italic,700italic,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://urlsand.esvalabs.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 23:10:25 GMT
x-content-type-options
nosniff
age
241451
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44800
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Jul 2023 23:10:25 GMT
/
urlsand.esvalabs.com/ 		696 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jhn0x1Pe1-2F-2BCMcLQlgm32to5IOivOSZdJ8-2BSHIvrRSN_Z4nllQV2sLbvIe2xKPPf8v5u8jLwN2UAcZEgkH0O6V8l8-2FU65STavBx8d-2F-2BztyZPJ83WAkg-2BqPgTarSmoHcd-2Bht2DnpK9gi0CxfyxtKmqeYRHlJdKt28mwQZkq-2FBNwJmkmMLdbyOt7XecyM7tOe1e1VHh7GpqcWK3jCIsZ-2F-2BclUqc5c6dx9DTDuwvJmtJAzXZs6NGaf-2B9jx2Ar2BFTHf4eNGo9dT3eXRpi83ouCGhVZRLaeX9-2FeruXpZb8rLuEenAds5dDGLS9wyHr1jdONREvwyCMlizMp5HtWw7LIPyUNDr4mjLZpY2PglS3EtcFQc5zbpQdxntfNQQgTpfQ73OwAs6O0i3YfZ3qLQwx1eowkk0Rx4UJoqmLS8muobqPBpDnXwQo1T4i7IjViOBgi2nw-3D-3D&e=d02f10fa&h=16457eb4&f=y&p=y&l=2
Requested by
Host: urlsand.esvalabs.com
URL: https://urlsand.esvalabs.com/js/helper.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.110.136.136 Ponte San Pietro, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
net-80-211-49-112.cust.vodafonedsl.it
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://urlsand.esvalabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 18:14:36 GMT
referrer-policy
strict-origin
server
nginx
x-frame-options
SAMEORIGIN
content-type
application/json
x-xss-protection
1; mode=block
cache-control
no-cache, private
feature-policy
fullscreen 'self'
content-security-policy
default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
Primary Request createbookings
app.dam-health.com/
Redirect Chain
  • https://trk.klclick3.com/ls/click?upn=tgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jh...
  • https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
23 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Requested by
Host: urlsand.esvalabs.com
URL: https://urlsand.esvalabs.com/js/redirect.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:367d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc4231df94b9c1256438f99fb25b70ed3d7f89ac5e66a85171129c977bd76ae4

Request headers

Referer
https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jhn0x1Pe1-2F-2BCMcLQlgm32to5IOivOSZdJ8-2BSHIvrRSN_Z4nllQV2sLbvIe2xKPPf8v5u8jLwN2UAcZEgkH0O6V8l8-2FU65STavBx8d-2F-2BztyZPJ83WAkg-2BqPgTarSmoHcd-2Bht2DnpK9gi0CxfyxtKmqeYRHlJdKt28mwQZkq-2FBNwJmkmMLdbyOt7XecyM7tOe1e1VHh7GpqcWK3jCIsZ-2F-2BclUqc5c6dx9DTDuwvJmtJAzXZs6NGaf-2B9jx2Ar2BFTHf4eNGo9dT3eXRpi83ouCGhVZRLaeX9-2FeruXpZb8rLuEenAds5dDGLS9wyHr1jdONREvwyCMlizMp5HtWw7LIPyUNDr4mjLZpY2PglS3EtcFQc5zbpQdxntfNQQgTpfQ73OwAs6O0i3YfZ3qLQwx1eowkk0Rx4UJoqmLS8muobqPBpDnXwQo1T4i7IjViOBgi2nw-3D-3D&e=d02f10fa&h=16457eb4&f=y&p=y&l=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
72e5ead449a759cb-MXP
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 21 Jul 2022 18:14:37 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare

Redirect headers

content-length
160
content-type
text/html; charset=utf-8
date
Thu, 21 Jul 2022 18:14:37 GMT
location
https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
server
nginx
via
1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
x-amz-cf-id
7KC-i-nfDqoimb6YZFZi11CPcS1UMAHN857VSwp3_Rh8WKnua2XZpQ==
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
x-robots-tag
noindex, nofollow
site.css
app.dam-health.com/css/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.dam-health.com/css/site.css
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:367d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58ae26e890e14f275e972b734698f027b0bdef95740e6a7e08c6782d1a78f287

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 18:14:37 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Wed, 29 Jun 2022 09:28:05 GMT
server
cloudflare
etag
W/"1d88b9a892b88a9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache
cf-polished
origSize=18473
cf-ray
72e5ead4da9659cb-MXP
cf-bgj
minify
css
fonts.googleapis.com/ 		8 KB
830 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a0ae09929605e6f45470f62f9ec51e9ec846c70ba08947c673728468044ca1f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 21 Jul 2022 17:19:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 21 Jul 2022 18:14:37 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 21 Jul 2022 18:14:37 GMT
MudBlazor.min.css
app.dam-health.com/_content/MudBlazor/ 		429 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.dam-health.com/_content/MudBlazor/MudBlazor.min.css?v=5.0.10
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:367d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
293f09d0d70a5f42427c86e4439ab21229f0e648aedd9d73f2f59868a411af54

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 18:14:37 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Wed, 29 Jun 2022 09:28:23 GMT
server
cloudflare
etag
W/"1d88b9a93e0e626"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache
cf-ray
72e5ead4daa259cb-MXP
default.css
cdn.jsdelivr.net/npm/mobile-drag-drop@2.3.0-rc.2/ 		260 B
997 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/mobile-drag-drop@2.3.0-rc.2/default.css
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78460a8d3512f692dd035f09657a924a9a44ff5053ba7107cb7fc51ce2986448
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 18:14:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
29969
x-jsd-version
2.3.0-rc.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19168-FRA, cache-cdg20724-CDG
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"104-2RPwG8pP5Fzg9LJq3RDrayzT0Io"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hbj1axJMB57%2FDuTjgc0w%2BDFdKAaw9UvdD4cv%2FYCSpruzbdxzg%2FBlrP3FMTrfWuXszJl%2F8YT3HtQS%2BfqJ7gcpKUPa6kmliCTTeD9NYD2TMABb%2FaRstQ%2F0S2K8igK5caZ6KK%2BLLPEABALdCqv17yY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
72e5ead52c3dbaab-MXP
access-control-expose-headers
*
default-base.css
app.dam-health.com/_content/Radzen.Blazor/css/ 		171 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.dam-health.com/_content/Radzen.Blazor/css/default-base.css
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:367d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2541adbf9880d55849e514e038587902dda461a8e4febc7e7d8d6925eb07d8dc

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 18:14:37 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Wed, 29 Jun 2022 09:28:28 GMT
server
cloudflare
etag
W/"1d88b9a96e2568a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache
cf-polished
origSize=200842
cf-ray
72e5ead4daa359cb-MXP
cf-bgj
minify
MudBlazor.min.js
app.dam-health.com/_content/MudBlazor/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.dam-health.com/_content/MudBlazor/MudBlazor.min.js?v=5.0.10
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:367d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7f84cfb80e3cf8b118e511442bc82caba2c0e47a0ac207f21d667498bca0dff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 18:14:37 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Wed, 29 Jun 2022 09:28:24 GMT
server
cloudflare
etag
W/"1d88b9a947ea4c3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
cf-ray
72e5ead4daa559cb-MXP
Radzen.Blazor.js
app.dam-health.com/_content/Radzen.Blazor/ 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.dam-health.com/_content/Radzen.Blazor/Radzen.Blazor.js
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:367d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20d82b5fbe95218afe9d88a276f1233c5c6ec551321651b232a28518e684f83b

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 18:14:37 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Wed, 29 Jun 2022 09:28:27 GMT
server
cloudflare
etag
W/"1d88b9a9648308e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
cf-polished
origSize=40718
cf-ray
72e5ead4daa659cb-MXP
cf-bgj
minify
/
js.stripe.com/v3/ 		314 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-63.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
c09ecc763b4797353a6eb7e76dde23bdcf6dc61905f227db31c8490c0b881f99
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
7
x-cache
Hit from cloudfront
date
Thu, 21 Jul 2022 18:14:31 GMT
via
1.1 b3bfeb8eb7405a05775de8861a4d117c.cloudfront.net (CloudFront)
last-modified
Thu, 21 Jul 2022 15:45:41 GMT
server
Cloudfront
etag
W/"af5868579e7c66e9871becbe0f5641f7"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-pop
FRA60-P2
timing-allow-origin
*
x-amz-cf-id
Rdx8wIosU691CzkOJMZJkgaqAbvjRnNCfZJ-Nv0juWp4aka9P7PwLQ==
blazor.server.js
app.dam-health.com/_framework/ 		269 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.dam-health.com/_framework/blazor.server.js
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:367d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d86d118d53132256a69e07b133ff73c3c9d37877a4b4449bb0de792a8c73f8d1

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 18:14:37 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Thu, 15 Jul 2021 17:56:21 GMT
server
cloudflare
etag
W/"1d779a2b80d6355"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
cf-polished
origSize=275413
cf-ray
72e5ead4daa859cb-MXP
cf-bgj
minify
protectedBrowserStorage.js
app.dam-health.com/_content/Microsoft.AspNetCore.ProtectedBrowserStorage/ 		210 B
317 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.dam-health.com/_content/Microsoft.AspNetCore.ProtectedBrowserStorage/protectedBrowserStorage.js
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:367d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd2bcb205da28f2725ed5344849a7c96aa79f845bc09b3558ef599ed88e6d75d

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 18:14:37 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Wed, 29 Jun 2022 09:28:24 GMT
server
cloudflare
etag
W/"1d88b9a947ed27d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
cf-polished
origSize=15997
cf-ray
72e5ead4daaa59cb-MXP
cf-bgj
minify
jquery.min.js
app.dam-health.com/scripts/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.dam-health.com/scripts/jquery.min.js
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:367d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3a518dea876de39f9e5dc1ffcdeb6c661aee25d8a62474386b664ef3bf1b40f

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 18:14:37 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Wed, 29 Jun 2022 09:28:13 GMT
server
cloudflare
etag
W/"1d88b9a8df12605"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
cf-ray
72e5ead4daab59cb-MXP
html2pdf.bundle.js
app.dam-health.com/scripts/ 		559 KB
150 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.dam-health.com/scripts/html2pdf.bundle.js
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:367d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc128fd6f3e291c41c72421b8be392d274a7a16bddb377e7f40a3dcf74724821

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 18:14:37 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Wed, 29 Jun 2022 09:28:13 GMT
server
cloudflare
etag
W/"1d88b9a8dface1c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
cf-polished
origSize=703132
cf-ray
72e5ead4daac59cb-MXP
cf-bgj
minify
index.min.js
cdn.jsdelivr.net/npm/mobile-drag-drop@2.3.0-rc.2/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/mobile-drag-drop@2.3.0-rc.2/index.min.js
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de9f5cd8299bb2ba0384e79344bf545f74d498ff2085fe187ee4031267d9e83f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 18:14:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
fastly-original-body-size
3842
age
29969
x-jsd-version
2.3.0-rc.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19126-FRA, cache-cdg20729-CDG
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"29c5-VnwgYfLywwpMuAl6HfFqoynL3HE"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uPalCJoEm75OE%2BoG8ErAGRhWvO80boOQEWhjoVjceqGJcOPDgsdsjOiHir92pRfC7iLSZEBi9megMU4wnp51bt8%2F4QKdhfr041DMVXxfOOWwfgYwoZKxIvjSuVjtcjBQ%2F5c3dDbhEaOeoUAj21s%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
72e5ead52c3fbaab-MXP
xlsx.full.min.js
app.dam-health.com/scripts/ 		917 KB
325 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.dam-health.com/scripts/xlsx.full.min.js
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:367d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bff01a76f15f0387a5dc5ee2bfa6ff8759520f574053b2a3088d68f797c9f66

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 18:14:37 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Wed, 29 Jun 2022 09:28:14 GMT
server
cloudflare
etag
W/"1d88b9a8e875849"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
cf-ray
72e5ead4daad59cb-MXP
FileSaver.js
cdnjs.cloudflare.com/ajax/libs/FileSaver.js/2.0.5/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/FileSaver.js/2.0.5/FileSaver.js
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6060c139808ad689ae6f055ea65eb8eaa90314fcceda72af727a369a7e69f263
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 18:14:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
943805
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1960
timing-allow-origin
*
last-modified
Thu, 19 Nov 2020 15:31:13 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fb68fc1-1809"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wBsvMYSvsCABvUnH82tLiZrbYcgK1cBP90NrMNG0ZY0KTq2qUssHIpNKNmCCTqb5iMtrQOy6p%2FAUK2QbjWsLM5rARATae4kKllt%2B0EouFoYeXN3rk9EQAc5lRb12BpmQrXvXJRyFeic%2BlbCTl7B8n%2B6x"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
72e5ead52cf2bb20-MXP
expires
Tue, 11 Jul 2023 18:14:37 GMT
tableexport.js
cdnjs.cloudflare.com/ajax/libs/TableExport/5.2.0/js/ 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/TableExport/5.2.0/js/tableexport.js
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
499c2356e5692760d4ae5e42cf06988e7e74317d556645522ffbb29e6b6b5782
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 18:14:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
43343
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9177
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:02 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03cf2-9aae"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ojd1qKxbDMKMzppwmh88ajJAiwqppJK4ELUZBpZTedGsOUL1FhzPKS8uihEVQVE8v7esafLWopGJULCMqaDsGBgVUC%2BgAJLQnTTRVEVbbiTGIHBpEqTRNjuiylm%2BnjJng87edtpEZbiSmUmg%2BqXAGt8g"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
72e5ead52cf7bb20-MXP
expires
Tue, 11 Jul 2023 18:14:37 GMT
open-iconic-bootstrap.min.css
app.dam-health.com/css/open-iconic/font/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.dam-health.com/css/open-iconic/font/css/open-iconic-bootstrap.min.css
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/css/site.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:367d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
049fc6f9efb2edb41dad8912d91053c8d7c11e903d22e19a3e67fd86db9be4c4

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/css/site.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 18:14:37 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Wed, 29 Jun 2022 09:28:42 GMT
server
cloudflare
etag
W/"1d88b9a9f39a5b3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache
cf-ray
72e5ead5ec4459cb-MXP
ao6oiy1hcp
www.clarity.ms/tag/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/ao6oiy1hcp
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:1959 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
6d7b184aa4f1ea97ba0ffb9792441817182a1219b0ac194f58f7a940ac7fcf7a

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 18:14:37 GMT
x-powered-by
ASP.NET
x-azure-ref
0jpfZYgAAAADDlBNCGyE1T5UHAivg3ohBUk9NMzBFREdFMDgxOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
request-context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
content-length
1365
expires
-1
gtm.js
www.googletagmanager.com/ 		144 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5F275K6
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e79090c29e6754693e80eb490586f07784d84c5880f8c73f571b364bc35fb48b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 18:14:37 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55433
x-xss-protection
0
expires
Thu, 21 Jul 2022 18:14:37 GMT
negotiate
app.dam-health.com/_blazor/ 		316 B
297 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app.dam-health.com/_blazor/negotiate?negotiateVersion=1
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/_framework/blazor.server.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:367d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
581eac5df6eab3a823eb168a4d2ba96f309ca961d6c861748dad21ea89fed9b1

Request headers

Referer
https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
X-Requested-With
XMLHttpRequest
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
X-SignalR-User-Agent
Microsoft SignalR/0.0 (0.0.0-DEV_BUILD; Unknown OS; Browser; Unknown Runtime Version)
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 21 Jul 2022 18:14:38 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
72e5ead6fe1c59cb-MXP
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/json
Oakes.ttf
app.dam-health.com/fonts/ 		231 KB
231 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.dam-health.com/fonts/Oakes.ttf
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/css/site.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:367d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
515f70ce3d03819a65e1696c947edcb97140fe6f390d8487fd2a5ed1e89835d7

Request headers

Referer
https://app.dam-health.com/css/site.css
Origin
https://app.dam-health.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 18:14:38 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 29 Jun 2022 09:28:08 GMT
server
cloudflare
etag
"1d88b9a8af61ef0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-font-ttf
cache-control
no-cache
accept-ranges
bytes
cf-ray
72e5ead7bf1a59cb-MXP
content-length
236272
m-outer-fb68bef34c647b6101d72d7384daf13e.html
js.stripe.com/v3/ Frame 88D2 		240 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-fb68bef34c647b6101d72d7384daf13e.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-63.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
bbfc7005ee4eb5fef99f20efdef90eaf05f38182e444b1718078281bab6ea339
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://app.dam-health.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
104
cache-control
max-age=31536000
content-length
240
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 21 Jul 2022 18:12:55 GMT
etag
"fb68bef34c647b6101d72d7384daf13e"
last-modified
Thu, 21 Jul 2022 15:10:10 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 b3bfeb8eb7405a05775de8861a4d117c.cloudfront.net (CloudFront)
x-amz-cf-id
aitp4iwtQu-tu7xHnrxgUnNlN0evtgz4q7x-2sQ7gDPWSPKYzkFh6A==
x-amz-cf-pop
FRA60-P2
x-cache
Hit from cloudfront
x-content-type-options
nosniff
invisible.js
app.dam-health.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 0093 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.dam-health.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1658419200
Requested by
Host: urlsand.esvalabs.com
URL: https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jhn0x1Pe1-2F-2BCMcLQlgm32to5IOivOSZdJ8-2BSHIvrRSN_Z4nllQV2sLbvIe2xKPPf8v5u8jLwN2UAcZEgkH0O6V8l8-2FU65STavBx8d-2F-2BztyZPJ83WAkg-2BqPgTarSmoHcd-2Bht2DnpK9gi0CxfyxtKmqeYRHlJdKt28mwQZkq-2FBNwJmkmMLdbyOt7XecyM7tOe1e1VHh7GpqcWK3jCIsZ-2F-2BclUqc5c6dx9DTDuwvJmtJAzXZs6NGaf-2B9jx2Ar2BFTHf4eNGo9dT3eXRpi83ouCGhVZRLaeX9-2FeruXpZb8rLuEenAds5dDGLS9wyHr1jdONREvwyCMlizMp5HtWw7LIPyUNDr4mjLZpY2PglS3EtcFQc5zbpQdxntfNQQgTpfQ73OwAs6O0i3YfZ3qLQwx1eowkk0Rx4UJoqmLS8muobqPBpDnXwQo1T4i7IjViOBgi2nw-3D-3D&e=d02f10fa&h=16457eb4&f=y&p=y&l=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:367d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cd3de2358ec13687c284498c5643bef72467cd43c9ef0631d7b98668729dc37

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 18:14:38 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
72e5ead7cf3559cb-MXP
csp-report
q.stripe.com/ Frame 88D2 		0
570 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: urlsand.esvalabs.com
URL: https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jhn0x1Pe1-2F-2BCMcLQlgm32to5IOivOSZdJ8-2BSHIvrRSN_Z4nllQV2sLbvIe2xKPPf8v5u8jLwN2UAcZEgkH0O6V8l8-2FU65STavBx8d-2F-2BztyZPJ83WAkg-2BqPgTarSmoHcd-2Bht2DnpK9gi0CxfyxtKmqeYRHlJdKt28mwQZkq-2FBNwJmkmMLdbyOt7XecyM7tOe1e1VHh7GpqcWK3jCIsZ-2F-2BclUqc5c6dx9DTDuwvJmtJAzXZs6NGaf-2B9jx2Ar2BFTHf4eNGo9dT3eXRpi83ouCGhVZRLaeX9-2FeruXpZb8rLuEenAds5dDGLS9wyHr1jdONREvwyCMlizMp5HtWw7LIPyUNDr4mjLZpY2PglS3EtcFQc5zbpQdxntfNQQgTpfQ73OwAs6O0i3YfZ3qLQwx1eowkk0Rx4UJoqmLS8muobqPBpDnXwQo1T4i7IjViOBgi2nw-3D-3D&e=d02f10fa&h=16457eb4&f=y&p=y&l=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 21 Jul 2022 18:14:38 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
2
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 88D2 		0
571 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: urlsand.esvalabs.com
URL: https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jhn0x1Pe1-2F-2BCMcLQlgm32to5IOivOSZdJ8-2BSHIvrRSN_Z4nllQV2sLbvIe2xKPPf8v5u8jLwN2UAcZEgkH0O6V8l8-2FU65STavBx8d-2F-2BztyZPJ83WAkg-2BqPgTarSmoHcd-2Bht2DnpK9gi0CxfyxtKmqeYRHlJdKt28mwQZkq-2FBNwJmkmMLdbyOt7XecyM7tOe1e1VHh7GpqcWK3jCIsZ-2F-2BclUqc5c6dx9DTDuwvJmtJAzXZs6NGaf-2B9jx2Ar2BFTHf4eNGo9dT3eXRpi83ouCGhVZRLaeX9-2FeruXpZb8rLuEenAds5dDGLS9wyHr1jdONREvwyCMlizMp5HtWw7LIPyUNDr4mjLZpY2PglS3EtcFQc5zbpQdxntfNQQgTpfQ73OwAs6O0i3YfZ3qLQwx1eowkk0Rx4UJoqmLS8muobqPBpDnXwQo1T4i7IjViOBgi2nw-3D-3D&e=d02f10fa&h=16457eb4&f=y&p=y&l=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 21 Jul 2022 18:14:38 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
m-outer-b6e41e49c837f14f296f2e1110004af9.js
js.stripe.com/v3/fingerprinted/js/ Frame 88D2 		526 B
1022 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-b6e41e49c837f14f296f2e1110004af9.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-fb68bef34c647b6101d72d7384daf13e.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-63.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://js.stripe.com/v3/m-outer-fb68bef34c647b6101d72d7384daf13e.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
via
1.1 b3bfeb8eb7405a05775de8861a4d117c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
38
x-cache
Hit from cloudfront
date
Thu, 21 Jul 2022 18:14:01 GMT
content-length
526
last-modified
Thu, 21 Jul 2022 15:10:09 GMT
server
Cloudfront
etag
"d96c709017743c0759cf3853d1806ba5"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
fqRvTsQRvAqITElAtcP_2MiIVM70QKxEtszh-xrlGW5fFgItFcCsfQ==
pica.js
app.dam-health.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame 0093 		20 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://app.dam-health.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:367d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92f6f3f955ff43a2db2f043d65806c2ffdefc51e031a26146e62834b02712ac3

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 18:14:38 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=604800, public
x-control-type-options
nosniff
cf-ray
72e5ead81f9359cb-MXP
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5F275K6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4358
date
Thu, 21 Jul 2022 17:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 21 Jul 2022 19:02:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5F275K6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 18:14:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15160
x-xss-protection
0
server
cafe
etag
9823212955285023900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 21 Jul 2022 18:14:38 GMT
inner.html
m.stripe.network/ Frame E425 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-b6e41e49c837f14f296f2e1110004af9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-120.fra56.r.cloudfront.net
Software
Cloudfront /
Resource Hash
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

accept-ranges
bytes
age
79
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 21 Jul 2022 18:13:19 GMT
etag
"fc2e029628f163bb59adc6fa5a31161c"
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
x-amz-cf-id
h_OqvbX-YwxfX6MoTJFSo4Xw-3DLYZCWVt8WcYBBKBssm8jNigwHnA==
x-amz-cf-pop
FRA56-P4
x-cache
Hit from cloudfront
x-content-type-options
nosniff
clarity.js
www.clarity.ms/eus2-d/s/0.6.36/ 		52 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus2-d/s/0.6.36/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/ao6oiy1hcp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:1959 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
e8aff6a8426e2182081c0e696ff05c3b10eeb43716fe56bbc9f8b3b3069c6736

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 18:14:37 GMT
content-encoding
br
etag
"1d897c159e34826"
last-modified
Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
x-azure-ref
0jpfZYgAAAADkNEMG+49iS45RTkVy5qAoUk9NMzBFREdFMDgxOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges
bytes
request-context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
72e5ead449a759cb
app.dam-health.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 0093 		2 B
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.dam-health.com/cdn-cgi/challenge-platform/h/b/cv/result/72e5ead449a759cb
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1658419200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:367d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 21 Jul 2022 18:14:38 GMT
content-encoding
gzip
server
cloudflare
cf-ray
72e5ead9eace59cb-MXP
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/plain; charset=UTF-8
csp-report
q.stripe.com/ Frame E425 		0
344 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: urlsand.esvalabs.com
URL: https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jhn0x1Pe1-2F-2BCMcLQlgm32to5IOivOSZdJ8-2BSHIvrRSN_Z4nllQV2sLbvIe2xKPPf8v5u8jLwN2UAcZEgkH0O6V8l8-2FU65STavBx8d-2F-2BztyZPJ83WAkg-2BqPgTarSmoHcd-2Bht2DnpK9gi0CxfyxtKmqeYRHlJdKt28mwQZkq-2FBNwJmkmMLdbyOt7XecyM7tOe1e1VHh7GpqcWK3jCIsZ-2F-2BclUqc5c6dx9DTDuwvJmtJAzXZs6NGaf-2B9jx2Ar2BFTHf4eNGo9dT3eXRpi83ouCGhVZRLaeX9-2FeruXpZb8rLuEenAds5dDGLS9wyHr1jdONREvwyCMlizMp5HtWw7LIPyUNDr4mjLZpY2PglS3EtcFQc5zbpQdxntfNQQgTpfQ73OwAs6O0i3YfZ3qLQwx1eowkk0Rx4UJoqmLS8muobqPBpDnXwQo1T4i7IjViOBgi2nw-3D-3D&e=d02f10fa&h=16457eb4&f=y&p=y&l=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 18:14:38 GMT
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
4
x-robots-tag
none
content-length
0
x-content-type-options
nosniff
expires
0
out-4.5.42.js
m.stripe.network/ Frame E425 		86 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.42.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-120.fra56.r.cloudfront.net
Software
Cloudfront /
Resource Hash
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
age
240
date
Thu, 21 Jul 2022 18:10:40 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
via
1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
cache-control
max-age=300, public
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
5WzAnOp9JobINZaYZRUKVOuZVDzBRcMrUqTv6nGgCTqpKARoidW75A==
etag
W/"21df7244385e5c0bdf32da01d0dad6c0"
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/457076487/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/457076487/?random=1658427278381&cv=9&fst=1658427278381&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7i0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fapp.dam-health.com%2Fcreatebookings%3FproductID%3D10012%26_kx%3DILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm&ref=https%3A%2F%2Furlsand.esvalabs.com%2F&tiba=DAM%20Health&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d3e3fbb9eeceb140ab00b2b95746cd7c7ad288998c006efb7584aee21eadb2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 18:14:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1127
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=84564257&t=pageview&_s=1&dl=https%3A%2F%2Fapp.dam-health.com%2Fcreatebookings%3FproductID%3D10012%26_kx%3DILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm&dr=https%3A%2F%2Furlsand.esvalabs.com%2F&ul=en-us&de=UTF-8&dt=DAM%20Health&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=302877096&gjid=1390942603&cid=1513563775.1658427278&tid=UA-185774809-1&_gid=1330933910.1658427278&_r=1&gtm=2wg7i05F275K6&z=85384959
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://app.dam-health.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 18:14:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.dam-health.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
j.clarity.ms/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://j.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-d/s/0.6.36/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://app.dam-health.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
https://app.dam-health.com
date
Thu, 21 Jul 2022 18:14:38 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
6
m.stripe.com/ Frame E425 		156 B
522 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.217.199.81 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-217-199-81.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
8562bba6bc808bcf254cd6fe6db3ea63e9c6accb1a3222ea860b54f7a27f0646
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 21 Jul 2022 18:14:39 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
application/json;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
collect
stats.g.doubleclick.net/j/ 		4 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-185774809-1&cid=1513563775.1658427278&jid=302877096&gjid=1390942603&_gid=1330933910.1658427278&_u=YEBAAEAAAAAAAC~&z=336008618
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b4cd4f889e2c7dd71da12d2b0a29aa6346de2e5d8b3c882d7700d64c700f661d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://app.dam-health.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 21 Jul 2022 18:14:38 GMT
content-type
text/plain
access-control-allow-origin
https://app.dam-health.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/457076487/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/457076487/?random=1658427278381&cv=9&fst=1658426400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7i0&sendb=1&frm=0&url=https%3A%2F%2Fapp.dam-health.com%2Fcreatebookings%3FproductID%3D10012%26_kx%3DILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm&ref=https%3A%2F%2Furlsand.esvalabs.com%2F&tiba=DAM%20Health&async=1&fmt=3&is_vtc=1&random=3760120526&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 18:14:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.it/pagead/1p-user-list/457076487/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.it/pagead/1p-user-list/457076487/?random=1658427278381&cv=9&fst=1658426400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7i0&sendb=1&frm=0&url=https%3A%2F%2Fapp.dam-health.com%2Fcreatebookings%3FproductID%3D10012%26_kx%3DILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm&ref=https%3A%2F%2Furlsand.esvalabs.com%2F&tiba=DAM%20Health&async=1&fmt=3&is_vtc=1&random=3760120526&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 18:14:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
logoDam.png
app.dam-health.com/images/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.dam-health.com/images/logoDam.png
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:367d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
923abde875568ae7cbcae0053f41dd38ac7650475ea9c0c6332ae38805f109f2

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 18:14:38 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 29 Jun 2022 09:28:09 GMT
server
cloudflare
etag
"1d88b9a8b8e35f6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
cf-ray
72e5eadbbd4a59cb-MXP
content-length
12150
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://app.dam-health.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 19:07:55 GMT
x-content-type-options
nosniff
age
256003
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Jul 2023 19:07:55 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-185774809-1&cid=1513563775.1658427278&jid=302877096&_u=YEBAAEAAAAAAAC~&z=296525486
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 18:14:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.it/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.it/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-185774809-1&cid=1513563775.1658427278&jid=302877096&_u=YEBAAEAAAAAAAC~&z=296525486
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 18:14:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=442105065B0E4AF58BFEAFFBC52C6EEC&RedC=c.clarity.ms&MXFR=181DFFB1427D68181981EE59467D66D4
  • https://c.clarity.ms/c.gif?CtsSyncId=442105065B0E4AF58BFEAFFBC52C6EEC&MUID=00FBD37556FA69E912F6C29D570F681D
42 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=442105065B0E4AF58BFEAFFBC52C6EEC&MUID=00FBD37556FA69E912F6C29D570F681D
Protocol
H2
Server
20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 18:14:38 GMT
last-modified
Wed, 13 Jul 2022 17:48:59 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"96611cd5e096d81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 21 Jul 2022 18:14:38 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 219ACBD18DBB4EE9B091172FCA3598DC Ref B: AMBEDGE0820 Ref C: 2022-07-21T18:14:39Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=442105065B0E4AF58BFEAFFBC52C6EEC&MUID=00FBD37556FA69E912F6C29D570F681D
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
collect
j.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://j.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-d/s/0.6.36/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://app.dam-health.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
https://app.dam-health.com
date
Thu, 21 Jul 2022 18:14:39 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| clarity object| dataLayer function| mudHandlePortal function| mudGetAnchorStyle function| mudCorrectAnchorBoundaries function| mudShallowClone object| mudElementRef object| mudThrottledEventManager object| mudEventProjections function| getTabbableElements function| serializeParameter object| mudResizeListener object| mudResizeObserver object| mudScrollListener object| mudScrollManager object| mudScrollSpy object| mudWindow object| resolveCallbacks object| rejectCallbacks object| Radzen object| webpackChunkstripe_js_v3 function| Stripe object| DotNet object| Blazor function| setImmediate function| clearImmediate object| protectedBrowserStorage function| $ function| jQuery function| ChoiceField function| ListBox function| ComboBox function| EditBox function| Button function| PushButton function| RadioButton function| CheckBox function| TextField function| PasswordField object| AcroForm function| _jzlib_Deflater function| Deflater function| RGBColor function| PNG function| html2pdf object| MobileDragDrop boolean| DO_NOT_EXPORT_CODEPAGE boolean| DO_NOT_EXPORT_JSZIP object| cptable object| XLSX function| make_xlsx_lib object| XLS object| ODS function| JSZipSync function| saveAs object| FileSaver function| TableExport object| GLOBAL object| stripe function| triggerFileDownload function| reloadapplication function| SetDotnetReference function| togglemenu function| stripeCheckout function| viewInStripe function| getDimensions function| addClickEvents function| reloadSchedulerData function| getGeoLocations function| createNavigationList function| scrollToDate function| scrollToControl function| scrollToTop function| setChipSetMargin function| adjustHeight function| downloadReport function| downloadTable function| downloadCertificate object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| gaplugins object| gaGlobal object| gaData

17 Cookies

Domain/Path Name / Value
app.dam-health.com/ Name: .AspNetCore.Culture
Value: c%3Den-GB%7Cuic%3Den-GB
.dam-health.com/ Name: _gcl_au
Value: 1.1.29797508.1658427278
www.clarity.ms/ Name: CLID
Value: 05e383bcdfbb4b8792b89bb4ba17fd54.20220721.20230721
.dam-health.com/ Name: _ga
Value: GA1.2.1513563775.1658427278
.dam-health.com/ Name: _gid
Value: GA1.2.1330933910.1658427278
.dam-health.com/ Name: _gat_UA-185774809-1
Value: 1
.dam-health.com/ Name: _clck
Value: u0rqnp|1|f3c|0
.dam-health.com/ Name: __cf_bm
Value: iDeaePpcBZbjARyQkz9_eJC6BaS1u.F1gxSF00pVmL8-1658427278-0-AZM/fUxdh4bTtRB7mjamA6t1bQ2oJXkoRqDLKh0w8x5+Woj08T+HFRt+peW9IG9gHG45WsIDJSQEKqnOr7xRzQwTl3gpLXgCxA6znq9Z+Lmbxw+rV1ArknDakbortwqpRg==
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.dam-health.com/ Name: _clsk
Value: 1j7biq7|1658427278956|1|1|j.clarity.ms/collect
m.stripe.com/ Name: m
Value: f9a3fa70-2c77-463c-b104-b726c092e23ebb514d
.app.dam-health.com/ Name: __stripe_mid
Value: 47bc677a-6def-4641-81c0-1012ce3bc30c34a050
.app.dam-health.com/ Name: __stripe_sid
Value: d734bd88-cafd-4feb-a293-12f779de25724a094f
.c.bing.com/ Name: SRM_B
Value: 00FBD37556FA69E912F6C29D570F681D
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 00FBD37556FA69E912F6C29D570F681D
.c.clarity.ms/ Name: ANONCHK
Value: 0

1 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.dam-health.com
c.bing.com
c.clarity.ms
cdn.jsdelivr.net
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
j.clarity.ms
js.stripe.com
m.stripe.com
m.stripe.network
q.stripe.com
stats.g.doubleclick.net
trk.klclick3.com
urlsand.esvalabs.com
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.it
www.googleadservices.com
www.googletagmanager.com
172.217.23.98
18.66.122.63
20.234.93.27
20.85.30.134
2600:9000:223c:d000:9:ec94:b800:93a1
2606:4700:10::6816:367d
2606:4700::6810:5614
2606:4700::6811:180e
2620:1ec:27::cafe:1959
2620:1ec:c11::200
2a00:1450:4001:801::200e
2a00:1450:4001:802::2003
2a00:1450:4001:809::2002
2a00:1450:4001:809::200a
2a00:1450:4001:80b::2004
2a00:1450:4001:80f::2008
2a00:1450:4001:827::2003
2a00:1450:400c:c06::9b
34.217.199.81
52.222.236.120
54.187.159.182
95.110.136.136
049fc6f9efb2edb41dad8912d91053c8d7c11e903d22e19a3e67fd86db9be4c4
0cd3de2358ec13687c284498c5643bef72467cd43c9ef0631d7b98668729dc37
1856e9eb336c1eb373538389dd55e7063d0c7598f2b1191c37c1bd1d7697c892
20d82b5fbe95218afe9d88a276f1233c5c6ec551321651b232a28518e684f83b
2541adbf9880d55849e514e038587902dda461a8e4febc7e7d8d6925eb07d8dc
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
293f09d0d70a5f42427c86e4439ab21229f0e648aedd9d73f2f59868a411af54
2bff01a76f15f0387a5dc5ee2bfa6ff8759520f574053b2a3088d68f797c9f66
3661b0abad108b1e162b750119e065a1bc24b379ed4371a0daf807ee3567534c
499c2356e5692760d4ae5e42cf06988e7e74317d556645522ffbb29e6b6b5782
515f70ce3d03819a65e1696c947edcb97140fe6f390d8487fd2a5ed1e89835d7
581eac5df6eab3a823eb168a4d2ba96f309ca961d6c861748dad21ea89fed9b1
58ae26e890e14f275e972b734698f027b0bdef95740e6a7e08c6782d1a78f287
6060c139808ad689ae6f055ea65eb8eaa90314fcceda72af727a369a7e69f263
6b9d2b61facecada8129475b245089790d9efb851a05fabc70ee2cb42c58d46b
6d7b184aa4f1ea97ba0ffb9792441817182a1219b0ac194f58f7a940ac7fcf7a
78460a8d3512f692dd035f09657a924a9a44ff5053ba7107cb7fc51ce2986448
81793beb150a889b0d407981e2c19a362cd56dead1445af5d314c7117d885ffc
8562bba6bc808bcf254cd6fe6db3ea63e9c6accb1a3222ea860b54f7a27f0646
8d3e3fbb9eeceb140ab00b2b95746cd7c7ad288998c006efb7584aee21eadb2b
923abde875568ae7cbcae0053f41dd38ac7650475ea9c0c6332ae38805f109f2
92f6f3f955ff43a2db2f043d65806c2ffdefc51e031a26146e62834b02712ac3
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a0ae09929605e6f45470f62f9ec51e9ec846c70ba08947c673728468044ca1f0
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb
b4b3a8838d9785f30af74c5697192dd2f05ab486e0e9ef9ea074f1e3e4829a9c
b4cd4f889e2c7dd71da12d2b0a29aa6346de2e5d8b3c882d7700d64c700f661d
b5ddb60604ac7c649070dc629ab1729ddfc0927463b3891d0d6c7d1b18419738
b7f84cfb80e3cf8b118e511442bc82caba2c0e47a0ac207f21d667498bca0dff
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
bbfc7005ee4eb5fef99f20efdef90eaf05f38182e444b1718078281bab6ea339
bc4231df94b9c1256438f99fb25b70ed3d7f89ac5e66a85171129c977bd76ae4
c09ecc763b4797353a6eb7e76dde23bdcf6dc61905f227db31c8490c0b881f99
d3a518dea876de39f9e5dc1ffcdeb6c661aee25d8a62474386b664ef3bf1b40f
d86d118d53132256a69e07b133ff73c3c9d37877a4b4449bb0de792a8c73f8d1
da8447216be92bd1f38585865c06dfb2715cbfabf0896549bdb6b89c8fa42981
dd2bcb205da28f2725ed5344849a7c96aa79f845bc09b3558ef599ed88e6d75d
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de9f5cd8299bb2ba0384e79344bf545f74d498ff2085fe187ee4031267d9e83f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e79090c29e6754693e80eb490586f07784d84c5880f8c73f571b364bc35fb48b
e8aff6a8426e2182081c0e696ff05c3b10eeb43716fe56bbc9f8b3b3069c6736
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2053a1d0fd885c22858bdf85f379b2be45b659315ff08413fdca0cf933e9b8a
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fb55650bbb7a33af4f2925696ef0765dc57aaeeadadad1193969554f07d0f957
fc128fd6f3e291c41c72421b8be392d274a7a16bddb377e7f40a3dcf74724821