urlscan.io logo urlscan.io
SecurityTrails logo

oav.worklife.io Open in urlscan Pro
15.188.43.237  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://oav-worklife.io/
Effective URL: https://oav.worklife.io/
Submission: On July 03 via api from US — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 6 domains to perform 29 HTTP transactions. The main IP is 15.188.43.237, located in Paris, France and belongs to AMAZON-02, US. The main domain is oav.worklife.io.
TLS certificate: Issued by Amazon RSA 2048 M03 on June 25th 2024. Valid for: a year.
This is the only time oav.worklife.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 24 15.188.43.237 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.85.65.24 16509 (AMAZON-02)
1 18.66.192.32 16509 (AMAZON-02)
1 54.230.228.64 16509 (AMAZON-02)
1 54.230.228.24 16509 (AMAZON-02)
1 52.208.243.88 16509 (AMAZON-02)
29 7
24    15.188.43.237 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-43-237.eu-west-3.compute.amazonaws.com
oav-worklife.io
oav.worklife.io
1    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    52.85.65.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-65-24.muc50.r.cloudfront.net
assets.worklife.care
1    18.66.192.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-32.muc50.r.cloudfront.net
static.hotjar.com
1    54.230.228.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-228-64.muc50.r.cloudfront.net
script.hotjar.com
1    54.230.228.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-228-24.muc50.r.cloudfront.net
vc.hotjar.io
1    52.208.243.88 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-243-88.eu-west-1.compute.amazonaws.com
content.hotjar.io
Apex Domain
Subdomains		 Transfer
23 worklife.io
oav.worklife.io
926 KB
2 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 3549
content.hotjar.io — Cisco Umbrella Rank: 6487
403 B
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 894
script.hotjar.com — Cisco Umbrella Rank: 1260
60 KB
1 worklife.care
assets.worklife.care
45 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81
67 KB
1 oav-worklife.io
oav-worklife.io
113 B
29 6
Domain Requested by
23 oav.worklife.io oav.worklife.io
1 content.hotjar.io script.hotjar.com
1 vc.hotjar.io script.hotjar.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com www.googletagmanager.com
1 assets.worklife.care oav.worklife.io
1 www.googletagmanager.com oav.worklife.io
1 oav-worklife.io 1 redirects
29 8

This site contains no links.

Subject Issuer Validity Valid
oav.worklife.io
Amazon RSA 2048 M03		 2024-06-25 -
2025-07-24		 a year crt.sh
*.google-analytics.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.worklife.care
Amazon RSA 2048 M01		 2023-09-11 -
2024-10-09		 a year crt.sh
*.hotjar.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh
*.hotjar.io
Amazon ECDSA 256 M02		 2024-02-07 -
2025-03-08		 a year crt.sh

This page contains 1 frames:

Primary Page: https://oav.worklife.io/
Frame ID: 8FA453AFBF77E0E9559B9248505B64CC
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Worklife - outil d'aide à la vente

Page URL History Show full URLs

  1. https://oav-worklife.io/ HTTP 302
    http://oav.worklife.io/ HTTP 307
    https://oav.worklife.io/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

29
Requests

100 %
HTTPS

14 %
IPv6

6
Domains

8
Subdomains

7
IPs

4
Countries

1097 kB
Transfer

1364 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://oav-worklife.io/ HTTP 302
    http://oav.worklife.io/ HTTP 307
    https://oav.worklife.io/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
oav.worklife.io/
Redirect Chain
  • https://oav-worklife.io/
  • http://oav.worklife.io/
  • https://oav.worklife.io/
4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://oav.worklife.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.188.43.237 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-43-237.eu-west-3.compute.amazonaws.com
Software
/
Resource Hash
dce8ad3ed96d807ee69daefe1a7a932e7acb2b6196cd1a81f6f836b203b76209
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: data: wss:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://js.stripe.com https://*.hotjar.com https://*.hotjar.io https://js.appboycdn.com https://cdn.segment.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.google-analytics.com https://static.zdassets.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://www.googletagmanager.com; upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none'; report-uri https://worklife.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
content-length
4399
content-security-policy
default-src 'self' https: data: wss:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://js.stripe.com https://*.hotjar.com https://*.hotjar.io https://js.appboycdn.com https://cdn.segment.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.google-analytics.com https://static.zdassets.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://www.googletagmanager.com; upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none'; report-uri https://worklife.report-uri.com/r/d/csp/enforce;
content-type
text/html
date
Wed, 03 Jul 2024 16:34:29 GMT
etag
"6672bd33-112f"
expect-ct
max-age=0, report-uri="https://worklife.report-uri.com/r/d/ct/reportOnly"
last-modified
Wed, 19 Jun 2024 11:12:51 GMT
nel
{"report_to":"default","max_age":2592000,"include_subdomains":false}
permissions-policy
geolocation=(), microphone=()
referrer-policy
strict-origin-when-cross-origin
report-to
{"group":"default","max_age":2592000,"endpoints":[{"url":"https://worklife.report-uri.com/a/d/g"}],"include_subdomains":false}
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block

Redirect headers

Location
https://oav.worklife.io/
Non-Authoritative-Reason
HttpsUpgrades
index-BIkn2oZT.js
oav.worklife.io/assets/ 		640 KB
641 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oav.worklife.io/assets/index-BIkn2oZT.js
Requested by
Host: oav.worklife.io
URL: https://oav.worklife.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.188.43.237 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-43-237.eu-west-3.compute.amazonaws.com
Software
/
Resource Hash
d0052198f294cf2d81d4d9beefe5a55aaa6007cf408b56092eb1d65a03cef951
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: data: wss:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://js.stripe.com https://*.hotjar.com https://*.hotjar.io https://js.appboycdn.com https://cdn.segment.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.google-analytics.com https://static.zdassets.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://www.googletagmanager.com; upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none'; report-uri https://worklife.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://oav.worklife.io/
Origin
https://oav.worklife.io
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 16:34:29 GMT
content-security-policy
default-src 'self' https: data: wss:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://js.stripe.com https://*.hotjar.com https://*.hotjar.io https://js.appboycdn.com https://cdn.segment.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.google-analytics.com https://static.zdassets.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://www.googletagmanager.com; upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none'; report-uri https://worklife.report-uri.com/r/d/csp/enforce;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
nel
{"report_to":"default","max_age":2592000,"include_subdomains":false}
content-length
654892
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 19 Jun 2024 11:12:51 GMT
etag
"6672bd33-9fe2c"
expect-ct
max-age=0, report-uri="https://worklife.report-uri.com/r/d/ct/reportOnly"
x-frame-options
DENY
report-to
{"group":"default","max_age":2592000,"endpoints":[{"url":"https://worklife.report-uri.com/a/d/g"}],"include_subdomains":false}
content-type
application/javascript
permissions-policy
geolocation=(), microphone=()
accept-ranges
bytes
index-Dcf7AmaZ.css
oav.worklife.io/assets/ 		22 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://oav.worklife.io/assets/index-Dcf7AmaZ.css
Requested by
Host: oav.worklife.io
URL: https://oav.worklife.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.188.43.237 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-43-237.eu-west-3.compute.amazonaws.com
Software
/
Resource Hash
3646d9f6f29f7ad30eca7ede8b8f01cfacb9df7a47a75b30ac509c81e2657ce8
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: data: wss:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://js.stripe.com https://*.hotjar.com https://*.hotjar.io https://js.appboycdn.com https://cdn.segment.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.google-analytics.com https://static.zdassets.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://www.googletagmanager.com; upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none'; report-uri https://worklife.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://oav.worklife.io/
Origin
https://oav.worklife.io
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 16:34:29 GMT
content-security-policy
default-src 'self' https: data: wss:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://js.stripe.com https://*.hotjar.com https://*.hotjar.io https://js.appboycdn.com https://cdn.segment.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.google-analytics.com https://static.zdassets.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://www.googletagmanager.com; upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none'; report-uri https://worklife.report-uri.com/r/d/csp/enforce;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
nel
{"report_to":"default","max_age":2592000,"include_subdomains":false}
content-length
22132
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 19 Jun 2024 11:12:51 GMT
etag
"6672bd33-5674"
expect-ct
max-age=0, report-uri="https://worklife.report-uri.com/r/d/ct/reportOnly"
x-frame-options
DENY
report-to
{"group":"default","max_age":2592000,"endpoints":[{"url":"https://worklife.report-uri.com/a/d/g"}],"include_subdomains":false}
content-type
text/css
permissions-policy
geolocation=(), microphone=()
accept-ranges
bytes
gtm.js
www.googletagmanager.com/ 		184 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MSRLPC63
Requested by
Host: oav.worklife.io
URL: https://oav.worklife.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
10b54505e773da0b514889dfc82d24b275d4126c32d87d1ba5b2f23a205aa3b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://oav.worklife.io/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 16:34:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68118
x-xss-protection
0
last-modified
Wed, 03 Jul 2024 16:07:56 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 03 Jul 2024 16:34:29 GMT
en.json
assets.worklife.care/messages/echo-web/ 		44 KB
45 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.worklife.care/messages/echo-web/en.json
Requested by
Host: oav.worklife.io
URL: https://oav.worklife.io/assets/index-BIkn2oZT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.65.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-65-24.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
defc84b891ff6955c0c7c53613db336d74204a1e3c18ffa015c9771d64ff1efb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://oav.worklife.io/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 16:34:31 GMT
via
1.1 a71884ac07401af155dc18a13375cfb2.cloudfront.net (CloudFront)
last-modified
Wed, 19 Jun 2024 14:39:49 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P6
etag
"33d4cd3b1281015dd81cc7a0d6e9b65e"
x-amz-server-side-encryption
AES256
access-control-max-age
0
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
accept-ranges
bytes
content-length
45180
x-amz-cf-id
NSKgY92RFGtZbDHhzEWYYTYhfHoSwWkrvVw25Ccp2QSLTTzXPFabdw==
AuthLayout-g2WERWaq.js
oav.worklife.io/assets/ 		169 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oav.worklife.io/assets/AuthLayout-g2WERWaq.js
Requested by
Host: oav.worklife.io
URL: https://oav.worklife.io/assets/index-BIkn2oZT.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.188.43.237 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-43-237.eu-west-3.compute.amazonaws.com
Software
/
Resource Hash
fa32b220bf1e2fba582fc27cfff4fe683108d8b73c720a6599ba3f514d8c777a
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: data: wss:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://js.stripe.com https://*.hotjar.com https://*.hotjar.io https://js.appboycdn.com https://cdn.segment.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.google-analytics.com https://static.zdassets.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://www.googletagmanager.com; upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none'; report-uri https://worklife.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://oav.worklife.io/assets/index-BIkn2oZT.js
Origin
https://oav.worklife.io
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 16:34:29 GMT
content-security-policy
default-src 'self' https: data: wss:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://js.stripe.com https://*.hotjar.com https://*.hotjar.io https://js.appboycdn.com https://cdn.segment.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.google-analytics.com https://static.zdassets.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://www.googletagmanager.com; upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none'; report-uri https://worklife.report-uri.com/r/d/csp/enforce;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
nel
{"report_to":"default","max_age":2592000,"include_subdomains":false}
content-length
169
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 19 Jun 2024 11:12:51 GMT
etag
"6672bd33-a9"
expect-ct
max-age=0, report-uri="https://worklife.report-uri.com/r/d/ct/reportOnly"
x-frame-options
DENY
report-to
{"group":"default","max_age":2592000,"endpoints":[{"url":"https://worklife.report-uri.com/a/d/g"}],"include_subdomains":false}
content-type
application/javascript
permissions-policy
geolocation=(), microphone=()
accept-ranges
bytes
hotjar-5021395.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-5021395.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSRLPC63
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-32.muc50.r.cloudfront.net
Software
/
Resource Hash
b5ac8614ebfd1f0a113fa2dce32f3a0b10dc90cf57bbee7baaa72305bc226e60
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://oav.worklife.io/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Wed, 03 Jul 2024 16:34:29 GMT
via
1.1 0f14828b89630f6555c6372e13fc999a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
etag
W/506a57cce24d62d7c26a4d2c1968ba4c
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
x-amz-cf-id
xiS4nums82jv-lQ0sBylbEHHZvloOoGZ7gGt-277GpieVrLfz2P_Cw==
NoAuthLayout-c4KRF_u9.js
oav.worklife.io/assets/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oav.worklife.io/assets/NoAuthLayout-c4KRF_u9.js
Requested by
Host: oav.worklife.io
URL: https://oav.worklife.io/assets/index-BIkn2oZT.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.188.43.237 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-43-237.eu-west-3.compute.amazonaws.com
Software
/
Resource Hash
76157f6cc97bd9461649a6149f0961ca6702f03a5db39bc1203303d1ee97ddcc
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: data: wss:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://js.stripe.com https://*.hotjar.com https://*.hotjar.io https://js.appboycdn.com https://cdn.segment.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.google-analytics.com https://static.zdassets.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://www.googletagmanager.com; upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none'; report-uri https://worklife.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://oav.worklife.io
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 16:34:29 GMT
content-security-policy
default-src 'self' https: data: wss:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://js.stripe.com https://*.hotjar.com https://*.hotjar.io https://js.appboycdn.com https://cdn.segment.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.google-analytics.com https://static.zdassets.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://www.googletagmanager.com; upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none'; report-uri https://worklife.report-uri.com/r/d/csp/enforce;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
nel
{"report_to":"default","max_age":2592000,"include_subdomains":false}
content-length
1889
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 19 Jun 2024 11:12:51 GMT
etag
"6672bd33-761"
expect-ct
max-age=0, report-uri="https://worklife.report-uri.com/r/d/ct/reportOnly"
x-frame-options
DENY
report-to
{"group":"default","max_age":2592000,"endpoints":[{"url":"https://worklife.report-uri.com/a/d/g"}],"include_subdomains":false}
content-type
application/javascript
permissions-policy
geolocation=(), microphone=()
accept-ranges
bytes
NoAuthLayout-Dze4lF5s.css
oav.worklife.io/assets/ 		2 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://oav.worklife.io/assets/NoAuthLayout-Dze4lF5s.css
Requested by
Host: oav.worklife.io
URL: https://oav.worklife.io/assets/index-BIkn2oZT.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.188.43.237 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-43-237.eu-west-3.compute.amazonaws.com
Software
/
Resource Hash
e85db55c383c45a8bfa2fe502bc138737b5ba14b479bb95ab5a155d5306e3638
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: data: wss:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://js.stripe.com https://*.hotjar.com https://*.hotjar.io https://js.appboycdn.com https://cdn.segment.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.google-analytics.com https://static.zdassets.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://www.googletagmanager.com; upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none'; report-uri https://worklife.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://oav.worklife.io/login
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 16:34:29 GMT
content-security-policy
default-src 'self' https: data: wss:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://js.stripe.com https://*.hotjar.com https://*.hotjar.io https://js.appboycdn.com https://cdn.segment.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.google-analytics.com https://static.zdassets.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://www.googletagmanager.com; upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none'; report-uri https://worklife.report-uri.com/r/d/csp/enforce;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
nel
{"report_to":"default","max_age":2592000,"include_subdomains":false}
content-length
2103
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 19 Jun 2024 11:12:51 GMT
etag
"6672bd33-837"
expect-ct
max-age=0, report-uri="https://worklife.report-uri.com/r/d/ct/reportOnly"
x-frame-options
DENY
report-to
{"group":"default","max_age":2592000,"endpoints":[{"url":"https://worklife.report-uri.com/a/d/g"}],"include_subdomains":false}
content-type
text/css
permissions-policy
geolocation=(), microphone=()
accept-ranges
bytes
modules.e4b2dc39f985f11fb1e4.js
script.hotjar.com/ 		223 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.e4b2dc39f985f11fb1e4.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-5021395.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.228.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-64.muc50.r.cloudfront.net
Software
/
Resource Hash
619feac205d68f6356fcad13d6758533011a8acc7830e3deb0f763249d7516c0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://oav.worklife.io/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 08:11:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 62be04c57195b92a15c9e33c0bb32906.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
age
203002
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
56291
last-modified
Mon, 01 Jul 2024 08:10:34 GMT
etag
"ca025d2d8ae4b3dc51e058b782590501"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
VUEtAFs6tn3taO2Wb8zXvWLhHYLmniOjRtBGRGWxa1jyPRbAngAfOw==
5021395
vc.hotjar.io/sessions/ 		0
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/5021395?s=0.25&r=0.06379501232614082
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.e4b2dc39f985f11fb1e4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.228.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-24.muc50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://oav.worklife.io/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Wed, 03 Jul 2024 16:34:29 GMT
cache-control
no-store
via
1.1 3e8fb1cae95e63b7f329b9330db0c47a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
x-amz-cf-id
FAQb5WjqrXBBBRQiM_op4bcDUtY6B1k5mZFhIbT1JlsW9Cq6leXAZQ==
x-cache
Miss from cloudfront
/
content.hotjar.io/ 		56 B
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.hotjar.io/?site_id=5021395&gzip=1
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.e4b2dc39f985f11fb1e4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.208.243.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-243-88.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a4509c0cb9f0427853faef2e6a0a6a5023403c7a580c5dff7b4ca641b9bfbf18

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://oav.worklife.io/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 03 Jul 2024 16:34:29 GMT
content-length
56
access-control-max-age
86400
content-type
application/json
favicon.svg
oav.worklife.io/ 		926 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://oav.worklife.io/favicon.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.188.43.237 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-43-237.eu-west-3.compute.amazonaws.com
Software
/
Resource Hash
b69acc62c78a57b7f35ba98b367cb3e168afee85fa8ec01b31865a11f33f225f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://oav.worklife.io/login
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 16:34:29 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 19 Jun 2024 11:12:49 GMT
etag
"6672bd31-39e"
content-type
image/svg+xml
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
926
expires
Fri, 02 Aug 2024 16:34:29 GMT
LoginPage-DrcXAVrd.js
oav.worklife.io/assets/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oav.worklife.io/assets/LoginPage-DrcXAVrd.js
Requested by
Host: oav.worklife.io
URL: https://oav.worklife.io/assets/index-BIkn2oZT.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.188.43.237 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-43-237.eu-west-3.compute.amazonaws.com
Software
/
Resource Hash
bff850ebae53ac3b59888e4e3e0ac4c1aa5da3864461e42f8c769d71dd7776d1
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: data: wss:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://js.stripe.com https://*.hotjar.com https://*.hotjar.io https://js.appboycdn.com https://cdn.segment.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.google-analytics.com https://static.zdassets.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://www.googletagmanager.com; upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none'; report-uri https://worklife.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://oav.worklife.io
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 16:34:30 GMT
content-security-policy
default-src 'self' https: data: wss:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://js.stripe.com https://*.hotjar.com https://*.hotjar.io https://js.appboycdn.com https://cdn.segment.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.google-analytics.com https://static.zdassets.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://www.googletagmanager.com; upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none'; report-uri https://worklife.report-uri.com/r/d/csp/enforce;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
nel
{"report_to":"default","max_age":2592000,"include_subdomains":false}
content-length
2115
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 19 Jun 2024 11:12:51 GMT
etag
"6672bd33-843"
expect-ct
max-age=0, report-uri="https://worklife.report-uri.com/r/d/ct/reportOnly"
x-frame-options
DENY
report-to
{"group":"default","max_age":2592000,"endpoints":[{"url":"https://worklife.report-uri.com/a/d/g"}],"include_subdomains":false}
content-type
application/javascript
permissions-policy
geolocation=(), microphone=()
accept-ranges
bytes
index-FqROu_fQ.js
oav.worklife.io/assets/ 		77 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oav.worklife.io/assets/index-FqROu_fQ.js
Requested by
Host: oav.worklife.io
URL: https://oav.worklife.io/assets/index-BIkn2oZT.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.188.43.237 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-43-237.eu-west-3.compute.amazonaws.com
Software
/
Resource Hash
8c061e44829b66a0d4e9abd2c88bcfdda2f414c0209c3c484516506f6ab788cc
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: data: wss:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://js.stripe.com https://*.hotjar.com https://*.hotjar.io https://js.appboycdn.com https://cdn.segment.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.google-analytics.com https://static.zdassets.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://www.googletagmanager.com; upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none'; report-uri https://worklife.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://oav.worklife.io
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 16:34:30 GMT
content-security-policy
default-src 'self' https: data: wss:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://js.stripe.com https://*.hotjar.com https://*.hotjar.io https://js.appboycdn.com https://cdn.segment.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.google-analytics.com https://static.zdassets.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://www.googletagmanager.com; upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none'; report-uri https://worklife.report-uri.com/r/d/csp/enforce;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
nel
{"report_to":"default","max_age":2592000,"include_subdomains":false}
content-length
78986
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 19 Jun 2024 11:12:51 GMT
etag
"6672bd33-1348a"
expect-ct
max-age=0, report-uri="https://worklife.report-uri.com/r/d/ct/reportOnly"
x-frame-options
DENY
report-to
{"group":"default","max_age":2592000,"endpoints":[{"url":"https://worklife.report-uri.com/a/d/g"}],"include_subdomains":false}
content-type
application/javascript
permissions-policy
geolocation=(), microphone=()
accept-ranges
bytes
ControlledFieldText-CyH-JHFy.js
oav.worklife.io/assets/ 		927 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oav.worklife.io/assets/ControlledFieldText-CyH-JHFy.js
Requested by
Host: oav.worklife.io
URL: https://oav.worklife.io/assets/index-BIkn2oZT.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.188.43.237 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-43-237.eu-west-3.compute.amazonaws.com
Software
/
Resource Hash
48f8d151274a4aa7c8a36c711786241f82d74abd00c86d5ee0dd0e6b24029a24
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: data: wss:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://js.stripe.com https://*.hotjar.com https://*.hotjar.io https://js.appboycdn.com https://cdn.segment.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.google-analytics.com https://static.zdassets.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://www.googletagmanager.com; upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none'; report-uri https://worklife.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://oav.worklife.io
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 16:34:30 GMT
content-security-policy
default-src 'self' https: data: wss:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://js.stripe.com https://*.hotjar.com https://*.hotjar.io https://js.appboycdn.com https://cdn.segment.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.google-analytics.com https://static.zdassets.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://www.googletagmanager.com; upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none'; report-uri https://worklife.report-uri.com/r/d/csp/enforce;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
nel
{"report_to":"default","max_age":2592000,"include_subdomains":false}
content-length
927
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 19 Jun 2024 11:12:51 GMT
etag
"6672bd33-39f"
expect-ct
max-age=0, report-uri="https://worklife.report-uri.com/r/d/ct/reportOnly"
x-frame-options
DENY
report-to
{"group":"default","max_age":2592000,"endpoints":[{"url":"https://worklife.report-uri.com/a/d/g"}],"include_subdomains":false}
content-type
application/javascript
permissions-policy
geolocation=(), microphone=()
accept-ranges
bytes
Field-Brv3Utsf.js
oav.worklife.io/assets/ 		536 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oav.worklife.io/assets/Field-Brv3Utsf.js
Requested by
Host: oav.worklife.io
URL: https://oav.worklife.io/assets/index-BIkn2oZT.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.188.43.237 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-43-237.eu-west-3.compute.amazonaws.com
Software
/
Resource Hash
9ed035c744df24ad3b2080c1397fc429b9640974db60e9a7f815b968804af282
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: data: wss:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://js.stripe.com https://*.hotjar.com https://*.hotjar.io https://js.appboycdn.com https://cdn.segment.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.google-analytics.com https://static.zdassets.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://www.googletagmanager.com; upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none'; report-uri https://worklife.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://oav.worklife.io
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 16:34:30 GMT
content-security-policy
default-src 'self' https: data: wss:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://js.stripe.com https://*.hotjar.com https://*.hotjar.io https://js.appboycdn.com https://cdn.segment.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.google-analytics.com https://static.zdassets.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://www.googletagmanager.com; upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none'; report-uri https://worklife.report-uri.com/r/d/csp/enforce;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
nel
{"report_to":"default","max_age":2592000,"include_subdomains":false}
content-length
536
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 19 Jun 2024 11:12:51 GMT
etag
"6672bd33-218"
expect-ct
max-age=0, report-uri="https://worklife.report-uri.com/r/d/ct/reportOnly"
x-frame-options
DENY
report-to
{"group":"default","max_age":2592000,"endpoints":[{"url":"https://worklife.report-uri.com/a/d/g"}],"include_subdomains":false}
content-type
application/javascript
permissions-policy
geolocation=(), microphone=()
accept-ranges
bytes
ControlledFieldPassword-DiOkyeIa.js
oav.worklife.io/assets/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oav.worklife.io/assets/ControlledFieldPassword-DiOkyeIa.js
Requested by
Host: oav.worklife.io
URL: https://oav.worklife.io/assets/index-BIkn2oZT.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.188.43.237 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-43-237.eu-west-3.compute.amazonaws.com
Software
/
Resource Hash
00ffd22bc109a62a27d904d964f43f679686658b44029b7515389d138a172e2d
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: data: wss:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://js.stripe.com https://*.hotjar.com https://*.hotjar.io https://js.appboycdn.com https://cdn.segment.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.google-analytics.com https://static.zdassets.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://www.googletagmanager.com; upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none'; report-uri https://worklife.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://oav.worklife.io
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 16:34:30 GMT
content-security-policy
default-src 'self' https: data: wss:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://js.stripe.com https://*.hotjar.com https://*.hotjar.io https://js.appboycdn.com https://cdn.segment.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.google-analytics.com https://static.zdassets.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://www.googletagmanager.com; upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none'; report-uri https://worklife.report-uri.com/r/d/csp/enforce;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
nel
{"report_to":"default","max_age":2592000,"include_subdomains":false}
content-length
1262
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 19 Jun 2024 11:12:51 GMT
etag
"6672bd33-4ee"
expect-ct
max-age=0, report-uri="https://worklife.report-uri.com/r/d/ct/reportOnly"
x-frame-options
DENY
report-to
{"group":"default","max_age":2592000,"endpoints":[{"url":"https://worklife.report-uri.com/a/d/g"}],"include_subdomains":false}
content-type
application/javascript
permissions-policy
geolocation=(), microphone=()
accept-ranges
bytes
ControlledFieldPassword-DrRFN2gN.css
oav.worklife.io/assets/ 		257 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://oav.worklife.io/assets/ControlledFieldPassword-DrRFN2gN.css
Requested by
Host: oav.worklife.io
URL: https://oav.worklife.io/assets/index-BIkn2oZT.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.188.43.237 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-43-237.eu-west-3.compute.amazonaws.com
Software
/
Resource Hash
064cc561b398deb69949d7695203b43887256268e3e4f7b3dbaee376938d9268
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: data: wss:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://js.stripe.com https://*.hotjar.com https://*.hotjar.io https://js.appboycdn.com https://cdn.segment.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.google-analytics.com https://static.zdassets.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://www.googletagmanager.com; upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none'; report-uri https://worklife.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://oav.worklife.io/login
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 16:34:30 GMT
content-security-policy
default-src 'self' https: data: wss:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://js.stripe.com https://*.hotjar.com https://*.hotjar.io https://js.appboycdn.com https://cdn.segment.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.google-analytics.com https://static.zdassets.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://www.googletagmanager.com; upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none'; report-uri https://worklife.report-uri.com/r/d/csp/enforce;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
nel
{"report_to":"default","max_age":2592000,"include_subdomains":false}
content-length
257
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 19 Jun 2024 11:12:51 GMT
etag
"6672bd33-101"
expect-ct
max-age=0, report-uri="https://worklife.report-uri.com/r/d/ct/reportOnly"
x-frame-options
DENY
report-to
{"group":"default","max_age":2592000,"endpoints":[{"url":"https://worklife.report-uri.com/a/d/g"}],"include_subdomains":false}
content-type
text/css
permissions-policy
geolocation=(), microphone=()
accept-ranges
bytes
Button-DSJXckA0.js
oav.worklife.io/assets/ 		662 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oav.worklife.io/assets/Button-DSJXckA0.js
Requested by
Host: oav.worklife.io
URL: https://oav.worklife.io/assets/index-BIkn2oZT.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.188.43.237 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-43-237.eu-west-3.compute.amazonaws.com
Software
/
Resource Hash
599044896b1d6b3cd74c4e8b040f9eaf38f469cad6f5c89ed16dc64cfd6211ac
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: data: wss:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://js.stripe.com https://*.hotjar.com https://*.hotjar.io https://js.appboycdn.com https://cdn.segment.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.google-analytics.com https://static.zdassets.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://www.googletagmanager.com; upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none'; report-uri https://worklife.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://oav.worklife.io
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 16:34:30 GMT
content-security-policy
default-src 'self' https: data: wss:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://js.stripe.com https://*.hotjar.com https://*.hotjar.io https://js.appboycdn.com https://cdn.segment.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.google-analytics.com https://static.zdassets.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://www.googletagmanager.com; upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none'; report-uri https://worklife.report-uri.com/r/d/csp/enforce;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
nel
{"report_to":"default","max_age":2592000,"include_subdomains":false}
content-length
662
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 19 Jun 2024 11:12:51 GMT
etag
"6672bd33-296"
expect-ct
max-age=0, report-uri="https://worklife.report-uri.com/r/d/ct/reportOnly"
x-frame-options
DENY
report-to
{"group":"default","max_age":2592000,"endpoints":[{"url":"https://worklife.report-uri.com/a/d/g"}],"include_subdomains":false}
content-type
application/javascript
permissions-policy
geolocation=(), microphone=()
accept-ranges
bytes
Button-22uuZoBl.css
oav.worklife.io/assets/ 		2 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://oav.worklife.io/assets/Button-22uuZoBl.css
Requested by
Host: oav.worklife.io
URL: https://oav.worklife.io/assets/index-BIkn2oZT.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.188.43.237 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-43-237.eu-west-3.compute.amazonaws.com
Software
/
Resource Hash
b416822625669ad2f28465812b78a1a70ff673fa75df60aa3cda588a0e4d048e
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: data: wss:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://js.stripe.com https://*.hotjar.com https://*.hotjar.io https://js.appboycdn.com https://cdn.segment.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.google-analytics.com https://static.zdassets.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://www.googletagmanager.com; upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none'; report-uri https://worklife.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://oav.worklife.io/login
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 16:34:30 GMT
content-security-policy
default-src 'self' https: data: wss:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://js.stripe.com https://*.hotjar.com https://*.hotjar.io https://js.appboycdn.com https://cdn.segment.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.google-analytics.com https://static.zdassets.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://www.googletagmanager.com; upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none'; report-uri https://worklife.report-uri.com/r/d/csp/enforce;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
nel
{"report_to":"default","max_age":2592000,"include_subdomains":false}
content-length
1905
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 19 Jun 2024 11:12:51 GMT
etag
"6672bd33-771"
expect-ct
max-age=0, report-uri="https://worklife.report-uri.com/r/d/ct/reportOnly"
x-frame-options
DENY
report-to
{"group":"default","max_age":2592000,"endpoints":[{"url":"https://worklife.report-uri.com/a/d/g"}],"include_subdomains":false}
content-type
text/css
permissions-policy
geolocation=(), microphone=()
accept-ranges
bytes
useMutation-C6AJHLYc.js
oav.worklife.io/assets/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oav.worklife.io/assets/useMutation-C6AJHLYc.js
Requested by
Host: oav.worklife.io
URL: https://oav.worklife.io/assets/index-BIkn2oZT.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.188.43.237 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-43-237.eu-west-3.compute.amazonaws.com
Software
/
Resource Hash
bd9b00d2002692f5666c833ac89a81394ef1d0b9aef49c1bb2b57f0e297d24ba
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: data: wss:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://js.stripe.com https://*.hotjar.com https://*.hotjar.io https://js.appboycdn.com https://cdn.segment.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.google-analytics.com https://static.zdassets.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://www.googletagmanager.com; upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none'; report-uri https://worklife.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://oav.worklife.io
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 16:34:30 GMT
content-security-policy
default-src 'self' https: data: wss:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://js.stripe.com https://*.hotjar.com https://*.hotjar.io https://js.appboycdn.com https://cdn.segment.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.google-analytics.com https://static.zdassets.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://www.googletagmanager.com; upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none'; report-uri https://worklife.report-uri.com/r/d/csp/enforce;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
nel
{"report_to":"default","max_age":2592000,"include_subdomains":false}
content-length
1770
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 19 Jun 2024 11:12:51 GMT
etag
"6672bd33-6ea"
expect-ct
max-age=0, report-uri="https://worklife.report-uri.com/r/d/ct/reportOnly"
x-frame-options
DENY
report-to
{"group":"default","max_age":2592000,"endpoints":[{"url":"https://worklife.report-uri.com/a/d/g"}],"include_subdomains":false}
content-type
application/javascript
permissions-policy
geolocation=(), microphone=()
accept-ranges
bytes
LoginPage-CzcpUGze.css
oav.worklife.io/assets/ 		82 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://oav.worklife.io/assets/LoginPage-CzcpUGze.css
Requested by
Host: oav.worklife.io
URL: https://oav.worklife.io/assets/index-BIkn2oZT.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.188.43.237 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-43-237.eu-west-3.compute.amazonaws.com
Software
/
Resource Hash
8abe5f1567fdcd10a1e61099120f41ab00c29b382d48baf1b51df31db80fd401
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: data: wss:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://js.stripe.com https://*.hotjar.com https://*.hotjar.io https://js.appboycdn.com https://cdn.segment.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.google-analytics.com https://static.zdassets.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://www.googletagmanager.com; upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none'; report-uri https://worklife.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://oav.worklife.io/login
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 16:34:30 GMT
content-security-policy
default-src 'self' https: data: wss:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://js.stripe.com https://*.hotjar.com https://*.hotjar.io https://js.appboycdn.com https://cdn.segment.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.google-analytics.com https://static.zdassets.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://www.googletagmanager.com; upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none'; report-uri https://worklife.report-uri.com/r/d/csp/enforce;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
nel
{"report_to":"default","max_age":2592000,"include_subdomains":false}
content-length
82
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 19 Jun 2024 11:12:51 GMT
etag
"6672bd33-52"
expect-ct
max-age=0, report-uri="https://worklife.report-uri.com/r/d/ct/reportOnly"
x-frame-options
DENY
report-to
{"group":"default","max_age":2592000,"endpoints":[{"url":"https://worklife.report-uri.com/a/d/g"}],"include_subdomains":false}
content-type
text/css
permissions-policy
geolocation=(), microphone=()
accept-ranges
bytes
worklife-ca-logo.svg
oav.worklife.io/images/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oav.worklife.io/images/worklife-ca-logo.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.188.43.237 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-43-237.eu-west-3.compute.amazonaws.com
Software
/
Resource Hash
e4fa01354d796dc7e407a0fac25c66188f8ce4667b80981de7ae7ffb9f95286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://oav.worklife.io/login
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 16:34:30 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 19 Jun 2024 11:12:49 GMT
etag
"6672bd31-37a4"
content-type
image/svg+xml
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
14244
expires
Fri, 02 Aug 2024 16:34:30 GMT
credit-agricole-logo.png
oav.worklife.io/images/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oav.worklife.io/images/credit-agricole-logo.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.188.43.237 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-43-237.eu-west-3.compute.amazonaws.com
Software
/
Resource Hash
e9a151502c2a8db18acf35eeb2e11633a7aebbf86a57cd9c84d224819ff12f9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://oav.worklife.io/login
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 16:34:30 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 19 Jun 2024 11:12:49 GMT
etag
"6672bd31-f14e"
content-type
image/png
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
61774
expires
Fri, 02 Aug 2024 16:34:30 GMT
Satoshi-Medium.woff2
oav.worklife.io/fonts/satoshi/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://oav.worklife.io/fonts/satoshi/Satoshi-Medium.woff2
Requested by
Host: oav.worklife.io
URL: https://oav.worklife.io/assets/index-Dcf7AmaZ.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.188.43.237 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-43-237.eu-west-3.compute.amazonaws.com
Software
/
Resource Hash
af02a72246f53ad49c44a591921edbd39ec8258a03d8cc2e0532aa1e497e85b4
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: data: wss:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://js.stripe.com https://*.hotjar.com https://*.hotjar.io https://js.appboycdn.com https://cdn.segment.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.google-analytics.com https://static.zdassets.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://www.googletagmanager.com; upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none'; report-uri https://worklife.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://oav.worklife.io/assets/index-Dcf7AmaZ.css
Origin
https://oav.worklife.io
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 16:34:30 GMT
content-security-policy
default-src 'self' https: data: wss:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://js.stripe.com https://*.hotjar.com https://*.hotjar.io https://js.appboycdn.com https://cdn.segment.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.google-analytics.com https://static.zdassets.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://www.googletagmanager.com; upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none'; report-uri https://worklife.report-uri.com/r/d/csp/enforce;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
nel
{"report_to":"default","max_age":2592000,"include_subdomains":false}
content-length
25596
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 19 Jun 2024 11:12:49 GMT
etag
"6672bd31-63fc"
expect-ct
max-age=0, report-uri="https://worklife.report-uri.com/r/d/ct/reportOnly"
x-frame-options
DENY
report-to
{"group":"default","max_age":2592000,"endpoints":[{"url":"https://worklife.report-uri.com/a/d/g"}],"include_subdomains":false}
content-type
font/woff2
permissions-policy
geolocation=(), microphone=()
accept-ranges
bytes
Satoshi-Black.woff2
oav.worklife.io/fonts/satoshi/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://oav.worklife.io/fonts/satoshi/Satoshi-Black.woff2
Requested by
Host: oav.worklife.io
URL: https://oav.worklife.io/assets/index-Dcf7AmaZ.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.188.43.237 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-43-237.eu-west-3.compute.amazonaws.com
Software
/
Resource Hash
bd11b5820231420e78046c611aebdd628dc17ad67788258ffe3fe902253efd3b
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: data: wss:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://js.stripe.com https://*.hotjar.com https://*.hotjar.io https://js.appboycdn.com https://cdn.segment.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.google-analytics.com https://static.zdassets.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://www.googletagmanager.com; upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none'; report-uri https://worklife.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://oav.worklife.io/assets/index-Dcf7AmaZ.css
Origin
https://oav.worklife.io
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 16:34:30 GMT
content-security-policy
default-src 'self' https: data: wss:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://js.stripe.com https://*.hotjar.com https://*.hotjar.io https://js.appboycdn.com https://cdn.segment.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.google-analytics.com https://static.zdassets.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://www.googletagmanager.com; upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none'; report-uri https://worklife.report-uri.com/r/d/csp/enforce;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
nel
{"report_to":"default","max_age":2592000,"include_subdomains":false}
content-length
23484
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 19 Jun 2024 11:12:49 GMT
etag
"6672bd31-5bbc"
expect-ct
max-age=0, report-uri="https://worklife.report-uri.com/r/d/ct/reportOnly"
x-frame-options
DENY
report-to
{"group":"default","max_age":2592000,"endpoints":[{"url":"https://worklife.report-uri.com/a/d/g"}],"include_subdomains":false}
content-type
font/woff2
permissions-policy
geolocation=(), microphone=()
accept-ranges
bytes
Satoshi-Regular.woff2
oav.worklife.io/fonts/satoshi/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://oav.worklife.io/fonts/satoshi/Satoshi-Regular.woff2
Requested by
Host: oav.worklife.io
URL: https://oav.worklife.io/assets/index-Dcf7AmaZ.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.188.43.237 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-43-237.eu-west-3.compute.amazonaws.com
Software
/
Resource Hash
50dca57f0b77918e0fb7dac998c3f5ef6b0c2a29657da97658a04f98ac532fc5
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: data: wss:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://js.stripe.com https://*.hotjar.com https://*.hotjar.io https://js.appboycdn.com https://cdn.segment.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.google-analytics.com https://static.zdassets.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://www.googletagmanager.com; upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none'; report-uri https://worklife.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://oav.worklife.io/assets/index-Dcf7AmaZ.css
Origin
https://oav.worklife.io
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 16:34:30 GMT
content-security-policy
default-src 'self' https: data: wss:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://js.stripe.com https://*.hotjar.com https://*.hotjar.io https://js.appboycdn.com https://cdn.segment.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.google-analytics.com https://static.zdassets.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://www.googletagmanager.com; upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none'; report-uri https://worklife.report-uri.com/r/d/csp/enforce;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
nel
{"report_to":"default","max_age":2592000,"include_subdomains":false}
content-length
25516
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 19 Jun 2024 11:12:49 GMT
etag
"6672bd31-63ac"
expect-ct
max-age=0, report-uri="https://worklife.report-uri.com/r/d/ct/reportOnly"
x-frame-options
DENY
report-to
{"group":"default","max_age":2592000,"endpoints":[{"url":"https://worklife.report-uri.com/a/d/g"}],"include_subdomains":false}
content-type
font/woff2
permissions-policy
geolocation=(), microphone=()
accept-ranges
bytes
eye-filled-B3QEaWUw.js
oav.worklife.io/assets/ 		515 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oav.worklife.io/assets/eye-filled-B3QEaWUw.js
Requested by
Host: oav.worklife.io
URL: https://oav.worklife.io/assets/index-BIkn2oZT.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.188.43.237 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-43-237.eu-west-3.compute.amazonaws.com
Software
/
Resource Hash
353f9bad6f498580170beab8abe895e4972dad47752e7aeb931d526388e2ae13
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: data: wss:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://js.stripe.com https://*.hotjar.com https://*.hotjar.io https://js.appboycdn.com https://cdn.segment.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.google-analytics.com https://static.zdassets.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://www.googletagmanager.com; upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none'; report-uri https://worklife.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://oav.worklife.io/assets/index-BIkn2oZT.js
Origin
https://oav.worklife.io
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 16:34:30 GMT
content-security-policy
default-src 'self' https: data: wss:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://js.stripe.com https://*.hotjar.com https://*.hotjar.io https://js.appboycdn.com https://cdn.segment.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.google-analytics.com https://static.zdassets.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://www.googletagmanager.com; upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none'; report-uri https://worklife.report-uri.com/r/d/csp/enforce;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
nel
{"report_to":"default","max_age":2592000,"include_subdomains":false}
content-length
515
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 19 Jun 2024 11:12:51 GMT
etag
"6672bd33-203"
expect-ct
max-age=0, report-uri="https://worklife.report-uri.com/r/d/ct/reportOnly"
x-frame-options
DENY
report-to
{"group":"default","max_age":2592000,"endpoints":[{"url":"https://worklife.report-uri.com/a/d/g"}],"include_subdomains":false}
content-type
application/javascript
permissions-policy
geolocation=(), microphone=()
accept-ranges
bytes

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage object| dataLayer string| __reactRouterVersion object| __SENTRY__ object| google_tag_manager object| google_tag_data function| hj object| _hjSettings object| hjSiteSettings function| hjBootstrap object| hjLazyModules object| hjBootstrapCalled

2 Cookies

Domain/Path Name / Value
.worklife.io/ Name: _hjSessionUser_5021395
Value: eyJpZCI6IjZiYzQ1ZWE5LTk0NzEtNTZjNi05NmJjLTY5N2M5Y2M3ZjQ1OSIsImNyZWF0ZWQiOjE3MjAwMjQ0Njk4NTcsImV4aXN0aW5nIjp0cnVlfQ==
.worklife.io/ Name: _hjSession_5021395
Value: eyJpZCI6ImY2MGEzNTY0LTAyMTAtNDFlMS05ZTVkLWNmYmRmNDQ0ZmY2OCIsImMiOjE3MjAwMjQ0Njk4NTcsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://oav.worklife.io/login
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' https: data: wss:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://js.stripe.com https://*.hotjar.com https://*.hotjar.io https://js.appboycdn.com https://cdn.segment.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.google-analytics.com https://static.zdassets.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com https://www.googletagmanager.com; upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none'; report-uri https://worklife.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.worklife.care
content.hotjar.io
oav-worklife.io
oav.worklife.io
script.hotjar.com
static.hotjar.com
vc.hotjar.io
www.googletagmanager.com
15.188.43.237
18.66.192.32
2a00:1450:4001:830::2008
52.208.243.88
52.85.65.24
54.230.228.24
54.230.228.64
00ffd22bc109a62a27d904d964f43f679686658b44029b7515389d138a172e2d
064cc561b398deb69949d7695203b43887256268e3e4f7b3dbaee376938d9268
10b54505e773da0b514889dfc82d24b275d4126c32d87d1ba5b2f23a205aa3b9
353f9bad6f498580170beab8abe895e4972dad47752e7aeb931d526388e2ae13
3646d9f6f29f7ad30eca7ede8b8f01cfacb9df7a47a75b30ac509c81e2657ce8
48f8d151274a4aa7c8a36c711786241f82d74abd00c86d5ee0dd0e6b24029a24
50dca57f0b77918e0fb7dac998c3f5ef6b0c2a29657da97658a04f98ac532fc5
599044896b1d6b3cd74c4e8b040f9eaf38f469cad6f5c89ed16dc64cfd6211ac
619feac205d68f6356fcad13d6758533011a8acc7830e3deb0f763249d7516c0
76157f6cc97bd9461649a6149f0961ca6702f03a5db39bc1203303d1ee97ddcc
8abe5f1567fdcd10a1e61099120f41ab00c29b382d48baf1b51df31db80fd401
8c061e44829b66a0d4e9abd2c88bcfdda2f414c0209c3c484516506f6ab788cc
9ed035c744df24ad3b2080c1397fc429b9640974db60e9a7f815b968804af282
a4509c0cb9f0427853faef2e6a0a6a5023403c7a580c5dff7b4ca641b9bfbf18
af02a72246f53ad49c44a591921edbd39ec8258a03d8cc2e0532aa1e497e85b4
b416822625669ad2f28465812b78a1a70ff673fa75df60aa3cda588a0e4d048e
b5ac8614ebfd1f0a113fa2dce32f3a0b10dc90cf57bbee7baaa72305bc226e60
b69acc62c78a57b7f35ba98b367cb3e168afee85fa8ec01b31865a11f33f225f
bd11b5820231420e78046c611aebdd628dc17ad67788258ffe3fe902253efd3b
bd9b00d2002692f5666c833ac89a81394ef1d0b9aef49c1bb2b57f0e297d24ba
bff850ebae53ac3b59888e4e3e0ac4c1aa5da3864461e42f8c769d71dd7776d1
d0052198f294cf2d81d4d9beefe5a55aaa6007cf408b56092eb1d65a03cef951
dce8ad3ed96d807ee69daefe1a7a932e7acb2b6196cd1a81f6f836b203b76209
defc84b891ff6955c0c7c53613db336d74204a1e3c18ffa015c9771d64ff1efb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4fa01354d796dc7e407a0fac25c66188f8ce4667b80981de7ae7ffb9f95286d
e85db55c383c45a8bfa2fe502bc138737b5ba14b479bb95ab5a155d5306e3638
e9a151502c2a8db18acf35eeb2e11633a7aebbf86a57cd9c84d224819ff12f9f
fa32b220bf1e2fba582fc27cfff4fe683108d8b73c720a6599ba3f514d8c777a