prenotavisite.davincisalute.com Open in urlscan Pro
2606:4700:20::681a:ff7  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response prenotavisite.davincisalute.com/	634 KB 163 KB	1394ms 1301ms	Document text/html	2606:4700:20::681a:ff7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://prenotavisite.davincisalute.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ff7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 94a2eb6be8df0ca14f836c8221bd0e79912e819b110585fd2ac914bb26c5d526 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 accept-language en-US,en;q=0.9 Response headers access-control-allow-origin * cache-control private cf-cache-status DYNAMIC cf-ray 83fb73d1ae244bcd-BUF content-encoding br content-type text/html date Wed, 03 Jan 2024 13:05:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MXepH%2BAa7IHZBetaW9OUstJpu4KZK%2FExhlIFqc1ZcqdpXTieOlw4TH4SSQL3OWh1LQdIA42jqKbfO5tNdBD%2F%2B%2BGnRdulbv9B0sv44BlgIISo7sHHbl4%2BHE4qjMkSydtq%2B9i6q1aK%2FJX%2B2XtY4mA6TnXihOv4eJkv0YOH%2FCi4"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding via 1.1 google, 1.1 google x-cloud-trace-context 982e836c99f5245263c0c4ae0328a204 x-powered-by Express
GET H2	200	icon fonts.heyflow.cloud/	472 B 855 B	138ms 45ms	Stylesheet text/css	2606:4700:20::ac43:4aa7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fonts.heyflow.cloud/icon?family=Material+Icons Requested by Host: prenotavisite.davincisalute.com URL: https://prenotavisite.davincisalute.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4aa7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 4fefbaaf21e93f385b7528da16c7f4de43e4fcd70c13e0276c1967c1239aa69f Request headers accept-language en-US,en;q=0.9 Referer https://prenotavisite.davincisalute.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Wed, 03 Jan 2024 13:05:18 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 186632 cf-polished origSize=571 x-powered-by Express last-modified Mon, 01 Jan 2024 09:14:46 GMT cf-bgj minify server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3vuAjeP1u19hXs5OQeplW4oZD7PJ3GDbpSnC82ix26gBRMRWg57W9hVt7tAT7Y20s4Z2JynFBQB5i6I27iAku%2FNfGie6wfpwgAlfPLl8%2Fw3r6B4ZRGC9D%2BLggl0NG9WVJZ0j6tfx%2FUD%2BnA6l93oXhZE%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * x-cloud-trace-context 10cd9aed570b4c9546cc837b89bfa6e6 cache-control private, max-age=604800 cf-ray 83fb73da7acc4bc3-BUF
GET H2	200	css fonts.heyflow.cloud/	40 KB 2 KB	2250ms 2158ms	Stylesheet text/css	2606:4700:20::ac43:4aa7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fonts.heyflow.cloud/css?family=Open+Sans:300,400,500,600,700,800|Quicksand:300,400,500,600,700,800&display=swap Requested by Host: prenotavisite.davincisalute.com URL: https://prenotavisite.davincisalute.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4aa7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash cd6fc42ac18678956db8cbeb568c0340ef859a6847861460623fa284fcf43d2b Request headers accept-language en-US,en;q=0.9 Referer https://prenotavisite.davincisalute.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Wed, 03 Jan 2024 13:05:20 GMT content-encoding br cf-cache-status MISS last-modified Wed, 03 Jan 2024 13:05:20 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GXZlujCbHR%2Bv2iv5wP71IIhACdT6WeWcuWbUs60JJKZK22%2FHMdpbINSC2U1VI0ymDr4Pmd1e3H%2Bkcz%2Fj4PU%2Fsc0I3kiOhGXPu4IwrMft4HOWbGMDpZoNqKmqk6qSn6WEHq5KZULkg6UB65WhyR%2Fz9pY%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * x-cloud-trace-context 909fcc79ca7b24e0993dd4ba35febb67 cache-control private, max-age=604800 cf-ray 83fb73da7ace4bc3-BUF
GET H2	200	2c5d37bb-baa8-442d-96df-f346871983ef.png storage.googleapis.com/builder.zenflow.de/neurologo/www/assets/	85 KB 85 KB	197ms 125ms	Image image/png	2607:f8b0:4004:c07::cf GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://storage.googleapis.com/builder.zenflow.de/neurologo/www/assets/2c5d37bb-baa8-442d-96df-f346871983ef.png Requested by Host: prenotavisite.davincisalute.com URL: https://prenotavisite.davincisalute.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c07::cf Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash d7e6b4c92ec83b574a65538d9368360208bf02b6d358cc8454ea6f34c11f3da2 Request headers accept-language en-US,en;q=0.9 Referer https://prenotavisite.davincisalute.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Wed, 03 Jan 2024 13:05:18 GMT x-guploader-uploadid ABPtcPpw4vaDAQIKObGkxAj61MqKL2Mup8ou5sGfV7zYzeb3XLAfmcy9ICV2gey9h1jmz3mGtdY x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 last-modified Wed, 11 Oct 2023 13:39:15 GMT server UploadServer vary Accept-Encoding x-goog-generation 1697031555677558 content-type image/png access-control-allow-origin * x-goog-hash crc32c=RpstdA==, md5=1Sxrn1GJ++WDiSoVzCsgwA== access-control-expose-headers Content-Type cache-control public, max-age=3600 x-goog-stored-content-length 77251 accept-ranges none expires Wed, 03 Jan 2024 14:05:18 GMT
GET H2	200	f53dfa97-ff1d-42a5-8fb8-7f4f3bd7daa7.png storage.googleapis.com/builder.zenflow.de/neurologo/www/assets/	46 KB 46 KB	654ms 583ms	Image image/png	2607:f8b0:4004:c07::cf GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://storage.googleapis.com/builder.zenflow.de/neurologo/www/assets/f53dfa97-ff1d-42a5-8fb8-7f4f3bd7daa7.png Requested by Host: prenotavisite.davincisalute.com URL: https://prenotavisite.davincisalute.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c07::cf Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash 3294dc019c1cfcc4664b42d0015465750a0037007bb19628f82a2e65934da873 Request headers accept-language en-US,en;q=0.9 Referer https://prenotavisite.davincisalute.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Wed, 03 Jan 2024 13:05:19 GMT x-guploader-uploadid ABPtcPo5fWhtZ4HPPjMfqxX_UKFji9S4CJMpMraDOs8tdHvweofdnciMTxee92Fdnii-bHO8U4E x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 last-modified Wed, 11 Oct 2023 13:39:15 GMT server UploadServer vary Accept-Encoding x-goog-generation 1697031555712018 content-type image/png access-control-allow-origin * x-goog-hash crc32c=aIvTMw==, md5=rCfh0tDjPgcKDkBC0KAFIw== access-control-expose-headers Content-Type cache-control public, max-age=3600 x-goog-stored-content-length 45385 accept-ranges none expires Wed, 03 Jan 2024 14:05:19 GMT
GET H2	200	fb3361bd-a9b7-4683-b286-4c979fb1b648.png storage.googleapis.com/builder.zenflow.de/neurologo/www/assets/	146 KB 147 KB	280ms 208ms	Image image/png	2607:f8b0:4004:c07::cf GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://storage.googleapis.com/builder.zenflow.de/neurologo/www/assets/fb3361bd-a9b7-4683-b286-4c979fb1b648.png Requested by Host: prenotavisite.davincisalute.com URL: https://prenotavisite.davincisalute.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c07::cf Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash 5567608df183f86c8a0a419966fc0bf679651f047c6cdefedbf8006cbb39c41b Request headers accept-language en-US,en;q=0.9 Referer https://prenotavisite.davincisalute.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Wed, 03 Jan 2024 13:05:18 GMT x-guploader-uploadid ABPtcPqoILugD5kuzcuXSYhn6x2EHGfFIaU2tM9ZFSaZRSLK0bMt-5sHWnr-vrgYShaEKFd0_Tg x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 last-modified Wed, 11 Oct 2023 13:39:15 GMT server UploadServer vary Accept-Encoding x-goog-generation 1697031555715476 content-type image/png access-control-allow-origin * x-goog-hash crc32c=ZnICTg==, md5=dX/uwYKpKzo2oeeW9X7l0w== access-control-expose-headers Content-Type cache-control public, max-age=3600 x-goog-stored-content-length 130156 accept-ranges none expires Wed, 03 Jan 2024 14:05:18 GMT
GET H2	200	rocket-loader.min.js Show response prenotavisite.davincisalute.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/	12 KB 4 KB	35ms 34ms	Script application/javascript	2606:4700:20::681a:ff7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://prenotavisite.davincisalute.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Requested by Host: prenotavisite.davincisalute.com URL: https://prenotavisite.davincisalute.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ff7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language en-US,en;q=0.9 Referer https://prenotavisite.davincisalute.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Wed, 03 Jan 2024 13:05:18 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 19 Dec 2023 14:09:38 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6581a422-302c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5sg4DI86iOvcY4hkgIpZHllljTuBwyeXolHsd36zHBNGsoO8lPiyGW2AS5yY5f5Lyq3ocvkuu8ToqbPYkX1TrC3QsJX4poecS%2FbAxbkffvyOXGGtNoDnyWXL%2BqQGMPMHHRHf%2F%2BXL%2F5esFiFt1fxCih6L0VpnaBSaekHi7o4%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-frame-options DENY cache-control max-age=172800, public cf-ray 83fb73dbcb094bcd-BUF expires Fri, 05 Jan 2024 13:05:18 GMT
GET H2	200	v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response static.cloudflareinsights.com/beacon.min.js/	20 KB 7 KB	136ms 57ms	Script text/javascript	2606:4700::6810:3965 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317 Requested by Host: prenotavisite.davincisalute.com URL: https://prenotavisite.davincisalute.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101 Request headers Referer https://prenotavisite.davincisalute.com/ Origin https://prenotavisite.davincisalute.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Wed, 03 Jan 2024 13:05:18 GMT content-encoding gzip last-modified Tue, 10 Oct 2023 21:38:13 GMT server cloudflare etag W/"2023.10.0" vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 83fb73dc787f4bc6-BUF
GET H2	200	6xKtdSZaM9iE8KbpRA_hK1QN.woff2 fonts.heyflow.cloud/s/quicksand/v31/	27 KB 28 KB	450ms 387ms	Font font/woff2	2606:4700:20::ac43:4aa7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fonts.heyflow.cloud/s/quicksand/v31/6xKtdSZaM9iE8KbpRA_hK1QN.woff2 Requested by Host: fonts.heyflow.cloud URL: https://fonts.heyflow.cloud/css?family=Open+Sans:300,400,500,600,700,800|Quicksand:300,400,500,600,700,800&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4aa7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 5a42c91e1ecc9b09346a1520d9a6f98074c13eebfb1cc87c4e82e5992beb685b Request headers Referer https://fonts.heyflow.cloud/css?family=Open+Sans:300,400,500,600,700,800|Quicksand:300,400,500,600,700,800&display=swap Origin https://prenotavisite.davincisalute.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Wed, 03 Jan 2024 13:05:21 GMT cf-cache-status MISS last-modified Wed, 03 Jan 2024 13:05:20 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NoXIxq6J1DKKVtJyMSdD9TOxD66CyQ0tC2%2FkRpKWXB0G2oQmFj15OqR3wyGiyZ1GRMVQ9VppFnyIrE2%2BoMRK7suyqlz%2Fg9%2B6og%2FtpYATF0PdNkpxXgoyyctGH2WDEeMVYTPmVHV1bpajh0VbdKhcQ%2Bg%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin * x-cloud-trace-context 2ab675247a649f5b2af98fc3dc5675e5 cache-control public, max-age=604800 accept-ranges bytes cf-ray 83fb73e879474bcd-BUF content-length 28064
GET H2	200	gtm.js Show response www.googletagmanager.com/	200 KB 70 KB	135ms 51ms	Script application/javascript	2607:f8b0:4004:c17::61 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-MQFMKL9 Requested by Host: prenotavisite.davincisalute.com URL: https://prenotavisite.davincisalute.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash ca60343f9d622e0e7b82556b186e7ccf2a8bfd6cf407d911300dcdb7e9a4f86b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://prenotavisite.davincisalute.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Wed, 03 Jan 2024 13:05:21 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 71329 x-xss-protection 0 last-modified Wed, 03 Jan 2024 12:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 03 Jan 2024 13:05:21 GMT
POST H2	204	rum Show response prenotavisite.davincisalute.com/cdn-cgi/	0 175 B	33ms 31ms	XHR text/plain	2606:4700:20::681a:ff7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://prenotavisite.davincisalute.com/cdn-cgi/rum? Requested by Host: static.cloudflareinsights.com URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ff7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://prenotavisite.davincisalute.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 content-type application/json Response headers date Wed, 03 Jan 2024 13:05:21 GMT x-content-type-options nosniff server cloudflare vary Origin access-control-max-age 86400 access-control-allow-methods POST,OPTIONS access-control-allow-origin https://prenotavisite.davincisalute.com x-frame-options DENY access-control-allow-credentials true cf-ray 83fb73ebabc54bcd-BUF
POST H2	204	rum Show response prenotavisite.davincisalute.com/cdn-cgi/	0 37 B	46ms 30ms	XHR text/plain	2606:4700:20::681a:ff7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://prenotavisite.davincisalute.com/cdn-cgi/rum? Requested by Host: static.cloudflareinsights.com URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ff7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://prenotavisite.davincisalute.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 content-type application/json Response headers date Wed, 03 Jan 2024 13:05:21 GMT x-content-type-options nosniff server cloudflare vary Origin access-control-max-age 86400 access-control-allow-methods POST,OPTIONS access-control-allow-origin https://prenotavisite.davincisalute.com x-frame-options DENY access-control-allow-credentials true cf-ray 83fb73ebdbd04bcd-BUF
POST H2	200	/ Show response tracking.heyflow.cloud/	2 B 320 B	204ms 198ms	XHR text/plain	2606:4700:20::ac43:4aa7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tracking.heyflow.cloud/ Requested by Host: prenotavisite.davincisalute.com URL: https://prenotavisite.davincisalute.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4aa7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers Accept application/json, text/plain, */* Referer https://prenotavisite.davincisalute.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Content-Type application/json;charset=UTF-8 Response headers date Wed, 03 Jan 2024 13:05:21 GMT via 1.1 google, 1.1 google cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare access-control-allow-methods GET, POST, PUT content-type text/plain; charset=utf-8 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BkUxR5%2Fy8qzoeqmHGWthxJWrQalana6y8RLbGd6e6hMFBdckVYKmNMoNJc05BgbOzxn%2B58QPTQkQuYED8hvFfDtnGYS4OzmmX9jF3WqJZcDGYS8yQEVni3qe%2BeOgl9nwjOqlBcVXrZ%2B55au58CHXmPlF%2FUg%3D"}],"group":"cf-nel","max_age":604800} x-cloud-trace-context 37231eb2f451f7a92a8a79dccfa7b657 cf-ray 83fb73ef0d3f4bcd-BUF access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept content-length 2
OPTIONS H2	200	/ tracking.heyflow.cloud/	0 0	509ms 479ms	Preflight text/plain	2606:4700:20::ac43:4aa7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tracking.heyflow.cloud/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4aa7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://prenotavisite.davincisalute.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept access-control-allow-methods GET, POST, PUT access-control-allow-origin * cf-cache-status DYNAMIC cf-ray 83fb73ec0bd64bcd-BUF content-length 2 content-type text/plain; charset=utf-8 date Wed, 03 Jan 2024 13:05:21 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zg4HnzQ9qUz%2BVYxcsSsJzBAprLRoil55eyjqas6lFvMeAHyzQimWAu2l%2FLxf8CSM8HKjewHFDfxMLNBAskG%2BmWfwCK6CLgkLSsrSyt2hHGamFQWNsJ3jMcN5qJNWwf5KITFA2KYexlQprdVQWXIFRZmQfrQ%3D"}],"group":"cf-nel","max_age":604800} server cloudflare via 1.1 google, 1.1 google x-cloud-trace-context 3280baf210500fd50f8aff53225579ab
OPTIONS H2	200	/ tracking.heyflow.cloud/	0 0	373ms 371ms	Preflight text/plain	2606:4700:20::ac43:4aa7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tracking.heyflow.cloud/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4aa7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://prenotavisite.davincisalute.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept access-control-allow-methods GET, POST, PUT access-control-allow-origin * cf-cache-status DYNAMIC cf-ray 83fb73f06e014bcd-BUF content-length 2 content-type text/plain; charset=utf-8 date Wed, 03 Jan 2024 13:05:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VYy550SN%2Bvs7OmaDafFgl1iq2Uj1%2FZESAj9cryzxg4uMwEkWuzGAaaofRDazqOMEOVz3LBbr3EQZRN%2BZ5rF%2FaCaDNVMAn4spNj1ul%2B1ODVWNJbB2I96Yn034FGpipKiRbCSr8WAu0XKNfVZPx6DJz2tZQ74%3D"}],"group":"cf-nel","max_age":604800} server cloudflare via 1.1 google, 1.1 google x-cloud-trace-context b88eccf1101bc8a2a813b34a5d5cd512
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	150ms 37ms	Script text/javascript	2607:f8b0:4004:c17::66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQFMKL9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c17::66 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://prenotavisite.davincisalute.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Wed, 03 Jan 2024 11:31:24 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 5638 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Wed, 03 Jan 2024 13:31:24 GMT
POST H2	200	/ Show response tracking.heyflow.cloud/	2 B 320 B	190ms 189ms	XHR text/plain	2606:4700:20::ac43:4aa7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tracking.heyflow.cloud/ Requested by Host: prenotavisite.davincisalute.com URL: https://prenotavisite.davincisalute.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4aa7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers Accept application/json, text/plain, */* Referer https://prenotavisite.davincisalute.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Content-Type application/json;charset=UTF-8 Response headers date Wed, 03 Jan 2024 13:05:22 GMT via 1.1 google, 1.1 google cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare access-control-allow-methods GET, POST, PUT content-type text/plain; charset=utf-8 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gffb6r9Wbk0pu%2Fv9n9yy47PVvSqikZNMU6zb9yN17mQNpEY6hSI2Br21ZPARvsL%2F8f5bTQlivRWnJM6rQlzmRKonYArt%2FPudxnQ5JZTsm0tzB%2FM%2BZqf%2BQIc5Tt3Jg81Y7u9pcqyxJKZuHiPg5z6Af%2BJrpBQ%3D"}],"group":"cf-nel","max_age":604800} x-cloud-trace-context abba48005db3594d6a650996eb68e5cc cf-ray 83fb73f2cf374bcd-BUF access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept content-length 2

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| __cfQR object| __cfBeacon string| currentlyMounting object| heyflow object| dataLayer object| windowConstants boolean| __cfRLUnblockHandlers object| webpackChunk_heyflow_flow object| regeneratorRuntime function| Cleave function| onLessReady function| flatpickr object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.davincisalute.com/	1970-01-21 03:00:47	Name: _ga Value: GA1.2.1524338327.1704287122
			.davincisalute.com/	1970-01-20 17:26:13	Name: _gid Value: GA1.2.791415998.1704287122

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.heyflow.cloud
prenotavisite.davincisalute.com
static.cloudflareinsights.com
storage.googleapis.com
tracking.heyflow.cloud
www.google-analytics.com
www.googletagmanager.com
2606:4700:20::681a:ff7
2606:4700:20::ac43:4aa7
2606:4700::6810:3965
2607:f8b0:4004:c07::cf
2607:f8b0:4004:c17::61
2607:f8b0:4004:c17::66
3294dc019c1cfcc4664b42d0015465750a0037007bb19628f82a2e65934da873
4fefbaaf21e93f385b7528da16c7f4de43e4fcd70c13e0276c1967c1239aa69f
5567608df183f86c8a0a419966fc0bf679651f047c6cdefedbf8006cbb39c41b
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a42c91e1ecc9b09346a1520d9a6f98074c13eebfb1cc87c4e82e5992beb685b
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
94a2eb6be8df0ca14f836c8221bd0e79912e819b110585fd2ac914bb26c5d526
ca60343f9d622e0e7b82556b186e7ccf2a8bfd6cf407d911300dcdb7e9a4f86b
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd6fc42ac18678956db8cbeb568c0340ef859a6847861460623fa284fcf43d2b
d7e6b4c92ec83b574a65538d9368360208bf02b6d358cc8454ea6f34c11f3da2
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855