urlscan.io logo urlscan.io
SecurityTrails logo

app.dam-health.com Open in urlscan Pro
2606:4700:10::ac43:2b0d  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy2...
Effective URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvY...
Submission Tags: falconsandbox
Submission: On August 29 via api from US — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 3 countries across 16 domains to perform 59 HTTP transactions. The main IP is 2606:4700:10::ac43:2b0d, located in United States and belongs to CLOUDFLARENET, US. The main domain is app.dam-health.com. The Cisco Umbrella rank of the primary domain is 861082.
TLS certificate: Issued by E1 on August 14th 2022. Valid for: 3 months.
This is the only time app.dam-health.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

10    80.211.49.112 (Arezzo, Italy)

ASN31034 (ARUBA-ASN, IT)
PTR: net-80-211-49-112.cust.vodafonedsl.it
urlsand.esvalabs.com
2    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2600:9000:223c:f600:9:ec94:b800:93a1 (United States)

ASN16509 (AMAZON-02, US)
trk.klclick3.com
18    2606:4700:10::ac43:2b0d (United States)

ASN13335 (CLOUDFLARENET, US)
app.dam-health.com
2    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
3    99.86.240.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-240-11.vie50.r.cloudfront.net
js.stripe.com
2    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2620:1ec:27::cafe:2193 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
www.googleadservices.com
3    54.187.159.182 (None, )

ASN- ()
q.stripe.com
2    151.101.0.176 (United States)

ASN54113 (FASTLY, US)
m.stripe.network
1    2a00:1450:4001:80f::2002 (None, )

ASN- ()
googleads.g.doubleclick.net
1    2a00:1450:400c:c00::9a (None, )

ASN- ()
stats.g.doubleclick.net
1    2001:4860:4802:32::36 (None, )

ASN- ()
region1.google-analytics.com
2    2a00:1450:4001:812::2004 (None, )

ASN- ()
www.google.com
2    2a00:1450:4001:806::2003 (None, )

ASN- ()
www.google.it
Apex Domain
Subdomains		 Transfer
18 dam-health.com
app.dam-health.com — Cisco Umbrella Rank: 861082
733 KB
10 esvalabs.com
urlsand.esvalabs.com — Cisco Umbrella Rank: 418481
405 KB
6 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1386
q.stripe.com
m.stripe.com Failed
83 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 45
region1.google-analytics.com
20 KB
2 google.it
www.google.it
655 B
2 google.com
www.google.com
655 B
2 doubleclick.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
2 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1464
17 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
127 KB
2 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 512
j.clarity.ms Failed
25 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 219
12 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 422
5 KB
2 gstatic.com
fonts.gstatic.com
60 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 54
2 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 130
16 KB
1 klclick3.com
trk.klclick3.com — Cisco Umbrella Rank: 38945
360 B
59 16
Domain Requested by
18 app.dam-health.com urlsand.esvalabs.com
app.dam-health.com
10 urlsand.esvalabs.com 1 redirects urlsand.esvalabs.com
3 q.stripe.com urlsand.esvalabs.com
3 js.stripe.com app.dam-health.com
js.stripe.com
2 www.google.it app.dam-health.com
2 www.google.com app.dam-health.com
2 m.stripe.network js.stripe.com
m.stripe.network
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com app.dam-health.com
www.googletagmanager.com
2 www.clarity.ms app.dam-health.com
www.clarity.ms
2 cdnjs.cloudflare.com app.dam-health.com
2 cdn.jsdelivr.net app.dam-health.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com urlsand.esvalabs.com
app.dam-health.com
1 region1.google-analytics.com www.googletagmanager.com
1 stats.g.doubleclick.net www.google-analytics.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.googleadservices.com www.googletagmanager.com
1 trk.klclick3.com 1 redirects
0 m.stripe.com Failed m.stripe.network
0 j.clarity.ms Failed www.clarity.ms
59 21

This site contains no links.

Subject Issuer Validity Valid
esvalabs.com
R3		 2022-08-08 -
2022-11-06		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
*.dam-health.com
E1		 2022-08-14 -
2022-11-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-02 -
2023-06-01		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2022-05-20 -
2022-09-25		 4 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-27 -
2023-02-27		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-15 -
2022-11-13		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
*.google.it
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Frame ID: CE052FD6AC738D915FF064D9641F0635
Requests: 48 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-98f751caa71258908b5329d54fa4604f.html
Frame ID: B9181BD205E247044626E5824FF4F60B
Requests: 4 HTTP requests in this frame

Frame: https://app.dam-health.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1661745600
Frame ID: EDF392F95451798B07187DD3B8472091
Requests: 3 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: E16F62CEF9F994BD290ED3A0970FBF23
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

DAM Health

Page URL History Show full URLs

  1. https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSD... HTTP 302
    https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSD... Page URL
  2. https://trk.klclick3.com/ls/click?upn=tgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdU... HTTP 302
    https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPF... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • blazor\.server\.js
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

59
Requests

97 %
HTTPS

74 %
IPv6

16
Domains

21
Subdomains

19
IPs

3
Countries

1507 kB
Transfer

4381 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jhn0x1Pe1-2F-2BCMcLQlgm32to5IOivOSZdJ8-2BSHIvrRSN_Z4nllQV2sLbvIe2xKPPf8v5u8jLwN2UAcZEgkH0O6V8l8-2FU65STavBx8d-2F-2BztyZPJ83WAkg-2BqPgTarSmoHcd-2Bht2DnpK9gi0CxfyxtKmqeYRHlJdKt28mwQZkq-2FBNwJmkmMLdbyOt7XecyM7tOe1e1VHh7GpqcWK3jCIsZ-2F-2BclUqc5c6dx9DTDuwvJmtJAzXZs6NGaf-2B9jx2Ar2BFTHf4eNGo9dT3eXRpi83ouCGhVZRLaeX9-2FeruXpZb8rLuEenAds5dDGLS9wyHr1jdONREvwyCMlizMp5HtWw7LIPyUNDr4mjLZpY2PglS3EtcFQc5zbpQdxntfNQQgTpfQ73OwAs6O0i3YfZ3qLQwx1eowkk0Rx4UJoqmLS8muobqPBpDnXwQo1T4i7IjViOBgi2nw-3D-3D&e=d02f10fa&h=16457eb4&f=y&p=y HTTP 302
    https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jhn0x1Pe1-2F-2BCMcLQlgm32to5IOivOSZdJ8-2BSHIvrRSN_Z4nllQV2sLbvIe2xKPPf8v5u8jLwN2UAcZEgkH0O6V8l8-2FU65STavBx8d-2F-2BztyZPJ83WAkg-2BqPgTarSmoHcd-2Bht2DnpK9gi0CxfyxtKmqeYRHlJdKt28mwQZkq-2FBNwJmkmMLdbyOt7XecyM7tOe1e1VHh7GpqcWK3jCIsZ-2F-2BclUqc5c6dx9DTDuwvJmtJAzXZs6NGaf-2B9jx2Ar2BFTHf4eNGo9dT3eXRpi83ouCGhVZRLaeX9-2FeruXpZb8rLuEenAds5dDGLS9wyHr1jdONREvwyCMlizMp5HtWw7LIPyUNDr4mjLZpY2PglS3EtcFQc5zbpQdxntfNQQgTpfQ73OwAs6O0i3YfZ3qLQwx1eowkk0Rx4UJoqmLS8muobqPBpDnXwQo1T4i7IjViOBgi2nw-3D-3D&e=d02f10fa&h=16457eb4&f=y&p=y&l=1 Page URL
  2. https://trk.klclick3.com/ls/click?upn=tgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jhn0x1Pe1-2F-2BCMcLQlgm32to5IOivOSZdJ8-2BSHIvrRSN_Z4nllQV2sLbvIe2xKPPf8v5u8jLwN2UAcZEgkH0O6V8l8-2FU65STavBx8d-2F-2BztyZPJ83WAkg-2BqPgTarSmoHcd-2Bht2DnpK9gi0CxfyxtKmqeYRHlJdKt28mwQZkq-2FBNwJmkmMLdbyOt7XecyM7tOe1e1VHh7GpqcWK3jCIsZ-2F-2BclUqc5c6dx9DTDuwvJmtJAzXZs6NGaf-2B9jx2Ar2BFTHf4eNGo9dT3eXRpi83ouCGhVZRLaeX9-2FeruXpZb8rLuEenAds5dDGLS9wyHr1jdONREvwyCMlizMp5HtWw7LIPyUNDr4mjLZpY2PglS3EtcFQc5zbpQdxntfNQQgTpfQ73OwAs6O0i3YfZ3qLQwx1eowkk0Rx4UJoqmLS8muobqPBpDnXwQo1T4i7IjViOBgi2nw-3D-3D HTTP 302
    https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jhn0x1Pe1-2F-2BCMcLQlgm32to5IOivOSZdJ8-2BSHIvrRSN_Z4nllQV2sLbvIe2xKPPf8v5u8jLwN2UAcZEgkH0O6V8l8-2FU65STavBx8d-2F-2BztyZPJ83WAkg-2BqPgTarSmoHcd-2Bht2DnpK9gi0CxfyxtKmqeYRHlJdKt28mwQZkq-2FBNwJmkmMLdbyOt7XecyM7tOe1e1VHh7GpqcWK3jCIsZ-2F-2BclUqc5c6dx9DTDuwvJmtJAzXZs6NGaf-2B9jx2Ar2BFTHf4eNGo9dT3eXRpi83ouCGhVZRLaeX9-2FeruXpZb8rLuEenAds5dDGLS9wyHr1jdONREvwyCMlizMp5HtWw7LIPyUNDr4mjLZpY2PglS3EtcFQc5zbpQdxntfNQQgTpfQ73OwAs6O0i3YfZ3qLQwx1eowkk0Rx4UJoqmLS8muobqPBpDnXwQo1T4i7IjViOBgi2nw-3D-3D&e=d02f10fa&h=16457eb4&f=y&p=y HTTP 302
  • https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jhn0x1Pe1-2F-2BCMcLQlgm32to5IOivOSZdJ8-2BSHIvrRSN_Z4nllQV2sLbvIe2xKPPf8v5u8jLwN2UAcZEgkH0O6V8l8-2FU65STavBx8d-2F-2BztyZPJ83WAkg-2BqPgTarSmoHcd-2Bht2DnpK9gi0CxfyxtKmqeYRHlJdKt28mwQZkq-2FBNwJmkmMLdbyOt7XecyM7tOe1e1VHh7GpqcWK3jCIsZ-2F-2BclUqc5c6dx9DTDuwvJmtJAzXZs6NGaf-2B9jx2Ar2BFTHf4eNGo9dT3eXRpi83ouCGhVZRLaeX9-2FeruXpZb8rLuEenAds5dDGLS9wyHr1jdONREvwyCMlizMp5HtWw7LIPyUNDr4mjLZpY2PglS3EtcFQc5zbpQdxntfNQQgTpfQ73OwAs6O0i3YfZ3qLQwx1eowkk0Rx4UJoqmLS8muobqPBpDnXwQo1T4i7IjViOBgi2nw-3D-3D&e=d02f10fa&h=16457eb4&f=y&p=y&l=1

59 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
urlsand.esvalabs.com/
Redirect Chain
  • https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2...
  • https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2...
6 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jhn0x1Pe1-2F-2BCMcLQlgm32to5IOivOSZdJ8-2BSHIvrRSN_Z4nllQV2sLbvIe2xKPPf8v5u8jLwN2UAcZEgkH0O6V8l8-2FU65STavBx8d-2F-2BztyZPJ83WAkg-2BqPgTarSmoHcd-2Bht2DnpK9gi0CxfyxtKmqeYRHlJdKt28mwQZkq-2FBNwJmkmMLdbyOt7XecyM7tOe1e1VHh7GpqcWK3jCIsZ-2F-2BclUqc5c6dx9DTDuwvJmtJAzXZs6NGaf-2B9jx2Ar2BFTHf4eNGo9dT3eXRpi83ouCGhVZRLaeX9-2FeruXpZb8rLuEenAds5dDGLS9wyHr1jdONREvwyCMlizMp5HtWw7LIPyUNDr4mjLZpY2PglS3EtcFQc5zbpQdxntfNQQgTpfQ73OwAs6O0i3YfZ3qLQwx1eowkk0Rx4UJoqmLS8muobqPBpDnXwQo1T4i7IjViOBgi2nw-3D-3D&e=d02f10fa&h=16457eb4&f=y&p=y&l=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.211.49.112 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
net-80-211-49-112.cust.vodafonedsl.it
Software
nginx /
Resource Hash
f2053a1d0fd885c22858bdf85f379b2be45b659315ff08413fdca0cf933e9b8a
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

cache-control
no-cache, private
content-security-policy
default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
content-type
text/html; charset=UTF-8
date
Mon, 29 Aug 2022 04:00:18 GMT
feature-policy
fullscreen 'self'
referrer-policy
strict-origin
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-cache, private
content-security-policy
default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
content-type
text/html; charset=UTF-8
date
Mon, 29 Aug 2022 04:00:18 GMT
feature-policy
fullscreen 'self'
location
//urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jhn0x1Pe1-2F-2BCMcLQlgm32to5IOivOSZdJ8-2BSHIvrRSN_Z4nllQV2sLbvIe2xKPPf8v5u8jLwN2UAcZEgkH0O6V8l8-2FU65STavBx8d-2F-2BztyZPJ83WAkg-2BqPgTarSmoHcd-2Bht2DnpK9gi0CxfyxtKmqeYRHlJdKt28mwQZkq-2FBNwJmkmMLdbyOt7XecyM7tOe1e1VHh7GpqcWK3jCIsZ-2F-2BclUqc5c6dx9DTDuwvJmtJAzXZs6NGaf-2B9jx2Ar2BFTHf4eNGo9dT3eXRpi83ouCGhVZRLaeX9-2FeruXpZb8rLuEenAds5dDGLS9wyHr1jdONREvwyCMlizMp5HtWw7LIPyUNDr4mjLZpY2PglS3EtcFQc5zbpQdxntfNQQgTpfQ73OwAs6O0i3YfZ3qLQwx1eowkk0Rx4UJoqmLS8muobqPBpDnXwQo1T4i7IjViOBgi2nw-3D-3D&e=d02f10fa&h=16457eb4&f=y&p=y&l=1
referrer-policy
strict-origin
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
urlsandbox.css
urlsand.esvalabs.com/templates/default/css/ 		184 KB
184 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://urlsand.esvalabs.com/templates/default/css/urlsandbox.css
Requested by
Host: urlsand.esvalabs.com
URL: https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jhn0x1Pe1-2F-2BCMcLQlgm32to5IOivOSZdJ8-2BSHIvrRSN_Z4nllQV2sLbvIe2xKPPf8v5u8jLwN2UAcZEgkH0O6V8l8-2FU65STavBx8d-2F-2BztyZPJ83WAkg-2BqPgTarSmoHcd-2Bht2DnpK9gi0CxfyxtKmqeYRHlJdKt28mwQZkq-2FBNwJmkmMLdbyOt7XecyM7tOe1e1VHh7GpqcWK3jCIsZ-2F-2BclUqc5c6dx9DTDuwvJmtJAzXZs6NGaf-2B9jx2Ar2BFTHf4eNGo9dT3eXRpi83ouCGhVZRLaeX9-2FeruXpZb8rLuEenAds5dDGLS9wyHr1jdONREvwyCMlizMp5HtWw7LIPyUNDr4mjLZpY2PglS3EtcFQc5zbpQdxntfNQQgTpfQ73OwAs6O0i3YfZ3qLQwx1eowkk0Rx4UJoqmLS8muobqPBpDnXwQo1T4i7IjViOBgi2nw-3D-3D&e=d02f10fa&h=16457eb4&f=y&p=y&l=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.211.49.112 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
net-80-211-49-112.cust.vodafonedsl.it
Software
nginx /
Resource Hash
3661b0abad108b1e162b750119e065a1bc24b379ed4371a0daf807ee3567534c
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://urlsand.esvalabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:00:18 GMT
referrer-policy
strict-origin
last-modified
Thu, 25 Aug 2022 12:34:05 GMT
server
nginx
etag
"63076c3d-2df7e"
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
feature-policy
fullscreen 'self'
content-security-policy
default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
188286
x-content-type-options
nosniff
urlsand.css
urlsand.esvalabs.com/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://urlsand.esvalabs.com/css/urlsand.css
Requested by
Host: urlsand.esvalabs.com
URL: https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jhn0x1Pe1-2F-2BCMcLQlgm32to5IOivOSZdJ8-2BSHIvrRSN_Z4nllQV2sLbvIe2xKPPf8v5u8jLwN2UAcZEgkH0O6V8l8-2FU65STavBx8d-2F-2BztyZPJ83WAkg-2BqPgTarSmoHcd-2Bht2DnpK9gi0CxfyxtKmqeYRHlJdKt28mwQZkq-2FBNwJmkmMLdbyOt7XecyM7tOe1e1VHh7GpqcWK3jCIsZ-2F-2BclUqc5c6dx9DTDuwvJmtJAzXZs6NGaf-2B9jx2Ar2BFTHf4eNGo9dT3eXRpi83ouCGhVZRLaeX9-2FeruXpZb8rLuEenAds5dDGLS9wyHr1jdONREvwyCMlizMp5HtWw7LIPyUNDr4mjLZpY2PglS3EtcFQc5zbpQdxntfNQQgTpfQ73OwAs6O0i3YfZ3qLQwx1eowkk0Rx4UJoqmLS8muobqPBpDnXwQo1T4i7IjViOBgi2nw-3D-3D&e=d02f10fa&h=16457eb4&f=y&p=y&l=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.211.49.112 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
net-80-211-49-112.cust.vodafonedsl.it
Software
nginx /
Resource Hash
fb55650bbb7a33af4f2925696ef0765dc57aaeeadadad1193969554f07d0f957
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://urlsand.esvalabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:00:18 GMT
referrer-policy
strict-origin
last-modified
Thu, 25 Aug 2022 12:34:04 GMT
server
nginx
etag
"63076c3c-6db"
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
feature-policy
fullscreen 'self'
content-security-policy
default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
1755
x-content-type-options
nosniff
logo.png
urlsand.esvalabs.com/templates/default/img/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://urlsand.esvalabs.com/templates/default/img/logo.png
Requested by
Host: urlsand.esvalabs.com
URL: https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jhn0x1Pe1-2F-2BCMcLQlgm32to5IOivOSZdJ8-2BSHIvrRSN_Z4nllQV2sLbvIe2xKPPf8v5u8jLwN2UAcZEgkH0O6V8l8-2FU65STavBx8d-2F-2BztyZPJ83WAkg-2BqPgTarSmoHcd-2Bht2DnpK9gi0CxfyxtKmqeYRHlJdKt28mwQZkq-2FBNwJmkmMLdbyOt7XecyM7tOe1e1VHh7GpqcWK3jCIsZ-2F-2BclUqc5c6dx9DTDuwvJmtJAzXZs6NGaf-2B9jx2Ar2BFTHf4eNGo9dT3eXRpi83ouCGhVZRLaeX9-2FeruXpZb8rLuEenAds5dDGLS9wyHr1jdONREvwyCMlizMp5HtWw7LIPyUNDr4mjLZpY2PglS3EtcFQc5zbpQdxntfNQQgTpfQ73OwAs6O0i3YfZ3qLQwx1eowkk0Rx4UJoqmLS8muobqPBpDnXwQo1T4i7IjViOBgi2nw-3D-3D&e=d02f10fa&h=16457eb4&f=y&p=y&l=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.211.49.112 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
net-80-211-49-112.cust.vodafonedsl.it
Software
nginx /
Resource Hash
81793beb150a889b0d407981e2c19a362cd56dead1445af5d314c7117d885ffc
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://urlsand.esvalabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:00:18 GMT
referrer-policy
strict-origin
last-modified
Thu, 25 Aug 2022 12:34:05 GMT
server
nginx
etag
"63076c3d-4b25"
x-frame-options
SAMEORIGIN
content-type
image/png
x-xss-protection
1; mode=block
feature-policy
fullscreen 'self'
content-security-policy
default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
19237
x-content-type-options
nosniff
polyfill.js
urlsand.esvalabs.com/js/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://urlsand.esvalabs.com/js/polyfill.js
Requested by
Host: urlsand.esvalabs.com
URL: https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jhn0x1Pe1-2F-2BCMcLQlgm32to5IOivOSZdJ8-2BSHIvrRSN_Z4nllQV2sLbvIe2xKPPf8v5u8jLwN2UAcZEgkH0O6V8l8-2FU65STavBx8d-2F-2BztyZPJ83WAkg-2BqPgTarSmoHcd-2Bht2DnpK9gi0CxfyxtKmqeYRHlJdKt28mwQZkq-2FBNwJmkmMLdbyOt7XecyM7tOe1e1VHh7GpqcWK3jCIsZ-2F-2BclUqc5c6dx9DTDuwvJmtJAzXZs6NGaf-2B9jx2Ar2BFTHf4eNGo9dT3eXRpi83ouCGhVZRLaeX9-2FeruXpZb8rLuEenAds5dDGLS9wyHr1jdONREvwyCMlizMp5HtWw7LIPyUNDr4mjLZpY2PglS3EtcFQc5zbpQdxntfNQQgTpfQ73OwAs6O0i3YfZ3qLQwx1eowkk0Rx4UJoqmLS8muobqPBpDnXwQo1T4i7IjViOBgi2nw-3D-3D&e=d02f10fa&h=16457eb4&f=y&p=y&l=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.211.49.112 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
net-80-211-49-112.cust.vodafonedsl.it
Software
nginx /
Resource Hash
b5ddb60604ac7c649070dc629ab1729ddfc0927463b3891d0d6c7d1b18419738
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://urlsand.esvalabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:00:18 GMT
referrer-policy
strict-origin
last-modified
Thu, 25 Aug 2022 12:34:04 GMT
server
nginx
etag
"63076c3c-4e3"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
feature-policy
fullscreen 'self'
content-security-policy
default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
1251
x-content-type-options
nosniff
helper.js
urlsand.esvalabs.com/js/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://urlsand.esvalabs.com/js/helper.js
Requested by
Host: urlsand.esvalabs.com
URL: https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jhn0x1Pe1-2F-2BCMcLQlgm32to5IOivOSZdJ8-2BSHIvrRSN_Z4nllQV2sLbvIe2xKPPf8v5u8jLwN2UAcZEgkH0O6V8l8-2FU65STavBx8d-2F-2BztyZPJ83WAkg-2BqPgTarSmoHcd-2Bht2DnpK9gi0CxfyxtKmqeYRHlJdKt28mwQZkq-2FBNwJmkmMLdbyOt7XecyM7tOe1e1VHh7GpqcWK3jCIsZ-2F-2BclUqc5c6dx9DTDuwvJmtJAzXZs6NGaf-2B9jx2Ar2BFTHf4eNGo9dT3eXRpi83ouCGhVZRLaeX9-2FeruXpZb8rLuEenAds5dDGLS9wyHr1jdONREvwyCMlizMp5HtWw7LIPyUNDr4mjLZpY2PglS3EtcFQc5zbpQdxntfNQQgTpfQ73OwAs6O0i3YfZ3qLQwx1eowkk0Rx4UJoqmLS8muobqPBpDnXwQo1T4i7IjViOBgi2nw-3D-3D&e=d02f10fa&h=16457eb4&f=y&p=y&l=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.211.49.112 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
net-80-211-49-112.cust.vodafonedsl.it
Software
nginx /
Resource Hash
6b9d2b61facecada8129475b245089790d9efb851a05fabc70ee2cb42c58d46b
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://urlsand.esvalabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:00:18 GMT
referrer-policy
strict-origin
last-modified
Thu, 25 Aug 2022 12:34:04 GMT
server
nginx
etag
"63076c3c-d47"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
feature-policy
fullscreen 'self'
content-security-policy
default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
3399
x-content-type-options
nosniff
redirect.js
urlsand.esvalabs.com/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://urlsand.esvalabs.com/js/redirect.js
Requested by
Host: urlsand.esvalabs.com
URL: https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jhn0x1Pe1-2F-2BCMcLQlgm32to5IOivOSZdJ8-2BSHIvrRSN_Z4nllQV2sLbvIe2xKPPf8v5u8jLwN2UAcZEgkH0O6V8l8-2FU65STavBx8d-2F-2BztyZPJ83WAkg-2BqPgTarSmoHcd-2Bht2DnpK9gi0CxfyxtKmqeYRHlJdKt28mwQZkq-2FBNwJmkmMLdbyOt7XecyM7tOe1e1VHh7GpqcWK3jCIsZ-2F-2BclUqc5c6dx9DTDuwvJmtJAzXZs6NGaf-2B9jx2Ar2BFTHf4eNGo9dT3eXRpi83ouCGhVZRLaeX9-2FeruXpZb8rLuEenAds5dDGLS9wyHr1jdONREvwyCMlizMp5HtWw7LIPyUNDr4mjLZpY2PglS3EtcFQc5zbpQdxntfNQQgTpfQ73OwAs6O0i3YfZ3qLQwx1eowkk0Rx4UJoqmLS8muobqPBpDnXwQo1T4i7IjViOBgi2nw-3D-3D&e=d02f10fa&h=16457eb4&f=y&p=y&l=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.211.49.112 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
net-80-211-49-112.cust.vodafonedsl.it
Software
nginx /
Resource Hash
1856e9eb336c1eb373538389dd55e7063d0c7598f2b1191c37c1bd1d7697c892
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://urlsand.esvalabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:00:18 GMT
referrer-policy
strict-origin
last-modified
Thu, 25 Aug 2022 12:34:04 GMT
server
nginx
etag
"63076c3c-71a"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
feature-policy
fullscreen 'self'
content-security-policy
default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
1818
x-content-type-options
nosniff
urlsandbox-dark.css
urlsand.esvalabs.com/templates/default/css/ 		184 KB
184 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://urlsand.esvalabs.com/templates/default/css/urlsandbox-dark.css
Requested by
Host: urlsand.esvalabs.com
URL: https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jhn0x1Pe1-2F-2BCMcLQlgm32to5IOivOSZdJ8-2BSHIvrRSN_Z4nllQV2sLbvIe2xKPPf8v5u8jLwN2UAcZEgkH0O6V8l8-2FU65STavBx8d-2F-2BztyZPJ83WAkg-2BqPgTarSmoHcd-2Bht2DnpK9gi0CxfyxtKmqeYRHlJdKt28mwQZkq-2FBNwJmkmMLdbyOt7XecyM7tOe1e1VHh7GpqcWK3jCIsZ-2F-2BclUqc5c6dx9DTDuwvJmtJAzXZs6NGaf-2B9jx2Ar2BFTHf4eNGo9dT3eXRpi83ouCGhVZRLaeX9-2FeruXpZb8rLuEenAds5dDGLS9wyHr1jdONREvwyCMlizMp5HtWw7LIPyUNDr4mjLZpY2PglS3EtcFQc5zbpQdxntfNQQgTpfQ73OwAs6O0i3YfZ3qLQwx1eowkk0Rx4UJoqmLS8muobqPBpDnXwQo1T4i7IjViOBgi2nw-3D-3D&e=d02f10fa&h=16457eb4&f=y&p=y&l=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.211.49.112 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
net-80-211-49-112.cust.vodafonedsl.it
Software
nginx /
Resource Hash
b4b3a8838d9785f30af74c5697192dd2f05ab486e0e9ef9ea074f1e3e4829a9c
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://urlsand.esvalabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:00:18 GMT
referrer-policy
strict-origin
last-modified
Thu, 25 Aug 2022 12:34:05 GMT
server
nginx
etag
"63076c3d-2dec3"
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
feature-policy
fullscreen 'self'
content-security-policy
default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
188099
x-content-type-options
nosniff
css
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400italic,700italic,400,700
Requested by
Host: urlsand.esvalabs.com
URL: https://urlsand.esvalabs.com/templates/default/css/urlsandbox.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7ec275664c47b6ed4e669c30c45faf44098ba646281b55e11235c02ccd56372f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://urlsand.esvalabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 02:08:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 29 Aug 2022 04:00:19 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 29 Aug 2022 04:00:19 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400italic,700italic,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://urlsand.esvalabs.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 18:50:34 GMT
x-content-type-options
nosniff
age
551385
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Aug 2023 18:50:34 GMT
/
urlsand.esvalabs.com/ 		696 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jhn0x1Pe1-2F-2BCMcLQlgm32to5IOivOSZdJ8-2BSHIvrRSN_Z4nllQV2sLbvIe2xKPPf8v5u8jLwN2UAcZEgkH0O6V8l8-2FU65STavBx8d-2F-2BztyZPJ83WAkg-2BqPgTarSmoHcd-2Bht2DnpK9gi0CxfyxtKmqeYRHlJdKt28mwQZkq-2FBNwJmkmMLdbyOt7XecyM7tOe1e1VHh7GpqcWK3jCIsZ-2F-2BclUqc5c6dx9DTDuwvJmtJAzXZs6NGaf-2B9jx2Ar2BFTHf4eNGo9dT3eXRpi83ouCGhVZRLaeX9-2FeruXpZb8rLuEenAds5dDGLS9wyHr1jdONREvwyCMlizMp5HtWw7LIPyUNDr4mjLZpY2PglS3EtcFQc5zbpQdxntfNQQgTpfQ73OwAs6O0i3YfZ3qLQwx1eowkk0Rx4UJoqmLS8muobqPBpDnXwQo1T4i7IjViOBgi2nw-3D-3D&e=d02f10fa&h=16457eb4&f=y&p=y&l=2
Requested by
Host: urlsand.esvalabs.com
URL: https://urlsand.esvalabs.com/js/helper.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.211.49.112 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
net-80-211-49-112.cust.vodafonedsl.it
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://urlsand.esvalabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:00:20 GMT
referrer-policy
strict-origin
server
nginx
x-frame-options
SAMEORIGIN
content-type
application/json
x-xss-protection
1; mode=block
cache-control
no-cache, private
feature-policy
fullscreen 'self'
content-security-policy
default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
Primary Request createbookings
app.dam-health.com/
Redirect Chain
  • https://trk.klclick3.com/ls/click?upn=tgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jh...
  • https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
23 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Requested by
Host: urlsand.esvalabs.com
URL: https://urlsand.esvalabs.com/js/redirect.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2b0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
feb420cdc0c5cfb90a342755f99f1e0a30c60bdc1ab92ecc4319fefe76af1078

Request headers

Referer
https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jhn0x1Pe1-2F-2BCMcLQlgm32to5IOivOSZdJ8-2BSHIvrRSN_Z4nllQV2sLbvIe2xKPPf8v5u8jLwN2UAcZEgkH0O6V8l8-2FU65STavBx8d-2F-2BztyZPJ83WAkg-2BqPgTarSmoHcd-2Bht2DnpK9gi0CxfyxtKmqeYRHlJdKt28mwQZkq-2FBNwJmkmMLdbyOt7XecyM7tOe1e1VHh7GpqcWK3jCIsZ-2F-2BclUqc5c6dx9DTDuwvJmtJAzXZs6NGaf-2B9jx2Ar2BFTHf4eNGo9dT3eXRpi83ouCGhVZRLaeX9-2FeruXpZb8rLuEenAds5dDGLS9wyHr1jdONREvwyCMlizMp5HtWw7LIPyUNDr4mjLZpY2PglS3EtcFQc5zbpQdxntfNQQgTpfQ73OwAs6O0i3YfZ3qLQwx1eowkk0Rx4UJoqmLS8muobqPBpDnXwQo1T4i7IjViOBgi2nw-3D-3D&e=d02f10fa&h=16457eb4&f=y&p=y&l=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
74226116bca7ba9f-MXP
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 29 Aug 2022 04:00:21 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare

Redirect headers

content-length
160
content-type
text/html; charset=utf-8
date
Mon, 29 Aug 2022 04:00:21 GMT
location
https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
server
nginx
via
1.1 bbd2abbdb134a9d53c0a12f6566e69fe.cloudfront.net (CloudFront)
x-amz-cf-id
xSIrSWHLR6FXVValWfq6cP5ecEGjcNrnQBq1DSYo2nW7mttcw_rrzw==
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
x-robots-tag
noindex, nofollow
site.css
app.dam-health.com/css/ 		29 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.dam-health.com/css/site.css
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2b0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e7c2d22a8b40e714fc2a719bcd074731b80fff8021aea8562d48b1f10876e98

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:00:21 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Thu, 11 Aug 2022 08:43:57 GMT
server
cloudflare
etag
W/"1d8ad5e7e9a31bd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache
cf-ray
74226117ad58ba9f-MXP
css
fonts.googleapis.com/ 		8 KB
830 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a0ae09929605e6f45470f62f9ec51e9ec846c70ba08947c673728468044ca1f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 03:46:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 29 Aug 2022 04:00:21 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 29 Aug 2022 04:00:21 GMT
MudBlazor.min.css
app.dam-health.com/_content/MudBlazor/ 		429 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.dam-health.com/_content/MudBlazor/MudBlazor.min.css?v=5.0.10
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2b0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
293f09d0d70a5f42427c86e4439ab21229f0e648aedd9d73f2f59868a411af54

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:00:21 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 11 Aug 2022 08:44:25 GMT
server
cloudflare
etag
W/"1d8ad5e8f4c0926"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache
cf-ray
74226117ad5dba9f-MXP
default.css
cdn.jsdelivr.net/npm/mobile-drag-drop@2.3.0-rc.2/ 		260 B
994 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/mobile-drag-drop@2.3.0-rc.2/default.css
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78460a8d3512f692dd035f09657a924a9a44ff5053ba7107cb7fc51ce2986448
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:00:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
27808
x-jsd-version
2.3.0-rc.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19161-FRA, cache-itm18834-ITM
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"104-2RPwG8pP5Fzg9LJq3RDrayzT0Io"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AF%2B5QPJnBSP8V5lk6RO47P%2B84dWy0nSHiZxbQzaZPIQz5hNkVXSfndR5%2FaTW5hwOFVk33dKievS7hDKPBeT%2B3qwG%2BBB%2FHMBvFQBaTiHol%2BhQl9oS6m2DTcN1y7L9a8fAg1erngCzAr378Hp6CMU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
74226117fd0a0f86-MXP
access-control-expose-headers
*
default-base.css
app.dam-health.com/_content/Radzen.Blazor/css/ 		196 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.dam-health.com/_content/Radzen.Blazor/css/default-base.css
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2b0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3721f1f4f363c3c4aeac530e2235902504fe308b7b4db1a131d9ab356588c04b

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:00:21 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Thu, 11 Aug 2022 08:44:31 GMT
server
cloudflare
etag
W/"1d8ad5e92dd510a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache
cf-ray
74226117ad5eba9f-MXP
MudBlazor.min.js
app.dam-health.com/_content/MudBlazor/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.dam-health.com/_content/MudBlazor/MudBlazor.min.js?v=5.0.10
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2b0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7f84cfb80e3cf8b118e511442bc82caba2c0e47a0ac207f21d667498bca0dff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:00:21 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 11 Aug 2022 08:44:26 GMT
server
cloudflare
etag
W/"1d8ad5e8fe319c3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
cf-ray
74226117ad5fba9f-MXP
Radzen.Blazor.js
app.dam-health.com/_content/Radzen.Blazor/ 		40 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.dam-health.com/_content/Radzen.Blazor/Radzen.Blazor.js
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2b0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
952cdfc6c1c1bbd525619bdc2197dae8ec8475f04aa9a881a695d8196a3c98aa

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:00:21 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Thu, 11 Aug 2022 08:44:28 GMT
server
cloudflare
etag
W/"1d8ad5e9114e10e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
cf-ray
74226117ad60ba9f-MXP
/
js.stripe.com/v3/ 		324 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.240.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-240-11.vie50.r.cloudfront.net
Software
Cloudfront /
Resource Hash
03ccef850024e0afa8f44f448d4e435a0a7789500da53cee6f703df62946106c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
5
x-cache
Hit from cloudfront
date
Mon, 29 Aug 2022 04:00:21 GMT
via
1.1 ef3fdf4c8ab8a4babeb402e6d03ee7c2.cloudfront.net (CloudFront)
last-modified
Fri, 26 Aug 2022 20:55:57 GMT
server
Cloudfront
etag
W/"66da5cfbca572898f3a34320bb376e3d"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-pop
VIE50-C1
timing-allow-origin
*
x-amz-cf-id
rpKFelYh7REZiH3kN0J_tTF2ZU6oRvLAD5YZAz7gJLWy7DYDSfz3HQ==
blazor.server.js
app.dam-health.com/_framework/ 		269 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.dam-health.com/_framework/blazor.server.js
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2b0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c823896a6ea725c2fbc7ada2df565483ec00dd8c9037d1f6ed0e3ce1722ee2ce

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:00:21 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Thu, 15 Jul 2021 17:56:21 GMT
server
cloudflare
etag
W/"1d779a2b80d6355"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
cf-ray
74226117ad61ba9f-MXP
protectedBrowserStorage.js
app.dam-health.com/_content/Microsoft.AspNetCore.ProtectedBrowserStorage/ 		16 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.dam-health.com/_content/Microsoft.AspNetCore.ProtectedBrowserStorage/protectedBrowserStorage.js
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2b0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d6aeb62c2d1fd92b825a5c11dd97d6a551117aed0e586fed1bc9e228d0e6268

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:00:21 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Thu, 11 Aug 2022 08:44:25 GMT
server
cloudflare
etag
W/"1d8ad5e8f4a84fd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
cf-ray
74226117ad62ba9f-MXP
jquery.min.js
app.dam-health.com/scripts/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.dam-health.com/scripts/jquery.min.js
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2b0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3a518dea876de39f9e5dc1ffcdeb6c661aee25d8a62474386b664ef3bf1b40f

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:00:21 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Thu, 11 Aug 2022 08:44:12 GMT
server
cloudflare
etag
W/"1d8ad5e878a4485"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
cf-ray
74226117ad64ba9f-MXP
html2pdf.bundle.js
app.dam-health.com/scripts/ 		687 KB
172 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.dam-health.com/scripts/html2pdf.bundle.js
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2b0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8536a787cba9a707ac2fb015a70abe7cf2b7f935ccaebb9e6a874926a2ffa595

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:00:21 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Thu, 11 Aug 2022 08:44:13 GMT
server
cloudflare
etag
W/"1d8ad5e8829161c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
cf-ray
74226117ad68ba9f-MXP
index.min.js
cdn.jsdelivr.net/npm/mobile-drag-drop@2.3.0-rc.2/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/mobile-drag-drop@2.3.0-rc.2/index.min.js
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de9f5cd8299bb2ba0384e79344bf545f74d498ff2085fe187ee4031267d9e83f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:00:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
27809
x-jsd-version
2.3.0-rc.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19151-FRA, cache-itm18824-ITM
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"29c5-VnwgYfLywwpMuAl6HfFqoynL3HE"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ZvrxttliVS0r3VIxypQ8H27XqryVn43NyWHKPP6EVJXdBu%2FYNEG6reNEd%2B%2Bse4OJqFmOHTjCntYE7z%2BIjVCiAnyQTAg3bTW1JUiJcQG%2Fg1ie5ekW%2BIrctlGez9yw%2FX%2B0%2BZ%2BeTgP7iOzNKgO3Ws%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
74226117fd0b0f86-MXP
access-control-expose-headers
*
xlsx.full.min.js
app.dam-health.com/scripts/ 		917 KB
325 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.dam-health.com/scripts/xlsx.full.min.js
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2b0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bff01a76f15f0387a5dc5ee2bfa6ff8759520f574053b2a3088d68f797c9f66

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:00:21 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Thu, 11 Aug 2022 08:44:15 GMT
server
cloudflare
etag
W/"1d8ad5e895a8ac9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
cf-ray
74226117ad6aba9f-MXP
FileSaver.js
cdnjs.cloudflare.com/ajax/libs/FileSaver.js/2.0.5/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/FileSaver.js/2.0.5/FileSaver.js
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6060c139808ad689ae6f055ea65eb8eaa90314fcceda72af727a369a7e69f263
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:00:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
128282
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1960
timing-allow-origin
*
last-modified
Thu, 19 Nov 2020 15:31:13 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fb68fc1-1809"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PFhSwiqKk0p9OTatQBkO2%2F8gM%2BVOpLv4Cd1xOPIPH2%2FwUuIQxBteX3aZJxFA665Ga37rp7I5yVnvhRucq50DvICVNtcknba5sIFZDnAY%2FG3A%2B85Mw8JVEhU3PXjKm9HUvhbKEZJAX%2BYl1HBpCu54Nthr"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74226117fa5b83b8-MXP
expires
Sat, 19 Aug 2023 04:00:21 GMT
tableexport.js
cdnjs.cloudflare.com/ajax/libs/TableExport/5.2.0/js/ 		39 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/TableExport/5.2.0/js/tableexport.js
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
499c2356e5692760d4ae5e42cf06988e7e74317d556645522ffbb29e6b6b5782
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:00:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9177
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:02 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03cf2-9aae"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=75VIq06GkmZPoh52C8Wt1CMZiqDeGvUoCJpSfTWNKUupWEC8XDxxlDqvYKbkLjkjoyRl3p1cw2s1HMNd4aZaSWnG4roMmL4AD6c5O9HY6prxHXcTM7MU4ZODxbayVPwUWxybERodOhAL05vA%2Fkwgr1eO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74226117fa5c83b8-MXP
expires
Sat, 19 Aug 2023 04:00:21 GMT
open-iconic-bootstrap.min.css
app.dam-health.com/css/open-iconic/font/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.dam-health.com/css/open-iconic/font/css/open-iconic-bootstrap.min.css
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/css/site.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2b0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
049fc6f9efb2edb41dad8912d91053c8d7c11e903d22e19a3e67fd86db9be4c4

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/css/site.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:00:21 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Thu, 11 Aug 2022 08:44:46 GMT
server
cloudflare
etag
W/"1d8ad5e9bcf37b3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache
cf-ray
74226118be68ba9f-MXP
ao6oiy1hcp
www.clarity.ms/tag/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/ao6oiy1hcp
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:2193 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
28f5c66dbec684141533e34db4d4b3e70a812b0f7f83769080b695d976ffbfb6

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:00:22 GMT
x-powered-by
ASP.NET
x-azure-ref
01jkMYwAAAAAHZ3Q3NQSxTK8FE2GXOSe1U09GMDFFREdFMDQyMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
expires
-1
cache-control
no-cache, no-store
request-context
appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0
gtm.js
www.googletagmanager.com/ 		145 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5F275K6
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5de325cfa8faf3a80d804b1b81a837aaa143c42692ba8ab58878f8e3af0b1a2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:00:22 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55881
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 29 Aug 2022 04:00:22 GMT
negotiate
app.dam-health.com/_blazor/ 		316 B
298 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app.dam-health.com/_blazor/negotiate?negotiateVersion=1
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/_framework/blazor.server.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2b0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a3777b0b714bccc1dd71cb99b759e28cb8a4eee1e6c87564e9ee7f3d57e45c4

Request headers

Referer
https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
X-Requested-With
XMLHttpRequest
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
X-SignalR-User-Agent
Microsoft SignalR/0.0 (0.0.0-DEV_BUILD; Unknown OS; Browser; Unknown Runtime Version)
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 29 Aug 2022 04:00:22 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74226119df65ba9f-MXP
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/json
m-outer-98f751caa71258908b5329d54fa4604f.html
js.stripe.com/v3/ Frame B918 		240 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-98f751caa71258908b5329d54fa4604f.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.240.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-240-11.vie50.r.cloudfront.net
Software
Cloudfront /
Resource Hash
66ca63189958d5427a466ae98e5a53e44a746c624bdb124eaf934fa16cd088dd
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://app.dam-health.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2324
cache-control
max-age=31536000
content-length
240
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 29 Aug 2022 03:48:41 GMT
etag
"98f751caa71258908b5329d54fa4604f"
last-modified
Fri, 26 Aug 2022 19:46:11 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 ef3fdf4c8ab8a4babeb402e6d03ee7c2.cloudfront.net (CloudFront)
x-amz-cf-id
Jow4f2pNh3yPNYQY1L6A6koeBJNhj22AoGvoZCCR4SrtdbC3SQ3sDg==
x-amz-cf-pop
VIE50-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
invisible.js
app.dam-health.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame EDF3 		43 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.dam-health.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1661745600
Requested by
Host: urlsand.esvalabs.com
URL: https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jhn0x1Pe1-2F-2BCMcLQlgm32to5IOivOSZdJ8-2BSHIvrRSN_Z4nllQV2sLbvIe2xKPPf8v5u8jLwN2UAcZEgkH0O6V8l8-2FU65STavBx8d-2F-2BztyZPJ83WAkg-2BqPgTarSmoHcd-2Bht2DnpK9gi0CxfyxtKmqeYRHlJdKt28mwQZkq-2FBNwJmkmMLdbyOt7XecyM7tOe1e1VHh7GpqcWK3jCIsZ-2F-2BclUqc5c6dx9DTDuwvJmtJAzXZs6NGaf-2B9jx2Ar2BFTHf4eNGo9dT3eXRpi83ouCGhVZRLaeX9-2FeruXpZb8rLuEenAds5dDGLS9wyHr1jdONREvwyCMlizMp5HtWw7LIPyUNDr4mjLZpY2PglS3EtcFQc5zbpQdxntfNQQgTpfQ73OwAs6O0i3YfZ3qLQwx1eowkk0Rx4UJoqmLS8muobqPBpDnXwQo1T4i7IjViOBgi2nw-3D-3D&e=d02f10fa&h=16457eb4&f=y&p=y&l=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2b0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20f15ad532b697eb37367c0f5a869b93adb47c7f0d654659b886ef49514c47bf

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:00:22 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7422611ae82eba9f-MXP
js
www.googletagmanager.com/gtag/ 		202 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-5PMCWZJ7KC&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5F275K6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7fea2db29504bed18d596718ff550b13eea6995bb5d4258cbb9bde6a01d1f048
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:00:22 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73512
x-xss-protection
0
expires
Mon, 29 Aug 2022 04:00:22 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5F275K6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
3502
date
Mon, 29 Aug 2022 03:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 29 Aug 2022 05:02:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		41 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5F275K6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
421ff7b6d660296443895950bff55ddb81a9eeb3d8c76e8cd067d3757bf249cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:00:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15682
x-xss-protection
0
server
cafe
etag
14097944420163075165
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 29 Aug 2022 04:00:22 GMT
pica.js
app.dam-health.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame EDF3 		19 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://app.dam-health.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2b0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2553660c8795a2befa9a75b2a0d0c8ce6583a9c06bb66feddfdc8a16af9f1308

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:00:22 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7422611b2854ba9f-MXP
csp-report
q.stripe.com/ Frame B918 		0
570 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: urlsand.esvalabs.com
URL: https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jhn0x1Pe1-2F-2BCMcLQlgm32to5IOivOSZdJ8-2BSHIvrRSN_Z4nllQV2sLbvIe2xKPPf8v5u8jLwN2UAcZEgkH0O6V8l8-2FU65STavBx8d-2F-2BztyZPJ83WAkg-2BqPgTarSmoHcd-2Bht2DnpK9gi0CxfyxtKmqeYRHlJdKt28mwQZkq-2FBNwJmkmMLdbyOt7XecyM7tOe1e1VHh7GpqcWK3jCIsZ-2F-2BclUqc5c6dx9DTDuwvJmtJAzXZs6NGaf-2B9jx2Ar2BFTHf4eNGo9dT3eXRpi83ouCGhVZRLaeX9-2FeruXpZb8rLuEenAds5dDGLS9wyHr1jdONREvwyCMlizMp5HtWw7LIPyUNDr4mjLZpY2PglS3EtcFQc5zbpQdxntfNQQgTpfQ73OwAs6O0i3YfZ3qLQwx1eowkk0Rx4UJoqmLS8muobqPBpDnXwQo1T4i7IjViOBgi2nw-3D-3D&e=d02f10fa&h=16457eb4&f=y&p=y&l=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 29 Aug 2022 04:00:22 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame B918 		0
571 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: urlsand.esvalabs.com
URL: https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jhn0x1Pe1-2F-2BCMcLQlgm32to5IOivOSZdJ8-2BSHIvrRSN_Z4nllQV2sLbvIe2xKPPf8v5u8jLwN2UAcZEgkH0O6V8l8-2FU65STavBx8d-2F-2BztyZPJ83WAkg-2BqPgTarSmoHcd-2Bht2DnpK9gi0CxfyxtKmqeYRHlJdKt28mwQZkq-2FBNwJmkmMLdbyOt7XecyM7tOe1e1VHh7GpqcWK3jCIsZ-2F-2BclUqc5c6dx9DTDuwvJmtJAzXZs6NGaf-2B9jx2Ar2BFTHf4eNGo9dT3eXRpi83ouCGhVZRLaeX9-2FeruXpZb8rLuEenAds5dDGLS9wyHr1jdONREvwyCMlizMp5HtWw7LIPyUNDr4mjLZpY2PglS3EtcFQc5zbpQdxntfNQQgTpfQ73OwAs6O0i3YfZ3qLQwx1eowkk0Rx4UJoqmLS8muobqPBpDnXwQo1T4i7IjViOBgi2nw-3D-3D&e=d02f10fa&h=16457eb4&f=y&p=y&l=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 29 Aug 2022 04:00:22 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
m-outer-2fe4f5bfb4ff779da1bfb4da3f557dc8.js
js.stripe.com/v3/fingerprinted/js/ Frame B918 		526 B
1023 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-2fe4f5bfb4ff779da1bfb4da3f557dc8.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-98f751caa71258908b5329d54fa4604f.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.240.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-240-11.vie50.r.cloudfront.net
Software
Cloudfront /
Resource Hash
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://js.stripe.com/v3/m-outer-98f751caa71258908b5329d54fa4604f.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
via
1.1 ef3fdf4c8ab8a4babeb402e6d03ee7c2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
30
x-cache
Hit from cloudfront
date
Mon, 29 Aug 2022 04:00:17 GMT
content-length
526
last-modified
Fri, 26 Aug 2022 19:46:10 GMT
server
Cloudfront
etag
"d96c709017743c0759cf3853d1806ba5"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-pop
VIE50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
HRX0sPbwy9Rh484IJ__zZwSeg5ndoOcx3E7DWWWvlpCy60blVVXkrw==
inner.html
m.stripe.network/ Frame E16F 		930 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-2fe4f5bfb4ff779da1bfb4da3f557dc8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

accept-ranges
bytes
age
29
cache-control
max-age=300, public
content-encoding
gzip
content-length
527
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 29 Aug 2022 04:00:22 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 varnish
x-cache
HIT
x-cache-hits
4
x-content-type-options
nosniff
x-request-id
5cca8c85-2935-4f68-9332-e549babc3d71
x-served-by
cache-mxp6978-MXP
x-timer
S1661745622.417814,VS0,VE0
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=928452364&t=pageview&_s=1&dl=https%3A%2F%2Fapp.dam-health.com%2Fcreatebookings%3FproductID%3D10012%26_kx%3DILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm&dr=https%3A%2F%2Furlsand.esvalabs.com%2F&ul=en-us&de=UTF-8&dt=DAM%20Health&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1572471651&gjid=956154788&cid=1682147979.1661745622&tid=UA-185774809-1&_gid=1432634986.1661745622&_r=1&gtm=2wg8o05F275K6&z=192029859
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://app.dam-health.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 04:00:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.dam-health.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
clarity.js
www.clarity.ms/eus2-d/s/0.6.39/ 		53 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus2-d/s/0.6.39/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/ao6oiy1hcp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:2193 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
f083096f236cb98c87af2abc70707aef6a74bb105074919b0bdc3aeec6964c1d

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:00:22 GMT
content-encoding
br
etag
"1d8b099e3740ca1"
last-modified
Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
x-azure-ref
01jkMYwAAAABjSpb+AzWOR6aW6rGPUtvdU09GMDFFREdFMDQyMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges
bytes
request-context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/457076487/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/457076487/?random=1661745622397&cv=9&fst=1661745622397&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8o0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fapp.dam-health.com%2Fcreatebookings%3FproductID%3D10012%26_kx%3DILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm&ref=https%3A%2F%2Furlsand.esvalabs.com%2F&tiba=DAM%20Health&auid=462500971.1661745622&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
408dfdcb2d2bdedc7fb77f15e79ca135744c5ef62909759da6ac05f46c9e7b85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 04:00:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1124
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
74226116bca7ba9f
app.dam-health.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame EDF3 		2 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.dam-health.com/cdn-cgi/challenge-platform/h/b/cv/result/74226116bca7ba9f
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1661745600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2b0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 29 Aug 2022 04:00:22 GMT
content-encoding
gzip
server
cloudflare
cf-ray
7422611e6afeba9f-MXP
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/plain; charset=UTF-8
csp-report
q.stripe.com/ Frame E16F 		0
344 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: urlsand.esvalabs.com
URL: https://urlsand.esvalabs.com/?u=https%3A%2F%2Ftrk.klclick3.com%2Fls%2Fclick%3Fupn%3DtgY3b6tT2MFDqyOCVLjSDjojpYyB9NoYVzZQc5Qy278KUYm-2Ba9FQcdyG8ZZdUuqOwqvCjS1ThZPqsinBtuEHLOc6YPu6A7LdKy6hR5Ve7tKquc2eZRzPUTXcO9H9p-2BeijoO0qttkgQdA1wP3MjXcZjQd4Jhn0x1Pe1-2F-2BCMcLQlgm32to5IOivOSZdJ8-2BSHIvrRSN_Z4nllQV2sLbvIe2xKPPf8v5u8jLwN2UAcZEgkH0O6V8l8-2FU65STavBx8d-2F-2BztyZPJ83WAkg-2BqPgTarSmoHcd-2Bht2DnpK9gi0CxfyxtKmqeYRHlJdKt28mwQZkq-2FBNwJmkmMLdbyOt7XecyM7tOe1e1VHh7GpqcWK3jCIsZ-2F-2BclUqc5c6dx9DTDuwvJmtJAzXZs6NGaf-2B9jx2Ar2BFTHf4eNGo9dT3eXRpi83ouCGhVZRLaeX9-2FeruXpZb8rLuEenAds5dDGLS9wyHr1jdONREvwyCMlizMp5HtWw7LIPyUNDr4mjLZpY2PglS3EtcFQc5zbpQdxntfNQQgTpfQ73OwAs6O0i3YfZ3qLQwx1eowkk0Rx4UJoqmLS8muobqPBpDnXwQo1T4i7IjViOBgi2nw-3D-3D&e=d02f10fa&h=16457eb4&f=y&p=y&l=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 04:00:22 GMT
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
x-robots-tag
none
content-length
0
x-content-type-options
nosniff
expires
0
collect
stats.g.doubleclick.net/j/ 		4 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-185774809-1&cid=1682147979.1661745622&jid=1572471651&gjid=956154788&_gid=1432634986.1661745622&_u=YEBAAEAAAAAAAC~&z=1994483750
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
b4cd4f889e2c7dd71da12d2b0a29aa6346de2e5d8b3c882d7700d64c700f661d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://app.dam-health.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 29 Aug 2022 04:00:22 GMT
content-type
text/plain
access-control-allow-origin
https://app.dam-health.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
349 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-5PMCWZJ7KC&gtm=2oe8o0&_p=928452364&cid=1682147979.1661745622&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1661745622&sct=1&seg=0&dl=https%3A%2F%2Fapp.dam-health.com%2Fcreatebookings%3FproductID%3D10012%26_kx%3DILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm&dr=https%3A%2F%2Furlsand.esvalabs.com%2F&dt=DAM%20Health&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5PMCWZJ7KC&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 04:00:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.dam-health.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
out-4.5.42.js
m.stripe.network/ Frame E16F 		86 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.42.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
204
x-cache
HIT
content-length
16031
x-request-id
29de53e7-6dd2-471f-b00d-c0ea260a2525
x-served-by
cache-mxp6978-MXP
server
Fastly
x-timer
S1661745623.858731,VS0,VE0
date
Mon, 29 Aug 2022 04:00:22 GMT
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=300, public
accept-ranges
bytes
x-cache-hits
14
/
www.google.com/pagead/1p-user-list/457076487/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/457076487/?random=1661745622397&cv=9&fst=1661745600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8o0&sendb=1&frm=0&url=https%3A%2F%2Fapp.dam-health.com%2Fcreatebookings%3FproductID%3D10012%26_kx%3DILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm&ref=https%3A%2F%2Furlsand.esvalabs.com%2F&tiba=DAM%20Health&async=1&fmt=3&is_vtc=1&random=41169966&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 04:00:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.it/pagead/1p-user-list/457076487/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.it/pagead/1p-user-list/457076487/?random=1661745622397&cv=9&fst=1661745600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8o0&sendb=1&frm=0&url=https%3A%2F%2Fapp.dam-health.com%2Fcreatebookings%3FproductID%3D10012%26_kx%3DILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm&ref=https%3A%2F%2Furlsand.esvalabs.com%2F&tiba=DAM%20Health&async=1&fmt=3&is_vtc=1&random=41169966&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 04:00:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-185774809-1&cid=1682147979.1661745622&jid=1572471651&_u=YEBAAEAAAAAAAC~&z=1706501463
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 04:00:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.it/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.it/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-185774809-1&cid=1682147979.1661745622&jid=1572471651&_u=YEBAAEAAAAAAAC~&z=1706501463
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 04:00:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
j.clarity.ms/ 		0
0
logoDam.png
app.dam-health.com/images/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.dam-health.com/images/logoDam.png
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2b0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://app.dam-health.com/createbookings?productID=10012&_kx=ILW66QPVC1T42ME3mdY1mkVXL4DQds9oxwmcsXAPFkpONWr02YADOB4eAyvvYg2-.Y2GQtm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:00:23 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 11 Aug 2022 08:44:04 GMT
server
cloudflare
etag
"1d8ad5e82c64d76"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
cf-ray
742261216ddaba9f-MXP
content-length
12150
Oakes.ttf
app.dam-health.com/fonts/ 		150 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://app.dam-health.com/fonts/Oakes.ttf
Requested by
Host: app.dam-health.com
URL: https://app.dam-health.com/css/site.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2b0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://app.dam-health.com/css/site.css
Origin
https://app.dam-health.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:00:23 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Aug 2022 08:44:01 GMT
server
cloudflare
etag
"1d8ad5e80ff0470"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-font-ttf
cache-control
no-cache
accept-ranges
bytes
cf-ray
74226121be1dba9f-MXP
content-length
236272
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://app.dam-health.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 08:01:51 GMT
x-content-type-options
nosniff
age
331112
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Aug 2023 08:01:51 GMT
6
m.stripe.com/ Frame E16F 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
j.clarity.ms
URL
https://j.clarity.ms/collect
Domain
m.stripe.com
URL
https://m.stripe.com/6

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| clarity object| dataLayer function| mudHandlePortal function| mudGetAnchorStyle function| mudCorrectAnchorBoundaries function| mudShallowClone object| mudElementRef object| mudThrottledEventManager object| mudEventProjections function| getTabbableElements function| serializeParameter object| mudResizeListener object| mudResizeObserver object| mudScrollListener object| mudScrollManager object| mudScrollSpy object| mudWindow object| resolveCallbacks object| rejectCallbacks object| Radzen object| webpackChunkstripe_js_v3 function| Stripe object| DotNet object| Blazor function| setImmediate function| clearImmediate object| protectedBrowserStorage function| $ function| jQuery function| ChoiceField function| ListBox function| ComboBox function| EditBox function| Button function| PushButton function| RadioButton function| CheckBox function| TextField function| PasswordField object| AcroForm function| _jzlib_Deflater function| Deflater function| RGBColor function| PNG function| html2pdf object| MobileDragDrop boolean| DO_NOT_EXPORT_CODEPAGE boolean| DO_NOT_EXPORT_JSZIP object| cptable object| XLSX function| make_xlsx_lib object| XLS object| ODS function| JSZipSync function| saveAs object| FileSaver function| TableExport object| GLOBAL object| stripe function| triggerFileDownload function| reloadapplication function| SetDotnetReference function| togglemenu function| stripeCheckout function| viewInStripe function| getDimensions function| addClickEvents function| reloadSchedulerData function| getGeoLocations function| createNavigationList function| scrollToDate function| scrollToControl function| scrollToTop function| setChipSetMargin function| adjustHeight function| downloadReport function| downloadTable function| downloadCertificate object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| onYouTubeIframeAPIReady

7 Cookies

Domain/Path Name / Value
app.dam-health.com/ Name: .AspNetCore.Culture
Value: c%3Den-GB%7Cuic%3Den-GB
.dam-health.com/ Name: _gcl_au
Value: 1.1.462500971.1661745622
www.clarity.ms/ Name: CLID
Value: 501ef0a8b6ac4d0d827e459986f56c8d.20220829.20230829
.dam-health.com/ Name: _ga
Value: GA1.2.1682147979.1661745622
.dam-health.com/ Name: _gid
Value: GA1.2.1432634986.1661745622
.dam-health.com/ Name: _gat_UA-185774809-1
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

1 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.dam-health.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
j.clarity.ms
js.stripe.com
m.stripe.com
m.stripe.network
q.stripe.com
region1.google-analytics.com
stats.g.doubleclick.net
trk.klclick3.com
urlsand.esvalabs.com
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.it
www.googleadservices.com
www.googletagmanager.com
j.clarity.ms
m.stripe.com
142.250.186.34
151.101.0.176
2001:4860:4802:32::36
2600:9000:223c:f600:9:ec94:b800:93a1
2606:4700:10::ac43:2b0d
2606:4700::6810:5614
2606:4700::6811:180e
2620:1ec:27::cafe:2193
2a00:1450:4001:800::200e
2a00:1450:4001:806::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:812::2004
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2008
2a00:1450:400c:c00::9a
54.187.159.182
80.211.49.112
99.86.240.11
03ccef850024e0afa8f44f448d4e435a0a7789500da53cee6f703df62946106c
049fc6f9efb2edb41dad8912d91053c8d7c11e903d22e19a3e67fd86db9be4c4
1856e9eb336c1eb373538389dd55e7063d0c7598f2b1191c37c1bd1d7697c892
1d6aeb62c2d1fd92b825a5c11dd97d6a551117aed0e586fed1bc9e228d0e6268
20f15ad532b697eb37367c0f5a869b93adb47c7f0d654659b886ef49514c47bf
2553660c8795a2befa9a75b2a0d0c8ce6583a9c06bb66feddfdc8a16af9f1308
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28f5c66dbec684141533e34db4d4b3e70a812b0f7f83769080b695d976ffbfb6
293f09d0d70a5f42427c86e4439ab21229f0e648aedd9d73f2f59868a411af54
2a3777b0b714bccc1dd71cb99b759e28cb8a4eee1e6c87564e9ee7f3d57e45c4
2bff01a76f15f0387a5dc5ee2bfa6ff8759520f574053b2a3088d68f797c9f66
3661b0abad108b1e162b750119e065a1bc24b379ed4371a0daf807ee3567534c
3721f1f4f363c3c4aeac530e2235902504fe308b7b4db1a131d9ab356588c04b
408dfdcb2d2bdedc7fb77f15e79ca135744c5ef62909759da6ac05f46c9e7b85
421ff7b6d660296443895950bff55ddb81a9eeb3d8c76e8cd067d3757bf249cb
499c2356e5692760d4ae5e42cf06988e7e74317d556645522ffbb29e6b6b5782
5de325cfa8faf3a80d804b1b81a837aaa143c42692ba8ab58878f8e3af0b1a2d
6060c139808ad689ae6f055ea65eb8eaa90314fcceda72af727a369a7e69f263
66ca63189958d5427a466ae98e5a53e44a746c624bdb124eaf934fa16cd088dd
6b9d2b61facecada8129475b245089790d9efb851a05fabc70ee2cb42c58d46b
78460a8d3512f692dd035f09657a924a9a44ff5053ba7107cb7fc51ce2986448
7ec275664c47b6ed4e669c30c45faf44098ba646281b55e11235c02ccd56372f
7fea2db29504bed18d596718ff550b13eea6995bb5d4258cbb9bde6a01d1f048
81793beb150a889b0d407981e2c19a362cd56dead1445af5d314c7117d885ffc
8536a787cba9a707ac2fb015a70abe7cf2b7f935ccaebb9e6a874926a2ffa595
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8e7c2d22a8b40e714fc2a719bcd074731b80fff8021aea8562d48b1f10876e98
952cdfc6c1c1bbd525619bdc2197dae8ec8475f04aa9a881a695d8196a3c98aa
a0ae09929605e6f45470f62f9ec51e9ec846c70ba08947c673728468044ca1f0
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
b4b3a8838d9785f30af74c5697192dd2f05ab486e0e9ef9ea074f1e3e4829a9c
b4cd4f889e2c7dd71da12d2b0a29aa6346de2e5d8b3c882d7700d64c700f661d
b5ddb60604ac7c649070dc629ab1729ddfc0927463b3891d0d6c7d1b18419738
b7f84cfb80e3cf8b118e511442bc82caba2c0e47a0ac207f21d667498bca0dff
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
c823896a6ea725c2fbc7ada2df565483ec00dd8c9037d1f6ed0e3ce1722ee2ce
d3a518dea876de39f9e5dc1ffcdeb6c661aee25d8a62474386b664ef3bf1b40f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de9f5cd8299bb2ba0384e79344bf545f74d498ff2085fe187ee4031267d9e83f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f083096f236cb98c87af2abc70707aef6a74bb105074919b0bdc3aeec6964c1d
f2053a1d0fd885c22858bdf85f379b2be45b659315ff08413fdca0cf933e9b8a
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
fb55650bbb7a33af4f2925696ef0765dc57aaeeadadad1193969554f07d0f957
feb420cdc0c5cfb90a342755f99f1e0a30c60bdc1ab92ecc4319fefe76af1078