urlscan.io logo urlscan.io
SecurityTrails logo

my.tovala.com Open in urlscan Pro
76.76.21.241  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://my.tovala.com/
Effective URL: https://my.tovala.com/
Submission: On February 17 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 3 countries across 10 domains to perform 42 HTTP transactions. The main IP is 76.76.21.241, located in Walnut, United States and belongs to AMAZON-02, US. The main domain is my.tovala.com.
TLS certificate: Issued by R3 on December 29th 2023. Valid for: 3 months.
This is the only time my.tovala.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 76.76.21.241 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
7 104.18.72.113 13335 (CLOUDFLAR...)
1 104.18.70.113 13335 (CLOUDFLAR...)
3 34.120.195.249 396982 (GOOGLE-CL...)
3 99.86.4.76 16509 (AMAZON-02)
6 99.86.8.175 16509 (AMAZON-02)
4 18.245.60.32 16509 (AMAZON-02)
3 104.16.51.111 13335 (CLOUDFLAR...)
3 54.186.23.98 16509 (AMAZON-02)
2 2600:9000:212... 16509 (AMAZON-02)
1 34.208.249.65 16509 (AMAZON-02)
2 35.201.112.186 396982 (GOOGLE-CL...)
2 54.203.25.147 16509 (AMAZON-02)
1 35.186.194.58 15169 (GOOGLE)
42 15
4    76.76.21.241 (Walnut, United States)

ASN16509 (AMAZON-02, US)
my.tovala.com
1    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)
static.zdassets.com
1    104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)
ekr.zdassets.com
3    34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o260392.ingest.sentry.io
3    99.86.4.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-76.fra6.r.cloudfront.net
js.stripe.com
6    99.86.8.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-8-175.fra6.r.cloudfront.net
cdn.segment.com
4    18.245.60.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-32.fra60.r.cloudfront.net
cdn.tovala.com
3    104.16.51.111 (None, )

ASN13335 (CLOUDFLARENET, US)
tovala.zendesk.com
3    54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com
q.stripe.com
2    2600:9000:2127:6c00:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)
m.stripe.network
1    34.208.249.65 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-208-249-65.us-west-2.compute.amazonaws.com
m.stripe.com
2    35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com
edge.fullstory.com
2    54.203.25.147 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-203-25-147.us-west-2.compute.amazonaws.com
api.segment.io
1    35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com
rs.fullstory.com
Apex Domain
Subdomains		 Transfer
8 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 2491
ekr.zdassets.com — Cisco Umbrella Rank: 2789
214 KB
8 tovala.com
my.tovala.com
cdn.tovala.com — Cisco Umbrella Rank: 607712
549 KB
7 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1356
q.stripe.com — Cisco Umbrella Rank: 8764
m.stripe.com — Cisco Umbrella Rank: 1289
152 KB
6 segment.com
cdn.segment.com — Cisco Umbrella Rank: 1944
60 KB
3 fullstory.com
edge.fullstory.com — Cisco Umbrella Rank: 2471
rs.fullstory.com — Cisco Umbrella Rank: 2438
86 KB
3 zendesk.com
tovala.zendesk.com — Cisco Umbrella Rank: 877532
996 B
3 sentry.io
o260392.ingest.sentry.io — Cisco Umbrella Rank: 883846
748 B
2 segment.io
api.segment.io — Cisco Umbrella Rank: 1354
343 B
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1444
18 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 48
1017 B
42 10
Domain Requested by
7 static.zdassets.com my.tovala.com
static.zdassets.com
6 cdn.segment.com my.tovala.com
cdn.segment.com
4 cdn.tovala.com my.tovala.com
4 my.tovala.com 1 redirects my.tovala.com
3 q.stripe.com my.tovala.com
3 tovala.zendesk.com static.zdassets.com
3 js.stripe.com my.tovala.com
js.stripe.com
3 o260392.ingest.sentry.io my.tovala.com
2 api.segment.io my.tovala.com
2 edge.fullstory.com cdn.segment.com
my.tovala.com
2 m.stripe.network js.stripe.com
m.stripe.network
1 rs.fullstory.com my.tovala.com
1 m.stripe.com m.stripe.network
1 ekr.zdassets.com static.zdassets.com
1 fonts.googleapis.com my.tovala.com
42 15

This site contains no links.

Subject Issuer Validity Valid
my.tovala.com
R3		 2023-12-29 -
2024-03-28		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
zdassets.com
E1		 2024-01-04 -
2024-04-03		 3 months crt.sh
ingest.sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-02 -
2024-12-02		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-02-07 -
2024-05-09		 3 months crt.sh
*.segment.com
Amazon RSA 2048 M03		 2023-11-14 -
2024-12-13		 a year crt.sh
cdn.tovala.com
Amazon RSA 2048 M03		 2023-12-07 -
2025-01-05		 a year crt.sh
tovala.zendesk.com
Cloudflare Inc ECC CA-3		 2023-04-19 -
2024-04-18		 a year crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-12-20 -
2024-03-21		 3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-22 -
2024-03-21		 3 months crt.sh
edge.fullstory.com
GTS CA 1D4		 2024-01-10 -
2024-04-09		 3 months crt.sh
*.segment.io
Amazon RSA 2048 M03		 2023-12-13 -
2025-01-11		 a year crt.sh
rs.fullstory.com
GTS CA 1D4		 2024-01-07 -
2024-04-06		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://my.tovala.com/
Frame ID: D1B60B944C138194769E2E066EB0A719
Requests: 25 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-e46caa3.js
Frame ID: 26248584916FB45EC505BE926990D9E9
Requests: 8 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: ACACD1557AE54FF76494F7F6CD1486CA
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 2117DA2C831B2F38C6E366E27C161262
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Tovala

Page URL History Show full URLs

  1. http://my.tovala.com/ HTTP 308
    https://my.tovala.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js

Page Statistics

42
Requests

100 %
HTTPS

13 %
IPv6

10
Domains

15
Subdomains

15
IPs

3
Countries

1081 kB
Transfer

3700 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://my.tovala.com/ HTTP 308
    https://my.tovala.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
my.tovala.com/
Redirect Chain
  • http://my.tovala.com/
  • https://my.tovala.com/
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://my.tovala.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
75b55df8f2a7015909af96eb072059f7ce4039c7fcf63a1a236333a9e7b90874
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
age
1330111
cache-control
public, max-age=0, must-revalidate
content-disposition
inline
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 17 Feb 2024 05:50:16 GMT
etag
W/"156e42b3383a71aee2b0b234abb2ae15"
server
Vercel
strict-transport-security
max-age=63072000
x-vercel-cache
HIT
x-vercel-id
fra1::49ksr-1708149016694-84528907b7b1

Redirect headers

Content-Type
text/plain
Location
https://my.tovala.com/
Refresh
0;url=https://my.tovala.com/
server
Vercel
css2
fonts.googleapis.com/ 		2 KB
1017 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@500&display=swap
Requested by
Host: my.tovala.com
URL: https://my.tovala.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d84708b189c2eaa665ae431f8bcbdd7f160172491d7c97ed095b7fb7f3df3937
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.tovala.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 17 Feb 2024 05:50:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 17 Feb 2024 04:59:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 17 Feb 2024 05:50:16 GMT
index-021e411a.js
my.tovala.com/assets/ 		2 MB
430 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.tovala.com/assets/index-021e411a.js
Requested by
Host: my.tovala.com
URL: https://my.tovala.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
b0027746fbbacaf095b358e4037117776970517c13793896cded39eec2397995
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://my.tovala.com/
Origin
https://my.tovala.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 05:50:16 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::84crz-1708149016719-963fc4707720
age
1341297
etag
W/"7f4d1735729317481caab55266a3ea9e"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="index-021e411a.js"
index-a9927677.css
my.tovala.com/assets/ 		51 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.tovala.com/assets/index-a9927677.css
Requested by
Host: my.tovala.com
URL: https://my.tovala.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
a9927677edb736a0c13eb328ce1d32a007a00e2f412a450e30afd337020eae30
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.tovala.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 05:50:16 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::49ksr-1708149016720-7adb55701a64
age
1341297
etag
W/"46aca5931f80429e347eafef0f2a6256"
x-vercel-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="index-a9927677.css"
snippet.js
static.zdassets.com/ekr/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/snippet.js?key=5ccc7b25-74e8-4c8d-986d-4823ba7ba8e6
Requested by
Host: my.tovala.com
URL: https://my.tovala.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.tovala.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 05:50:16 GMT
x-amz-version-id
sR7NItkX1i3nKckB5vEat7T2DUmPnRiJ
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
9X4B0G1GWNB25PJG
age
47
x-amz-server-side-encryption
AES256
x-amz-replication-status
PENDING
x-amz-id-2
4OYei3DkpSYkS6dKBDFbZjtSdVexoHjQ1eS9Mf3MCmEOCurZC/+Isbd1AVVpsiKAmJ7FWWviPJSrjy0q3mZxeg==
last-modified
Mon, 15 Jan 2024 02:56:11 GMT
server
cloudflare
etag
W/"c0053b411b753138af468db1bd3b19f3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iaEzcurRDQGxrePJ3oe%2F7ZxONQndqJ1Z9l%2By%2FUE8rRSaWCQaN3rXzC5Scc4NF5fonhu12MCsk9KsQV71WCYKLso4s4EwdcwilQk15b7U8kCYefN6pzqMuWEOv%2B%2FoErERTyF0J%2Bg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=3600, s-maxage=60
access-control-max-age
0
cf-ray
856bc07abc4c3a97-FRA
access-control-allow-headers
*
5ccc7b25-74e8-4c8d-986d-4823ba7ba8e6
ekr.zdassets.com/compose/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose/5ccc7b25-74e8-4c8d-986d-4823ba7ba8e6
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=5ccc7b25-74e8-4c8d-986d-4823ba7ba8e6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecb7e6fed7b3a64d1b4a8554f0b2742000ec6717d35b9aa93a8aeef32994604c
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.tovala.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 05:50:16 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
content-encoding
br
cdn-cache-control
max-age=60
x-xss-protection
1; mode=block
x-request-id
854259d79abd5c64-SEA, 854259d79abd5c64-SEA
x-runtime
0.010024
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"ecb7e6fed7b3a64d1b4a8554f0b27420"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LC8CXf3yiZp59%2FPIcNzC0Ipdx2Xm%2BM6XrUiXZg7a27KVcT1mu9ktCyWEdXay1Abyidbx%2B3VcelmxR0Qp%2Bx3l87Mzol%2BlyhMcUuOqgo2Zrx3lzTFMVQPiP7%2Fu5ul4Fx7e9Uw%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary
Accept, Origin, Accept-Encoding
cache-control
max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type
application/json; charset=utf-8
x-zendesk-zorg
yes
cf-ray
856bc07b1fc69186-FRA
/
o260392.ingest.sentry.io/api/6682025/envelope/ 		2 B
324 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o260392.ingest.sentry.io/api/6682025/envelope/?sentry_key=c2dbb184374143229028dbba3487d6f7&sentry_version=7&sentry_client=sentry.javascript.react%2F7.49.0
Requested by
Host: my.tovala.com
URL: https://my.tovala.com/assets/index-021e411a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://my.tovala.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 17 Feb 2024 05:50:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
v3
js.stripe.com/ 		600 KB
147 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: my.tovala.com
URL: https://my.tovala.com/assets/index-021e411a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
19f0b3851ea9da3cd85d19ba83385ee4c22972a8c349eecb759e7f5237452660
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.tovala.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 05:50:04 GMT
content-encoding
br
via
1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
13
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Fri, 16 Feb 2024 21:46:58 GMT
server
Cloudfront
etag
W/"98275c137f67e5b8b0f15985447df88d"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
PKpIluNW7qqVOE9XoG6IOYXf___KVrdbkiU1KF5ivi0QzenAQcJfIA==
analytics.min.js
cdn.segment.com/analytics.js/v1/Upfi2FLT6ODuWXJkJ3gqlP11X3j6wEoA/ 		108 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/Upfi2FLT6ODuWXJkJ3gqlP11X3j6wEoA/analytics.min.js
Requested by
Host: my.tovala.com
URL: https://my.tovala.com/assets/index-021e411a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0f19bd2f12008c9874d893f3d4f4d00aecad2154a3744f2903429a5012a73b58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.tovala.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 05:50:18 GMT
x-amz-version-id
GWi6MamQRkfNsoMtqaQrTZp74QKVMt4I
content-encoding
br
via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 12 Feb 2024 20:26:40 GMT
server
AmazonS3
etag
W/"7e6b3b2ab9a0138e70e8b167dfc0acad"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=120
vary
Accept-Encoding
x-amz-cf-id
xNShleCqb6mpXrnM_IAJG2_i9pEb0Pd7iGlxdUdDgRHGm80KDMgURg==
/
o260392.ingest.sentry.io/api/6682025/envelope/ 		41 B
99 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o260392.ingest.sentry.io/api/6682025/envelope/?sentry_key=c2dbb184374143229028dbba3487d6f7&sentry_version=7&sentry_client=sentry.javascript.react%2F7.49.0
Requested by
Host: my.tovala.com
URL: https://my.tovala.com/assets/index-021e411a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
5a13b45e49b8da6f635eb8076fe4cfd8006333ed5fc9471ef5fe29f59f47898f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://my.tovala.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 17 Feb 2024 05:50:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41
feature-flags.json
cdn.tovala.com/features/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.tovala.com/features/feature-flags.json
Requested by
Host: my.tovala.com
URL: https://my.tovala.com/assets/index-021e411a.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-32.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7cb6f77b6d67074577de0edb6110848d7808a00b2e411deab909819077d87480

Request headers

Accept
application/json, text/plain, */*
Referer
https://my.tovala.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Sat, 17 Feb 2024 05:50:16 GMT
Content-Encoding
br
Via
1.1 c1e31c801257ebc563cbb890e887cb1e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P5
Age
62022
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Sat, 03 Feb 2024 18:45:38 GMT
Server
AmazonS3
ETag
W/"961f531c0e0acc38d56fa4cccedb74b5"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/json
Access-Control-Allow-Origin
*
Vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
X-Amz-Cf-Id
0wzhoLgA5R5jiC6KBRJe8MiO7rVPxvBud6SyZAgeS4FqG6JYAYoSpA==
soehne-kraftig.woff2
cdn.tovala.com/fonts/ 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.tovala.com/fonts/soehne-kraftig.woff2
Requested by
Host: my.tovala.com
URL: https://my.tovala.com/assets/index-a9927677.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-32.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fce7df6fb54321263faf254c567eeeb9519723ee41034f1ffeb902983d25f400

Request headers

Referer
https://my.tovala.com/
Origin
https://my.tovala.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Sat, 17 Feb 2024 05:50:18 GMT
Via
1.1 d147b4a7fe31d4e8683f7d8b15b71906.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P5
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
35730
Last-Modified
Mon, 08 Aug 2022 18:52:48 GMT
Server
AmazonS3
ETag
"8f65fc9c88842ec2838d84d3c1789807"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
binary/octet-stream
Access-Control-Allow-Origin
*
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Accept-Ranges
bytes
X-Amz-Cf-Id
4xV0ROwN5nxXhKbeRuGneBg831Lb3q17mu0RXmzBbPYcMC1M0D48PA==
soehne-halbfett.woff2
cdn.tovala.com/fonts/ 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.tovala.com/fonts/soehne-halbfett.woff2
Requested by
Host: my.tovala.com
URL: https://my.tovala.com/assets/index-a9927677.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-32.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ce0e371fb0eba49d673fb92a9dd6c6752f9c5999ba74094616f467868f4a0ca2

Request headers

Referer
https://my.tovala.com/
Origin
https://my.tovala.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Sat, 17 Feb 2024 05:50:16 GMT
Via
1.1 c2bfbd57ba266fad66928f7d9fe2f1c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P5
Age
32132
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
37878
Last-Modified
Mon, 08 Aug 2022 18:52:47 GMT
Server
AmazonS3
ETag
"480e41c6effbb19314cc15e6f04c62e6"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
binary/octet-stream
Access-Control-Allow-Origin
*
Vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Accept-Ranges
bytes
X-Amz-Cf-Id
alAp3PdW0Mtnjba9MIgysYBkLeVUSxQimMYkKFVg9rV_i0CJeEMeBw==
soehne-buch.woff2
cdn.tovala.com/fonts/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.tovala.com/fonts/soehne-buch.woff2
Requested by
Host: my.tovala.com
URL: https://my.tovala.com/assets/index-a9927677.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-32.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
41f003789fa9176b971ed09b26595b56870a14f17fa5865d75df4df9f4e9ef3e

Request headers

Referer
https://my.tovala.com/
Origin
https://my.tovala.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Fri, 16 Feb 2024 17:21:39 GMT
Via
1.1 62e2e45895008240d70f26081269c850.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P5
Age
44918
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
33310
Last-Modified
Mon, 08 Aug 2022 18:52:47 GMT
Server
AmazonS3
ETag
"e3194958c80e081470740ac00a2c4124"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
binary/octet-stream
Access-Control-Allow-Origin
*
Vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Accept-Ranges
bytes
X-Amz-Cf-Id
0jSusq1nyCVGzWr4jvnO45MFxhK6RvJfMM4B5C_YbAo18qWFeCjdXQ==
web-widget-main-e46caa3.js
static.zdassets.com/web_widget/messenger/latest/ Frame 2624 		426 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-e46caa3.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=5ccc7b25-74e8-4c8d-986d-4823ba7ba8e6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee9d2e14f32dca48fd30e2ca40ab7306a81e8a351644faf518fc7cdd1d6fac20
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 05:50:17 GMT
x-amz-version-id
NNS74CRvslANYzFbdSZpAHMXLdB5wZUC
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
Q2V4BBD2DK0CGF60
age
434159
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
H0Ws5wo1tJe8yX9pvW+6jDfNeKDEuI0uiLYsIkD7aWVZXpQhXemj/ny0DQqceKxo7twc8zJE5Fw=
last-modified
Thu, 08 Feb 2024 08:29:39 GMT
server
cloudflare
etag
W/"c41d27ff2113f7e3712955c66c6955e5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UGLRU4tMg6n76%2Fmh2D9w1C3LK9a%2BHDNWHIZnnVqmCu0w%2FIspWOr1OhnKS6Qmb9F%2BEv0Xj5wx50AckpQa2fFDbtjt4ARrwm3T%2BSoGQ1jZcqhWVAK1BD6j338ecO1%2BHvcMgQF7ZVo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
856bc07c4ddc3a97-FRA
access-control-allow-headers
*
expires
Fri, 07 Feb 2025 08:29:38 GMT
en-us-json-e46caa3.js
static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/ Frame 2624 		17 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-e46caa3.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-e46caa3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ceb09275cdd331c7f6a45251bade3bdf6e027c26b220bb91e53f107418b9af8c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 05:50:17 GMT
x-amz-version-id
0Hw4clCIIhZEWLdGpvxII_jTVUODtVUb
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
Q2VFJBXV7HEQRB2F
age
434159
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
FDMXzGuEUamL+GNXwuvdKXqR7jTFgzExJC6qyAdHhrpMdvBGKq984WmHum6QCCUeA5p+FfCMmpI=
last-modified
Thu, 08 Feb 2024 08:29:40 GMT
server
cloudflare
etag
W/"afa8158c4aa1aa2dccba0d36fd3c0e2f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=inzd7qeitVHkW6GJeyvjv%2B%2F1yTsHZYg0o7G7c%2BGpUS54vQ7zmHzGGjtc%2Fo90YECgisMMKTfYjlyKVcC5Pb2xj81HtZwF9IBWsXnF6%2FInIkbmjLyujyfJLa8Ysb8Wvw3eMeQUUiY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
856bc07cbe413a97-FRA
access-control-allow-headers
*
expires
Fri, 07 Feb 2025 08:29:39 GMT
web-widget-4852-e46caa3.js
static.zdassets.com/web_widget/messenger/latest/ Frame 2624 		139 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-4852-e46caa3.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-e46caa3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e53f18a73c934fe1c7f3c4aa74c209a907f0ac4bd954d1747a4e82207591917
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 05:50:17 GMT
x-amz-version-id
VpeJ4ZrAbfClFkk8QBOEwZEjMhUkNJI0
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
Q2V7HPGSQ4H4FZXG
age
434152
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
UOGPPTydRIhPlvGwkdwZsKaU1JlczFCqc1oiAmjO1emLufuYdEzdAIbhzvfvKWEbyuHbt2TSbig=
last-modified
Thu, 08 Feb 2024 08:29:39 GMT
server
cloudflare
etag
W/"ea51d3eb674c1f286144bbe26ba05c86"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=11KS5tWUHWIm9JamQVdOSJWJYKYCxba66FFSgJFnFreIBE%2BhyI7exyedrExZ4pqDMeqFPaZ6KiP%2FTAkj0fQAZp6n03yqUU%2FsyRECJshRKWL6dfPJDMleJqA1mrwa9IR%2FnPp%2F7uk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
856bc07cbe423a97-FRA
access-control-allow-headers
*
expires
Fri, 07 Feb 2025 08:29:37 GMT
web-widget-1327-e46caa3.js
static.zdassets.com/web_widget/messenger/latest/ Frame 2624 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-1327-e46caa3.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-e46caa3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8525380ed6e0ca2e8e4b80c9650de2d7c96fbaf342aee8c63fe1bca13a55df53
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 05:50:17 GMT
x-amz-version-id
IR122uws0ha39p.h7rBxpzxTmOQD7EnC
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
Q2V2BB27MQ99QJE1
age
434152
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
jssM+jhxEfc5syInYxGFMFlSUqmCEKFRSUAjB199KGgIx12gFzm94Z2KM9cK9cBPaKXvGQhGiUY=
last-modified
Thu, 08 Feb 2024 08:29:38 GMT
server
cloudflare
etag
W/"bd26f2d30e94f25a4a0b875c335aca6c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DFLtOFiCLRtREdtDeyiX%2FTPs2VOiLnerIY9Qcy6EpgJ%2Bx0GzGY0CdiIB4phI78frb2y5Kc1z3a8dwuqw5qYkLzsAQ0RRSzatDyLH2UT5ZM6f8wh89TLp0JDVeZA4rB8WbXfYwio%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
856bc07cbe453a97-FRA
access-control-allow-headers
*
expires
Fri, 07 Feb 2025 08:29:37 GMT
web-widget-5178-e46caa3.js
static.zdassets.com/web_widget/messenger/latest/ Frame 2624 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-5178-e46caa3.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-e46caa3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbd5e8521e54e636ad82bb41a866e0227ba6c414e427e8debdee0a68fd14c456
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 05:50:17 GMT
x-amz-version-id
vvYKpwLde8nzMpq_pV1TQEnoumEiREgn
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
Q2V3R29JZ4NXM4QS
age
434152
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
5uNSb5WmI/2Gy89iHwn3hWQ657TLaWi0pI3eV+NYONJsCJTOw7mclGoYhU+CgDa0LQ75/folzuM=
last-modified
Thu, 08 Feb 2024 08:29:39 GMT
server
cloudflare
etag
W/"931f719f7fd052e7e871e3892529881f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GqwLpEqnKUUSbFdzQJx9WyHntq57PHs03zKiLQgzkS9j%2BnwK4lPddM3zA9KS97jQMuPdMdPcY1nw10h0OR93%2BZ%2FeALIqAGFmF1iKEiFIwGDH%2Fc%2Fe7Jr3ndbxsTZZkqnSzfW2LA8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
856bc07cbe473a97-FRA
access-control-allow-headers
*
expires
Fri, 07 Feb 2025 08:29:37 GMT
web-widget-9535-e46caa3.js
static.zdassets.com/web_widget/messenger/latest/ Frame 2624 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-9535-e46caa3.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-e46caa3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95f334c245b1ad1435f8432912e934a395467f4e7511440442652f9e5aa132ab
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 05:50:17 GMT
x-amz-version-id
IYiVv12Uq6RiRTB17pxmzNq4a6Xbh.BI
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
Q2V9JEM3EHSJZ265
age
434152
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
Y/Yne6/K0dO5cVi9+z1CrbmxhpZcb0l27BBpR+7p3YVQ04+HIjBbyo6B2nA68Wq+/hKn38562/k=
last-modified
Thu, 08 Feb 2024 08:29:39 GMT
server
cloudflare
etag
W/"3807a835073a7f537f2d2f554ad605ea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2BIS0Y3pB6qA9clcjerVsm4qzDLnITbIth%2BvNW5Ft3G459yrpurz4tx%2Fcq1cJ%2FQuqKJRaa6iyLvha8FZD0xMH%2FGVPadjcd9ig3tgnpjEcMFgcbZlCtulsCSx1kzLoLygA1KlXPw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
856bc07cbe483a97-FRA
access-control-allow-headers
*
expires
Fri, 07 Feb 2025 08:29:38 GMT
pv
tovala.zendesk.com/frontendevents/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tovala.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://my.tovala.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-origin
*
access-control-max-age
600
cache-control
max-age=600
cf-cache-status
DYNAMIC
cf-ray
856bc07d2b4c4d7a-FRA
date
Sat, 17 Feb 2024 05:50:17 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DhSfpOkhggEbdF7Vpijsj1xxBpzYQbZkwsc6fVjNofvP1gMnJIkRBdj0PrhYfmIYqaq9szv94663H8%2Bb1%2BwzYxC4CmYZagez4bfvGWwWm%2FuYc%2FQhWcPWqUPlmfIdeTEtZ1YRig%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
x-request-id
856bc07d2b4c4d7a-FRA
x-zendesk-zorg
yes
pv
tovala.zendesk.com/frontendevents/ Frame 2624 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tovala.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-e46caa3.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 17 Feb 2024 05:50:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-zendesk-zorg
yes
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wkdrcVPtVC4b2vSeGOi06QrPfoGtC%2BOT5fKBoNGwysI%2BKbZjlRhnSZ%2Bz%2BoYZJNz1oEhX4GVtNnMr1hV7oicGIss82U5O9wn%2B3N76GxbIvQUWeOgYOCtgFXn910OXLCw73RInVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
856bc07dec564d7a-FRA
content-length
0
x-request-id
856bc07dec564d7a-FRA
config
tovala.zendesk.com/embeddable/ Frame 2624 		825 B
996 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tovala.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-e46caa3.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b9cd973138f5aab13c675616aab3447e310c1ea43cd34c1f851047b6462c7dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 05:50:17 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server
embeddable-app-server-665cb45b6c-vsxjp
x-cached
MISS
x-request-id
856bc07d2b4d4d7a-FRA
x-runtime
0.001918
last-modified
Thu, 15 Feb 2024 23:04:00 GMT
server
cloudflare
access-control-max-age
7200
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fUO2orxQbgotzp2886AYfSUElIRSHKndpVS4gRCbaN6mi3XmIfk6Vm%2F0K0YYAYvAnH9OZsWj43pi%2BuX%2FC21gFV2l5B1T93Ykoc1NcjT3TPwp0gyfzWgAzhz9Q%2FBQ4Gfa1Gpb9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary
Origin, Accept-Encoding
cf-ray
856bc07d2b4d4d7a-FRA
settings
cdn.segment.com/v1/projects/Upfi2FLT6ODuWXJkJ3gqlP11X3j6wEoA/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/v1/projects/Upfi2FLT6ODuWXJkJ3gqlP11X3j6wEoA/settings
Requested by
Host: my.tovala.com
URL: https://my.tovala.com/assets/index-021e411a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
67ebfe972b7cde6d05871fd266bc4724a10de8c4c90b33449cce6601a9d7527d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.tovala.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 05:50:19 GMT
x-amz-version-id
hdUTSBhy7gzCxlmfdphcEui8Ute8Q5Ee
content-encoding
br
via
1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 08 May 2023 18:10:38 GMT
server
AmazonS3
etag
W/"ed5983c82d40aed30aff2594ab1b9da9"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
vary
Accept-Encoding
x-amz-cf-id
lubdZMZTUn4y4vG3Cnq06B8FAKJZj2ityX6cI9furNwJy-_auAkDMg==
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame ACAC 		200 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://my.tovala.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1858
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 17 Feb 2024 05:19:20 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 16 Feb 2024 01:14:02 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
x-amz-cf-id
Q0A7WOBs6o7ZyvF1dS2Oy3foR-OzpJCCntNHdPN1wWDTiaM1YjEuJA==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
js.stripe.com/v3/fingerprinted/js/ Frame ACAC 		526 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 05:44:12 GMT
via
1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
366
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
content-length
526
last-modified
Fri, 16 Feb 2024 01:14:00 GMT
server
Cloudfront
etag
"d96c709017743c0759cf3853d1806ba5"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
VN31NJecrH7bAkadLmh5NdZaew_5C9BiW8eleTKqOX6kBawTJOasmA==
csp-report
q.stripe.com/ Frame ACAC 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: my.tovala.com
URL: https://my.tovala.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 17 Feb 2024 05:50:18 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1708149018389482
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1708149018389205
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame ACAC 		0
718 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: my.tovala.com
URL: https://my.tovala.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 17 Feb 2024 05:50:18 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1708149018389379
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1708149018389137
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
inner.html
m.stripe.network/ Frame 2117 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:6c00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
261
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 17 Feb 2024 05:46:27 GMT
etag
"06bfcd88af438673a8bf9b845a11aa6e"
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 b5f551be30f63eca57ca04273cb75994.cloudfront.net (CloudFront)
x-amz-cf-id
tNxJXUiFNK4_V24yKY0pXtC0KoLMQWK6TjkJ7WQu0vPME8HB367PrQ==
x-amz-cf-pop
PRG50-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
csp-report
q.stripe.com/ Frame 2117 		0
491 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: my.tovala.com
URL: https://my.tovala.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 17 Feb 2024 05:50:18 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1708149018389478
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
1
x-stripe-client-envoy-start-time-us
1708149018389157
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
out-4.5.43.js
m.stripe.network/ Frame 2117 		87 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:6c00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 05:48:42 GMT
content-encoding
gzip
via
1.1 b5f551be30f63eca57ca04273cb75994.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
age
96
x-content-type-options
nosniff
etag
W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop
PRG50-C1
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
x-amz-cf-id
bumWy4tsBzEwYvYaiDEWaCmFu6RL3dtjFoxlq6Dj3WqfK1h95nBVqQ==
6
m.stripe.com/ Frame 2117 		156 B
668 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.249.65 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-249-65.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
09bf539c9878dfb0a9e1bc3b3bbde71e203eecddf8899701675fb4840928c8da
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 17 Feb 2024 05:50:18 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1708149018526128
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1708149018525831
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
ajs-destination.bundle.13362ca512563a10e34d.js
cdn.segment.com/analytics-next/bundles/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.13362ca512563a10e34d.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/Upfi2FLT6ODuWXJkJ3gqlP11X3j6wEoA/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7e4fde2a7e2da4eb11065a29f03b7f68566665515cf79bf4841168b46508dda5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.tovala.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 20:48:28 GMT
x-amz-version-id
p6tk_itArJhm1.zmwaH5aXhODx_TUmzt
content-encoding
br
via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
8067711
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 15 Nov 2023 20:12:01 GMT
server
AmazonS3
etag
W/"0dec480089dae7da1834489f95aca4e7"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
ezoo-KRXaYmxQ-UzMBv7AOMFkMySkkx5DJuyx_nwIosL9cpwOdxLZw==
schemaFilter.bundle.f63551a29dc1697f71b6.js
cdn.segment.com/analytics-next/bundles/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.f63551a29dc1697f71b6.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/Upfi2FLT6ODuWXJkJ3gqlP11X3j6wEoA/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.tovala.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 02:55:30 GMT
x-amz-version-id
V60E1KIihu6zH2vDCNSI7M1UDRGAx6m0
content-encoding
br
via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
2429688
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Sat, 20 Jan 2024 01:04:52 GMT
server
AmazonS3
etag
W/"2a359f6227308e4ee31623f9381ae1d7"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
J2lYOHoCBQtd4HKK8dmpBTMOVBdf1Ilee8uryLJ0Eq6jUSmZsr6xpQ==
fullstory.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/fullstory/3.1.0/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/fullstory/3.1.0/fullstory.dynamic.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/Upfi2FLT6ODuWXJkJ3gqlP11X3j6wEoA/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
de8f2ac57087767409b0bb4025e88c1ebb0fd18e0e73144e4ac15997f3350821

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.tovala.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 00:04:20 GMT
content-encoding
gzip
via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
x-amz-version-id
sZ4uaVuryvCnkNR7kX2ChFxfvv_9ZYSp
x-amz-cf-pop
FRA6-C1
age
1403159
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2166
last-modified
Wed, 18 Oct 2023 10:36:35 GMT
server
AmazonS3
etag
"e99e99fffc341f6a85e129a73956e837"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
D0fdCj92SOZOmPaJspstb1_zVOsNOIIJ_xF1H8rpqoKSe5cePRcBgg==
commons.c42222c4cb2f8913500f.js.gz
cdn.segment.com/next-integrations/integrations/vendor/ 		73 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/Upfi2FLT6ODuWXJkJ3gqlP11X3j6wEoA/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.tovala.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:57:31 GMT
content-encoding
gzip
via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
x-amz-version-id
uOfxQOMLwdt.eKHcMs4MBn7QUxA0mLtL
x-amz-cf-pop
FRA6-C1
age
2123568
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
22177
last-modified
Wed, 18 Oct 2023 10:36:32 GMT
server
AmazonS3
etag
"befb217271e2e926c7d898f1c85f6cb7"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
lnYTCzlQgGOlgyNXRSEZjCBTl-xlUO8b90r6qfCdBc52KZPGu9rI1A==
fs.js
edge.fullstory.com/s/ 		251 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.fullstory.com/s/fs.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3b5c95af37ab17c3a2b2dc9c041295fc3e38177e7e1b5034146935e05e63197e

Request headers

Referer
https://my.tovala.com/
Origin
https://my.tovala.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 04:50:29 GMT
content-encoding
br
age
3589
x-guploader-uploadid
ABPtcPpnSeiZ5fSzpULtTSBiV6LD4lUr9AQ36oea7mFeFZKi_DBnId24Vm8uMqzwrHFvR65n7-zV31LPAQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70294
last-modified
Thu, 15 Feb 2024 16:46:37 GMT
server
UploadServer
etag
"ec50b7176408101372ca8c2bae6438d8"
vary
Accept-Encoding
x-goog-generation
1708015597120314
x-goog-hash
crc32c=q6NLZw==, md5=7FC3F2QIEBNyyowrrmQ42A==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600,no-transform
x-goog-stored-content-length
70294
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 17 Feb 2024 05:50:29 GMT
p
api.segment.io/v1/ 		21 B
172 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/p
Requested by
Host: my.tovala.com
URL: https://my.tovala.com/assets/index-021e411a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.203.25.147 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-203-25-147.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://my.tovala.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://my.tovala.com
date
Sat, 17 Feb 2024 05:50:19 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
p
api.segment.io/v1/ 		21 B
171 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/p
Requested by
Host: my.tovala.com
URL: https://my.tovala.com/assets/index-021e411a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.203.25.147 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-203-25-147.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://my.tovala.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://my.tovala.com
date
Sat, 17 Feb 2024 05:50:19 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
web
edge.fullstory.com/s/settings/2P8DB/v1/ 		159 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge.fullstory.com/s/settings/2P8DB/v1/web
Requested by
Host: my.tovala.com
URL: https://my.tovala.com/assets/index-021e411a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f5c837671702a18d51b1a73ba9d310ad607755b0fa11a0f0c3bc51185590b94d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.tovala.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 05:50:18 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPoygrGBi4BKb331kPWNTdGbjRa9TnucQg1-OV5xeA8AlzVPuif3zI5CRfNCMEW9di1Um-acObk1Mw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16043
last-modified
Sat, 17 Feb 2024 05:49:24 GMT
server
UploadServer
etag
"b7030059e27d6abca6d669f25f424dbb"
x-goog-generation
1708148964849096
content-type
application/json
access-control-allow-origin
*
x-goog-hash
crc32c=OBwJlQ==, md5=twMAWeJ9arym1mnyX0JNuw==
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=900,no-transform
x-goog-stored-content-length
16043
accept-ranges
bytes
expires
Sat, 17 Feb 2024 06:05:18 GMT
page
rs.fullstory.com/rec/ 		82 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/page
Requested by
Host: my.tovala.com
URL: https://my.tovala.com/assets/index-021e411a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
c2ba5cd6abc8cdc47847dcd67167531023d6a510131a9f32a6f2d36da457f025
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://my.tovala.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 17 Feb 2024 05:50:18 GMT
via
1.1 google
x-content-type-options
nosniff
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://my.tovala.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
82
/
o260392.ingest.sentry.io/api/6682025/envelope/ 		198 B
325 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o260392.ingest.sentry.io/api/6682025/envelope/?sentry_key=c2dbb184374143229028dbba3487d6f7&sentry_version=7&sentry_client=sentry.javascript.react%2F7.49.0
Requested by
Host: my.tovala.com
URL: https://my.tovala.com/assets/index-021e411a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
bac10d17440dcd6f6c6c4e0bd7eca2e1a7eec030ef3b1143d4be3791dcf91263
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://my.tovala.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 17 Feb 2024 05:50:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
198
x-sentry-rate-limits
60:transaction;profile:organization:transaction_usage_exceeded
retry-after
60

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| zEWebpackACJsonp function| zE function| zEmbed object| _sentryDebugIds string| _sentryDebugIdIdentifier object| SENTRY_RELEASE object| __SENTRY__ object| __global__ object| analytics function| toggleDevtools object| webpackChunkStripeJSouter function| noop function| Stripe boolean| zEACLoaded object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| __SEGMENT_INSPECTOR__ object| AnalyticsNext object| fullstoryDeps function| fullstoryLoader object| webpackJsonp_name_Integration function| setImmediate function| clearImmediate function| fullstoryIntegration boolean| _fs_is_outer_script boolean| _fs_debug string| _fs_host string| _fs_script string| _fs_org string| _fs_namespace function| FS string| _fs_loaded function| _fs_shutdown

4 Cookies

Domain/Path Name / Value
.tovala.com/ Name: ajs_anonymous_id
Value: 7da066d3-049f-4bd4-b43a-8862de29cb58
m.stripe.com/ Name: m
Value: bfc73dd9-df00-4a9b-be04-bbaa61bf209900acb9
.my.tovala.com/ Name: __stripe_mid
Value: ea54a9de-48e5-415b-9b9c-86b15d5f00b83cb301
.my.tovala.com/ Name: __stripe_sid
Value: 351488c8-1a4d-41fa-91c4-c5493d95392b6586b5

3 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
other warning URL: https://my.tovala.com/login?redirect=/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://o260392.ingest.sentry.io/api/6682025/envelope/?sentry_key=c2dbb184374143229028dbba3487d6f7&sentry_version=7&sentry_client=sentry.javascript.react%2F7.49.0
Message:
Failed to load resource: the server responded with a status of 429 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.segment.io
cdn.segment.com
cdn.tovala.com
edge.fullstory.com
ekr.zdassets.com
fonts.googleapis.com
js.stripe.com
m.stripe.com
m.stripe.network
my.tovala.com
o260392.ingest.sentry.io
q.stripe.com
rs.fullstory.com
static.zdassets.com
tovala.zendesk.com
104.16.51.111
104.18.70.113
104.18.72.113
18.245.60.32
2600:9000:2127:6c00:19:7d10:bd80:93a1
2a00:1450:4001:809::200a
34.120.195.249
34.208.249.65
35.186.194.58
35.201.112.186
54.186.23.98
54.203.25.147
76.76.21.241
99.86.4.76
99.86.8.175
09bf539c9878dfb0a9e1bc3b3bbde71e203eecddf8899701675fb4840928c8da
0f19bd2f12008c9874d893f3d4f4d00aecad2154a3744f2903429a5012a73b58
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
19f0b3851ea9da3cd85d19ba83385ee4c22972a8c349eecb759e7f5237452660
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
3b5c95af37ab17c3a2b2dc9c041295fc3e38177e7e1b5034146935e05e63197e
3e53f18a73c934fe1c7f3c4aa74c209a907f0ac4bd954d1747a4e82207591917
41f003789fa9176b971ed09b26595b56870a14f17fa5865d75df4df9f4e9ef3e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
5a13b45e49b8da6f635eb8076fe4cfd8006333ed5fc9471ef5fe29f59f47898f
67ebfe972b7cde6d05871fd266bc4724a10de8c4c90b33449cce6601a9d7527d
75b55df8f2a7015909af96eb072059f7ce4039c7fcf63a1a236333a9e7b90874
7b9cd973138f5aab13c675616aab3447e310c1ea43cd34c1f851047b6462c7dc
7cb6f77b6d67074577de0edb6110848d7808a00b2e411deab909819077d87480
7e4fde2a7e2da4eb11065a29f03b7f68566665515cf79bf4841168b46508dda5
8525380ed6e0ca2e8e4b80c9650de2d7c96fbaf342aee8c63fe1bca13a55df53
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
95f334c245b1ad1435f8432912e934a395467f4e7511440442652f9e5aa132ab
a9927677edb736a0c13eb328ce1d32a007a00e2f412a450e30afd337020eae30
b0027746fbbacaf095b358e4037117776970517c13793896cded39eec2397995
b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13
b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
bac10d17440dcd6f6c6c4e0bd7eca2e1a7eec030ef3b1143d4be3791dcf91263
c2ba5cd6abc8cdc47847dcd67167531023d6a510131a9f32a6f2d36da457f025
ce0e371fb0eba49d673fb92a9dd6c6752f9c5999ba74094616f467868f4a0ca2
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
ceb09275cdd331c7f6a45251bade3bdf6e027c26b220bb91e53f107418b9af8c
d84708b189c2eaa665ae431f8bcbdd7f160172491d7c97ed095b7fb7f3df3937
de8f2ac57087767409b0bb4025e88c1ebb0fd18e0e73144e4ac15997f3350821
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecb7e6fed7b3a64d1b4a8554f0b2742000ec6717d35b9aa93a8aeef32994604c
ee9d2e14f32dca48fd30e2ca40ab7306a81e8a351644faf518fc7cdd1d6fac20
f5c837671702a18d51b1a73ba9d310ad607755b0fa11a0f0c3bc51185590b94d
fbd5e8521e54e636ad82bb41a866e0227ba6c414e427e8debdee0a68fd14c456
fce7df6fb54321263faf254c567eeeb9519723ee41034f1ffeb902983d25f400