urlscan.io logo urlscan.io
SecurityTrails logo

stores.xoxoday.com Open in urlscan Pro
2606:4700::6812:1f13  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://shared.outlook.inky.com/link?domain=stores.xoxoday.com&t=h.eJxdj1EKwjAQRK9S8i0JsWkTC2KvsiZbGrTdkqzQIt5dIwri7-zbx8xd3NJVd...
Effective URL: https://stores.xoxoday.com/protera/xms/?redeem=code
Submission: On December 23 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 33 IPs in 5 countries across 26 domains to perform 117 HTTP transactions. The main IP is 2606:4700::6812:1f13, located in United States and belongs to CLOUDFLARENET, US. The main domain is stores.xoxoday.com. The Cisco Umbrella rank of the primary domain is 773182.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 26th 2022. Valid for: a year.
This is the only time stores.xoxoday.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 44.236.18.40 16509 (AMAZON-02)
1 27 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 151.139.128.10 20446 (STACKPATH...)
6 2600:9000:218... 16509 (AMAZON-02)
4 108.157.4.113 16509 (AMAZON-02)
2 108.157.4.45 16509 (AMAZON-02)
2 18.66.248.223 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a04:4e42:200... 54113 (FASTLY)
8 2001:4860:480... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 108.157.4.53 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 13.226.153.111 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.219.32.152 16509 (AMAZON-02)
10 13.248.221.98 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 158.69.52.117 16276 (OVH)
15 13.226.153.46 16509 (AMAZON-02)
1 108.157.4.34 16509 (AMAZON-02)
2 18.66.248.108 16509 (AMAZON-02)
1 52.216.204.27 16509 (AMAZON-02)
117 33
1    44.236.18.40 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-236-18-40.us-west-2.compute.amazonaws.com
shared.outlook.inky.com
27    2606:4700::6812:1f13 (United States)

ASN13335 (CLOUDFLARENET, US)
stores.xoxoday.com
2    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
2    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
cdn.trackjs.com
6    2600:9000:2182:a600:1:28b3:b280:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.weglot.com
4    108.157.4.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-113.dus51.r.cloudfront.net
static.hotjar.com
2    108.157.4.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-45.dus51.r.cloudfront.net
script.hotjar.com
2    18.66.248.223 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-223.dus51.r.cloudfront.net
www.datadoghq-browser-agent.com
4    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a04:4e42:200::393 (United States)

ASN54113 (FASTLY, US)
res.cloudinary.com
8    2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2606:4700::6811:d3cc (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
1    108.157.4.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-53.dus51.r.cloudfront.net
vars.hotjar.com
1    2606:4700::6811:46b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    2606:4700::6811:eecc (United States)

ASN13335 (CLOUDFLARENET, US)
js.usemessages.com
1    2606:4700:4400::ac40:9a55 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    2606:4700::6811:72b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsadspixel.net
1    13.226.153.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-153-111.dus51.r.cloudfront.net
vc.hotjar.io
1    2606:4700::6811:cacc (United States)

ASN13335 (CLOUDFLARENET, US)
api.hubapi.com
2    2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)
api.hubspot.com
1    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:400d:803::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.google.de
1    52.219.32.152 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: s3-ap-southeast-1-w.amazonaws.com
xoxoengage-images.s3.amazonaws.com
10    13.248.221.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: a44946a9dd66b7704.awsglobalaccelerator.com
xoxoday.freshchat.com
1    2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)
track.hubspot.com
1    158.69.52.117 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: prd-usage-3.tjsint.net
usage.trackjs.com
15    13.226.153.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-153-46.dus51.r.cloudfront.net
assetscdn-wchat.freshchat.com
1    108.157.4.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-34.dus51.r.cloudfront.net
rts-static-prod.freshworksapi.com
2    18.66.248.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-108.dus51.r.cloudfront.net
xoxoday.webpush.freshchat.com
1    52.216.204.27 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
fc-use1-00-pics-bkt-00.s3.amazonaws.com
Apex Domain
Subdomains		 Transfer
27 freshchat.com
xoxoday.freshchat.com
assetscdn-wchat.freshchat.com — Cisco Umbrella Rank: 16759
xoxoday.webpush.freshchat.com
698 KB
27 xoxoday.com
stores.xoxoday.com — Cisco Umbrella Rank: 773182
843 KB
8 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29
40 KB
7 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 643
script.hotjar.com — Cisco Umbrella Rank: 811
vars.hotjar.com — Cisco Umbrella Rank: 936
153 KB
6 weglot.com
cdn.weglot.com — Cisco Umbrella Rank: 10558
66 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 51
234 KB
3 hubspot.com
api.hubspot.com — Cisco Umbrella Rank: 4707
track.hubspot.com — Cisco Umbrella Rank: 2327
2 KB
3 cloudinary.com
res.cloudinary.com — Cisco Umbrella Rank: 1934
360 KB
3 trackjs.com
cdn.trackjs.com — Cisco Umbrella Rank: 17997
usage.trackjs.com — Cisco Umbrella Rank: 2858 Failed
19 KB
2 amazonaws.com
xoxoengage-images.s3.amazonaws.com
fc-use1-00-pics-bkt-00.s3.amazonaws.com — Cisco Umbrella Rank: 28722
29 KB
2 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 2271
1 KB
2 gstatic.com
fonts.gstatic.com
75 KB
2 datadoghq-browser-agent.com
www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 1822
29 KB
2 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2384
15 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
2 KB
1 freshworksapi.com
rts-static-prod.freshworksapi.com — Cisco Umbrella Rank: 10913
25 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 6041
548 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
548 B
1 hubapi.com
api.hubapi.com — Cisco Umbrella Rank: 3592
839 B
1 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 2243
258 B
1 doubleclick.net
stats.g.doubleclick.net Failed
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
2 KB
1 hsadspixel.net
js.hsadspixel.net — Cisco Umbrella Rank: 3342 Failed
3 KB
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2228 Failed
62 KB
1 usemessages.com
js.usemessages.com — Cisco Umbrella Rank: 4621 Failed
21 KB
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 2217 Failed
20 KB
1 inky.com
shared.outlook.inky.com — Cisco Umbrella Rank: 93257
526 B
117 26
Domain Requested by
27 stores.xoxoday.com 1 redirects stores.xoxoday.com
cdn.trackjs.com
15 assetscdn-wchat.freshchat.com xoxoday.freshchat.com
assetscdn-wchat.freshchat.com
10 xoxoday.freshchat.com stores.xoxoday.com
xoxoday.freshchat.com
assetscdn-wchat.freshchat.com
8 www.google-analytics.com www.googletagmanager.com
cdn.trackjs.com
stores.xoxoday.com
6 cdn.weglot.com stores.xoxoday.com
cdn.trackjs.com
cdn.weglot.com
4 www.googletagmanager.com stores.xoxoday.com
js.hsadspixel.net
www.googletagmanager.com
4 static.hotjar.com stores.xoxoday.com
3 res.cloudinary.com stores.xoxoday.com
2 xoxoday.webpush.freshchat.com xoxoday.freshchat.com
xoxoday.webpush.freshchat.com
2 api.hubspot.com cdn.trackjs.com
2 js.hs-scripts.com www.googletagmanager.com
2 fonts.gstatic.com fonts.googleapis.com
2 www.datadoghq-browser-agent.com cdn.weglot.com
2 script.hotjar.com static.hotjar.com
2 cdn.trackjs.com stores.xoxoday.com
2 stackpath.bootstrapcdn.com stores.xoxoday.com
2 fonts.googleapis.com stores.xoxoday.com
1 fc-use1-00-pics-bkt-00.s3.amazonaws.com
1 rts-static-prod.freshworksapi.com assetscdn-wchat.freshchat.com
1 track.hubspot.com
1 xoxoengage-images.s3.amazonaws.com stores.xoxoday.com
1 www.google.de stores.xoxoday.com
1 www.google.com stores.xoxoday.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 api.hubapi.com cdn.trackjs.com
1 vc.hotjar.io cdn.trackjs.com
1 vars.hotjar.com static.hotjar.com
1 js.hsadspixel.net js.hs-scripts.com
1 js.hs-banner.com js.hs-scripts.com
1 js.usemessages.com js.hs-scripts.com
1 js.hs-analytics.net js.hs-scripts.com
1 usage.trackjs.com
1 shared.outlook.inky.com 1 redirects
0 stats.g.doubleclick.net Failed cdn.trackjs.com
117 34

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-03-26 -
2023-03-26		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
cdn.trackjs.com
R3		 2022-12-13 -
2023-03-13		 3 months crt.sh
*.weglot.com
Amazon		 2022-03-09 -
2023-04-07		 a year crt.sh
*.hotjar.com
Amazon		 2022-10-25 -
2023-11-23		 a year crt.sh
*.datadoghq-browser-agent.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-17 -
2023-02-18		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.cloudinary.com
Go Daddy Secure Certificate Authority - G2		 2022-05-30 -
2023-07-01		 a year crt.sh
*.hotjar.io
Amazon		 2022-07-18 -
2023-08-16		 a year crt.sh
hubapi.com
Cloudflare Inc ECC CA-3		 2022-05-07 -
2023-05-07		 a year crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2022-03-08 -
2023-03-07		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.s3.amazonaws.com
Amazon		 2022-09-21 -
2023-08-26		 a year crt.sh
*.freshchat.com
Amazon		 2022-03-23 -
2023-04-21		 a year crt.sh
*.trackjs.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-07-28 -
2023-08-11		 a year crt.sh
freshchat.com
Amazon		 2022-06-28 -
2023-07-27		 a year crt.sh
freshworksapi.com
Amazon		 2022-12-19 -
2024-01-16		 a year crt.sh
*.wchat.webpush.myfreshworks.com
Amazon		 2022-07-06 -
2023-08-04		 a year crt.sh

This page contains 5 frames:

Primary Page: https://stores.xoxoday.com/protera/xms/?redeem=code
Frame ID: 80464DB665DD50C8889FAD74623080B1
Requests: 86 HTTP requests in this frame

Frame: https://stores.xoxoday.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1671782400
Frame ID: 8633628ABEC47A9E6C22189DFC0A0B79
Requests: 3 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
Frame ID: E8369D40E8FAD80561F03BF36B8E260F
Requests: 1 HTTP requests in this frame

Frame: https://xoxoday.freshchat.com/widget/?token=effa1b5c-39c9-42a6-8c39-8dd8793d9e3f&referrer=aHR0cHM6Ly9zdG9yZXMueG94b2RheS5jb20=
Frame ID: 52A908D4A624A0E6A655C890680AE5F4
Requests: 24 HTTP requests in this frame

Frame: https://xoxoday.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly9zdG9yZXMueG94b2RheS5jb20=
Frame ID: 809E30D44511C854BB45F5881C305959
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Activities, Tours, Attractions, Things To Do in Your City - Xoxoday

Page URL History Show full URLs

  1. https://shared.outlook.inky.com/link?domain=stores.xoxoday.com&t=h.eJxdj1EKwjAQRK9S8i0JsWkTC2KvsiZbGrTdkqzQI... HTTP 303
    https://stores.xoxoday.com/protera/xms?redeem=code HTTP 301
    https://stores.xoxoday.com/protera/xms/?redeem=code Page URL
  2. https://stores.xoxoday.com/protera/xms/?redeem=code Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics
Overall confidence: 100%
Detected patterns
  • cdn\.weglot\.com

Page Statistics

117
Requests

93 %
HTTPS

58 %
IPv6

26
Domains

34
Subdomains

33
IPs

5
Countries

2700 kB
Transfer

8960 kB
Size

23
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://shared.outlook.inky.com/link?domain=stores.xoxoday.com&t=h.eJxdj1EKwjAQRK9S8i0JsWkTC2KvsiZbGrTdkqzQIt5dIwri7-zbx8xd3NJVdJUYmZfcKZWZEma50koBNulpUksixgRqnfIpYUCcjp4Cil0lLuX1e0fJI_AYX0zY-k_6Npi9gxodogM4D3ZobW3ANt6bxjXgrdKt1fagja2lc0WMRTwTxyF64Ehz7n8qFSIU4i_jMkU_nhyVRR4.MEYCIQDTkSOvuAFZklyUT8avymnCjwUBnRDwo-tkZ0j-qrAeuQIhAMTjQd8xeZN6k7D22KBDmgQ09eqrpmsC0u2LWGs15Mja HTTP 303
    https://stores.xoxoday.com/protera/xms?redeem=code HTTP 301
    https://stores.xoxoday.com/protera/xms/?redeem=code Page URL
  2. https://stores.xoxoday.com/protera/xms/?redeem=code Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://shared.outlook.inky.com/link?domain=stores.xoxoday.com&t=h.eJxdj1EKwjAQRK9S8i0JsWkTC2KvsiZbGrTdkqzQIt5dIwri7-zbx8xd3NJVdJUYmZfcKZWZEma50koBNulpUksixgRqnfIpYUCcjp4Cil0lLuX1e0fJI_AYX0zY-k_6Npi9gxodogM4D3ZobW3ANt6bxjXgrdKt1fagja2lc0WMRTwTxyF64Ehz7n8qFSIU4i_jMkU_nhyVRR4.MEYCIQDTkSOvuAFZklyUT8avymnCjwUBnRDwo-tkZ0j-qrAeuQIhAMTjQd8xeZN6k7D22KBDmgQ09eqrpmsC0u2LWGs15Mja HTTP 303
  • https://stores.xoxoday.com/protera/xms?redeem=code HTTP 301
  • https://stores.xoxoday.com/protera/xms/?redeem=code

117 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
stores.xoxoday.com/protera/xms/
Redirect Chain
  • https://shared.outlook.inky.com/link?domain=stores.xoxoday.com&t=h.eJxdj1EKwjAQRK9S8i0JsWkTC2KvsiZbGrTdkqzQIt5dIwri7-zbx8xd3NJVdJUYmZfcKZWZEma50koBNulpUksixgRqnfIpYUCcjp4Cil0lLuX1e0fJI_AYX0zY-k_6Np...
  • https://stores.xoxoday.com/protera/xms?redeem=code
  • https://stores.xoxoday.com/protera/xms/?redeem=code
8 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://stores.xoxoday.com/protera/xms/?redeem=code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63f4595be785dd323aa2ad4cf0fc80bd1445da8e9d8f380e76efe75d357e9883

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
77e0992cbd612bb9-FRA
content-encoding
gzip
content-security-policy-report-only
script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=Emcrh3gGGjBTh_vnRKvTXOlRprZ9veuYK674WJ2gQ48-1671793277-0-ATiJ1Scb-67Ggc8uoUUCH3t3BYty301K7H4TrSbMZdIp-m917USjiVDupZ6u0l0EjMT71as09ACP8YQYqB7xhKfSnMq9howvkZRzPp47_bHe; report-to cf-csp-endpoint
content-type
text/html
date
Fri, 23 Dec 2022 11:01:17 GMT
expires
0
last-modified
Thu, 15 Dec 2022 16:02:18 GMT
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=Emcrh3gGGjBTh_vnRKvTXOlRprZ9veuYK674WJ2gQ48-1671793277-0-ATiJ1Scb-67Ggc8uoUUCH3t3BYty301K7H4TrSbMZdIp-m917USjiVDupZ6u0l0EjMT71as09ACP8YQYqB7xhKfSnMq9howvkZRzPp47_bHe"}],"group":"cf-csp-endpoint","max_age":86400}
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
max-age=600
cf-cache-status
DYNAMIC
cf-ray
77e099284c3e2bb9-FRA
content-type
text/html; charset=iso-8859-1
date
Fri, 23 Dec 2022 11:01:16 GMT
expires
Fri, 23 Dec 2022 11:11:16 GMT
location
https://stores.xoxoday.com/protera/xms/?redeem=code
server
cloudflare
css2
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap
Requested by
Host: stores.xoxoday.com
URL: https://stores.xoxoday.com/protera/xms/?redeem=code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cc4772532e5066f9e49faf08fde464ad5f7947463c4c2b48a4c339efe7cd5f28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 23 Dec 2022 11:01:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 23 Dec 2022 10:38:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 23 Dec 2022 11:01:17 GMT
font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: stores.xoxoday.com
URL: https://stores.xoxoday.com/protera/xms/?redeem=code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://stores.xoxoday.com/
Origin
https://stores.xoxoday.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 11:01:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
871
age
3539
cdn-cachedat
07/07/2022 17:49:34
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
W/"269550530cc127b6aa5a35925a7de6ce"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
e2e9c17a66e9520998de612ad0a6fe80
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
77e0992e2e9c2be6-FRA
cdn-requestpullsuccess
True
t.js
cdn.trackjs.com/agent/v3/latest/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.trackjs.com/agent/v3/latest/t.js
Requested by
Host: stores.xoxoday.com
URL: https://stores.xoxoday.com/protera/xms/?redeem=code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
AmazonS3 /
Resource Hash
7b116ac42dfa848b8cbeff07cae0cc208a898111a7191ab266b4f0241683671a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 11:01:17 GMT
content-encoding
gzip
x-amz-meta-cache-control
s-max-age=3600, max-age=604800, public
x-amz-request-id
4TVZV8YMHX6FZPP1
x-amz-meta-content-type
application/javascript
content-length
9283
x-amz-id-2
SjQVKoGLsWKov8ZKEiOG0gdk+eqjnGFMwDc//3rJ02EDKPpzWrJr7wghxqx2JDieEsYedlgLvMo=
x-sp-metadata
HS256.CI2xlp0GEoUBCiQwODAyZDgxYi1lNjZhLTQ4MjktYmE1OS0zMDNhYWE1ODc3MTYQyLOy7JX3+wIaBgj9lJadBiIKMzcuNTguNTcuMyjSqwIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRorCAESJGQyZjcwOGM1LTgxMGMtNGMwZS04MTY3LTI5OGVmYjRhMTc5ZBjDSCIYCAISFGNkczI2OS5mcjguaHdjZG4ubmV0.4HmMMgtXKWQpFyKv7umU8XHCBcUseBK6mWhPMFhwWV8=
last-modified
Thu, 05 Aug 2021 14:40:38 GMT
server
AmazonS3
etag
"48ead32171e554edb2744890102504b0"
x-hw
1671793277.cds163.fr8.hn,1671793277.cds269.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-max-age=3600, max-age=604800, public
accept-ranges
bytes
9.b690ddfc.chunk.css
stores.xoxoday.com/static/css/ 		161 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stores.xoxoday.com/static/css/9.b690ddfc.chunk.css
Requested by
Host: stores.xoxoday.com
URL: https://stores.xoxoday.com/protera/xms/?redeem=code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a05c933df1710a9489ba16a496c86a418aa84eeb6fdce78b515364502b0d2def

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/protera/xms/?redeem=code
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 11:01:17 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Dec 2022 16:02:18 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
77e0992e0fcf2bb9-FRA
content-length
25153
expires
0
main.2ef987cc.chunk.css
stores.xoxoday.com/static/css/ 		47 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stores.xoxoday.com/static/css/main.2ef987cc.chunk.css
Requested by
Host: stores.xoxoday.com
URL: https://stores.xoxoday.com/protera/xms/?redeem=code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58e8839726a535705fa9298444c3ef8d90db7178643f046aa68cf630c547db65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/protera/xms/?redeem=code
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 11:01:17 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Dec 2022 16:02:18 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
77e0992e0fd22bb9-FRA
content-length
10982
expires
0
weglot.min.js
cdn.weglot.com/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.weglot.com/weglot.min.js
Requested by
Host: stores.xoxoday.com
URL: https://stores.xoxoday.com/protera/xms/?redeem=code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:a600:1:28b3:b280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
87c801524012c878318b0f79469ff28659a9da0c847b7c0aa1428df38028463e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
date
Fri, 23 Dec 2022 10:37:06 GMT
last-modified
Wed, 14 Dec 2022 13:04:14 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
age
1451
etag
W/"4433335b567cd2ef4d1c9ba20c836839"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=1800
x-amz-cf-id
JdLKPX2ZEkY-0C4ApwH3IkxC34wDFK-yvjiHnSMXhhE9in4DkYi_5g==
9.64a5f885.chunk.js
stores.xoxoday.com/static/js/ 		1018 KB
291 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stores.xoxoday.com/static/js/9.64a5f885.chunk.js
Requested by
Host: stores.xoxoday.com
URL: https://stores.xoxoday.com/protera/xms/?redeem=code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a2d2febc39b73e1801053767b363960de3a2b2212952d16599d1fd8290af054

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/protera/xms/?redeem=code
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 11:01:17 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Dec 2022 16:02:18 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
77e0992e0fd62bb9-FRA
expires
0
main.184944a1.chunk.js
stores.xoxoday.com/static/js/ 		216 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stores.xoxoday.com/static/js/main.184944a1.chunk.js
Requested by
Host: stores.xoxoday.com
URL: https://stores.xoxoday.com/protera/xms/?redeem=code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82faa85bd8976d988ef33bba580cfc4f06ae4329ff8a63033fb1068ac5dff41e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/protera/xms/?redeem=code
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 11:01:17 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Dec 2022 16:02:18 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
77e0992e0fdb2bb9-FRA
content-length
54684
expires
0
hotjar-2224300.js
static.hotjar.com/c/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2224300.js?sv=6
Requested by
Host: stores.xoxoday.com
URL: https://stores.xoxoday.com/protera/xms/?redeem=code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-113.dus51.r.cloudfront.net
Software
/
Resource Hash
a9b231101405a5f5f9cfb43e562a586d99244a3b36431a5e827b22a10e267f4e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 11:00:37 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 c9ca35e5541827c5873bfdb59f015b20.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
age
40
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/c13a57de8b0e562275ad68451fb07f08
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
x-amz-cf-id
EEG7wXjKk-bbGzPCPgeUJUwKJeypaYrTrx4ooHyx9D864kj8Q2hWOQ==
modules.352fddba5b21bbfc3a08.js
script.hotjar.com/ 		264 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.352fddba5b21bbfc3a08.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2224300.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-45.dus51.r.cloudfront.net
Software
/
Resource Hash
6c8b822ba2fa788a754e0a94055060c9c897dfb29538d92e04fd3f83d407bcb7
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 08:07:05 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 3ac8e795602d9d156b63546d3d0aaad0.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
age
96852
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
68894
last-modified
Thu, 22 Dec 2022 08:06:23 GMT
etag
"3256c76707175033b83ffe82f89b32ec"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
qG7gw3uPlcbtU2UWRKYnhVN8cXoKAhyvNS-fWKMRruF6NceCeqE9NQ==
fae9f07765496a53dbbaf34855be5d376.json
cdn.weglot.com/projects-settings/ 		4 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.weglot.com/projects-settings/fae9f07765496a53dbbaf34855be5d376.json
Requested by
Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:a600:1:28b3:b280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b7401da9a0ebb1da9ce05669653be2d634f3bebeda4f4d82690b98a1dc50eee2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 11:23:53 GMT
x-amz-version-id
null
content-encoding
gzip
last-modified
Tue, 20 Dec 2022 11:23:47 GMT
server
AmazonS3
via
1.1 e5dcf90f3787d486ad40e46070021460.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
etag
W/"0ce00ae32dbe576b528698d1cf035ff4"
age
257845
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
9fVjn8aYJme-7wXYimLAcX2up99U1Wb2H5Qxe02XM70I60Se3I-Bwg==
weglot.min.css
cdn.weglot.com/ 		28 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.weglot.com/weglot.min.css?v=4
Requested by
Host: cdn.weglot.com
URL: https://cdn.weglot.com/weglot.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:a600:1:28b3:b280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8eb91a0802b9e79aef3e47554a25b80de2f8ef73d3053b28c81820734179f4e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 16:50:52 GMT
content-encoding
gzip
via
1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
x-amz-version-id
null
last-modified
Wed, 14 Dec 2022 13:07:18 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
age
151827
etag
W/"b72cdd8118949f04803d561712cf0c5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css; charset=utf-8
cache-control
max-age=2592000
x-amz-cf-id
T7FbJDSTLHfUEwjyYu0AcAbEDDtzLG21D5Yx2EgwbfsOV41Gp-Wf6A==
datadog-logs-v4.js
www.datadoghq-browser-agent.com/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.datadoghq-browser-agent.com/datadog-logs-v4.js
Requested by
Host: cdn.weglot.com
URL: https://cdn.weglot.com/weglot.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-223.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
67bdc30246ac58892847f14b491de2e1f35e674c8b32ae4b4b3f3193b7d5b505

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 11:00:53 GMT
content-encoding
br
via
1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
last-modified
Thu, 15 Dec 2022 09:55:03 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
26
etag
W/"826738fcff06b8c83957c026f753cd82"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=14400, s-maxage=60
timing-allow-origin
*
x-amz-cf-id
YK_odCHVnjefqnRyDLhbpeKle83zaSn-N2TgoriC9F5gAq61AdzQNg==
gtm.js
www.googletagmanager.com/ 		135 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TRZ23JQ&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: stores.xoxoday.com
URL: https://stores.xoxoday.com/protera/xms/?redeem=code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 11:01:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50686
x-xss-protection
0
last-modified
Fri, 23 Dec 2022 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 23 Dec 2022 11:01:18 GMT
Primary Request /
stores.xoxoday.com/protera/xms/ 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://stores.xoxoday.com/protera/xms/?redeem=code
Requested by
Host: stores.xoxoday.com
URL: https://stores.xoxoday.com/static/js/main.184944a1.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b8740c43587bf057d1d6671cc706bd07183a3277c4b680b31f496c268a1b773

Request headers

Referer
https://stores.xoxoday.com/protera/xms/?redeem=code
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
77e09936795b2bb9-FRA
content-encoding
gzip
content-type
text/html
date
Fri, 23 Dec 2022 11:01:18 GMT
expires
0
last-modified
Thu, 15 Dec 2022 16:02:18 GMT
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
loading.gif
stores.xoxoday.com/img/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stores.xoxoday.com/img/loading.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/protera/xms/?redeem=code
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 11:01:18 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Dec 2022 15:59:54 GMT
server
cloudflare
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
77e09936895d2bb9-FRA
content-length
10741
expires
0
url_preferences
stores.xoxoday.com/chef/api/public/graph/stores/ 		0
0
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://stores.xoxoday.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 17 Dec 2022 06:58:38 GMT
x-content-type-options
nosniff
age
532960
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37924
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:54:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Dec 2023 06:58:38 GMT
404-not-found.svg
res.cloudinary.com/dyyjph6kx/image/upload/v1662630113/store/ 		86 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/dyyjph6kx/image/upload/v1662630113/store/404-not-found.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 11:01:18 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=604800
content-disposition
attachment; filename="404-not-found.svg"
server-timing
fastly;dur=5;cpu=4;start=2022-12-23T11:01:18.553Z;desc=hit,rtt;dur=6
content-length
27966
last-modified
Thu, 08 Sep 2022 09:41:55 GMT
server
Cloudinary
etag
W/"d76fad04ada80146887b8a19c07ef87b"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
usage.gif
usage.trackjs.com/ 		0
0
hotjar-2913748.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2913748.js?sv=6
Requested by
Host: stores.xoxoday.com
URL: https://stores.xoxoday.com/protera/xms/?redeem=code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-113.dus51.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Fri, 23 Dec 2022 11:00:20 GMT
via
1.1 c9ca35e5541827c5873bfdb59f015b20.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
age
57
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/3b18449bf9dcb992a900a6c0c9db07de
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
zc5pZmGN3ysu8pFJCNhRC4JFcqfJJx3EbdFzLWicZkl5EqK77v8zew==
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRZ23JQ&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 23 Dec 2022 10:36:51 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
1467
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Fri, 23 Dec 2022 12:36:51 GMT
6512810.js
js.hs-scripts.com/ 		2 KB
876 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/6512810.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRZ23JQ&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d3cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 11:01:18 GMT
content-encoding
br
cf-cache-status
HIT
x-hubspot-correlation-id
165819ce-7025-4db1-b70e-84f693e7d6a6
age
34
cf-polished
origSize=1920
cf-bgj
minify
last-modified
Fri, 23 Dec 2022 11:00:44 GMT
server
cloudflare
x-trace
2BF414CA21008C65888B08A497AA854C9B27A394EE000000000000000000
access-control-max-age
3600
vary
origin, Accept-Encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://blog.empuls.io
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
77e09937396a9bc4-FRA
expires
Fri, 23 Dec 2022 11:02:18 GMT
collect
www.google-analytics.com/j/ 		2 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=352431704&t=pageview&_s=1&dl=https%3A%2F%2Fstores.xoxoday.com%2Fprotera%2Fxms%2F%3Fredeem%3Dcode&ul=en-us&de=UTF-8&dt=Activities%2C%20Tours%2C%20Attractions%2C%20Things%20To%20Do%20in%20Your%20City%20-%20Xoxoday&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1537581618&gjid=475882662&cid=1663801105.1671793279&tid=UA-137250944-1&_gid=1573249418.1671793279&_r=1&gtm=2wgbu0TRZ23JQ&z=1824101502
Requested by
Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://stores.xoxoday.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 11:01:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://stores.xoxoday.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=352431704&t=pageview&_s=1&dl=https%3A%2F%2Fstores.xoxoday.com%2Fprotera%2Fxms%2F%3Fredeem%3Dcode&ul=en-us&de=UTF-8&dt=Activities%2C%20Tours%2C%20Attractions%2C%20Things%20To%20Do%20in%20Your%20City%20-%20Xoxoday&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAACAAI~&jid=&gjid=&cid=1663801105.1671793279&tid=UA-137250944-1&_gid=1573249418.1671793279&gtm=2wgbu0TRZ23JQ&z=1573841793
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 14:30:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
73857
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=352431704&t=pageview&_s=1&dl=https%3A%2F%2Fstores.xoxoday.com%2Fprotera%2Fxms%2F%3Fredeem%3Dcode&ul=en-us&de=UTF-8&dt=Activities%2C%20Tours%2C%20Attractions%2C%20Things%20To%20Do%20in%20Your%20City%20-%20Xoxoday&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAACAAI~&jid=&gjid=&cid=1663801105.1671793279&tid=UA-137250944-1&_gid=1573249418.1671793279&gtm=2wgbu0TRZ23JQ&z=431339627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 14:30:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
73857
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
6512810.js
js.hs-analytics.net/analytics/1671793200000/ 		0
0
conversations-embed.js
js.usemessages.com/ 		0
0
banner.js
js.hs-banner.com/v2/6512810/ 		0
0
fb.js
js.hsadspixel.net/ 		0
0
collect
stats.g.doubleclick.net/j/ 		0
0
css2
fonts.googleapis.com/ 		9 KB
695 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap
Requested by
Host: stores.xoxoday.com
URL: https://stores.xoxoday.com/protera/xms/?redeem=code
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cc4772532e5066f9e49faf08fde464ad5f7947463c4c2b48a4c339efe7cd5f28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 23 Dec 2022 11:01:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 23 Dec 2022 10:15:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 23 Dec 2022 11:01:18 GMT
font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: stores.xoxoday.com
URL: https://stores.xoxoday.com/protera/xms/?redeem=code
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://stores.xoxoday.com/
Origin
https://stores.xoxoday.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 11:01:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
722
age
1351835
cdn-cachedat
11/18/2022 06:18:29
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
W/"269550530cc127b6aa5a35925a7de6ce"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
b3e9051733ef7db0824f4f676f0785aa
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
77e09937db295b3e-FRA
cdn-requestpullsuccess
True
t.js
cdn.trackjs.com/agent/v3/latest/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.trackjs.com/agent/v3/latest/t.js
Requested by
Host: stores.xoxoday.com
URL: https://stores.xoxoday.com/protera/xms/?redeem=code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
AmazonS3 /
Resource Hash
7b116ac42dfa848b8cbeff07cae0cc208a898111a7191ab266b4f0241683671a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 11:01:18 GMT
content-encoding
gzip
x-amz-meta-cache-control
s-max-age=3600, max-age=604800, public
x-amz-request-id
4TVZV8YMHX6FZPP1
x-amz-meta-content-type
application/javascript
content-length
9283
x-amz-id-2
SjQVKoGLsWKov8ZKEiOG0gdk+eqjnGFMwDc//3rJ02EDKPpzWrJr7wghxqx2JDieEsYedlgLvMo=
x-sp-metadata
HS256.CI6xlp0GEoUBCiQ2Yjc2ZTEwZC05MzZjLTRjODYtOTM4MC1hMDY4YmY0ZDQzNmMQyLOy7JX3+wIaBgj+lJadBiIKMzcuNTguNTcuMyjSqwIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRorCAESJDdkNGIyMTFjLTZhMjItNDAzYS1iNzBjLWZkNjc5NTUwOWIyMBjDSCIYCAISFGNkczI2OS5mcjguaHdjZG4ubmV0.PFFIVyxNVK7Dl9wtgfv0p0nqGIdiF8GvcjOxpAKB6L0=
last-modified
Thu, 05 Aug 2021 14:40:38 GMT
server
AmazonS3
etag
"48ead32171e554edb2744890102504b0"
x-hw
1671793278.cds163.fr8.hn,1671793278.cds269.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-max-age=3600, max-age=604800, public
accept-ranges
bytes
9.b690ddfc.chunk.css
stores.xoxoday.com/static/css/ 		161 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stores.xoxoday.com/static/css/9.b690ddfc.chunk.css
Requested by
Host: stores.xoxoday.com
URL: https://stores.xoxoday.com/protera/xms/?redeem=code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a05c933df1710a9489ba16a496c86a418aa84eeb6fdce78b515364502b0d2def

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/protera/xms/?redeem=code
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 11:01:18 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Dec 2022 16:02:18 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
77e09937cbc62bb9-FRA
content-length
25153
expires
0
main.2ef987cc.chunk.css
stores.xoxoday.com/static/css/ 		47 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stores.xoxoday.com/static/css/main.2ef987cc.chunk.css
Requested by
Host: stores.xoxoday.com
URL: https://stores.xoxoday.com/protera/xms/?redeem=code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58e8839726a535705fa9298444c3ef8d90db7178643f046aa68cf630c547db65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/protera/xms/?redeem=code
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 11:01:18 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Dec 2022 16:02:18 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
77e09937cbc72bb9-FRA
content-length
10982
expires
0
weglot.min.js
cdn.weglot.com/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.weglot.com/weglot.min.js
Requested by
Host: stores.xoxoday.com
URL: https://stores.xoxoday.com/protera/xms/?redeem=code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:a600:1:28b3:b280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
87c801524012c878318b0f79469ff28659a9da0c847b7c0aa1428df38028463e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
date
Fri, 23 Dec 2022 10:37:06 GMT
last-modified
Wed, 14 Dec 2022 13:04:14 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
age
1452
etag
W/"4433335b567cd2ef4d1c9ba20c836839"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=1800
x-amz-cf-id
QRnAYwOntVfwKowrTdYmQoPY9u_tumvAqq1-Q0lWvBuUXlbEicuv5g==
9.64a5f885.chunk.js
stores.xoxoday.com/static/js/ 		1018 KB
291 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stores.xoxoday.com/static/js/9.64a5f885.chunk.js
Requested by
Host: stores.xoxoday.com
URL: https://stores.xoxoday.com/protera/xms/?redeem=code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a2d2febc39b73e1801053767b363960de3a2b2212952d16599d1fd8290af054

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/protera/xms/?redeem=code
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 11:01:18 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Dec 2022 16:02:18 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
77e09937cbc82bb9-FRA
expires
0
main.184944a1.chunk.js
stores.xoxoday.com/static/js/ 		216 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stores.xoxoday.com/static/js/main.184944a1.chunk.js
Requested by
Host: stores.xoxoday.com
URL: https://stores.xoxoday.com/protera/xms/?redeem=code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82faa85bd8976d988ef33bba580cfc4f06ae4329ff8a63033fb1068ac5dff41e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/protera/xms/?redeem=code
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 11:01:19 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Dec 2022 16:02:18 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
77e09937cbcb2bb9-FRA
content-length
54684
expires
0
hotjar-2224300.js
static.hotjar.com/c/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2224300.js?sv=6
Requested by
Host: stores.xoxoday.com
URL: https://stores.xoxoday.com/protera/xms/?redeem=code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-113.dus51.r.cloudfront.net
Software
/
Resource Hash
a9b231101405a5f5f9cfb43e562a586d99244a3b36431a5e827b22a10e267f4e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 11:00:37 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 c9ca35e5541827c5873bfdb59f015b20.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
age
41
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/c13a57de8b0e562275ad68451fb07f08
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
x-amz-cf-id
ExBlY3xfxtQF7q7LMCGX4ofM46DB5J1Rm13d4227RkazMxaQTl46sQ==
modules.352fddba5b21bbfc3a08.js
script.hotjar.com/ 		264 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.352fddba5b21bbfc3a08.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2224300.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-45.dus51.r.cloudfront.net
Software
/
Resource Hash
6c8b822ba2fa788a754e0a94055060c9c897dfb29538d92e04fd3f83d407bcb7
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 08:07:05 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 3ac8e795602d9d156b63546d3d0aaad0.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
age
96853
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
68894
last-modified
Thu, 22 Dec 2022 08:06:23 GMT
etag
"3256c76707175033b83ffe82f89b32ec"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
bCDw3LIh1_aQ27Yo3b-iLKEmrd8u6oEAg7P5F-Tn74ocauipJqIZ0w==
fae9f07765496a53dbbaf34855be5d376.json
cdn.weglot.com/projects-settings/ 		4 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.weglot.com/projects-settings/fae9f07765496a53dbbaf34855be5d376.json
Requested by
Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:a600:1:28b3:b280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b7401da9a0ebb1da9ce05669653be2d634f3bebeda4f4d82690b98a1dc50eee2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 11:23:53 GMT
x-amz-version-id
null
content-encoding
gzip
last-modified
Tue, 20 Dec 2022 11:23:47 GMT
server
AmazonS3
via
1.1 e5dcf90f3787d486ad40e46070021460.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
etag
W/"0ce00ae32dbe576b528698d1cf035ff4"
age
257846
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
jS1HJlSMhpWkg92RXIv5k0lnB107GmqShmt8fuYK7K7YJd3cpkcrEA==
weglot.min.css
cdn.weglot.com/ 		28 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.weglot.com/weglot.min.css?v=4
Requested by
Host: cdn.weglot.com
URL: https://cdn.weglot.com/weglot.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:a600:1:28b3:b280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8eb91a0802b9e79aef3e47554a25b80de2f8ef73d3053b28c81820734179f4e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 16:50:52 GMT
content-encoding
gzip
via
1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
x-amz-version-id
null
last-modified
Wed, 14 Dec 2022 13:07:18 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
age
151827
etag
W/"b72cdd8118949f04803d561712cf0c5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css; charset=utf-8
cache-control
max-age=2592000
x-amz-cf-id
ZWDT86QOWKkv9Gn6bfpNC8Jgwdr6H3PIytfH4g7qHDZeFK8M8fFYPw==
datadog-logs-v4.js
www.datadoghq-browser-agent.com/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.datadoghq-browser-agent.com/datadog-logs-v4.js
Requested by
Host: cdn.weglot.com
URL: https://cdn.weglot.com/weglot.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-223.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
67bdc30246ac58892847f14b491de2e1f35e674c8b32ae4b4b3f3193b7d5b505

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 11:00:53 GMT
content-encoding
br
via
1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
last-modified
Thu, 15 Dec 2022 09:55:03 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
26
etag
W/"826738fcff06b8c83957c026f753cd82"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=14400, s-maxage=60
timing-allow-origin
*
x-amz-cf-id
4B4woyFR1f4PtNm3thNo4ne2tuztE-fYEhmInimfUTf8HAzmuaMVkQ==
gtm.js
www.googletagmanager.com/ 		135 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TRZ23JQ&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: stores.xoxoday.com
URL: https://stores.xoxoday.com/protera/xms/?redeem=code
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5e2d6a1925ec8cdf8ed3cce014971ac229b594971abcfbfe6832dfed9e20cad6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 11:01:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50686
x-xss-protection
0
last-modified
Fri, 23 Dec 2022 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 23 Dec 2022 11:01:19 GMT
loading.gif
stores.xoxoday.com/img/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stores.xoxoday.com/img/loading.gif
Requested by
Host: stores.xoxoday.com
URL: https://stores.xoxoday.com/protera/xms/?redeem=code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38eab160f6b3a61bd6e97d39782a8692eb9fc7b11338f71f97dff2850d63f1e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/protera/xms/?redeem=code
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 11:01:19 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Dec 2022 15:59:54 GMT
server
cloudflare
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
77e0993e99972bb9-FRA
content-length
10741
expires
0
url_preferences
stores.xoxoday.com/chef/api/public/graph/stores/ 		302 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stores.xoxoday.com/chef/api/public/graph/stores/url_preferences
Requested by
Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c96f487a358a41448c216a8d85a15953f1b2acace963d333bfcd55349b339c8c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://stores.xoxoday.com/protera/xms/?redeem=code
accept-language
de-DE,de;q=0.9
lng
en
pltfm
4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 23 Dec 2022 11:01:20 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
etag
W/"12e-BjmjHJvptI+qQnzMngrb3MdwOPA"
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
https://stores.xoxoday.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
xoxo-tracer-id
21221f20-82b1-11ed-b19c-05d1b3b5bc11
cf-ray
77e0993ea99b2bb9-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, a_t, Set-Cookie, lng, pltfm, hash, csrf, authorization
expires
0
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://stores.xoxoday.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 17 Dec 2022 06:58:38 GMT
x-content-type-options
nosniff
age
532961
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37924
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:54:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Dec 2023 06:58:38 GMT
404-not-found.svg
res.cloudinary.com/dyyjph6kx/image/upload/v1662630113/store/ 		86 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/dyyjph6kx/image/upload/v1662630113/store/404-not-found.svg
Requested by
Host: stores.xoxoday.com
URL: https://stores.xoxoday.com/protera/xms/?redeem=code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
13de9554a364a3a25a8d7b18551d3697f354651582a85c017a8307b2fa63ec75
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 11:01:19 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=604800
content-disposition
attachment; filename="404-not-found.svg"
server-timing
fastly;dur=1;start=2022-12-23T11:01:19.806Z;desc=hit,rtt;dur=6
content-length
27966
last-modified
Thu, 08 Sep 2022 09:41:55 GMT
server
Cloudinary
etag
W/"d76fad04ada80146887b8a19c07ef87b"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
invisible.js
stores.xoxoday.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 8633 		31 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stores.xoxoday.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1671782400
Requested by
Host: stores.xoxoday.com
URL: https://stores.xoxoday.com/protera/xms/?redeem=code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fe026c09ca9554cbfb0b5885666c48333f643bf8b2314b29e1267363184d56f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 11:01:19 GMT
content-encoding
gzip
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
77e0993eea1a2bb9-FRA
hotjar-2913748.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2913748.js?sv=6
Requested by
Host: stores.xoxoday.com
URL: https://stores.xoxoday.com/protera/xms/?redeem=code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-113.dus51.r.cloudfront.net
Software
/
Resource Hash
b5b00058f9dfb36d4003614b8ad535403705f0f4371df3d29d3f30a0741ea5e9
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Fri, 23 Dec 2022 11:00:20 GMT
via
1.1 c9ca35e5541827c5873bfdb59f015b20.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
age
58
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/3b18449bf9dcb992a900a6c0c9db07de
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
zR_HgbR0hf8ndyf9BGPiJ6vKcTMKLt1GQqccLIyMb3I7HhjvahXn8g==
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRZ23JQ&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 23 Dec 2022 09:29:14 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
5525
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Fri, 23 Dec 2022 11:29:14 GMT
6512810.js
js.hs-scripts.com/ 		2 KB
568 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/6512810.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRZ23JQ&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d3cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21830cfed5ff5d0a4930b9d487ca0b40e512855c66a1e1f205d72d743a34775c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 11:01:19 GMT
content-encoding
br
cf-cache-status
HIT
x-hubspot-correlation-id
165819ce-7025-4db1-b70e-84f693e7d6a6
age
35
cf-polished
origSize=1920
cf-bgj
minify
last-modified
Fri, 23 Dec 2022 11:00:44 GMT
server
cloudflare
x-trace
2BF414CA21008C65888B08A497AA854C9B27A394EE000000000000000000
access-control-max-age
3600
vary
origin, Accept-Encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://blog.empuls.io
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
77e0993f289c9bc4-FRA
expires
Fri, 23 Dec 2022 11:02:19 GMT
box-5e66f98b4ee957db209dc6f63e3d59dd.html
vars.hotjar.com/ Frame E836 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2224300.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-53.dus51.r.cloudfront.net
Software
/
Resource Hash
cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://stores.xoxoday.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2584273
cache-control
max-age=31536000
content-encoding
br
content-length
1035
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 13:10:06 GMT
etag
"e0652b84b7b3b650769c759fc520c3f8"
last-modified
Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
via
1.1 656be55f933cf25841b96f9c9070a178.cloudfront.net (CloudFront)
x-amz-cf-id
5PsGTIFpteBXZHpRX7Jf2zOovoGv0BJEpUHudjLWrwW_K57TXGSH-w==
x-amz-cf-pop
DUS51-P2
x-cache
Hit from cloudfront
x-robots-tag
none
pica.js
stores.xoxoday.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 8633 		19 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://stores.xoxoday.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by
Host: stores.xoxoday.com
URL: https://stores.xoxoday.com/protera/xms/?redeem=code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
240144bda9fb58e1d4b4a407fc0748bab6c00ad33fb3429ed49df28355367fa6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 11:01:19 GMT
content-encoding
gzip
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
77e0993f4adc2bb9-FRA
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1222844639&t=pageview&_s=1&dl=https%3A%2F%2Fstores.xoxoday.com%2Fprotera%2Fxms%2F%3Fredeem%3Dcode&ul=en-us&de=UTF-8&dt=Activities%2C%20Tours%2C%20Attractions%2C%20Things%20To%20Do%20in%20Your%20City%20-%20Xoxoday&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAEABAAAAAAAAI~&jid=&gjid=&cid=1663801105.1671793279&tid=UA-137250944-1&_gid=1573249418.1671793279&gtm=2wgbu0TRZ23JQ&z=1049839352
Requested by
Host: stores.xoxoday.com
URL: https://stores.xoxoday.com/protera/xms/?redeem=code
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 02:43:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
29862
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1222844639&t=pageview&_s=1&dl=https%3A%2F%2Fstores.xoxoday.com%2Fprotera%2Fxms%2F%3Fredeem%3Dcode&ul=en-us&de=UTF-8&dt=Activities%2C%20Tours%2C%20Attractions%2C%20Things%20To%20Do%20in%20Your%20City%20-%20Xoxoday&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAEABAAAAAAAAI~&jid=&gjid=&cid=1663801105.1671793279&tid=UA-137250944-1&_gid=1573249418.1671793279&gtm=2wgbu0TRZ23JQ&z=921877625
Requested by
Host: stores.xoxoday.com
URL: https://stores.xoxoday.com/protera/xms/?redeem=code
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 02:43:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
29862
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1222844639&t=pageview&_s=1&dl=https%3A%2F%2Fstores.xoxoday.com%2Fprotera%2Fxms%2F%3Fredeem%3Dcode&ul=en-us&de=UTF-8&dt=Activities%2C%20Tours%2C%20Attractions%2C%20Things%20To%20Do%20in%20Your%20City%20-%20Xoxoday&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAEABAAAAAAAAI~&jid=&gjid=&cid=1663801105.1671793279&tid=UA-137250944-1&_gid=1573249418.1671793279&gtm=2wgbu0TRZ23JQ&z=332027723
Requested by
Host: stores.xoxoday.com
URL: https://stores.xoxoday.com/protera/xms/?redeem=code
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 02:43:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
29862
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
6512810.js
js.hs-analytics.net/analytics/1671793200000/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1671793200000/6512810.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6512810.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:46b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae9c7b01874b611809fbe7671072f16cd8516a8b0a888723977dde652a993676

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 11:01:20 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
VR60E176QJ61CQFF
x-amz-server-side-encryption
AES256
x-amz-id-2
Ckw+PEDRpV4Qh8HbqKSYJINB1xJPKKAf32V3MU9Zy3MD9RXlypLyUiTVCoznc0He9nHq69PNbIY=
last-modified
Thu, 01 Dec 2022 14:23:45 GMT
server
cloudflare
etag
W/"0adc9228f81b35676d95f96f4ea677cd"
vary
origin, Accept-Encoding
content-type
text/javascript
cache-control
max-age=300, public
access-control-allow-credentials
false
cf-ray
77e0993f686a2bd3-FRA
expires
Fri, 23 Dec 2022 11:06:19 GMT
conversations-embed.js
js.usemessages.com/ 		73 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.usemessages.com/conversations-embed.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6512810.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:eecc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
334a6d48dbf977a8fbbfc672583baf269d13c3debeaa377e8c5a9cf292391ae0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 11:01:19 GMT
x-amz-version-id
zFL9ePVKol2FHiQyTIIp8GqFQtgXkdvq
via
1.1 4f3476fc0ed69f4f9209b2ccb91b0050.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-amz-cf-pop
IAD55-P4
age
509
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.11564/bundles/project.js&cfRay=77e08cccabb79a17-IAD
x-cache
Hit from cloudfront
cache-tag
staticjsapp-conversations-embed-web-prod,staticjsapp-prod
x-amz-replication-status
COMPLETED
last-modified
Tue, 13 Dec 2022 07:38:59 UTC
server
cloudflare
etag
W/"3f8937b5e0033972ae4f0d4dcf06cffa"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-hs-cache-status
HIT
cache-control
max-age=600
cf-ray
77e0993f6e9b9b4c-FRA
x-amz-cf-id
mTzW-HHXq5HXPVTgVhbOE2M9Sjqu6KCwQ8n4uxTHQwoJlmdjWNTlng==
x-hs-target-asset
conversations-embed/static-1.11564/bundles/project.js
banner.js
js.hs-banner.com/v2/6512810/ 		202 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/v2/6512810/banner.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6512810.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af1f4799ffff77a39833d40ec80647a280bfe92e912da9be73cd50f550350729

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 11:01:19 GMT
x-amz-version-id
abtPkhJqsXoSw2OzElTvq4GQqh8sx.d6
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
MWX61AQTN5NM8VM3
age
7
x-amz-server-side-encryption
AES256
x-amz-id-2
FuFCxa5OpDoxpMFcIW5YTyHzhkyyqyn5CpsKvmG6BNpPn+frSjOrU8CYeLa/YWmSHYnGAgqn/8g=
last-modified
Thu, 08 Dec 2022 21:42:06 GMT
server
cloudflare
etag
W/"49dc3be0d51ed864eeab870ed37e17e6"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://people.empuls.io
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300, public
access-control-allow-credentials
true
vary
origin, Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
77e0993f6c139be9-FRA
expires
Fri, 23 Dec 2022 11:06:12 GMT
fb.js
js.hsadspixel.net/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsadspixel.net/fb.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6512810.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:72b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
923f82635a75547c368b300c684da5f5f36164446310142d67c520c18d1b8f3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 11:01:19 GMT
x-amz-version-id
uc7chkM909y9_fdLpHcf_jlYEUuyZ4oj
via
1.1 65cdd88e2e6e21b095c2caf59292000c.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-amz-cf-pop
IAD55-P3
age
109
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.303/bundles/pixels-release.js&cfRay=77e096936f772bcf-FRA
x-cache
Hit from cloudfront
cache-tag
staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Dec 2022 06:51:27 UTC
server
cloudflare
etag
W/"cac538694d8cb071669002abe101c1fa"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-hs-cache-status
HIT
cache-control
max-age=600
cf-ray
77e0993f69de2bf8-FRA
x-amz-cf-id
Rzk2x39lrnklay0C0UJL3Y06jzRwY480lTUKTsn8rgmffILn-qWANg==
x-hs-target-asset
adsscriptloaderstatic/static-1.303/bundles/pixels-release.js
2224300
vc.hotjar.io/sessions/ 		0
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/2224300?s=0.25&r=0.2181498816086458
Requested by
Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.153.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-153-111.dus51.r.cloudfront.net
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 11:01:19 GMT
via
1.1 e7b88cadf742e342f39f17392af35c4e.cloudfront.net (CloudFront)
server
Python/3.7 aiohttp/3.5.4
x-amz-cf-pop
DUS51-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-id
2h22Za1kZIaWNMwfLoIrb0mbrobyGKvXA0jUUdZ31NV5xVqq2wfDEg==
json
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 		67 B
839 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=6512810
Requested by
Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:cacc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab66c9e8bce16344875f1ab766acb37d203eb49d5949e36f57e3c03243d2cb4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 11:01:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
cf19df4b-ecef-435b-99f3-cebf380932b4
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
x-trace
2B665E781DFDA96D3F75A49FD7F3F80079AC50C98E000000000000000000
vary
origin, Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://stores.xoxoday.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e8GHtv1%2FcViiIfW%2B0YIiIAD6MkWQdjQPDxZMsF0y4ZkC1cYO63L70OdVbhqRQD6o1Za1x7G57TL6Sg7rdZCmOKJg1c%2Bp09XgMZr3YWMCOjjba6PeFp0bI0JpnLzmcEOK0JIS6SEMb7MXIVEM"}],"group":"cf-nel","max_age":604800}
access-control-max-age
180
access-control-allow-credentials
false
cf-ray
77e0993fdaa29247-FRA
access-control-allow-headers
*
public
api.hubspot.com/livechat-public/v1/message/ 		285 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=6512810&conversations-embed=static-1.11564&mobile=false&messagesUtk=e484bd83c077425989eda8200abedda5&traceId=e484bd83c077425989eda8200abedda5&referrer=https%3A%2F%2Fstores.xoxoday.com%2Fprotera%2Fxms%2F%3Fredeem%3Dcode
Requested by
Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46d1b8c44aa4ed0f3d31b71339d96997f5e58cb559ed3ebc97e53b25ddb0956a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://stores.xoxoday.com/
accept-language
de-DE,de;q=0.9
X-HubSpot-Messages-Uri
https://stores.xoxoday.com/protera/xms/?redeem=code
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 11:01:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
0b023a88-ee8c-481c-8a0c-0d106904bcc1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
225
server
cloudflare
x-trace
2B8B84B9C32072EF3F4445CDE77095EF62A00EB8D4000000000000000000
vary
origin, Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://stores.xoxoday.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VpQAuoPcl%2FcpXXQz0NYWnQv5BcEF05IcpeG%2FneMOq6je7EudwsuHpAB%2Ff6yfLhO2D35ELZFvOo7BkCXg2Rco6lW1CFGxqjQPwz1YUouBWoPH1RlC%2FZ%2Bo5eRqry3NIhFA1Gxr4jyM1RKOCIrgcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials
false
cf-ray
77e09940ee2a9090-FRA
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
public
api.hubspot.com/livechat-public/v1/message/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=6512810&conversations-embed=static-1.11564&mobile=false&messagesUtk=e484bd83c077425989eda8200abedda5&traceId=e484bd83c077425989eda8200abedda5&referrer=https%3A%2F%2Fstores.xoxoday.com%2Fprotera%2Fxms%2F%3Fredeem%3Dcode
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
x-hubspot-messages-uri
Access-Control-Request-Method
GET
Origin
https://stores.xoxoday.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
false
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin
https://stores.xoxoday.com
allow
HEAD,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
77e0993fffd56940-FRA
content-length
18
content-type
text/plain; charset=utf-8
date
Fri, 23 Dec 2022 11:01:20 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CFYGCGTInn01PXRMubj21uwoPM0OLBmq2bJDVz0UKcTkUNdWZFCNOAun%2BTCOkFGMUp%2BFdL72HO2wGN2gmXpPp6f20opt4SShi6m9dCeT%2Fpwv9%2Fata35TEP6AXFu2JkSAo6839Akfu%2BiUKwtaKw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
origin, Accept-Encoding
x-hubspot-correlation-id
71c77bba-0ac5-4d82-ad02-6f91494a6d9a
x-trace
2B31F74AFE7B90FDC5BBCF8C1568DFD5D3AE3C8D5C000000000000000000
16.cc87a20e.chunk.css
stores.xoxoday.com/static/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stores.xoxoday.com/static/css/16.cc87a20e.chunk.css
Requested by
Host: stores.xoxoday.com
URL: https://stores.xoxoday.com/protera/xms/?redeem=code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eebdf06627084c7a30e74731c93276b03d8942becc288bec3a286b482ce2a5e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/protera/xms/?redeem=code
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 11:01:20 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Dec 2022 16:02:18 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
77e099402cbf2bb9-FRA
content-length
1455
expires
0
16.5a2f13a8.chunk.js
stores.xoxoday.com/static/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stores.xoxoday.com/static/js/16.5a2f13a8.chunk.js
Requested by
Host: stores.xoxoday.com
URL: https://stores.xoxoday.com/protera/xms/?redeem=code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7041c162fe552e1e931264fe156e1349debb3507ec4d964932b39556a50ab26

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/protera/xms/?redeem=code
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 11:01:20 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Dec 2022 16:02:18 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
77e099402cc02bb9-FRA
content-length
2652
expires
0
loading.gif
stores.xoxoday.com/img/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stores.xoxoday.com/img/loading.gif
Requested by
Host: stores.xoxoday.com
URL: https://stores.xoxoday.com/static/js/9.64a5f885.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38eab160f6b3a61bd6e97d39782a8692eb9fc7b11338f71f97dff2850d63f1e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/protera/xms/?redeem=code
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 11:01:20 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Dec 2022 15:59:54 GMT
server
cloudflare
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
77e099402cc32bb9-FRA
content-length
10741
expires
0
fetchPlatformSetting
stores.xoxoday.com/chef/api/public/graph/stores/ 		729 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stores.xoxoday.com/chef/api/public/graph/stores/fetchPlatformSetting
Requested by
Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37b43a8947510eaffd6f375c4fe940179ffa4955546c2160dfd19eaa6355df1d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://stores.xoxoday.com/protera/xms/?redeem=code
accept-language
de-DE,de;q=0.9
lng
en
pltfm
4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 23 Dec 2022 11:01:20 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
etag
W/"2d9-am+tz/EGrZaDzCvzrrqiw61TRVE"
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
https://stores.xoxoday.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
xoxo-tracer-id
21534140-82b1-11ed-af87-9353a7e49f07
cf-ray
77e099403cdd2bb9-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, a_t, Set-Cookie, lng, pltfm, hash, csrf, authorization
expires
0
getRoutes
stores.xoxoday.com/chef/api/public/graph/stores/ 		116 B
916 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stores.xoxoday.com/chef/api/public/graph/stores/getRoutes
Requested by
Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6afd405161d1fb8c64a7d65e1e3b5d178eab7bded791823ce349fb691a44df3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://stores.xoxoday.com/protera/xms/?redeem=code
accept-language
de-DE,de;q=0.9
lng
en
pltfm
4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 23 Dec 2022 11:01:20 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
etag
W/"74-7gNVr7ZxHXbI64ljK88yYKS0kfo"
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
https://stores.xoxoday.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
xoxo-tracer-id
21924610-82b1-11ed-b19c-05d1b3b5bc11
cf-ray
77e099403ce02bb9-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, a_t, Set-Cookie, lng, pltfm, hash, csrf, authorization
expires
0
77e09936795b2bb9
stores.xoxoday.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 8633 		2 B
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stores.xoxoday.com/cdn-cgi/challenge-platform/h/g/cv/result/77e09936795b2bb9
Requested by
Host: stores.xoxoday.com
URL: https://stores.xoxoday.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1671782400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 23 Dec 2022 11:01:20 GMT
content-encoding
gzip
server
cloudflare
cf-ray
77e099411eeb2bb9-FRA
content-type
text/plain; charset=UTF-8
js
www.googletagmanager.com/gtag/ 		185 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-867479590
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
950480f6161e6f3fdfe1a0d18fa920c1275f4344fcd4b73622cdab3475ad31a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 11:01:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68789
x-xss-protection
0
last-modified
Fri, 23 Dec 2022 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 23 Dec 2022 11:01:20 GMT
js
www.googletagmanager.com/gtag/ 		185 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-867479590&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRZ23JQ&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
39322119da794b92733d597cce7dbee58aa27fee1aaa921033a85900dee3e364
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 11:01:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68832
x-xss-protection
0
last-modified
Fri, 23 Dec 2022 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 23 Dec 2022 11:01:20 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/867479590/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/867479590/?random=1671793280230&cv=11&fst=1671793280230&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fstores.xoxoday.com%2Fprotera%2Fxms%2F%3Fredeem%3Dcode&ref=https%3A%2F%2Fstores.xoxoday.com%2Fprotera%2Fxms%2F%3Fredeem%3Dcode&tiba=Activities%2C%20Tours%2C%20Attractions%2C%20Things%20To%20Do%20in%20Your%20City%20-%20Xoxoday&did=dZTQ1Zm&gdid=dZTQ1Zm&auid=2120209007.1671793280&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-867479590&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0776b1df2cc427896c5ecab0cfdbfa120d95dc39b2abb56fa0f7ee402c9edc94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 11:01:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
943
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
landing_details
stores.xoxoday.com/chef/api/public/graph/stores/ 		868 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stores.xoxoday.com/chef/api/public/graph/stores/landing_details
Requested by
Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f6a877e2d54d406b6d7e091a7bc0a7b4ebae1143de8e490d9192c224dd45edf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://stores.xoxoday.com/protera/xms/?redeem=code
accept-language
de-DE,de;q=0.9
lng
en
pltfm
4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 23 Dec 2022 11:01:20 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
etag
W/"364-NYCoqsAsDW+0LbyLd9+ER5sPWVA"
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
https://stores.xoxoday.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
xoxo-tracer-id
21739a80-82b1-11ed-af87-9353a7e49f07
cf-ray
77e099418fe12bb9-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, a_t, Set-Cookie, lng, pltfm, hash, csrf, authorization
expires
0
/
www.google.com/pagead/1p-user-list/867479590/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/867479590/?random=1671793280230&cv=11&fst=1671793200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fstores.xoxoday.com%2Fprotera%2Fxms%2F%3Fredeem%3Dcode&ref=https%3A%2F%2Fstores.xoxoday.com%2Fprotera%2Fxms%2F%3Fredeem%3Dcode&tiba=Activities%2C%20Tours%2C%20Attractions%2C%20Things%20To%20Do%20in%20Your%20City%20-%20Xoxoday&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2255117601&rmt_tld=0&ipr=y
Requested by
Host: stores.xoxoday.com
URL: https://stores.xoxoday.com/protera/xms/?redeem=code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 11:01:20 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/867479590/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/867479590/?random=1671793280230&cv=11&fst=1671793200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fstores.xoxoday.com%2Fprotera%2Fxms%2F%3Fredeem%3Dcode&ref=https%3A%2F%2Fstores.xoxoday.com%2Fprotera%2Fxms%2F%3Fredeem%3Dcode&tiba=Activities%2C%20Tours%2C%20Attractions%2C%20Things%20To%20Do%20in%20Your%20City%20-%20Xoxoday&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2255117601&rmt_tld=1&ipr=y
Requested by
Host: stores.xoxoday.com
URL: https://stores.xoxoday.com/protera/xms/?redeem=code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 11:01:20 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
protera-logo-png
xoxoengage-images.s3.amazonaws.com/store/template-logo/company-1110444/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xoxoengage-images.s3.amazonaws.com/store/template-logo/company-1110444/protera-logo-png
Requested by
Host: stores.xoxoday.com
URL: https://stores.xoxoday.com/protera/xms/?redeem=code
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.32.152 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
64c032becf30e370e1e6efd7050ebbfbd18fdebd14fa8554fd01839bc6631fc3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 11:01:22 GMT
x-amz-version-id
rhKblZGD_Q14NkdMR_vQITqUgUs5IaaE
Last-Modified
Mon, 19 Dec 2022 06:09:38 GMT
Server
AmazonS3
x-amz-request-id
77JYV30WTR3BR5ZY
ETag
"e876106cfe70f3a55c80c27570b536f4"
x-amz-server-side-encryption
AES256
Content-Type
application/octet-stream
Accept-Ranges
bytes
Content-Length
6180
x-amz-id-2
8DcsUwbIjKQG1vxlGxOdWGs05Tp5G+dWgKmYlFH+K7ugvIKq0yphpg/LNxAQSAiwahyyUD8GLCw=
campaign-fun.png
res.cloudinary.com/dyyjph6kx/image/upload/v1634648912/store/admin/campaign/ 		304 KB
304 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/dyyjph6kx/image/upload/v1634648912/store/admin/campaign/campaign-fun.png
Requested by
Host: stores.xoxoday.com
URL: https://stores.xoxoday.com/protera/xms/?redeem=code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
89fc9dec14ede24b885fc00756b3943c615f3b9a99d916fc5ecb43bb18b7c985
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 11:01:20 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 19 Oct 2021 13:08:33 GMT
server
Cloudinary
etag
"bdee061748d56da357532cf0cc409b06"
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=2592000
server-timing
fastly;dur=3;cpu=0;start=2022-12-23T11:01:20.462Z;desc=hit,rtt;dur=6
accept-ranges
bytes
timing-allow-origin
*
content-length
311354
plumApi
stores.xoxoday.com/chef/api/public/graph/stores/ 		73 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stores.xoxoday.com/chef/api/public/graph/stores/plumApi
Requested by
Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58bc033876bbbd8421a2c9dffb78d4ec328c25f974e3c481f9553b52aa9b1819
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://stores.xoxoday.com/protera/xms/?redeem=code
accept-language
de-DE,de;q=0.9
lng
en
pltfm
4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 23 Dec 2022 11:01:20 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
etag
W/"49-ebseE/u5twRAO2WHVmimRp36c3s"
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
https://stores.xoxoday.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
xoxo-tracer-id
21b389b0-82b1-11ed-b19c-05d1b3b5bc11
cf-ray
77e09944adee2bb9-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, a_t, Set-Cookie, lng, pltfm, hash, csrf, authorization
expires
0
filter_list
stores.xoxoday.com/chef/api/public/graph/voucher/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stores.xoxoday.com/chef/api/public/graph/voucher/filter_list
Requested by
Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
266d863dc84ab25a6bba0f0212892d75c31773af74d1332c3ff4c6d1e72356df
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://stores.xoxoday.com/protera/xms/?redeem=code
accept-language
de-DE,de;q=0.9
lng
en
pltfm
4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 23 Dec 2022 11:01:21 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
etag
W/"6f4-ZmTZmibEtAgidsIaGt9qxmwSlSE"
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
https://stores.xoxoday.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
xoxo-tracer-id
21bfe5c0-82b1-11ed-af87-9353a7e49f07
cf-ray
77e09944adf12bb9-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, a_t, Set-Cookie, lng, pltfm, hash, csrf, authorization
expires
0
getExperiencesCategoriesList
stores.xoxoday.com/chef/api/public/graph/experience/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stores.xoxoday.com/chef/api/public/graph/experience/getExperiencesCategoriesList
Requested by
Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72f8d8d8b9af1d7ee7708e4477b25358f2b76bac512d634385b47a3545606f99
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://stores.xoxoday.com/protera/xms/?redeem=code
accept-language
de-DE,de;q=0.9
lng
en
pltfm
4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 23 Dec 2022 11:01:20 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
etag
W/"431-NPFLsxTYE0ezE3y51O3ET4f9U+c"
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
https://stores.xoxoday.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
xoxo-tracer-id
21b44d00-82b1-11ed-b19c-05d1b3b5bc11
cf-ray
77e09944adf52bb9-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, a_t, Set-Cookie, lng, pltfm, hash, csrf, authorization
expires
0
filter_list
stores.xoxoday.com/chef/api/public/graph/voucher/ 		190 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stores.xoxoday.com/chef/api/public/graph/voucher/filter_list
Requested by
Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5191b7a2e8c35b71f9528e0e4d0da550530e2eda83d7e0dd82e041438008f4e5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://stores.xoxoday.com/protera/xms/?redeem=code
accept-language
de-DE,de;q=0.9
lng
en
pltfm
4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 23 Dec 2022 11:01:21 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
etag
W/"be-eGIggTyyrBxnNyS91GQ6KXzPTkA"
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
https://stores.xoxoday.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
xoxo-tracer-id
21bf2270-82b1-11ed-af87-9353a7e49f07
cf-ray
77e09944adf92bb9-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, a_t, Set-Cookie, lng, pltfm, hash, csrf, authorization
expires
0
widget.js
xoxoday.freshchat.com/js/ 		59 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xoxoday.freshchat.com/js/widget.js
Requested by
Host: stores.xoxoday.com
URL: https://stores.xoxoday.com/protera/xms/?redeem=code
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.221.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a44946a9dd66b7704.awsglobalaccelerator.com
Software
fwe /
Resource Hash
474ce803d275f036d64fd67302998a48ed0122fac30e5bdcab522478779bad41
Security Headers
Name Value
Content-Security-Policy style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 11:01:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
nel
{ "report_to": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true}
Transfer-Encoding
chunked
x-envoy-upstream-service-time
0
Connection
keep-alive
x-xss-protection
1; mode=block
x-request-id
2a866166-a828-4221-b8d7-e19d35ca157e
x-trace-id
00-a3c261d65ffdab90ea874da7bcf250af-051357d6d1a80bfd-00
served-by
9886
last-modified
Wed, 21 Dec 2022 11:40:40 GMT
server
fwe
report-to
{ "group": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
Content-Type
application/javascript
x-fw-ratelimiting-managed
false
cache-control
max-age=900, must-revalidate
x-server
9886
__ptq.gif
track.hubspot.com/ 		45 B
896 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3792703849&v=1.1&a=6512810&r=https%3A%2F%2Fstores.xoxoday.com%2Fprotera%2Fxms%2F%3Fredeem%3Dcode&pu=https%3A%2F%2Fstores.xoxoday.com%2Fprotera%2Fxms%2F%3Fredeem%3Dcode&t=Activities%2C+Tours%2C+Attractions%2C+Things+To+Do+in+Your+City+-+Xoxoday&cts=1671793281173&vi=f266baa3b7376166ba089451532f12e3&nc=true&u=107587101.f266baa3b7376166ba089451532f12e3.1671793281169.1671793281169.1671793281169.1&b=107587101.1.1671793281170&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 11:01:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
9825b518-9962-41af-9c0b-32c84cf0b62a
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2qNMBZWZ3OMlKXsrMduS6YPAZZfRFNLHYHPMV8ff48sHK%2BV1VyQacqmWhik0e3Kmm3M3CRT42grpjrxlwzaCCZSS0Mmm69LHP3qBsM%2BX4t8qW3NKil%2BEMX6oRSOiq98G4KDi8YJtsKMPNEri43AR"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
77e099477e755b8c-FRA
x-robots-tag
none
usage.gif
usage.trackjs.com/ 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usage.trackjs.com/usage.gif?token=243963c89e634a1dbb45c346bbc856d6&correlationId=7cc8e5fe-5092-4f7c-91c5-1333ff82be6c&application=plum-stores-prod&x=91020c4a-7196-4360-b84a-bc92968c0788&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.69.52.117 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
prd-usage-3.tjsint.net
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 11:01:21 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
xoxoday.freshchat.com/widget/ Frame 52A9 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xoxoday.freshchat.com/widget/?token=effa1b5c-39c9-42a6-8c39-8dd8793d9e3f&referrer=aHR0cHM6Ly9zdG9yZXMueG94b2RheS5jb20=
Requested by
Host: xoxoday.freshchat.com
URL: https://xoxoday.freshchat.com/js/widget.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.221.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a44946a9dd66b7704.awsglobalaccelerator.com
Software
fwe /
Resource Hash
67851a4e986ee7b4d272c943a0c404cdaf37fff23f2ae4be89f505c8f7943bb9
Security Headers
Name Value
Content-Security-Policy style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://stores.xoxoday.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/html
Date
Fri, 23 Dec 2022 11:01:21 GMT
Transfer-Encoding
chunked
cache-control
max-age=900, must-revalidate
content-encoding
gzip
content-security-policy
style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
last-modified
Wed, 21 Dec 2022 11:40:40 GMT
nel
{ "report_to": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true}
report-to
{ "group": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
served-by
4082
server
fwe
strict-transport-security
max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
0
x-fw-ratelimiting-managed
false
x-request-id
f4ea19ed-0d83-48ee-bcef-7f7f64c3052f
x-server
4082
x-trace-id
00-14e9c216ba20cadb1bf4bcc60be2b243-ee70f9bda8379a75-00
x-xss-protection
1; mode=block
widget.css
xoxoday.freshchat.com/widget/css/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xoxoday.freshchat.com/widget/css/widget.css?t=1671793281515
Requested by
Host: xoxoday.freshchat.com
URL: https://xoxoday.freshchat.com/js/widget.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.221.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a44946a9dd66b7704.awsglobalaccelerator.com
Software
fwe /
Resource Hash
02447c2793c5846eabe0ee2721b8f6350bf35c06471e71a0af973306456573cd
Security Headers
Name Value
Content-Security-Policy style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 11:01:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
nel
{ "report_to": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true}
Transfer-Encoding
chunked
x-envoy-upstream-service-time
0
Connection
keep-alive
x-xss-protection
1; mode=block
x-request-id
3b7e454f-8145-47f6-999a-6a20e2d161fc
x-trace-id
00-bd1ebbc78517b35a4b3c225d299c82b4-d28e0713442d3699-00
served-by
9886
last-modified
Wed, 21 Dec 2022 11:40:40 GMT
server
fwe
report-to
{ "group": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
Content-Type
text/css
x-fw-ratelimiting-managed
false
cache-control
max-age=900, must-revalidate
x-server
9886
vendor.d64d219ca4493f67a3970efc52d51c86.css
assetscdn-wchat.freshchat.com/static/assets/ Frame 52A9 		23 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assetscdn-wchat.freshchat.com/static/assets/vendor.d64d219ca4493f67a3970efc52d51c86.css
Requested by
Host: xoxoday.freshchat.com
URL: https://xoxoday.freshchat.com/widget/?token=effa1b5c-39c9-42a6-8c39-8dd8793d9e3f&referrer=aHR0cHM6Ly9zdG9yZXMueG94b2RheS5jb20=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.153.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-153-46.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f2154f49d7d4ed6c74a1ad1dc0e39ef3136fd859059986ed5bcd3050d59867b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xoxoday.freshchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 10:57:25 GMT
content-encoding
br
via
1.1 3b811cf25a4fdc818f7cfcb16b38d622.cloudfront.net (CloudFront)
last-modified
Thu, 27 Oct 2022 11:43:36 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
age
239
x-amz-server-side-encryption
AES256
etag
W/"d64d219ca4493f67a3970efc52d51c86"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000, no-transform, public
x-amz-cf-id
dZQEae4sai-b9MwASyEcmhUdIXLq3iMMfoRHNjIRg0ggntdqtaW-kA==
expires
Thu, 21 Dec 2023 11:40:40 GMT
hotline-web.d41d8cd98f00b204e9800998ecf8427e.css
assetscdn-wchat.freshchat.com/static/assets/ Frame 52A9 		0
419 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assetscdn-wchat.freshchat.com/static/assets/hotline-web.d41d8cd98f00b204e9800998ecf8427e.css
Requested by
Host: xoxoday.freshchat.com
URL: https://xoxoday.freshchat.com/widget/?token=effa1b5c-39c9-42a6-8c39-8dd8793d9e3f&referrer=aHR0cHM6Ly9zdG9yZXMueG94b2RheS5jb20=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.153.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-153-46.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xoxoday.freshchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 10:58:59 GMT
via
1.1 3b811cf25a4fdc818f7cfcb16b38d622.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
age
143
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
0
last-modified
Thu, 27 Oct 2022 11:43:35 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, no-transform, public
accept-ranges
bytes
x-amz-cf-id
74S4Hv5DUWh1bLQgK1bQUYb3itUpEHoJM2eXxY5KiC7VXNj3TAF6vw==
expires
Thu, 21 Dec 2023 11:40:40 GMT
vendor.3474f8e0dcdb6126f26894076afa40d6.js
assetscdn-wchat.freshchat.com/static/assets/ Frame 52A9 		684 KB
194 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assetscdn-wchat.freshchat.com/static/assets/vendor.3474f8e0dcdb6126f26894076afa40d6.js
Requested by
Host: xoxoday.freshchat.com
URL: https://xoxoday.freshchat.com/widget/?token=effa1b5c-39c9-42a6-8c39-8dd8793d9e3f&referrer=aHR0cHM6Ly9zdG9yZXMueG94b2RheS5jb20=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.153.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-153-46.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7eed09a3bda2013de36d0ac2b942f0149ef500ed56701e5bd80d204ecbf758e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xoxoday.freshchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 11:00:58 GMT
content-encoding
gzip
via
1.1 3b811cf25a4fdc818f7cfcb16b38d622.cloudfront.net (CloudFront)
last-modified
Thu, 01 Dec 2022 12:27:59 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
age
34
x-amz-server-side-encryption
AES256
etag
W/"3474f8e0dcdb6126f26894076afa40d6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, no-transform, public
x-amz-cf-id
VWn1UUZ0NGHr6mZ8SazwxrKd6SdWTHMR8Xw_uvaaN7ngx8Smpyoc8w==
expires
Thu, 21 Dec 2023 11:40:40 GMT
3799.js
assetscdn-wchat.freshchat.com/static/assets/ Frame 52A9 		772 KB
178 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assetscdn-wchat.freshchat.com/static/assets/3799.js
Requested by
Host: xoxoday.freshchat.com
URL: https://xoxoday.freshchat.com/widget/?token=effa1b5c-39c9-42a6-8c39-8dd8793d9e3f&referrer=aHR0cHM6Ly9zdG9yZXMueG94b2RheS5jb20=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.153.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-153-46.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0b1182c43d8e2d9ad2bf4d160d19a5f385047c4a0f88b05332140308d458390d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xoxoday.freshchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 11:01:12 GMT
content-encoding
br
via
1.1 3b811cf25a4fdc818f7cfcb16b38d622.cloudfront.net (CloudFront)
last-modified
Thu, 27 Oct 2022 11:43:33 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
age
11
x-amz-server-side-encryption
AES256
etag
W/"8180076189d919f05b9c73b7c659821f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, no-transform, public
x-amz-cf-id
pEYJpjKtLx9JJlNa4nyqXLka5f-nYMKw6jpG33KxCEXzOrDHtD50Hg==
expires
Thu, 21 Dec 2023 11:40:40 GMT
chunk.ff37a77d5e7a46509316.css
assetscdn-wchat.freshchat.com/static/assets/ Frame 52A9 		230 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assetscdn-wchat.freshchat.com/static/assets/chunk.ff37a77d5e7a46509316.css
Requested by
Host: xoxoday.freshchat.com
URL: https://xoxoday.freshchat.com/widget/?token=effa1b5c-39c9-42a6-8c39-8dd8793d9e3f&referrer=aHR0cHM6Ly9zdG9yZXMueG94b2RheS5jb20=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.153.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-153-46.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b830dfd69831341efb1c28493e140070ff22da94884c43ba0fc005e3b0ad1c14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xoxoday.freshchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 10:58:14 GMT
content-encoding
br
via
1.1 3b811cf25a4fdc818f7cfcb16b38d622.cloudfront.net (CloudFront)
last-modified
Wed, 21 Dec 2022 11:40:44 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
age
191
x-amz-server-side-encryption
AES256
etag
W/"48328c3ba7d5bb2d60b2032e61d892d1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000, no-transform, public
x-amz-cf-id
fw6BfRFUid_C17EylbO4YlTd-VL8zPqbnsdlrUMiR27BMJw7JwN_og==
expires
Thu, 21 Dec 2023 11:40:40 GMT
fd-messaging.a9c6e0ca92cb7667d6fc.css
assetscdn-wchat.freshchat.com/static/ Frame 52A9 		230 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assetscdn-wchat.freshchat.com/static/fd-messaging.a9c6e0ca92cb7667d6fc.css
Requested by
Host: xoxoday.freshchat.com
URL: https://xoxoday.freshchat.com/widget/?token=effa1b5c-39c9-42a6-8c39-8dd8793d9e3f&referrer=aHR0cHM6Ly9zdG9yZXMueG94b2RheS5jb20=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.153.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-153-46.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b830dfd69831341efb1c28493e140070ff22da94884c43ba0fc005e3b0ad1c14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xoxoday.freshchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 10:58:14 GMT
content-encoding
br
via
1.1 3b811cf25a4fdc818f7cfcb16b38d622.cloudfront.net (CloudFront)
last-modified
Wed, 21 Dec 2022 11:40:45 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
age
189
x-amz-server-side-encryption
AES256
etag
W/"48328c3ba7d5bb2d60b2032e61d892d1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000, no-transform, public
x-amz-cf-id
DL1qx-w_m1C6pBm9z-ewKLgBlEijs0Auj9_g2mSuzeK57T4EaRCPvA==
expires
Thu, 21 Dec 2023 11:40:40 GMT
fd-messaging.84830542c5b0753e42ad.js
assetscdn-wchat.freshchat.com/static/assets/ Frame 52A9 		700 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.84830542c5b0753e42ad.js
Requested by
Host: xoxoday.freshchat.com
URL: https://xoxoday.freshchat.com/widget/?token=effa1b5c-39c9-42a6-8c39-8dd8793d9e3f&referrer=aHR0cHM6Ly9zdG9yZXMueG94b2RheS5jb20=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.153.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-153-46.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
283edf54323d9da8325bc48dd42c14582903eb6c840963889e205916534af23f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xoxoday.freshchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 10:58:18 GMT
content-encoding
br
via
1.1 3b811cf25a4fdc818f7cfcb16b38d622.cloudfront.net (CloudFront)
last-modified
Wed, 21 Dec 2022 11:40:44 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
age
188
x-amz-server-side-encryption
AES256
etag
W/"ceb72df7c4e778d3bcc1964e7daf7e1e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, no-transform, public
x-amz-cf-id
DWaLXovhBKGfKnK-Rw_emplvlqYGgYHS9NjJuquCeJFYu6I85XpwpA==
expires
Thu, 21 Dec 2023 11:40:40 GMT
rts-min.js
rts-static-prod.freshworksapi.com/us/ Frame 52A9 		81 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rts-static-prod.freshworksapi.com/us/rts-min.js
Requested by
Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.84830542c5b0753e42ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-34.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b44134c882041c32203269160189f2a0a1b12e4e348f74a1f38b94640f7d65ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xoxoday.freshchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
BHs75.bKXbPkSsEMomQcy9Qw2gVgmqdU
content-encoding
gzip
via
1.1 6eb77e673c2aa566dbadbc817458b976.cloudfront.net (CloudFront)
date
Fri, 23 Dec 2022 11:01:20 GMT
last-modified
Thu, 17 Nov 2022 06:29:55 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P2
age
3
x-amz-server-side-encryption
AES256
etag
W/"c4bb02a4c6be31fc499881d3abbbc6be"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
no-cache
x-amz-cf-id
cAMpWm9RZZgdDNHqGmVKIycSojLoTvS12-EKK6AQkAayiA0YnAA1XA==
chunk.9938837881ee5355d084.js
assetscdn-wchat.freshchat.com/static/assets/ Frame 52A9 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assetscdn-wchat.freshchat.com/static/assets/chunk.9938837881ee5355d084.js
Requested by
Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.84830542c5b0753e42ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.153.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-153-46.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
41d31fccc00a2693af835bb3ad029053a8b9b980eaf363de3a84d474a95e4841

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xoxoday.freshchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 10:57:56 GMT
content-encoding
br
via
1.1 3b811cf25a4fdc818f7cfcb16b38d622.cloudfront.net (CloudFront)
last-modified
Thu, 01 Dec 2022 12:27:57 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
age
209
x-amz-server-side-encryption
AES256
etag
W/"daac960ffa002e906acd414b6f246293"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, no-transform, public
x-amz-cf-id
cO_gDpxAQsMpm2zkAFXCGqhT1ZeG3uQG-MZODu7Mw1Bk1oW0THj0qg==
expires
Thu, 21 Dec 2023 11:40:40 GMT
chunk.f0e50d864072128887fc.js
assetscdn-wchat.freshchat.com/static/assets/ Frame 52A9 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assetscdn-wchat.freshchat.com/static/assets/chunk.f0e50d864072128887fc.js
Requested by
Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.84830542c5b0753e42ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.153.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-153-46.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7304d86d7c6c039699667162fe39abeb7d531f7f6acba2619a885d39a59ff6c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xoxoday.freshchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 10:59:43 GMT
content-encoding
gzip
via
1.1 3b811cf25a4fdc818f7cfcb16b38d622.cloudfront.net (CloudFront)
last-modified
Thu, 27 Oct 2022 11:43:35 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
age
126
x-amz-server-side-encryption
AES256
etag
W/"1ae4407b7afcc2dc550f4d597659d448"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, no-transform, public
x-amz-cf-id
432bLu8tkHZ1M5jqiJWDTL5cgUK4Qrq1S95CE0Yu4GbsdyFDmUSSgQ==
expires
Thu, 21 Dec 2023 11:40:40 GMT
config
xoxoday.freshchat.com/app/services/app/webchat/effa1b5c-39c9-42a6-8c39-8dd8793d9e3f/ Frame 52A9 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://xoxoday.freshchat.com/app/services/app/webchat/effa1b5c-39c9-42a6-8c39-8dd8793d9e3f/config?domain=aHR0cHM6Ly9zdG9yZXMueG94b2RheS5jb20
Requested by
Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor.3474f8e0dcdb6126f26894076afa40d6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.221.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a44946a9dd66b7704.awsglobalaccelerator.com
Software
fwe /
Resource Hash
e2b5ccaba6f580d3d0450a3ae2336994b42f4a60428b197b6257a8bc4b500433
Security Headers
Name Value
Content-Security-Policy style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://xoxoday.freshchat.com/widget/?token=effa1b5c-39c9-42a6-8c39-8dd8793d9e3f&referrer=aHR0cHM6Ly9zdG9yZXMueG94b2RheS5jb20=
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 11:01:22 GMT
content-security-policy
style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
nel
{ "report_to": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true}
x-ratelimit-total
3000
Transfer-Encoding
chunked
x-ratelimit-used-currentrequest
1
x-envoy-upstream-service-time
16
Connection
keep-alive
x-xss-protection
1; mode=block
x-request-id
ec8d3352-01b1-4c46-9ca7-fa8e372068d9
x-trace-id
00-65efde8d3c27d4bc429dea310f2179c4-f7be3f9914b35c96-00
server
fwe
vary
accept-encoding
report-to
{ "group": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
Content-Type
application/json;charset=UTF-8
x-fw-ratelimiting-managed
true
cache-control
no-store
access-control-allow-credentials
true
x-server
9886
x-ratelimit-remaining
2999
x-ratelimit-limit
3000
co-browsing.js
xoxoday.freshchat.com/widget/js/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xoxoday.freshchat.com/widget/js/co-browsing.js
Requested by
Host: xoxoday.freshchat.com
URL: https://xoxoday.freshchat.com/js/widget.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.221.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a44946a9dd66b7704.awsglobalaccelerator.com
Software
fwe /
Resource Hash
eb90069bfb802ef63158d8954bb6a025a056b3d084e0c7aae494c7401847e590
Security Headers
Name Value
Content-Security-Policy style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 11:01:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
nel
{ "report_to": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true}
Transfer-Encoding
chunked
x-envoy-upstream-service-time
0
Connection
keep-alive
x-xss-protection
1; mode=block
x-request-id
3fca3a8a-076e-4650-8b70-0819b1e3e775
x-trace-id
00-e1dd5e2528b4bb157406a3a2133a3e4e-e2a8705167f19c98-00
served-by
5323
last-modified
Wed, 21 Dec 2022 11:40:40 GMT
server
fwe
report-to
{ "group": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
Content-Type
application/javascript
x-fw-ratelimiting-managed
false
cache-control
max-age=900, must-revalidate
x-server
5323
notif.da662fefc5060dabf2859ea199198b14.mp3
assetscdn-wchat.freshchat.com/static/assets/ Frame 52A9 		4 KB
5 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://assetscdn-wchat.freshchat.com/static/assets/notif.da662fefc5060dabf2859ea199198b14.mp3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.153.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-153-46.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eb2e3f703cf8ee0156a1d625e053c0968b0dfcff62ea4254ddd8ba9fece3ad32

Request headers

Referer
https://xoxoday.freshchat.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 23 Dec 2022 10:57:25 GMT
via
1.1 3b811cf25a4fdc818f7cfcb16b38d622.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
age
237
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
Content-Range
bytes 0-4301/4302
Content-Length
4302
last-modified
Thu, 27 Oct 2022 11:43:36 GMT
server
AmazonS3
etag
"a529450a7cfb4a60dea41ef294fa90dd"
vary
Accept-Encoding
content-type
audio/mpeg
cache-control
max-age=31536000, no-transform, public
accept-ranges
bytes
x-amz-cf-id
nVjeQJ1cHDpkjrGFQx9XBaRhIALhb5y4UAi2OKODwxiBWrzI6_BxgA==
expires
Thu, 21 Dec 2023 11:40:40 GMT
user
xoxoday.freshchat.com/app/services/app/webchat/effa1b5c-39c9-42a6-8c39-8dd8793d9e3f/ Frame 52A9 		63 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://xoxoday.freshchat.com/app/services/app/webchat/effa1b5c-39c9-42a6-8c39-8dd8793d9e3f/user
Requested by
Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor.3474f8e0dcdb6126f26894076afa40d6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.221.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a44946a9dd66b7704.awsglobalaccelerator.com
Software
fwe /
Resource Hash
02a00e3ef645e0351f654665d42b03388e6a73e0ab4f853c8904faecf322b229
Security Headers
Name Value
Content-Security-Policy style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://xoxoday.freshchat.com/widget/?token=effa1b5c-39c9-42a6-8c39-8dd8793d9e3f&referrer=aHR0cHM6Ly9zdG9yZXMueG94b2RheS5jb20=
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 11:01:22 GMT
content-security-policy
style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
strict-transport-security
max-age=31536000; includeSubDomains
nel
{ "report_to": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true}
x-ratelimit-total
3000
x-ratelimit-used-currentrequest
1
x-envoy-upstream-service-time
4
Connection
keep-alive
Content-Length
63
x-xss-protection
1; mode=block
x-request-id
8826ca34-3e0a-4e59-a192-e2a59c4363bf
x-trace-id
00-46c2350fc18abf38e2345584201527cd-e150f0c9162a83e9-00
server
fwe
x-ratelimit-remaining
2998
report-to
{ "group": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
Content-Type
application/json;charset=UTF-8
x-fw-ratelimiting-managed
true
cache-control
no-store
access-control-allow-credentials
true
x-server
6714
x-ratelimit-limit
3000
cb.css
xoxoday.freshchat.com/widget/css/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xoxoday.freshchat.com/widget/css/cb.css?t=1671793282393
Requested by
Host: xoxoday.freshchat.com
URL: https://xoxoday.freshchat.com/widget/js/co-browsing.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.221.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a44946a9dd66b7704.awsglobalaccelerator.com
Software
fwe /
Resource Hash
8029982e606b01f8d1651a46683c7a90ef2496e73823047c0e73b72e285d593e
Security Headers
Name Value
Content-Security-Policy style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stores.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 11:01:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
nel
{ "report_to": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true}
Transfer-Encoding
chunked
x-envoy-upstream-service-time
0
Connection
keep-alive
x-xss-protection
1; mode=block
x-request-id
5165f6ce-4080-4067-9e5b-c9394074d57a
x-trace-id
00-4ab61523980b0a67bb26ce21899ae76c-09dd0df7a98f4917-00
served-by
2601
last-modified
Wed, 21 Dec 2022 11:40:40 GMT
server
fwe
report-to
{ "group": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
Content-Type
text/css
x-fw-ratelimiting-managed
false
cache-control
max-age=900, must-revalidate
x-server
2601
widget_info_v2
xoxoday.freshchat.com/app/services/app/webchat/effa1b5c-39c9-42a6-8c39-8dd8793d9e3f/ Frame 52A9 		14 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://xoxoday.freshchat.com/app/services/app/webchat/effa1b5c-39c9-42a6-8c39-8dd8793d9e3f/widget_info_v2?locales=en-US,en-US&platform=web
Requested by
Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor.3474f8e0dcdb6126f26894076afa40d6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.221.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a44946a9dd66b7704.awsglobalaccelerator.com
Software
fwe /
Resource Hash
7e7e7a929ccf62f1622526d6e0003cb6d813b7d166c731335bf9055846e7a50b
Security Headers
Name Value
Content-Security-Policy style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://xoxoday.freshchat.com/widget/?token=effa1b5c-39c9-42a6-8c39-8dd8793d9e3f&referrer=aHR0cHM6Ly9zdG9yZXMueG94b2RheS5jb20=
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 11:01:22 GMT
content-security-policy
style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
nel
{ "report_to": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true}
x-ratelimit-total
3000
Transfer-Encoding
chunked
x-ratelimit-used-currentrequest
1
x-envoy-upstream-service-time
0
x-status
HIT
Connection
keep-alive
x-xss-protection
1; mode=block
x-request-id
574d12f2-c97b-431b-9f8a-451a24d03ca3
x-trace-id
00-08a5cfcbe37059df8e3c08cefdd35cd9-2c52a76db2a8aa4c-00
server
fwe
vary
accept-encoding
report-to
{ "group": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
Content-Type
application/json;charset=UTF-8
x-fw-ratelimiting-managed
true
cache-control
no-store
access-control-allow-credentials
true
x-server
4082
x-ratelimit-remaining
2997
x-ratelimit-limit
3000
chunk.ea885ce22996f44406da.js
assetscdn-wchat.freshchat.com/static/assets/ Frame 52A9 		60 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assetscdn-wchat.freshchat.com/static/assets/chunk.ea885ce22996f44406da.js
Requested by
Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.84830542c5b0753e42ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.153.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-153-46.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
724c97af256bf7a8ef68c4be313c9d06532d6005ab5fb48f53f59c0b41e5ea87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xoxoday.freshchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 10:58:53 GMT
content-encoding
br
via
1.1 3b811cf25a4fdc818f7cfcb16b38d622.cloudfront.net (CloudFront)
last-modified
Wed, 14 Dec 2022 10:14:45 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
age
149
x-amz-server-side-encryption
AES256
etag
W/"5bedb812ed74deb8b6847fe7db68efcc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, no-transform, public
x-amz-cf-id
aBL6VHPWiooGnD5M0pkvsPPTn2siBWFRVsWlf4HKT2uEDiPLldjDiQ==
expires
Thu, 21 Dec 2023 11:40:40 GMT
chunk.4cee196d7578eb157bf3.js
assetscdn-wchat.freshchat.com/static/assets/ Frame 52A9 		267 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assetscdn-wchat.freshchat.com/static/assets/chunk.4cee196d7578eb157bf3.js
Requested by
Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.84830542c5b0753e42ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.153.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-153-46.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5afc5660312c750c597085e70eecabf5fd150e67c0c4b488c5bd8741250d8208

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xoxoday.freshchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 10:56:51 GMT
content-encoding
br
via
1.1 3b811cf25a4fdc818f7cfcb16b38d622.cloudfront.net (CloudFront)
last-modified
Wed, 21 Dec 2022 11:40:43 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
age
274
x-amz-server-side-encryption
AES256
etag
W/"3a1322b3affecc740a6ed5d68d796c8d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, no-transform, public
x-amz-cf-id
aj-cuzLsJhadIgJ8ve1wcQX5oMvRPCjVCM4wfV6SXV6HO2fNNiyFZg==
expires
Thu, 21 Dec 2023 11:40:40 GMT
activity
xoxoday.freshchat.com/app/services/app/webchat/effa1b5c-39c9-42a6-8c39-8dd8793d9e3f/user/3a9c77bc-1e27-4f4b-8718-e11117403007/ Frame 52A9 		17 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://xoxoday.freshchat.com/app/services/app/webchat/effa1b5c-39c9-42a6-8c39-8dd8793d9e3f/user/3a9c77bc-1e27-4f4b-8718-e11117403007/activity
Requested by
Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/3799.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.221.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a44946a9dd66b7704.awsglobalaccelerator.com
Software
fwe /
Resource Hash
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
Security Headers
Name Value
Content-Security-Policy style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xoxoday.freshchat.com/widget/?token=effa1b5c-39c9-42a6-8c39-8dd8793d9e3f&referrer=aHR0cHM6Ly9zdG9yZXMueG94b2RheS5jb20=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 11:01:22 GMT
content-security-policy
style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
strict-transport-security
max-age=31536000; includeSubDomains
nel
{ "report_to": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true}
x-ratelimit-total
3000
x-ratelimit-used-currentrequest
1
x-envoy-upstream-service-time
3
Connection
keep-alive
Content-Length
17
x-xss-protection
1; mode=block
x-request-id
4bb3d904-eb72-46c5-9882-e5a81ec91a6e
x-trace-id
00-023be335254562e3408d93364fcb81a8-ab1ce553ecf72b4b-00
server
fwe
x-ratelimit-remaining
2996
report-to
{ "group": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
Content-Type
application/json;charset=UTF-8
x-fw-ratelimiting-managed
true
cache-control
no-store
access-control-allow-credentials
true
x-server
5323
x-ratelimit-limit
3000
index.html
xoxoday.webpush.freshchat.com/ Frame 809E 		30 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xoxoday.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly9zdG9yZXMueG94b2RheS5jb20=
Requested by
Host: xoxoday.freshchat.com
URL: https://xoxoday.freshchat.com/js/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-108.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
05a530dd5d40bf5dbef4e3d5ed6976e9aec1baf49a20be30e07b1608918e3bc3

Request headers

Referer
https://stores.xoxoday.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Fri, 23 Dec 2022 11:01:23 GMT
etag
W/"4d98f93ebe4eb8cedbbfdb3004920aeb"
last-modified
Fri, 25 Oct 2019 06:53:38 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 ed18d8ae19db26837eda53bbf8f03c08.cloudfront.net (CloudFront)
x-amz-cf-id
dZ9XKpj87rJLBEK9ObAxS_RCvyE5vMu4rwJcZV0sJDvY-RlVVlXViA==
x-amz-cf-pop
DUS51-P1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
category
xoxoday.freshchat.com/app/services/app/webchat/effa1b5c-39c9-42a6-8c39-8dd8793d9e3f/faq/ Frame 52A9 		209 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://xoxoday.freshchat.com/app/services/app/webchat/effa1b5c-39c9-42a6-8c39-8dd8793d9e3f/faq/category?platform=web&locales=en-US%2Cen-US&since=&lastLocaleId=
Requested by
Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor.3474f8e0dcdb6126f26894076afa40d6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.221.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a44946a9dd66b7704.awsglobalaccelerator.com
Software
fwe /
Resource Hash
485104e9ce286abbaada00140c69eaa894a0089a1c1f35aaca9e732a6a08a643
Security Headers
Name Value
Content-Security-Policy style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://xoxoday.freshchat.com/widget/?token=effa1b5c-39c9-42a6-8c39-8dd8793d9e3f&referrer=aHR0cHM6Ly9zdG9yZXMueG94b2RheS5jb20=
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 11:01:22 GMT
content-security-policy
style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
strict-transport-security
max-age=31536000; includeSubDomains
nel
{ "report_to": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true}
x-ratelimit-total
3000
x-ratelimit-used-currentrequest
1
x-envoy-upstream-service-time
8
Connection
keep-alive
Content-Length
209
x-xss-protection
1; mode=block
x-request-id
2c8a97bf-9f00-9887-bd0a-09b325f110ea
x-trace-id
00-ef348b3346cdbbdb94d4111745d9ab9e-91a4b5b094275f61-01
server
fwe
x-ratelimit-remaining
2995
report-to
{ "group": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
Content-Type
application/json;charset=UTF-8
x-fw-ratelimiting-managed
true
cache-control
no-store
access-control-allow-credentials
true
x-server
5323
x-ratelimit-limit
3000
8627.css
assetscdn-wchat.freshchat.com/static/assets/ Frame 52A9 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assetscdn-wchat.freshchat.com/static/assets/8627.css
Requested by
Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.84830542c5b0753e42ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.153.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-153-46.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
93ac8e22ef8a241ddd954362cc979528693e4b7732dc5de26154d9bbf60011fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xoxoday.freshchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 10:59:16 GMT
content-encoding
br
via
1.1 3b811cf25a4fdc818f7cfcb16b38d622.cloudfront.net (CloudFront)
last-modified
Thu, 27 Oct 2022 11:43:33 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
age
129
x-amz-server-side-encryption
AES256
etag
W/"20f054b8b45ccd177447feada77d0895"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000, no-transform, public
x-amz-cf-id
6LaklsndIPSlsaSn7Pr47rOiaDLsMyC89_V4CTIJry7nH76gXllLog==
expires
Thu, 21 Dec 2023 11:40:40 GMT
chunk.628a675083b43474a40b.js
assetscdn-wchat.freshchat.com/static/assets/ Frame 52A9 		137 B
586 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assetscdn-wchat.freshchat.com/static/assets/chunk.628a675083b43474a40b.js
Requested by
Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.84830542c5b0753e42ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.153.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-153-46.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
49c3013edf1418bbf91a918d399e49717da0543a72c2c7a9e6964063dd94dea8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xoxoday.freshchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 11:00:51 GMT
via
1.1 3b811cf25a4fdc818f7cfcb16b38d622.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
age
32
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
137
last-modified
Thu, 27 Oct 2022 11:43:34 GMT
server
AmazonS3
etag
"09f1bb696676dad184d04bb7b3602926"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, no-transform, public
accept-ranges
bytes
x-amz-cf-id
ywbI0uhrJO9eA2sNI7xbMN0gm36CSUhWkNQfRcNEf6I52Q5vUWpC1A==
expires
Thu, 21 Dec 2023 11:40:40 GMT
chunk.11d90f755164bc5505e0.js
assetscdn-wchat.freshchat.com/static/assets/ Frame 52A9 		48 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assetscdn-wchat.freshchat.com/static/assets/chunk.11d90f755164bc5505e0.js
Requested by
Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.84830542c5b0753e42ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.153.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-153-46.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
88d243f25253d432a1c21a5a8baa8c9252c0f2a5586543b7935d2ee9fbe39d50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xoxoday.freshchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 10:58:21 GMT
content-encoding
br
via
1.1 3b811cf25a4fdc818f7cfcb16b38d622.cloudfront.net (CloudFront)
last-modified
Thu, 27 Oct 2022 11:43:33 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
age
184
x-amz-server-side-encryption
AES256
etag
W/"123f4c9f2c2093fb886435e7016642c1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, no-transform, public
x-amz-cf-id
Fja6XuIfYPJXmtsFCZEBmYKNuwa_sSRijIQECAdTbwVLzVQi5y8pBQ==
expires
Thu, 21 Dec 2023 11:40:40 GMT
f7f54f4b-47fa-4515-b6dd-7bdfdf50786a
https://xoxoday.freshchat.com/ Frame 52A9 		152 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://xoxoday.freshchat.com/f7f54f4b-47fa-4515-b6dd-7bdfdf50786a
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a3d08747462129e4b1e6756b57c9f24cc8dd7a6ad095cc416f5dbd52aaa5f7b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length
152
img_1595240491311.png
fc-use1-00-pics-bkt-00.s3.amazonaws.com/fc57000c8b5de41db57f444c8e57d034849d8f4ed0ff2ea509cf3af9aff8f49f/f_marketingpicFull/u_96a62193e5f2e65a8d829ca58ac8168452ea70873323ac823a1dd62e61886140/ Frame 52A9 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fc-use1-00-pics-bkt-00.s3.amazonaws.com/fc57000c8b5de41db57f444c8e57d034849d8f4ed0ff2ea509cf3af9aff8f49f/f_marketingpicFull/u_96a62193e5f2e65a8d829ca58ac8168452ea70873323ac823a1dd62e61886140/img_1595240491311.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.204.27 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
260c2d7ea231487b2b629b664ad50c88cab29f7d39a6e10417367a4ccc51f877

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xoxoday.freshchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 11:01:23 GMT
x-amz-version-id
null
Last-Modified
Mon, 20 Jul 2020 10:21:32 GMT
Server
AmazonS3
x-amz-request-id
ZB2XFFB5DMX0SKZ6
ETag
"ce3150ef213ecce9640244f7e8bef1b4"
x-amz-server-side-encryption
AES256
Content-Type
image/png
x-amz-storage-class
REDUCED_REDUNDANCY
Accept-Ranges
bytes
Content-Length
22495
x-amz-id-2
9U1x/7YRa/L8piFNlbkzs0543j9NEp6ni+YkbFndBWMlVjjJgTUgBmwxRaRx/2//5T6eEiSIHXw=
fc_logo.png
xoxoday.webpush.freshchat.com/ Frame 809E 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xoxoday.webpush.freshchat.com/fc_logo.png
Requested by
Host: xoxoday.webpush.freshchat.com
URL: https://xoxoday.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly9zdG9yZXMueG94b2RheS5jb20=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-108.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a963621b4341552ca61590aa02e93b70f189e8050a105c32c0197c3c34b2d114

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xoxoday.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly9zdG9yZXMueG94b2RheS5jb20=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 16:32:55 GMT
via
1.1 ed18d8ae19db26837eda53bbf8f03c08.cloudfront.net (CloudFront)
last-modified
Thu, 08 Feb 2018 07:54:41 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
66509
etag
"e87df9f10dcf497ae292dc234200465c"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
3777
x-amz-cf-id
K_Xi95T0_OuQ0ITQrSthYeeAHqLG4zMGfAqbMEMQkwRdifMhoks8nA==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
stores.xoxoday.com
URL
https://stores.xoxoday.com/chef/api/public/graph/stores/url_preferences
Domain
usage.trackjs.com
URL
https://usage.trackjs.com/usage.gif?token=243963c89e634a1dbb45c346bbc856d6&correlationId=a1eb9d0f-2c89-4deb-9443-e54977f3683f&application=plum-stores-prod&x=1b9148ac-9393-401c-aafa-45bf2de5f132&
Domain
js.hs-analytics.net
URL
https://js.hs-analytics.net/analytics/1671793200000/6512810.js
Domain
js.usemessages.com
URL
https://js.usemessages.com/conversations-embed.js
Domain
js.hs-banner.com
URL
https://js.hs-banner.com/v2/6512810/banner.js
Domain
js.hsadspixel.net
URL
https://js.hsadspixel.net/fb.js
Domain
stats.g.doubleclick.net
URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-137250944-1&cid=1663801105.1671793279&jid=1537581618&gjid=475882662&_gid=1573249418.1671793279&_u=YEBAAEAAAAAAACAAI~&z=1669638756

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| oncontentvisibilityautostatechange object| trackJs object| TrackJS function| hj object| _hjSettings object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| Weglot object| webpackJsonpreact-app object| DD_LOGS function| setImmediate function| clearImmediate object| regeneratorRuntime object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| initFreshChat function| initialize function| initiateCall object| gaplugins object| gaGlobal object| gaData object| _hsp boolean| PIXELS_RAN object| _hsq boolean| _hspb_loaded boolean| _hspb_ran boolean| hubspot_live_messages_running object| HubSpotConversations object| _paq function| sanitizeKey boolean| _hstc_loaded object| _enabledEventSettings object| GooglebQhCsO boolean| _hstc_ran string| __hsUserToken number| expireDateTime object| fcWidget object| fc_cobrowse object| _fc_cbtemplate

23 Cookies

Domain/Path Name / Value
shared.outlook.inky.com/ Name: AWSALB
Value: x42xLqMj7nh6NYuobstLr9vJn5Aiv9zoDD50SrmO2bmm2kJh7zuRwwMCAMQGDYKeR9Dz/Y7aYK9xD8VtMbCYUT7I+sHQAM6Xl5Vil+vjEIKUfmnwBXl8gV5djDO/
shared.outlook.inky.com/ Name: AWSALBCORS
Value: x42xLqMj7nh6NYuobstLr9vJn5Aiv9zoDD50SrmO2bmm2kJh7zuRwwMCAMQGDYKeR9Dz/Y7aYK9xD8VtMbCYUT7I+sHQAM6Xl5Vil+vjEIKUfmnwBXl8gV5djDO/
.stores.xoxoday.com/ Name: pltfm
Value: 4
.xoxoday.com/ Name: _ga
Value: GA1.2.1663801105.1671793279
.xoxoday.com/ Name: _gid
Value: GA1.2.1573249418.1671793279
.xoxoday.com/ Name: _gat_UA-137250944-1
Value: 1
.xoxoday.com/ Name: _hjSessionUser_2224300
Value: eyJpZCI6ImYzZmM2NGEzLTg1M2MtNWM4MC1hYTBmLTc3ZDkwNTMxMTYwYSIsImNyZWF0ZWQiOjE2NzE3OTMyNzg4NDUsImV4aXN0aW5nIjpmYWxzZX0=
.xoxoday.com/ Name: _hjFirstSeen
Value: 1
stores.xoxoday.com/ Name: _hjIncludedInSessionSample
Value: 0
.xoxoday.com/ Name: _hjSession_2224300
Value: eyJpZCI6IjE3ZDZkZDgzLTE2NTktNGQ5YS1iNTZhLTExOWQwYTg2NzE0ZSIsImNyZWF0ZWQiOjE2NzE3OTMyNzk5MjksImluU2FtcGxlIjpmYWxzZX0=
.xoxoday.com/ Name: _hjAbsoluteSessionInProgress
Value: 1
.xoxoday.com/ Name: __cf_bm
Value: ZzYSiMb8C4YfLLieJUqD3Zv3Lwde6g67X48OQzwWNiA-1671793280-0-AakJRVJjaktJkzVgSVqULelB3ifph2nt1cHe39K3wmd0pM5WsfcJ4DCIpzxmceQqcREtmPnnTyxW88kTUp/0rIbZSK9poGuL6pDir8DN5Kob3Gk+9oAsHVcj5dPWyb0bi+COodQO7huCC9IotzbTEKzi1xjynZgHevReaothy7b9NtDaBJQVwgsmMKxnYQnQkg==
.xoxoday.com/ Name: _gcl_au
Value: 1.1.2120209007.1671793280
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
stores.xoxoday.com/ Name: AWSALBCORS
Value: jAKYUvzPfjev+V84a/DGSkSOfjyjAprOXcrBsUzqprsTudDLuur6Pwyqb91VoZ86ohQgy0n2XJsaXQIU6Qs1SmGJaPRBXj5k2Ppf0DsoftJb6pJ/j5gMtnd7IxLe
stores.xoxoday.com/ Name: AWSALB
Value: fEt02kBUIeaCgQjrddu69Z8rzNKugJjktwgzgieyTRzhVrPh3FRuQXYHadbSLrtVqVn7noIc+ArG6tuhfq+0R3s6SJ5hnBfR7q4at7J/EMhRR2SEqvGwUyGM5wCx
.xoxoday.com/ Name: __hstc
Value: 107587101.f266baa3b7376166ba089451532f12e3.1671793281169.1671793281169.1671793281169.1
.xoxoday.com/ Name: hubspotutk
Value: f266baa3b7376166ba089451532f12e3
.xoxoday.com/ Name: __hssrc
Value: 1
.xoxoday.com/ Name: __hssc
Value: 107587101.1.1671793281170
.hubspot.com/ Name: __cf_bm
Value: bVzDAZdZhS2XQw_a8DKmtRXzS.VEuNHEYNgrQwSIuMI-1671793281-0-AXcRIxNsASyXTsHprQsq3BQaF3QfSRuOvZ+8aCHco1sgvCtwuOg+R401RMQpUgB/Kls9jvDbIgoeopv6jODACrc=
.stores.xoxoday.com/ Name: _fw_crm_v
Value: 9fc29338-e759-4622-e1ea-4317afaac92e
stores.xoxoday.com/ Name: _dd_s
Value: logs=1&id=07f6824e-48ae-4afd-affd-458447c00042&created=1671793278062&expire=1671794178930

478 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 8)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 8)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 8)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 8)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error URL: https://stores.xoxoday.com/protera/xms/?redeem=code
Message:
[Report Only] Refused to load the script 'https://cdn.trackjs.com/agent/v3/latest/t.js' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://stores.xoxoday.com/protera/xms/?redeem=code(Line 1)
Message:
[Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'none'". Either the 'unsafe-inline' keyword, a hash ('sha256-f1gFkZEY+03lO5KPgRxBqFtaqjNHZsDeVwniuBYR71k='), or a nonce ('nonce-...') is required to enable inline execution.
security error URL: https://stores.xoxoday.com/protera/xms/?redeem=code(Line 1)
Message:
[Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'none'". Either the 'unsafe-inline' keyword, a hash ('sha256-dfYQe3ba4Wjtb4yXSvlxKT0At9VOicWjDgEDYSVCXXw='), or a nonce ('nonce-...') is required to enable inline execution.
security error URL: https://stores.xoxoday.com/protera/xms/?redeem=code(Line 1)
Message:
[Report Only] Refused to load the script 'https://static.hotjar.com/c/hotjar-2224300.js?sv=6' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://stores.xoxoday.com/protera/xms/?redeem=code
Message:
[Report Only] Refused to load the script 'https://cdn.weglot.com/weglot.min.js' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://static.hotjar.com/c/hotjar-2224300.js?sv=6(Line 2)
Message:
[Report Only] Refused to load the script 'https://script.hotjar.com/modules.352fddba5b21bbfc3a08.js' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 8)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 8)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 8)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 8)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error URL: https://stores.xoxoday.com/protera/xms/?redeem=code(Line 1)
Message:
[Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'none'". Either the 'unsafe-inline' keyword, a hash ('sha256-UsQPOJPk0z3Y2s5sVdJ0iNRYYuDPyoTzOrLxcX70cq4='), or a nonce ('nonce-...') is required to enable inline execution.
security error URL: https://cdn.trackjs.com/agent/v3/latest/t.js(Line 22)
Message:
[Report Only] Refused to connect to 'https://cdn.weglot.com/projects-settings/fae9f07765496a53dbbaf34855be5d376.json' because it violates the following Content Security Policy directive: "connect-src 'none'".
security error URL: https://cdn.trackjs.com/agent/v3/latest/t.js(Line 22)
Message:
[Report Only] Refused to connect to 'https://cdn.weglot.com/projects-settings/fae9f07765496a53dbbaf34855be5d376.json' because it violates the following Content Security Policy directive: "connect-src 'none'".
security error URL: https://stores.xoxoday.com/protera/xms/?redeem=code(Line 1)
Message:
[Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'none'". Either the 'unsafe-inline' keyword, a hash ('sha256-kBbWTRPFuk0cuEBhhJtB2LkXIMjm4kd2Iw594JnCvio='), or a nonce ('nonce-...') is required to enable inline execution.
security error URL: https://stores.xoxoday.com/protera/xms/?redeem=code
Message:
[Report Only] Refused to load the script 'https://stores.xoxoday.com/static/js/9.64a5f885.chunk.js' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://cdn.weglot.com/weglot.min.js
Message:
[Report Only] Refused to load the script 'https://www.datadoghq-browser-agent.com/datadog-logs-v4.js' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://stores.xoxoday.com/protera/xms/?redeem=code
Message:
[Report Only] Refused to load the script 'https://stores.xoxoday.com/static/js/main.184944a1.chunk.js' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://stores.xoxoday.com/static/js/9.64a5f885.chunk.js(Line 1)
Message:
[Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'none'". Either the 'unsafe-inline' keyword, a hash ('sha256-QTP3PD4B6zmW7dsrNUMV6eXgu+9aB/nTYo7Vbb4KKMU='), or a nonce ('nonce-...') is required to enable inline execution.
security error (Line 5)
Message:
[Report Only] Refused to load the script 'https://www.googletagmanager.com/gtm.js?id=GTM-TRZ23JQ&gtm_auth=&gtm_preview=&gtm_cookies_win=x' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://cdn.trackjs.com/agent/v3/latest/t.js(Line 24)
Message:
[Report Only] Refused to connect to 'https://stores.xoxoday.com/chef/api/public/graph/stores/url_preferences' because it violates the following Content Security Policy directive: "connect-src 'none'".
security error URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRZ23JQ&gtm_auth=&gtm_preview=&gtm_cookies_win=x(Line 293)
Message:
[Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'none'". Either the 'unsafe-inline' keyword, a hash ('sha256-mQ60lWNiD5ibIWtb4YO3IsClgT6j87hn31CdtU0Bcag='), or a nonce ('nonce-...') is required to enable inline execution.
security error
Message:
[Report Only] Refused to load the script 'https://static.hotjar.com/c/hotjar-2913748.js?sv=6' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRZ23JQ&gtm_auth=&gtm_preview=&gtm_cookies_win=x(Line 2)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRZ23JQ&gtm_auth=&gtm_preview=&gtm_cookies_win=x(Line 2)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRZ23JQ&gtm_auth=&gtm_preview=&gtm_cookies_win=x(Line 39)
Message:
[Report Only] Refused to load the script 'https://www.google-analytics.com/analytics.js' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRZ23JQ&gtm_auth=&gtm_preview=&gtm_cookies_win=x(Line 293)
Message:
[Report Only] Refused to load the script 'https://js.hs-scripts.com/6512810.js' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRZ23JQ&gtm_auth=&gtm_preview=&gtm_cookies_win=x(Line 293)
Message:
[Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'none'". Either the 'unsafe-inline' keyword, a hash ('sha256-kCMl6TWs909NPLl+Qlu/DiNk41qlue9hxn9mHny4Lm8='), or a nonce ('nonce-...') is required to enable inline execution.
security error URL: https://cdn.trackjs.com/agent/v3/latest/t.js(Line 24)
Message:
[Report Only] Refused to connect to 'https://www.google-analytics.com/j/collect?v=1&_v=j98&a=352431704&t=pageview&_s=1&dl=https%3A%2F%2Fstores.xoxoday.com%2Fprotera%2Fxms%2F%3Fredeem%3Dcode&ul=en-us&de=UTF-8&dt=Activities%2C%20Tours%2C%20Attractions%2C%20Things%20To%20Do%20in%20Your%20City%20-%20Xoxoday&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1537581618&gjid=475882662&cid=1663801105.1671793279&tid=UA-137250944-1&_gid=1573249418.1671793279&_r=1&gtm=2wgbu0TRZ23JQ&z=1824101502' because it violates the following Content Security Policy directive: "connect-src 'none'".
security error URL: https://js.hs-scripts.com/6512810.js
Message:
[Report Only] Refused to load the script 'https://js.hs-analytics.net/analytics/1671793200000/6512810.js' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://js.hs-scripts.com/6512810.js
Message:
[Report Only] Refused to load the script 'https://js.usemessages.com/conversations-embed.js' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://js.hs-scripts.com/6512810.js
Message:
[Report Only] Refused to load the script 'https://js.hs-banner.com/v2/6512810/banner.js' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://js.hs-scripts.com/6512810.js
Message:
[Report Only] Refused to load the script 'https://js.hsadspixel.net/fb.js' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://cdn.trackjs.com/agent/v3/latest/t.js(Line 24)
Message:
[Report Only] Refused to connect to 'https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-137250944-1&cid=1663801105.1671793279&jid=1537581618&gjid=475882662&_gid=1573249418.1671793279&_u=YEBAAEAAAAAAACAAI~&z=1669638756' because it violates the following Content Security Policy directive: "connect-src 'none'".
security warning URL: https://stores.xoxoday.com/protera/xms/?redeem=code
Message:
Mixed Content: The page at 'https://stores.xoxoday.com/protera/xms/?redeem=code' was loaded over HTTPS, but requested an insecure element 'http://xoxoengage-images.s3.amazonaws.com/store/template-logo/company-1110444/protera-logo-png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubapi.com
api.hubspot.com
assetscdn-wchat.freshchat.com
cdn.trackjs.com
cdn.weglot.com
fc-use1-00-pics-bkt-00.s3.amazonaws.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.usemessages.com
res.cloudinary.com
rts-static-prod.freshworksapi.com
script.hotjar.com
shared.outlook.inky.com
stackpath.bootstrapcdn.com
static.hotjar.com
stats.g.doubleclick.net
stores.xoxoday.com
track.hubspot.com
usage.trackjs.com
vars.hotjar.com
vc.hotjar.io
www.datadoghq-browser-agent.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
xoxoday.freshchat.com
xoxoday.webpush.freshchat.com
xoxoengage-images.s3.amazonaws.com
js.hs-analytics.net
js.hs-banner.com
js.hsadspixel.net
js.usemessages.com
stats.g.doubleclick.net
stores.xoxoday.com
usage.trackjs.com
108.157.4.113
108.157.4.34
108.157.4.45
108.157.4.53
13.226.153.111
13.226.153.46
13.248.221.98
151.139.128.10
158.69.52.117
18.66.248.108
18.66.248.223
2001:4860:4802:36::178
2600:9000:2182:a600:1:28b3:b280:93a1
2606:4700:4400::ac40:9a55
2606:4700::6811:46b0
2606:4700::6811:72b0
2606:4700::6811:cacc
2606:4700::6811:d3cc
2606:4700::6811:eecc
2606:4700::6812:1f13
2606:4700::6812:bcf
2606:4700::6813:9a53
2606:4700::6813:9b53
2a00:1450:4001:806::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::200a
2a00:1450:4001:831::2008
2a00:1450:400d:803::2003
2a04:4e42:200::393
44.236.18.40
52.216.204.27
52.219.32.152
02447c2793c5846eabe0ee2721b8f6350bf35c06471e71a0af973306456573cd
02a00e3ef645e0351f654665d42b03388e6a73e0ab4f853c8904faecf322b229
05a530dd5d40bf5dbef4e3d5ed6976e9aec1baf49a20be30e07b1608918e3bc3
0776b1df2cc427896c5ecab0cfdbfa120d95dc39b2abb56fa0f7ee402c9edc94
0b1182c43d8e2d9ad2bf4d160d19a5f385047c4a0f88b05332140308d458390d
13de9554a364a3a25a8d7b18551d3697f354651582a85c017a8307b2fa63ec75
21830cfed5ff5d0a4930b9d487ca0b40e512855c66a1e1f205d72d743a34775c
240144bda9fb58e1d4b4a407fc0748bab6c00ad33fb3429ed49df28355367fa6
260c2d7ea231487b2b629b664ad50c88cab29f7d39a6e10417367a4ccc51f877
266d863dc84ab25a6bba0f0212892d75c31773af74d1332c3ff4c6d1e72356df
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
283edf54323d9da8325bc48dd42c14582903eb6c840963889e205916534af23f
2fe026c09ca9554cbfb0b5885666c48333f643bf8b2314b29e1267363184d56f
334a6d48dbf977a8fbbfc672583baf269d13c3debeaa377e8c5a9cf292391ae0
37b43a8947510eaffd6f375c4fe940179ffa4955546c2160dfd19eaa6355df1d
38eab160f6b3a61bd6e97d39782a8692eb9fc7b11338f71f97dff2850d63f1e3
39322119da794b92733d597cce7dbee58aa27fee1aaa921033a85900dee3e364
41d31fccc00a2693af835bb3ad029053a8b9b980eaf363de3a84d474a95e4841
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
46d1b8c44aa4ed0f3d31b71339d96997f5e58cb559ed3ebc97e53b25ddb0956a
474ce803d275f036d64fd67302998a48ed0122fac30e5bdcab522478779bad41
485104e9ce286abbaada00140c69eaa894a0089a1c1f35aaca9e732a6a08a643
49c3013edf1418bbf91a918d399e49717da0543a72c2c7a9e6964063dd94dea8
5191b7a2e8c35b71f9528e0e4d0da550530e2eda83d7e0dd82e041438008f4e5
58bc033876bbbd8421a2c9dffb78d4ec328c25f974e3c481f9553b52aa9b1819
58e8839726a535705fa9298444c3ef8d90db7178643f046aa68cf630c547db65
5a2d2febc39b73e1801053767b363960de3a2b2212952d16599d1fd8290af054
5afc5660312c750c597085e70eecabf5fd150e67c0c4b488c5bd8741250d8208
5e2d6a1925ec8cdf8ed3cce014971ac229b594971abcfbfe6832dfed9e20cad6
5f6a877e2d54d406b6d7e091a7bc0a7b4ebae1143de8e490d9192c224dd45edf
63f4595be785dd323aa2ad4cf0fc80bd1445da8e9d8f380e76efe75d357e9883
64c032becf30e370e1e6efd7050ebbfbd18fdebd14fa8554fd01839bc6631fc3
67851a4e986ee7b4d272c943a0c404cdaf37fff23f2ae4be89f505c8f7943bb9
67bdc30246ac58892847f14b491de2e1f35e674c8b32ae4b4b3f3193b7d5b505
6c8b822ba2fa788a754e0a94055060c9c897dfb29538d92e04fd3f83d407bcb7
724c97af256bf7a8ef68c4be313c9d06532d6005ab5fb48f53f59c0b41e5ea87
72f8d8d8b9af1d7ee7708e4477b25358f2b76bac512d634385b47a3545606f99
7304d86d7c6c039699667162fe39abeb7d531f7f6acba2619a885d39a59ff6c5
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b116ac42dfa848b8cbeff07cae0cc208a898111a7191ab266b4f0241683671a
7e7e7a929ccf62f1622526d6e0003cb6d813b7d166c731335bf9055846e7a50b
7eed09a3bda2013de36d0ac2b942f0149ef500ed56701e5bd80d204ecbf758e4
8029982e606b01f8d1651a46683c7a90ef2496e73823047c0e73b72e285d593e
82faa85bd8976d988ef33bba580cfc4f06ae4329ff8a63033fb1068ac5dff41e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87c801524012c878318b0f79469ff28659a9da0c847b7c0aa1428df38028463e
88d243f25253d432a1c21a5a8baa8c9252c0f2a5586543b7935d2ee9fbe39d50
89fc9dec14ede24b885fc00756b3943c615f3b9a99d916fc5ecb43bb18b7c985
8b8740c43587bf057d1d6671cc706bd07183a3277c4b680b31f496c268a1b773
8eb91a0802b9e79aef3e47554a25b80de2f8ef73d3053b28c81820734179f4e9
923f82635a75547c368b300c684da5f5f36164446310142d67c520c18d1b8f3d
93ac8e22ef8a241ddd954362cc979528693e4b7732dc5de26154d9bbf60011fb
950480f6161e6f3fdfe1a0d18fa920c1275f4344fcd4b73622cdab3475ad31a3
a05c933df1710a9489ba16a496c86a418aa84eeb6fdce78b515364502b0d2def
a3d08747462129e4b1e6756b57c9f24cc8dd7a6ad095cc416f5dbd52aaa5f7b2
a963621b4341552ca61590aa02e93b70f189e8050a105c32c0197c3c34b2d114
a9b231101405a5f5f9cfb43e562a586d99244a3b36431a5e827b22a10e267f4e
ab66c9e8bce16344875f1ab766acb37d203eb49d5949e36f57e3c03243d2cb4e
ae9c7b01874b611809fbe7671072f16cd8516a8b0a888723977dde652a993676
af1f4799ffff77a39833d40ec80647a280bfe92e912da9be73cd50f550350729
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b44134c882041c32203269160189f2a0a1b12e4e348f74a1f38b94640f7d65ab
b5b00058f9dfb36d4003614b8ad535403705f0f4371df3d29d3f30a0741ea5e9
b7041c162fe552e1e931264fe156e1349debb3507ec4d964932b39556a50ab26
b7401da9a0ebb1da9ce05669653be2d634f3bebeda4f4d82690b98a1dc50eee2
b830dfd69831341efb1c28493e140070ff22da94884c43ba0fc005e3b0ad1c14
c96f487a358a41448c216a8d85a15953f1b2acace963d333bfcd55349b339c8c
cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc
cc4772532e5066f9e49faf08fde464ad5f7947463c4c2b48a4c339efe7cd5f28
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d6afd405161d1fb8c64a7d65e1e3b5d178eab7bded791823ce349fb691a44df3
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e2b5ccaba6f580d3d0450a3ae2336994b42f4a60428b197b6257a8bc4b500433
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb2e3f703cf8ee0156a1d625e053c0968b0dfcff62ea4254ddd8ba9fece3ad32
eb90069bfb802ef63158d8954bb6a025a056b3d084e0c7aae494c7401847e590
eebdf06627084c7a30e74731c93276b03d8942becc288bec3a286b482ce2a5e6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f2154f49d7d4ed6c74a1ad1dc0e39ef3136fd859059986ed5bcd3050d59867b3