stage-mitarbeiterportal.bw-energy.de Open in urlscan Pro
18.197.77.199  Public Scan

6 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response stage-mitarbeiterportal.bw-energy.de/	24 KB 10 KB	56ms 41ms	Document text/html	18.197.77.199 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://stage-mitarbeiterportal.bw-energy.de/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.197.77.199 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-197-77-199.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash d9e7bf26f480e995fea89455b6594d4e1ad75288f12017757515982391589b5f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-cache, private content-encoding gzip content-security-policy-report-only base-uri 'self';connect-src 'self' *.rollbar.com;default-src 'self';form-action 'self';img-src 'self' data:;media-src 'self';object-src 'self';script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV';style-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV' 'unsafe-inline';font-src 'self' data:;style-src-elem 'self' 'unsafe-inline';report-uri https://mediameets.report-uri.com/r/d/csp/reportOnly content-type text/html; charset=UTF-8 date Tue, 10 May 2022 15:10:18 GMT referrer-policy no-referrer-when-downgrade server nginx strict-transport-security max-age=31536000; includeSubDomains; preload vary Accept-Encoding x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 1; mode=block
POST H2	201	reportOnly mediameets.report-uri.com/r/d/csp/	0 239 B	1132ms 1088ms	Other text/plain	2606:4700::6811:ba58 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mediameets.report-uri.com/r/d/csp/reportOnly Requested by Host: stage-mitarbeiterportal.bw-energy.de URL: https://stage-mitarbeiterportal.bw-energy.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:ba58 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63113904; includeSubDomains; preload Request headers Referer https://stage-mitarbeiterportal.bw-energy.de/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type application/csp-report Response headers date Tue, 10 May 2022 15:10:19 GMT nel {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true} content-type text/plain;charset=UTF-8 access-control-allow-origin * cross-origin-resource-policy cross-origin strict-transport-security max-age=63113904; includeSubDomains; preload cf-ray 709399d68cd60208-ZRH alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0
POST H2	201	reportOnly mediameets.report-uri.com/r/d/csp/	0 239 B	1180ms 1139ms	Other text/plain	2606:4700::6811:ba58 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mediameets.report-uri.com/r/d/csp/reportOnly Requested by Host: stage-mitarbeiterportal.bw-energy.de URL: https://stage-mitarbeiterportal.bw-energy.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:ba58 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63113904; includeSubDomains; preload Request headers Referer https://stage-mitarbeiterportal.bw-energy.de/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type application/csp-report Response headers date Tue, 10 May 2022 15:10:19 GMT nel {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true} content-type text/plain;charset=UTF-8 access-control-allow-origin * cross-origin-resource-policy cross-origin strict-transport-security max-age=63113904; includeSubDomains; preload cf-ray 709399d68cd90208-ZRH alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0
POST H2	201	reportOnly mediameets.report-uri.com/r/d/csp/	0 239 B	1161ms 1121ms	Other text/plain	2606:4700::6811:ba58 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mediameets.report-uri.com/r/d/csp/reportOnly Requested by Host: stage-mitarbeiterportal.bw-energy.de URL: https://stage-mitarbeiterportal.bw-energy.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:ba58 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63113904; includeSubDomains; preload Request headers Referer https://stage-mitarbeiterportal.bw-energy.de/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type application/csp-report Response headers date Tue, 10 May 2022 15:10:19 GMT nel {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true} content-type text/plain;charset=UTF-8 access-control-allow-origin * cross-origin-resource-policy cross-origin strict-transport-security max-age=63113904; includeSubDomains; preload cf-ray 709399d68cda0208-ZRH alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0
POST H2	201	reportOnly mediameets.report-uri.com/r/d/csp/	0 684 B	840ms 801ms	Other text/plain	2606:4700::6811:ba58 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mediameets.report-uri.com/r/d/csp/reportOnly Requested by Host: stage-mitarbeiterportal.bw-energy.de URL: https://stage-mitarbeiterportal.bw-energy.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:ba58 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63113904; includeSubDomains; preload Request headers Referer https://stage-mitarbeiterportal.bw-energy.de/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type application/csp-report Response headers date Tue, 10 May 2022 15:10:19 GMT nel {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true} content-type text/plain;charset=UTF-8 access-control-allow-origin * cross-origin-resource-policy cross-origin strict-transport-security max-age=63113904; includeSubDomains; preload cf-ray 709399d68cde0208-ZRH alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0
POST H2	201	reportOnly mediameets.report-uri.com/r/d/csp/	0 240 B	1129ms 1091ms	Other text/plain	2606:4700::6811:ba58 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mediameets.report-uri.com/r/d/csp/reportOnly Requested by Host: stage-mitarbeiterportal.bw-energy.de URL: https://stage-mitarbeiterportal.bw-energy.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:ba58 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63113904; includeSubDomains; preload Request headers Referer https://stage-mitarbeiterportal.bw-energy.de/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type application/csp-report Response headers date Tue, 10 May 2022 15:10:19 GMT nel {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true} content-type text/plain;charset=UTF-8 access-control-allow-origin * cross-origin-resource-policy cross-origin strict-transport-security max-age=63113904; includeSubDomains; preload cf-ray 709399d68cdb0208-ZRH alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0
POST H2	201	reportOnly mediameets.report-uri.com/r/d/csp/	0 240 B	1156ms 1120ms	Other text/plain	2606:4700::6811:ba58 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mediameets.report-uri.com/r/d/csp/reportOnly Requested by Host: stage-mitarbeiterportal.bw-energy.de URL: https://stage-mitarbeiterportal.bw-energy.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:ba58 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63113904; includeSubDomains; preload Request headers Referer https://stage-mitarbeiterportal.bw-energy.de/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type application/csp-report Response headers date Tue, 10 May 2022 15:10:19 GMT nel {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true} content-type text/plain;charset=UTF-8 access-control-allow-origin * cross-origin-resource-policy cross-origin strict-transport-security max-age=63113904; includeSubDomains; preload cf-ray 709399d68cdd0208-ZRH alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0
POST H2	201	reportOnly mediameets.report-uri.com/r/d/csp/	0 237 B	1104ms 1102ms	Other text/plain	2606:4700::6811:ba58 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mediameets.report-uri.com/r/d/csp/reportOnly Requested by Host: stage-mitarbeiterportal.bw-energy.de URL: https://stage-mitarbeiterportal.bw-energy.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:ba58 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63113904; includeSubDomains; preload Request headers Referer https://stage-mitarbeiterportal.bw-energy.de/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type application/csp-report Response headers date Tue, 10 May 2022 15:10:19 GMT nel {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true} content-type text/plain;charset=UTF-8 access-control-allow-origin * cross-origin-resource-policy cross-origin strict-transport-security max-age=63113904; includeSubDomains; preload cf-ray 709399d6ad160208-ZRH alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0
POST H2	201	reportOnly mediameets.report-uri.com/r/d/csp/	0 675 B	1116ms 1113ms	Other text/plain	2606:4700::6811:ba58 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mediameets.report-uri.com/r/d/csp/reportOnly Requested by Host: stage-mitarbeiterportal.bw-energy.de URL: https://stage-mitarbeiterportal.bw-energy.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:ba58 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63113904; includeSubDomains; preload Request headers Referer https://stage-mitarbeiterportal.bw-energy.de/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type application/csp-report Response headers date Tue, 10 May 2022 15:10:19 GMT nel {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true} content-type text/plain;charset=UTF-8 access-control-allow-origin * cross-origin-resource-policy cross-origin strict-transport-security max-age=63113904; includeSubDomains; preload cf-ray 709399d6ad190208-ZRH alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0
POST H2	201	reportOnly mediameets.report-uri.com/r/d/csp/	0 241 B	1112ms 1110ms	Other text/plain	2606:4700::6811:ba58 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mediameets.report-uri.com/r/d/csp/reportOnly Requested by Host: stage-mitarbeiterportal.bw-energy.de URL: https://stage-mitarbeiterportal.bw-energy.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:ba58 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63113904; includeSubDomains; preload Request headers Referer https://stage-mitarbeiterportal.bw-energy.de/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type application/csp-report Response headers date Tue, 10 May 2022 15:10:19 GMT nel {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true} content-type text/plain;charset=UTF-8 access-control-allow-origin * cross-origin-resource-policy cross-origin strict-transport-security max-age=63113904; includeSubDomains; preload cf-ray 709399d6ad1b0208-ZRH alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0
POST H2	201	reportOnly mediameets.report-uri.com/r/d/csp/	0 242 B	1103ms 1101ms	Other text/plain	2606:4700::6811:ba58 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mediameets.report-uri.com/r/d/csp/reportOnly Requested by Host: stage-mitarbeiterportal.bw-energy.de URL: https://stage-mitarbeiterportal.bw-energy.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:ba58 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63113904; includeSubDomains; preload Request headers Referer https://stage-mitarbeiterportal.bw-energy.de/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type application/csp-report Response headers date Tue, 10 May 2022 15:10:19 GMT nel {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true} content-type text/plain;charset=UTF-8 access-control-allow-origin * cross-origin-resource-policy cross-origin strict-transport-security max-age=63113904; includeSubDomains; preload cf-ray 709399d6ad1c0208-ZRH alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0
POST H2	201	reportOnly mediameets.report-uri.com/r/d/csp/	0 240 B	1097ms 1095ms	Other text/plain	2606:4700::6811:ba58 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mediameets.report-uri.com/r/d/csp/reportOnly Requested by Host: stage-mitarbeiterportal.bw-energy.de URL: https://stage-mitarbeiterportal.bw-energy.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:ba58 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63113904; includeSubDomains; preload Request headers Referer https://stage-mitarbeiterportal.bw-energy.de/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type application/csp-report Response headers date Tue, 10 May 2022 15:10:19 GMT nel {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true} content-type text/plain;charset=UTF-8 access-control-allow-origin * cross-origin-resource-policy cross-origin strict-transport-security max-age=63113904; includeSubDomains; preload cf-ray 709399d6ad1d0208-ZRH alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0
POST H2	201	reportOnly mediameets.report-uri.com/r/d/csp/	0 240 B	1077ms 1075ms	Other text/plain	2606:4700::6811:ba58 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mediameets.report-uri.com/r/d/csp/reportOnly Requested by Host: stage-mitarbeiterportal.bw-energy.de URL: https://stage-mitarbeiterportal.bw-energy.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:ba58 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63113904; includeSubDomains; preload Request headers Referer https://stage-mitarbeiterportal.bw-energy.de/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type application/csp-report Response headers date Tue, 10 May 2022 15:10:19 GMT nel {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true} content-type text/plain;charset=UTF-8 access-control-allow-origin * cross-origin-resource-policy cross-origin strict-transport-security max-age=63113904; includeSubDomains; preload cf-ray 709399d6ad1e0208-ZRH alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0
POST H2	201	reportOnly mediameets.report-uri.com/r/d/csp/	0 241 B	1107ms 1105ms	Other text/plain	2606:4700::6811:ba58 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mediameets.report-uri.com/r/d/csp/reportOnly Requested by Host: stage-mitarbeiterportal.bw-energy.de URL: https://stage-mitarbeiterportal.bw-energy.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:ba58 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63113904; includeSubDomains; preload Request headers Referer https://stage-mitarbeiterportal.bw-energy.de/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type application/csp-report Response headers date Tue, 10 May 2022 15:10:19 GMT nel {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true} content-type text/plain;charset=UTF-8 access-control-allow-origin * cross-origin-resource-policy cross-origin strict-transport-security max-age=63113904; includeSubDomains; preload cf-ray 709399d6ad200208-ZRH alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0
POST H2	201	reportOnly mediameets.report-uri.com/r/d/csp/	0 241 B	1085ms 1083ms	Other text/plain	2606:4700::6811:ba58 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mediameets.report-uri.com/r/d/csp/reportOnly Requested by Host: stage-mitarbeiterportal.bw-energy.de URL: https://stage-mitarbeiterportal.bw-energy.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:ba58 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63113904; includeSubDomains; preload Request headers Referer https://stage-mitarbeiterportal.bw-energy.de/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type application/csp-report Response headers date Tue, 10 May 2022 15:10:19 GMT nel {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true} content-type text/plain;charset=UTF-8 access-control-allow-origin * cross-origin-resource-policy cross-origin strict-transport-security max-age=63113904; includeSubDomains; preload cf-ray 709399d6ad210208-ZRH alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0
POST H2	201	reportOnly mediameets.report-uri.com/r/d/csp/	0 241 B	1089ms 1087ms	Other text/plain	2606:4700::6811:ba58 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mediameets.report-uri.com/r/d/csp/reportOnly Requested by Host: stage-mitarbeiterportal.bw-energy.de URL: https://stage-mitarbeiterportal.bw-energy.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:ba58 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63113904; includeSubDomains; preload Request headers Referer https://stage-mitarbeiterportal.bw-energy.de/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type application/csp-report Response headers date Tue, 10 May 2022 15:10:19 GMT nel {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true} content-type text/plain;charset=UTF-8 access-control-allow-origin * cross-origin-resource-policy cross-origin strict-transport-security max-age=63113904; includeSubDomains; preload cf-ray 709399d6ad220208-ZRH alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0
POST H2	201	reportOnly mediameets.report-uri.com/r/d/csp/	0 242 B	1116ms 1114ms	Other text/plain	2606:4700::6811:ba58 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mediameets.report-uri.com/r/d/csp/reportOnly Requested by Host: stage-mitarbeiterportal.bw-energy.de URL: https://stage-mitarbeiterportal.bw-energy.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:ba58 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63113904; includeSubDomains; preload Request headers Referer https://stage-mitarbeiterportal.bw-energy.de/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type application/csp-report Response headers date Tue, 10 May 2022 15:10:19 GMT nel {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true} content-type text/plain;charset=UTF-8 access-control-allow-origin * cross-origin-resource-policy cross-origin strict-transport-security max-age=63113904; includeSubDomains; preload cf-ray 709399d6ad230208-ZRH alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0
POST H2	201	reportOnly mediameets.report-uri.com/r/d/csp/	0 241 B	1116ms 1114ms	Other text/plain	2606:4700::6811:ba58 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mediameets.report-uri.com/r/d/csp/reportOnly Requested by Host: stage-mitarbeiterportal.bw-energy.de URL: https://stage-mitarbeiterportal.bw-energy.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:ba58 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63113904; includeSubDomains; preload Request headers Referer https://stage-mitarbeiterportal.bw-energy.de/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type application/csp-report Response headers date Tue, 10 May 2022 15:10:19 GMT nel {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true} content-type text/plain;charset=UTF-8 access-control-allow-origin * cross-origin-resource-policy cross-origin strict-transport-security max-age=63113904; includeSubDomains; preload cf-ray 709399d6ad240208-ZRH alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0
POST H2	201	reportOnly mediameets.report-uri.com/r/d/csp/	0 239 B	1085ms 1084ms	Other text/plain	2606:4700::6811:ba58 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mediameets.report-uri.com/r/d/csp/reportOnly Requested by Host: stage-mitarbeiterportal.bw-energy.de URL: https://stage-mitarbeiterportal.bw-energy.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:ba58 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63113904; includeSubDomains; preload Request headers Referer https://stage-mitarbeiterportal.bw-energy.de/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type application/csp-report Response headers date Tue, 10 May 2022 15:10:19 GMT nel {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true} content-type text/plain;charset=UTF-8 access-control-allow-origin * cross-origin-resource-policy cross-origin strict-transport-security max-age=63113904; includeSubDomains; preload cf-ray 709399d6ad250208-ZRH alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0
POST H2	201	reportOnly mediameets.report-uri.com/r/d/csp/	0 241 B	1115ms 1114ms	Other text/plain	2606:4700::6811:ba58 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mediameets.report-uri.com/r/d/csp/reportOnly Requested by Host: stage-mitarbeiterportal.bw-energy.de URL: https://stage-mitarbeiterportal.bw-energy.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:ba58 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63113904; includeSubDomains; preload Request headers Referer https://stage-mitarbeiterportal.bw-energy.de/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type application/csp-report Response headers date Tue, 10 May 2022 15:10:19 GMT nel {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true} content-type text/plain;charset=UTF-8 access-control-allow-origin * cross-origin-resource-policy cross-origin strict-transport-security max-age=63113904; includeSubDomains; preload cf-ray 709399d6ad260208-ZRH alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0
POST H2	201	reportOnly mediameets.report-uri.com/r/d/csp/	0 680 B	1089ms 1088ms	Other text/plain	2606:4700::6811:ba58 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mediameets.report-uri.com/r/d/csp/reportOnly Requested by Host: stage-mitarbeiterportal.bw-energy.de URL: https://stage-mitarbeiterportal.bw-energy.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:ba58 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63113904; includeSubDomains; preload Request headers Referer https://stage-mitarbeiterportal.bw-energy.de/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type application/csp-report Response headers date Tue, 10 May 2022 15:10:19 GMT nel {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true} content-type text/plain;charset=UTF-8 access-control-allow-origin * cross-origin-resource-policy cross-origin strict-transport-security max-age=63113904; includeSubDomains; preload cf-ray 709399d6ad280208-ZRH alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0
POST H2	201	reportOnly mediameets.report-uri.com/r/d/csp/	0 240 B	1130ms 1128ms	Other text/plain	2606:4700::6811:ba58 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mediameets.report-uri.com/r/d/csp/reportOnly Requested by Host: stage-mitarbeiterportal.bw-energy.de URL: https://stage-mitarbeiterportal.bw-energy.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:ba58 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63113904; includeSubDomains; preload Request headers Referer https://stage-mitarbeiterportal.bw-energy.de/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type application/csp-report Response headers date Tue, 10 May 2022 15:10:19 GMT nel {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true} content-type text/plain;charset=UTF-8 access-control-allow-origin * cross-origin-resource-policy cross-origin strict-transport-security max-age=63113904; includeSubDomains; preload cf-ray 709399d6ad2b0208-ZRH alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0
GET H2	200	app.css stage-mitarbeiterportal.bw-energy.de/css/	54 KB 13 KB	7ms 6ms	Stylesheet text/css	18.197.77.199 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://stage-mitarbeiterportal.bw-energy.de/css/app.css?id=5ae0b7b54dbf4e97b788766be1569c37 Requested by Host: stage-mitarbeiterportal.bw-energy.de URL: https://stage-mitarbeiterportal.bw-energy.de/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.197.77.199 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-197-77-199.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 43ce7b48a6450b222b9e8e6ed49a5629e21619c9e6e2ec165c9702e1d43ad731 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://stage-mitarbeiterportal.bw-energy.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 15:10:18 GMT content-encoding gzip referrer-policy no-referrer-when-downgrade last-modified Tue, 10 May 2022 14:56:24 GMT server nginx etag W/"627a7d18-d965" x-frame-options SAMEORIGIN content-type text/css x-xss-protection 1; mode=block cache-control max-age=604800 strict-transport-security max-age=31536000; includeSubDomains; preload vary Accept-Encoding x-content-type-options nosniff expires Tue, 17 May 2022 15:10:18 GMT
GET H2	200	manifest.js Show response stage-mitarbeiterportal.bw-energy.de/js/	2 KB 2 KB	7ms 7ms	Script application/javascript	18.197.77.199 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://stage-mitarbeiterportal.bw-energy.de/js/manifest.js?id=f337337a0cc01dde172edbbf849b0dda Requested by Host: stage-mitarbeiterportal.bw-energy.de URL: https://stage-mitarbeiterportal.bw-energy.de/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.197.77.199 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-197-77-199.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash a5c2be32baed93d8f7e0017ffaa921058831e444ccfc9612c2d495f78aa16b85 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://stage-mitarbeiterportal.bw-energy.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 15:10:18 GMT referrer-policy no-referrer-when-downgrade last-modified Tue, 10 May 2022 14:56:24 GMT server nginx etag "627a7d18-78f" x-frame-options SAMEORIGIN content-type application/javascript x-xss-protection 1; mode=block cache-control max-age=604800 strict-transport-security max-age=31536000; includeSubDomains; preload accept-ranges bytes content-length 1935 x-content-type-options nosniff expires Tue, 17 May 2022 15:10:18 GMT
GET H2	200	vendor.js Show response stage-mitarbeiterportal.bw-energy.de/js/	2 MB 822 KB	12ms 12ms	Script application/javascript	18.197.77.199 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://stage-mitarbeiterportal.bw-energy.de/js/vendor.js?id=ffaaaee3511b2df2cc3dbf784d5f2e39 Requested by Host: stage-mitarbeiterportal.bw-energy.de URL: https://stage-mitarbeiterportal.bw-energy.de/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.197.77.199 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-197-77-199.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 8dfcd4af9762211f406861ce856fa5e3e16e009fe7c5a975b707c05b147c076b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://stage-mitarbeiterportal.bw-energy.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 15:10:18 GMT content-encoding gzip referrer-policy no-referrer-when-downgrade last-modified Tue, 10 May 2022 14:56:24 GMT server nginx etag W/"627a7d18-245462" x-frame-options SAMEORIGIN content-type application/javascript x-xss-protection 1; mode=block cache-control max-age=604800 strict-transport-security max-age=31536000; includeSubDomains; preload vary Accept-Encoding x-content-type-options nosniff expires Tue, 17 May 2022 15:10:18 GMT
GET H2	200	app.js Show response stage-mitarbeiterportal.bw-energy.de/js/	186 KB 44 KB	13ms 12ms	Script application/javascript	18.197.77.199 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://stage-mitarbeiterportal.bw-energy.de/js/app.js?id=1790fffca04e83e50e10f6cc9bef26c8 Requested by Host: stage-mitarbeiterportal.bw-energy.de URL: https://stage-mitarbeiterportal.bw-energy.de/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.197.77.199 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-197-77-199.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 75be07b394e8a56af92b3bb5752bcd99dfe2161c6fb23e0192f229864be38d16 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://stage-mitarbeiterportal.bw-energy.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 15:10:18 GMT content-encoding gzip referrer-policy no-referrer-when-downgrade last-modified Tue, 10 May 2022 14:56:24 GMT server nginx etag W/"627a7d18-2e7cf" x-frame-options SAMEORIGIN content-type application/javascript x-xss-protection 1; mode=block cache-control max-age=604800 strict-transport-security max-age=31536000; includeSubDomains; preload vary Accept-Encoding x-content-type-options nosniff expires Tue, 17 May 2022 15:10:18 GMT
POST H2	201	reportOnly mediameets.report-uri.com/r/d/csp/	0 240 B	602ms 601ms	Other text/plain	2606:4700::6811:ba58 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mediameets.report-uri.com/r/d/csp/reportOnly Requested by Host: stage-mitarbeiterportal.bw-energy.de URL: https://stage-mitarbeiterportal.bw-energy.de/js/vendor.js?id=ffaaaee3511b2df2cc3dbf784d5f2e39 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:ba58 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63113904; includeSubDomains; preload Request headers Referer https://stage-mitarbeiterportal.bw-energy.de/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type application/csp-report Response headers date Tue, 10 May 2022 15:10:19 GMT nel {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true} content-type text/plain;charset=UTF-8 access-control-allow-origin * cross-origin-resource-policy cross-origin strict-transport-security max-age=63113904; includeSubDomains; preload cf-ray 709399d7df1f0208-ZRH alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0
GET H2	200	player_api Show response www.youtube.com/	980 B 2 KB	48ms 27ms	Script text/javascript	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/player_api Requested by Host: stage-mitarbeiterportal.bw-energy.de URL: https://stage-mitarbeiterportal.bw-energy.de/js/vendor.js?id=ffaaaee3511b2df2cc3dbf784d5f2e39 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 9f4c62ad756893055b9393007a6b9ac696fa1a3b37e87f86229f52b109534e4d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://stage-mitarbeiterportal.bw-energy.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 15:10:18 GMT content-encoding br x-content-type-options nosniff p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info." critical-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 server ESF x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 report-to {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]} content-type text/javascript; charset=utf-8 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cache-control private, max-age=0 permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=* cross-origin-opener-policy-report-only same-origin; report-to="youtube_main" expires Tue, 10 May 2022 15:10:18 GMT
GET H2	200	logo.svg stage-mitarbeiterportal.bw-energy.de/storage/img/	3 KB 3 KB	6ms 6ms	Image image/svg+xml	18.197.77.199 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://stage-mitarbeiterportal.bw-energy.de/storage/img/logo.svg Requested by Host: stage-mitarbeiterportal.bw-energy.de URL: https://stage-mitarbeiterportal.bw-energy.de/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.197.77.199 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-197-77-199.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 70eb2a894b75e0febb421d02a55ad8bae6e5e3cc98d8dbae5fc0f87b972c0b53 Request headers accept-language de-DE,de;q=0.9 Referer https://stage-mitarbeiterportal.bw-energy.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 15:10:19 GMT last-modified Tue, 10 May 2022 15:07:05 GMT server nginx etag "627a7f99-ce2" content-type image/svg+xml access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes content-length 3298 expires Tue, 17 May 2022 15:10:19 GMT
GET H2	200	roboto-latin-ext-500-normal.woff2 stage-mitarbeiterportal.bw-energy.de/fonts/	11 KB 12 KB	6ms 6ms	Font application/octet-stream	18.197.77.199 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://stage-mitarbeiterportal.bw-energy.de/fonts/roboto-latin-ext-500-normal.woff2 Requested by Host: stage-mitarbeiterportal.bw-energy.de URL: https://stage-mitarbeiterportal.bw-energy.de/css/app.css?id=5ae0b7b54dbf4e97b788766be1569c37 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.197.77.199 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-197-77-199.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash b48f2e025fc91e265f2c27ad6ee03f73527eb219036c9c68ab8de7d0fce23738 Request headers Referer https://stage-mitarbeiterportal.bw-energy.de/css/app.css?id=5ae0b7b54dbf4e97b788766be1569c37 Origin https://stage-mitarbeiterportal.bw-energy.de accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 15:10:19 GMT last-modified Tue, 10 May 2022 14:56:24 GMT server nginx etag "627a7d18-2df8" content-type application/octet-stream access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes content-length 11768 expires Tue, 17 May 2022 15:10:19 GMT
GET H2	200	roboto-latin-ext-400-normal.woff2 stage-mitarbeiterportal.bw-energy.de/fonts/	12 KB 12 KB	7ms 6ms	Font application/octet-stream	18.197.77.199 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://stage-mitarbeiterportal.bw-energy.de/fonts/roboto-latin-ext-400-normal.woff2 Requested by Host: stage-mitarbeiterportal.bw-energy.de URL: https://stage-mitarbeiterportal.bw-energy.de/css/app.css?id=5ae0b7b54dbf4e97b788766be1569c37 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.197.77.199 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-197-77-199.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e Request headers Referer https://stage-mitarbeiterportal.bw-energy.de/css/app.css?id=5ae0b7b54dbf4e97b788766be1569c37 Origin https://stage-mitarbeiterportal.bw-energy.de accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 15:10:19 GMT last-modified Tue, 10 May 2022 14:56:24 GMT server nginx etag "627a7d18-2e54" content-type application/octet-stream access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes content-length 11860 expires Tue, 17 May 2022 15:10:19 GMT
POST H2	201	reportOnly mediameets.report-uri.com/r/d/csp/	0 240 B	576ms 575ms	Other text/plain	2606:4700::6811:ba58 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mediameets.report-uri.com/r/d/csp/reportOnly Requested by Host: www.youtube.com URL: https://www.youtube.com/player_api Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:ba58 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63113904; includeSubDomains; preload Request headers Referer https://stage-mitarbeiterportal.bw-energy.de/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type application/csp-report Response headers date Tue, 10 May 2022 15:10:19 GMT nel {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true} content-type text/plain;charset=UTF-8 access-control-allow-origin * cross-origin-resource-policy cross-origin strict-transport-security max-age=63113904; includeSubDomains; preload cf-ray 709399d8f9070208-ZRH alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0
GET H2	200	www-widgetapi.js Show response www.youtube.com/s/player/53aba266/www-widgetapi.vflset/	154 KB 50 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/53aba266/www-widgetapi.vflset/www-widgetapi.js Requested by Host: www.youtube.com URL: https://www.youtube.com/player_api Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e8bbc76c3d03e206af2bb5bc11236555f0c3177fc677c66077bd651072853d26 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://stage-mitarbeiterportal.bw-energy.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 13:37:47 GMT content-encoding br x-content-type-options nosniff age 5552 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 51153 x-xss-protection 0 last-modified Mon, 09 May 2022 00:15:57 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Wed, 10 May 2023 13:37:47 GMT

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| app object| webpackChunk function| route function| clearImmediate function| setImmediate function| unhandledrejection function| axios function| $bu_getBrowser object| _buorgres object| FontAwesomeConfig object| ___FONT_AWESOME___ object| core function| onYouTubeIframeAPIReady object| tinymce object| tinyMCE object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportGELProtoQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			stage-mitarbeiterportal.bw-energy.de/	1970-01-20 02:56:42	Name: XSRF-TOKEN Value: eyJpdiI6IjA0WHlucHJ4OXpzS2Rhelp2MjBPclE9PSIsInZhbHVlIjoiK21PQ3ZZZzdySkpqRnVha3Z5K0xCTDc4ZksyQ1FVVXp6UUhaRDBlVmZtMjF0dnlyMTcyb2lFeDY5b3JWaHdkMklyRngzSmxma3JBNk41N3BPY2kwUk9IVzJKeG5sU0dJZklWbzlFQ3pnQktaNVpqenJQaDN4eWV2c3crK2dpOGUiLCJtYWMiOiJhYWQ3NTQwYzNiNTE4ZGViYjdmZjg0ZWNjYTYzZmY3NWUyOTlmMDU2MTllMDE1NGFhMDIwZTRjYjAyMjMwZDRkIiwidGFnIjoiIn0%3D
			stage-mitarbeiterportal.bw-energy.de/	1970-01-20 02:56:42	Name: bw_mitarbeiterportal_session Value: eyJpdiI6InIzWWtINzlSZFJDZlhwcENqclZMaXc9PSIsInZhbHVlIjoiYXpBcWozTTZ4NGlMU3RXTUF1R3hxaWx5UjRFeXZIZ2ZZSkRERTVUM3VJWmZiMVBUVGNxUGdLOW4rUWxUMVBUUlViRHlDQkt0MCtZdjNNZ3BkS1V0Nkd5d21WbXlUcVRrZkJQem03c29MMndGd0ZuazNOMU5aRk5MdFBvTFNpVlMiLCJtYWMiOiIzNjI3ZWI2ZThiNzVhYTFkMzI0OTZiZWY5MzdmYTc4ODZjNmZlOTY4MDA1NzJkMGVkMGE4YzcwZTQyNDMwZmQ3IiwidGFnIjoiIn0%3D
			.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: Ms8Rtb-_lms
			.youtube.com/	1970-01-20 07:15:47	Name: VISITOR_INFO1_LIVE Value: szFfmBlOQ0Q

206 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 8) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 8) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 8) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 8) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'".
security	error	URL: https://stage-mitarbeiterportal.bw-energy.de/js/vendor.js?id=ffaaaee3511b2df2cc3dbf784d5f2e39(Line 1) Message: [Report Only] Refused to load the script 'https://www.youtube.com/player_api' because it violates the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://www.youtube.com/player_api(Line 2) Message: [Report Only] Refused to load the script 'https://www.youtube.com/s/player/53aba266/www-widgetapi.vflset/www-widgetapi.js' because it violates the following Content Security Policy directive: "script-src 'self' 'nonce-QEajPWEbXyiS1H6MQ1eapkTRGi6bColV'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

mediameets.report-uri.com
stage-mitarbeiterportal.bw-energy.de
www.youtube.com
18.197.77.199
2606:4700::6811:ba58
2a00:1450:4001:80f::200e
43ce7b48a6450b222b9e8e6ed49a5629e21619c9e6e2ec165c9702e1d43ad731
4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e
70eb2a894b75e0febb421d02a55ad8bae6e5e3cc98d8dbae5fc0f87b972c0b53
75be07b394e8a56af92b3bb5752bcd99dfe2161c6fb23e0192f229864be38d16
8dfcd4af9762211f406861ce856fa5e3e16e009fe7c5a975b707c05b147c076b
9f4c62ad756893055b9393007a6b9ac696fa1a3b37e87f86229f52b109534e4d
a5c2be32baed93d8f7e0017ffaa921058831e444ccfc9612c2d495f78aa16b85
b48f2e025fc91e265f2c27ad6ee03f73527eb219036c9c68ab8de7d0fce23738
d9e7bf26f480e995fea89455b6594d4e1ad75288f12017757515982391589b5f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8bbc76c3d03e206af2bb5bc11236555f0c3177fc677c66077bd651072853d26