preferences.bedbathandbeyond.com Open in urlscan Pro
18.244.18.51 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://preferences.overstock.com/
Effective URL:
https://preferences.bedbathandbeyond.com/
Submission: On July 04 via automatic, source certstream-suspicious (July 4th 2024, 9:07:59 am UTC) — Scanned from DE

Summary HTTP 25 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 25 HTTP transactions. The main IP is 18.244.18.51, located in United States and belongs to AMAZON-02, US. The main domain is preferences.bedbathandbeyond.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on July 1st 2024. Valid for: a year.

This is the only time preferences.bedbathandbeyond.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	173.241.154.55 173.241.154.55	25655 (OSTK-COM) (OSTK-COM)
16	18.244.18.51 18.244.18.51	16509 (AMAZON-02) (AMAZON-02)
1	34.36.213.229 34.36.213.229	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	34.107.204.85 34.107.204.85	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	13.32.27.32 13.32.27.32	16509 (AMAZON-02) (AMAZON-02)
25	4

1 173.241.154.55 (United States) 1 redirects

ASN25655 (OSTK-COM, US)

preferences.overstock.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 18.244.18.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-51.fra56.r.cloudfront.net

preferences.bedbathandbeyond.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.36.213.229 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 229.213.36.34.bc.googleusercontent.com

cdn.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.107.204.85 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 85.204.107.34.bc.googleusercontent.com

data.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.27.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-32.fra56.r.cloudfront.net

assets-production.datagrail.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	bedbathandbeyond.com preferences.bedbathandbeyond.com	2 MB
7	pendo.io cdn.pendo.io — Cisco Umbrella Rank: 770 data.pendo.io — Cisco Umbrella Rank: 677	158 KB
2	datagrail.io assets-production.datagrail.io	12 KB
1	overstock.com 1 redirects preferences.overstock.com	209 B
25	4

	Domain	Requested by
16	preferences.bedbathandbeyond.com	preferences.bedbathandbeyond.com
6	data.pendo.io	cdn.pendo.io
2	assets-production.datagrail.io
1	cdn.pendo.io	preferences.bedbathandbeyond.com
1	preferences.overstock.com	1 redirects
25	5

This site contains no links.

Subject Issuer	Validity	Valid
preferences.bedbathandbeyond.com Amazon RSA 2048 M02	`2024-07-01` - `2025-07-31`	a year	crt.sh
cdn.pendo.io WR3	`2024-05-27` - `2024-08-25`	3 months	crt.sh
pendo.io WR3	`2024-05-23` - `2024-08-21`	3 months	crt.sh
*.datagrail.io Amazon RSA 2048 M01	`2023-09-22` - `2024-10-20`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://preferences.bedbathandbeyond.com/
Frame ID: DFC1D880566E09AAB119433F57C17F52
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Privacy Request Center | DataGrail

Page URL History Show full URLs

https://preferences.overstock.com/ HTTP 301
https://preferences.bedbathandbeyond.com/ Page URL

Page Statistics

25
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

4
IPs

1
Countries

1829 kB
Transfer

7281 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://preferences.overstock.com/ HTTP 301
https://preferences.bedbathandbeyond.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
preferences.bedbathandbeyond.com/
Redirect Chain

https://preferences.overstock.com/
https://preferences.bedbathandbeyond.com/

4 KB
6 KB

729ms
478ms

Document
text/html

18.244.18.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://preferences.bedbathandbeyond.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.51 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-51.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

c02a0add5062478700f75eb8662a67f2a974fc46972d666d7b2edd8f093e0411

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com https://na-ab29.marketo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://ajax.cloudflare.com https://hcaptcha.com https://.hcaptcha.com https://app.pendo.io https://pendo-io-static.storage.googleapis.com https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://use.typekit.net https://apis.google.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com; style-src 'self' 'unsafe-inline' https://app-ab27.marketo.com https://app-ab29.marketo.com https://fonts.googleapis.com https://use.fontawesome.com https://hcaptcha.com https://.hcaptcha.com https://app.pendo.io https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://cdnjs.cloudflare.com https://go.forgerock.com; img-src 'self' https://*.datagrail.io https://hcaptcha.com https://cdn.pendo.io https://app.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://static.intercomassets.com data:; connect-src 'self' https://hcaptcha.com https://app.pendo.io https://data.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://api.feedback.us.pendo.io https://sentry.io https://datagrail-quarantine-production.s3.us-west-2.amazonaws.com https://datagrail-quarantine-development.s3.us-west-2.amazonaws.com https://datagrail-quarantine-staging.s3.us-west-2.amazonaws.com https://salesforce-datagrail-quarantine.s3.us-west-1.amazonaws.com https://datagrail-public-assets.s3.us-west-2.amazonaws.com https://datagrail-public-assets.s3.us-west-1.amazonaws.com; font-src 'self' https://fonts.gstatic.com https://use.fontawesome.com https://fonts.googleapis.com; object-src 'none'; media-src 'self'; frame-src 'self' https://newassets.hcaptcha.com https://go.forgerock.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://na-ab29.marketo.com https://app.pendo.io https://feedback.us.pendo.io https://portal.feedback.us.pendo.io; base-uri 'self'; frame-ancestors https://app.pendo.io; child-src https://app.pendo.io; report-uri /_csp;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN deny
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: max-age=0, private, must-revalidate no-store, no-cache, max-age=0
content-security-policy: default-src 'self' https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com https://na-ab29.marketo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://ajax.cloudflare.com https://hcaptcha.com https://*.hcaptcha.com https://app.pendo.io https://pendo-io-static.storage.googleapis.com https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://use.typekit.net https://apis.google.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com; style-src 'self' 'unsafe-inline' https://app-ab27.marketo.com https://app-ab29.marketo.com https://fonts.googleapis.com https://use.fontawesome.com https://hcaptcha.com https://*.hcaptcha.com https://app.pendo.io https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://cdnjs.cloudflare.com https://go.forgerock.com; img-src 'self' https://*.datagrail.io https://hcaptcha.com https://cdn.pendo.io https://app.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://static.intercomassets.com data:; connect-src 'self' https://hcaptcha.com https://app.pendo.io https://data.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://api.feedback.us.pendo.io https://sentry.io https://datagrail-quarantine-production.s3.us-west-2.amazonaws.com https://datagrail-quarantine-development.s3.us-west-2.amazonaws.com https://datagrail-quarantine-staging.s3.us-west-2.amazonaws.com https://salesforce-datagrail-quarantine.s3.us-west-1.amazonaws.com https://datagrail-public-assets.s3.us-west-2.amazonaws.com https://datagrail-public-assets.s3.us-west-1.amazonaws.com; font-src 'self' https://fonts.gstatic.com https://use.fontawesome.com https://fonts.googleapis.com; object-src 'none'; media-src 'self'; frame-src 'self' https://newassets.hcaptcha.com https://go.forgerock.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://na-ab29.marketo.com https://app.pendo.io https://feedback.us.pendo.io https://portal.feedback.us.pendo.io; base-uri 'self'; frame-ancestors https://app.pendo.io; child-src https://app.pendo.io; report-uri /_csp;
content-type: text/html; charset=utf-8
date: Thu, 04 Jul 2024 09:07:54 GMT
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 de5feec87348dd5cbd158a449ae18d38.cloudfront.net (CloudFront)
x-amz-cf-id: 7LudahwvxKCCWDASG1e6TkwcsxKCLIfrI-gMC7a8TXLfPJK79jmkmA==
x-amz-cf-pop: FRA56-P11
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN deny
x-permitted-cross-domain-policies: none
x-request-id: 6d9d8283-e2ef-47b3-b501-ad91721c04e0
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Thu, 04 Jul 2024 09:07:54 GMT
Location: https://preferences.bedbathandbeyond.com/
Server: nginx

GET
H2 200 PrivacyRequestCenterPack-437002c703f380754d7fe930fc3ec039848f3e6e3f2fa8718e0fbcffa3b0cab5.js Show response
preferences.bedbathandbeyond.com/assets/ 134 KB
28 KB 39ms
39ms Script
application/javascript 18.244.18.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://preferences.bedbathandbeyond.com/assets/PrivacyRequestCenterPack-437002c703f380754d7fe930fc3ec039848f3e6e3f2fa8718e0fbcffa3b0cab5.js

Requested by

Host: preferences.bedbathandbeyond.com
URL: https://preferences.bedbathandbeyond.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.51 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-51.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

3757610251a48b73b752b1df1a0dcc78cebd652475773ceedbe32a7cb286171c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com https://na-ab29.marketo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://ajax.cloudflare.com https://hcaptcha.com https://.hcaptcha.com https://app.pendo.io https://pendo-io-static.storage.googleapis.com https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://use.typekit.net https://apis.google.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com; style-src 'self' 'unsafe-inline' https://app-ab27.marketo.com https://app-ab29.marketo.com https://fonts.googleapis.com https://use.fontawesome.com https://hcaptcha.com https://.hcaptcha.com https://app.pendo.io https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://cdnjs.cloudflare.com https://go.forgerock.com; img-src 'self' https://*.datagrail.io https://hcaptcha.com https://cdn.pendo.io https://app.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://static.intercomassets.com data:; connect-src 'self' https://hcaptcha.com https://app.pendo.io https://data.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://api.feedback.us.pendo.io https://sentry.io https://datagrail-quarantine-production.s3.us-west-2.amazonaws.com https://datagrail-quarantine-development.s3.us-west-2.amazonaws.com https://datagrail-quarantine-staging.s3.us-west-2.amazonaws.com https://salesforce-datagrail-quarantine.s3.us-west-1.amazonaws.com https://datagrail-public-assets.s3.us-west-2.amazonaws.com https://datagrail-public-assets.s3.us-west-1.amazonaws.com; font-src 'self' https://fonts.gstatic.com https://use.fontawesome.com https://fonts.googleapis.com; object-src 'none'; media-src 'self'; frame-src 'self' https://newassets.hcaptcha.com https://go.forgerock.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://na-ab29.marketo.com https://app.pendo.io https://feedback.us.pendo.io https://portal.feedback.us.pendo.io; base-uri 'self'; frame-ancestors https://app.pendo.io; child-src https://app.pendo.io; report-uri /_csp;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	deny

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://preferences.bedbathandbeyond.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 04:01:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
content-security-policy: default-src 'self' https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com https://na-ab29.marketo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://ajax.cloudflare.com https://hcaptcha.com https://*.hcaptcha.com https://app.pendo.io https://pendo-io-static.storage.googleapis.com https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://use.typekit.net https://apis.google.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com; style-src 'self' 'unsafe-inline' https://app-ab27.marketo.com https://app-ab29.marketo.com https://fonts.googleapis.com https://use.fontawesome.com https://hcaptcha.com https://*.hcaptcha.com https://app.pendo.io https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://cdnjs.cloudflare.com https://go.forgerock.com; img-src 'self' https://*.datagrail.io https://hcaptcha.com https://cdn.pendo.io https://app.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://static.intercomassets.com data:; connect-src 'self' https://hcaptcha.com https://app.pendo.io https://data.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://api.feedback.us.pendo.io https://sentry.io https://datagrail-quarantine-production.s3.us-west-2.amazonaws.com https://datagrail-quarantine-development.s3.us-west-2.amazonaws.com https://datagrail-quarantine-staging.s3.us-west-2.amazonaws.com https://salesforce-datagrail-quarantine.s3.us-west-1.amazonaws.com https://datagrail-public-assets.s3.us-west-2.amazonaws.com https://datagrail-public-assets.s3.us-west-1.amazonaws.com; font-src 'self' https://fonts.gstatic.com https://use.fontawesome.com https://fonts.googleapis.com; object-src 'none'; media-src 'self'; frame-src 'self' https://newassets.hcaptcha.com https://go.forgerock.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://na-ab29.marketo.com https://app.pendo.io https://feedback.us.pendo.io https://portal.feedback.us.pendo.io; base-uri 'self'; frame-ancestors https://app.pendo.io; child-src https://app.pendo.io; report-uri /_csp;
via: 1.1 de5feec87348dd5cbd158a449ae18d38.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
age: 18368
x-cache: Hit from cloudfront
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 03 Jul 2024 19:55:54 GMT
server: nginx
etag: W/"6685acca-21664"
x-frame-options: deny
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: FZRQPR8ljNuG5mJv439EnQ_Yn9RQkjn1_tGxrO04I8_VjItPQkVl3A==
expires: Fri, 05 Jul 2024 04:01:46 GMT

GET
H2 200 vendor-67465d7b8d8cedf80479ec2240dded5e1e2a0c7b529b37911ac5c5f71ce6ecfc.js Show response
preferences.bedbathandbeyond.com/assets/ 6 MB
1 MB 39ms
39ms Script
application/javascript 18.244.18.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://preferences.bedbathandbeyond.com/assets/vendor-67465d7b8d8cedf80479ec2240dded5e1e2a0c7b529b37911ac5c5f71ce6ecfc.js

Requested by

Host: preferences.bedbathandbeyond.com
URL: https://preferences.bedbathandbeyond.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.51 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-51.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

0ffafabfad0e492303065faef6246a2941196a05f122a40f3c8d4d49d06ea234

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com https://na-ab29.marketo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://ajax.cloudflare.com https://hcaptcha.com https://.hcaptcha.com https://app.pendo.io https://pendo-io-static.storage.googleapis.com https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://use.typekit.net https://apis.google.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com; style-src 'self' 'unsafe-inline' https://app-ab27.marketo.com https://app-ab29.marketo.com https://fonts.googleapis.com https://use.fontawesome.com https://hcaptcha.com https://.hcaptcha.com https://app.pendo.io https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://cdnjs.cloudflare.com https://go.forgerock.com; img-src 'self' https://*.datagrail.io https://hcaptcha.com https://cdn.pendo.io https://app.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://static.intercomassets.com data:; connect-src 'self' https://hcaptcha.com https://app.pendo.io https://data.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://api.feedback.us.pendo.io https://sentry.io https://datagrail-quarantine-production.s3.us-west-2.amazonaws.com https://datagrail-quarantine-development.s3.us-west-2.amazonaws.com https://datagrail-quarantine-staging.s3.us-west-2.amazonaws.com https://salesforce-datagrail-quarantine.s3.us-west-1.amazonaws.com https://datagrail-public-assets.s3.us-west-2.amazonaws.com https://datagrail-public-assets.s3.us-west-1.amazonaws.com; font-src 'self' https://fonts.gstatic.com https://use.fontawesome.com https://fonts.googleapis.com; object-src 'none'; media-src 'self'; frame-src 'self' https://newassets.hcaptcha.com https://go.forgerock.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://na-ab29.marketo.com https://app.pendo.io https://feedback.us.pendo.io https://portal.feedback.us.pendo.io; base-uri 'self'; frame-ancestors https://app.pendo.io; child-src https://app.pendo.io; report-uri /_csp;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	deny

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://preferences.bedbathandbeyond.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 11:11:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
content-security-policy: default-src 'self' https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com https://na-ab29.marketo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://ajax.cloudflare.com https://hcaptcha.com https://*.hcaptcha.com https://app.pendo.io https://pendo-io-static.storage.googleapis.com https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://use.typekit.net https://apis.google.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com; style-src 'self' 'unsafe-inline' https://app-ab27.marketo.com https://app-ab29.marketo.com https://fonts.googleapis.com https://use.fontawesome.com https://hcaptcha.com https://*.hcaptcha.com https://app.pendo.io https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://cdnjs.cloudflare.com https://go.forgerock.com; img-src 'self' https://*.datagrail.io https://hcaptcha.com https://cdn.pendo.io https://app.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://static.intercomassets.com data:; connect-src 'self' https://hcaptcha.com https://app.pendo.io https://data.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://api.feedback.us.pendo.io https://sentry.io https://datagrail-quarantine-production.s3.us-west-2.amazonaws.com https://datagrail-quarantine-development.s3.us-west-2.amazonaws.com https://datagrail-quarantine-staging.s3.us-west-2.amazonaws.com https://salesforce-datagrail-quarantine.s3.us-west-1.amazonaws.com https://datagrail-public-assets.s3.us-west-2.amazonaws.com https://datagrail-public-assets.s3.us-west-1.amazonaws.com; font-src 'self' https://fonts.gstatic.com https://use.fontawesome.com https://fonts.googleapis.com; object-src 'none'; media-src 'self'; frame-src 'self' https://newassets.hcaptcha.com https://go.forgerock.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://na-ab29.marketo.com https://app.pendo.io https://feedback.us.pendo.io https://portal.feedback.us.pendo.io; base-uri 'self'; frame-ancestors https://app.pendo.io; child-src https://app.pendo.io; report-uri /_csp;
via: 1.1 de5feec87348dd5cbd158a449ae18d38.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
age: 79006
x-cache: Hit from cloudfront
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 02 Jul 2024 14:41:41 GMT
server: nginx
etag: W/"668411a5-669910"
x-frame-options: deny
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: ACgb-La19Nuz99S6R699VN7zWKcgzwHDgxl48e3d1PrhkMIcRe-HRg==
expires: Thu, 04 Jul 2024 11:11:07 GMT

GET
H2 200 privacy_request_center-f923ab4f3b30e2e17fb0b404869aa7e888e6efd8a055d59e22874eb340d87916.css
preferences.bedbathandbeyond.com/assets/ 15 B
2 KB 35ms
35ms Stylesheet
text/css 18.244.18.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://preferences.bedbathandbeyond.com/assets/privacy_request_center-f923ab4f3b30e2e17fb0b404869aa7e888e6efd8a055d59e22874eb340d87916.css

Requested by

Host: preferences.bedbathandbeyond.com
URL: https://preferences.bedbathandbeyond.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.51 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-51.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

6d6068180a5c710c68c8ee0e290cb9b37b3450492d3f9e3ae46083deb152fbcf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com https://na-ab29.marketo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://ajax.cloudflare.com https://hcaptcha.com https://.hcaptcha.com https://app.pendo.io https://pendo-io-static.storage.googleapis.com https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://use.typekit.net https://apis.google.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com; style-src 'self' 'unsafe-inline' https://app-ab27.marketo.com https://app-ab29.marketo.com https://fonts.googleapis.com https://use.fontawesome.com https://hcaptcha.com https://.hcaptcha.com https://app.pendo.io https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://cdnjs.cloudflare.com https://go.forgerock.com; img-src 'self' https://*.datagrail.io https://hcaptcha.com https://cdn.pendo.io https://app.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://static.intercomassets.com data:; connect-src 'self' https://hcaptcha.com https://app.pendo.io https://data.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://api.feedback.us.pendo.io https://sentry.io https://datagrail-quarantine-production.s3.us-west-2.amazonaws.com https://datagrail-quarantine-development.s3.us-west-2.amazonaws.com https://datagrail-quarantine-staging.s3.us-west-2.amazonaws.com https://salesforce-datagrail-quarantine.s3.us-west-1.amazonaws.com https://datagrail-public-assets.s3.us-west-2.amazonaws.com https://datagrail-public-assets.s3.us-west-1.amazonaws.com; font-src 'self' https://fonts.gstatic.com https://use.fontawesome.com https://fonts.googleapis.com; object-src 'none'; media-src 'self'; frame-src 'self' https://newassets.hcaptcha.com https://go.forgerock.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://na-ab29.marketo.com https://app.pendo.io https://feedback.us.pendo.io https://portal.feedback.us.pendo.io; base-uri 'self'; frame-ancestors https://app.pendo.io; child-src https://app.pendo.io; report-uri /_csp;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	deny

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://preferences.bedbathandbeyond.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 11:11:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 de5feec87348dd5cbd158a449ae18d38.cloudfront.net (CloudFront)
content-security-policy: default-src 'self' https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com https://na-ab29.marketo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://ajax.cloudflare.com https://hcaptcha.com https://*.hcaptcha.com https://app.pendo.io https://pendo-io-static.storage.googleapis.com https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://use.typekit.net https://apis.google.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com; style-src 'self' 'unsafe-inline' https://app-ab27.marketo.com https://app-ab29.marketo.com https://fonts.googleapis.com https://use.fontawesome.com https://hcaptcha.com https://*.hcaptcha.com https://app.pendo.io https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://cdnjs.cloudflare.com https://go.forgerock.com; img-src 'self' https://*.datagrail.io https://hcaptcha.com https://cdn.pendo.io https://app.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://static.intercomassets.com data:; connect-src 'self' https://hcaptcha.com https://app.pendo.io https://data.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://api.feedback.us.pendo.io https://sentry.io https://datagrail-quarantine-production.s3.us-west-2.amazonaws.com https://datagrail-quarantine-development.s3.us-west-2.amazonaws.com https://datagrail-quarantine-staging.s3.us-west-2.amazonaws.com https://salesforce-datagrail-quarantine.s3.us-west-1.amazonaws.com https://datagrail-public-assets.s3.us-west-2.amazonaws.com https://datagrail-public-assets.s3.us-west-1.amazonaws.com; font-src 'self' https://fonts.gstatic.com https://use.fontawesome.com https://fonts.googleapis.com; object-src 'none'; media-src 'self'; frame-src 'self' https://newassets.hcaptcha.com https://go.forgerock.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://na-ab29.marketo.com https://app.pendo.io https://feedback.us.pendo.io https://portal.feedback.us.pendo.io; base-uri 'self'; frame-ancestors https://app.pendo.io; child-src https://app.pendo.io; report-uri /_csp;
x-amz-cf-pop: FRA56-P11
age: 79006
x-cache: Hit from cloudfront
content-length: 15
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 02 Jul 2024 14:41:41 GMT
server: nginx
etag: "668411a5-f"
x-frame-options: deny
content-type: text/css
cache-control: max-age=86400, public
accept-ranges: bytes
x-amz-cf-id: t-fFNAR0G_OI45JaJhX70-ymjDEnHdkfUi5bjab4sDfyJ1n4pVF2Sw==
expires: Thu, 04 Jul 2024 11:11:07 GMT

GET
H2 200 pendo.js Show response
cdn.pendo.io/agent/static/e7e7ccab-8f3d-4234-41fd-b201f1a093a9/ 479 KB
156 KB 84ms
24ms Script
application/javascript 34.36.213.229
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.pendo.io/agent/static/e7e7ccab-8f3d-4234-41fd-b201f1a093a9/pendo.js

Requested by

Host: preferences.bedbathandbeyond.com
URL: https://preferences.bedbathandbeyond.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.36.213.229 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

229.213.36.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

824239ae9347b8cd3f4b3a356907337d3e42bc1034979ff5b28be460eef46591

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://preferences.bedbathandbeyond.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 22:36:59 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
age: 37856
x-guploader-uploadid: ACJd0NogofdUb75bJFkUD2bUjdyYj8mPYQLV28omhwCrcAtpN3wD4E_977VhSfyNcFepuS73kFALnFLI8Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 159299
last-modified: Tue, 02 Jul 2024 15:15:19 GMT
server: UploadServer
etag: "9b993bc666b7105a09119565c6b90c7e"
vary: Accept-Encoding
x-goog-generation: 1719933319845708
x-goog-hash: crc32c=YAO27A==, md5=m5k7xma3EFoJEZVlxrkMfg==
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public,max-age=450
x-goog-stored-content-length: 159299
accept-ranges: bytes
content-type: application/javascript; charset=utf-8

GET
H2 401 customer Show response
preferences.bedbathandbeyond.com/api/v2/ 55 B
2 KB 462ms
461ms Fetch
application/json 18.244.18.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://preferences.bedbathandbeyond.com/api/v2/customer

Requested by

Host: preferences.bedbathandbeyond.com
URL: https://preferences.bedbathandbeyond.com/assets/vendor-67465d7b8d8cedf80479ec2240dded5e1e2a0c7b529b37911ac5c5f71ce6ecfc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.51 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-51.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

03bf49ef427c5199dc5a2e458ebcdb09bd37b137091513811dd8695aac8e2d4d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com https://na-ab29.marketo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://ajax.cloudflare.com https://hcaptcha.com https://.hcaptcha.com https://app.pendo.io https://pendo-io-static.storage.googleapis.com https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://use.typekit.net https://apis.google.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com; style-src 'self' 'unsafe-inline' https://app-ab27.marketo.com https://app-ab29.marketo.com https://fonts.googleapis.com https://use.fontawesome.com https://hcaptcha.com https://.hcaptcha.com https://app.pendo.io https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://cdnjs.cloudflare.com https://go.forgerock.com; img-src 'self' https://*.datagrail.io https://hcaptcha.com https://cdn.pendo.io https://app.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://static.intercomassets.com data:; connect-src 'self' https://hcaptcha.com https://app.pendo.io https://data.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://api.feedback.us.pendo.io https://sentry.io https://datagrail-quarantine-production.s3.us-west-2.amazonaws.com https://datagrail-quarantine-development.s3.us-west-2.amazonaws.com https://datagrail-quarantine-staging.s3.us-west-2.amazonaws.com https://salesforce-datagrail-quarantine.s3.us-west-1.amazonaws.com https://datagrail-public-assets.s3.us-west-2.amazonaws.com https://datagrail-public-assets.s3.us-west-1.amazonaws.com; font-src 'self' https://fonts.gstatic.com https://use.fontawesome.com https://fonts.googleapis.com; object-src 'none'; media-src 'self'; frame-src 'self' https://newassets.hcaptcha.com https://go.forgerock.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://na-ab29.marketo.com https://app.pendo.io https://feedback.us.pendo.io https://portal.feedback.us.pendo.io; base-uri 'self'; frame-ancestors https://app.pendo.io; child-src https://app.pendo.io; report-uri /_csp;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://preferences.bedbathandbeyond.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
authorization: Bearer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 09:07:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com https://na-ab29.marketo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://ajax.cloudflare.com https://hcaptcha.com https://*.hcaptcha.com https://app.pendo.io https://pendo-io-static.storage.googleapis.com https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://use.typekit.net https://apis.google.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com; style-src 'self' 'unsafe-inline' https://app-ab27.marketo.com https://app-ab29.marketo.com https://fonts.googleapis.com https://use.fontawesome.com https://hcaptcha.com https://*.hcaptcha.com https://app.pendo.io https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://cdnjs.cloudflare.com https://go.forgerock.com; img-src 'self' https://*.datagrail.io https://hcaptcha.com https://cdn.pendo.io https://app.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://static.intercomassets.com data:; connect-src 'self' https://hcaptcha.com https://app.pendo.io https://data.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://api.feedback.us.pendo.io https://sentry.io https://datagrail-quarantine-production.s3.us-west-2.amazonaws.com https://datagrail-quarantine-development.s3.us-west-2.amazonaws.com https://datagrail-quarantine-staging.s3.us-west-2.amazonaws.com https://salesforce-datagrail-quarantine.s3.us-west-1.amazonaws.com https://datagrail-public-assets.s3.us-west-2.amazonaws.com https://datagrail-public-assets.s3.us-west-1.amazonaws.com; font-src 'self' https://fonts.gstatic.com https://use.fontawesome.com https://fonts.googleapis.com; object-src 'none'; media-src 'self'; frame-src 'self' https://newassets.hcaptcha.com https://go.forgerock.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://na-ab29.marketo.com https://app.pendo.io https://feedback.us.pendo.io https://portal.feedback.us.pendo.io; base-uri 'self'; frame-ancestors https://app.pendo.io; child-src https://app.pendo.io; report-uri /_csp;
via: 1.1 de5feec87348dd5cbd158a449ae18d38.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA56-P11
x-cache: Error from cloudfront
x-xss-protection: 1; mode=block
x-request-id: 8c31e625-8f7c-46c9-b541-7dbefcc46b79
referrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
server: nginx
x-download-options: noopen
x-frame-options: SAMEORIGIN, deny
vary: Accept
content-type: application/json; charset=utf-8
cache-control: no-cache
x-amz-cf-id: 6vZUjiN-LDLU8shMLmR6VFnnKdZyXcb8Q8bqsksS89WUy52FEgJkrg==

GET
H2 200 e7e7ccab-8f3d-4234-41fd-b201f1a093a9
data.pendo.io/data/ptm.gif/ 42 B
103 B 313ms
253ms Image
image/gif 34.107.204.85
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://data.pendo.io/data/ptm.gif/e7e7ccab-8f3d-4234-41fd-b201f1a093a9?v=2.237.2_prod&ct=1720084075538&jzb=eJzNVWFv2zYQ_SuCPwuJozh1km8J2gHBhrVF0w9DURAn8mTdTJEaSdl1iv73Pkq26xZDMGAoNn-SyeN7794djx8-z9Ku59ntTAy7JM1uVs7q4LeRg0rSYediWc3n14v58urqclHONhIl-aDE4JB68-r3l6_Vo5L7Rkz_9vrNp3cAIK394NIU4zccYvJ6faZ9h80hWKy2KfXx9vy8D9xwYKc5ntVsakotOVPzzjuTD5zjRB98H2e3n2feGvVP-HPcqQY3WPuvlX-BEILS9Ej1wxE0TX9m7x8eXt38Jn_QW3pbcbsGVhOo43Hz4Zfm8e7i15dPj-v13YvL19njXWLkdLm8-lIea9Bxomf9v_pv_d9z58_n6IO3ORt8WXKrgVb5Hzv1_l02cS_uCPKjPgfXsHzPpriHmgJyivtRT_aUKQ2BVWNpBUmzD1r3VBZ-SDVAjWp86FTcOV0WKW7QLLzlUBY5Svk-Ia4sxCVaAwKhZWFiUA1JUH8NPLC4FQ62EoxCrdNOGYna-gjKWBYRxQ87ZU2nUiC9HqNrAS13JFYlr8RtJHFZON4q6kWlNviU7BhpvHI-qcjWqk1VFjQk31Fio7Y-rBuLopcFf0rsDNbgijSiKYl3OMuJdQ6FeF6FcTVmuGMMznaDTYKijxdZ4GpZZK1-nUgNTpChslSzVWDV7aQJuncK2Wly2ZFpKycbGPExKTAjJsKPFSPQcJSVU7BtAqenXA7qe7vXoRJ3vUVaEHJCFDklfERATLgdOSCGY-4I2UWczYRINSOJkyRk5Qlhf_r6BGTFjgPZHw0wFNvaUzCoOBbgg-qH2kpsVYQtNUE0XG-Vpp5qsYIKb0Bg9i4fDtFgJFkP2YeVmhwYFQq5Bs9h9YTvkFbvYYTw5NeJ4tPi7ws_Uv7QeyflVTHBRQiOkWPsMt_R2noQa6An316xFn0xsk8uNIMb_YM_W3n6Tt3fFvM7Vig9ifmWqvU6V2Kv-kSTAy74EQfPJlY4J7iAgUmDMl-wfCthMm5qZD02zDcAnExBaniCoTZen3zVWr9Fdh5jKcKY8S51-B41DZFhpA6c4rGNNKFtp5YEEQPVDp1TQ5__ZcCp_srRRlaTv_tZUhZ9kA3pfA0mlzRk5akhkG4w-4zfIufDbp7Vit2A4fFMaUbn3L6R95ZC-SgnN0DrA_oazxRaGTNp6v2odPAxAn0zDrGP3x6du-PUxFIGwfCbL87ny_NqXi0wGfMUBReWq7PqcnlWZfvMz3m1Lpbz02fLesqz-X_7bGV9B1XVzeLs4ga_FzeL62pRVT_FoArP-sev7odjUA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.204.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

85.204.107.34.bc.googleusercontent.com

Software

istio-envoy /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://preferences.bedbathandbeyond.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 09:07:55 GMT
via: 1.1 google
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
server: istio-envoy
access-control-max-age: 600
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: false
x-envoy-upstream-service-time: 117
access-control-allow-headers: *
content-length: 42
alt-svc: clear

GET
H2 200 e7e7ccab-8f3d-4234-41fd-b201f1a093a9 Show response
data.pendo.io/data/guide.js/ 365 B
448 B 237ms
178ms Script
application/javascript 34.107.204.85
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://data.pendo.io/data/guide.js/e7e7ccab-8f3d-4234-41fd-b201f1a093a9?id=7&jzb=eJx9VMGO4zYM_RUjZ2MySBfYYm4dtIde2i227aUoCFpiYjay5Eq0s9li_n2f7CSTHRR7s6knvsdHiv9tZi1qKf_sN08b-vDTLz_-Sr-TPu_Vj799_-HTx027YefSFG2BpFlyseSODy4NOJtyQLQ3G8vTdjtm2UuW6KQ8dOI7tp6j7-Scoq8XtriRgv_zlTNOIbSbQYw9G2-eboLqp35DVE5BcIqvwPEw8aH-SaQ_Pm5ebpJvSd7KjjxU_LP45hkiG6hsnheZONwL25SF9oEPBai_nBu5bdJkHZJ62qc8UDlH1zZWZppVTpLbpqIojQZc22g0PiIFoG3jS6Y9a6Z_J5lE4wEXe82eRs52Jq_FhVRAWdqmSLR8puAHsszuuKA7Ba0MrIEskcZZTdomyol4VLI-J7OwIH2imIyKhEDzrm14sjSwiadTysd9SCdwyCeT6BGDK7pXx6Yp4q6YuAqFeDnkJVpquhsGd4cpmJJ6yEQYrrZN1ZqOxjRFRYUUuJNAYHX9qgm6z4TqHMfqyHpUi80CfDECMzAFfhwEQC9FD5Fg25qcP9d28DiGiw4yGcaAsiDkjqiIGT4KUqx5B47ImG-1A3IuuFsJUWrNpFFNOehnwP5J3V2Sg0TJHN4a4Ln0XeLs0XEE4AONUxe09FRgS8cQDdd7cjxyp0HR4RkEmO_F5eslnrxaSJB9jXQcwUho5BE81-gd37WsMcEIldWvO8X3zb80fqF8M3t37aVicBGCS5FShsp3s7abNHjoqY9aQ8BcLOyrC_spLv7Bn5N-_krd_zbzK1YovcO8lhqSq524qL7TFJEX_MDBs5UVzikeYBZ2oKwPrL7KukSqIW4ZmNcEuGlZO3iSL8-nPrU-nVBdwrYqMGZ5SwO-F01TERjpsli5jZFjjO06kiASZA3TEGka619NuPafIs96WP297JK2GbPO7OozWF1ykFW3hkK6z2n06YSar6d2HoUkTlge32jN4ly8DPLFUihf5NQB6FPGXHuC-IidtM5-IZdTKcg-L0vs77ovsYgA-eG2NRGqSbD8Ht9tH99vd4-7d9iMdYuCC-Hdw-679w-7ap_fvLx8AaTzY74&v=2.237.2_prod&ct=1720084075540

Requested by

Host: cdn.pendo.io
URL: https://cdn.pendo.io/agent/static/e7e7ccab-8f3d-4234-41fd-b201f1a093a9/pendo.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.204.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

85.204.107.34.bc.googleusercontent.com

Software

istio-envoy /

Resource Hash

7bad35b0f66f8bb31bc523cbe7a3be98fa297ca35004b3765fa6363938b19d52

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://preferences.bedbathandbeyond.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 09:07:55 GMT
via: 1.1 google
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
server: istio-envoy
access-control-max-age: 600
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: false
x-envoy-upstream-service-time: 41
access-control-allow-headers: *
content-length: 365
alt-svc: clear

GET
H2 200 e7e7ccab-8f3d-4234-41fd-b201f1a093a9
data.pendo.io/data/guide.gif/ 42 B
304 B 204ms
145ms Image
image/gif 34.107.204.85
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://data.pendo.io/data/guide.gif/e7e7ccab-8f3d-4234-41fd-b201f1a093a9?jzb=eJwFwIEIAAAAwDDQd3-N1QABFQC5&ct=1720084075540&v=2.237.2_prod

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.204.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

85.204.107.34.bc.googleusercontent.com

Software

istio-envoy /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://preferences.bedbathandbeyond.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 09:07:55 GMT
via: 1.1 google
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
server: istio-envoy
access-control-max-age: 600
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: false
x-envoy-upstream-service-time: 8
access-control-allow-headers: *
content-length: 42
alt-svc: clear

GET
H2 200 overstock-490a7f2e9725b6901971959eabf1f72a5097c5d5bfb9f5411da863f5bc98523d.ico
preferences.bedbathandbeyond.com/assets/favicons/ 15 KB
17 KB 40ms
40ms Other
image/x-icon 18.244.18.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://preferences.bedbathandbeyond.com/assets/favicons/overstock-490a7f2e9725b6901971959eabf1f72a5097c5d5bfb9f5411da863f5bc98523d.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.51 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-51.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

f7e2933de117aad4a9d02c8f38b4fbff6d71df40a0fe811d841619944e2db358

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com https://na-ab29.marketo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://ajax.cloudflare.com https://hcaptcha.com https://.hcaptcha.com https://app.pendo.io https://pendo-io-static.storage.googleapis.com https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://use.typekit.net https://apis.google.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com; style-src 'self' 'unsafe-inline' https://app-ab27.marketo.com https://app-ab29.marketo.com https://fonts.googleapis.com https://use.fontawesome.com https://hcaptcha.com https://.hcaptcha.com https://app.pendo.io https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://cdnjs.cloudflare.com https://go.forgerock.com; img-src 'self' https://*.datagrail.io https://hcaptcha.com https://cdn.pendo.io https://app.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://static.intercomassets.com data:; connect-src 'self' https://hcaptcha.com https://app.pendo.io https://data.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://api.feedback.us.pendo.io https://sentry.io https://datagrail-quarantine-production.s3.us-west-2.amazonaws.com https://datagrail-quarantine-development.s3.us-west-2.amazonaws.com https://datagrail-quarantine-staging.s3.us-west-2.amazonaws.com https://salesforce-datagrail-quarantine.s3.us-west-1.amazonaws.com https://datagrail-public-assets.s3.us-west-2.amazonaws.com https://datagrail-public-assets.s3.us-west-1.amazonaws.com; font-src 'self' https://fonts.gstatic.com https://use.fontawesome.com https://fonts.googleapis.com; object-src 'none'; media-src 'self'; frame-src 'self' https://newassets.hcaptcha.com https://go.forgerock.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://na-ab29.marketo.com https://app.pendo.io https://feedback.us.pendo.io https://portal.feedback.us.pendo.io; base-uri 'self'; frame-ancestors https://app.pendo.io; child-src https://app.pendo.io; report-uri /_csp;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	deny

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://preferences.bedbathandbeyond.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 17:52:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 de5feec87348dd5cbd158a449ae18d38.cloudfront.net (CloudFront)
content-security-policy: default-src 'self' https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com https://na-ab29.marketo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://ajax.cloudflare.com https://hcaptcha.com https://*.hcaptcha.com https://app.pendo.io https://pendo-io-static.storage.googleapis.com https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://use.typekit.net https://apis.google.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com; style-src 'self' 'unsafe-inline' https://app-ab27.marketo.com https://app-ab29.marketo.com https://fonts.googleapis.com https://use.fontawesome.com https://hcaptcha.com https://*.hcaptcha.com https://app.pendo.io https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://cdnjs.cloudflare.com https://go.forgerock.com; img-src 'self' https://*.datagrail.io https://hcaptcha.com https://cdn.pendo.io https://app.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://static.intercomassets.com data:; connect-src 'self' https://hcaptcha.com https://app.pendo.io https://data.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://api.feedback.us.pendo.io https://sentry.io https://datagrail-quarantine-production.s3.us-west-2.amazonaws.com https://datagrail-quarantine-development.s3.us-west-2.amazonaws.com https://datagrail-quarantine-staging.s3.us-west-2.amazonaws.com https://salesforce-datagrail-quarantine.s3.us-west-1.amazonaws.com https://datagrail-public-assets.s3.us-west-2.amazonaws.com https://datagrail-public-assets.s3.us-west-1.amazonaws.com; font-src 'self' https://fonts.gstatic.com https://use.fontawesome.com https://fonts.googleapis.com; object-src 'none'; media-src 'self'; frame-src 'self' https://newassets.hcaptcha.com https://go.forgerock.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://na-ab29.marketo.com https://app.pendo.io https://feedback.us.pendo.io https://portal.feedback.us.pendo.io; base-uri 'self'; frame-ancestors https://app.pendo.io; child-src https://app.pendo.io; report-uri /_csp;
x-amz-cf-pop: FRA56-P11
age: 54921
x-cache: Hit from cloudfront
content-length: 15406
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 02 Jul 2024 14:41:41 GMT
server: nginx
etag: "668411a5-3c2e"
x-frame-options: deny
content-type: image/x-icon
cache-control: max-age=86400, public
accept-ranges: bytes
x-amz-cf-id: i5b4lhIM9YMhFk2mpbYlCqBcmT4490Bi_h_EjVkhRJ9vrfbjRzIDmQ==
expires: Thu, 04 Jul 2024 17:52:34 GMT

POST
H2 200 tokens Show response
preferences.bedbathandbeyond.com/api/v2/ 562 B
3 KB 527ms
527ms Fetch
application/json 18.244.18.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://preferences.bedbathandbeyond.com/api/v2/tokens

Requested by

Host: preferences.bedbathandbeyond.com
URL: https://preferences.bedbathandbeyond.com/assets/PrivacyRequestCenterPack-437002c703f380754d7fe930fc3ec039848f3e6e3f2fa8718e0fbcffa3b0cab5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.51 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-51.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

a59bee3eab88143a42c05ffded2273516c6406a170437e63706eb27ea3bc0231

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com https://na-ab29.marketo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://ajax.cloudflare.com https://hcaptcha.com https://.hcaptcha.com https://app.pendo.io https://pendo-io-static.storage.googleapis.com https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://use.typekit.net https://apis.google.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com; style-src 'self' 'unsafe-inline' https://app-ab27.marketo.com https://app-ab29.marketo.com https://fonts.googleapis.com https://use.fontawesome.com https://hcaptcha.com https://.hcaptcha.com https://app.pendo.io https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://cdnjs.cloudflare.com https://go.forgerock.com; img-src 'self' https://*.datagrail.io https://hcaptcha.com https://cdn.pendo.io https://app.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://static.intercomassets.com data:; connect-src 'self' https://hcaptcha.com https://app.pendo.io https://data.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://api.feedback.us.pendo.io https://sentry.io https://datagrail-quarantine-production.s3.us-west-2.amazonaws.com https://datagrail-quarantine-development.s3.us-west-2.amazonaws.com https://datagrail-quarantine-staging.s3.us-west-2.amazonaws.com https://salesforce-datagrail-quarantine.s3.us-west-1.amazonaws.com https://datagrail-public-assets.s3.us-west-2.amazonaws.com https://datagrail-public-assets.s3.us-west-1.amazonaws.com; font-src 'self' https://fonts.gstatic.com https://use.fontawesome.com https://fonts.googleapis.com; object-src 'none'; media-src 'self'; frame-src 'self' https://newassets.hcaptcha.com https://go.forgerock.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://na-ab29.marketo.com https://app.pendo.io https://feedback.us.pendo.io https://portal.feedback.us.pendo.io; base-uri 'self'; frame-ancestors https://app.pendo.io; child-src https://app.pendo.io; report-uri /_csp;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-CSRF-TOKEN: 6G89gmviIG3gUth6S4B46gRuxBlV9RBEaQc816LymxgfoNUaGHA4BJVwlqeWGEPNH-RAga1i2aMQsoxFuFg2qA
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://preferences.bedbathandbeyond.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 09:07:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com https://na-ab29.marketo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://ajax.cloudflare.com https://hcaptcha.com https://*.hcaptcha.com https://app.pendo.io https://pendo-io-static.storage.googleapis.com https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://use.typekit.net https://apis.google.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com; style-src 'self' 'unsafe-inline' https://app-ab27.marketo.com https://app-ab29.marketo.com https://fonts.googleapis.com https://use.fontawesome.com https://hcaptcha.com https://*.hcaptcha.com https://app.pendo.io https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://cdnjs.cloudflare.com https://go.forgerock.com; img-src 'self' https://*.datagrail.io https://hcaptcha.com https://cdn.pendo.io https://app.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://static.intercomassets.com data:; connect-src 'self' https://hcaptcha.com https://app.pendo.io https://data.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://api.feedback.us.pendo.io https://sentry.io https://datagrail-quarantine-production.s3.us-west-2.amazonaws.com https://datagrail-quarantine-development.s3.us-west-2.amazonaws.com https://datagrail-quarantine-staging.s3.us-west-2.amazonaws.com https://salesforce-datagrail-quarantine.s3.us-west-1.amazonaws.com https://datagrail-public-assets.s3.us-west-2.amazonaws.com https://datagrail-public-assets.s3.us-west-1.amazonaws.com; font-src 'self' https://fonts.gstatic.com https://use.fontawesome.com https://fonts.googleapis.com; object-src 'none'; media-src 'self'; frame-src 'self' https://newassets.hcaptcha.com https://go.forgerock.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://na-ab29.marketo.com https://app.pendo.io https://feedback.us.pendo.io https://portal.feedback.us.pendo.io; base-uri 'self'; frame-ancestors https://app.pendo.io; child-src https://app.pendo.io; report-uri /_csp;
via: 1.1 de5feec87348dd5cbd158a449ae18d38.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA56-P11
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
x-request-id: f12c03d4-b523-4742-b987-638aa4d20d5e
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
server: nginx
etag: W/"a59bee3eab88143a42c05ffded227351"
x-download-options: noopen
x-frame-options: SAMEORIGIN, deny
vary: Accept
content-type: application/json; charset=utf-8
cache-control: max-age=0, private, must-revalidate, no-store, no-cache, max-age=0
x-amz-cf-id: hniqv24E5wsToECFTN8OtkgM6PFCbM9ImVNfmbVbeQ1--eLyCMu_ag==

GET
H2 200 customer Show response
preferences.bedbathandbeyond.com/api/v2/ 341 B
3 KB 527ms
527ms Fetch
application/json 18.244.18.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://preferences.bedbathandbeyond.com/api/v2/customer

Requested by

Host: preferences.bedbathandbeyond.com
URL: https://preferences.bedbathandbeyond.com/assets/vendor-67465d7b8d8cedf80479ec2240dded5e1e2a0c7b529b37911ac5c5f71ce6ecfc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.51 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-51.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

62a67168608078e9ef3dd618f03deb15256cffece6248ec6b88a5b33578bcff9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com https://na-ab29.marketo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://ajax.cloudflare.com https://hcaptcha.com https://.hcaptcha.com https://app.pendo.io https://pendo-io-static.storage.googleapis.com https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://use.typekit.net https://apis.google.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com; style-src 'self' 'unsafe-inline' https://app-ab27.marketo.com https://app-ab29.marketo.com https://fonts.googleapis.com https://use.fontawesome.com https://hcaptcha.com https://.hcaptcha.com https://app.pendo.io https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://cdnjs.cloudflare.com https://go.forgerock.com; img-src 'self' https://*.datagrail.io https://hcaptcha.com https://cdn.pendo.io https://app.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://static.intercomassets.com data:; connect-src 'self' https://hcaptcha.com https://app.pendo.io https://data.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://api.feedback.us.pendo.io https://sentry.io https://datagrail-quarantine-production.s3.us-west-2.amazonaws.com https://datagrail-quarantine-development.s3.us-west-2.amazonaws.com https://datagrail-quarantine-staging.s3.us-west-2.amazonaws.com https://salesforce-datagrail-quarantine.s3.us-west-1.amazonaws.com https://datagrail-public-assets.s3.us-west-2.amazonaws.com https://datagrail-public-assets.s3.us-west-1.amazonaws.com; font-src 'self' https://fonts.gstatic.com https://use.fontawesome.com https://fonts.googleapis.com; object-src 'none'; media-src 'self'; frame-src 'self' https://newassets.hcaptcha.com https://go.forgerock.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://na-ab29.marketo.com https://app.pendo.io https://feedback.us.pendo.io https://portal.feedback.us.pendo.io; base-uri 'self'; frame-ancestors https://app.pendo.io; child-src https://app.pendo.io; report-uri /_csp;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://preferences.bedbathandbeyond.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJkYXRhZ3JhaWwiLCJzdWIiOjEzMCwiYXVkIjoiaW50YWtlX2Zvcm0iLCJzY29wZSI6WyJjdXN0b21lcjpyZWFkIiwicHJpdmFjeV9yZXF1ZXN0X3BvbGljeTpyZWFkIiwiZGF0YV9zdWJqZWN0X3JlbGF0aW9uc2hpcF9vcHRpb246cmVhZCIsInByaXZhY3lfcmVxdWVzdDpyZWFkIiwicHJpdmFjeV9yZXF1ZXN0OmNyZWF0ZSIsImxvY2F0aW9uOnJlYWQiLCJwcml2YWN5X3JpZ2h0OnJlYWQiLCJjYXB0Y2hhOnJlYWQiLCJvcHRfb3V0OmNyZWF0ZSIsImxvY2F0aW9uczpyZWFkIiwicHJpdmFjeV9yZXF1ZXN0X2NlbnRlcl9jb250ZW50OnJlYWQiXSwiZXhwIjoxNzIwMDg3Njc2fQ.-Fj2ii21LabCJbLiSqsQdHF8iSwXeCgOWxFGf8Uxysk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 09:07:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com https://na-ab29.marketo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://ajax.cloudflare.com https://hcaptcha.com https://*.hcaptcha.com https://app.pendo.io https://pendo-io-static.storage.googleapis.com https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://use.typekit.net https://apis.google.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com; style-src 'self' 'unsafe-inline' https://app-ab27.marketo.com https://app-ab29.marketo.com https://fonts.googleapis.com https://use.fontawesome.com https://hcaptcha.com https://*.hcaptcha.com https://app.pendo.io https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://cdnjs.cloudflare.com https://go.forgerock.com; img-src 'self' https://*.datagrail.io https://hcaptcha.com https://cdn.pendo.io https://app.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://static.intercomassets.com data:; connect-src 'self' https://hcaptcha.com https://app.pendo.io https://data.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://api.feedback.us.pendo.io https://sentry.io https://datagrail-quarantine-production.s3.us-west-2.amazonaws.com https://datagrail-quarantine-development.s3.us-west-2.amazonaws.com https://datagrail-quarantine-staging.s3.us-west-2.amazonaws.com https://salesforce-datagrail-quarantine.s3.us-west-1.amazonaws.com https://datagrail-public-assets.s3.us-west-2.amazonaws.com https://datagrail-public-assets.s3.us-west-1.amazonaws.com; font-src 'self' https://fonts.gstatic.com https://use.fontawesome.com https://fonts.googleapis.com; object-src 'none'; media-src 'self'; frame-src 'self' https://newassets.hcaptcha.com https://go.forgerock.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://na-ab29.marketo.com https://app.pendo.io https://feedback.us.pendo.io https://portal.feedback.us.pendo.io; base-uri 'self'; frame-ancestors https://app.pendo.io; child-src https://app.pendo.io; report-uri /_csp;
via: 1.1 de5feec87348dd5cbd158a449ae18d38.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA56-P11
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
x-request-id: 79694812-39e8-41ff-aae3-a745f9ace2f3
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
server: nginx
etag: W/"62a67168608078e9ef3dd618f03deb15"
x-download-options: noopen
x-frame-options: SAMEORIGIN, deny
vary: Accept
content-type: application/json; charset=utf-8
cache-control: max-age=0, private, must-revalidate, no-store, no-cache, max-age=0
x-amz-cf-id: LabXVO9AU5JtNp8oNrRWseshWwkvLf_Tqgx2peLU6lBCqZzAX1q_Ng==

GET
H2 200 privacy.overstock.com.png
assets-production.datagrail.io/ 10 KB
10 KB 111ms
38ms Image
binary/octet-stream 13.32.27.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-production.datagrail.io/privacy.overstock.com.png?versionId=RWnwBrDVlo96EsVTMlj3GaU_u6jI1BWd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-32.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5baed9280641a20fdb7bd79c8ba2618f95bb25974ef991dc322ec9e76794f59e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://preferences.bedbathandbeyond.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 17:52:37 GMT
x-amz-version-id: RWnwBrDVlo96EsVTMlj3GaU_u6jI1BWd
via: 1.1 b25bc331cb2e5e7e25d9488f5ecdc940.cloudfront.net (CloudFront)
last-modified: Wed, 02 Aug 2023 19:53:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 54921
etag: "833ecae7d9528835ba18735f9df5c933"
x-amz-server-side-encryption: AES256
vary: Origin
x-cache: Hit from cloudfront
content-type: binary/octet-stream
accept-ranges: bytes
content-length: 10127
x-amz-cf-id: r2mPgOZuijjiY6WVUADbwUK4_QtzOuMzcfGGh10d3nLg_AQzIv1xJw==

GET
H2 200 datagrail_logo_color_crop.svg
assets-production.datagrail.io/ 3 KB
2 KB 116ms
43ms Image
image/svg+xml 13.32.27.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-production.datagrail.io/datagrail_logo_color_crop.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-32.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 00b48794a2d29755e92bd80a14068848dc3aaa7ffc2b296ab0a2b722e5b3ddb3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://preferences.bedbathandbeyond.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 4a_MyvcLv5bmJNTkvFu7vtQ2WCd0CGef
content-encoding: gzip
via: 1.1 b25bc331cb2e5e7e25d9488f5ecdc940.cloudfront.net (CloudFront)
date: Thu, 04 Jul 2024 09:07:57 GMT
last-modified: Thu, 25 Aug 2022 20:31:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 14714
etag: W/"dac9b69af14b9f6bf1c5734a6254fb3b"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: JWlDdJ08fLy3J6XZRwB9yxZVmjt6QQzZbrm_d0Jdi4GJal6HwvVJFA==

GET
H2 200 proximanova-regular-c2d1ed4087efcde00df3.digested.woff2
preferences.bedbathandbeyond.com/assets/ 15 KB
17 KB 28ms
28ms Font
application/octet-stream 18.244.18.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://preferences.bedbathandbeyond.com/assets/proximanova-regular-c2d1ed4087efcde00df3.digested.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.51 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-51.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

8ee4963493284eb7fd3add19adf8047f432cdc87525b5828d121ed9aca167dd7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com https://na-ab29.marketo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://ajax.cloudflare.com https://hcaptcha.com https://.hcaptcha.com https://app.pendo.io https://pendo-io-static.storage.googleapis.com https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://use.typekit.net https://apis.google.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com; style-src 'self' 'unsafe-inline' https://app-ab27.marketo.com https://app-ab29.marketo.com https://fonts.googleapis.com https://use.fontawesome.com https://hcaptcha.com https://.hcaptcha.com https://app.pendo.io https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://cdnjs.cloudflare.com https://go.forgerock.com; img-src 'self' https://*.datagrail.io https://hcaptcha.com https://cdn.pendo.io https://app.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://static.intercomassets.com data:; connect-src 'self' https://hcaptcha.com https://app.pendo.io https://data.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://api.feedback.us.pendo.io https://sentry.io https://datagrail-quarantine-production.s3.us-west-2.amazonaws.com https://datagrail-quarantine-development.s3.us-west-2.amazonaws.com https://datagrail-quarantine-staging.s3.us-west-2.amazonaws.com https://salesforce-datagrail-quarantine.s3.us-west-1.amazonaws.com https://datagrail-public-assets.s3.us-west-2.amazonaws.com https://datagrail-public-assets.s3.us-west-1.amazonaws.com; font-src 'self' https://fonts.gstatic.com https://use.fontawesome.com https://fonts.googleapis.com; object-src 'none'; media-src 'self'; frame-src 'self' https://newassets.hcaptcha.com https://go.forgerock.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://na-ab29.marketo.com https://app.pendo.io https://feedback.us.pendo.io https://portal.feedback.us.pendo.io; base-uri 'self'; frame-ancestors https://app.pendo.io; child-src https://app.pendo.io; report-uri /_csp;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	deny

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://preferences.bedbathandbeyond.com/
Origin: https://preferences.bedbathandbeyond.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 17:52:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 de5feec87348dd5cbd158a449ae18d38.cloudfront.net (CloudFront)
content-security-policy: default-src 'self' https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com https://na-ab29.marketo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://ajax.cloudflare.com https://hcaptcha.com https://*.hcaptcha.com https://app.pendo.io https://pendo-io-static.storage.googleapis.com https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://use.typekit.net https://apis.google.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com; style-src 'self' 'unsafe-inline' https://app-ab27.marketo.com https://app-ab29.marketo.com https://fonts.googleapis.com https://use.fontawesome.com https://hcaptcha.com https://*.hcaptcha.com https://app.pendo.io https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://cdnjs.cloudflare.com https://go.forgerock.com; img-src 'self' https://*.datagrail.io https://hcaptcha.com https://cdn.pendo.io https://app.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://static.intercomassets.com data:; connect-src 'self' https://hcaptcha.com https://app.pendo.io https://data.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://api.feedback.us.pendo.io https://sentry.io https://datagrail-quarantine-production.s3.us-west-2.amazonaws.com https://datagrail-quarantine-development.s3.us-west-2.amazonaws.com https://datagrail-quarantine-staging.s3.us-west-2.amazonaws.com https://salesforce-datagrail-quarantine.s3.us-west-1.amazonaws.com https://datagrail-public-assets.s3.us-west-2.amazonaws.com https://datagrail-public-assets.s3.us-west-1.amazonaws.com; font-src 'self' https://fonts.gstatic.com https://use.fontawesome.com https://fonts.googleapis.com; object-src 'none'; media-src 'self'; frame-src 'self' https://newassets.hcaptcha.com https://go.forgerock.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://na-ab29.marketo.com https://app.pendo.io https://feedback.us.pendo.io https://portal.feedback.us.pendo.io; base-uri 'self'; frame-ancestors https://app.pendo.io; child-src https://app.pendo.io; report-uri /_csp;
x-amz-cf-pop: FRA56-P11
age: 54919
x-cache: Hit from cloudfront
content-length: 14892
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 02 Jul 2024 14:41:41 GMT
server: nginx
etag: "668411a5-3a2c"
x-frame-options: deny
content-type: application/octet-stream
cache-control: max-age=86400, public
accept-ranges: bytes
x-amz-cf-id: IvLZJ_lc4oQWVYmvwhU_OF55pTho5XZCNT4xPM2MOd3PLbUbvR6sog==
expires: Thu, 04 Jul 2024 17:52:37 GMT

GET
H2 200 privacy_request_center_content Show response
preferences.bedbathandbeyond.com/api/v2/ 2 KB
4 KB 642ms
642ms Fetch
application/json 18.244.18.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://preferences.bedbathandbeyond.com/api/v2/privacy_request_center_content?page=landing_page

Requested by

Host: preferences.bedbathandbeyond.com
URL: https://preferences.bedbathandbeyond.com/assets/vendor-67465d7b8d8cedf80479ec2240dded5e1e2a0c7b529b37911ac5c5f71ce6ecfc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.51 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-51.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

d20e20ecdce02ff2ebfdd570d4941fa439f60f51d46769312c3d61c4cc028620

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com https://na-ab29.marketo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://ajax.cloudflare.com https://hcaptcha.com https://.hcaptcha.com https://app.pendo.io https://pendo-io-static.storage.googleapis.com https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://use.typekit.net https://apis.google.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com; style-src 'self' 'unsafe-inline' https://app-ab27.marketo.com https://app-ab29.marketo.com https://fonts.googleapis.com https://use.fontawesome.com https://hcaptcha.com https://.hcaptcha.com https://app.pendo.io https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://cdnjs.cloudflare.com https://go.forgerock.com; img-src 'self' https://*.datagrail.io https://hcaptcha.com https://cdn.pendo.io https://app.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://static.intercomassets.com data:; connect-src 'self' https://hcaptcha.com https://app.pendo.io https://data.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://api.feedback.us.pendo.io https://sentry.io https://datagrail-quarantine-production.s3.us-west-2.amazonaws.com https://datagrail-quarantine-development.s3.us-west-2.amazonaws.com https://datagrail-quarantine-staging.s3.us-west-2.amazonaws.com https://salesforce-datagrail-quarantine.s3.us-west-1.amazonaws.com https://datagrail-public-assets.s3.us-west-2.amazonaws.com https://datagrail-public-assets.s3.us-west-1.amazonaws.com; font-src 'self' https://fonts.gstatic.com https://use.fontawesome.com https://fonts.googleapis.com; object-src 'none'; media-src 'self'; frame-src 'self' https://newassets.hcaptcha.com https://go.forgerock.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://na-ab29.marketo.com https://app.pendo.io https://feedback.us.pendo.io https://portal.feedback.us.pendo.io; base-uri 'self'; frame-ancestors https://app.pendo.io; child-src https://app.pendo.io; report-uri /_csp;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://preferences.bedbathandbeyond.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJkYXRhZ3JhaWwiLCJzdWIiOjEzMCwiYXVkIjoiaW50YWtlX2Zvcm0iLCJzY29wZSI6WyJjdXN0b21lcjpyZWFkIiwicHJpdmFjeV9yZXF1ZXN0X3BvbGljeTpyZWFkIiwiZGF0YV9zdWJqZWN0X3JlbGF0aW9uc2hpcF9vcHRpb246cmVhZCIsInByaXZhY3lfcmVxdWVzdDpyZWFkIiwicHJpdmFjeV9yZXF1ZXN0OmNyZWF0ZSIsImxvY2F0aW9uOnJlYWQiLCJwcml2YWN5X3JpZ2h0OnJlYWQiLCJjYXB0Y2hhOnJlYWQiLCJvcHRfb3V0OmNyZWF0ZSIsImxvY2F0aW9uczpyZWFkIiwicHJpdmFjeV9yZXF1ZXN0X2NlbnRlcl9jb250ZW50OnJlYWQiXSwiZXhwIjoxNzIwMDg3Njc2fQ.-Fj2ii21LabCJbLiSqsQdHF8iSwXeCgOWxFGf8Uxysk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 09:07:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com https://na-ab29.marketo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://ajax.cloudflare.com https://hcaptcha.com https://*.hcaptcha.com https://app.pendo.io https://pendo-io-static.storage.googleapis.com https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://use.typekit.net https://apis.google.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com; style-src 'self' 'unsafe-inline' https://app-ab27.marketo.com https://app-ab29.marketo.com https://fonts.googleapis.com https://use.fontawesome.com https://hcaptcha.com https://*.hcaptcha.com https://app.pendo.io https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://cdnjs.cloudflare.com https://go.forgerock.com; img-src 'self' https://*.datagrail.io https://hcaptcha.com https://cdn.pendo.io https://app.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://static.intercomassets.com data:; connect-src 'self' https://hcaptcha.com https://app.pendo.io https://data.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://api.feedback.us.pendo.io https://sentry.io https://datagrail-quarantine-production.s3.us-west-2.amazonaws.com https://datagrail-quarantine-development.s3.us-west-2.amazonaws.com https://datagrail-quarantine-staging.s3.us-west-2.amazonaws.com https://salesforce-datagrail-quarantine.s3.us-west-1.amazonaws.com https://datagrail-public-assets.s3.us-west-2.amazonaws.com https://datagrail-public-assets.s3.us-west-1.amazonaws.com; font-src 'self' https://fonts.gstatic.com https://use.fontawesome.com https://fonts.googleapis.com; object-src 'none'; media-src 'self'; frame-src 'self' https://newassets.hcaptcha.com https://go.forgerock.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://na-ab29.marketo.com https://app.pendo.io https://feedback.us.pendo.io https://portal.feedback.us.pendo.io; base-uri 'self'; frame-ancestors https://app.pendo.io; child-src https://app.pendo.io; report-uri /_csp;
via: 1.1 de5feec87348dd5cbd158a449ae18d38.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA56-P11
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
x-request-id: 17ef5a4f-1562-43e9-8bd0-d43f40a5a3e2
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
server: nginx
etag: W/"d20e20ecdce02ff2ebfdd570d4941fa4"
x-download-options: noopen
x-frame-options: SAMEORIGIN, deny
vary: Accept
content-type: application/json; charset=utf-8
cache-control: max-age=0, private, must-revalidate, no-store, no-cache, max-age=0
x-amz-cf-id: Mr82Ua6fwBiQNk8eFSPZpdfdzfcAnD8ej2CV-mhiZ5pph3zNNv1gIw==

GET
H2 200 location Show response
preferences.bedbathandbeyond.com/api/v2/ 31 B
2 KB 506ms
506ms Fetch
application/json 18.244.18.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://preferences.bedbathandbeyond.com/api/v2/location

Requested by

Host: preferences.bedbathandbeyond.com
URL: https://preferences.bedbathandbeyond.com/assets/vendor-67465d7b8d8cedf80479ec2240dded5e1e2a0c7b529b37911ac5c5f71ce6ecfc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.51 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-51.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

41a4070c0266fdc31705ce9601c63d37fd65730f891ad30b21333cae2be53f2c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com https://na-ab29.marketo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://ajax.cloudflare.com https://hcaptcha.com https://.hcaptcha.com https://app.pendo.io https://pendo-io-static.storage.googleapis.com https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://use.typekit.net https://apis.google.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com; style-src 'self' 'unsafe-inline' https://app-ab27.marketo.com https://app-ab29.marketo.com https://fonts.googleapis.com https://use.fontawesome.com https://hcaptcha.com https://.hcaptcha.com https://app.pendo.io https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://cdnjs.cloudflare.com https://go.forgerock.com; img-src 'self' https://*.datagrail.io https://hcaptcha.com https://cdn.pendo.io https://app.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://static.intercomassets.com data:; connect-src 'self' https://hcaptcha.com https://app.pendo.io https://data.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://api.feedback.us.pendo.io https://sentry.io https://datagrail-quarantine-production.s3.us-west-2.amazonaws.com https://datagrail-quarantine-development.s3.us-west-2.amazonaws.com https://datagrail-quarantine-staging.s3.us-west-2.amazonaws.com https://salesforce-datagrail-quarantine.s3.us-west-1.amazonaws.com https://datagrail-public-assets.s3.us-west-2.amazonaws.com https://datagrail-public-assets.s3.us-west-1.amazonaws.com; font-src 'self' https://fonts.gstatic.com https://use.fontawesome.com https://fonts.googleapis.com; object-src 'none'; media-src 'self'; frame-src 'self' https://newassets.hcaptcha.com https://go.forgerock.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://na-ab29.marketo.com https://app.pendo.io https://feedback.us.pendo.io https://portal.feedback.us.pendo.io; base-uri 'self'; frame-ancestors https://app.pendo.io; child-src https://app.pendo.io; report-uri /_csp;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://preferences.bedbathandbeyond.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJkYXRhZ3JhaWwiLCJzdWIiOjEzMCwiYXVkIjoiaW50YWtlX2Zvcm0iLCJzY29wZSI6WyJjdXN0b21lcjpyZWFkIiwicHJpdmFjeV9yZXF1ZXN0X3BvbGljeTpyZWFkIiwiZGF0YV9zdWJqZWN0X3JlbGF0aW9uc2hpcF9vcHRpb246cmVhZCIsInByaXZhY3lfcmVxdWVzdDpyZWFkIiwicHJpdmFjeV9yZXF1ZXN0OmNyZWF0ZSIsImxvY2F0aW9uOnJlYWQiLCJwcml2YWN5X3JpZ2h0OnJlYWQiLCJjYXB0Y2hhOnJlYWQiLCJvcHRfb3V0OmNyZWF0ZSIsImxvY2F0aW9uczpyZWFkIiwicHJpdmFjeV9yZXF1ZXN0X2NlbnRlcl9jb250ZW50OnJlYWQiXSwiZXhwIjoxNzIwMDg3Njc2fQ.-Fj2ii21LabCJbLiSqsQdHF8iSwXeCgOWxFGf8Uxysk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 09:07:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com https://na-ab29.marketo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://ajax.cloudflare.com https://hcaptcha.com https://*.hcaptcha.com https://app.pendo.io https://pendo-io-static.storage.googleapis.com https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://use.typekit.net https://apis.google.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com; style-src 'self' 'unsafe-inline' https://app-ab27.marketo.com https://app-ab29.marketo.com https://fonts.googleapis.com https://use.fontawesome.com https://hcaptcha.com https://*.hcaptcha.com https://app.pendo.io https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://cdnjs.cloudflare.com https://go.forgerock.com; img-src 'self' https://*.datagrail.io https://hcaptcha.com https://cdn.pendo.io https://app.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://static.intercomassets.com data:; connect-src 'self' https://hcaptcha.com https://app.pendo.io https://data.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://api.feedback.us.pendo.io https://sentry.io https://datagrail-quarantine-production.s3.us-west-2.amazonaws.com https://datagrail-quarantine-development.s3.us-west-2.amazonaws.com https://datagrail-quarantine-staging.s3.us-west-2.amazonaws.com https://salesforce-datagrail-quarantine.s3.us-west-1.amazonaws.com https://datagrail-public-assets.s3.us-west-2.amazonaws.com https://datagrail-public-assets.s3.us-west-1.amazonaws.com; font-src 'self' https://fonts.gstatic.com https://use.fontawesome.com https://fonts.googleapis.com; object-src 'none'; media-src 'self'; frame-src 'self' https://newassets.hcaptcha.com https://go.forgerock.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://na-ab29.marketo.com https://app.pendo.io https://feedback.us.pendo.io https://portal.feedback.us.pendo.io; base-uri 'self'; frame-ancestors https://app.pendo.io; child-src https://app.pendo.io; report-uri /_csp;
via: 1.1 de5feec87348dd5cbd158a449ae18d38.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA56-P11
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
x-request-id: 6732eb8f-c26b-4fed-97ef-e08451b6d955
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
server: nginx
etag: W/"41a4070c0266fdc31705ce9601c63d37"
x-download-options: noopen
x-frame-options: SAMEORIGIN, deny
vary: Accept
content-type: application/json; charset=utf-8
cache-control: max-age=0, private, must-revalidate, no-store, no-cache, max-age=0
x-amz-cf-id: gnsLPV7Pn8uKMnJgmkYQFzKAJHQvNao_TyqXAty0lcJqz7M9SvU3ag==

GET
H2 200 proximanova-bold-1c914fcbdaf941451b55.digested.woff2
preferences.bedbathandbeyond.com/assets/ 14 KB
16 KB 27ms
27ms Font
application/octet-stream 18.244.18.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://preferences.bedbathandbeyond.com/assets/proximanova-bold-1c914fcbdaf941451b55.digested.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.51 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-51.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

1016b6483b47723fc9f4e0ffea6c8ea8172c7f0185cef110ba7ee9603850dd50

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com https://na-ab29.marketo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://ajax.cloudflare.com https://hcaptcha.com https://.hcaptcha.com https://app.pendo.io https://pendo-io-static.storage.googleapis.com https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://use.typekit.net https://apis.google.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com; style-src 'self' 'unsafe-inline' https://app-ab27.marketo.com https://app-ab29.marketo.com https://fonts.googleapis.com https://use.fontawesome.com https://hcaptcha.com https://.hcaptcha.com https://app.pendo.io https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://cdnjs.cloudflare.com https://go.forgerock.com; img-src 'self' https://*.datagrail.io https://hcaptcha.com https://cdn.pendo.io https://app.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://static.intercomassets.com data:; connect-src 'self' https://hcaptcha.com https://app.pendo.io https://data.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://api.feedback.us.pendo.io https://sentry.io https://datagrail-quarantine-production.s3.us-west-2.amazonaws.com https://datagrail-quarantine-development.s3.us-west-2.amazonaws.com https://datagrail-quarantine-staging.s3.us-west-2.amazonaws.com https://salesforce-datagrail-quarantine.s3.us-west-1.amazonaws.com https://datagrail-public-assets.s3.us-west-2.amazonaws.com https://datagrail-public-assets.s3.us-west-1.amazonaws.com; font-src 'self' https://fonts.gstatic.com https://use.fontawesome.com https://fonts.googleapis.com; object-src 'none'; media-src 'self'; frame-src 'self' https://newassets.hcaptcha.com https://go.forgerock.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://na-ab29.marketo.com https://app.pendo.io https://feedback.us.pendo.io https://portal.feedback.us.pendo.io; base-uri 'self'; frame-ancestors https://app.pendo.io; child-src https://app.pendo.io; report-uri /_csp;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	deny

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://preferences.bedbathandbeyond.com/
Origin: https://preferences.bedbathandbeyond.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 17:52:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 de5feec87348dd5cbd158a449ae18d38.cloudfront.net (CloudFront)
content-security-policy: default-src 'self' https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com https://na-ab29.marketo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://ajax.cloudflare.com https://hcaptcha.com https://*.hcaptcha.com https://app.pendo.io https://pendo-io-static.storage.googleapis.com https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://use.typekit.net https://apis.google.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com; style-src 'self' 'unsafe-inline' https://app-ab27.marketo.com https://app-ab29.marketo.com https://fonts.googleapis.com https://use.fontawesome.com https://hcaptcha.com https://*.hcaptcha.com https://app.pendo.io https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://cdnjs.cloudflare.com https://go.forgerock.com; img-src 'self' https://*.datagrail.io https://hcaptcha.com https://cdn.pendo.io https://app.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://static.intercomassets.com data:; connect-src 'self' https://hcaptcha.com https://app.pendo.io https://data.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://api.feedback.us.pendo.io https://sentry.io https://datagrail-quarantine-production.s3.us-west-2.amazonaws.com https://datagrail-quarantine-development.s3.us-west-2.amazonaws.com https://datagrail-quarantine-staging.s3.us-west-2.amazonaws.com https://salesforce-datagrail-quarantine.s3.us-west-1.amazonaws.com https://datagrail-public-assets.s3.us-west-2.amazonaws.com https://datagrail-public-assets.s3.us-west-1.amazonaws.com; font-src 'self' https://fonts.gstatic.com https://use.fontawesome.com https://fonts.googleapis.com; object-src 'none'; media-src 'self'; frame-src 'self' https://newassets.hcaptcha.com https://go.forgerock.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://na-ab29.marketo.com https://app.pendo.io https://feedback.us.pendo.io https://portal.feedback.us.pendo.io; base-uri 'self'; frame-ancestors https://app.pendo.io; child-src https://app.pendo.io; report-uri /_csp;
x-amz-cf-pop: FRA56-P11
age: 54920
x-cache: Hit from cloudfront
content-length: 14760
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 02 Jul 2024 14:41:41 GMT
server: nginx
etag: "668411a5-39a8"
x-frame-options: deny
content-type: application/octet-stream
cache-control: max-age=86400, public
accept-ranges: bytes
x-amz-cf-id: sEJ2zfBAIEeHT-hpg2UctxAAq2k0qnDMeyLZI5Knzd48QBNyqqf3Fg==
expires: Thu, 04 Jul 2024 17:52:37 GMT

GET
H2 200 locations Show response
preferences.bedbathandbeyond.com/api/v2/ 21 KB
23 KB 697ms
697ms Fetch
application/json 18.244.18.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://preferences.bedbathandbeyond.com/api/v2/locations?regions_for=&sort_by=display_name&sort_direction=asc

Requested by

Host: preferences.bedbathandbeyond.com
URL: https://preferences.bedbathandbeyond.com/assets/vendor-67465d7b8d8cedf80479ec2240dded5e1e2a0c7b529b37911ac5c5f71ce6ecfc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.51 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-51.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

5240019eb041d445b66ca9126179d98f6f6f698f105ccf8817543319cb6e9de6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com https://na-ab29.marketo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://ajax.cloudflare.com https://hcaptcha.com https://.hcaptcha.com https://app.pendo.io https://pendo-io-static.storage.googleapis.com https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://use.typekit.net https://apis.google.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com; style-src 'self' 'unsafe-inline' https://app-ab27.marketo.com https://app-ab29.marketo.com https://fonts.googleapis.com https://use.fontawesome.com https://hcaptcha.com https://.hcaptcha.com https://app.pendo.io https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://cdnjs.cloudflare.com https://go.forgerock.com; img-src 'self' https://*.datagrail.io https://hcaptcha.com https://cdn.pendo.io https://app.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://static.intercomassets.com data:; connect-src 'self' https://hcaptcha.com https://app.pendo.io https://data.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://api.feedback.us.pendo.io https://sentry.io https://datagrail-quarantine-production.s3.us-west-2.amazonaws.com https://datagrail-quarantine-development.s3.us-west-2.amazonaws.com https://datagrail-quarantine-staging.s3.us-west-2.amazonaws.com https://salesforce-datagrail-quarantine.s3.us-west-1.amazonaws.com https://datagrail-public-assets.s3.us-west-2.amazonaws.com https://datagrail-public-assets.s3.us-west-1.amazonaws.com; font-src 'self' https://fonts.gstatic.com https://use.fontawesome.com https://fonts.googleapis.com; object-src 'none'; media-src 'self'; frame-src 'self' https://newassets.hcaptcha.com https://go.forgerock.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://na-ab29.marketo.com https://app.pendo.io https://feedback.us.pendo.io https://portal.feedback.us.pendo.io; base-uri 'self'; frame-ancestors https://app.pendo.io; child-src https://app.pendo.io; report-uri /_csp;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://preferences.bedbathandbeyond.com/?locationCode=DE
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJkYXRhZ3JhaWwiLCJzdWIiOjEzMCwiYXVkIjoiaW50YWtlX2Zvcm0iLCJzY29wZSI6WyJjdXN0b21lcjpyZWFkIiwicHJpdmFjeV9yZXF1ZXN0X3BvbGljeTpyZWFkIiwiZGF0YV9zdWJqZWN0X3JlbGF0aW9uc2hpcF9vcHRpb246cmVhZCIsInByaXZhY3lfcmVxdWVzdDpyZWFkIiwicHJpdmFjeV9yZXF1ZXN0OmNyZWF0ZSIsImxvY2F0aW9uOnJlYWQiLCJwcml2YWN5X3JpZ2h0OnJlYWQiLCJjYXB0Y2hhOnJlYWQiLCJvcHRfb3V0OmNyZWF0ZSIsImxvY2F0aW9uczpyZWFkIiwicHJpdmFjeV9yZXF1ZXN0X2NlbnRlcl9jb250ZW50OnJlYWQiXSwiZXhwIjoxNzIwMDg3Njc2fQ.-Fj2ii21LabCJbLiSqsQdHF8iSwXeCgOWxFGf8Uxysk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 09:07:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com https://na-ab29.marketo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://ajax.cloudflare.com https://hcaptcha.com https://*.hcaptcha.com https://app.pendo.io https://pendo-io-static.storage.googleapis.com https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://use.typekit.net https://apis.google.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com; style-src 'self' 'unsafe-inline' https://app-ab27.marketo.com https://app-ab29.marketo.com https://fonts.googleapis.com https://use.fontawesome.com https://hcaptcha.com https://*.hcaptcha.com https://app.pendo.io https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://cdnjs.cloudflare.com https://go.forgerock.com; img-src 'self' https://*.datagrail.io https://hcaptcha.com https://cdn.pendo.io https://app.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://static.intercomassets.com data:; connect-src 'self' https://hcaptcha.com https://app.pendo.io https://data.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://api.feedback.us.pendo.io https://sentry.io https://datagrail-quarantine-production.s3.us-west-2.amazonaws.com https://datagrail-quarantine-development.s3.us-west-2.amazonaws.com https://datagrail-quarantine-staging.s3.us-west-2.amazonaws.com https://salesforce-datagrail-quarantine.s3.us-west-1.amazonaws.com https://datagrail-public-assets.s3.us-west-2.amazonaws.com https://datagrail-public-assets.s3.us-west-1.amazonaws.com; font-src 'self' https://fonts.gstatic.com https://use.fontawesome.com https://fonts.googleapis.com; object-src 'none'; media-src 'self'; frame-src 'self' https://newassets.hcaptcha.com https://go.forgerock.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://na-ab29.marketo.com https://app.pendo.io https://feedback.us.pendo.io https://portal.feedback.us.pendo.io; base-uri 'self'; frame-ancestors https://app.pendo.io; child-src https://app.pendo.io; report-uri /_csp;
via: 1.1 de5feec87348dd5cbd158a449ae18d38.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA56-P11
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
x-request-id: 2241d9c9-32f5-445b-84a0-f0c7b940e398
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
server: nginx
etag: W/"5240019eb041d445b66ca9126179d98f"
x-download-options: noopen
x-frame-options: SAMEORIGIN, deny
vary: Accept
content-type: application/json; charset=utf-8
cache-control: max-age=0, private, must-revalidate, no-store, no-cache, max-age=0
x-amz-cf-id: h6dNpisp8Bcx0CEzriTx2he5WVqQNMpBimHKCii6a1CasYh39m16UA==

GET
H2 200 privacy_request_center_content Show response
preferences.bedbathandbeyond.com/api/v2/ 2 KB
4 KB 303ms
303ms Fetch
application/json 18.244.18.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://preferences.bedbathandbeyond.com/api/v2/privacy_request_center_content?page=landing_page&location_code=DE

Requested by

Host: preferences.bedbathandbeyond.com
URL: https://preferences.bedbathandbeyond.com/assets/vendor-67465d7b8d8cedf80479ec2240dded5e1e2a0c7b529b37911ac5c5f71ce6ecfc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.51 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-51.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

c538c6823c994ca536d03ee7e9d587a571019716190a364bd7d897512b82a8c6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com https://na-ab29.marketo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://ajax.cloudflare.com https://hcaptcha.com https://.hcaptcha.com https://app.pendo.io https://pendo-io-static.storage.googleapis.com https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://use.typekit.net https://apis.google.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com; style-src 'self' 'unsafe-inline' https://app-ab27.marketo.com https://app-ab29.marketo.com https://fonts.googleapis.com https://use.fontawesome.com https://hcaptcha.com https://.hcaptcha.com https://app.pendo.io https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://cdnjs.cloudflare.com https://go.forgerock.com; img-src 'self' https://*.datagrail.io https://hcaptcha.com https://cdn.pendo.io https://app.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://static.intercomassets.com data:; connect-src 'self' https://hcaptcha.com https://app.pendo.io https://data.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://api.feedback.us.pendo.io https://sentry.io https://datagrail-quarantine-production.s3.us-west-2.amazonaws.com https://datagrail-quarantine-development.s3.us-west-2.amazonaws.com https://datagrail-quarantine-staging.s3.us-west-2.amazonaws.com https://salesforce-datagrail-quarantine.s3.us-west-1.amazonaws.com https://datagrail-public-assets.s3.us-west-2.amazonaws.com https://datagrail-public-assets.s3.us-west-1.amazonaws.com; font-src 'self' https://fonts.gstatic.com https://use.fontawesome.com https://fonts.googleapis.com; object-src 'none'; media-src 'self'; frame-src 'self' https://newassets.hcaptcha.com https://go.forgerock.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://na-ab29.marketo.com https://app.pendo.io https://feedback.us.pendo.io https://portal.feedback.us.pendo.io; base-uri 'self'; frame-ancestors https://app.pendo.io; child-src https://app.pendo.io; report-uri /_csp;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://preferences.bedbathandbeyond.com/?locationCode=DE
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJkYXRhZ3JhaWwiLCJzdWIiOjEzMCwiYXVkIjoiaW50YWtlX2Zvcm0iLCJzY29wZSI6WyJjdXN0b21lcjpyZWFkIiwicHJpdmFjeV9yZXF1ZXN0X3BvbGljeTpyZWFkIiwiZGF0YV9zdWJqZWN0X3JlbGF0aW9uc2hpcF9vcHRpb246cmVhZCIsInByaXZhY3lfcmVxdWVzdDpyZWFkIiwicHJpdmFjeV9yZXF1ZXN0OmNyZWF0ZSIsImxvY2F0aW9uOnJlYWQiLCJwcml2YWN5X3JpZ2h0OnJlYWQiLCJjYXB0Y2hhOnJlYWQiLCJvcHRfb3V0OmNyZWF0ZSIsImxvY2F0aW9uczpyZWFkIiwicHJpdmFjeV9yZXF1ZXN0X2NlbnRlcl9jb250ZW50OnJlYWQiXSwiZXhwIjoxNzIwMDg3Njc2fQ.-Fj2ii21LabCJbLiSqsQdHF8iSwXeCgOWxFGf8Uxysk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 09:07:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com https://na-ab29.marketo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://ajax.cloudflare.com https://hcaptcha.com https://*.hcaptcha.com https://app.pendo.io https://pendo-io-static.storage.googleapis.com https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://use.typekit.net https://apis.google.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com; style-src 'self' 'unsafe-inline' https://app-ab27.marketo.com https://app-ab29.marketo.com https://fonts.googleapis.com https://use.fontawesome.com https://hcaptcha.com https://*.hcaptcha.com https://app.pendo.io https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://cdnjs.cloudflare.com https://go.forgerock.com; img-src 'self' https://*.datagrail.io https://hcaptcha.com https://cdn.pendo.io https://app.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://static.intercomassets.com data:; connect-src 'self' https://hcaptcha.com https://app.pendo.io https://data.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://api.feedback.us.pendo.io https://sentry.io https://datagrail-quarantine-production.s3.us-west-2.amazonaws.com https://datagrail-quarantine-development.s3.us-west-2.amazonaws.com https://datagrail-quarantine-staging.s3.us-west-2.amazonaws.com https://salesforce-datagrail-quarantine.s3.us-west-1.amazonaws.com https://datagrail-public-assets.s3.us-west-2.amazonaws.com https://datagrail-public-assets.s3.us-west-1.amazonaws.com; font-src 'self' https://fonts.gstatic.com https://use.fontawesome.com https://fonts.googleapis.com; object-src 'none'; media-src 'self'; frame-src 'self' https://newassets.hcaptcha.com https://go.forgerock.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://na-ab29.marketo.com https://app.pendo.io https://feedback.us.pendo.io https://portal.feedback.us.pendo.io; base-uri 'self'; frame-ancestors https://app.pendo.io; child-src https://app.pendo.io; report-uri /_csp;
via: 1.1 de5feec87348dd5cbd158a449ae18d38.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA56-P11
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
x-request-id: 8b113adc-af80-47f0-9439-a020b45144f8
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
server: nginx
etag: W/"c538c6823c994ca536d03ee7e9d587a5"
x-download-options: noopen
x-frame-options: SAMEORIGIN, deny
vary: Accept
content-type: application/json; charset=utf-8
cache-control: max-age=0, private, must-revalidate, no-store, no-cache, max-age=0
x-amz-cf-id: QEC12Zibt8Mh6sl6dwVFE1ONGg3Cox4dhAmifJZYLT2fE10DyM_V5w==

GET
H2 200 e7e7ccab-8f3d-4234-41fd-b201f1a093a9
data.pendo.io/data/ptm.gif/ 42 B
103 B 159ms
159ms Image
image/gif 34.107.204.85
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://data.pendo.io/data/ptm.gif/e7e7ccab-8f3d-4234-41fd-b201f1a093a9?v=2.237.2_prod&ct=1720084078090&jzb=eJw1kG1r8jAUhv9LPovWtmgrjOEzFYJjKuuDjDFK2pzS0JcTkqObyv67R2X5lvs6585FPi-CThbETLSotBiIwuG3B5eT6TgdT8MgSOJgmgRJOhBH4w2hy43mhXy7fFts8iw3_yqj7S7Z_rxzgSpLPPT0mMEjOE9YNsMSO4YH13JaE1k_G42sgwoc9CX4YQG6UFSrXhdwwl7fFkbPLZaKDPYvqOFpseQG69B6Mbvcff8swzQejlM-kzROwjgMf3lQcTNlqpAs0h_adiDocRH_pVymr-ZD7dQuhLrh2sqpDu5QrqpsPl4vzlnTzCfRhqEH71nijtd6tenmZ7XfS1nbSN6-7ETAShE_-3UFtZBswg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.204.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

85.204.107.34.bc.googleusercontent.com

Software

istio-envoy /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://preferences.bedbathandbeyond.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 09:07:58 GMT
via: 1.1 google
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
server: istio-envoy
access-control-max-age: 600
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: false
x-envoy-upstream-service-time: 12
access-control-allow-headers: *
content-length: 42
alt-svc: clear

GET
H2 200 e7e7ccab-8f3d-4234-41fd-b201f1a093a9
data.pendo.io/data/ptm.gif/ 42 B
103 B 272ms
272ms Image
image/gif 34.107.204.85
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://data.pendo.io/data/ptm.gif/e7e7ccab-8f3d-4234-41fd-b201f1a093a9?v=2.237.2_prod&ct=1720084078090&jzb=eJxVkM2O4jAQhN_FZwThR_zdMoPZtdglBILQaLSynKSjWCG2ZTfMwoh3p4HTHN1fVXW5P78ZXhywOUOvioZ1WO7tVwAvUbc07k8GUTQdRZPxbNDvsLMOGq2XuiSH3PD1IpGZ1G-VLl063fzfUYAqCnsy-NLYM_iAtmi6hW0JnvyRpjWiC_Nez3mowIMpIHRzKHOFtTJlDhdryoehRw7nrQtsTj2pUEDVup-tohtpFIVgpnJBO83peOwwfD3YXgg--6M_VKrSAdSPH1ZetfCEYlllcX-1uGZNE4-HCcEAIWhrnnhVLpM2vqrDQYjaDQXh55UknGmdNBRDqi1P93yXyXe-zvhW_k7-crmJf_HHLS8I1H04mt7-3QEtSnU8&type=track

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.204.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

85.204.107.34.bc.googleusercontent.com

Software

istio-envoy /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://preferences.bedbathandbeyond.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 09:07:58 GMT
via: 1.1 google
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
server: istio-envoy
access-control-max-age: 600
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: false
x-envoy-upstream-service-time: 82
access-control-allow-headers: *
content-length: 42
alt-svc: clear

GET
H2 200 e7e7ccab-8f3d-4234-41fd-b201f1a093a9 Show response
data.pendo.io/data/guide.js/ 381 B
447 B 154ms
153ms Script
application/javascript 34.107.204.85
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://data.pendo.io/data/guide.js/e7e7ccab-8f3d-4234-41fd-b201f1a093a9?id=9&jzb=eJx9VMGO3DYM_RVjzsbuYhogxQJF0W1y6CVNkbaXoiBoiTNmR5ZcifZktth_z5M9OztZFLnZ1BPf4yPF_zazFrWUf_Gb-w19fP_h3a_0O-nDTv342_cfP3_atBt2Lk3RFkiaJRdL7nDj0oCzKQdEe7Ox3N_ejll2kiU6KTed-I6t5-g7OaXo64XbH0NybJriz8nLD-_eI0MK_s8XDXEKod0MYuzZeHN_EVg_9RsicwqCU3wFjvuJ9_VPIv3xafN0KeGS5HUZkYeKfxDfPEB0A9XNwyIbhzthm7LQLvC-APWXcyO3TZqsQ1JPu5QHKqfo2sbKTLPKUXLbVBSl0YBrG43GB6QAtG18ybRjzfTvJJNo3ONir9nTyNlO5LW4kAooS9sUiZZPFPxAltkdFnSnoJWBNZAl0jirSdtEORKPStbnZBYWpE8Uk1GREGjetg1PlgY28XRM-bAL6QgO-WwSPWJwRXe6dgh3xcRVKMTLPi_RUtNdMLg7TMGU1EMmwnC1barWdDCmKSoqpMCdBAKr61dN0H0iVOc4VkfWo1psFuCLEZiBKfBjLwB6KbqPBNvW5PxY28HjGM46yGQYA8qCkCuiImb4KEix5h04ImO-1A7IqeBuJUSpNZNGNeWgj4D9k7qrJHuJkjm8NsBz6bvE2aPjCMAHGqcuaOmpwJaOIRqu9-R45E6DosMzCDDfi8vPl3jyaiFB9nOk4whGQiMP4HmOXvE9lzUmGKGy-nWl-Lr558YvlK9m76q9VAwuQnApUspQ-S7WdpMGDz31kWsImIuFfXVhN8XFP_hz1Mev1P1vM79ihdIrzEupdVmgE2fVV5oi8oIfOHi2ssI5xQPMwg6U9YHVV1mXSDXELQPzkgA3LWsHT_L5-dSn1qcjqkvYXgXGLG9pwPeiaSoCI10WK5cxcoyxXUcSRIKsYRoiTWP9qwnX_lPkWferv-dd0jZj1pldfQarSw6y6tZQSPc5jT4dUfPzqZ1GIYkTlsc3WrM4F8-DfLYUyhc5dQD6lDHXniA-Yiets1_I5VQKss_LEvu77kssIkB-umxNhGoSLL-7N7d3b2-3d9s32Ix1i4IL4e3N9ru3N9tqn988PX0Bfddplw&v=2.237.2_prod&ct=1720084078091

Requested by

Host: cdn.pendo.io
URL: https://cdn.pendo.io/agent/static/e7e7ccab-8f3d-4234-41fd-b201f1a093a9/pendo.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.204.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

85.204.107.34.bc.googleusercontent.com

Software

istio-envoy /

Resource Hash

37060298a837ae8f00c856bacd0f4637edf76bb2670d768962408798cfa1f3a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://preferences.bedbathandbeyond.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 09:07:58 GMT
via: 1.1 google
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
server: istio-envoy
access-control-max-age: 600
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: false
x-envoy-upstream-service-time: 11
access-control-allow-headers: *
content-length: 381
alt-svc: clear

GET
H2 200 overstock-490a7f2e9725b6901971959eabf1f72a5097c5d5bfb9f5411da863f5bc98523d.ico
preferences.bedbathandbeyond.com/assets/favicons/ 15 KB
0 0ms
0ms Other
image/x-icon 18.244.18.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://preferences.bedbathandbeyond.com/assets/favicons/overstock-490a7f2e9725b6901971959eabf1f72a5097c5d5bfb9f5411da863f5bc98523d.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.51 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-51.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

f7e2933de117aad4a9d02c8f38b4fbff6d71df40a0fe811d841619944e2db358

Security Headers

Name

Value

Content-Security-Policy

default-src 'self' https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com https://na-ab29.marketo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://ajax.cloudflare.com https://hcaptcha.com https://*.hcaptcha.com https://app.pendo.io https://pendo-io-static.storage.googleapis.com https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://use.typekit.net https://apis.google.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com; style-src 'self' 'unsafe-inline' https://app-ab27.marketo.com https://app-ab29.marketo.com https://fonts.googleapis.com https://use.fontawesome.com https://hcaptcha.com https://*.hcaptcha.com https://app.pendo.io https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://cdnjs.cloudflare.com https://go.forgerock.com; img-src 'self' https://*.datagrail.io https://hcaptcha.com https://cdn.pendo.io https://app.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://static.intercomassets.com data:; connect-src 'self' https://hcaptcha.com https://app.pendo.io https://data.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://api.feedback.us.pendo.io https://sentry.io https://datagrail-quarantine-production.s3.us-west-2.amazonaws.com https://datagrail-quarantine-development.s3.us-west-2.amazonaws.com https://datagrail-quarantine-staging.s3.us-west-2.amazonaws.com https://salesforce-datagrail-quarantine.s3.us-west-1.amazonaws.com https://datagrail-public-assets.s3.us-west-2.amazonaws.com https://datagrail-public-assets.s3.us-west-1.amazonaws.com; font-src 'self' https://fonts.gstatic.com https://use.fontawesome.com https://fonts.googleapis.com; object-src 'none'; media-src 'self'; frame-src 'self' https://newassets.hcaptcha.com https://go.forgerock.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://na-ab29.marketo.com https://app.pendo.io https://feedback.us.pendo.io https://portal.feedback.us.pendo.io; base-uri 'self'; frame-ancestors https://app.pendo.io; child-src https://app.pendo.io; report-uri /_csp;

X-Frame-Options

deny

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://preferences.bedbathandbeyond.com/?locationCode=DE
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 17:52:34 GMT
content-security-policy: default-src 'self' https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com https://na-ab29.marketo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://ajax.cloudflare.com https://hcaptcha.com https://*.hcaptcha.com https://app.pendo.io https://pendo-io-static.storage.googleapis.com https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://use.typekit.net https://apis.google.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com; style-src 'self' 'unsafe-inline' https://app-ab27.marketo.com https://app-ab29.marketo.com https://fonts.googleapis.com https://use.fontawesome.com https://hcaptcha.com https://*.hcaptcha.com https://app.pendo.io https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://cdnjs.cloudflare.com https://go.forgerock.com; img-src 'self' https://*.datagrail.io https://hcaptcha.com https://cdn.pendo.io https://app.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://static.intercomassets.com data:; connect-src 'self' https://hcaptcha.com https://app.pendo.io https://data.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://api.feedback.us.pendo.io https://sentry.io https://datagrail-quarantine-production.s3.us-west-2.amazonaws.com https://datagrail-quarantine-development.s3.us-west-2.amazonaws.com https://datagrail-quarantine-staging.s3.us-west-2.amazonaws.com https://salesforce-datagrail-quarantine.s3.us-west-1.amazonaws.com https://datagrail-public-assets.s3.us-west-2.amazonaws.com https://datagrail-public-assets.s3.us-west-1.amazonaws.com; font-src 'self' https://fonts.gstatic.com https://use.fontawesome.com https://fonts.googleapis.com; object-src 'none'; media-src 'self'; frame-src 'self' https://newassets.hcaptcha.com https://go.forgerock.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://na-ab29.marketo.com https://app.pendo.io https://feedback.us.pendo.io https://portal.feedback.us.pendo.io; base-uri 'self'; frame-ancestors https://app.pendo.io; child-src https://app.pendo.io; report-uri /_csp;
via: 1.1 de5feec87348dd5cbd158a449ae18d38.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
age: 54921
x-cache: Hit from cloudfront
content-length: 15406
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 02 Jul 2024 14:41:41 GMT
server: nginx
etag: "668411a5-3c2e"
x-frame-options: deny
content-type: image/x-icon
cache-control: max-age=86400, public
accept-ranges: bytes
x-amz-cf-id: i5b4lhIM9YMhFk2mpbYlCqBcmT4490Bi_h_EjVkhRJ9vrfbjRzIDmQ==
expires: Thu, 04 Jul 2024 17:52:34 GMT

GET
H2 200 locations Show response
preferences.bedbathandbeyond.com/api/v2/ 123 B
2 KB 653ms
653ms Fetch
application/json 18.244.18.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://preferences.bedbathandbeyond.com/api/v2/locations?regions_for=DE&sort_by=display_name&sort_direction=asc

Requested by

Host: preferences.bedbathandbeyond.com
URL: https://preferences.bedbathandbeyond.com/assets/vendor-67465d7b8d8cedf80479ec2240dded5e1e2a0c7b529b37911ac5c5f71ce6ecfc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.51 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-51.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

4e4977140ab1c6ba2adb6f371bfa911fa119ac7fcfb261bf15ff458f4948e5f0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com https://na-ab29.marketo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://ajax.cloudflare.com https://hcaptcha.com https://.hcaptcha.com https://app.pendo.io https://pendo-io-static.storage.googleapis.com https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://use.typekit.net https://apis.google.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com; style-src 'self' 'unsafe-inline' https://app-ab27.marketo.com https://app-ab29.marketo.com https://fonts.googleapis.com https://use.fontawesome.com https://hcaptcha.com https://.hcaptcha.com https://app.pendo.io https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://cdnjs.cloudflare.com https://go.forgerock.com; img-src 'self' https://*.datagrail.io https://hcaptcha.com https://cdn.pendo.io https://app.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://static.intercomassets.com data:; connect-src 'self' https://hcaptcha.com https://app.pendo.io https://data.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://api.feedback.us.pendo.io https://sentry.io https://datagrail-quarantine-production.s3.us-west-2.amazonaws.com https://datagrail-quarantine-development.s3.us-west-2.amazonaws.com https://datagrail-quarantine-staging.s3.us-west-2.amazonaws.com https://salesforce-datagrail-quarantine.s3.us-west-1.amazonaws.com https://datagrail-public-assets.s3.us-west-2.amazonaws.com https://datagrail-public-assets.s3.us-west-1.amazonaws.com; font-src 'self' https://fonts.gstatic.com https://use.fontawesome.com https://fonts.googleapis.com; object-src 'none'; media-src 'self'; frame-src 'self' https://newassets.hcaptcha.com https://go.forgerock.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://na-ab29.marketo.com https://app.pendo.io https://feedback.us.pendo.io https://portal.feedback.us.pendo.io; base-uri 'self'; frame-ancestors https://app.pendo.io; child-src https://app.pendo.io; report-uri /_csp;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://preferences.bedbathandbeyond.com/?locationCode=DE
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJkYXRhZ3JhaWwiLCJzdWIiOjEzMCwiYXVkIjoiaW50YWtlX2Zvcm0iLCJzY29wZSI6WyJjdXN0b21lcjpyZWFkIiwicHJpdmFjeV9yZXF1ZXN0X3BvbGljeTpyZWFkIiwiZGF0YV9zdWJqZWN0X3JlbGF0aW9uc2hpcF9vcHRpb246cmVhZCIsInByaXZhY3lfcmVxdWVzdDpyZWFkIiwicHJpdmFjeV9yZXF1ZXN0OmNyZWF0ZSIsImxvY2F0aW9uOnJlYWQiLCJwcml2YWN5X3JpZ2h0OnJlYWQiLCJjYXB0Y2hhOnJlYWQiLCJvcHRfb3V0OmNyZWF0ZSIsImxvY2F0aW9uczpyZWFkIiwicHJpdmFjeV9yZXF1ZXN0X2NlbnRlcl9jb250ZW50OnJlYWQiXSwiZXhwIjoxNzIwMDg3Njc2fQ.-Fj2ii21LabCJbLiSqsQdHF8iSwXeCgOWxFGf8Uxysk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 09:07:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com https://na-ab29.marketo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://ajax.cloudflare.com https://hcaptcha.com https://*.hcaptcha.com https://app.pendo.io https://pendo-io-static.storage.googleapis.com https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://use.typekit.net https://apis.google.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com; style-src 'self' 'unsafe-inline' https://app-ab27.marketo.com https://app-ab29.marketo.com https://fonts.googleapis.com https://use.fontawesome.com https://hcaptcha.com https://*.hcaptcha.com https://app.pendo.io https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://cdnjs.cloudflare.com https://go.forgerock.com; img-src 'self' https://*.datagrail.io https://hcaptcha.com https://cdn.pendo.io https://app.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://static.intercomassets.com data:; connect-src 'self' https://hcaptcha.com https://app.pendo.io https://data.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://api.feedback.us.pendo.io https://sentry.io https://datagrail-quarantine-production.s3.us-west-2.amazonaws.com https://datagrail-quarantine-development.s3.us-west-2.amazonaws.com https://datagrail-quarantine-staging.s3.us-west-2.amazonaws.com https://salesforce-datagrail-quarantine.s3.us-west-1.amazonaws.com https://datagrail-public-assets.s3.us-west-2.amazonaws.com https://datagrail-public-assets.s3.us-west-1.amazonaws.com; font-src 'self' https://fonts.gstatic.com https://use.fontawesome.com https://fonts.googleapis.com; object-src 'none'; media-src 'self'; frame-src 'self' https://newassets.hcaptcha.com https://go.forgerock.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://na-ab29.marketo.com https://app.pendo.io https://feedback.us.pendo.io https://portal.feedback.us.pendo.io; base-uri 'self'; frame-ancestors https://app.pendo.io; child-src https://app.pendo.io; report-uri /_csp;
via: 1.1 de5feec87348dd5cbd158a449ae18d38.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA56-P11
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
x-request-id: 81f9e9b6-0850-4c70-a7dd-7e9326211e20
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
server: nginx
etag: W/"4e4977140ab1c6ba2adb6f371bfa911f"
x-download-options: noopen
x-frame-options: SAMEORIGIN, deny
vary: Accept
content-type: application/json; charset=utf-8
cache-control: max-age=0, private, must-revalidate, no-store, no-cache, max-age=0
x-amz-cf-id: naInjkMDcATbRtU7kc9ShvA5216CdYeiHzNEFVORU4jdcjo64JgVrA==

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			preferences.bedbathandbeyond.com/	1970-01-20 21:48:47	Name: _dg_app_session Value: 248c09fd60a84253e6738e294f384d73

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://preferences.bedbathandbeyond.com/api/v2/customer Message: Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com https://na-ab29.marketo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://ajax.cloudflare.com https://hcaptcha.com https://.hcaptcha.com https://app.pendo.io https://pendo-io-static.storage.googleapis.com https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://use.typekit.net https://apis.google.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://go.forgerock.com; style-src 'self' 'unsafe-inline' https://app-ab27.marketo.com https://app-ab29.marketo.com https://fonts.googleapis.com https://use.fontawesome.com https://hcaptcha.com https://.hcaptcha.com https://app.pendo.io https://cdn.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://cdnjs.cloudflare.com https://go.forgerock.com; img-src 'self' https://*.datagrail.io https://hcaptcha.com https://cdn.pendo.io https://app.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://data.pendo.io https://static.intercomassets.com data:; connect-src 'self' https://hcaptcha.com https://app.pendo.io https://data.pendo.io https://pendo-static-6311385643745280.storage.googleapis.com https://api.feedback.us.pendo.io https://sentry.io https://datagrail-quarantine-production.s3.us-west-2.amazonaws.com https://datagrail-quarantine-development.s3.us-west-2.amazonaws.com https://datagrail-quarantine-staging.s3.us-west-2.amazonaws.com https://salesforce-datagrail-quarantine.s3.us-west-1.amazonaws.com https://datagrail-public-assets.s3.us-west-2.amazonaws.com https://datagrail-public-assets.s3.us-west-1.amazonaws.com; font-src 'self' https://fonts.gstatic.com https://use.fontawesome.com https://fonts.googleapis.com; object-src 'none'; media-src 'self'; frame-src 'self' https://newassets.hcaptcha.com https://go.forgerock.com https://app-ab27.marketo.com https://app-ab29.marketo.com https://na-ab29.marketo.com https://app.pendo.io https://feedback.us.pendo.io https://portal.feedback.us.pendo.io; base-uri 'self'; frame-ancestors https://app.pendo.io; child-src https://app.pendo.io; report-uri /_csp;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN deny
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets-production.datagrail.io
cdn.pendo.io
data.pendo.io
preferences.bedbathandbeyond.com
preferences.overstock.com
13.32.27.32
173.241.154.55
18.244.18.51
34.107.204.85
34.36.213.229
00b48794a2d29755e92bd80a14068848dc3aaa7ffc2b296ab0a2b722e5b3ddb3
03bf49ef427c5199dc5a2e458ebcdb09bd37b137091513811dd8695aac8e2d4d
0ffafabfad0e492303065faef6246a2941196a05f122a40f3c8d4d49d06ea234
1016b6483b47723fc9f4e0ffea6c8ea8172c7f0185cef110ba7ee9603850dd50
37060298a837ae8f00c856bacd0f4637edf76bb2670d768962408798cfa1f3a0
3757610251a48b73b752b1df1a0dcc78cebd652475773ceedbe32a7cb286171c
41a4070c0266fdc31705ce9601c63d37fd65730f891ad30b21333cae2be53f2c
4e4977140ab1c6ba2adb6f371bfa911fa119ac7fcfb261bf15ff458f4948e5f0
5240019eb041d445b66ca9126179d98f6f6f698f105ccf8817543319cb6e9de6
5baed9280641a20fdb7bd79c8ba2618f95bb25974ef991dc322ec9e76794f59e
62a67168608078e9ef3dd618f03deb15256cffece6248ec6b88a5b33578bcff9
6d6068180a5c710c68c8ee0e290cb9b37b3450492d3f9e3ae46083deb152fbcf
7bad35b0f66f8bb31bc523cbe7a3be98fa297ca35004b3765fa6363938b19d52
824239ae9347b8cd3f4b3a356907337d3e42bc1034979ff5b28be460eef46591
8ee4963493284eb7fd3add19adf8047f432cdc87525b5828d121ed9aca167dd7
a59bee3eab88143a42c05ffded2273516c6406a170437e63706eb27ea3bc0231
c02a0add5062478700f75eb8662a67f2a974fc46972d666d7b2edd8f093e0411
c538c6823c994ca536d03ee7e9d587a571019716190a364bd7d897512b82a8c6
d20e20ecdce02ff2ebfdd570d4941fa439f60f51d46769312c3d61c4cc028620
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7e2933de117aad4a9d02c8f38b4fbff6d71df40a0fe811d841619944e2db358

preferences.bedbathandbeyond.com Open in urlscan Pro 18.244.18.51 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

25 Requests

100 %HTTPS

0 %IPv6

4 Domains

5 Subdomains

4 IPs

1 Countries

1829 kBTransfer

7281 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

1 Cookies

1 Console Messages

Security Headers

Indicators

preferences.bedbathandbeyond.com Open in urlscan Pro
18.244.18.51 Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

4
IPs

1
Countries

1829 kB
Transfer

7281 kB
Size

1
Cookies

25 HTTP transactions
0 data transactions