urlscan.io logo urlscan.io
SecurityTrails logo

fai.xoxoday.com Open in urlscan Pro
104.18.30.19  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://fai.xoxoday.com/home/f20884ad-3954-4591-b94b-70d2944787ad-1608724647051/post/1635359703348-78e356d5-539e-434f-83...
Effective URL: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zd...
Submission: On October 27 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 4 countries across 10 domains to perform 55 HTTP transactions. The main IP is 104.18.30.19, located in United States and belongs to CLOUDFLARENET, US. The main domain is fai.xoxoday.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 26th 2021. Valid for: a year.
This is the only time fai.xoxoday.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 40 104.18.30.19 13335 (CLOUDFLAR...)
3 143.204.98.117 16509 (AMAZON-02)
1 94.31.29.32 6461 (ZAYO-6461)
1 142.250.186.168 15169 (GOOGLE)
2 142.250.186.46 15169 (GOOGLE)
1 74.125.140.155 15169 (GOOGLE)
1 142.250.185.234 15169 (GOOGLE)
2 151.101.128.176 54113 (FASTLY)
2 54.187.159.182 16509 (AMAZON-02)
1 158.69.52.117 16276 (OVH)
1 52.89.186.194 16509 (AMAZON-02)
1 52.219.32.139 16509 (AMAZON-02)
55 13
40    104.18.30.19 (United States)

ASN13335 (CLOUDFLARENET, US)
fai.xoxoday.com
3    143.204.98.117 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-117.fra50.r.cloudfront.net
js.stripe.com
1    94.31.29.32 (United Kingdom)

ASN6461 (ZAYO-6461, US)
PTR: 94.31.29.32.IPYX-077437-ZYO.above.net
cdn.trackjs.com
1    142.250.186.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f8.1e100.net
www.googletagmanager.com
2    142.250.186.46 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f14.1e100.net
www.google-analytics.com
1    74.125.140.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wq-in-f155.1e100.net
stats.g.doubleclick.net
1    142.250.185.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f10.1e100.net
fonts.googleapis.com
2    151.101.128.176 (United States)

ASN54113 (FASTLY, US)
m.stripe.network
2    54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com
q.stripe.com
1    158.69.52.117 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: prd-usage-3.tjsint.net
usage.trackjs.com
1    52.89.186.194 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-89-186-194.us-west-2.compute.amazonaws.com
m.stripe.com
1    52.219.32.139 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: s3-ap-southeast-1-r-w.amazonaws.com
xoxoday-dropbox.s3.ap-southeast-1.amazonaws.com
Domain Requested by
40 fai.xoxoday.com 2 redirects fai.xoxoday.com
cdn.trackjs.com
3 js.stripe.com fai.xoxoday.com
js.stripe.com
2 q.stripe.com fai.xoxoday.com
2 m.stripe.network js.stripe.com
m.stripe.network
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 xoxoday-dropbox.s3.ap-southeast-1.amazonaws.com
1 m.stripe.com m.stripe.network
1 usage.trackjs.com
1 fonts.googleapis.com fai.xoxoday.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googletagmanager.com fai.xoxoday.com
1 cdn.trackjs.com fai.xoxoday.com
0 sts.firstam.com Failed fai.xoxoday.com
55 13

This site contains no links.

Subject Issuer Validity Valid
xoxoday.com
Cloudflare Inc ECC CA-3		 2021-04-26 -
2022-04-25		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2021-10-21 -
2022-02-02		 3 months crt.sh
*.trackjs.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-08-11 -
2022-08-11		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.stripe.com
DigiCert SHA2 Secure Server CA		 2021-09-08 -
2022-09-07		 a year crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-20 -
2022-02-02		 3 months crt.sh
*.s3-ap-southeast-1.amazonaws.com
Amazon		 2021-03-26 -
2022-03-15		 a year crt.sh

This page contains 3 frames:

Frame: https://sts.firstam.com/adfs/ls/?SAMLRequest=hZJdTyMhFIb%2FyoR7hqGttpJOk66NsYnbbeysF96YUwa2JHx0OYzWf790qq5eqJcczvMeHmCK4OxezLu087fqb6cwFQdnPYp%2BoyZd9CIAGhQenEKRpNjMf96IQVmJfQwpyGDJO%2BRrAhBVTCZ4UiwXNXmY6K2%2B4HJI%2BXC8pSMuz%2BlE8jOqz7XiE6gmwzGQ4k5FzExNckQGETu19JjAp1yqBpzyig7GzaASIy6G4%2FLirLonxSK7GA%2BpJ3cp7VEwhglLbWKGXSmDY9BqZBYZKdYvMj%2BMb43%2F87XH9tSE4rpp1nT9a9OQYv7qdhk8dk7FjYqPRqrftzf%2F52sw5SEcQgvP%2FXy5U5ohBvYI1rSQFD1eIls1y9Hqqa7JbHpci945zr5NcSpBTgGK%2B7eMKXsfMT09%2BCorLRfrYI18Lq5CdJA%2BN%2BYl7yumpbpvFcqBsfO2jQoxm1sbni6jyseviQaLirDZaezHrzX7Bw%3D%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=i17VyNv%2FIrCSmh%2Bjn1KfYdTI2b6Fq1HCaC2BkcWtjjtvNBmVgKsp4YEY%2FajvGR8aThvmrxUps2OrmGsvxE9Y%2BhpsiQcaztrtci%2BMtwY2Xkz8SZMxLr5jp0v%2Ft7rePIxOTVOXk%2B3JJZ%2FChBwiD5omu8EwSrUwRl0ZWxgt4zkz5shxb7u7N07AF6ZLd9VKWIuM0pOhfRHyTxocqnuoyBNVoefFaotoekorQqlvuhoso1FN0z9jXEqn%2FFiL58uLoM6VYe%2BdL1TivCYkpcAOmf1QYh%2Bhv%2BmmdqF4z5gzf%2FMveGdIKViqaYE1x%2Bx0JquJgUGTDwfIf75%2B0Ek6VNESCRvniw%3D%3D
Frame ID: D6605FEB6C5743A5449499ED3B90F6EA
Requests: 48 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html
Frame ID: 5EEF2D23C422AD2D9B99E15D52E8E023
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 552329AD1FE2748BF5177C667659E867
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://fai.xoxoday.com/home/f20884ad-3954-4591-b94b-70d2944787ad-1608724647051/post/1635359703348-7... HTTP 302
    https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2M... Page URL

Page Statistics

55
Requests

96 %
HTTPS

0 %
IPv6

10
Domains

13
Subdomains

13
IPs

4
Countries

1355 kB
Transfer

4684 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://fai.xoxoday.com/home/f20884ad-3954-4591-b94b-70d2944787ad-1608724647051/post/1635359703348-78e356d5-539e-434f-8349-22f119e6755c?nudge_id=3fd440812242557b58a7c1380d35c7e550de021e&notif_id=e8d33cbe92243b93b87833d61d5f4069&utm_medium=email&utm_source=notifications&utm_campaign=today_work_anniversary_nudge HTTP 302
    https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49
  • https://fai.xoxoday.com/image/clients/fai/fai_1504509165-logo.png HTTP 302
  • https://fai.xoxoday.com/login?dest_url=L2ltYWdlL2NsaWVudHMvZmFpL2ZhaV8xNTA0NTA5MTY1LWxvZ28ucG5n
Request Chain 53
  • https://fai.xoxoday.com/chef/sso/sso-redirect?company_id=NTI4Nw== HTTP 302
  • https://sts.firstam.com/adfs/ls/?SAMLRequest=hZJdTyMhFIb%2FyoR7hqGttpJOk66NsYnbbeysF96YUwa2JHx0OYzWf790qq5eqJcczvMeHmCK4OxezLu087fqb6cwFQdnPYp%2BoyZd9CIAGhQenEKRpNjMf96IQVmJfQwpyGDJO%2BRrAhBVTCZ4UiwXNXmY6K2%2B4HJI%2BXC8pSMuz%2BlE8jOqz7XiE6gmwzGQ4k5FzExNckQGETu19JjAp1yqBpzyig7GzaASIy6G4%2FLirLonxSK7GA%2BpJ3cp7VEwhglLbWKGXSmDY9BqZBYZKdYvMj%2BMb43%2F87XH9tSE4rpp1nT9a9OQYv7qdhk8dk7FjYqPRqrftzf%2F52sw5SEcQgvP%2FXy5U5ohBvYI1rSQFD1eIls1y9Hqqa7JbHpci945zr5NcSpBTgGK%2B7eMKXsfMT09%2BCorLRfrYI18Lq5CdJA%2BN%2BYl7yumpbpvFcqBsfO2jQoxm1sbni6jyseviQaLirDZaezHrzX7Bw%3D%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=i17VyNv%2FIrCSmh%2Bjn1KfYdTI2b6Fq1HCaC2BkcWtjjtvNBmVgKsp4YEY%2FajvGR8aThvmrxUps2OrmGsvxE9Y%2BhpsiQcaztrtci%2BMtwY2Xkz8SZMxLr5jp0v%2Ft7rePIxOTVOXk%2B3JJZ%2FChBwiD5omu8EwSrUwRl0ZWxgt4zkz5shxb7u7N07AF6ZLd9VKWIuM0pOhfRHyTxocqnuoyBNVoefFaotoekorQqlvuhoso1FN0z9jXEqn%2FFiL58uLoM6VYe%2BdL1TivCYkpcAOmf1QYh%2Bhv%2BmmdqF4z5gzf%2FMveGdIKViqaYE1x%2Bx0JquJgUGTDwfIf75%2B0Ek6VNESCRvniw%3D%3D

55 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
fai.xoxoday.com/
Redirect Chain
  • https://fai.xoxoday.com/home/f20884ad-3954-4591-b94b-70d2944787ad-1608724647051/post/1635359703348-78e356d5-539e-434f-8349-22f119e6755c?nudge_id=3fd440812242557b58a7c1380d35c7e550de021e&notif_id=e8...
  • https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV...
16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a11674187b1ee49658796b3526632929992949988ed6ddd81fd5cce566701fb
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://www.gstatic.com https://js.stripe.com https://cdn.trackjs.com/ https://www.googletagmanager.com https://cdn.pendo.io https://*.storage.googleapis.com https://data.pendo.io 'unsafe-inline' 'unsafe-eval' https://www.google-analytics.com https://app.pendo.io https://www.youtube.com; frame-src 'self' https://js.stripe.com https://www.google-analytics.com https://docs.google.com https://app.pendo.io https://www.youtube.com; img-src 'self' data: blob: https://*.giphy.com https://*.licdn.com https://*.amazonaws.com https://*.s3.amazonaws.com https://*.s3.ap-southeast-1.amazonaws.com https://usage.trackjs.com https://res.cloudinary.com https://data.pendo.io https://*.storage.googleapis.com https://cdn.jsdelivr.net https://cdn.pendo.io https://www.google-analytics.com https://www.googletagmanager.com https://via.placeholder.com https://app.pendo.io https://www.youtube.com; script-src-elem 'self' https://js.stripe.com https://cdn.trackjs.com https://www.googletagmanager.com https://cdn.pendo.io https://*.storage.googleapis.com https://data.pendo.io 'unsafe-inline' 'unsafe-eval' https://www.google-analytics.com https://app.pendo.io https://www.gstatic.com https://www.youtube.com; style-src 'self' https://fonts.googleapis.com 'unsafe-inline' https://cdn.pendo.io https://data.pendo.io https://www.gstatic.com https://*.storage.googleapis.com https://www.youtube.com; style-src-elem 'self' https://fonts.googleapis.com 'unsafe-inline' https://cdn.pendo.io https://stackpath.bootstrapcdn.com https://www.gstatic.com https://*.storage.googleapis.com https://fonts.googleapis.com https://www.youtube.com; style-src-attr 'self' 'unsafe-inline' https://fonts.googleapis.com 'unsafe-inline' https://cdn.pendo.io https://data.pendo.io https://www.gstatic.com https://*.storage.googleapis.com https://www.youtube.com; font-src 'self' https://fonts.gstatic.com https://www.youtube.com; connect-src 'self' https://get.geojs.io https://listenat.xoxoday.com https://www.google-analytics.com https://stats.g.doubleclick.net https://capture.trackjs.com wss://listenat.xoxoday.com https://fcm.googleapis.com https://data.pendo.io https://www.youtube.com; report-uri /chef/csp_report;
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 27 Oct 2021 20:41:33 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN SAMEORIGIN
x-xss-protection
1; mode=block 1; mode=block
x-dns-prefetch-control
off
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' https://www.gstatic.com https://js.stripe.com https://cdn.trackjs.com/ https://www.googletagmanager.com https://cdn.pendo.io https://*.storage.googleapis.com https://data.pendo.io 'unsafe-inline' 'unsafe-eval' https://www.google-analytics.com https://app.pendo.io https://www.youtube.com; frame-src 'self' https://js.stripe.com https://www.google-analytics.com https://docs.google.com https://app.pendo.io https://www.youtube.com; img-src 'self' data: blob: https://*.giphy.com https://*.licdn.com https://*.amazonaws.com https://*.s3.amazonaws.com https://*.s3.ap-southeast-1.amazonaws.com https://usage.trackjs.com https://res.cloudinary.com https://data.pendo.io https://*.storage.googleapis.com https://cdn.jsdelivr.net https://cdn.pendo.io https://www.google-analytics.com https://www.googletagmanager.com https://via.placeholder.com https://app.pendo.io https://www.youtube.com; script-src-elem 'self' https://js.stripe.com https://cdn.trackjs.com https://www.googletagmanager.com https://cdn.pendo.io https://*.storage.googleapis.com https://data.pendo.io 'unsafe-inline' 'unsafe-eval' https://www.google-analytics.com https://app.pendo.io https://www.gstatic.com https://www.youtube.com; style-src 'self' https://fonts.googleapis.com 'unsafe-inline' https://cdn.pendo.io https://data.pendo.io https://www.gstatic.com https://*.storage.googleapis.com https://www.youtube.com; style-src-elem 'self' https://fonts.googleapis.com 'unsafe-inline' https://cdn.pendo.io https://stackpath.bootstrapcdn.com https://www.gstatic.com https://*.storage.googleapis.com https://fonts.googleapis.com https://www.youtube.com; style-src-attr 'self' 'unsafe-inline' https://fonts.googleapis.com 'unsafe-inline' https://cdn.pendo.io https://data.pendo.io https://www.gstatic.com https://*.storage.googleapis.com https://www.youtube.com; font-src 'self' https://fonts.gstatic.com https://www.youtube.com; connect-src 'self' https://get.geojs.io https://listenat.xoxoday.com https://www.google-analytics.com https://stats.g.doubleclick.net https://capture.trackjs.com wss://listenat.xoxoday.com https://fcm.googleapis.com https://data.pendo.io https://www.youtube.com; report-uri /chef/csp_report;
cache-control
no-cache, no-store, must-revalidate
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a4ebeecece927b8-PRG
content-encoding
gzip

Redirect headers

date
Wed, 27 Oct 2021 20:41:32 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN SAMEORIGIN
x-xss-protection
1; mode=block 1; mode=block
x-dns-prefetch-control
off
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' https://www.gstatic.com https://js.stripe.com https://cdn.trackjs.com/ https://www.googletagmanager.com https://cdn.pendo.io https://*.storage.googleapis.com https://data.pendo.io 'unsafe-inline' 'unsafe-eval' https://www.google-analytics.com https://app.pendo.io https://www.youtube.com; frame-src 'self' https://js.stripe.com https://www.google-analytics.com https://docs.google.com https://app.pendo.io https://www.youtube.com; img-src 'self' data: blob: https://*.giphy.com https://*.licdn.com https://*.amazonaws.com https://*.s3.amazonaws.com https://*.s3.ap-southeast-1.amazonaws.com https://usage.trackjs.com https://res.cloudinary.com https://data.pendo.io https://*.storage.googleapis.com https://cdn.jsdelivr.net https://cdn.pendo.io https://www.google-analytics.com https://www.googletagmanager.com https://via.placeholder.com https://app.pendo.io https://www.youtube.com; script-src-elem 'self' https://js.stripe.com https://cdn.trackjs.com https://www.googletagmanager.com https://cdn.pendo.io https://*.storage.googleapis.com https://data.pendo.io 'unsafe-inline' 'unsafe-eval' https://www.google-analytics.com https://app.pendo.io https://www.gstatic.com https://www.youtube.com; style-src 'self' https://fonts.googleapis.com 'unsafe-inline' https://cdn.pendo.io https://data.pendo.io https://www.gstatic.com https://*.storage.googleapis.com https://www.youtube.com; style-src-elem 'self' https://fonts.googleapis.com 'unsafe-inline' https://cdn.pendo.io https://stackpath.bootstrapcdn.com https://www.gstatic.com https://*.storage.googleapis.com https://fonts.googleapis.com https://www.youtube.com; style-src-attr 'self' 'unsafe-inline' https://fonts.googleapis.com 'unsafe-inline' https://cdn.pendo.io https://data.pendo.io https://www.gstatic.com https://*.storage.googleapis.com https://www.youtube.com; font-src 'self' https://fonts.gstatic.com https://www.youtube.com; connect-src 'self' https://get.geojs.io https://listenat.xoxoday.com https://www.google-analytics.com https://stats.g.doubleclick.net https://capture.trackjs.com wss://listenat.xoxoday.com https://fcm.googleapis.com https://data.pendo.io https://www.youtube.com; report-uri /chef/csp_report;
cache-control
no-cache, no-store, must-revalidate
location
https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
vary
Accept
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a4ebee79bae27b8-PRG
material-design-iconic-font.min.css
fai.xoxoday.com/vendors/material-design-iconic-font/css/ 		69 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fai.xoxoday.com/vendors/material-design-iconic-font/css/material-design-iconic-font.min.css
Requested by
Host: fai.xoxoday.com
URL: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 20:41:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-dns-prefetch-control
off
vary
Accept-Encoding
content-length
8004
x-xss-protection
1; mode=block, 1; mode=block
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
6a4ebeefdacc27b8-PRG
weather-icons.min.css
fai.xoxoday.com/vendors/weather-icons/css/ 		26 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fai.xoxoday.com/vendors/weather-icons/css/weather-icons.min.css
Requested by
Host: fai.xoxoday.com
URL: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29c09c6a4a8c69a981ad315ac5bf6d92b3f68aad57f2f527b26f3a5bca517202
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 20:41:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-dns-prefetch-control
off
vary
Accept-Encoding
x-xss-protection
1; mode=block, 1; mode=block
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
6a4ebeefdad427b8-PRG
sprite-flags-24x24.css
fai.xoxoday.com/vendors/flag/ 		17 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fai.xoxoday.com/vendors/flag/sprite-flags-24x24.css
Requested by
Host: fai.xoxoday.com
URL: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd3dbbe2f2707587be1e399a99cf7850a798b83127c213a0165b12bd3ef63783
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 20:41:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-dns-prefetch-control
off
vary
Accept-Encoding
content-length
1675
x-xss-protection
1; mode=block, 1; mode=block
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
6a4ebeefdad527b8-PRG
animate.css
fai.xoxoday.com/vendors/ 		26 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fai.xoxoday.com/vendors/animate.css
Requested by
Host: fai.xoxoday.com
URL: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93c8e04661dfa9ae9a664d3c879c76f65288c81609bff288a32e1c260db57426
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 20:41:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-dns-prefetch-control
off
vary
Accept-Encoding
x-xss-protection
1; mode=block, 1; mode=block
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
6a4ebeefdad627b8-PRG
bootstrap-rtl.css
fai.xoxoday.com/vendors/ 		194 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fai.xoxoday.com/vendors/bootstrap-rtl.css
Requested by
Host: fai.xoxoday.com
URL: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fd7f15e18740cacae91badbd1ccb819e431cdb510d8af3eef4510083de2e733
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 20:41:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-dns-prefetch-control
off
vary
Accept-Encoding
content-length
26175
x-xss-protection
1; mode=block, 1; mode=block
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
6a4ebeefdad727b8-PRG
react-notifications.css
fai.xoxoday.com/vendors/react-notification/ 		2 KB
853 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fai.xoxoday.com/vendors/react-notification/react-notifications.css
Requested by
Host: fai.xoxoday.com
URL: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00f3859bc4b09e2c065b94092f469c24c58c92608e34b937b39792cf877d7ea9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 20:41:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-dns-prefetch-control
off
vary
Accept-Encoding
content-length
776
x-xss-protection
1; mode=block, 1; mode=block
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
6a4ebeefdad927b8-PRG
loader.css
fai.xoxoday.com/vendors/ 		2 KB
671 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fai.xoxoday.com/vendors/loader.css
Requested by
Host: fai.xoxoday.com
URL: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40eb3f63a01f7a841d33b9c36cfe2d4eb18bc9d8bf81348711e991b0ef9bce79
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 20:41:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-dns-prefetch-control
off
vary
Accept-Encoding
content-length
603
x-xss-protection
1; mode=block, 1; mode=block
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
6a4ebeefdada27b8-PRG
react-select.css
fai.xoxoday.com/vendors/react-select/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fai.xoxoday.com/vendors/react-select/react-select.css
Requested by
Host: fai.xoxoday.com
URL: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0349a0cbee492036f0b2be5c5fbd4282930779b257bb09a30744839cd0afd2a8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 20:41:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-dns-prefetch-control
off
vary
Accept-Encoding
content-length
2156
x-xss-protection
1; mode=block, 1; mode=block
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
6a4ebeefdadb27b8-PRG
style.f2f184b5f06cc7e8e1ac.css
fai.xoxoday.com/ 		767 KB
113 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fai.xoxoday.com/style.f2f184b5f06cc7e8e1ac.css
Requested by
Host: fai.xoxoday.com
URL: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7304b8b4173d08a3677d8ae674fc3591bd7db70b5eb0d8216f6a41154be4f2a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 20:41:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-dns-prefetch-control
off
vary
Accept-Encoding
x-xss-protection
1; mode=block, 1; mode=block
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
6a4ebeefdadc27b8-PRG
style.css
fai.xoxoday.com/CustomIcomoon/customIcons/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fai.xoxoday.com/CustomIcomoon/customIcons/style.css
Requested by
Host: fai.xoxoday.com
URL: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30a755619b5a41defe0898aab1cd19fb3890c1b489b3575b5f0122e8b70b267a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 20:41:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-dns-prefetch-control
off
vary
Accept-Encoding
content-length
1039
x-xss-protection
1; mode=block, 1; mode=block
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
6a4ebeefdadd27b8-PRG
stylesheet.css
fai.xoxoday.com/fonts/IBM_Plex_Sans/ 		2 KB
423 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fai.xoxoday.com/fonts/IBM_Plex_Sans/stylesheet.css
Requested by
Host: fai.xoxoday.com
URL: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2bc90f677899104fe4297381645c6f9b8ae65910dd52118bda6e2c514a0d502
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 20:41:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-dns-prefetch-control
off
vary
Accept-Encoding
content-length
355
x-xss-protection
1; mode=block, 1; mode=block
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
6a4ebeeffb0527b8-PRG
stylesheet.css
fai.xoxoday.com/fonts/metropolis/ 		1 KB
326 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fai.xoxoday.com/fonts/metropolis/stylesheet.css
Requested by
Host: fai.xoxoday.com
URL: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4480c866a6394c5502675afbe32465bf5b1e2a30151f69dcc4401d3c5503f34d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 20:41:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-dns-prefetch-control
off
vary
Accept-Encoding
content-length
258
x-xss-protection
1; mode=block, 1; mode=block
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
6a4ebeeffb0627b8-PRG
stylesheet.css
fai.xoxoday.com/fonts/graphik/ 		8 KB
860 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fai.xoxoday.com/fonts/graphik/stylesheet.css
Requested by
Host: fai.xoxoday.com
URL: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e18aabc06c194df4f5de4a5990f4e14741e13ef8594d61cb65364a696a7dc0f5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 20:41:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-dns-prefetch-control
off
vary
Accept-Encoding
content-length
792
x-xss-protection
1; mode=block, 1; mode=block
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
6a4ebeeffb0727b8-PRG
api.js
fai.xoxoday.com/cdn-cgi/bm/cv/669835187/ 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fai.xoxoday.com/cdn-cgi/bm/cv/669835187/api.js
Requested by
Host: fai.xoxoday.com
URL: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 20:41:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=604800, public
cf-ray
6a4ebeeffb1327b8-PRG
ie.png
fai.xoxoday.com/static/images/browserIcon/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fai.xoxoday.com/static/images/browserIcon/ie.png
Requested by
Host: fai.xoxoday.com
URL: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bbe175e5d074e50dcaa253c4c2a0c89a1ba050e8d5cca200e6d12cf77cf3923
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 20:41:33 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-download-options
noopen
x-frame-options
SAMEORIGIN, SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/png
cache-control
public, max-age=0
x-dns-prefetch-control
off
strict-transport-security
max-age=15552000; includeSubDomains
accept-ranges
bytes
cf-ray
6a4ebeeffb1627b8-PRG
content-length
25014
x-xss-protection
1; mode=block, 1; mode=block
firefox.png
fai.xoxoday.com/static/images/browserIcon/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fai.xoxoday.com/static/images/browserIcon/firefox.png
Requested by
Host: fai.xoxoday.com
URL: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30aec7d1fd57ac4d90ec345d003b8b0253597675cde0d84bbacebddfd57cd18b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 20:41:34 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-download-options
noopen
x-frame-options
SAMEORIGIN, SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/png
cache-control
public, max-age=0
x-dns-prefetch-control
off
strict-transport-security
max-age=15552000; includeSubDomains
accept-ranges
bytes
cf-ray
6a4ebeeffb1727b8-PRG
content-length
20840
x-xss-protection
1; mode=block, 1; mode=block
chrome.png
fai.xoxoday.com/static/images/browserIcon/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fai.xoxoday.com/static/images/browserIcon/chrome.png
Requested by
Host: fai.xoxoday.com
URL: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab4b6756b0f2f06e7c4e347e0ee1d354fe28efd6d0fe233903709dce9b0ea17c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 20:41:33 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-download-options
noopen
x-frame-options
SAMEORIGIN, SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/png
cache-control
public, max-age=0
x-dns-prefetch-control
off
strict-transport-security
max-age=15552000; includeSubDomains
accept-ranges
bytes
cf-ray
6a4ebeeffb1827b8-PRG
content-length
13253
x-xss-protection
1; mode=block, 1; mode=block
safari.png
fai.xoxoday.com/static/images/browserIcon/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fai.xoxoday.com/static/images/browserIcon/safari.png
Requested by
Host: fai.xoxoday.com
URL: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fe415ecf3aafc9cd7109afad3f9ed66cd9f3c1b3821d0e28d172b2c459635f4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 20:41:33 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-download-options
noopen
x-frame-options
SAMEORIGIN, SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/png
cache-control
public, max-age=0
x-dns-prefetch-control
off
strict-transport-security
max-age=15552000; includeSubDomains
accept-ranges
bytes
cf-ray
6a4ebeeffb1927b8-PRG
content-length
18992
x-xss-protection
1; mode=block, 1; mode=block
jquery-3.5.1.slim.min.js
fai.xoxoday.com/js/ 		71 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fai.xoxoday.com/js/jquery-3.5.1.slim.min.js
Requested by
Host: fai.xoxoday.com
URL: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 20:41:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-dns-prefetch-control
off
vary
Accept-Encoding
x-xss-protection
1; mode=block, 1; mode=block
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
6a4ebeeffb0827b8-PRG
popper.min.js
fai.xoxoday.com/js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fai.xoxoday.com/js/popper.min.js
Requested by
Host: fai.xoxoday.com
URL: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 20:41:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-dns-prefetch-control
off
vary
Accept-Encoding
content-length
7241
x-xss-protection
1; mode=block, 1; mode=block
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
6a4ebeeffb0a27b8-PRG
bootstrap.min.js
fai.xoxoday.com/js/ 		49 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fai.xoxoday.com/js/bootstrap.min.js
Requested by
Host: fai.xoxoday.com
URL: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 20:41:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-dns-prefetch-control
off
vary
Accept-Encoding
x-xss-protection
1; mode=block, 1; mode=block
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
6a4ebeeffb0b27b8-PRG
material-icons.css
fai.xoxoday.com/fonts/material_icons/ 		970 B
512 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fai.xoxoday.com/fonts/material_icons/material-icons.css
Requested by
Host: fai.xoxoday.com
URL: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afb727c828f3957ada8e546f9bce9c9c733bc1d2f09a83eb47f2114302cd9f2b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 20:41:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-dns-prefetch-control
off
vary
Accept-Encoding
content-length
444
x-xss-protection
1; mode=block, 1; mode=block
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
6a4ebeeffb0c27b8-PRG
common.js
fai.xoxoday.com/js/ 		21 B
86 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fai.xoxoday.com/js/common.js
Requested by
Host: fai.xoxoday.com
URL: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9b423500bd62a21260dc16b1da6e2eb5a77fbddaa49fbeb97cb3dcec7cdd5b7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 20:41:33 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-download-options
noopen
x-frame-options
SAMEORIGIN, SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
x-dns-prefetch-control
off
strict-transport-security
max-age=15552000; includeSubDomains
accept-ranges
bytes
cf-ray
6a4ebeeffb0e27b8-PRG
content-length
21
x-xss-protection
1; mode=block, 1; mode=block
/
js.stripe.com/v3/ 		264 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: fai.xoxoday.com
URL: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.117 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-117.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
676bc7038e10dde141258dfe0bc9a4a99820e89a3991157f5669aa58b94db60f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fai.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 20:41:35 GMT
content-encoding
gzip
x-amz-request-id
SR7XZA66F2KV6BR3
x-amz-meta-cache-control
max-age=300
x-cache
Miss from cloudfront
x-amz-meta-metadata-headers-enabled
true
x-amz-meta-vary
Accept-Encoding
last-modified
Tue, 26 Oct 2021 23:49:04 GMT
x-amz-meta-access-control-allow-origin
*
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-amz-meta-strict-transport-security
max-age=31556926; includeSubDomains; preload
x-amz-id-2
NUrbvjCsWTf+i3vUHzyxXRyHvBVm95JIRPv5MplKA2EFIichd1H4g1aC9qvd2cay5nHtK5/FSEQ=
access-control-allow-origin
*
x-amz-meta-timing-allow-origin
*
server
AmazonS3
etag
W/"a0b90016d1998ed189d7f10ee8b161a4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
cache-control
max-age=60
content-security-policy
default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop
FRA50-C1
timing-allow-origin
*
x-amz-cf-id
r3gsDxEKj9hb5Vt5oa3_sudmZmH-QtyiOIFMTyQbbl4e-5xy7IwjHA==
x-amz-meta-x-content-type-options
nosniff
firebase-app.js
fai.xoxoday.com/js/ 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fai.xoxoday.com/js/firebase-app.js
Requested by
Host: fai.xoxoday.com
URL: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f650f70bd4a8e7ce25699e594dde50a2817bd8cf94f8b591b9468c08095e366a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 20:41:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-dns-prefetch-control
off
vary
Accept-Encoding
x-xss-protection
1; mode=block, 1; mode=block
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
6a4ebeeffb1027b8-PRG
firebase-messaging.js
fai.xoxoday.com/js/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fai.xoxoday.com/js/firebase-messaging.js
Requested by
Host: fai.xoxoday.com
URL: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8a30a8925144ecf34ae36038be8f30d915c15335cbb9e4cafa4ca733d8628e0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 20:41:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-dns-prefetch-control
off
vary
Accept-Encoding
x-xss-protection
1; mode=block, 1; mode=block
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
6a4ebeeffb1127b8-PRG
bundle.f2f184b5f06cc7e8e1ac.js
fai.xoxoday.com/ 		1 MB
313 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fai.xoxoday.com/bundle.f2f184b5f06cc7e8e1ac.js
Requested by
Host: fai.xoxoday.com
URL: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c682fc42f7a729f1170627881f171cac0896296cbcb31f71c44b982ebd29f4e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 20:41:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-dns-prefetch-control
off
vary
Accept-Encoding
x-xss-protection
1; mode=block, 1; mode=block
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
6a4ebeeffb1227b8-PRG
t.js
cdn.trackjs.com/agent/v3/latest/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.trackjs.com/agent/v3/latest/t.js
Requested by
Host: fai.xoxoday.com
URL: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.32 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.32.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
7b116ac42dfa848b8cbeff07cae0cc208a898111a7191ab266b4f0241683671a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fai.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 20:41:33 GMT
content-encoding
gzip
last-modified
Thu, 05 Aug 2021 14:40:38 GMT
server
NetDNA-cache/2.2
x-amz-request-id
V32PW48GTG5GRSH3
etag
W/"48ead32171e554edb2744890102504b0"
x-amz-meta-cache-control
s-max-age=3600, max-age=604800, public
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-max-age=3600, max-age=604800, public
x-amz-meta-content-type
application/javascript
x-amz-id-2
65bC/o/RneJbUit/ZbofLRkV89XYSSO3EqjobPjnKe7/tLpnoQiruCvs1X/flxrbSUvBkAm+NvM=
gtm.js
www.googletagmanager.com/ 		107 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N8HNG5D
Requested by
Host: fai.xoxoday.com
URL: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
83e0bcd7766de13014cc44a4ed7bf8ccaa457a90ebe16179599c0d707b68ff2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fai.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 20:41:33 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
41368
x-xss-protection
0
last-modified
Wed, 27 Oct 2021 19:56:45 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 27 Oct 2021 20:41:33 GMT
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8HNG5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fai.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 26 Oct 2021 23:24:02 GMT
server
Golfe2
age
2427
date
Wed, 27 Oct 2021 20:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Wed, 27 Oct 2021 22:01:06 GMT
collect
www.google-analytics.com/j/ 		2 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1952919054&t=pageview&_s=1&dl=https%3A%2F%2Ffai.xoxoday.com%2Flogin%3Fdest_url%3DL2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl&ul=en-us&de=UTF-8&dt=Employee%20Rewards%20and%20Recognition%20Solution%20%7C%20Employee%20Success%20Platform%20%7C%20First%20American%20(india)%20Private%20Limited&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=572207857&gjid=195318460&cid=1394173934.1635367293&tid=UA-137252764-1&_gid=552337142.1635367293&_r=1&gtm=2wgar0N8HNG5D&z=1820838471
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://fai.xoxoday.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 27 Oct 2021 20:41:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fai.xoxoday.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-137252764-1&cid=1394173934.1635367293&jid=572207857&gjid=195318460&_gid=552337142.1635367293&_u=YEBAAAAAAAAAAC~&z=2122736045
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.140.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wq-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fai.xoxoday.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 27 Oct 2021 20:41:33 GMT
content-type
text/plain
access-control-allow-origin
https://fai.xoxoday.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=IBM+Plex+Sans:300,400,500
Requested by
Host: fai.xoxoday.com
URL: https://fai.xoxoday.com/style.f2f184b5f06cc7e8e1ac.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f10.1e100.net
Software
ESF /
Resource Hash
a3b68c4aad59fb65a0ececd9d6e8fd467b3d2f23a2ee8d50d076fcbc890deafd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fai.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 27 Oct 2021 20:38:59 GMT
server
ESF
date
Wed, 27 Oct 2021 20:41:33 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Wed, 27 Oct 2021 20:41:33 GMT
fetchFrontend
fai.xoxoday.com/chef/language/ 		1 MB
326 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fai.xoxoday.com/chef/language/fetchFrontend
Requested by
Host: fai.xoxoday.com
URL: https://fai.xoxoday.com/bundle.f2f184b5f06cc7e8e1ac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63d5e60353888a58f753c7549355bf9733c764778118f2cfe91e6bbc35ed0966
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
csrf
hash
Accept-Language
de-DE,de;q=0.9
lng
en
pltfm
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 20:41:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-dns-prefetch-control
off
x-xss-protection
1; mode=block, 1; mode=block
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/json; charset=utf-8
access-control-allow-origin
undefined
access-control-allow-credentials
true
xoxo-tracer-id
45e09220-3766-11ec-b844-5fed6754ee8d
cf-ray
6a4ebef899e727b8-PRG
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, a_t, Set-Cookie, lng, pltfm, hash, csrf, authorization
m-outer-f7902241893e7a497417843cb15dc858.html
js.stripe.com/v3/ Frame 5EEF 		240 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.117 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-117.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1969520bd7b0ea7b84b1cbdda4a8ae93c321abe6eaeff82b5fa496680bf88a0f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://fai.xoxoday.com/

Response headers

content-type
text/html; charset=utf-8
content-length
240
x-amz-id-2
92ceTxXF11ZQLnWWMa2yQAGYAPhhL27D2MGDpj7hmZ+ttRIkAi+Kc4eCJtoo8f/FNmECTOxd3ZA=
x-amz-request-id
6P6HFECZSMKWT01G
last-modified
Mon, 25 Oct 2021 19:35:31 GMT
x-amz-meta-access-control-allow-origin
*
x-amz-meta-x-content-type-options
nosniff
x-amz-meta-cache-control
max-age=31536000
x-amz-meta-strict-transport-security
max-age=31556926; includeSubDomains; preload
x-amz-meta-metadata-headers-enabled
true
x-amz-meta-content-security-policy
default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
x-amz-meta-timing-allow-origin
*
x-amz-meta-vary
Accept-Encoding
accept-ranges
bytes
server
AmazonS3
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
access-control-allow-origin
*
content-security-policy
default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
date
Wed, 27 Oct 2021 20:40:53 GMT
cache-control
max-age=60
etag
"f7902241893e7a497417843cb15dc858"
x-cache
Hit from cloudfront
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
hfyHwgg53jOgEGsaIMNnj4vYSSqms9iUVKeqU4I2KDajVTdL8ilOzA==
age
41
m-outer-639174098ea8fe7fede6fa654790e8ec.js
js.stripe.com/v3/fingerprinted/js/ Frame 5EEF 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-639174098ea8fe7fede6fa654790e8ec.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.117 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-117.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6b5402ff8932ed835d39a31b75c6bc737a80f6ddcd6269a1fa53556485ca3ad8
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 20:40:58 GMT
content-encoding
gzip
age
37
x-amz-meta-cache-control
max-age=300
x-cache
Hit from cloudfront
x-amz-meta-metadata-headers-enabled
true
x-amz-meta-vary
Accept-Encoding
last-modified
Mon, 25 Oct 2021 19:35:20 GMT
x-amz-meta-access-control-allow-origin
*
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-amz-request-id
8N3P4W6NY0N2581A
x-amz-id-2
x+C5Z1g37AfpqRNR0o+xkWtwlU5r1Gg1uguxGiUdDfhDmJPDdtb6rOakkDphONnv1/2q6vNqqRI=
access-control-allow-origin
*
x-amz-meta-timing-allow-origin
*
server
AmazonS3
x-amz-meta-strict-transport-security
max-age=31556926; includeSubDomains; preload
etag
W/"5213886b88cd72e6d0aebc89868e5d13"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
cache-control
max-age=60
content-security-policy
default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop
FRA50-C1
timing-allow-origin
*
x-amz-cf-id
ZowSoG2oa-goVNCecDyDejX9YMiInuyDr5gpWktp3prvbW-kXXATog==
x-amz-meta-x-content-type-options
nosniff
result
fai.xoxoday.com/cdn-cgi/bm/cv/ 		0
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fai.xoxoday.com/cdn-cgi/bm/cv/result?req_id=6a4ebeecece927b8
Requested by
Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 27 Oct 2021 20:41:34 GMT
server
cloudflare
cf-ray
6a4ebef92ace27b8-PRG
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
inner.html
m.stripe.network/ Frame 5523 		932 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-639174098ea8fe7fede6fa654790e8ec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/

Response headers

content-type
text/html; charset=utf-8
cache-control
max-age=300, public
content-security-policy
connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://m.stripe.com; default-src 'none'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; script-src 'self' 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw='; style-src 'self'; report-uri https://q.stripe.com/csp-report
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
server
Fastly
content-encoding
gzip
accept-ranges
bytes
date
Wed, 27 Oct 2021 20:41:34 GMT
via
1.1 varnish
age
51
x-served-by
cache-hhn4046-HHN
x-cache
HIT
x-cache-hits
67
x-timer
S1635367295.933945,VS0,VE0
vary
Accept-Encoding, Origin
content-length
528
csp-report
q.stripe.com/ Frame 5523 		0
121 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: fai.xoxoday.com
URL: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://m.stripe.network/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 27 Oct 2021 20:41:35 GMT
x-envoy-upstream-service-time
1
server
nginx
content-length
0
strict-transport-security
max-age=31556926; includeSubDomains; preload
csp-report
q.stripe.com/ Frame 5523 		0
120 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: fai.xoxoday.com
URL: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://m.stripe.network/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 27 Oct 2021 20:41:35 GMT
x-envoy-upstream-service-time
1
server
nginx
content-length
0
strict-transport-security
max-age=31556926; includeSubDomains; preload
out-4.5.41.js
m.stripe.network/ Frame 5523 		85 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.41.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
40
x-cache
HIT
content-length
15786
x-served-by
cache-hhn4046-HHN
server
Fastly
x-timer
S1635367295.947277,VS0,VE0
date
Wed, 27 Oct 2021 20:41:34 GMT
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=300, public
accept-ranges
bytes
x-cache-hits
56
usage.gif
usage.trackjs.com/ 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usage.trackjs.com/usage.gif?token=243963c89e634a1dbb45c346bbc856d6&correlationId=9321523f-6764-4479-ad61-926f4f650deb&application=empuls-prod&x=e08c5f0e-0349-4fee-a90d-e544f366a715&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.69.52.117 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
prd-usage-3.tjsint.net
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fai.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 27 Oct 2021 20:41:35 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
6
m.stripe.com/ Frame 5523 		156 B
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.41.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.89.186.194 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-89-186-194.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
183601c06ba5e4536f5880e9476e4d8fcb53a4145423ba818ea4064cb20a69e4
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 27 Oct 2021 20:41:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
strict-transport-security
max-age=31556926; includeSubDomains; preload
access-control-allow-headers
Content-Type
vendors~home~login~logout~resetpassword.0962dc7e4f986f8d7cca.bundle.js
fai.xoxoday.com/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fai.xoxoday.com/vendors~home~login~logout~resetpassword.0962dc7e4f986f8d7cca.bundle.js
Requested by
Host: fai.xoxoday.com
URL: https://fai.xoxoday.com/bundle.f2f184b5f06cc7e8e1ac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3e89010da50b0c184635fe8055768834c7f0bad962186c6690046564323f43d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 20:41:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-dns-prefetch-control
off
vary
Accept-Encoding
content-length
7735
x-xss-protection
1; mode=block, 1; mode=block
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
6a4ebefecc6827b8-PRG
vendors~login~logout.c4963e3bc499aed64365.bundle.js
fai.xoxoday.com/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fai.xoxoday.com/vendors~login~logout.c4963e3bc499aed64365.bundle.js
Requested by
Host: fai.xoxoday.com
URL: https://fai.xoxoday.com/bundle.f2f184b5f06cc7e8e1ac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42564beab156630df77f40b2c20121cde58943fbe64ff56c568a233ab5cc04e8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 20:41:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-dns-prefetch-control
off
vary
Accept-Encoding
content-length
5373
x-xss-protection
1; mode=block, 1; mode=block
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
6a4ebefecc6a27b8-PRG
login~logout.773f68be8df11fcf2757.bundle.js
fai.xoxoday.com/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fai.xoxoday.com/login~logout.773f68be8df11fcf2757.bundle.js
Requested by
Host: fai.xoxoday.com
URL: https://fai.xoxoday.com/bundle.f2f184b5f06cc7e8e1ac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a46bf04f54bb96acf8cc83cd7dec3f68c0ebf99bde3ef23852f18871e06b3563
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 20:41:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-dns-prefetch-control
off
vary
Accept-Encoding
content-length
4116
x-xss-protection
1; mode=block, 1; mode=block
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
6a4ebefecc6b27b8-PRG
login.ef80fbc97b027a38b709.bundle.js
fai.xoxoday.com/ 		31 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fai.xoxoday.com/login.ef80fbc97b027a38b709.bundle.js
Requested by
Host: fai.xoxoday.com
URL: https://fai.xoxoday.com/bundle.f2f184b5f06cc7e8e1ac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4530e79d594e50084c5d68d5915bf5220f546120dc3a3c0237ebda120c876314
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 20:41:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-dns-prefetch-control
off
vary
Accept-Encoding
x-xss-protection
1; mode=block, 1; mode=block
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
6a4ebefecc6e27b8-PRG
Pinnacle%20Logo.png
xoxoday-dropbox.s3.ap-southeast-1.amazonaws.com/image/clients/10528700000000000/platform_setting/ 		95 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xoxoday-dropbox.s3.ap-southeast-1.amazonaws.com/image/clients/10528700000000000/platform_setting/Pinnacle%20Logo.png?versionId=EiQb_Agk0w5nHKfPBJl67M4m3th9Xrpo
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.32.139 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
b5216bb14bdebe09b243f0a4a131e9be8e43c6d6dfdb6943d6e7cdb76d05186d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fai.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 27 Oct 2021 20:41:38 GMT
Last-Modified
Mon, 28 Dec 2020 05:00:40 GMT
Server
AmazonS3
x-amz-request-id
3B6KFZZWT4A6FD33
ETag
"abeeffda8520fadf6ab0eedb0ac1ddf7"
Content-Type
image/png
x-amz-version-id
EiQb_Agk0w5nHKfPBJl67M4m3th9Xrpo
Accept-Ranges
bytes
Content-Length
96885
x-amz-id-2
A54whQYY9vgHigmjCTQ6aLtt3iu5U9fKOdneOcFh2zOrEDGnYahqFnZWVwP+eMraZ5ZLkzAbeqE=
loading.gif
fai.xoxoday.com/img/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fai.xoxoday.com/img/loading.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38eab160f6b3a61bd6e97d39782a8692eb9fc7b11338f71f97dff2850d63f1e3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 20:41:37 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-download-options
noopen
x-frame-options
SAMEORIGIN, SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cache-control
public, max-age=0
x-dns-prefetch-control
off
strict-transport-security
max-age=15552000; includeSubDomains
accept-ranges
bytes
cf-ray
6a4ebf03aca927b8-PRG
content-length
10741
x-xss-protection
1; mode=block, 1; mode=block
login
fai.xoxoday.com/
Redirect Chain
  • https://fai.xoxoday.com/image/clients/fai/fai_1504509165-logo.png
  • https://fai.xoxoday.com/login?dest_url=L2ltYWdlL2NsaWVudHMvZmFpL2ZhaV8xNTA0NTA5MTY1LWxvZ28ucG5n
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fai.xoxoday.com/login?dest_url=L2ltYWdlL2NsaWVudHMvZmFpL2ZhaV8xNTA0NTA5MTY1LWxvZ28ucG5n
Protocol
H2
Server
104.18.30.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://www.gstatic.com https://js.stripe.com https://cdn.trackjs.com/ https://www.googletagmanager.com https://cdn.pendo.io https://*.storage.googleapis.com https://data.pendo.io 'unsafe-inline' 'unsafe-eval' https://www.google-analytics.com https://app.pendo.io https://www.youtube.com; frame-src 'self' https://js.stripe.com https://www.google-analytics.com https://docs.google.com https://app.pendo.io https://www.youtube.com; img-src 'self' data: blob: https://*.giphy.com https://*.licdn.com https://*.amazonaws.com https://*.s3.amazonaws.com https://*.s3.ap-southeast-1.amazonaws.com https://usage.trackjs.com https://res.cloudinary.com https://data.pendo.io https://*.storage.googleapis.com https://cdn.jsdelivr.net https://cdn.pendo.io https://www.google-analytics.com https://www.googletagmanager.com https://via.placeholder.com https://app.pendo.io https://www.youtube.com; script-src-elem 'self' https://js.stripe.com https://cdn.trackjs.com https://www.googletagmanager.com https://cdn.pendo.io https://*.storage.googleapis.com https://data.pendo.io 'unsafe-inline' 'unsafe-eval' https://www.google-analytics.com https://app.pendo.io https://www.gstatic.com https://www.youtube.com; style-src 'self' https://fonts.googleapis.com 'unsafe-inline' https://cdn.pendo.io https://data.pendo.io https://www.gstatic.com https://*.storage.googleapis.com https://www.youtube.com; style-src-elem 'self' https://fonts.googleapis.com 'unsafe-inline' https://cdn.pendo.io https://stackpath.bootstrapcdn.com https://www.gstatic.com https://*.storage.googleapis.com https://fonts.googleapis.com https://www.youtube.com; style-src-attr 'self' 'unsafe-inline' https://fonts.googleapis.com 'unsafe-inline' https://cdn.pendo.io https://data.pendo.io https://www.gstatic.com https://*.storage.googleapis.com https://www.youtube.com; font-src 'self' https://fonts.gstatic.com https://www.youtube.com; connect-src 'self' https://get.geojs.io https://listenat.xoxoday.com https://www.google-analytics.com https://stats.g.doubleclick.net https://capture.trackjs.com wss://listenat.xoxoday.com https://fcm.googleapis.com https://data.pendo.io https://www.youtube.com; report-uri /chef/csp_report;
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM1MzU5NzAzMzQ4LTc4ZTM1NmQ1LTUzOWUtNDM0Zi04MzQ5LTIyZjExOWU2NzU1Yz9udWRnZV9pZD0zZmQ0NDA4MTIyNDI1NTdiNThhN2MxMzgwZDM1YzdlNTUwZGUwMjFlJm5vdGlmX2lkPWU4ZDMzY2JlOTIyNDNiOTNiODc4MzNkNjFkNWY0MDY5JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 20:41:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-dns-prefetch-control
off
vary
Accept-Encoding
x-xss-protection
1; mode=block, 1; mode=block
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
content-security-policy
default-src 'self'; script-src 'self' https://www.gstatic.com https://js.stripe.com https://cdn.trackjs.com/ https://www.googletagmanager.com https://cdn.pendo.io https://*.storage.googleapis.com https://data.pendo.io 'unsafe-inline' 'unsafe-eval' https://www.google-analytics.com https://app.pendo.io https://www.youtube.com; frame-src 'self' https://js.stripe.com https://www.google-analytics.com https://docs.google.com https://app.pendo.io https://www.youtube.com; img-src 'self' data: blob: https://*.giphy.com https://*.licdn.com https://*.amazonaws.com https://*.s3.amazonaws.com https://*.s3.ap-southeast-1.amazonaws.com https://usage.trackjs.com https://res.cloudinary.com https://data.pendo.io https://*.storage.googleapis.com https://cdn.jsdelivr.net https://cdn.pendo.io https://www.google-analytics.com https://www.googletagmanager.com https://via.placeholder.com https://app.pendo.io https://www.youtube.com; script-src-elem 'self' https://js.stripe.com https://cdn.trackjs.com https://www.googletagmanager.com https://cdn.pendo.io https://*.storage.googleapis.com https://data.pendo.io 'unsafe-inline' 'unsafe-eval' https://www.google-analytics.com https://app.pendo.io https://www.gstatic.com https://www.youtube.com; style-src 'self' https://fonts.googleapis.com 'unsafe-inline' https://cdn.pendo.io https://data.pendo.io https://www.gstatic.com https://*.storage.googleapis.com https://www.youtube.com; style-src-elem 'self' https://fonts.googleapis.com 'unsafe-inline' https://cdn.pendo.io https://stackpath.bootstrapcdn.com https://www.gstatic.com https://*.storage.googleapis.com https://fonts.googleapis.com https://www.youtube.com; style-src-attr 'self' 'unsafe-inline' https://fonts.googleapis.com 'unsafe-inline' https://cdn.pendo.io https://data.pendo.io https://www.gstatic.com https://*.storage.googleapis.com https://www.youtube.com; font-src 'self' https://fonts.gstatic.com https://www.youtube.com; connect-src 'self' https://get.geojs.io https://listenat.xoxoday.com https://www.google-analytics.com https://stats.g.doubleclick.net https://capture.trackjs.com wss://listenat.xoxoday.com https://fcm.googleapis.com https://data.pendo.io https://www.youtube.com; report-uri /chef/csp_report;
cf-ray
6a4ebf08ad5d27b8-PRG

Redirect headers

date
Wed, 27 Oct 2021 20:41:37 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-dns-prefetch-control
off
vary
Accept
content-length
117
x-xss-protection
1; mode=block, 1; mode=block
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
text/plain; charset=utf-8
location
https://fai.xoxoday.com/login?dest_url=L2ltYWdlL2NsaWVudHMvZmFpL2ZhaV8xNTA0NTA5MTY1LWxvZ28ucG5n
cache-control
no-cache, no-store, must-revalidate
content-security-policy
default-src 'self'; script-src 'self' https://www.gstatic.com https://js.stripe.com https://cdn.trackjs.com/ https://www.googletagmanager.com https://cdn.pendo.io https://*.storage.googleapis.com https://data.pendo.io 'unsafe-inline' 'unsafe-eval' https://www.google-analytics.com https://app.pendo.io https://www.youtube.com; frame-src 'self' https://js.stripe.com https://www.google-analytics.com https://docs.google.com https://app.pendo.io https://www.youtube.com; img-src 'self' data: blob: https://*.giphy.com https://*.licdn.com https://*.amazonaws.com https://*.s3.amazonaws.com https://*.s3.ap-southeast-1.amazonaws.com https://usage.trackjs.com https://res.cloudinary.com https://data.pendo.io https://*.storage.googleapis.com https://cdn.jsdelivr.net https://cdn.pendo.io https://www.google-analytics.com https://www.googletagmanager.com https://via.placeholder.com https://app.pendo.io https://www.youtube.com; script-src-elem 'self' https://js.stripe.com https://cdn.trackjs.com https://www.googletagmanager.com https://cdn.pendo.io https://*.storage.googleapis.com https://data.pendo.io 'unsafe-inline' 'unsafe-eval' https://www.google-analytics.com https://app.pendo.io https://www.gstatic.com https://www.youtube.com; style-src 'self' https://fonts.googleapis.com 'unsafe-inline' https://cdn.pendo.io https://data.pendo.io https://www.gstatic.com https://*.storage.googleapis.com https://www.youtube.com; style-src-elem 'self' https://fonts.googleapis.com 'unsafe-inline' https://cdn.pendo.io https://stackpath.bootstrapcdn.com https://www.gstatic.com https://*.storage.googleapis.com https://fonts.googleapis.com https://www.youtube.com; style-src-attr 'self' 'unsafe-inline' https://fonts.googleapis.com 'unsafe-inline' https://cdn.pendo.io https://data.pendo.io https://www.gstatic.com https://*.storage.googleapis.com https://www.youtube.com; font-src 'self' https://fonts.gstatic.com https://www.youtube.com; connect-src 'self' https://get.geojs.io https://listenat.xoxoday.com https://www.google-analytics.com https://stats.g.doubleclick.net https://capture.trackjs.com wss://listenat.xoxoday.com https://fcm.googleapis.com https://data.pendo.io https://www.youtube.com; report-uri /chef/csp_report;
cf-ray
6a4ebf03acaa27b8-PRG
Graphik-Light.woff2
fai.xoxoday.com/fonts/graphik/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fai.xoxoday.com/fonts/graphik/Graphik-Light.woff2
Requested by
Host: fai.xoxoday.com
URL: https://fai.xoxoday.com/fonts/graphik/stylesheet.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f170a2c634b5385cc26efaf40223b6c2ae6b67faf47de17d51486fcf0dc4ad32
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://fai.xoxoday.com/fonts/graphik/stylesheet.css
Origin
https://fai.xoxoday.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 20:41:37 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-download-options
noopen
x-frame-options
SAMEORIGIN, SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
font/woff2
cache-control
public, max-age=0
x-dns-prefetch-control
off
strict-transport-security
max-age=15552000; includeSubDomains
accept-ranges
bytes
cf-ray
6a4ebf03acaf27b8-PRG
content-length
36124
x-xss-protection
1; mode=block, 1; mode=block
Graphik-Regular.woff2
fai.xoxoday.com/fonts/graphik/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fai.xoxoday.com/fonts/graphik/Graphik-Regular.woff2
Requested by
Host: fai.xoxoday.com
URL: https://fai.xoxoday.com/fonts/graphik/stylesheet.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c3fb453d635826f7fb3eeb369e7e469008e8d80ed9b6078769468b2b8ba1fb2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://fai.xoxoday.com/fonts/graphik/stylesheet.css
Origin
https://fai.xoxoday.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 20:41:36 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-download-options
noopen
x-frame-options
SAMEORIGIN, SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
font/woff2
cache-control
public, max-age=0
x-dns-prefetch-control
off
strict-transport-security
max-age=15552000; includeSubDomains
accept-ranges
bytes
cf-ray
6a4ebf03bcb627b8-PRG
content-length
34352
x-xss-protection
1; mode=block, 1; mode=block
icomoon.ttf
fai.xoxoday.com/CustomIcomoon/customIcons/fonts/ 		31 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fai.xoxoday.com/CustomIcomoon/customIcons/fonts/icomoon.ttf?9hhou1
Requested by
Host: fai.xoxoday.com
URL: https://fai.xoxoday.com/CustomIcomoon/customIcons/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e7d5278ef29cfa1c77e5e90b983b4462caa2f1a8fec1f78118e37f133b14a93
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://fai.xoxoday.com/CustomIcomoon/customIcons/style.css
Origin
https://fai.xoxoday.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

cf-ray
6a4ebf03bcb727b8-PRG
date
Wed, 27 Oct 2021 20:41:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-download-options
noopen
x-frame-options
SAMEORIGIN, SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
font/ttf
cache-control
public, max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
x-dns-prefetch-control
off
x-xss-protection
1; mode=block, 1; mode=block
/
sts.firstam.com/adfs/ls/
Redirect Chain
  • https://fai.xoxoday.com/chef/sso/sso-redirect?company_id=NTI4Nw==
  • https://sts.firstam.com/adfs/ls/?SAMLRequest=hZJdTyMhFIb%2FyoR7hqGttpJOk66NsYnbbeysF96YUwa2JHx0OYzWf790qq5eqJcczvMeHmCK4OxezLu087fqb6cwFQdnPYp%2BoyZd9CIAGhQenEKRpNjMf96IQVmJfQwpyGDJO%2BRrAhBVTCZ4Ui...
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sts.firstam.com
URL
https://sts.firstam.com/adfs/ls/?SAMLRequest=hZJdTyMhFIb%2FyoR7hqGttpJOk66NsYnbbeysF96YUwa2JHx0OYzWf790qq5eqJcczvMeHmCK4OxezLu087fqb6cwFQdnPYp%2BoyZd9CIAGhQenEKRpNjMf96IQVmJfQwpyGDJO%2BRrAhBVTCZ4UiwXNXmY6K2%2B4HJI%2BXC8pSMuz%2BlE8jOqz7XiE6gmwzGQ4k5FzExNckQGETu19JjAp1yqBpzyig7GzaASIy6G4%2FLirLonxSK7GA%2BpJ3cp7VEwhglLbWKGXSmDY9BqZBYZKdYvMj%2BMb43%2F87XH9tSE4rpp1nT9a9OQYv7qdhk8dk7FjYqPRqrftzf%2F52sw5SEcQgvP%2FXy5U5ohBvYI1rSQFD1eIls1y9Hqqa7JbHpci945zr5NcSpBTgGK%2B7eMKXsfMT09%2BCorLRfrYI18Lq5CdJA%2BN%2BYl7yumpbpvFcqBsfO2jQoxm1sbni6jyseviQaLirDZaezHrzX7Bw%3D%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=i17VyNv%2FIrCSmh%2Bjn1KfYdTI2b6Fq1HCaC2BkcWtjjtvNBmVgKsp4YEY%2FajvGR8aThvmrxUps2OrmGsvxE9Y%2BhpsiQcaztrtci%2BMtwY2Xkz8SZMxLr5jp0v%2Ft7rePIxOTVOXk%2B3JJZ%2FChBwiD5omu8EwSrUwRl0ZWxgt4zkz5shxb7u7N07AF6ZLd9VKWIuM0pOhfRHyTxocqnuoyBNVoefFaotoekorQqlvuhoso1FN0z9jXEqn%2FFiL58uLoM6VYe%2BdL1TivCYkpcAOmf1QYh%2Bhv%2BmmdqF4z5gzf%2FMveGdIKViqaYE1x%2Bx0JquJgUGTDwfIf75%2B0Ek6VNESCRvniw%3D%3D

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Domain/Path Name / Value
.fai.xoxoday.com/ Name: _ga
Value: GA1.3.1394173934.1635367293
.fai.xoxoday.com/ Name: _gid
Value: GA1.3.552337142.1635367293
.fai.xoxoday.com/ Name: _gat_UA-137252764-1
Value: 1
.xoxoday.com/ Name: lng
Value: en
.fai.xoxoday.com/ Name: pltfm
Value: 1
.xoxoday.com/ Name: __cf_bm
Value: vAGYIJwDc66jrqmpk1Q_7PrwFyI.CdVasXOoFMOvM_g-1635367294-0-AeyzNCcmAEbV/dXQa2qVZytyrrUYoRzGVk8gzq8gtfnYrwuHW4NTfIkTCRapYJALQQFl/wuGdzJVUACyhUuTDkSzLlTKTIezSSfdKOXH3+J6XXPN4ZCsUAshCCaRMcchDt01r/9TSP2JnudQXkxn1tU8fvszbsTjThfusun+iYuH
m.stripe.com/ Name: m
Value: eb07efe2-8f80-4a7a-8e3a-bc1d242c8e269c0578
.fai.xoxoday.com/ Name: __stripe_mid
Value: 79991159-de47-4187-ab2d-7ca4ca76539abcd64c
.fai.xoxoday.com/ Name: __stripe_sid
Value: 8a31b5e3-d92b-4bf8-9528-d79799fce9e2c313bb
.fai.xoxoday.com/ Name: redirection_url
Value: %2Fhome%2Ff20884ad-3954-4591-b94b-70d2944787ad-1608724647051%2Fpost%2F1635359703348-78e356d5-539e-434f-8349-22f119e6755c%3Fnudge_id%3D3fd440812242557b58a7c1380d35c7e550de021e%26notif_id%3De8d33cbe92243b93b87833d61d5f4069%26utm_medium%3Demail%26utm_source%3Dnotifications%26utm_campaign%3Dtoday_work_anniversary_nudge

1 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw='".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; script-src 'self' https://www.gstatic.com https://js.stripe.com https://cdn.trackjs.com/ https://www.googletagmanager.com https://cdn.pendo.io https://*.storage.googleapis.com https://data.pendo.io 'unsafe-inline' 'unsafe-eval' https://www.google-analytics.com https://app.pendo.io https://www.youtube.com; frame-src 'self' https://js.stripe.com https://www.google-analytics.com https://docs.google.com https://app.pendo.io https://www.youtube.com; img-src 'self' data: blob: https://*.giphy.com https://*.licdn.com https://*.amazonaws.com https://*.s3.amazonaws.com https://*.s3.ap-southeast-1.amazonaws.com https://usage.trackjs.com https://res.cloudinary.com https://data.pendo.io https://*.storage.googleapis.com https://cdn.jsdelivr.net https://cdn.pendo.io https://www.google-analytics.com https://www.googletagmanager.com https://via.placeholder.com https://app.pendo.io https://www.youtube.com; script-src-elem 'self' https://js.stripe.com https://cdn.trackjs.com https://www.googletagmanager.com https://cdn.pendo.io https://*.storage.googleapis.com https://data.pendo.io 'unsafe-inline' 'unsafe-eval' https://www.google-analytics.com https://app.pendo.io https://www.gstatic.com https://www.youtube.com; style-src 'self' https://fonts.googleapis.com 'unsafe-inline' https://cdn.pendo.io https://data.pendo.io https://www.gstatic.com https://*.storage.googleapis.com https://www.youtube.com; style-src-elem 'self' https://fonts.googleapis.com 'unsafe-inline' https://cdn.pendo.io https://stackpath.bootstrapcdn.com https://www.gstatic.com https://*.storage.googleapis.com https://fonts.googleapis.com https://www.youtube.com; style-src-attr 'self' 'unsafe-inline' https://fonts.googleapis.com 'unsafe-inline' https://cdn.pendo.io https://data.pendo.io https://www.gstatic.com https://*.storage.googleapis.com https://www.youtube.com; font-src 'self' https://fonts.gstatic.com https://www.youtube.com; connect-src 'self' https://get.geojs.io https://listenat.xoxoday.com https://www.google-analytics.com https://stats.g.doubleclick.net https://capture.trackjs.com wss://listenat.xoxoday.com https://fcm.googleapis.com https://data.pendo.io https://www.youtube.com; report-uri /chef/csp_report;
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.trackjs.com
fai.xoxoday.com
fonts.googleapis.com
js.stripe.com
m.stripe.com
m.stripe.network
q.stripe.com
stats.g.doubleclick.net
sts.firstam.com
usage.trackjs.com
www.google-analytics.com
www.googletagmanager.com
xoxoday-dropbox.s3.ap-southeast-1.amazonaws.com
sts.firstam.com
104.18.30.19
142.250.185.234
142.250.186.168
142.250.186.46
143.204.98.117
151.101.128.176
158.69.52.117
52.219.32.139
52.89.186.194
54.187.159.182
74.125.140.155
94.31.29.32
00f3859bc4b09e2c065b94092f469c24c58c92608e34b937b39792cf877d7ea9
02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5
0349a0cbee492036f0b2be5c5fbd4282930779b257bb09a30744839cd0afd2a8
0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
0e7d5278ef29cfa1c77e5e90b983b4462caa2f1a8fec1f78118e37f133b14a93
183601c06ba5e4536f5880e9476e4d8fcb53a4145423ba818ea4064cb20a69e4
1969520bd7b0ea7b84b1cbdda4a8ae93c321abe6eaeff82b5fa496680bf88a0f
29c09c6a4a8c69a981ad315ac5bf6d92b3f68aad57f2f527b26f3a5bca517202
2a11674187b1ee49658796b3526632929992949988ed6ddd81fd5cce566701fb
2bbe175e5d074e50dcaa253c4c2a0c89a1ba050e8d5cca200e6d12cf77cf3923
2fd7f15e18740cacae91badbd1ccb819e431cdb510d8af3eef4510083de2e733
30a755619b5a41defe0898aab1cd19fb3890c1b489b3575b5f0122e8b70b267a
30aec7d1fd57ac4d90ec345d003b8b0253597675cde0d84bbacebddfd57cd18b
38eab160f6b3a61bd6e97d39782a8692eb9fc7b11338f71f97dff2850d63f1e3
40eb3f63a01f7a841d33b9c36cfe2d4eb18bc9d8bf81348711e991b0ef9bce79
42564beab156630df77f40b2c20121cde58943fbe64ff56c568a233ab5cc04e8
4480c866a6394c5502675afbe32465bf5b1e2a30151f69dcc4401d3c5503f34d
4530e79d594e50084c5d68d5915bf5220f546120dc3a3c0237ebda120c876314
63d5e60353888a58f753c7549355bf9733c764778118f2cfe91e6bbc35ed0966
676bc7038e10dde141258dfe0bc9a4a99820e89a3991157f5669aa58b94db60f
6b5402ff8932ed835d39a31b75c6bc737a80f6ddcd6269a1fa53556485ca3ad8
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7b116ac42dfa848b8cbeff07cae0cc208a898111a7191ab266b4f0241683671a
7fe415ecf3aafc9cd7109afad3f9ed66cd9f3c1b3821d0e28d172b2c459635f4
83e0bcd7766de13014cc44a4ed7bf8ccaa457a90ebe16179599c0d707b68ff2d
8c682fc42f7a729f1170627881f171cac0896296cbcb31f71c44b982ebd29f4e
93c8e04661dfa9ae9a664d3c879c76f65288c81609bff288a32e1c260db57426
9c3fb453d635826f7fb3eeb369e7e469008e8d80ed9b6078769468b2b8ba1fb2
a2bc90f677899104fe4297381645c6f9b8ae65910dd52118bda6e2c514a0d502
a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7
a3b68c4aad59fb65a0ececd9d6e8fd467b3d2f23a2ee8d50d076fcbc890deafd
a46bf04f54bb96acf8cc83cd7dec3f68c0ebf99bde3ef23852f18871e06b3563
a9b423500bd62a21260dc16b1da6e2eb5a77fbddaa49fbeb97cb3dcec7cdd5b7
ab4b6756b0f2f06e7c4e347e0ee1d354fe28efd6d0fe233903709dce9b0ea17c
afb727c828f3957ada8e546f9bce9c9c733bc1d2f09a83eb47f2114302cd9f2b
b3e89010da50b0c184635fe8055768834c7f0bad962186c6690046564323f43d
b5216bb14bdebe09b243f0a4a131e9be8e43c6d6dfdb6943d6e7cdb76d05186d
b8a30a8925144ecf34ae36038be8f30d915c15335cbb9e4cafa4ca733d8628e0
c7304b8b4173d08a3677d8ae674fc3591bd7db70b5eb0d8216f6a41154be4f2a
cd3dbbe2f2707587be1e399a99cf7850a798b83127c213a0165b12bd3ef63783
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56
e18aabc06c194df4f5de4a5990f4e14741e13ef8594d61cb65364a696a7dc0f5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db
ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd
f170a2c634b5385cc26efaf40223b6c2ae6b67faf47de17d51486fcf0dc4ad32
f650f70bd4a8e7ce25699e594dde50a2817bd8cf94f8b591b9468c08095e366a
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62