URL: https://dropbox.stor.co/
Submission Tags: @phishunt_io
Submission: On March 12 via api from DE — Scanned from DE

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 42 HTTP transactions. The main IP is 2606:4700:7::a29f:8268, located in United States and belongs to CLOUDFLARENET, US. The main domain is dropbox.stor.co.
TLS certificate: Issued by GTS CA 1P5 on February 2nd 2024. Valid for: 3 months.
This is the only time dropbox.stor.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
36 2606:4700:7::... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700:7::... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
42 4
Apex Domain
Subdomains
Transfer
40 stor.co
dropbox.stor.co
cdn.stor.co
stats.stor.co
3 MB
1 gstatic.com
fonts.gstatic.com
46 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
1 KB
42 3
Domain Requested by
27 cdn.stor.co dropbox.stor.co
cdn.stor.co
11 dropbox.stor.co dropbox.stor.co
cdn.stor.co
2 stats.stor.co cdn.stor.co
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com dropbox.stor.co
42 5

This site contains links to these domains. Also see Links.

Domain
stor.co
Subject Issuer Validity Valid
stor.co
GTS CA 1P5
2024-02-02 -
2024-05-02
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2024-02-19 -
2024-05-13
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2024-02-19 -
2024-05-13
3 months crt.sh

This page contains 1 frames:

Primary Page: https://dropbox.stor.co/
Frame ID: 0F8BE7D4083FE0D928016084CE9CE1CE
Requests: 41 HTTP requests in this frame

Screenshot

Page Title

Dropbox | Online Shop

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

42
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

5
Subdomains

4
IPs

2
Countries

2742 kB
Transfer

3876 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
dropbox.stor.co/
74 KB
12 KB
Document
General
Full URL
https://dropbox.stor.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8268 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dd9187e52a9c916191554436a11598e6b851561ae8e6d9f1d01e0327f344503
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
86341c5739f72ba6-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Tue, 12 Mar 2024 13:25:31 GMT
link
<https://cdn.stor.co/assets/csrf-907b550f76dc19a3db39516b969cee611b7d6903a87bb75c6fe60cd5c9cd87fd.js>; rel=preload; as=script; nopush
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding, Origin
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
sameorigin
x-permitted-cross-domain-policies
none
x-request-id
b760fc72478bf890805c4c364d8435e8
x-runtime
0.515141
x-xss-protection
1; mode=block
csrf-907b550f76dc19a3db39516b969cee611b7d6903a87bb75c6fe60cd5c9cd87fd.js
cdn.stor.co/assets/
464 B
528 B
Script
General
Full URL
https://cdn.stor.co/assets/csrf-907b550f76dc19a3db39516b969cee611b7d6903a87bb75c6fe60cd5c9cd87fd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8268 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
907b550f76dc19a3db39516b969cee611b7d6903a87bb75c6fe60cd5c9cd87fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dropbox.stor.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 13:25:32 GMT
x-amz-version-id
P0IGYdAo42JOxhNmYGp14XCTBJJVFcJv
via
1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
cf-cache-status
MISS
content-encoding
br
x-amz-cf-pop
FRA60-P3
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 21 Mar 2022 17:18:38 GMT
server
cloudflare
etag
W/"bf83fe1da82d1132626d92163387143e"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
86341c5b482b2ba6-FRA
x-amz-cf-id
Ox8Ft3UX5Pdeh4d4r71Ousfy5RGCOnZosywz6KWdW4e07StHDdphTQ==
expires
Wed, 12 Mar 2025 13:25:32 GMT
css
fonts.googleapis.com/
5 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Inter:normal,400|Inter:700,400|Inter:normal,400|Inter:normal,400|Inter:normal,400&display=swap
Requested by
Host: dropbox.stor.co
URL: https://dropbox.stor.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3ae6e4decd4fb974b41b2f37fa7b19c7a1c9b80127dd45be4bc24702c7145a4c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dropbox.stor.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 12 Mar 2024 13:25:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 12 Mar 2024 13:25:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 12 Mar 2024 13:25:32 GMT
78e1c80a-efc7-48a1-9773-259688f92f2b
cdn.stor.co/shopfront/862EAA7B01C7/
329 KB
57 KB
Stylesheet
General
Full URL
https://cdn.stor.co/shopfront/862EAA7B01C7/78e1c80a-efc7-48a1-9773-259688f92f2b?cache=1710243330
Requested by
Host: dropbox.stor.co
URL: https://dropbox.stor.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8268 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
052807b1499626067ee5f7b207fc917410ef322270b384d7d8e93b4df73088dd
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.cardinalcommerce.com *.securetrading.net *.securetrading.us *.trustpayments.com *.google-analytics.com *.checkout.visa.com *.google.com *.canva.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; child-src *.paypalobjects.com *.paypal.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; connect-src 'self' data: blob: wss: *.fontawesome.com *.cloudflare.com *.canva.com *.bugsnag.com *.ecomstagingenv.com *.google-analytics.com *.zdassets.com *.smooch.io *.paypal.com *.paypalobjects.com *.googleapis.com *.stripe.com *.amazonaws.com *.s3.amazonaws.com *.unsplash.com *.intercom.com *.intercom.io *.intercomcdn.com *.ingest.sentry.io *.herokuapp.com *.cardinalcommerce.com *.zendesk.com zendesk-eu.my.sentry.io *.hotjar.com *.monzo.com *.zopim.com *.hcaptcha.com *.photoeditorsdk.com *.amplitude.com *.jsdelivr.net *.postcodeanywhere.co.uk cdn.stor.co stats.stor.co *.stor.co stor.co; font-src 'self' *.stor.co *.zdassets.com *.zendesk.com *.smooch.io *.canva.com *.gstatic.com *.intercom.com *.intercom.io *.intercomcdn.com *.fontawesome.com *.monzo.com cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; frame-src 'self' *.paypalobjects.com *.paypal.com *.stripe.com *.canva.com *.securetrading.net *.securetrading.us *.trustpayments.com *.ingest.sentry.io *.cardinalcommerce.com *.zendesk.com *.smooch.io *.hotjar.com *.youtube.com *.i.ytimg.com *.intercom.com *.intercom.io *.intercomcdn.com *.vimeo.com *.vimeocdn.com *.instagram.com *.facebook.com *.monzo.com *.google.com *.hcaptcha.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; img-src 'self' data: blob: *.paypal.com *.paypalobjects.com *.amazonaws.com *.s3.amazonaws.com *.shutterstock.com *.cloudflare.com *.gstatic.com *.stor.co *.canva.com *.intercom.com *.intercom.io *.intercomcdn.com *.zendesk.com *.zdassets.com *.smooch.io *.intercomassets.com *.unsplash.com *.placeholder.com *.google-analytics.com *.googleapis.com *.gravatar.com *.monzo.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; manifest-src 'self' cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; media-src 'self' *.stor.co *.zdassets.com *.zendesk.com *.smooch.io *.intercom.com *.intercom.io *.intercomcdn.com *.canva.com *.monzo.com *.amazonaws.com *.s3.amazonaws.com cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; object-src cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.stor.co *.canva.com *.zdassets.com *.zendesk.com *.smooch.io *.cloudfront.net *.cloudflare.com *.fontawesome.com ipinfo.io *.google.com *.googletagmanager.com *.google-analytics.com *.paypal.com *.paypalobjects.com *.gstatic.com *.jquery.com *.jsdelivr.net *.googleapis.com *.stripe.com *.facebook.net *.securetrading.net *.cardinalcommerce.com *.hotjar.com *.intercom.com *.intercom.io *.intercomcdn.com *.securetrading.us *.trustpayments.com *.monzo.com *.bootstrapcdn.com *.hcaptcha.com *.amplitude.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; style-src 'self' 'unsafe-inline' *.googleapis.com *.cloudflare.com *.canva.com *.zdassets.com *.zendesk.com *.smooch.io *.intercom.com *.intercom.io *.intercomcdn.com *.jquery.com *.jsdelivr.net *.hotjar.com *.monzo.com *.bootstrapcdn.com *.hcaptcha.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; worker-src blob: cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dropbox.stor.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 13:25:32 GMT
content-security-policy
default-src 'self' *.cardinalcommerce.com *.securetrading.net *.securetrading.us *.trustpayments.com *.google-analytics.com *.checkout.visa.com *.google.com *.canva.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; child-src *.paypalobjects.com *.paypal.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; connect-src 'self' data: blob: wss: *.fontawesome.com *.cloudflare.com *.canva.com *.bugsnag.com *.ecomstagingenv.com *.google-analytics.com *.zdassets.com *.smooch.io *.paypal.com *.paypalobjects.com *.googleapis.com *.stripe.com *.amazonaws.com *.s3.amazonaws.com *.unsplash.com *.intercom.com *.intercom.io *.intercomcdn.com *.ingest.sentry.io *.herokuapp.com *.cardinalcommerce.com *.zendesk.com zendesk-eu.my.sentry.io *.hotjar.com *.monzo.com *.zopim.com *.hcaptcha.com *.photoeditorsdk.com *.amplitude.com *.jsdelivr.net *.postcodeanywhere.co.uk cdn.stor.co stats.stor.co *.stor.co stor.co; font-src 'self' *.stor.co *.zdassets.com *.zendesk.com *.smooch.io *.canva.com *.gstatic.com *.intercom.com *.intercom.io *.intercomcdn.com *.fontawesome.com *.monzo.com cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; frame-src 'self' *.paypalobjects.com *.paypal.com *.stripe.com *.canva.com *.securetrading.net *.securetrading.us *.trustpayments.com *.ingest.sentry.io *.cardinalcommerce.com *.zendesk.com *.smooch.io *.hotjar.com *.youtube.com *.i.ytimg.com *.intercom.com *.intercom.io *.intercomcdn.com *.vimeo.com *.vimeocdn.com *.instagram.com *.facebook.com *.monzo.com *.google.com *.hcaptcha.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; img-src 'self' data: blob: *.paypal.com *.paypalobjects.com *.amazonaws.com *.s3.amazonaws.com *.shutterstock.com *.cloudflare.com *.gstatic.com *.stor.co *.canva.com *.intercom.com *.intercom.io *.intercomcdn.com *.zendesk.com *.zdassets.com *.smooch.io *.intercomassets.com *.unsplash.com *.placeholder.com *.google-analytics.com *.googleapis.com *.gravatar.com *.monzo.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; manifest-src 'self' cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; media-src 'self' *.stor.co *.zdassets.com *.zendesk.com *.smooch.io *.intercom.com *.intercom.io *.intercomcdn.com *.canva.com *.monzo.com *.amazonaws.com *.s3.amazonaws.com cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; object-src cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.stor.co *.canva.com *.zdassets.com *.zendesk.com *.smooch.io *.cloudfront.net *.cloudflare.com *.fontawesome.com ipinfo.io *.google.com *.googletagmanager.com *.google-analytics.com *.paypal.com *.paypalobjects.com *.gstatic.com *.jquery.com *.jsdelivr.net *.googleapis.com *.stripe.com *.facebook.net *.securetrading.net *.cardinalcommerce.com *.hotjar.com *.intercom.com *.intercom.io *.intercomcdn.com *.securetrading.us *.trustpayments.com *.monzo.com *.bootstrapcdn.com *.hcaptcha.com *.amplitude.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; style-src 'self' 'unsafe-inline' *.googleapis.com *.cloudflare.com *.canva.com *.zdassets.com *.zendesk.com *.smooch.io *.intercom.com *.intercom.io *.intercomcdn.com *.jquery.com *.jsdelivr.net *.hotjar.com *.monzo.com *.bootstrapcdn.com *.hcaptcha.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; worker-src blob: cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
via
1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
content-encoding
br
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
d4c7a5c0e9a1c543cbce5531e9a86b1c
x-runtime
0.381808
server
cloudflare
etag
W/"052807b1499626067ee5f7b207fc9174"
x-download-options
noopen
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
max-age=31536000, private
cf-ray
86341c5b482a2ba6-FRA
x-amz-cf-id
Iu6tdG5vxN8Dw1cESmqXF3LyULC1jwhD_k54WixgYlxltaaHP6Bwzw==
shopfront-a62d941bb70f5fdf7dc9ff4dabcb220463eb5fd53c3e1b6bb9e950f9ffa317cf.css
cdn.stor.co/assets/fontawesome/css/
487 KB
85 KB
Stylesheet
General
Full URL
https://cdn.stor.co/assets/fontawesome/css/shopfront-a62d941bb70f5fdf7dc9ff4dabcb220463eb5fd53c3e1b6bb9e950f9ffa317cf.css?v=1.01
Requested by
Host: dropbox.stor.co
URL: https://dropbox.stor.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8268 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a62d941bb70f5fdf7dc9ff4dabcb220463eb5fd53c3e1b6bb9e950f9ffa317cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dropbox.stor.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 13:25:32 GMT
x-amz-version-id
iwVdHyoVcq3aSo7JR2huttOEfUh_AWzg
via
1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
cf-cache-status
MISS
content-encoding
br
x-amz-cf-pop
FRA60-P3
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 11 Oct 2022 07:13:25 GMT
server
cloudflare
etag
W/"ed6d1c1525843a6fe1ecfbd5af202178"
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding
cf-ray
86341c5b48292ba6-FRA
x-amz-cf-id
e6Ysp7zoBLyXlioWyrSFzW4R_dyploBJJgsiVa6MF0z1OhNGV6J22g==
expires
Wed, 12 Mar 2025 13:25:32 GMT
essentials-bebda27f1bd0dbef7f9d9b55020c88d5732def43826a3da3c354fc0371324b0e.js
cdn.stor.co/assets/frontend/
588 KB
168 KB
Script
General
Full URL
https://cdn.stor.co/assets/frontend/essentials-bebda27f1bd0dbef7f9d9b55020c88d5732def43826a3da3c354fc0371324b0e.js?v=1.01
Requested by
Host: dropbox.stor.co
URL: https://dropbox.stor.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8268 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bebda27f1bd0dbef7f9d9b55020c88d5732def43826a3da3c354fc0371324b0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dropbox.stor.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 13:25:32 GMT
x-amz-version-id
ot_E6XLGFV2lbQlAfwIvhHbN9UOa81df
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-amz-cf-pop
FRA60-P3
age
1317617
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 07 Feb 2024 09:18:44 GMT
server
cloudflare
etag
W/"8490fd6d05fabb9f7257cb23f2c88b85"
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
86341c5b482c2ba6-FRA
x-amz-cf-id
kUbB7WVt5fg8ICH0KF-v4Dzm7d2u1FQMZIRBuEiUuX15AXzBCblDbQ==
expires
Wed, 12 Mar 2025 13:25:32 GMT
brand-placeholder.png
cdn.stor.co/assets/
3 KB
4 KB
Image
General
Full URL
https://cdn.stor.co/assets/brand-placeholder.png
Requested by
Host: dropbox.stor.co
URL: https://dropbox.stor.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8268 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b290de0591deb6d1875a88d05417aafd8ae850905e03f3f7fe756a794c667b5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dropbox.stor.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 13:25:32 GMT
x-amz-version-id
RDL0zUi1p.aN.b34RvcNCdDD2Vv2Q25O
via
1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-cf-pop
FRA60-P3
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
3559
last-modified
Wed, 07 Apr 2021 11:52:48 GMT
server
cloudflare
etag
"1a59d5c9f6e8caa158331a91a8f684c1"
vary
Origin, Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
86341c5b482f2ba6-FRA
x-amz-cf-id
mAX6MK-sDmdvV6Za0AT_HOb6NaGu-6FfDJOfu-PSJ70G-soEqP3Nvg==
expires
Wed, 12 Mar 2025 13:25:32 GMT
email-decode.min.js
dropbox.stor.co/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
852 B
Script
General
Full URL
https://dropbox.stor.co/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: dropbox.stor.co
URL: https://dropbox.stor.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8268 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dropbox.stor.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 13:25:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 05 Mar 2024 17:52:43 GMT
server
cloudflare
etag
W/"65e75beb-4d7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
86341c5b0faf2ba6-FRA
expires
Thu, 14 Mar 2024 13:25:32 GMT
7d80b567-fa03-49e6-b63e-1b189b9f0ca8.webp
cdn.stor.co/image/862EAA7B01C7/
8 KB
8 KB
Image
General
Full URL
https://cdn.stor.co/image/862EAA7B01C7/7d80b567-fa03-49e6-b63e-1b189b9f0ca8.webp?size=272x272&format=webp&background=ffffff&cache=1710243305
Requested by
Host: dropbox.stor.co
URL: https://dropbox.stor.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8268 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02278c0073402417114072ed2c056d4ad174a4039c6a22ae770ce699700a0269
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dropbox.stor.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 13:25:32 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
via
1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 12 Mar 2024 11:40:06 GMT
server
cloudflare
vary
Accept-Encoding, Origin
content-type
image/webp
cache-control
public, max-age=31536000
cf-ray
86341c5b482e2ba6-FRA
x-amz-cf-id
8znSkSS18-7BKi-rgK4qjuymUqcA5sxepW2fClnZKXhFuOifOsO_UA==
expires
Wed, 12 Mar 2025 13:25:32 GMT
18e9b906-6b5b-4193-a396-26846915fd09.webp
cdn.stor.co/image/862EAA7B01C7/
8 KB
8 KB
Image
General
Full URL
https://cdn.stor.co/image/862EAA7B01C7/18e9b906-6b5b-4193-a396-26846915fd09.webp?size=272x272&format=webp&background=ffffff&cache=1710243305
Requested by
Host: dropbox.stor.co
URL: https://dropbox.stor.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:8268 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
063a260c3e922d8c6fd7dc863e5abac73e6e11700eee82350771032a08b5be2e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dropbox.stor.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 13:25:32 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 12 Mar 2024 11:40:07 GMT
server
cloudflare
vary
Accept-Encoding, Origin
content-type
image/webp
cache-control
public, max-age=31536000
cf-ray
86341c5bae2565bb-FRA
x-amz-cf-id
KOjBb6L4Kv5LbFceg776nXCXlhbkPWet-QZnf-Zcl19r4ibPRyh5-w==
expires
Wed, 12 Mar 2025 13:25:32 GMT
0ab8cf6c-47c4-43d3-8f7d-7dfcdb9eb4a6.webp
cdn.stor.co/image/862EAA7B01C7/
11 KB
11 KB
Image
General
Full URL
https://cdn.stor.co/image/862EAA7B01C7/0ab8cf6c-47c4-43d3-8f7d-7dfcdb9eb4a6.webp?size=272x272&format=webp&background=ffffff&cache=1710243305
Requested by
Host: dropbox.stor.co
URL: https://dropbox.stor.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:8268 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8cc578d0fe2e0775d54b5db7f2a59018f014a4bd7ead2350ce7725b18bde5e8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dropbox.stor.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 13:25:32 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
via
1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 12 Mar 2024 11:40:07 GMT
server
cloudflare
vary
Accept-Encoding, Origin
content-type
image/webp
cache-control
public, max-age=31536000
cf-ray
86341c5bfebb65bb-FRA
x-amz-cf-id
2o7v8Il9yoFj0KozBZQNkTW7ZgFMdAqVRPNah31J9T_3DOsW02n55Q==
expires
Wed, 12 Mar 2025 13:25:32 GMT
f7dd5a3b-6434-4592-b29f-9223987f2f85.webp
cdn.stor.co/image/862EAA7B01C7/
7 KB
8 KB
Image
General
Full URL
https://cdn.stor.co/image/862EAA7B01C7/f7dd5a3b-6434-4592-b29f-9223987f2f85.webp?size=272x272&format=webp&background=ffffff&cache=1710243305
Requested by
Host: dropbox.stor.co
URL: https://dropbox.stor.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:8268 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
380b6371c06b461d93564f9c2c3c40e5ad7ffe9da81016230e082eefd0db08ec
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dropbox.stor.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 13:25:32 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 12 Mar 2024 11:40:07 GMT
server
cloudflare
vary
Accept-Encoding, Origin
content-type
image/webp
cache-control
public, max-age=31536000
cf-ray
86341c5ecb1965bb-FRA
x-amz-cf-id
m-_QqXUdC5vSbKdRd7IMXo-hReNktlcVJlI9zE18wZvZYdVvHajLXg==
expires
Wed, 12 Mar 2025 13:25:32 GMT
dda8ef99-3e39-4120-95a5-e4c4e301266c.webp
cdn.stor.co/image/862EAA7B01C7/
4 KB
4 KB
Image
General
Full URL
https://cdn.stor.co/image/862EAA7B01C7/dda8ef99-3e39-4120-95a5-e4c4e301266c.webp?size=272x272&format=webp&background=ffffff&cache=1710243305
Requested by
Host: dropbox.stor.co
URL: https://dropbox.stor.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:8268 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fba961e1ff8a34ed207aaf0f33b6fb94c57c0fb76326e901758ad38c93bf7039
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dropbox.stor.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 13:25:32 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
via
1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 12 Mar 2024 11:40:07 GMT
server
cloudflare
vary
Accept-Encoding, Origin
content-type
image/webp
cache-control
public, max-age=31536000
cf-ray
86341c5ecb2365bb-FRA
x-amz-cf-id
b2XWbfNJiQDOoRUNEUTXvEZlwW5TkwLTSFULiBlqItjyROKfAm1PIA==
expires
Wed, 12 Mar 2025 13:25:32 GMT
ae547983-c0da-4bca-adce-b339c3c5a1be.webp
cdn.stor.co/image/862EAA7B01C7/
8 KB
9 KB
Image
General
Full URL
https://cdn.stor.co/image/862EAA7B01C7/ae547983-c0da-4bca-adce-b339c3c5a1be.webp?size=272x272&format=webp&background=ffffff&cache=1710243305
Requested by
Host: dropbox.stor.co
URL: https://dropbox.stor.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:8268 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac6dd6ee427fca625b251bbb91763c76617001dd4932b2f5b7ae87474002fc6b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dropbox.stor.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 13:25:32 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
via
1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 12 Mar 2024 11:40:07 GMT
server
cloudflare
vary
Accept-Encoding, Origin
content-type
image/webp
cache-control
public, max-age=31536000
cf-ray
86341c5eeb4665bb-FRA
x-amz-cf-id
CMHduh3nHRLjlxsZ0jbOSmNSCSJU_6HkboZRXjGF_7fXdbihd0gPJQ==
expires
Wed, 12 Mar 2025 13:25:32 GMT
cef27be6-fc5d-4780-968d-ed41d812c07c.webp
cdn.stor.co/image/862EAA7B01C7/
5 KB
6 KB
Image
General
Full URL
https://cdn.stor.co/image/862EAA7B01C7/cef27be6-fc5d-4780-968d-ed41d812c07c.webp?size=272x272&format=webp&background=ffffff&cache=1710243305
Requested by
Host: dropbox.stor.co
URL: https://dropbox.stor.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:8268 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
465a58d5462d1b24422880dff96ff88233cdf38f1626d5bbd073a3d65496be4b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dropbox.stor.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 13:25:32 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
via
1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 12 Mar 2024 11:40:07 GMT
server
cloudflare
vary
Accept-Encoding, Origin
content-type
image/webp
cache-control
public, max-age=31536000
cf-ray
86341c5eeb4865bb-FRA
x-amz-cf-id
_pB3qLHaNhHAhKMXjfqwGpmgp-guBAOy3uMYRLUAQRW_AcSHODx00g==
expires
Wed, 12 Mar 2025 13:25:32 GMT
20976b97-d1a7-478d-b809-ad88788bee9d.webp
cdn.stor.co/image/862EAA7B01C7/
11 KB
11 KB
Image
General
Full URL
https://cdn.stor.co/image/862EAA7B01C7/20976b97-d1a7-478d-b809-ad88788bee9d.webp?size=272x272&format=webp&background=ffffff&cache=1710243305
Requested by
Host: dropbox.stor.co
URL: https://dropbox.stor.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:8268 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57dfb02c3ffdf6f84086e59ed2747949bc35e2b43c5e0feb051620b8f7db0a30
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dropbox.stor.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 13:25:32 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
via
1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 12 Mar 2024 11:40:07 GMT
server
cloudflare
vary
Accept-Encoding, Origin
content-type
image/webp
cache-control
public, max-age=31536000
cf-ray
86341c5eeb4b65bb-FRA
x-amz-cf-id
FKCeA0_J0eD7C7UfAX-sHqCgYhhymmH-MOUIYTQk5OFzUo5mgscY3w==
expires
Wed, 12 Mar 2025 13:25:32 GMT
6ae2dfc6-09eb-4076-962f-03b992a03dc7
cdn.stor.co/shopfront/862EAA7B01C7/
25 KB
11 KB
Script
General
Full URL
https://cdn.stor.co/shopfront/862EAA7B01C7/6ae2dfc6-09eb-4076-962f-03b992a03dc7?cache=1710243330
Requested by
Host: dropbox.stor.co
URL: https://dropbox.stor.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:8268 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25e479fff38f182af507faeed4b00f753c18f7123c11565f0ca4f6eb37037c40
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.cardinalcommerce.com *.securetrading.net *.securetrading.us *.trustpayments.com *.google-analytics.com *.checkout.visa.com *.google.com *.canva.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; child-src *.paypalobjects.com *.paypal.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; connect-src 'self' data: blob: wss: *.fontawesome.com *.cloudflare.com *.canva.com *.bugsnag.com *.ecomstagingenv.com *.google-analytics.com *.zdassets.com *.smooch.io *.paypal.com *.paypalobjects.com *.googleapis.com *.stripe.com *.amazonaws.com *.s3.amazonaws.com *.unsplash.com *.intercom.com *.intercom.io *.intercomcdn.com *.ingest.sentry.io *.herokuapp.com *.cardinalcommerce.com *.zendesk.com zendesk-eu.my.sentry.io *.hotjar.com *.monzo.com *.zopim.com *.hcaptcha.com *.photoeditorsdk.com *.amplitude.com *.jsdelivr.net *.postcodeanywhere.co.uk cdn.stor.co stats.stor.co *.stor.co stor.co; font-src 'self' *.stor.co *.zdassets.com *.zendesk.com *.smooch.io *.canva.com *.gstatic.com *.intercom.com *.intercom.io *.intercomcdn.com *.fontawesome.com *.monzo.com cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; frame-src 'self' *.paypalobjects.com *.paypal.com *.stripe.com *.canva.com *.securetrading.net *.securetrading.us *.trustpayments.com *.ingest.sentry.io *.cardinalcommerce.com *.zendesk.com *.smooch.io *.hotjar.com *.youtube.com *.i.ytimg.com *.intercom.com *.intercom.io *.intercomcdn.com *.vimeo.com *.vimeocdn.com *.instagram.com *.facebook.com *.monzo.com *.google.com *.hcaptcha.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; img-src 'self' data: blob: *.paypal.com *.paypalobjects.com *.amazonaws.com *.s3.amazonaws.com *.shutterstock.com *.cloudflare.com *.gstatic.com *.stor.co *.canva.com *.intercom.com *.intercom.io *.intercomcdn.com *.zendesk.com *.zdassets.com *.smooch.io *.intercomassets.com *.unsplash.com *.placeholder.com *.google-analytics.com *.googleapis.com *.gravatar.com *.monzo.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; manifest-src 'self' cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; media-src 'self' *.stor.co *.zdassets.com *.zendesk.com *.smooch.io *.intercom.com *.intercom.io *.intercomcdn.com *.canva.com *.monzo.com *.amazonaws.com *.s3.amazonaws.com cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; object-src cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.stor.co *.canva.com *.zdassets.com *.zendesk.com *.smooch.io *.cloudfront.net *.cloudflare.com *.fontawesome.com ipinfo.io *.google.com *.googletagmanager.com *.google-analytics.com *.paypal.com *.paypalobjects.com *.gstatic.com *.jquery.com *.jsdelivr.net *.googleapis.com *.stripe.com *.facebook.net *.securetrading.net *.cardinalcommerce.com *.hotjar.com *.intercom.com *.intercom.io *.intercomcdn.com *.securetrading.us *.trustpayments.com *.monzo.com *.bootstrapcdn.com *.hcaptcha.com *.amplitude.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; style-src 'self' 'unsafe-inline' *.googleapis.com *.cloudflare.com *.canva.com *.zdassets.com *.zendesk.com *.smooch.io *.intercom.com *.intercom.io *.intercomcdn.com *.jquery.com *.jsdelivr.net *.hotjar.com *.monzo.com *.bootstrapcdn.com *.hcaptcha.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; worker-src blob: cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dropbox.stor.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 13:25:32 GMT
content-security-policy
default-src 'self' *.cardinalcommerce.com *.securetrading.net *.securetrading.us *.trustpayments.com *.google-analytics.com *.checkout.visa.com *.google.com *.canva.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; child-src *.paypalobjects.com *.paypal.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; connect-src 'self' data: blob: wss: *.fontawesome.com *.cloudflare.com *.canva.com *.bugsnag.com *.ecomstagingenv.com *.google-analytics.com *.zdassets.com *.smooch.io *.paypal.com *.paypalobjects.com *.googleapis.com *.stripe.com *.amazonaws.com *.s3.amazonaws.com *.unsplash.com *.intercom.com *.intercom.io *.intercomcdn.com *.ingest.sentry.io *.herokuapp.com *.cardinalcommerce.com *.zendesk.com zendesk-eu.my.sentry.io *.hotjar.com *.monzo.com *.zopim.com *.hcaptcha.com *.photoeditorsdk.com *.amplitude.com *.jsdelivr.net *.postcodeanywhere.co.uk cdn.stor.co stats.stor.co *.stor.co stor.co; font-src 'self' *.stor.co *.zdassets.com *.zendesk.com *.smooch.io *.canva.com *.gstatic.com *.intercom.com *.intercom.io *.intercomcdn.com *.fontawesome.com *.monzo.com cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; frame-src 'self' *.paypalobjects.com *.paypal.com *.stripe.com *.canva.com *.securetrading.net *.securetrading.us *.trustpayments.com *.ingest.sentry.io *.cardinalcommerce.com *.zendesk.com *.smooch.io *.hotjar.com *.youtube.com *.i.ytimg.com *.intercom.com *.intercom.io *.intercomcdn.com *.vimeo.com *.vimeocdn.com *.instagram.com *.facebook.com *.monzo.com *.google.com *.hcaptcha.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; img-src 'self' data: blob: *.paypal.com *.paypalobjects.com *.amazonaws.com *.s3.amazonaws.com *.shutterstock.com *.cloudflare.com *.gstatic.com *.stor.co *.canva.com *.intercom.com *.intercom.io *.intercomcdn.com *.zendesk.com *.zdassets.com *.smooch.io *.intercomassets.com *.unsplash.com *.placeholder.com *.google-analytics.com *.googleapis.com *.gravatar.com *.monzo.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; manifest-src 'self' cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; media-src 'self' *.stor.co *.zdassets.com *.zendesk.com *.smooch.io *.intercom.com *.intercom.io *.intercomcdn.com *.canva.com *.monzo.com *.amazonaws.com *.s3.amazonaws.com cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; object-src cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.stor.co *.canva.com *.zdassets.com *.zendesk.com *.smooch.io *.cloudfront.net *.cloudflare.com *.fontawesome.com ipinfo.io *.google.com *.googletagmanager.com *.google-analytics.com *.paypal.com *.paypalobjects.com *.gstatic.com *.jquery.com *.jsdelivr.net *.googleapis.com *.stripe.com *.facebook.net *.securetrading.net *.cardinalcommerce.com *.hotjar.com *.intercom.com *.intercom.io *.intercomcdn.com *.securetrading.us *.trustpayments.com *.monzo.com *.bootstrapcdn.com *.hcaptcha.com *.amplitude.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; style-src 'self' 'unsafe-inline' *.googleapis.com *.cloudflare.com *.canva.com *.zdassets.com *.zendesk.com *.smooch.io *.intercom.com *.intercom.io *.intercomcdn.com *.jquery.com *.jsdelivr.net *.hotjar.com *.monzo.com *.bootstrapcdn.com *.hcaptcha.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; worker-src blob: cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
via
1.1 4612dc3b414cf2057f542e94733d59bc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
content-encoding
br
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
987f6b9254654cc468853508a5919da4
x-runtime
0.270939
server
cloudflare
etag
W/"25e479fff38f182af507faeed4b00f75"
x-download-options
noopen
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, private
cf-ray
86341c5c0f0265bb-FRA
x-amz-cf-id
pyOLrWeYlZyiddoDVAnTB6qLftAscX523xxM6dePunsMXDoiHBCylA==
sprite-currency-flags.png
cdn.stor.co/assets/
2 KB
3 KB
Image
General
Full URL
https://cdn.stor.co/assets/sprite-currency-flags.png
Requested by
Host: cdn.stor.co
URL: https://cdn.stor.co/shopfront/862EAA7B01C7/78e1c80a-efc7-48a1-9773-259688f92f2b?cache=1710243330
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:8268 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b43422929d1040ce73500b9329b55b04c9d4fbae504b8abf701cd7261b9eeb2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.stor.co/shopfront/862EAA7B01C7/78e1c80a-efc7-48a1-9773-259688f92f2b?cache=1710243330
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 13:25:32 GMT
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
x-amz-version-id
RZmqNrBaPCqv0iPsbLPuiqv8Xi7NWsgq
cf-cache-status
HIT
age
93761
x-amz-cf-pop
FRA60-P3
cf-polished
origSize=2266, status=vary_header_present
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
2151
cf-bgj
imgq:100,h2pri
last-modified
Mon, 02 Dec 2019 11:46:24 GMT
server
cloudflare
etag
"675f621ea319a224412e51ae840ff453"
vary
Accept-Encoding, Origin
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
86341c5efb5a65bb-FRA
x-amz-cf-id
iJgqRSMjOfBngqgEt0frSJa6v_0ZbKxII6IVCqTegk-OtXQvkb3iDw==
expires
Wed, 12 Mar 2025 13:25:32 GMT
fa-solid-900.woff2
cdn.stor.co/webfonts/
321 KB
324 KB
Font
General
Full URL
https://cdn.stor.co/webfonts/fa-solid-900.woff2
Requested by
Host: cdn.stor.co
URL: https://cdn.stor.co/assets/fontawesome/css/shopfront-a62d941bb70f5fdf7dc9ff4dabcb220463eb5fd53c3e1b6bb9e950f9ffa317cf.css?v=1.01
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:8568 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f350c708b5e7748a452b4b98600fa49127166d995686e260ccafb58d51a4ea62
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.cardinalcommerce.com *.securetrading.net *.securetrading.us *.trustpayments.com *.google-analytics.com *.checkout.visa.com *.google.com *.canva.com *.ecomstagingenv.com; child-src *.paypalobjects.com *.paypal.com; connect-src 'self' data: blob: wss: *.stor.co *.fontawesome.com *.cloudflare.com *.canva.com *.bugsnag.com *.ecomstagingenv.com *.google-analytics.com *.zdassets.com *.paypal.com *.paypalobjects.com *.googleapis.com *.stripe.com *.amazonaws.com *.unsplash.com *.intercom.com *.intercom.io *.intercomcdn.com *.ingest.sentry.io *.herokuapp.com *.cardinalcommerce.com *.zendesk.com *.smooch.io zendesk-eu.my.sentry.io *.hotjar.com *.monzo.com *.zopim.com *.hcaptcha.com *.photoeditorsdk.com *.postcodeanywhere.co.uk *.amplitude.com; font-src 'self' *.stor.co *.zdassets.com *.zendesk.com *.smooch.io *.canva.com *.gstatic.com *.intercom.com *.intercom.io *.intercomcdn.com *.fontawesome.com *.monzo.com; frame-src 'self' *.stor.co *.paypalobjects.com *.paypal.com *.stripe.com *.canva.com *.securetrading.net *.securetrading.us *.trustpayments.com *.ingest.sentry.io *.cardinalcommerce.com *.zendesk.com *.smooch.io *.hotjar.com *.youtube.com *.i.ytimg.com *.intercom.com *.intercom.io *.intercomcdn.com *.vimeo.com *.vimeocdn.com *.instagram.com *.facebook.com *.monzo.com *.google.com *.hcaptcha.com; img-src 'self' data: blob: *.stor.co *.paypal.com *.paypalobjects.com *.amazonaws.com *.shutterstock.com *.cloudflare.com *.gstatic.com *.canva.com *.intercom.com *.intercom.io *.intercomcdn.com *.zendesk.com *.smooch.io *.zdassets.com *.intercomassets.com *.unsplash.com *.placeholder.com *.google-analytics.com *.googleapis.com *.gravatar.com *.monzo.com *.postcodeanywhere.co.uk; manifest-src 'self' *.stor.co; media-src 'self' stor.co *.stor.co *.zdassets.com *.zendesk.com *.smooch.io *.intercom.com *.intercom.io *.intercomcdn.com *.canva.com *.monzo.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.stor.co *.ecomstagingenv.com *.canva.com *.zdassets.com *.zendesk.com *.smooch.io *.cloudfront.net *.cloudflare.com *.fontawesome.com ipinfo.io *.google.com *.googletagmanager.com *.google-analytics.com *.paypal.com *.paypalobjects.com *.gstatic.com *.jquery.com *.jsdelivr.net *.googleapis.com *.stripe.com *.facebook.net *.securetrading.net *.cardinalcommerce.com *.hotjar.com *.intercom.com *.intercom.io *.intercomcdn.com *.securetrading.us *.trustpayments.com *.monzo.com *.bootstrapcdn.com *.hcaptcha.com *.postcodeanywhere.co.uk *.amplitude.com; style-src 'self' 'unsafe-inline' *.stor.co *.googleapis.com *.cloudflare.com *.canva.com *.zdassets.com *.zendesk.com *.smooch.io *.intercom.com *.intercom.io *.intercomcdn.com *.jquery.com *.jsdelivr.net *.hotjar.com *.monzo.com *.bootstrapcdn.com *.hcaptcha.com *.postcodeanywhere.co.uk; worker-src blob:
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.stor.co/assets/fontawesome/css/shopfront-a62d941bb70f5fdf7dc9ff4dabcb220463eb5fd53c3e1b6bb9e950f9ffa317cf.css?v=1.01
Origin
https://dropbox.stor.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 13:25:32 GMT
content-security-policy
default-src 'self' *.cardinalcommerce.com *.securetrading.net *.securetrading.us *.trustpayments.com *.google-analytics.com *.checkout.visa.com *.google.com *.canva.com *.ecomstagingenv.com; child-src *.paypalobjects.com *.paypal.com; connect-src 'self' data: blob: wss: *.stor.co *.fontawesome.com *.cloudflare.com *.canva.com *.bugsnag.com *.ecomstagingenv.com *.google-analytics.com *.zdassets.com *.paypal.com *.paypalobjects.com *.googleapis.com *.stripe.com *.amazonaws.com *.unsplash.com *.intercom.com *.intercom.io *.intercomcdn.com *.ingest.sentry.io *.herokuapp.com *.cardinalcommerce.com *.zendesk.com *.smooch.io zendesk-eu.my.sentry.io *.hotjar.com *.monzo.com *.zopim.com *.hcaptcha.com *.photoeditorsdk.com *.postcodeanywhere.co.uk *.amplitude.com; font-src 'self' *.stor.co *.zdassets.com *.zendesk.com *.smooch.io *.canva.com *.gstatic.com *.intercom.com *.intercom.io *.intercomcdn.com *.fontawesome.com *.monzo.com; frame-src 'self' *.stor.co *.paypalobjects.com *.paypal.com *.stripe.com *.canva.com *.securetrading.net *.securetrading.us *.trustpayments.com *.ingest.sentry.io *.cardinalcommerce.com *.zendesk.com *.smooch.io *.hotjar.com *.youtube.com *.i.ytimg.com *.intercom.com *.intercom.io *.intercomcdn.com *.vimeo.com *.vimeocdn.com *.instagram.com *.facebook.com *.monzo.com *.google.com *.hcaptcha.com; img-src 'self' data: blob: *.stor.co *.paypal.com *.paypalobjects.com *.amazonaws.com *.shutterstock.com *.cloudflare.com *.gstatic.com *.canva.com *.intercom.com *.intercom.io *.intercomcdn.com *.zendesk.com *.smooch.io *.zdassets.com *.intercomassets.com *.unsplash.com *.placeholder.com *.google-analytics.com *.googleapis.com *.gravatar.com *.monzo.com *.postcodeanywhere.co.uk; manifest-src 'self' *.stor.co; media-src 'self' stor.co *.stor.co *.zdassets.com *.zendesk.com *.smooch.io *.intercom.com *.intercom.io *.intercomcdn.com *.canva.com *.monzo.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.stor.co *.ecomstagingenv.com *.canva.com *.zdassets.com *.zendesk.com *.smooch.io *.cloudfront.net *.cloudflare.com *.fontawesome.com ipinfo.io *.google.com *.googletagmanager.com *.google-analytics.com *.paypal.com *.paypalobjects.com *.gstatic.com *.jquery.com *.jsdelivr.net *.googleapis.com *.stripe.com *.facebook.net *.securetrading.net *.cardinalcommerce.com *.hotjar.com *.intercom.com *.intercom.io *.intercomcdn.com *.securetrading.us *.trustpayments.com *.monzo.com *.bootstrapcdn.com *.hcaptcha.com *.postcodeanywhere.co.uk *.amplitude.com; style-src 'self' 'unsafe-inline' *.stor.co *.googleapis.com *.cloudflare.com *.canva.com *.zdassets.com *.zendesk.com *.smooch.io *.intercom.com *.intercom.io *.intercomcdn.com *.jquery.com *.jsdelivr.net *.hotjar.com *.monzo.com *.bootstrapcdn.com *.hcaptcha.com *.postcodeanywhere.co.uk; worker-src blob:
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
via
1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
none
cf-cache-status
MISS
x-amz-cf-pop
FRA60-P3
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 06 Mar 2024 05:13:02 GMT
server
cloudflare
x-download-options
noopen
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
86341c5f489b9ba7-FRA
x-amz-cf-id
1MvJLin9lGKhB_GcJRqoataJEbYSu635Ujvtp5rfjHJG4aCrhyHHaw==
expires
Wed, 12 Mar 2025 13:25:32 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/
46 KB
46 KB
Font
General
Full URL
https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:normal,400|Inter:700,400|Inter:normal,400|Inter:normal,400|Inter:normal,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://dropbox.stor.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 08:52:40 GMT
x-content-type-options
nosniff
age
16372
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46704
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:49:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Mar 2025 08:52:40 GMT
fa-regular-400.woff2
cdn.stor.co/webfonts/
380 KB
383 KB
Font
General
Full URL
https://cdn.stor.co/webfonts/fa-regular-400.woff2
Requested by
Host: cdn.stor.co
URL: https://cdn.stor.co/assets/fontawesome/css/shopfront-a62d941bb70f5fdf7dc9ff4dabcb220463eb5fd53c3e1b6bb9e950f9ffa317cf.css?v=1.01
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:8568 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
121b176974226dbc9b1ab227becb657d40b88d2bb7010a746c2360c31d7c373e
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.cardinalcommerce.com *.securetrading.net *.securetrading.us *.trustpayments.com *.google-analytics.com *.checkout.visa.com *.google.com *.canva.com *.ecomstagingenv.com; child-src *.paypalobjects.com *.paypal.com; connect-src 'self' data: blob: wss: *.stor.co *.fontawesome.com *.cloudflare.com *.canva.com *.bugsnag.com *.ecomstagingenv.com *.google-analytics.com *.zdassets.com *.paypal.com *.paypalobjects.com *.googleapis.com *.stripe.com *.amazonaws.com *.unsplash.com *.intercom.com *.intercom.io *.intercomcdn.com *.ingest.sentry.io *.herokuapp.com *.cardinalcommerce.com *.zendesk.com *.smooch.io zendesk-eu.my.sentry.io *.hotjar.com *.monzo.com *.zopim.com *.hcaptcha.com *.photoeditorsdk.com *.postcodeanywhere.co.uk *.amplitude.com; font-src 'self' *.stor.co *.zdassets.com *.zendesk.com *.smooch.io *.canva.com *.gstatic.com *.intercom.com *.intercom.io *.intercomcdn.com *.fontawesome.com *.monzo.com; frame-src 'self' *.stor.co *.paypalobjects.com *.paypal.com *.stripe.com *.canva.com *.securetrading.net *.securetrading.us *.trustpayments.com *.ingest.sentry.io *.cardinalcommerce.com *.zendesk.com *.smooch.io *.hotjar.com *.youtube.com *.i.ytimg.com *.intercom.com *.intercom.io *.intercomcdn.com *.vimeo.com *.vimeocdn.com *.instagram.com *.facebook.com *.monzo.com *.google.com *.hcaptcha.com; img-src 'self' data: blob: *.stor.co *.paypal.com *.paypalobjects.com *.amazonaws.com *.shutterstock.com *.cloudflare.com *.gstatic.com *.canva.com *.intercom.com *.intercom.io *.intercomcdn.com *.zendesk.com *.smooch.io *.zdassets.com *.intercomassets.com *.unsplash.com *.placeholder.com *.google-analytics.com *.googleapis.com *.gravatar.com *.monzo.com *.postcodeanywhere.co.uk; manifest-src 'self' *.stor.co; media-src 'self' stor.co *.stor.co *.zdassets.com *.zendesk.com *.smooch.io *.intercom.com *.intercom.io *.intercomcdn.com *.canva.com *.monzo.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.stor.co *.ecomstagingenv.com *.canva.com *.zdassets.com *.zendesk.com *.smooch.io *.cloudfront.net *.cloudflare.com *.fontawesome.com ipinfo.io *.google.com *.googletagmanager.com *.google-analytics.com *.paypal.com *.paypalobjects.com *.gstatic.com *.jquery.com *.jsdelivr.net *.googleapis.com *.stripe.com *.facebook.net *.securetrading.net *.cardinalcommerce.com *.hotjar.com *.intercom.com *.intercom.io *.intercomcdn.com *.securetrading.us *.trustpayments.com *.monzo.com *.bootstrapcdn.com *.hcaptcha.com *.postcodeanywhere.co.uk *.amplitude.com; style-src 'self' 'unsafe-inline' *.stor.co *.googleapis.com *.cloudflare.com *.canva.com *.zdassets.com *.zendesk.com *.smooch.io *.intercom.com *.intercom.io *.intercomcdn.com *.jquery.com *.jsdelivr.net *.hotjar.com *.monzo.com *.bootstrapcdn.com *.hcaptcha.com *.postcodeanywhere.co.uk; worker-src blob:
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.stor.co/assets/fontawesome/css/shopfront-a62d941bb70f5fdf7dc9ff4dabcb220463eb5fd53c3e1b6bb9e950f9ffa317cf.css?v=1.01
Origin
https://dropbox.stor.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 13:25:32 GMT
content-security-policy
default-src 'self' *.cardinalcommerce.com *.securetrading.net *.securetrading.us *.trustpayments.com *.google-analytics.com *.checkout.visa.com *.google.com *.canva.com *.ecomstagingenv.com; child-src *.paypalobjects.com *.paypal.com; connect-src 'self' data: blob: wss: *.stor.co *.fontawesome.com *.cloudflare.com *.canva.com *.bugsnag.com *.ecomstagingenv.com *.google-analytics.com *.zdassets.com *.paypal.com *.paypalobjects.com *.googleapis.com *.stripe.com *.amazonaws.com *.unsplash.com *.intercom.com *.intercom.io *.intercomcdn.com *.ingest.sentry.io *.herokuapp.com *.cardinalcommerce.com *.zendesk.com *.smooch.io zendesk-eu.my.sentry.io *.hotjar.com *.monzo.com *.zopim.com *.hcaptcha.com *.photoeditorsdk.com *.postcodeanywhere.co.uk *.amplitude.com; font-src 'self' *.stor.co *.zdassets.com *.zendesk.com *.smooch.io *.canva.com *.gstatic.com *.intercom.com *.intercom.io *.intercomcdn.com *.fontawesome.com *.monzo.com; frame-src 'self' *.stor.co *.paypalobjects.com *.paypal.com *.stripe.com *.canva.com *.securetrading.net *.securetrading.us *.trustpayments.com *.ingest.sentry.io *.cardinalcommerce.com *.zendesk.com *.smooch.io *.hotjar.com *.youtube.com *.i.ytimg.com *.intercom.com *.intercom.io *.intercomcdn.com *.vimeo.com *.vimeocdn.com *.instagram.com *.facebook.com *.monzo.com *.google.com *.hcaptcha.com; img-src 'self' data: blob: *.stor.co *.paypal.com *.paypalobjects.com *.amazonaws.com *.shutterstock.com *.cloudflare.com *.gstatic.com *.canva.com *.intercom.com *.intercom.io *.intercomcdn.com *.zendesk.com *.smooch.io *.zdassets.com *.intercomassets.com *.unsplash.com *.placeholder.com *.google-analytics.com *.googleapis.com *.gravatar.com *.monzo.com *.postcodeanywhere.co.uk; manifest-src 'self' *.stor.co; media-src 'self' stor.co *.stor.co *.zdassets.com *.zendesk.com *.smooch.io *.intercom.com *.intercom.io *.intercomcdn.com *.canva.com *.monzo.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.stor.co *.ecomstagingenv.com *.canva.com *.zdassets.com *.zendesk.com *.smooch.io *.cloudfront.net *.cloudflare.com *.fontawesome.com ipinfo.io *.google.com *.googletagmanager.com *.google-analytics.com *.paypal.com *.paypalobjects.com *.gstatic.com *.jquery.com *.jsdelivr.net *.googleapis.com *.stripe.com *.facebook.net *.securetrading.net *.cardinalcommerce.com *.hotjar.com *.intercom.com *.intercom.io *.intercomcdn.com *.securetrading.us *.trustpayments.com *.monzo.com *.bootstrapcdn.com *.hcaptcha.com *.postcodeanywhere.co.uk *.amplitude.com; style-src 'self' 'unsafe-inline' *.stor.co *.googleapis.com *.cloudflare.com *.canva.com *.zdassets.com *.zendesk.com *.smooch.io *.intercom.com *.intercom.io *.intercomcdn.com *.jquery.com *.jsdelivr.net *.hotjar.com *.monzo.com *.bootstrapcdn.com *.hcaptcha.com *.postcodeanywhere.co.uk; worker-src blob:
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
via
1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
none
cf-cache-status
MISS
x-amz-cf-pop
FRA60-P3
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 12 Mar 2024 08:45:34 GMT
server
cloudflare
x-download-options
noopen
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
86341c5f48969ba7-FRA
x-amz-cf-id
g3vurkGgwaY_aHCzFtL36_ve1Z3HzN1u3I91AvF91KxOmplvvQ5FkA==
expires
Wed, 12 Mar 2025 13:25:32 GMT
1920x670_1.jpg
dropbox.stor.co/industry_image/
520 KB
523 KB
Image
General
Full URL
https://dropbox.stor.co/industry_image/1920x670_1.jpg?size=1920x670
Requested by
Host: dropbox.stor.co
URL: https://dropbox.stor.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:8268 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
778f093692601ebd35dd90e593db52f50f8420e291671c1464dd3da02e2af710
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.cardinalcommerce.com *.securetrading.net *.securetrading.us *.trustpayments.com *.google-analytics.com *.checkout.visa.com *.google.com *.canva.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; child-src *.paypalobjects.com *.paypal.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; connect-src 'self' data: blob: wss: *.fontawesome.com *.cloudflare.com *.canva.com *.bugsnag.com *.ecomstagingenv.com *.google-analytics.com *.zdassets.com *.smooch.io *.paypal.com *.paypalobjects.com *.googleapis.com *.stripe.com *.amazonaws.com *.s3.amazonaws.com *.unsplash.com *.intercom.com *.intercom.io *.intercomcdn.com *.ingest.sentry.io *.herokuapp.com *.cardinalcommerce.com *.zendesk.com zendesk-eu.my.sentry.io *.hotjar.com *.monzo.com *.zopim.com *.hcaptcha.com *.photoeditorsdk.com *.amplitude.com *.jsdelivr.net *.postcodeanywhere.co.uk cdn.stor.co stats.stor.co *.stor.co stor.co; font-src 'self' *.stor.co *.zdassets.com *.zendesk.com *.smooch.io *.canva.com *.gstatic.com *.intercom.com *.intercom.io *.intercomcdn.com *.fontawesome.com *.monzo.com cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; frame-src 'self' *.paypalobjects.com *.paypal.com *.stripe.com *.canva.com *.securetrading.net *.securetrading.us *.trustpayments.com *.ingest.sentry.io *.cardinalcommerce.com *.zendesk.com *.smooch.io *.hotjar.com *.youtube.com *.i.ytimg.com *.intercom.com *.intercom.io *.intercomcdn.com *.vimeo.com *.vimeocdn.com *.instagram.com *.facebook.com *.monzo.com *.google.com *.hcaptcha.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; img-src 'self' data: blob: *.paypal.com *.paypalobjects.com *.amazonaws.com *.s3.amazonaws.com *.shutterstock.com *.cloudflare.com *.gstatic.com *.stor.co *.canva.com *.intercom.com *.intercom.io *.intercomcdn.com *.zendesk.com *.zdassets.com *.smooch.io *.intercomassets.com *.unsplash.com *.placeholder.com *.google-analytics.com *.googleapis.com *.gravatar.com *.monzo.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; manifest-src 'self' cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; media-src 'self' *.stor.co *.zdassets.com *.zendesk.com *.smooch.io *.intercom.com *.intercom.io *.intercomcdn.com *.canva.com *.monzo.com *.amazonaws.com *.s3.amazonaws.com cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; object-src cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.stor.co *.canva.com *.zdassets.com *.zendesk.com *.smooch.io *.cloudfront.net *.cloudflare.com *.fontawesome.com ipinfo.io *.google.com *.googletagmanager.com *.google-analytics.com *.paypal.com *.paypalobjects.com *.gstatic.com *.jquery.com *.jsdelivr.net *.googleapis.com *.stripe.com *.facebook.net *.securetrading.net *.cardinalcommerce.com *.hotjar.com *.intercom.com *.intercom.io *.intercomcdn.com *.securetrading.us *.trustpayments.com *.monzo.com *.bootstrapcdn.com *.hcaptcha.com *.amplitude.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; style-src 'self' 'unsafe-inline' *.googleapis.com *.cloudflare.com *.canva.com *.zdassets.com *.zendesk.com *.smooch.io *.intercom.com *.intercom.io *.intercomcdn.com *.jquery.com *.jsdelivr.net *.hotjar.com *.monzo.com *.bootstrapcdn.com *.hcaptcha.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; worker-src blob: cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dropbox.stor.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 13:25:32 GMT
content-security-policy
default-src 'self' *.cardinalcommerce.com *.securetrading.net *.securetrading.us *.trustpayments.com *.google-analytics.com *.checkout.visa.com *.google.com *.canva.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; child-src *.paypalobjects.com *.paypal.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; connect-src 'self' data: blob: wss: *.fontawesome.com *.cloudflare.com *.canva.com *.bugsnag.com *.ecomstagingenv.com *.google-analytics.com *.zdassets.com *.smooch.io *.paypal.com *.paypalobjects.com *.googleapis.com *.stripe.com *.amazonaws.com *.s3.amazonaws.com *.unsplash.com *.intercom.com *.intercom.io *.intercomcdn.com *.ingest.sentry.io *.herokuapp.com *.cardinalcommerce.com *.zendesk.com zendesk-eu.my.sentry.io *.hotjar.com *.monzo.com *.zopim.com *.hcaptcha.com *.photoeditorsdk.com *.amplitude.com *.jsdelivr.net *.postcodeanywhere.co.uk cdn.stor.co stats.stor.co *.stor.co stor.co; font-src 'self' *.stor.co *.zdassets.com *.zendesk.com *.smooch.io *.canva.com *.gstatic.com *.intercom.com *.intercom.io *.intercomcdn.com *.fontawesome.com *.monzo.com cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; frame-src 'self' *.paypalobjects.com *.paypal.com *.stripe.com *.canva.com *.securetrading.net *.securetrading.us *.trustpayments.com *.ingest.sentry.io *.cardinalcommerce.com *.zendesk.com *.smooch.io *.hotjar.com *.youtube.com *.i.ytimg.com *.intercom.com *.intercom.io *.intercomcdn.com *.vimeo.com *.vimeocdn.com *.instagram.com *.facebook.com *.monzo.com *.google.com *.hcaptcha.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; img-src 'self' data: blob: *.paypal.com *.paypalobjects.com *.amazonaws.com *.s3.amazonaws.com *.shutterstock.com *.cloudflare.com *.gstatic.com *.stor.co *.canva.com *.intercom.com *.intercom.io *.intercomcdn.com *.zendesk.com *.zdassets.com *.smooch.io *.intercomassets.com *.unsplash.com *.placeholder.com *.google-analytics.com *.googleapis.com *.gravatar.com *.monzo.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; manifest-src 'self' cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; media-src 'self' *.stor.co *.zdassets.com *.zendesk.com *.smooch.io *.intercom.com *.intercom.io *.intercomcdn.com *.canva.com *.monzo.com *.amazonaws.com *.s3.amazonaws.com cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; object-src cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.stor.co *.canva.com *.zdassets.com *.zendesk.com *.smooch.io *.cloudfront.net *.cloudflare.com *.fontawesome.com ipinfo.io *.google.com *.googletagmanager.com *.google-analytics.com *.paypal.com *.paypalobjects.com *.gstatic.com *.jquery.com *.jsdelivr.net *.googleapis.com *.stripe.com *.facebook.net *.securetrading.net *.cardinalcommerce.com *.hotjar.com *.intercom.com *.intercom.io *.intercomcdn.com *.securetrading.us *.trustpayments.com *.monzo.com *.bootstrapcdn.com *.hcaptcha.com *.amplitude.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; style-src 'self' 'unsafe-inline' *.googleapis.com *.cloudflare.com *.canva.com *.zdassets.com *.zendesk.com *.smooch.io *.intercom.com *.intercom.io *.intercomcdn.com *.jquery.com *.jsdelivr.net *.hotjar.com *.monzo.com *.bootstrapcdn.com *.hcaptcha.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; worker-src blob: cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
MISS
x-permitted-cross-domain-policies
none
content-transfer-encoding
binary
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
fa96adf75bac8eacd706fb054b2820f5
x-runtime
0.185324
server
cloudflare
etag
W/"778f093692601ebd35dd90e593db52f5"
x-download-options
noopen
vary
Accept-Encoding, Origin
x-frame-options
sameorigin
content-type
application/octet-stream
cache-control
public, max-age=14400
cf-ray
86341c5f0b6b65bb-FRA
expires
Tue, 12 Mar 2024 17:25:32 GMT
1920x670_2.jpg
dropbox.stor.co/industry_image/
347 KB
350 KB
Image
General
Full URL
https://dropbox.stor.co/industry_image/1920x670_2.jpg?size=1920x670
Requested by
Host: dropbox.stor.co
URL: https://dropbox.stor.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:8268 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3af01d666f2e4fdf99166be75bfdf324421136af18133964f9d10d61bc7dc6b0
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.cardinalcommerce.com *.securetrading.net *.securetrading.us *.trustpayments.com *.google-analytics.com *.checkout.visa.com *.google.com *.canva.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; child-src *.paypalobjects.com *.paypal.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; connect-src 'self' data: blob: wss: *.fontawesome.com *.cloudflare.com *.canva.com *.bugsnag.com *.ecomstagingenv.com *.google-analytics.com *.zdassets.com *.smooch.io *.paypal.com *.paypalobjects.com *.googleapis.com *.stripe.com *.amazonaws.com *.s3.amazonaws.com *.unsplash.com *.intercom.com *.intercom.io *.intercomcdn.com *.ingest.sentry.io *.herokuapp.com *.cardinalcommerce.com *.zendesk.com zendesk-eu.my.sentry.io *.hotjar.com *.monzo.com *.zopim.com *.hcaptcha.com *.photoeditorsdk.com *.amplitude.com *.jsdelivr.net *.postcodeanywhere.co.uk cdn.stor.co stats.stor.co *.stor.co stor.co; font-src 'self' *.stor.co *.zdassets.com *.zendesk.com *.smooch.io *.canva.com *.gstatic.com *.intercom.com *.intercom.io *.intercomcdn.com *.fontawesome.com *.monzo.com cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; frame-src 'self' *.paypalobjects.com *.paypal.com *.stripe.com *.canva.com *.securetrading.net *.securetrading.us *.trustpayments.com *.ingest.sentry.io *.cardinalcommerce.com *.zendesk.com *.smooch.io *.hotjar.com *.youtube.com *.i.ytimg.com *.intercom.com *.intercom.io *.intercomcdn.com *.vimeo.com *.vimeocdn.com *.instagram.com *.facebook.com *.monzo.com *.google.com *.hcaptcha.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; img-src 'self' data: blob: *.paypal.com *.paypalobjects.com *.amazonaws.com *.s3.amazonaws.com *.shutterstock.com *.cloudflare.com *.gstatic.com *.stor.co *.canva.com *.intercom.com *.intercom.io *.intercomcdn.com *.zendesk.com *.zdassets.com *.smooch.io *.intercomassets.com *.unsplash.com *.placeholder.com *.google-analytics.com *.googleapis.com *.gravatar.com *.monzo.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; manifest-src 'self' cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; media-src 'self' *.stor.co *.zdassets.com *.zendesk.com *.smooch.io *.intercom.com *.intercom.io *.intercomcdn.com *.canva.com *.monzo.com *.amazonaws.com *.s3.amazonaws.com cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; object-src cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.stor.co *.canva.com *.zdassets.com *.zendesk.com *.smooch.io *.cloudfront.net *.cloudflare.com *.fontawesome.com ipinfo.io *.google.com *.googletagmanager.com *.google-analytics.com *.paypal.com *.paypalobjects.com *.gstatic.com *.jquery.com *.jsdelivr.net *.googleapis.com *.stripe.com *.facebook.net *.securetrading.net *.cardinalcommerce.com *.hotjar.com *.intercom.com *.intercom.io *.intercomcdn.com *.securetrading.us *.trustpayments.com *.monzo.com *.bootstrapcdn.com *.hcaptcha.com *.amplitude.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; style-src 'self' 'unsafe-inline' *.googleapis.com *.cloudflare.com *.canva.com *.zdassets.com *.zendesk.com *.smooch.io *.intercom.com *.intercom.io *.intercomcdn.com *.jquery.com *.jsdelivr.net *.hotjar.com *.monzo.com *.bootstrapcdn.com *.hcaptcha.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; worker-src blob: cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dropbox.stor.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 13:25:32 GMT
content-security-policy
default-src 'self' *.cardinalcommerce.com *.securetrading.net *.securetrading.us *.trustpayments.com *.google-analytics.com *.checkout.visa.com *.google.com *.canva.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; child-src *.paypalobjects.com *.paypal.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; connect-src 'self' data: blob: wss: *.fontawesome.com *.cloudflare.com *.canva.com *.bugsnag.com *.ecomstagingenv.com *.google-analytics.com *.zdassets.com *.smooch.io *.paypal.com *.paypalobjects.com *.googleapis.com *.stripe.com *.amazonaws.com *.s3.amazonaws.com *.unsplash.com *.intercom.com *.intercom.io *.intercomcdn.com *.ingest.sentry.io *.herokuapp.com *.cardinalcommerce.com *.zendesk.com zendesk-eu.my.sentry.io *.hotjar.com *.monzo.com *.zopim.com *.hcaptcha.com *.photoeditorsdk.com *.amplitude.com *.jsdelivr.net *.postcodeanywhere.co.uk cdn.stor.co stats.stor.co *.stor.co stor.co; font-src 'self' *.stor.co *.zdassets.com *.zendesk.com *.smooch.io *.canva.com *.gstatic.com *.intercom.com *.intercom.io *.intercomcdn.com *.fontawesome.com *.monzo.com cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; frame-src 'self' *.paypalobjects.com *.paypal.com *.stripe.com *.canva.com *.securetrading.net *.securetrading.us *.trustpayments.com *.ingest.sentry.io *.cardinalcommerce.com *.zendesk.com *.smooch.io *.hotjar.com *.youtube.com *.i.ytimg.com *.intercom.com *.intercom.io *.intercomcdn.com *.vimeo.com *.vimeocdn.com *.instagram.com *.facebook.com *.monzo.com *.google.com *.hcaptcha.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; img-src 'self' data: blob: *.paypal.com *.paypalobjects.com *.amazonaws.com *.s3.amazonaws.com *.shutterstock.com *.cloudflare.com *.gstatic.com *.stor.co *.canva.com *.intercom.com *.intercom.io *.intercomcdn.com *.zendesk.com *.zdassets.com *.smooch.io *.intercomassets.com *.unsplash.com *.placeholder.com *.google-analytics.com *.googleapis.com *.gravatar.com *.monzo.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; manifest-src 'self' cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; media-src 'self' *.stor.co *.zdassets.com *.zendesk.com *.smooch.io *.intercom.com *.intercom.io *.intercomcdn.com *.canva.com *.monzo.com *.amazonaws.com *.s3.amazonaws.com cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; object-src cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.stor.co *.canva.com *.zdassets.com *.zendesk.com *.smooch.io *.cloudfront.net *.cloudflare.com *.fontawesome.com ipinfo.io *.google.com *.googletagmanager.com *.google-analytics.com *.paypal.com *.paypalobjects.com *.gstatic.com *.jquery.com *.jsdelivr.net *.googleapis.com *.stripe.com *.facebook.net *.securetrading.net *.cardinalcommerce.com *.hotjar.com *.intercom.com *.intercom.io *.intercomcdn.com *.securetrading.us *.trustpayments.com *.monzo.com *.bootstrapcdn.com *.hcaptcha.com *.amplitude.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; style-src 'self' 'unsafe-inline' *.googleapis.com *.cloudflare.com *.canva.com *.zdassets.com *.zendesk.com *.smooch.io *.intercom.com *.intercom.io *.intercomcdn.com *.jquery.com *.jsdelivr.net *.hotjar.com *.monzo.com *.bootstrapcdn.com *.hcaptcha.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; worker-src blob: cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
MISS
x-permitted-cross-domain-policies
none
content-transfer-encoding
binary
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
3e3efcc838959db9d6f640965ac21ebe
x-runtime
0.164611
server
cloudflare
etag
W/"3af01d666f2e4fdf99166be75bfdf324"
x-download-options
noopen
vary
Accept-Encoding, Origin
x-frame-options
sameorigin
content-type
application/octet-stream
cache-control
public, max-age=14400
cf-ray
86341c5f0b6d65bb-FRA
expires
Tue, 12 Mar 2024 17:25:32 GMT
1920x670_3.jpg
dropbox.stor.co/industry_image/
389 KB
392 KB
Image
General
Full URL
https://dropbox.stor.co/industry_image/1920x670_3.jpg?size=1920x670
Requested by
Host: dropbox.stor.co
URL: https://dropbox.stor.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:8268 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a6fef093779a4f9c6097ed0b9a63f1f8a916968dd22645d0d97e8f5a324ba1d
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.cardinalcommerce.com *.securetrading.net *.securetrading.us *.trustpayments.com *.google-analytics.com *.checkout.visa.com *.google.com *.canva.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; child-src *.paypalobjects.com *.paypal.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; connect-src 'self' data: blob: wss: *.fontawesome.com *.cloudflare.com *.canva.com *.bugsnag.com *.ecomstagingenv.com *.google-analytics.com *.zdassets.com *.smooch.io *.paypal.com *.paypalobjects.com *.googleapis.com *.stripe.com *.amazonaws.com *.s3.amazonaws.com *.unsplash.com *.intercom.com *.intercom.io *.intercomcdn.com *.ingest.sentry.io *.herokuapp.com *.cardinalcommerce.com *.zendesk.com zendesk-eu.my.sentry.io *.hotjar.com *.monzo.com *.zopim.com *.hcaptcha.com *.photoeditorsdk.com *.amplitude.com *.jsdelivr.net *.postcodeanywhere.co.uk cdn.stor.co stats.stor.co *.stor.co stor.co; font-src 'self' *.stor.co *.zdassets.com *.zendesk.com *.smooch.io *.canva.com *.gstatic.com *.intercom.com *.intercom.io *.intercomcdn.com *.fontawesome.com *.monzo.com cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; frame-src 'self' *.paypalobjects.com *.paypal.com *.stripe.com *.canva.com *.securetrading.net *.securetrading.us *.trustpayments.com *.ingest.sentry.io *.cardinalcommerce.com *.zendesk.com *.smooch.io *.hotjar.com *.youtube.com *.i.ytimg.com *.intercom.com *.intercom.io *.intercomcdn.com *.vimeo.com *.vimeocdn.com *.instagram.com *.facebook.com *.monzo.com *.google.com *.hcaptcha.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; img-src 'self' data: blob: *.paypal.com *.paypalobjects.com *.amazonaws.com *.s3.amazonaws.com *.shutterstock.com *.cloudflare.com *.gstatic.com *.stor.co *.canva.com *.intercom.com *.intercom.io *.intercomcdn.com *.zendesk.com *.zdassets.com *.smooch.io *.intercomassets.com *.unsplash.com *.placeholder.com *.google-analytics.com *.googleapis.com *.gravatar.com *.monzo.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; manifest-src 'self' cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; media-src 'self' *.stor.co *.zdassets.com *.zendesk.com *.smooch.io *.intercom.com *.intercom.io *.intercomcdn.com *.canva.com *.monzo.com *.amazonaws.com *.s3.amazonaws.com cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; object-src cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.stor.co *.canva.com *.zdassets.com *.zendesk.com *.smooch.io *.cloudfront.net *.cloudflare.com *.fontawesome.com ipinfo.io *.google.com *.googletagmanager.com *.google-analytics.com *.paypal.com *.paypalobjects.com *.gstatic.com *.jquery.com *.jsdelivr.net *.googleapis.com *.stripe.com *.facebook.net *.securetrading.net *.cardinalcommerce.com *.hotjar.com *.intercom.com *.intercom.io *.intercomcdn.com *.securetrading.us *.trustpayments.com *.monzo.com *.bootstrapcdn.com *.hcaptcha.com *.amplitude.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; style-src 'self' 'unsafe-inline' *.googleapis.com *.cloudflare.com *.canva.com *.zdassets.com *.zendesk.com *.smooch.io *.intercom.com *.intercom.io *.intercomcdn.com *.jquery.com *.jsdelivr.net *.hotjar.com *.monzo.com *.bootstrapcdn.com *.hcaptcha.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; worker-src blob: cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dropbox.stor.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 13:25:32 GMT
content-security-policy
default-src 'self' *.cardinalcommerce.com *.securetrading.net *.securetrading.us *.trustpayments.com *.google-analytics.com *.checkout.visa.com *.google.com *.canva.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; child-src *.paypalobjects.com *.paypal.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; connect-src 'self' data: blob: wss: *.fontawesome.com *.cloudflare.com *.canva.com *.bugsnag.com *.ecomstagingenv.com *.google-analytics.com *.zdassets.com *.smooch.io *.paypal.com *.paypalobjects.com *.googleapis.com *.stripe.com *.amazonaws.com *.s3.amazonaws.com *.unsplash.com *.intercom.com *.intercom.io *.intercomcdn.com *.ingest.sentry.io *.herokuapp.com *.cardinalcommerce.com *.zendesk.com zendesk-eu.my.sentry.io *.hotjar.com *.monzo.com *.zopim.com *.hcaptcha.com *.photoeditorsdk.com *.amplitude.com *.jsdelivr.net *.postcodeanywhere.co.uk cdn.stor.co stats.stor.co *.stor.co stor.co; font-src 'self' *.stor.co *.zdassets.com *.zendesk.com *.smooch.io *.canva.com *.gstatic.com *.intercom.com *.intercom.io *.intercomcdn.com *.fontawesome.com *.monzo.com cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; frame-src 'self' *.paypalobjects.com *.paypal.com *.stripe.com *.canva.com *.securetrading.net *.securetrading.us *.trustpayments.com *.ingest.sentry.io *.cardinalcommerce.com *.zendesk.com *.smooch.io *.hotjar.com *.youtube.com *.i.ytimg.com *.intercom.com *.intercom.io *.intercomcdn.com *.vimeo.com *.vimeocdn.com *.instagram.com *.facebook.com *.monzo.com *.google.com *.hcaptcha.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; img-src 'self' data: blob: *.paypal.com *.paypalobjects.com *.amazonaws.com *.s3.amazonaws.com *.shutterstock.com *.cloudflare.com *.gstatic.com *.stor.co *.canva.com *.intercom.com *.intercom.io *.intercomcdn.com *.zendesk.com *.zdassets.com *.smooch.io *.intercomassets.com *.unsplash.com *.placeholder.com *.google-analytics.com *.googleapis.com *.gravatar.com *.monzo.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; manifest-src 'self' cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; media-src 'self' *.stor.co *.zdassets.com *.zendesk.com *.smooch.io *.intercom.com *.intercom.io *.intercomcdn.com *.canva.com *.monzo.com *.amazonaws.com *.s3.amazonaws.com cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; object-src cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.stor.co *.canva.com *.zdassets.com *.zendesk.com *.smooch.io *.cloudfront.net *.cloudflare.com *.fontawesome.com ipinfo.io *.google.com *.googletagmanager.com *.google-analytics.com *.paypal.com *.paypalobjects.com *.gstatic.com *.jquery.com *.jsdelivr.net *.googleapis.com *.stripe.com *.facebook.net *.securetrading.net *.cardinalcommerce.com *.hotjar.com *.intercom.com *.intercom.io *.intercomcdn.com *.securetrading.us *.trustpayments.com *.monzo.com *.bootstrapcdn.com *.hcaptcha.com *.amplitude.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; style-src 'self' 'unsafe-inline' *.googleapis.com *.cloudflare.com *.canva.com *.zdassets.com *.zendesk.com *.smooch.io *.intercom.com *.intercom.io *.intercomcdn.com *.jquery.com *.jsdelivr.net *.hotjar.com *.monzo.com *.bootstrapcdn.com *.hcaptcha.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; worker-src blob: cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
MISS
x-permitted-cross-domain-policies
none
content-transfer-encoding
binary
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
e148d39f3e9999dc6fc85c8613d55d0e
x-runtime
0.133363
server
cloudflare
etag
W/"3a6fef093779a4f9c6097ed0b9a63f1f"
x-download-options
noopen
vary
Accept-Encoding, Origin
x-frame-options
sameorigin
content-type
application/octet-stream
cache-control
public, max-age=14400
cf-ray
86341c5f0b7065bb-FRA
expires
Tue, 12 Mar 2024 17:25:32 GMT
payment-types.png
cdn.stor.co/assets/
5 KB
6 KB
Image
General
Full URL
https://cdn.stor.co/assets/payment-types.png
Requested by
Host: cdn.stor.co
URL: https://cdn.stor.co/shopfront/862EAA7B01C7/78e1c80a-efc7-48a1-9773-259688f92f2b?cache=1710243330
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:8268 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc67995631467acaa4b31fbb5264ddc12921689ee54c342995241cbd45e51949

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.stor.co/shopfront/862EAA7B01C7/78e1c80a-efc7-48a1-9773-259688f92f2b?cache=1710243330
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 13:25:32 GMT
via
1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
x-amz-version-id
Tq1.mSgipZ79E9ULUz5D0XVpLIRPwoej
cf-cache-status
HIT
age
1907017
x-amz-cf-pop
FRA60-P3
cf-polished
origSize=6153, status=vary_header_present
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
5519
cf-bgj
imgq:100,h2pri
last-modified
Mon, 17 Jan 2022 07:50:12 GMT
server
cloudflare
etag
"5e3d5087440405a0c4e68f1b98b7ebe3"
vary
Origin, Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
86341c5f0b7265bb-FRA
x-amz-cf-id
wfWNNLZ9t4I5ImctDsycwghmiyVsl3HlKToTx7kb3UWtkzUXmdeFfw==
expires
Wed, 12 Mar 2025 13:25:32 GMT
430x630_1.jpg
dropbox.stor.co/industry_image/
94 KB
98 KB
Image
General
Full URL
https://dropbox.stor.co/industry_image/430x630_1.jpg?size=430x630
Requested by
Host: dropbox.stor.co
URL: https://dropbox.stor.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:8268 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd3917748792743b9990f7d8b5a24cc77aba1c82cbee524d4d4b421280d466ad
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.cardinalcommerce.com *.securetrading.net *.securetrading.us *.trustpayments.com *.google-analytics.com *.checkout.visa.com *.google.com *.canva.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; child-src *.paypalobjects.com *.paypal.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; connect-src 'self' data: blob: wss: *.fontawesome.com *.cloudflare.com *.canva.com *.bugsnag.com *.ecomstagingenv.com *.google-analytics.com *.zdassets.com *.smooch.io *.paypal.com *.paypalobjects.com *.googleapis.com *.stripe.com *.amazonaws.com *.s3.amazonaws.com *.unsplash.com *.intercom.com *.intercom.io *.intercomcdn.com *.ingest.sentry.io *.herokuapp.com *.cardinalcommerce.com *.zendesk.com zendesk-eu.my.sentry.io *.hotjar.com *.monzo.com *.zopim.com *.hcaptcha.com *.photoeditorsdk.com *.amplitude.com *.jsdelivr.net *.postcodeanywhere.co.uk cdn.stor.co stats.stor.co *.stor.co stor.co; font-src 'self' *.stor.co *.zdassets.com *.zendesk.com *.smooch.io *.canva.com *.gstatic.com *.intercom.com *.intercom.io *.intercomcdn.com *.fontawesome.com *.monzo.com cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; frame-src 'self' *.paypalobjects.com *.paypal.com *.stripe.com *.canva.com *.securetrading.net *.securetrading.us *.trustpayments.com *.ingest.sentry.io *.cardinalcommerce.com *.zendesk.com *.smooch.io *.hotjar.com *.youtube.com *.i.ytimg.com *.intercom.com *.intercom.io *.intercomcdn.com *.vimeo.com *.vimeocdn.com *.instagram.com *.facebook.com *.monzo.com *.google.com *.hcaptcha.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; img-src 'self' data: blob: *.paypal.com *.paypalobjects.com *.amazonaws.com *.s3.amazonaws.com *.shutterstock.com *.cloudflare.com *.gstatic.com *.stor.co *.canva.com *.intercom.com *.intercom.io *.intercomcdn.com *.zendesk.com *.zdassets.com *.smooch.io *.intercomassets.com *.unsplash.com *.placeholder.com *.google-analytics.com *.googleapis.com *.gravatar.com *.monzo.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; manifest-src 'self' cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; media-src 'self' *.stor.co *.zdassets.com *.zendesk.com *.smooch.io *.intercom.com *.intercom.io *.intercomcdn.com *.canva.com *.monzo.com *.amazonaws.com *.s3.amazonaws.com cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; object-src cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.stor.co *.canva.com *.zdassets.com *.zendesk.com *.smooch.io *.cloudfront.net *.cloudflare.com *.fontawesome.com ipinfo.io *.google.com *.googletagmanager.com *.google-analytics.com *.paypal.com *.paypalobjects.com *.gstatic.com *.jquery.com *.jsdelivr.net *.googleapis.com *.stripe.com *.facebook.net *.securetrading.net *.cardinalcommerce.com *.hotjar.com *.intercom.com *.intercom.io *.intercomcdn.com *.securetrading.us *.trustpayments.com *.monzo.com *.bootstrapcdn.com *.hcaptcha.com *.amplitude.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; style-src 'self' 'unsafe-inline' *.googleapis.com *.cloudflare.com *.canva.com *.zdassets.com *.zendesk.com *.smooch.io *.intercom.com *.intercom.io *.intercomcdn.com *.jquery.com *.jsdelivr.net *.hotjar.com *.monzo.com *.bootstrapcdn.com *.hcaptcha.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; worker-src blob: cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dropbox.stor.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 13:25:32 GMT
content-security-policy
default-src 'self' *.cardinalcommerce.com *.securetrading.net *.securetrading.us *.trustpayments.com *.google-analytics.com *.checkout.visa.com *.google.com *.canva.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; child-src *.paypalobjects.com *.paypal.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; connect-src 'self' data: blob: wss: *.fontawesome.com *.cloudflare.com *.canva.com *.bugsnag.com *.ecomstagingenv.com *.google-analytics.com *.zdassets.com *.smooch.io *.paypal.com *.paypalobjects.com *.googleapis.com *.stripe.com *.amazonaws.com *.s3.amazonaws.com *.unsplash.com *.intercom.com *.intercom.io *.intercomcdn.com *.ingest.sentry.io *.herokuapp.com *.cardinalcommerce.com *.zendesk.com zendesk-eu.my.sentry.io *.hotjar.com *.monzo.com *.zopim.com *.hcaptcha.com *.photoeditorsdk.com *.amplitude.com *.jsdelivr.net *.postcodeanywhere.co.uk cdn.stor.co stats.stor.co *.stor.co stor.co; font-src 'self' *.stor.co *.zdassets.com *.zendesk.com *.smooch.io *.canva.com *.gstatic.com *.intercom.com *.intercom.io *.intercomcdn.com *.fontawesome.com *.monzo.com cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; frame-src 'self' *.paypalobjects.com *.paypal.com *.stripe.com *.canva.com *.securetrading.net *.securetrading.us *.trustpayments.com *.ingest.sentry.io *.cardinalcommerce.com *.zendesk.com *.smooch.io *.hotjar.com *.youtube.com *.i.ytimg.com *.intercom.com *.intercom.io *.intercomcdn.com *.vimeo.com *.vimeocdn.com *.instagram.com *.facebook.com *.monzo.com *.google.com *.hcaptcha.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; img-src 'self' data: blob: *.paypal.com *.paypalobjects.com *.amazonaws.com *.s3.amazonaws.com *.shutterstock.com *.cloudflare.com *.gstatic.com *.stor.co *.canva.com *.intercom.com *.intercom.io *.intercomcdn.com *.zendesk.com *.zdassets.com *.smooch.io *.intercomassets.com *.unsplash.com *.placeholder.com *.google-analytics.com *.googleapis.com *.gravatar.com *.monzo.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; manifest-src 'self' cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; media-src 'self' *.stor.co *.zdassets.com *.zendesk.com *.smooch.io *.intercom.com *.intercom.io *.intercomcdn.com *.canva.com *.monzo.com *.amazonaws.com *.s3.amazonaws.com cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; object-src cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.stor.co *.canva.com *.zdassets.com *.zendesk.com *.smooch.io *.cloudfront.net *.cloudflare.com *.fontawesome.com ipinfo.io *.google.com *.googletagmanager.com *.google-analytics.com *.paypal.com *.paypalobjects.com *.gstatic.com *.jquery.com *.jsdelivr.net *.googleapis.com *.stripe.com *.facebook.net *.securetrading.net *.cardinalcommerce.com *.hotjar.com *.intercom.com *.intercom.io *.intercomcdn.com *.securetrading.us *.trustpayments.com *.monzo.com *.bootstrapcdn.com *.hcaptcha.com *.amplitude.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; style-src 'self' 'unsafe-inline' *.googleapis.com *.cloudflare.com *.canva.com *.zdassets.com *.zendesk.com *.smooch.io *.intercom.com *.intercom.io *.intercomcdn.com *.jquery.com *.jsdelivr.net *.hotjar.com *.monzo.com *.bootstrapcdn.com *.hcaptcha.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; worker-src blob: cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
MISS
x-permitted-cross-domain-policies
none
content-transfer-encoding
binary
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
39738bb9ae3c0f57a00963e01ec75e5d
x-runtime
0.146724
server
cloudflare
etag
W/"fd3917748792743b9990f7d8b5a24cc7"
x-download-options
noopen
vary
Accept-Encoding, Origin
x-frame-options
sameorigin
content-type
application/octet-stream
cache-control
public, max-age=14400
cf-ray
86341c5f1b8a65bb-FRA
expires
Tue, 12 Mar 2024 17:25:32 GMT
430x630_2.jpg
dropbox.stor.co/industry_image/
34 KB
37 KB
Image
General
Full URL
https://dropbox.stor.co/industry_image/430x630_2.jpg?size=430x630
Requested by
Host: dropbox.stor.co
URL: https://dropbox.stor.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:8268 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee7437e6084031057794b5d62223caefe0d94e1e819ac19e98992ca5130cb051
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.cardinalcommerce.com *.securetrading.net *.securetrading.us *.trustpayments.com *.google-analytics.com *.checkout.visa.com *.google.com *.canva.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; child-src *.paypalobjects.com *.paypal.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; connect-src 'self' data: blob: wss: *.fontawesome.com *.cloudflare.com *.canva.com *.bugsnag.com *.ecomstagingenv.com *.google-analytics.com *.zdassets.com *.smooch.io *.paypal.com *.paypalobjects.com *.googleapis.com *.stripe.com *.amazonaws.com *.s3.amazonaws.com *.unsplash.com *.intercom.com *.intercom.io *.intercomcdn.com *.ingest.sentry.io *.herokuapp.com *.cardinalcommerce.com *.zendesk.com zendesk-eu.my.sentry.io *.hotjar.com *.monzo.com *.zopim.com *.hcaptcha.com *.photoeditorsdk.com *.amplitude.com *.jsdelivr.net *.postcodeanywhere.co.uk cdn.stor.co stats.stor.co *.stor.co stor.co; font-src 'self' *.stor.co *.zdassets.com *.zendesk.com *.smooch.io *.canva.com *.gstatic.com *.intercom.com *.intercom.io *.intercomcdn.com *.fontawesome.com *.monzo.com cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; frame-src 'self' *.paypalobjects.com *.paypal.com *.stripe.com *.canva.com *.securetrading.net *.securetrading.us *.trustpayments.com *.ingest.sentry.io *.cardinalcommerce.com *.zendesk.com *.smooch.io *.hotjar.com *.youtube.com *.i.ytimg.com *.intercom.com *.intercom.io *.intercomcdn.com *.vimeo.com *.vimeocdn.com *.instagram.com *.facebook.com *.monzo.com *.google.com *.hcaptcha.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; img-src 'self' data: blob: *.paypal.com *.paypalobjects.com *.amazonaws.com *.s3.amazonaws.com *.shutterstock.com *.cloudflare.com *.gstatic.com *.stor.co *.canva.com *.intercom.com *.intercom.io *.intercomcdn.com *.zendesk.com *.zdassets.com *.smooch.io *.intercomassets.com *.unsplash.com *.placeholder.com *.google-analytics.com *.googleapis.com *.gravatar.com *.monzo.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; manifest-src 'self' cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; media-src 'self' *.stor.co *.zdassets.com *.zendesk.com *.smooch.io *.intercom.com *.intercom.io *.intercomcdn.com *.canva.com *.monzo.com *.amazonaws.com *.s3.amazonaws.com cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; object-src cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.stor.co *.canva.com *.zdassets.com *.zendesk.com *.smooch.io *.cloudfront.net *.cloudflare.com *.fontawesome.com ipinfo.io *.google.com *.googletagmanager.com *.google-analytics.com *.paypal.com *.paypalobjects.com *.gstatic.com *.jquery.com *.jsdelivr.net *.googleapis.com *.stripe.com *.facebook.net *.securetrading.net *.cardinalcommerce.com *.hotjar.com *.intercom.com *.intercom.io *.intercomcdn.com *.securetrading.us *.trustpayments.com *.monzo.com *.bootstrapcdn.com *.hcaptcha.com *.amplitude.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; style-src 'self' 'unsafe-inline' *.googleapis.com *.cloudflare.com *.canva.com *.zdassets.com *.zendesk.com *.smooch.io *.intercom.com *.intercom.io *.intercomcdn.com *.jquery.com *.jsdelivr.net *.hotjar.com *.monzo.com *.bootstrapcdn.com *.hcaptcha.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; worker-src blob: cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dropbox.stor.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 13:25:32 GMT
content-security-policy
default-src 'self' *.cardinalcommerce.com *.securetrading.net *.securetrading.us *.trustpayments.com *.google-analytics.com *.checkout.visa.com *.google.com *.canva.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; child-src *.paypalobjects.com *.paypal.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; connect-src 'self' data: blob: wss: *.fontawesome.com *.cloudflare.com *.canva.com *.bugsnag.com *.ecomstagingenv.com *.google-analytics.com *.zdassets.com *.smooch.io *.paypal.com *.paypalobjects.com *.googleapis.com *.stripe.com *.amazonaws.com *.s3.amazonaws.com *.unsplash.com *.intercom.com *.intercom.io *.intercomcdn.com *.ingest.sentry.io *.herokuapp.com *.cardinalcommerce.com *.zendesk.com zendesk-eu.my.sentry.io *.hotjar.com *.monzo.com *.zopim.com *.hcaptcha.com *.photoeditorsdk.com *.amplitude.com *.jsdelivr.net *.postcodeanywhere.co.uk cdn.stor.co stats.stor.co *.stor.co stor.co; font-src 'self' *.stor.co *.zdassets.com *.zendesk.com *.smooch.io *.canva.com *.gstatic.com *.intercom.com *.intercom.io *.intercomcdn.com *.fontawesome.com *.monzo.com cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; frame-src 'self' *.paypalobjects.com *.paypal.com *.stripe.com *.canva.com *.securetrading.net *.securetrading.us *.trustpayments.com *.ingest.sentry.io *.cardinalcommerce.com *.zendesk.com *.smooch.io *.hotjar.com *.youtube.com *.i.ytimg.com *.intercom.com *.intercom.io *.intercomcdn.com *.vimeo.com *.vimeocdn.com *.instagram.com *.facebook.com *.monzo.com *.google.com *.hcaptcha.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; img-src 'self' data: blob: *.paypal.com *.paypalobjects.com *.amazonaws.com *.s3.amazonaws.com *.shutterstock.com *.cloudflare.com *.gstatic.com *.stor.co *.canva.com *.intercom.com *.intercom.io *.intercomcdn.com *.zendesk.com *.zdassets.com *.smooch.io *.intercomassets.com *.unsplash.com *.placeholder.com *.google-analytics.com *.googleapis.com *.gravatar.com *.monzo.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; manifest-src 'self' cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; media-src 'self' *.stor.co *.zdassets.com *.zendesk.com *.smooch.io *.intercom.com *.intercom.io *.intercomcdn.com *.canva.com *.monzo.com *.amazonaws.com *.s3.amazonaws.com cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; object-src cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.stor.co *.canva.com *.zdassets.com *.zendesk.com *.smooch.io *.cloudfront.net *.cloudflare.com *.fontawesome.com ipinfo.io *.google.com *.googletagmanager.com *.google-analytics.com *.paypal.com *.paypalobjects.com *.gstatic.com *.jquery.com *.jsdelivr.net *.googleapis.com *.stripe.com *.facebook.net *.securetrading.net *.cardinalcommerce.com *.hotjar.com *.intercom.com *.intercom.io *.intercomcdn.com *.securetrading.us *.trustpayments.com *.monzo.com *.bootstrapcdn.com *.hcaptcha.com *.amplitude.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; style-src 'self' 'unsafe-inline' *.googleapis.com *.cloudflare.com *.canva.com *.zdassets.com *.zendesk.com *.smooch.io *.intercom.com *.intercom.io *.intercomcdn.com *.jquery.com *.jsdelivr.net *.hotjar.com *.monzo.com *.bootstrapcdn.com *.hcaptcha.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; worker-src blob: cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
MISS
x-permitted-cross-domain-policies
none
content-transfer-encoding
binary
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
0cffc668a5ba298f449883aeff652542
x-runtime
0.151505
server
cloudflare
etag
W/"ee7437e6084031057794b5d62223caef"
x-download-options
noopen
vary
Accept-Encoding, Origin
x-frame-options
sameorigin
content-type
application/octet-stream
cache-control
public, max-age=14400
cf-ray
86341c5f1b8b65bb-FRA
expires
Tue, 12 Mar 2024 17:25:32 GMT
430x630_3.jpg
dropbox.stor.co/industry_image/
69 KB
72 KB
Image
General
Full URL
https://dropbox.stor.co/industry_image/430x630_3.jpg?size=430x630
Requested by
Host: dropbox.stor.co
URL: https://dropbox.stor.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:8268 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce6163d60dead86b2205a23f42abac5f3500bbd5f0956572b9d8accee379d9ae
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.cardinalcommerce.com *.securetrading.net *.securetrading.us *.trustpayments.com *.google-analytics.com *.checkout.visa.com *.google.com *.canva.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; child-src *.paypalobjects.com *.paypal.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; connect-src 'self' data: blob: wss: *.fontawesome.com *.cloudflare.com *.canva.com *.bugsnag.com *.ecomstagingenv.com *.google-analytics.com *.zdassets.com *.smooch.io *.paypal.com *.paypalobjects.com *.googleapis.com *.stripe.com *.amazonaws.com *.s3.amazonaws.com *.unsplash.com *.intercom.com *.intercom.io *.intercomcdn.com *.ingest.sentry.io *.herokuapp.com *.cardinalcommerce.com *.zendesk.com zendesk-eu.my.sentry.io *.hotjar.com *.monzo.com *.zopim.com *.hcaptcha.com *.photoeditorsdk.com *.amplitude.com *.jsdelivr.net *.postcodeanywhere.co.uk cdn.stor.co stats.stor.co *.stor.co stor.co; font-src 'self' *.stor.co *.zdassets.com *.zendesk.com *.smooch.io *.canva.com *.gstatic.com *.intercom.com *.intercom.io *.intercomcdn.com *.fontawesome.com *.monzo.com cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; frame-src 'self' *.paypalobjects.com *.paypal.com *.stripe.com *.canva.com *.securetrading.net *.securetrading.us *.trustpayments.com *.ingest.sentry.io *.cardinalcommerce.com *.zendesk.com *.smooch.io *.hotjar.com *.youtube.com *.i.ytimg.com *.intercom.com *.intercom.io *.intercomcdn.com *.vimeo.com *.vimeocdn.com *.instagram.com *.facebook.com *.monzo.com *.google.com *.hcaptcha.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; img-src 'self' data: blob: *.paypal.com *.paypalobjects.com *.amazonaws.com *.s3.amazonaws.com *.shutterstock.com *.cloudflare.com *.gstatic.com *.stor.co *.canva.com *.intercom.com *.intercom.io *.intercomcdn.com *.zendesk.com *.zdassets.com *.smooch.io *.intercomassets.com *.unsplash.com *.placeholder.com *.google-analytics.com *.googleapis.com *.gravatar.com *.monzo.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; manifest-src 'self' cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; media-src 'self' *.stor.co *.zdassets.com *.zendesk.com *.smooch.io *.intercom.com *.intercom.io *.intercomcdn.com *.canva.com *.monzo.com *.amazonaws.com *.s3.amazonaws.com cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; object-src cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.stor.co *.canva.com *.zdassets.com *.zendesk.com *.smooch.io *.cloudfront.net *.cloudflare.com *.fontawesome.com ipinfo.io *.google.com *.googletagmanager.com *.google-analytics.com *.paypal.com *.paypalobjects.com *.gstatic.com *.jquery.com *.jsdelivr.net *.googleapis.com *.stripe.com *.facebook.net *.securetrading.net *.cardinalcommerce.com *.hotjar.com *.intercom.com *.intercom.io *.intercomcdn.com *.securetrading.us *.trustpayments.com *.monzo.com *.bootstrapcdn.com *.hcaptcha.com *.amplitude.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; style-src 'self' 'unsafe-inline' *.googleapis.com *.cloudflare.com *.canva.com *.zdassets.com *.zendesk.com *.smooch.io *.intercom.com *.intercom.io *.intercomcdn.com *.jquery.com *.jsdelivr.net *.hotjar.com *.monzo.com *.bootstrapcdn.com *.hcaptcha.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; worker-src blob: cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dropbox.stor.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 13:25:32 GMT
content-security-policy
default-src 'self' *.cardinalcommerce.com *.securetrading.net *.securetrading.us *.trustpayments.com *.google-analytics.com *.checkout.visa.com *.google.com *.canva.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; child-src *.paypalobjects.com *.paypal.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; connect-src 'self' data: blob: wss: *.fontawesome.com *.cloudflare.com *.canva.com *.bugsnag.com *.ecomstagingenv.com *.google-analytics.com *.zdassets.com *.smooch.io *.paypal.com *.paypalobjects.com *.googleapis.com *.stripe.com *.amazonaws.com *.s3.amazonaws.com *.unsplash.com *.intercom.com *.intercom.io *.intercomcdn.com *.ingest.sentry.io *.herokuapp.com *.cardinalcommerce.com *.zendesk.com zendesk-eu.my.sentry.io *.hotjar.com *.monzo.com *.zopim.com *.hcaptcha.com *.photoeditorsdk.com *.amplitude.com *.jsdelivr.net *.postcodeanywhere.co.uk cdn.stor.co stats.stor.co *.stor.co stor.co; font-src 'self' *.stor.co *.zdassets.com *.zendesk.com *.smooch.io *.canva.com *.gstatic.com *.intercom.com *.intercom.io *.intercomcdn.com *.fontawesome.com *.monzo.com cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; frame-src 'self' *.paypalobjects.com *.paypal.com *.stripe.com *.canva.com *.securetrading.net *.securetrading.us *.trustpayments.com *.ingest.sentry.io *.cardinalcommerce.com *.zendesk.com *.smooch.io *.hotjar.com *.youtube.com *.i.ytimg.com *.intercom.com *.intercom.io *.intercomcdn.com *.vimeo.com *.vimeocdn.com *.instagram.com *.facebook.com *.monzo.com *.google.com *.hcaptcha.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; img-src 'self' data: blob: *.paypal.com *.paypalobjects.com *.amazonaws.com *.s3.amazonaws.com *.shutterstock.com *.cloudflare.com *.gstatic.com *.stor.co *.canva.com *.intercom.com *.intercom.io *.intercomcdn.com *.zendesk.com *.zdassets.com *.smooch.io *.intercomassets.com *.unsplash.com *.placeholder.com *.google-analytics.com *.googleapis.com *.gravatar.com *.monzo.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; manifest-src 'self' cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; media-src 'self' *.stor.co *.zdassets.com *.zendesk.com *.smooch.io *.intercom.com *.intercom.io *.intercomcdn.com *.canva.com *.monzo.com *.amazonaws.com *.s3.amazonaws.com cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; object-src cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.stor.co *.canva.com *.zdassets.com *.zendesk.com *.smooch.io *.cloudfront.net *.cloudflare.com *.fontawesome.com ipinfo.io *.google.com *.googletagmanager.com *.google-analytics.com *.paypal.com *.paypalobjects.com *.gstatic.com *.jquery.com *.jsdelivr.net *.googleapis.com *.stripe.com *.facebook.net *.securetrading.net *.cardinalcommerce.com *.hotjar.com *.intercom.com *.intercom.io *.intercomcdn.com *.securetrading.us *.trustpayments.com *.monzo.com *.bootstrapcdn.com *.hcaptcha.com *.amplitude.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; style-src 'self' 'unsafe-inline' *.googleapis.com *.cloudflare.com *.canva.com *.zdassets.com *.zendesk.com *.smooch.io *.intercom.com *.intercom.io *.intercomcdn.com *.jquery.com *.jsdelivr.net *.hotjar.com *.monzo.com *.bootstrapcdn.com *.hcaptcha.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; worker-src blob: cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
MISS
x-permitted-cross-domain-policies
none
content-transfer-encoding
binary
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
ed897c94b6ad9bb9340fd9dd4caba245
x-runtime
0.136043
server
cloudflare
etag
W/"ce6163d60dead86b2205a23f42abac5f"
x-download-options
noopen
vary
Accept-Encoding, Origin
x-frame-options
sameorigin
content-type
application/octet-stream
cache-control
public, max-age=14400
cf-ray
86341c5f1b8e65bb-FRA
expires
Tue, 12 Mar 2024 17:25:32 GMT
7d80b567-fa03-49e6-b63e-1b189b9f0ca8.webp
cdn.stor.co/image/862EAA7B01C7/
11 KB
11 KB
Image
General
Full URL
https://cdn.stor.co/image/862EAA7B01C7/7d80b567-fa03-49e6-b63e-1b189b9f0ca8.webp?size=340x340&format=webp&background=ffffff&cache=1710243305
Requested by
Host: dropbox.stor.co
URL: https://dropbox.stor.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:8268 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32c5f5236e01f5dd4fd7867c65824bd115c3e5663309265a7487fc4d05842ba0
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dropbox.stor.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 13:25:32 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 12 Mar 2024 11:40:07 GMT
server
cloudflare
vary
Accept-Encoding, Origin
content-type
image/webp
cache-control
public, max-age=31536000
cf-ray
86341c5f3be665bb-FRA
x-amz-cf-id
2BY7OJb970yHkIpuMzSGDQMUgvEeJlTN9NbIzgLiV5po4uSRrP_SOA==
expires
Wed, 12 Mar 2025 13:25:32 GMT
18e9b906-6b5b-4193-a396-26846915fd09.webp
cdn.stor.co/image/862EAA7B01C7/
11 KB
11 KB
Image
General
Full URL
https://cdn.stor.co/image/862EAA7B01C7/18e9b906-6b5b-4193-a396-26846915fd09.webp?size=340x340&format=webp&background=ffffff&cache=1710243305
Requested by
Host: dropbox.stor.co
URL: https://dropbox.stor.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:8268 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b6e042fc26478e6a1e2de4218e58fe143c654699e00b7caf677b260a2ccf081
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dropbox.stor.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 13:25:32 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
via
1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 12 Mar 2024 11:40:07 GMT
server
cloudflare
vary
Accept-Encoding, Origin
content-type
image/webp
cache-control
public, max-age=31536000
cf-ray
86341c5f3bec65bb-FRA
x-amz-cf-id
tDenOBHEaochp6Bc6KtFbA-SWuwRAwuTM9bcC60Eih0s2voOC1FZFg==
expires
Wed, 12 Mar 2025 13:25:32 GMT
0ab8cf6c-47c4-43d3-8f7d-7dfcdb9eb4a6.webp
cdn.stor.co/image/862EAA7B01C7/
15 KB
16 KB
Image
General
Full URL
https://cdn.stor.co/image/862EAA7B01C7/0ab8cf6c-47c4-43d3-8f7d-7dfcdb9eb4a6.webp?size=340x340&format=webp&background=ffffff&cache=1710243305
Requested by
Host: dropbox.stor.co
URL: https://dropbox.stor.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:8268 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0061542eecb5aa0336eb43efc93d4a8c379eca46a2bab59d94c359eb9a693204
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dropbox.stor.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 13:25:32 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 12 Mar 2024 11:40:07 GMT
server
cloudflare
vary
Accept-Encoding, Origin
content-type
image/webp
cache-control
public, max-age=31536000
cf-ray
86341c5f3bf265bb-FRA
x-amz-cf-id
TJ2h2f6wXJ2pe9tMnL2L5KoxfefN2lsx30Ude15XG-_qIisMj7lSxg==
expires
Wed, 12 Mar 2025 13:25:32 GMT
f7dd5a3b-6434-4592-b29f-9223987f2f85.webp
cdn.stor.co/image/862EAA7B01C7/
10 KB
10 KB
Image
General
Full URL
https://cdn.stor.co/image/862EAA7B01C7/f7dd5a3b-6434-4592-b29f-9223987f2f85.webp?size=340x340&format=webp&background=ffffff&cache=1710243305
Requested by
Host: dropbox.stor.co
URL: https://dropbox.stor.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:8268 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de7b0ad2c13d0c197e272b630c2510cd79f15e4476fee76eac0071c609467dd3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dropbox.stor.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 13:25:32 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
via
1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 12 Mar 2024 11:40:07 GMT
server
cloudflare
vary
Accept-Encoding, Origin
content-type
image/webp
cache-control
public, max-age=31536000
cf-ray
86341c5f3bf765bb-FRA
x-amz-cf-id
r9lr-MSv0ZTAx0QhCu3F823VYDiIr4bFXzAOzAsR3BjYtr2c3ZuGDQ==
expires
Wed, 12 Mar 2025 13:25:32 GMT
dda8ef99-3e39-4120-95a5-e4c4e301266c.webp
cdn.stor.co/image/862EAA7B01C7/
5 KB
6 KB
Image
General
Full URL
https://cdn.stor.co/image/862EAA7B01C7/dda8ef99-3e39-4120-95a5-e4c4e301266c.webp?size=340x340&format=webp&background=ffffff&cache=1710243305
Requested by
Host: dropbox.stor.co
URL: https://dropbox.stor.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:8268 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9ec308a08029f2dddf0fe7c2d6fa06534c143c7e50a6b702a31b71d50e01a89
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dropbox.stor.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 13:25:32 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
via
1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 12 Mar 2024 11:40:07 GMT
server
cloudflare
vary
Accept-Encoding, Origin
content-type
image/webp
cache-control
public, max-age=31536000
cf-ray
86341c5f3bf965bb-FRA
x-amz-cf-id
Rz8coNgsC52mAsr7qFdEA5HSnVxvncnRfV5_Cx1AGyKuBPZu2cCTPA==
expires
Wed, 12 Mar 2025 13:25:32 GMT
ae547983-c0da-4bca-adce-b339c3c5a1be.webp
cdn.stor.co/image/862EAA7B01C7/
11 KB
11 KB
Image
General
Full URL
https://cdn.stor.co/image/862EAA7B01C7/ae547983-c0da-4bca-adce-b339c3c5a1be.webp?size=340x340&format=webp&background=ffffff&cache=1710243305
Requested by
Host: dropbox.stor.co
URL: https://dropbox.stor.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:8268 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40f848e67c0b642943672369c9f471ee24bd8576f420494c5514d4fc75ffff92
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dropbox.stor.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 13:25:32 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
via
1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 12 Mar 2024 11:40:07 GMT
server
cloudflare
vary
Accept-Encoding, Origin
content-type
image/webp
cache-control
public, max-age=31536000
cf-ray
86341c5f3bfd65bb-FRA
x-amz-cf-id
X_4ovQllrR94eIaDTDuYv3PWognJvw9o34533iYcVDQU5rrG2S-neQ==
expires
Wed, 12 Mar 2025 13:25:32 GMT
cef27be6-fc5d-4780-968d-ed41d812c07c.webp
cdn.stor.co/image/862EAA7B01C7/
8 KB
8 KB
Image
General
Full URL
https://cdn.stor.co/image/862EAA7B01C7/cef27be6-fc5d-4780-968d-ed41d812c07c.webp?size=340x340&format=webp&background=ffffff&cache=1710243305
Requested by
Host: dropbox.stor.co
URL: https://dropbox.stor.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:8268 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cff56670d6489666aa39ac6c91c24f127da49bc8bff88a9f31c04bb760232d4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dropbox.stor.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 13:25:32 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
via
1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 12 Mar 2024 11:40:07 GMT
server
cloudflare
vary
Accept-Encoding, Origin
content-type
image/webp
cache-control
public, max-age=31536000
cf-ray
86341c5f3bff65bb-FRA
x-amz-cf-id
1XUazq_ywMUGsj7_koaau_QQtlXzpTgWvXWiKuwddbPGzQIpDPNOgQ==
expires
Wed, 12 Mar 2025 13:25:32 GMT
20976b97-d1a7-478d-b809-ad88788bee9d.webp
cdn.stor.co/image/862EAA7B01C7/
16 KB
16 KB
Image
General
Full URL
https://cdn.stor.co/image/862EAA7B01C7/20976b97-d1a7-478d-b809-ad88788bee9d.webp?size=340x340&format=webp&background=ffffff&cache=1710243305
Requested by
Host: dropbox.stor.co
URL: https://dropbox.stor.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:8268 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75fa757057e7c26be19a15804f0850e52010bcba70fb56a52021264624f01c75
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dropbox.stor.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 13:25:32 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
via
1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
content-security-policy-report-only
script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=aM.S4ZXdgS7XGsdnQGPl3jGdE0CbwBXEuQMUHIdivDE-1710249932-1.0.1.1-twIFH8e68p6vIbRQElzaVECdvnt5DSQqWU9jBkL2fvFqrlFgu0iBDOyeQ.oihs6wtqcJJ37R.fO6U9theFnW8exnFBp3zUfJjopTW9wW9MhVCZaRUuO_wt9IkrGTNXjH9akpwxhw_adLKLnVvVpBFg; report-to cf-csp-endpoint
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 12 Mar 2024 11:40:08 GMT
server
cloudflare
vary
Accept-Encoding, Origin
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=aM.S4ZXdgS7XGsdnQGPl3jGdE0CbwBXEuQMUHIdivDE-1710249932-1.0.1.1-twIFH8e68p6vIbRQElzaVECdvnt5DSQqWU9jBkL2fvFqrlFgu0iBDOyeQ.oihs6wtqcJJ37R.fO6U9theFnW8exnFBp3zUfJjopTW9wW9MhVCZaRUuO_wt9IkrGTNXjH9akpwxhw_adLKLnVvVpBFg"}],"group":"cf-csp-endpoint","max_age":86400}
content-type
image/webp
cache-control
public, max-age=31536000
cf-ray
86341c5f3c0165bb-FRA
x-amz-cf-id
fG_BpsimT-B9PJjQOAlyH6bX8XrzuOL0U8PxlcH7mqCFFNK1AQzTjA==
expires
Wed, 12 Mar 2025 13:25:32 GMT
cart.json
dropbox.stor.co/
1 KB
4 KB
XHR
General
Full URL
https://dropbox.stor.co/cart.json
Requested by
Host: cdn.stor.co
URL: https://cdn.stor.co/assets/frontend/essentials-bebda27f1bd0dbef7f9d9b55020c88d5732def43826a3da3c354fc0371324b0e.js?v=1.01
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:8268 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e87f68e443b81ba60a9739cf43cfd8693e280aec40a9aeef98d46146d889df3f
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.cardinalcommerce.com *.securetrading.net *.securetrading.us *.trustpayments.com *.google-analytics.com *.checkout.visa.com *.google.com *.canva.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; child-src *.paypalobjects.com *.paypal.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; connect-src 'self' data: blob: wss: *.fontawesome.com *.cloudflare.com *.canva.com *.bugsnag.com *.ecomstagingenv.com *.google-analytics.com *.zdassets.com *.smooch.io *.paypal.com *.paypalobjects.com *.googleapis.com *.stripe.com *.amazonaws.com *.s3.amazonaws.com *.unsplash.com *.intercom.com *.intercom.io *.intercomcdn.com *.ingest.sentry.io *.herokuapp.com *.cardinalcommerce.com *.zendesk.com zendesk-eu.my.sentry.io *.hotjar.com *.monzo.com *.zopim.com *.hcaptcha.com *.photoeditorsdk.com *.amplitude.com *.jsdelivr.net *.postcodeanywhere.co.uk cdn.stor.co stats.stor.co *.stor.co stor.co; font-src 'self' *.stor.co *.zdassets.com *.zendesk.com *.smooch.io *.canva.com *.gstatic.com *.intercom.com *.intercom.io *.intercomcdn.com *.fontawesome.com *.monzo.com cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; frame-src 'self' *.paypalobjects.com *.paypal.com *.stripe.com *.canva.com *.securetrading.net *.securetrading.us *.trustpayments.com *.ingest.sentry.io *.cardinalcommerce.com *.zendesk.com *.smooch.io *.hotjar.com *.youtube.com *.i.ytimg.com *.intercom.com *.intercom.io *.intercomcdn.com *.vimeo.com *.vimeocdn.com *.instagram.com *.facebook.com *.monzo.com *.google.com *.hcaptcha.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; img-src 'self' data: blob: *.paypal.com *.paypalobjects.com *.amazonaws.com *.s3.amazonaws.com *.shutterstock.com *.cloudflare.com *.gstatic.com *.stor.co *.canva.com *.intercom.com *.intercom.io *.intercomcdn.com *.zendesk.com *.zdassets.com *.smooch.io *.intercomassets.com *.unsplash.com *.placeholder.com *.google-analytics.com *.googleapis.com *.gravatar.com *.monzo.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; manifest-src 'self' cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; media-src 'self' *.stor.co *.zdassets.com *.zendesk.com *.smooch.io *.intercom.com *.intercom.io *.intercomcdn.com *.canva.com *.monzo.com *.amazonaws.com *.s3.amazonaws.com cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; object-src cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.stor.co *.canva.com *.zdassets.com *.zendesk.com *.smooch.io *.cloudfront.net *.cloudflare.com *.fontawesome.com ipinfo.io *.google.com *.googletagmanager.com *.google-analytics.com *.paypal.com *.paypalobjects.com *.gstatic.com *.jquery.com *.jsdelivr.net *.googleapis.com *.stripe.com *.facebook.net *.securetrading.net *.cardinalcommerce.com *.hotjar.com *.intercom.com *.intercom.io *.intercomcdn.com *.securetrading.us *.trustpayments.com *.monzo.com *.bootstrapcdn.com *.hcaptcha.com *.amplitude.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; style-src 'self' 'unsafe-inline' *.googleapis.com *.cloudflare.com *.canva.com *.zdassets.com *.zendesk.com *.smooch.io *.intercom.com *.intercom.io *.intercomcdn.com *.jquery.com *.jsdelivr.net *.hotjar.com *.monzo.com *.bootstrapcdn.com *.hcaptcha.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; worker-src blob: cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://dropbox.stor.co/
X-CSRF-Token
h1EIZVTkIroEAK4cTRBFwZXMuZ43ZqF3mtlqINSnLMUyMFPNzl537I8c1e1Xm-0iW7Yr0m3jEeT8Ef7vUKORpA
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 13:25:32 GMT
content-security-policy
default-src 'self' *.cardinalcommerce.com *.securetrading.net *.securetrading.us *.trustpayments.com *.google-analytics.com *.checkout.visa.com *.google.com *.canva.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; child-src *.paypalobjects.com *.paypal.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; connect-src 'self' data: blob: wss: *.fontawesome.com *.cloudflare.com *.canva.com *.bugsnag.com *.ecomstagingenv.com *.google-analytics.com *.zdassets.com *.smooch.io *.paypal.com *.paypalobjects.com *.googleapis.com *.stripe.com *.amazonaws.com *.s3.amazonaws.com *.unsplash.com *.intercom.com *.intercom.io *.intercomcdn.com *.ingest.sentry.io *.herokuapp.com *.cardinalcommerce.com *.zendesk.com zendesk-eu.my.sentry.io *.hotjar.com *.monzo.com *.zopim.com *.hcaptcha.com *.photoeditorsdk.com *.amplitude.com *.jsdelivr.net *.postcodeanywhere.co.uk cdn.stor.co stats.stor.co *.stor.co stor.co; font-src 'self' *.stor.co *.zdassets.com *.zendesk.com *.smooch.io *.canva.com *.gstatic.com *.intercom.com *.intercom.io *.intercomcdn.com *.fontawesome.com *.monzo.com cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; frame-src 'self' *.paypalobjects.com *.paypal.com *.stripe.com *.canva.com *.securetrading.net *.securetrading.us *.trustpayments.com *.ingest.sentry.io *.cardinalcommerce.com *.zendesk.com *.smooch.io *.hotjar.com *.youtube.com *.i.ytimg.com *.intercom.com *.intercom.io *.intercomcdn.com *.vimeo.com *.vimeocdn.com *.instagram.com *.facebook.com *.monzo.com *.google.com *.hcaptcha.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; img-src 'self' data: blob: *.paypal.com *.paypalobjects.com *.amazonaws.com *.s3.amazonaws.com *.shutterstock.com *.cloudflare.com *.gstatic.com *.stor.co *.canva.com *.intercom.com *.intercom.io *.intercomcdn.com *.zendesk.com *.zdassets.com *.smooch.io *.intercomassets.com *.unsplash.com *.placeholder.com *.google-analytics.com *.googleapis.com *.gravatar.com *.monzo.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; manifest-src 'self' cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; media-src 'self' *.stor.co *.zdassets.com *.zendesk.com *.smooch.io *.intercom.com *.intercom.io *.intercomcdn.com *.canva.com *.monzo.com *.amazonaws.com *.s3.amazonaws.com cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; object-src cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.stor.co *.canva.com *.zdassets.com *.zendesk.com *.smooch.io *.cloudfront.net *.cloudflare.com *.fontawesome.com ipinfo.io *.google.com *.googletagmanager.com *.google-analytics.com *.paypal.com *.paypalobjects.com *.gstatic.com *.jquery.com *.jsdelivr.net *.googleapis.com *.stripe.com *.facebook.net *.securetrading.net *.cardinalcommerce.com *.hotjar.com *.intercom.com *.intercom.io *.intercomcdn.com *.securetrading.us *.trustpayments.com *.monzo.com *.bootstrapcdn.com *.hcaptcha.com *.amplitude.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; style-src 'self' 'unsafe-inline' *.googleapis.com *.cloudflare.com *.canva.com *.zdassets.com *.zendesk.com *.smooch.io *.intercom.com *.intercom.io *.intercomcdn.com *.jquery.com *.jsdelivr.net *.hotjar.com *.monzo.com *.bootstrapcdn.com *.hcaptcha.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; worker-src blob: cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
5e85f98abc05cf72095273330c48dd89
x-runtime
0.057952
server
cloudflare
etag
W/"e87f68e443b81ba60a9739cf43cfd869"
x-download-options
noopen
vary
Accept-Encoding, Origin
x-frame-options
sameorigin
content-type
application/json; charset=utf-8
cache-control
max-age=0, private, must-revalidate
cf-ray
86341c5fccf965bb-FRA
v1
stats.stor.co/events/
0
0
Preflight
General
Full URL
https://stats.stor.co/events/v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8568 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
x-csrf-token
Access-Control-Request-Method
POST
Origin
https://dropbox.stor.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-headers
x-csrf-token
access-control-allow-methods
GET, POST, PATCH, PUT
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
86341c60ff531957-FRA
content-length
0
date
Tue, 12 Mar 2024 13:25:33 GMT
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
v1
stats.stor.co/events/
1 B
630 B
XHR
General
Full URL
https://stats.stor.co/events/v1
Requested by
Host: cdn.stor.co
URL: https://cdn.stor.co/assets/frontend/essentials-bebda27f1bd0dbef7f9d9b55020c88d5732def43826a3da3c354fc0371324b0e.js?v=1.01
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:8568 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Referer
https://dropbox.stor.co/
X-CSRF-Token
h1EIZVTkIroEAK4cTRBFwZXMuZ43ZqF3mtlqINSnLMUyMFPNzl537I8c1e1Xm-0iW7Yr0m3jEeT8Ef7vUKORpA
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 12 Mar 2024 13:25:33 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
alt-svc
h3=":443"; ma=86400
content-length
1
x-xss-protection
0
x-request-id
c6344b387be58e19b12f8803dad96ef6
x-runtime
0.004201
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"36a9e7f1c95b82ffb99743e0c5c4ce95"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, POST, PATCH, PUT
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
vary
Accept, Origin
cf-ray
86341c619b8c9ba7-FRA
exchange_rates.json
dropbox.stor.co/
144 B
4 KB
XHR
General
Full URL
https://dropbox.stor.co/exchange_rates.json
Requested by
Host: cdn.stor.co
URL: https://cdn.stor.co/assets/frontend/essentials-bebda27f1bd0dbef7f9d9b55020c88d5732def43826a3da3c354fc0371324b0e.js?v=1.01
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:8268 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79b7177c6094df4b2a3141f73638497b15483a4532a3c8cd5afc44454105b1d6
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.cardinalcommerce.com *.securetrading.net *.securetrading.us *.trustpayments.com *.google-analytics.com *.checkout.visa.com *.google.com *.canva.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; child-src *.paypalobjects.com *.paypal.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; connect-src 'self' data: blob: wss: *.fontawesome.com *.cloudflare.com *.canva.com *.bugsnag.com *.ecomstagingenv.com *.google-analytics.com *.zdassets.com *.smooch.io *.paypal.com *.paypalobjects.com *.googleapis.com *.stripe.com *.amazonaws.com *.s3.amazonaws.com *.unsplash.com *.intercom.com *.intercom.io *.intercomcdn.com *.ingest.sentry.io *.herokuapp.com *.cardinalcommerce.com *.zendesk.com zendesk-eu.my.sentry.io *.hotjar.com *.monzo.com *.zopim.com *.hcaptcha.com *.photoeditorsdk.com *.amplitude.com *.jsdelivr.net *.postcodeanywhere.co.uk cdn.stor.co stats.stor.co *.stor.co stor.co; font-src 'self' *.stor.co *.zdassets.com *.zendesk.com *.smooch.io *.canva.com *.gstatic.com *.intercom.com *.intercom.io *.intercomcdn.com *.fontawesome.com *.monzo.com cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; frame-src 'self' *.paypalobjects.com *.paypal.com *.stripe.com *.canva.com *.securetrading.net *.securetrading.us *.trustpayments.com *.ingest.sentry.io *.cardinalcommerce.com *.zendesk.com *.smooch.io *.hotjar.com *.youtube.com *.i.ytimg.com *.intercom.com *.intercom.io *.intercomcdn.com *.vimeo.com *.vimeocdn.com *.instagram.com *.facebook.com *.monzo.com *.google.com *.hcaptcha.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; img-src 'self' data: blob: *.paypal.com *.paypalobjects.com *.amazonaws.com *.s3.amazonaws.com *.shutterstock.com *.cloudflare.com *.gstatic.com *.stor.co *.canva.com *.intercom.com *.intercom.io *.intercomcdn.com *.zendesk.com *.zdassets.com *.smooch.io *.intercomassets.com *.unsplash.com *.placeholder.com *.google-analytics.com *.googleapis.com *.gravatar.com *.monzo.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; manifest-src 'self' cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; media-src 'self' *.stor.co *.zdassets.com *.zendesk.com *.smooch.io *.intercom.com *.intercom.io *.intercomcdn.com *.canva.com *.monzo.com *.amazonaws.com *.s3.amazonaws.com cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; object-src cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.stor.co *.canva.com *.zdassets.com *.zendesk.com *.smooch.io *.cloudfront.net *.cloudflare.com *.fontawesome.com ipinfo.io *.google.com *.googletagmanager.com *.google-analytics.com *.paypal.com *.paypalobjects.com *.gstatic.com *.jquery.com *.jsdelivr.net *.googleapis.com *.stripe.com *.facebook.net *.securetrading.net *.cardinalcommerce.com *.hotjar.com *.intercom.com *.intercom.io *.intercomcdn.com *.securetrading.us *.trustpayments.com *.monzo.com *.bootstrapcdn.com *.hcaptcha.com *.amplitude.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; style-src 'self' 'unsafe-inline' *.googleapis.com *.cloudflare.com *.canva.com *.zdassets.com *.zendesk.com *.smooch.io *.intercom.com *.intercom.io *.intercomcdn.com *.jquery.com *.jsdelivr.net *.hotjar.com *.monzo.com *.bootstrapcdn.com *.hcaptcha.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; worker-src blob: cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://dropbox.stor.co/
X-CSRF-Token
h1EIZVTkIroEAK4cTRBFwZXMuZ43ZqF3mtlqINSnLMUyMFPNzl537I8c1e1Xm-0iW7Yr0m3jEeT8Ef7vUKORpA
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 13:25:33 GMT
content-security-policy
default-src 'self' *.cardinalcommerce.com *.securetrading.net *.securetrading.us *.trustpayments.com *.google-analytics.com *.checkout.visa.com *.google.com *.canva.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; child-src *.paypalobjects.com *.paypal.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; connect-src 'self' data: blob: wss: *.fontawesome.com *.cloudflare.com *.canva.com *.bugsnag.com *.ecomstagingenv.com *.google-analytics.com *.zdassets.com *.smooch.io *.paypal.com *.paypalobjects.com *.googleapis.com *.stripe.com *.amazonaws.com *.s3.amazonaws.com *.unsplash.com *.intercom.com *.intercom.io *.intercomcdn.com *.ingest.sentry.io *.herokuapp.com *.cardinalcommerce.com *.zendesk.com zendesk-eu.my.sentry.io *.hotjar.com *.monzo.com *.zopim.com *.hcaptcha.com *.photoeditorsdk.com *.amplitude.com *.jsdelivr.net *.postcodeanywhere.co.uk cdn.stor.co stats.stor.co *.stor.co stor.co; font-src 'self' *.stor.co *.zdassets.com *.zendesk.com *.smooch.io *.canva.com *.gstatic.com *.intercom.com *.intercom.io *.intercomcdn.com *.fontawesome.com *.monzo.com cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; frame-src 'self' *.paypalobjects.com *.paypal.com *.stripe.com *.canva.com *.securetrading.net *.securetrading.us *.trustpayments.com *.ingest.sentry.io *.cardinalcommerce.com *.zendesk.com *.smooch.io *.hotjar.com *.youtube.com *.i.ytimg.com *.intercom.com *.intercom.io *.intercomcdn.com *.vimeo.com *.vimeocdn.com *.instagram.com *.facebook.com *.monzo.com *.google.com *.hcaptcha.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; img-src 'self' data: blob: *.paypal.com *.paypalobjects.com *.amazonaws.com *.s3.amazonaws.com *.shutterstock.com *.cloudflare.com *.gstatic.com *.stor.co *.canva.com *.intercom.com *.intercom.io *.intercomcdn.com *.zendesk.com *.zdassets.com *.smooch.io *.intercomassets.com *.unsplash.com *.placeholder.com *.google-analytics.com *.googleapis.com *.gravatar.com *.monzo.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; manifest-src 'self' cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; media-src 'self' *.stor.co *.zdassets.com *.zendesk.com *.smooch.io *.intercom.com *.intercom.io *.intercomcdn.com *.canva.com *.monzo.com *.amazonaws.com *.s3.amazonaws.com cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; object-src cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.stor.co *.canva.com *.zdassets.com *.zendesk.com *.smooch.io *.cloudfront.net *.cloudflare.com *.fontawesome.com ipinfo.io *.google.com *.googletagmanager.com *.google-analytics.com *.paypal.com *.paypalobjects.com *.gstatic.com *.jquery.com *.jsdelivr.net *.googleapis.com *.stripe.com *.facebook.net *.securetrading.net *.cardinalcommerce.com *.hotjar.com *.intercom.com *.intercom.io *.intercomcdn.com *.securetrading.us *.trustpayments.com *.monzo.com *.bootstrapcdn.com *.hcaptcha.com *.amplitude.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; style-src 'self' 'unsafe-inline' *.googleapis.com *.cloudflare.com *.canva.com *.zdassets.com *.zendesk.com *.smooch.io *.intercom.com *.intercom.io *.intercomcdn.com *.jquery.com *.jsdelivr.net *.hotjar.com *.monzo.com *.bootstrapcdn.com *.hcaptcha.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; worker-src blob: cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
content-encoding
br
content-security-policy-report-only
script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=YICGIqgSYzGTnDlZ4w9M1QS5_FRaQJsxQoRW41QMClg-1710249933-1.0.1.1-1363I38Ow4ye7_8sEz5vSdfSfl.cjFo9Wk8mWJvwU60GtcvntQ_tmTjT2Se7Ns9jHd.fOihDBunwqHGeAqexFtV5kgcFBvNXbwiuSZY61U61s2crVtSU3DwcKvmRg4Wv3ODHOoynrCo_sE3H9RltKQ; report-to cf-csp-endpoint
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
42ca6c19ebf2fd4bc3eda1d0aaf81aed
x-runtime
0.032776
server
cloudflare
etag
W/"79b7177c6094df4b2a3141f73638497b"
x-download-options
noopen
vary
Accept-Encoding, Origin
x-frame-options
sameorigin
content-type
application/json; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=YICGIqgSYzGTnDlZ4w9M1QS5_FRaQJsxQoRW41QMClg-1710249933-1.0.1.1-1363I38Ow4ye7_8sEz5vSdfSfl.cjFo9Wk8mWJvwU60GtcvntQ_tmTjT2Se7Ns9jHd.fOihDBunwqHGeAqexFtV5kgcFBvNXbwiuSZY61U61s2crVtSU3DwcKvmRg4Wv3ODHOoynrCo_sE3H9RltKQ"}],"group":"cf-csp-endpoint","max_age":86400}
cache-control
max-age=0, private, must-revalidate
cf-ray
86341c60fec165bb-FRA
exchange_rates.json
dropbox.stor.co/
144 B
3 KB
XHR
General
Full URL
https://dropbox.stor.co/exchange_rates.json
Requested by
Host: cdn.stor.co
URL: https://cdn.stor.co/assets/frontend/essentials-bebda27f1bd0dbef7f9d9b55020c88d5732def43826a3da3c354fc0371324b0e.js?v=1.01
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:8268 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79b7177c6094df4b2a3141f73638497b15483a4532a3c8cd5afc44454105b1d6
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.cardinalcommerce.com *.securetrading.net *.securetrading.us *.trustpayments.com *.google-analytics.com *.checkout.visa.com *.google.com *.canva.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; child-src *.paypalobjects.com *.paypal.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; connect-src 'self' data: blob: wss: *.fontawesome.com *.cloudflare.com *.canva.com *.bugsnag.com *.ecomstagingenv.com *.google-analytics.com *.zdassets.com *.smooch.io *.paypal.com *.paypalobjects.com *.googleapis.com *.stripe.com *.amazonaws.com *.s3.amazonaws.com *.unsplash.com *.intercom.com *.intercom.io *.intercomcdn.com *.ingest.sentry.io *.herokuapp.com *.cardinalcommerce.com *.zendesk.com zendesk-eu.my.sentry.io *.hotjar.com *.monzo.com *.zopim.com *.hcaptcha.com *.photoeditorsdk.com *.amplitude.com *.jsdelivr.net *.postcodeanywhere.co.uk cdn.stor.co stats.stor.co *.stor.co stor.co; font-src 'self' *.stor.co *.zdassets.com *.zendesk.com *.smooch.io *.canva.com *.gstatic.com *.intercom.com *.intercom.io *.intercomcdn.com *.fontawesome.com *.monzo.com cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; frame-src 'self' *.paypalobjects.com *.paypal.com *.stripe.com *.canva.com *.securetrading.net *.securetrading.us *.trustpayments.com *.ingest.sentry.io *.cardinalcommerce.com *.zendesk.com *.smooch.io *.hotjar.com *.youtube.com *.i.ytimg.com *.intercom.com *.intercom.io *.intercomcdn.com *.vimeo.com *.vimeocdn.com *.instagram.com *.facebook.com *.monzo.com *.google.com *.hcaptcha.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; img-src 'self' data: blob: *.paypal.com *.paypalobjects.com *.amazonaws.com *.s3.amazonaws.com *.shutterstock.com *.cloudflare.com *.gstatic.com *.stor.co *.canva.com *.intercom.com *.intercom.io *.intercomcdn.com *.zendesk.com *.zdassets.com *.smooch.io *.intercomassets.com *.unsplash.com *.placeholder.com *.google-analytics.com *.googleapis.com *.gravatar.com *.monzo.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; manifest-src 'self' cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; media-src 'self' *.stor.co *.zdassets.com *.zendesk.com *.smooch.io *.intercom.com *.intercom.io *.intercomcdn.com *.canva.com *.monzo.com *.amazonaws.com *.s3.amazonaws.com cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; object-src cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.stor.co *.canva.com *.zdassets.com *.zendesk.com *.smooch.io *.cloudfront.net *.cloudflare.com *.fontawesome.com ipinfo.io *.google.com *.googletagmanager.com *.google-analytics.com *.paypal.com *.paypalobjects.com *.gstatic.com *.jquery.com *.jsdelivr.net *.googleapis.com *.stripe.com *.facebook.net *.securetrading.net *.cardinalcommerce.com *.hotjar.com *.intercom.com *.intercom.io *.intercomcdn.com *.securetrading.us *.trustpayments.com *.monzo.com *.bootstrapcdn.com *.hcaptcha.com *.amplitude.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; style-src 'self' 'unsafe-inline' *.googleapis.com *.cloudflare.com *.canva.com *.zdassets.com *.zendesk.com *.smooch.io *.intercom.com *.intercom.io *.intercomcdn.com *.jquery.com *.jsdelivr.net *.hotjar.com *.monzo.com *.bootstrapcdn.com *.hcaptcha.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; worker-src blob: cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://dropbox.stor.co/
X-CSRF-Token
h1EIZVTkIroEAK4cTRBFwZXMuZ43ZqF3mtlqINSnLMUyMFPNzl537I8c1e1Xm-0iW7Yr0m3jEeT8Ef7vUKORpA
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 13:25:33 GMT
content-security-policy
default-src 'self' *.cardinalcommerce.com *.securetrading.net *.securetrading.us *.trustpayments.com *.google-analytics.com *.checkout.visa.com *.google.com *.canva.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; child-src *.paypalobjects.com *.paypal.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; connect-src 'self' data: blob: wss: *.fontawesome.com *.cloudflare.com *.canva.com *.bugsnag.com *.ecomstagingenv.com *.google-analytics.com *.zdassets.com *.smooch.io *.paypal.com *.paypalobjects.com *.googleapis.com *.stripe.com *.amazonaws.com *.s3.amazonaws.com *.unsplash.com *.intercom.com *.intercom.io *.intercomcdn.com *.ingest.sentry.io *.herokuapp.com *.cardinalcommerce.com *.zendesk.com zendesk-eu.my.sentry.io *.hotjar.com *.monzo.com *.zopim.com *.hcaptcha.com *.photoeditorsdk.com *.amplitude.com *.jsdelivr.net *.postcodeanywhere.co.uk cdn.stor.co stats.stor.co *.stor.co stor.co; font-src 'self' *.stor.co *.zdassets.com *.zendesk.com *.smooch.io *.canva.com *.gstatic.com *.intercom.com *.intercom.io *.intercomcdn.com *.fontawesome.com *.monzo.com cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; frame-src 'self' *.paypalobjects.com *.paypal.com *.stripe.com *.canva.com *.securetrading.net *.securetrading.us *.trustpayments.com *.ingest.sentry.io *.cardinalcommerce.com *.zendesk.com *.smooch.io *.hotjar.com *.youtube.com *.i.ytimg.com *.intercom.com *.intercom.io *.intercomcdn.com *.vimeo.com *.vimeocdn.com *.instagram.com *.facebook.com *.monzo.com *.google.com *.hcaptcha.com cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; img-src 'self' data: blob: *.paypal.com *.paypalobjects.com *.amazonaws.com *.s3.amazonaws.com *.shutterstock.com *.cloudflare.com *.gstatic.com *.stor.co *.canva.com *.intercom.com *.intercom.io *.intercomcdn.com *.zendesk.com *.zdassets.com *.smooch.io *.intercomassets.com *.unsplash.com *.placeholder.com *.google-analytics.com *.googleapis.com *.gravatar.com *.monzo.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; manifest-src 'self' cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; media-src 'self' *.stor.co *.zdassets.com *.zendesk.com *.smooch.io *.intercom.com *.intercom.io *.intercomcdn.com *.canva.com *.monzo.com *.amazonaws.com *.s3.amazonaws.com cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; object-src cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.stor.co *.canva.com *.zdassets.com *.zendesk.com *.smooch.io *.cloudfront.net *.cloudflare.com *.fontawesome.com ipinfo.io *.google.com *.googletagmanager.com *.google-analytics.com *.paypal.com *.paypalobjects.com *.gstatic.com *.jquery.com *.jsdelivr.net *.googleapis.com *.stripe.com *.facebook.net *.securetrading.net *.cardinalcommerce.com *.hotjar.com *.intercom.com *.intercom.io *.intercomcdn.com *.securetrading.us *.trustpayments.com *.monzo.com *.bootstrapcdn.com *.hcaptcha.com *.amplitude.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co stor.co; style-src 'self' 'unsafe-inline' *.googleapis.com *.cloudflare.com *.canva.com *.zdassets.com *.zendesk.com *.smooch.io *.intercom.com *.intercom.io *.intercomcdn.com *.jquery.com *.jsdelivr.net *.hotjar.com *.monzo.com *.bootstrapcdn.com *.hcaptcha.com *.postcodeanywhere.co.uk cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co; worker-src blob: cdn.stor.co *.ecomstagingenv.com stats.stor.co *.stor.co stor.co
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
20034242184d9fb8be1b77779d18d2b2
x-runtime
0.026899
server
cloudflare
etag
W/"79b7177c6094df4b2a3141f73638497b"
x-download-options
noopen
vary
Accept-Encoding, Origin
x-frame-options
sameorigin
content-type
application/json; charset=utf-8
cache-control
max-age=0, private, must-revalidate
cf-ray
86341c60fec465bb-FRA
empty_basket.svg
cdn.stor.co/assets/
6 KB
2 KB
Image
General
Full URL
https://cdn.stor.co/assets/empty_basket.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:8268 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0fae4b6670c02ae9592fdb8bc0dbe538ed5c5f48db6d42508a9268c2f7d940c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dropbox.stor.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 13:25:32 GMT
x-amz-version-id
eOyU2N86SNtbiBpQLklX.uf0cuQQvBIs
via
1.1 34833e1e6b760bb81603c4fa1e0bb5d6.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-amz-cf-pop
AMS1-P1
age
8800077
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 04 Apr 2020 08:47:11 GMT
server
cloudflare
etag
W/"cadf31f3da8020481e7d6a9910caaf87"
vary
Accept-Encoding, Origin
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
86341c60fec865bb-FRA
x-amz-cf-id
XWQCUStEk3N4qxYHuUevkSjtTvg6h2FL9-jNX_9VyqJbivTLld5cxw==
expires
Wed, 12 Mar 2025 13:25:32 GMT

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| OfflineStorage object| Handlebars function| ProductSubscriptionSelectorUiPriceUpdater object| Stor function| CountryStateSelector function| moment function| swal function| sweetAlert function| FormValidator function| PaAPI function| PaUI function| PaEngine function| PhotoSwipe function| PhotoSwipeUI_Default function| LazyLoader object| Mustache function| ExchangeRatesController function| ExchangeRatesAPI function| ExchangeRatesUI function| WatchListsController function| CustomerDetailsController function| CurrencySelectAPI function| CurrencySelectUI function| CurrencySelect function| CustomLatestStockController function| RandomProductsController function| Popper object| bootstrap function| WOW number| ww function| centre_grid function| iOSversion function| checkMobileView function| menuReset function| closeSearch function| _toConsumableArray function| _nonIterableSpread function| _iterableToArray function| _arrayWithoutHoles function| _extends function| _typeof function| LazyInstance function| isOnScreen function| closeMainMenu function| closeSubMenu function| fitsWidth function| openMenu function| stick function| scrollStickiness function| setStops function| initStickiness string| version undefined| bMenuState object| n object| lazyLoadInstance function| setTextHeightCSS object| textHeightJS string| ver object| Cookies function| LazyLoad object| Modernizr function| inject_spinner function| inject_spinner_with_text function| remove_spinner object| notifications object| analytics object| search number| timer object| hObserver object| exchange_rates

2 Cookies

Domain/Path Name / Value
.stor.co/ Name: __cf_bm
Value: F9RaU1tNdtyO.fZ3xNW__Ey6QqUfg6TvYogV1KKWPso-1710249932-1.0.1.1-KhXYxxeg_rZhThPscnT7TAbuGucjOsjM6gDvu.IdUq.hWe9AQnUSqt4D35mNG0XdQkETq81UJy1Z5hKQV3UGHw
dropbox.stor.co/ Name: _stor_production_2_0_0
Value: QqrELQFe4bBDUMnyv9mqWo16f8VjcW7yNjtyb7autS9EAqGrIs9S66A0r2ojZkN852wZloeT7NlfNeF%2BVk78wmbMddPEJ0a2%2FftvSnGYrilDMi860YYURI22rfHTk%2BMx8OtFmnYk4FhWfIl1SLXRXJYHinyEuiEhQufLONKrfkSsoe2m2fNr0Kwe7mNANsebtDMC5D6jKI4QpXB6I7moFZlKdtYK0DeVH%2BZSGlRnFQf0hwbtXXl1FT1p%2B%2BYOlbJI54f1RsmESq1X0yBwcKwfEy9Cd4dwJsqcOJMxI%2B0mtukEp2Wl8YMdvodLQVoJJ4OmS4bQb5o87AiCCZwXYp0rl3zfbFVH69llxV%2BRkdAQYa%2FK50C842sasoHhMAfCrGYQa4N%2Biw%3D%3D--IRtYFdlJm2VpDlgu--DL9KRF9CmlbJ1BHy8S0S1Q%3D%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.stor.co
dropbox.stor.co
fonts.googleapis.com
fonts.gstatic.com
stats.stor.co
2606:4700:7::a29f:8268
2606:4700:7::a29f:8568
2a00:1450:4001:802::200a
2a00:1450:4001:812::2003
0061542eecb5aa0336eb43efc93d4a8c379eca46a2bab59d94c359eb9a693204
02278c0073402417114072ed2c056d4ad174a4039c6a22ae770ce699700a0269
052807b1499626067ee5f7b207fc917410ef322270b384d7d8e93b4df73088dd
063a260c3e922d8c6fd7dc863e5abac73e6e11700eee82350771032a08b5be2e
121b176974226dbc9b1ab227becb657d40b88d2bb7010a746c2360c31d7c373e
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25e479fff38f182af507faeed4b00f753c18f7123c11565f0ca4f6eb37037c40
2b6e042fc26478e6a1e2de4218e58fe143c654699e00b7caf677b260a2ccf081
32c5f5236e01f5dd4fd7867c65824bd115c3e5663309265a7487fc4d05842ba0
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
380b6371c06b461d93564f9c2c3c40e5ad7ffe9da81016230e082eefd0db08ec
3a6fef093779a4f9c6097ed0b9a63f1f8a916968dd22645d0d97e8f5a324ba1d
3ae6e4decd4fb974b41b2f37fa7b19c7a1c9b80127dd45be4bc24702c7145a4c
3af01d666f2e4fdf99166be75bfdf324421136af18133964f9d10d61bc7dc6b0
3dd9187e52a9c916191554436a11598e6b851561ae8e6d9f1d01e0327f344503
40f848e67c0b642943672369c9f471ee24bd8576f420494c5514d4fc75ffff92
465a58d5462d1b24422880dff96ff88233cdf38f1626d5bbd073a3d65496be4b
57dfb02c3ffdf6f84086e59ed2747949bc35e2b43c5e0feb051620b8f7db0a30
5cff56670d6489666aa39ac6c91c24f127da49bc8bff88a9f31c04bb760232d4
75fa757057e7c26be19a15804f0850e52010bcba70fb56a52021264624f01c75
778f093692601ebd35dd90e593db52f50f8420e291671c1464dd3da02e2af710
79b7177c6094df4b2a3141f73638497b15483a4532a3c8cd5afc44454105b1d6
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
907b550f76dc19a3db39516b969cee611b7d6903a87bb75c6fe60cd5c9cd87fd
a62d941bb70f5fdf7dc9ff4dabcb220463eb5fd53c3e1b6bb9e950f9ffa317cf
ac6dd6ee427fca625b251bbb91763c76617001dd4932b2f5b7ae87474002fc6b
b290de0591deb6d1875a88d05417aafd8ae850905e03f3f7fe756a794c667b5d
b43422929d1040ce73500b9329b55b04c9d4fbae504b8abf701cd7261b9eeb2b
b8cc578d0fe2e0775d54b5db7f2a59018f014a4bd7ead2350ce7725b18bde5e8
b9ec308a08029f2dddf0fe7c2d6fa06534c143c7e50a6b702a31b71d50e01a89
bebda27f1bd0dbef7f9d9b55020c88d5732def43826a3da3c354fc0371324b0e
c0fae4b6670c02ae9592fdb8bc0dbe538ed5c5f48db6d42508a9268c2f7d940c
ce6163d60dead86b2205a23f42abac5f3500bbd5f0956572b9d8accee379d9ae
dc67995631467acaa4b31fbb5264ddc12921689ee54c342995241cbd45e51949
de7b0ad2c13d0c197e272b630c2510cd79f15e4476fee76eac0071c609467dd3
e87f68e443b81ba60a9739cf43cfd8693e280aec40a9aeef98d46146d889df3f
ee7437e6084031057794b5d62223caefe0d94e1e819ac19e98992ca5130cb051
f350c708b5e7748a452b4b98600fa49127166d995686e260ccafb58d51a4ea62
fba961e1ff8a34ed207aaf0f33b6fb94c57c0fb76326e901758ad38c93bf7039
fd3917748792743b9990f7d8b5a24cc77aba1c82cbee524d4d4b421280d466ad